textarea to a word file

HI..

I want that when the user writes a story (some content) in the textarea...it sould get saved as a word file.

Actually the concept is that the student writes a story in textarea and submits. But when teacher views that story he should be able to open it as a doc file so as to make some corrections like strikethrough, highlight etc.

So what I want is that the story should be saved as a doc file in database...can it be possible?

or I am thinking to way behind the possibility?

thanks

Janet.

are you using plain asp? i know how to make a doc file in vb which you could be done in vb.net... other than that, i've only seen products you'd have to pay for to use, so i'm not sure...if anyone knows of an opensource component for Microsoft Word that works that would be pretty sweet...you could do what devshed does too and write your own bold italics, and highlight with clever usages of html (shrug) that's what i've been doing for my workaround, it's nice too because once you write it you will have a plugin for life for text editing

What you haven't told us, and that's what's important, is that once the teacher makes the corrections to that .doc file how is the user going to see it?

What I mean by that is this:

The user enters some text inside a <teaxtarea> field.
Clicks the submit button.
You then create a word document and save it inside your database(which I don't recommend, instead I recommend inserting the path to the .doc file and save the .doc file on the server's hard drive)
Then the teacher, opens the .doc file and makes the corrections
BUT WAIT....
How his the teacher going to get these .doc files?
What if the server is in HongKong?
Does he lives in HongKong?
Will you create yet another ASP application allowing the teacher to download the file and make corrections?
Once the corrections are made, how is/will the user see them?
what goes on after the teacher makes the corrections???

Meanwhile here is a link...
http://www.google.com/search?source...cument+from+ASP


Hope this helps!
Sincerely

Vlince

thanks vlince...

i like the idea of storing the data in a doc file in server. I am doign the same for images alos. Like i need a few images to be displayed on my website. But I am simply storing the path adn retrieving asof now from my hdd. but how can i actualy do it for a doc thing? how can i move the textarea content to a doc file in server???? can u help explain me the whole process.

WHat i want is that teacher should be able to make corrections like change colour...highlight a few words and strikethrough. I can store Whatever student writes as a field content of a table and also as a doc file in database. So when student wants to view the original story he can view as simple text (in his textbox) and when teacher logs in she can view in doc format (or where she can make changes and save in database as a doc file)

There is no concept of change in place (its a small website devlop work). beign a newbie i am taking a lot of time. else its a very small thing for any experienced guy!

i hope i am able to make u clear? pls suggest something

thanks a lot

ok...let's try this with a scenario ok

The Web Server is somewhere in HongKong(now this is only a scenario ok!)

The user, who is at home somwhere in the US using his laptop, connects to your web application.
He then logs in, and creates a new entry inside the <textarea>.
He then clicks the saves button to save the new entry.


*YOU* the programmer, retrieves the data entered inside the <textarea> and create a .doc document on the server's hard drive(using FSO(File System Object)) you also store, but this time, inside the database the PATH of the newly created .doc file inside the database.



Now the teacher, who is at school somewhere in the US logs in and you, the programmer, display a list of files in an hyperlink fashion.
When the teacher clicks on the hyperlink, the .doc file opens in the browser. The teacher can then do:
File-->Save As
To save the file on his computer.

Now that the file is saved on his computer, the teacher opens the file. The teacher then makes the necessary changes to the file.
But then what???

The teacher has the file on his computer!
The server is somewhere in HongKong and also has the file on its hard drive but it doesn't have the most recent one since the teacher holds the most recent one!

How can the teacher UPLOAD the file back to the server so that the user, when he logs back in, can also download and view the file? no?

Unless, you don't want the users to view what the teacher modified?

Now, you also mention that when a user save the new entry from the <textarea> you want to create a .doc file BUT YOU ALSO WANT TO enter the data inside your database.

That's ok but I don't get it...why would you want to insert into the database what the user entered inside the <textarea> AND create a .doc file at the same time AND allow the teacher to download the file, make corrections.

How is the user going to see these modifications???
Isn't that the point of your application or DID I miss understand the whole thing???

The best thing to do, in my opinion, is to let the users FIRST create a .doc file FROM THEIR computers.

Then they(the users), upload the file to the server(somewhere in HongKong) then save the file's path INSIDE your database.

The teacher then logs in, downloads the file, makes the corrections and RE-UPLOADS the file to the server.

The user then re-logs in and *SEES* that the teacher did a modification on HIS file, the user the downloads the file, opens it and SEES the corrections made by the teacher

Isn't that what you're trying to do?

