Home/ Questions/Q 5967521
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-22T19:57:22+00:00

I’ve got HTML form for editing images. All data is stored in JSON. When

  • 0

I’ve got HTML form for editing images. All data is stored in JSON. When I change current image, I want to save changes, through PHP script, to a text file. If I return to previous image, this configuration will be send again from this file to the form.

My question is:

How to write/read this kind of data safely. Where and how effectively check data to prevent some JS/PHP code injections?

I have attached some concept code below:

JavaScript (using jQuery):

// Writing
$.ajax({
    global: false,
    type: "POST",
    cache: false,
    dataType: "json",
    data: ({
        action: 'write',
        config: JavaScriptJSON_Obj
    }),
    url: 'read-write.php'
});

// Reading
$.ajax({
    global: false,
    type: "POST",
    cache: false,
    dataType: "json",
    data: ({
        action: 'read'
    }),
    url: 'read-write.php',
    success: function(data){
        JavaScriptJSON_Obj = data;
    }
});

PHP example (read-write.php):

switch ($_REQUEST['action']) {
    case 'write':
        file_put_contents('config.txt', $_REQUEST['config']);
        break;
    case 'read':
        $s = file_get_contents('config.txt');
        echo json_encode($s);
        break;
}
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    First of all: JSON is not JavaScript and vice versa. And JSON is even not a proper subset of JavaScript.

    Besides that, since you neither interpret some user input as PHP nor some output as JavaScript, there is no need to worry. But don’t forget to specify your output properly:

    header('Content-Type: application/json;charset=utf-8');
$s = file_get_contents('config.txt');
echo json_encode($s);
    • 0