hey all i hope someone can be kind enough to help me with this
im a php beginner so i apologise in advance
i found this nice little script that upon submitting the form emails me the text contents of the form and uploads the image attachment to a file on my server which is perfect except one thing
id really like the email to either contain a copy of the image as an attachment as well or preferrably a link to the image on the server so that way i can tell which image goes to what form submission
the site allows people to send me pictures with comments and if i like it ill add it to the site manually
so here is the php code
<?php
$site_name = $_SERVER['HTTP_HOST'];
$url_dir = "http://".$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']);
$url_this = "http://".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'];
$upload_dir = "files/";
$upload_url = $url_dir."/files/";
$message ="";
$msgban = "$file_name";
/************************************************************
* Create Upload Directory
************************************************************/
if (!is_dir("files")) {
if (!mkdir($upload_dir))
die ("upload_files directory doesn't exist and creation failed");
if (!chmod($upload_dir,0755))
die ("change permission to 755 failed.");
}
/************************************************************
* Process User's Request
************************************************************/
if ($_REQUEST[del]) {
$resource = fopen("log.txt","a");
fwrite($resource,date("Y/m/d h:i:s")."DELETE - $_SERVER[REMOTE_ADDR]"."$_REQUEST[del]\n");
fclose($resource);
if (strpos($_REQUEST[del],"/.")>0); //possible hacking
else if (strpos($_REQUEST[del],"files/") === false); //possible hacking
else if (substr($_REQUEST[del],0,6)=="files/") {
unlink($_REQUEST[del]);
}
}
else if ($_FILES['userfile']) {
$resource = fopen("log.txt","a");
fwrite($resource,date("Y/m/d h:i:s")."UPLOAD - $_SERVER[REMOTE_ADDR]"
.$_FILES['userfile']['name']." "
.$_FILES['userfile']['type']."\n");
fclose($resource);
$message = do_upload($upload_dir, $upload_url);
}
else if (!$_FILES['userfile']);
else
$message = "Invalid File Specified.";
/************************************************************
* List Files
************************************************************/
$handle=opendir($upload_dir);
$filelist = "";
while ($file = readdir($handle)) {
if(!is_dir($file) && !is_link($file)) {
$filelist .= "<br><a href='$upload_dir$file'>".$file."</a>";
$filelist .= "<a href='?del=$upload_dir$file' title='delete'>x</a>";
}
}
function do_upload($upload_dir, $upload_url) {
$temp_name = $_FILES['userfile']['tmp_name'];
$file_name = $_FILES['userfile']['name'];
$file_name = str_replace("\\","",$file_name);
$file_name = str_replace("'","",$file_name);
$file_type = $_FILES['userfile']['type'];
$file_size = $_FILES['userfile']['size'];
$result = $_FILES['userfile']['error'];
$file_url = $upload_url.$file_name;
$file_path = $upload_dir.$file_name;
//File Name Check
if ( $file_name =="") {
$message = "Invalid File Name Specified";
return $message;
}
//File Size Check
else if ( $file_size > 4000000) {
// print $file_size;
// $message = "The file size is over 2MB.";
// return $message;
}
//File Type Check -- Prevent possible attacks
else if ( strpos($file_name,".php") !== false
|| strpos($file_name,".cgi") !== false
|| strpos($file_name,".htm") !== false
|| strpos($file_name,".phtm") !== false )
return;
else if ( strpos($file_type,"image") !== false
|| $file_type == "application/msword");
else {
//$message = "Sorry, demo. only allows image or ms-word upload." ;
//$message .= "<br>You may allow other types(i.e, .zip) on your own server." ;
//return $message;
}
$result = move_uploaded_file($temp_name, $file_path);
if (!chmod($file_path,0755))
$message = "change permission to 755 failed.";
else
$msgban = ($result)?"$file_name" :
$message = ($result)?"$file_name uploaded successfully. In cel mult 24 ore Bannerul va aparea pe site." :
"Somthing is wrong with uploading a file.";
return $message;
}
?>
<?php
$email = "Name:\t$_POST[nume_expeditor]\n";
$email .= "E-Mail:\t$_POST[email_expeditor]\n";
$email .= "Image:\t$_POST[userfile]\n";
$email .= "Image name/Title:\t$_POST[email_expeditor3]\n";
$email .= "Comments:\t$_POST[mesaj]\n\n";
$destinatar = "submit@maricopamilfs.com";
$subiect = "Milf Submit";
$detalii = "From: Maricopa Milf Submit Form<> \n";
$detalii .= "Reply-To: $_POST[email_expeditor]\n\n";
mail($destinatar, $subiect, $email, $detalii);
echo "<HTML><HEAD></HEAD><BODY>";
echo "<align=center>thanks for submitting your milf pic!";
echo "</BODY></HTML>";
?>
and here is the html code
<html>
<head>
<title>Contact Form</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body bgcolor="#FFFFFF" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<div align="center" class="style3"><form name="upload" id="upload" ENCTYPE="multipart/form-data" method="post" action="thanks-for-submitting-your-milf-pics.html">
<P align="center" class="style3">Name<span class="style1">*</span>:<br>
<INPUT type="text" name="nume_expeditor" size=30>
</p>
<P align="center" class="style3">E-Mail<span class="style1">*</span>:<br>
<INPUT type="text" name="email_expeditor" size=30>
</p>
<P align="center" class="style3">Image<span class="style1">*</span>:</p>
<P align="center" class="style3">
<input type="file" id="userfile" name="userfile">
</p>
<P align="center" class="style3">Image Title <span class="style1">*</span>:</p>
<P align="center" class="style3">
<INPUT type="text" name="email_expeditor3" size=30>
</p>
<P align="center" class="style3">Comments:<br>
<textarea name="mesaj" cols=30 rows=5></textarea>
</p>
<div align="center"> <span class="style3">
<input type="submit" name="upload" value="Send">
</span></div></form>
<div align="center">* - please check theme. </div>
</div>
</body>
</html>
just so u know this block here
$email = "Name:\t$_POST[nume_expeditor]\n";
$email .= "E-Mail:\t$_POST[email_expeditor]\n";
$email .= "Image:\t$_POST[userfile]\n";
$email .= "Image name/Title:\t$_POST[email_expeditor3]\n";
$email .= "Comments:\t$_POST[mesaj]\n\n";
the $email .= "Image:\t$_POST[userfile]\n"; line i added myself.. it didnt come with one i guess they didnt assume the script would be useful for a site with multiple submissions or something
anyways thank you in advance for any help