Hope this helps!
Sincerely

Vlince

Why not just use clean, safe HTML?? You know for sure you can save the text as an HTML file, the syntax is easy. And the HTML document could be edited just as easily as the doc file, with the correct software (Frontpage or Composer).

Here's my scenario...
The student types the story (or copies it and pastes it) in the textarea and submitts it. It gets stored in a database on the server, along with all the other students stories.

Next time the teacher (who is a woman, just to make things even) logs in, she sees that she has a story to edit, so she opens it up, does whatever editing on your Hotmail-style web-based HTML editor window, hits a button, and the new story is placed in the database along with a flag to mark it as graded.

Now the student signs on again, and the server looks through the database. It sees that his story has been graded, and gives him a link to a clean crisp HTML document that he can look over right in his browser window.

As far as the HTML codes you might need...
Strikeout would be <STRIKE></STRIKE>
Highlighting would be <SPAN STYLE="background:yellow"></SPAN>
If the teacher wants to comment, it could even automatically have her type in italics (<I></I>) so that her comments will stand out from the rest of the story.

nothing like repeating another persons advice =P

The thing is that, there are many different ways/approach that you can chose from to create what we think the poster wants...but the matter is that we still don't know what the poster's intentions are ONCE the teacher makes the corrections...so we can only assume what's next!

What I like about the UPLOADING/DOWNLOADING file approach is that it doesn't take long to code and do.

The user opens WORD on *his* computer, creates a nice document using *all* the WORD features(bold, italic, center, bullets, tables, even a macro if he wanted...) then save the document on his computer.

So far, YOU the programmer didn't even code one line of code...

Some people say ya but everything you've mentioned can be done in HTML, and they are correct except that WHY?
Why reinvent the whell ???
WORD and its functionality outweighs what an HTML <form>...</form> can do.


Then the user uploads his file to the server.

So far, YOU the programmer only had to code this:
---------------------------------------------------
<html>
<body>

<form name="frmMain" action="save.asp" ENCTYPE="multipart/form-data">

<input file...>

<submit button>

</form>

</body>
</html>
---------------------------------------------------

Then code the save.asp page to retrieve the file and save it on the HardDrive. Make an entry in the database so that the teacher gets a warning "new file for you Professor!"


Then the Professor clicks on the hyperlink to download the file.
Once save on *his* computer, he opens the file. Makes the changes using all the features inside WORD then saves the file on *his* computer and uploads the file back to the server.

Like I said, YOU the programmer don't have much to do, in fact the users and professor are using the built-in features of WORD all you care about is making sure the upload/downloads works!


Hope this helps!
Sincerely

Vlince

Vlince, I hope you realize i was referring to clone repeating the HTML inserts (but, it was very nice to include code, thank you, no harm inteded by my statement really), but in anycase yea, i like vlince's method mainly due to a high functionality and encapsulation offering.

Vlince, if you're worried about all the programming, once you code your class for the html inserts, it's done, include, create object, and that's it. It allows greater control over what get's put in your database too. "Greater control? why when you can just do this?" uhh, well.... malicious content could easily be stored in a doc file and then sent to server. ESPECIALLY when the administrator (aspuser in this case) hasn't done this before and doesn't know what to expect, it's like the text box <script> trick, hacking 101. I'll be damned if a young computer science major doesn't come along and see a chance to raise some havoc. He doesn't even have to be an IT guy, he can be joe schmoe without virus protection and here you go mr document server and bring down aspuser's server where I BET aspuser doensn't have DR setup, sure maybe the server is through the school and maybe just maybe he can get a tape backup made at midnight the night before. But it'll take several days before it's restored. What if the papers are due the next day? What if there's "that guy" that ONLY stores his data on servers like that or on floppy disks and then cries when something happens to it? What if there wasn't a tape backup system at all? What if there is no DR on the system at all? There are ups and downs to either method really....

aspuser, not to scare you, but vlince's method is easier to do and offers a greater editing solution as he has shown you. But keep in mind your solution here doesn't sound very high visibility. But uploading files directly to DB is a *BAD* idea. Step one is to ONLY allow them to upload the extensions you want, aka .doc files in this situation. Make sure you set it up to virus scan on uploaded docs or send it through firewall precautions. Encrypt the data to avoid sniffers (vlince showed you how) and pray nothing is in the document that's too malicious, as in teacher, click this link to go here or here's an exe file inside the document or here's a sweet new virus i just programmed, run this!
http://forums.devshed.com/t72671/s.html

I also notice you said textarea, are you grabbing the information originally from a textare? Because that screams cross-site scripting vulnerability time to me. What's that? google for it.

