jpadie

if $user is not populated then essentially the function call will look like [code] if (!$this->authorised()) [/code] you need to look at the authorised method to see what will happen if a value is not passed. if it is nicely written then it will return false.  if the exception is not properly handled it may fail with an error.  alternatively the class may be written so that it is impossible for the $user variable not to be populated with something. typically a function like this will return true or false but it can return anything.  assuming true/false: yes (to your first question) the antecedent (!) on the method call will mean "take the following action if the user is not authorised". 

how do you define "top value"?

yes.  as each file is "included" php first parses the script and then executes any code that is in the current scope. php is essentially a synchronous language so in general terms code is executed line by line.

two ways: 1. if your smtp server or MTA has a sendtoprogram mode then you could direct the output of the mail handler to a php script.  postfix has such a thing. 2. use php's imap functions to poll your email account from time to time and parse the new email in there.  there are some nice classes in PEAR which will do this for you if your coding skills are not currently up to it.  if you want an example of an application that does this have a look at wordpress's code.

here is a code snip i wrote for a tek-tips user a couple of days ago. note that it contains a very crude file type limiter in the $permittedFileTypes variable.  just add to that array if you want or remove the check later on in the code. [code] <? function displayForm(){ ?> <style type="text/css"> body, input {font-family:Verdana, Arial, Helvetica, sans-serif; font-size:10px;} input {margin-top: 3px;} label {font-weight:bold;} .message {width:25%; border:dotted red 1px; background-color:#FFE1E1; padding: 5px; margin-left:2px; } .mainForm {width:25%;} </style> <? if (!empty($GLOBALS['message'])): ?> <div class="message"> <?=$GLOBALS['message']?> </div> <? endif; ?> <form method="post" action="<?=$_SERVER['PHP_SELF']?>" enctype="multipart/form-data"> <fieldset class="mainForm" > <legend>Upload file test script</legend> <label>Type your name</label><br/> <input type="text" name="posterName" /><br/> <label>Select file for upload (max 3MB)</label><br/> <input type="hidden" name="MAX_FILE_SIZE" value="3145728"/> <input type="file" name="uploadedFile" /><br/> <input type="submit" name="submit" value="Upload" style="float:right; margin-right: 10px;" /> </fieldset> </form> <? } //test to see whether the form was submitted         if (isset($_POST['submit'])):     //set up some useful variables     //mail parameters     $to =        "            ";     $from =    "            ";     $subject =    "Test message";     $t =        date("j M Y, H:i:s");             $errArray = array(         "UPLOAD_ERR_OK",         "The uploaded file exceeds the value permitted in php.ini",         "The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form",         "The uploaded file was only partially uploaded",         "No file was uploaded",         "",         "Missing a temporary folder",         "Failed to write file to disk"         );         $permittedFileTypes = array(         "pdf",         "doc",         "txt");         //pick up the form variables and clean them a bit     $name = !empty($_POST['posterName']) ? trim($_POST['posterName']) : "No name provided";         //test to make sure that the file upload was ok,     //if not provide the user with a sensible message     if ($_FILES['uploadedFile']['error'] !== 0):         $GLOBALS['message'] = "File did not upload ok.  Error was: ". $errArray[$_FILES['uploadedFile']['error']];         displayForm();         exit;     endif;         //find out the extension of the uploaded file.     //this is not a foolproof method !!!!     $pathinfo = pathinfo($_FILES['uploadedFile']['name']);     $extension = $pathinfo['extension'];     if (!in_array($extension, $permittedFileTypes)):         $GLOBALS['message'] = "Forbidden file type uploaded";         displayForm();     endif;         //we're pretty much ok at this point so it's time to send the mail     //create the message         $msg = <<<STR A contact form was uploaded at $t. The user gave his name as $name. The user uploaded a file called {$_FILES['uploadedFile']['name']}. The uploaded file was {$_FILES['uploadedFile']['size']} bytes. STR;         //encode the uploaded file for email sending     //use base 64     $fileContents = file_get_contents($_FILES['uploadedFile']['tmp_name']);            //create a boundary for multipart messages     $b = md5(time());     $sep = "\n";     //create the headers for a multipart email         $headers  = "From: $from$sep";     $headers .= "To: $to$sep";     $headers .= "Return-Path: $from$sep";     $headers .= "MIME-Version: 1.0$sep";     $headers .= "Content-Type: multipart/mixed; boundary=\"$b\"$sep";     $headers .= "$sep";        //add useful information for bad email clients         $message = "This is a multi-part message in mime format $sep";     $message .= "$sep";        //create the message part     $message .= "--$b$sep";     $message .= "Content-Type: text/plain; charset=\"iso-8859-1\"$sep";     $message .= "Content-Transfer-Encoding: 8bit$sep";     $message .= "$sep";     $message .= $msg;     $message .= "$sep";     $message .= "$sep";         //create the attachment part     $message .= "--$b$sep";     $message .= "Content-Type: application/octet-stream$sep";     $message .= "Content-Transfer-Encoding: base64$sep";     $message .= "Content-Disposition: attachment; filename=\"{$_FILES['uploadedFile']['name']}\" $sep";     $message .= "$sep";        $message .= chunk_split( base64_encode($fileContents), 76, $sep );     $message .= "$sep";     //finish the mail         $message .= "--$b--$sep";     //send the mail     $result = @mail($to, $subject,$message, $headers);     if ($result):         $GLOBALS['message'] = "Mail was sent.  Try again?";     else:         $GLOBALS['message'] = "Mail was not sent.  Try debugging!";     endif;     displayForm(); else:        displayForm();    endif; ?> [/code]