Or, make your own text area class and just do includes in the future, it's up to you *shrug*

The reason I suggested HTML was because the data was being entered in a textbox to begin with... and I think a textbox would be safer than a DOC file. The student would be able to enter plain text, no HTML at all... any <, >, CR, etc, would be parsed into HTML... it would be easy to do... < = < > = > CR = <BR>, etc. No attachments, no links, nothing that could be malicious... the only place that actual HTML codes could be inserted would be when the teacher edits it, and then only selected codes could be used... if the teacher attempted to type <> it could be converted to < > like before. Insertion of the tags <I>, <B>, <STRIKE>, <SPAN STYLE="background:yellow">, etc would be completely automatic, so all the teacher would see was the rich-text format.
I suppose it would be a lot easier to code the upload/download approach, but I am in college and know a few college teachers, and I am pretty certain that you aren't going to be able to get every teacher to remember how to upload the files after they edited them... some of them aren't too computer-savvy. But there's nothing wrong with that approach... I just would think there'd be a lot of operator-end errors as opposed to programmer-side ones.

-->Vlince, I hope you realize i was referring to clone repeating the HTML inserts<--

I know

I was just trying to let the poster know that there are *MANY* ways to achieve what *WE* think he needs


We all know the he has a <textarea> that the user fills in.
Once filled, the user clicks the save button(ok that is an assumption on my part)

Now he(the poster) wants to ALSO(I say also because the poster wanted to save the data entered in the <textarea> into the database into some fields and what not!) save the data into a .doc file so that the teacher:

---BEGIN QUOTE---
teacher should be able to make corrections like change colour...highlight a few words and strikethrough.
---END QUOTE---

Now when the poster said "highlight a few words and strikethrough" I can only assume that he means INSIDE THE .DOC FILE no?

So obviously, the teacher *HAS* to, at some point in time, download the file in order to do these things("highlight a few words and strikethrough") right?

UNLESS the teacher's computer *IS* the web server?

Again, this assumption is based on *ME* thinking that when the poster said: "highlight a few words and strikethrough" he meant inside the WORD document that *HE* plans to create.

Now knowing a little bit more about what the user wants, its time for *US* to give him the best alternative possible.


My suggestion was to simply create the .doc file and nevermind about INSERTing the data into the database. Why do twice the work?
INSERT into the database then create a .doc file...why do both?

After all, the teacher's intention is to view the .doc file right? The teacher doesn't care about if the data is ALSO inserted in the database right? so why bother with that?

Then I said to myself, why make the user enter text inside a <textarea> then save, then create a .doc file?
Why not force the user(student) to FIRST create a .doc file on *HIS* computer format it the way he wants, then UPLOAD it to the server, as it is being saved on the Hard Drive, make an INSERT into the database of the file's Path.
that's it that's all...its that simple

Then the teacher logs in and *HE* downloads the file makes the correction and re-uploads the file voila! no?

I don't see the security risk here since no one is opening the file ON THE SERVER, the server acts as a holding place for the .doc files that's it, no one will double click the .doc files?
also, as the user(student) uploads the file you can, like you said, block certain file extension, this way you'll know for sure that he uploads a .doc file

Even if someone manages to send a .exe on the server file since no one is executing it there shouldn't be any concerned no?

Unles again, i'm missing something which happens a lot these days hehe...

You're right... but my suggestion was to skip the doc file altogether... that would replace the steps:
Generating the DOC file
The teacher downloading it
Having to open it with Word
Uploading it after editing it
with one page; the teacher could go to it, see the papers needing corrections, view one and edit it seamlessly inside his/her web browser, and click a button that would submit the corrected paper. As I said, either way would work; my way just makes it super-easy for the teacher, and somewhat more complicated for the programmer.

P.S... could aspuser pls give her thoughts on the choices that have been presented? There's been like 8 really long posts since she last said anything.

I agree

I guess the poster has more then enough information to start his project

Vlince

Here comes 2 birds with one stone....If you are going to word document route there are components to edit the doc file through IE and then you could avoid the download and db steps (operator error) but then it's also an instance client side and server side so it could potentially cause harm with server side exe files being executed =(

clone, if you go our way the < actually need to be another symbol unless you want if then and case's of doom. All <i> tags would be converted, that's why devshed uses [i] tags =)