Jump to content

Recommended Posts

I have this script that allows a user to email an attachment. I'm trying to check the file size and type of file. See the section I added in the middle. Keeps giving e the message "wrong file type" and won't send the email.

<?php
   if ($_SERVER['REQUEST_METHOD']=="POST"){

   // we'll begin by assigning the To address and message subject
   $to="me@you.com";

   $subject="E-mail with attachment";

   // get the sender's name and email address
   // we'll just plug them a variable to be used later
   $from = stripslashes($_POST['fromname'])."<".stripslashes($_POST['fromemail']).">";

   // generate a random string to be used as the boundary marker
   $mime_boundary="==Multipart_Boundary_x".md5(mt_rand())."x";

   // store the file information to variables for easier access
   $tmp_name = $_FILES['filename']['tmp_name'];
   $type = $_FILES['filename']['type'];
   $name = $_FILES['filename']['name'];
   $size = $_FILES['filename']['size'];

   // here we'll hard code a text message
   // again, in reality, you'll normally get this from the form submission
   $message = "Here is your file: $name";

   // if the upload succeded, the file will exist
   if (file_exists($tmp_name)){

      // check to make sure that it is an uploaded file and not a system file
      if(is_uploaded_file($tmp_name)){

         // open the file for a binary read
         $file = fopen($tmp_name,'rb');

         // read the file content into a variable
         $data = fread($file,filesize($tmp_name));

         // close the file
         fclose($file);

         // now we encode it and split it into acceptable length lines
         $data = chunk_split(base64_encode($data));
     }

      // now we'll build the message headers
      $headers = "From: $from\r\n" .
         "MIME-Version: 1.0\r\n" .
         "Content-Type: multipart/mixed;\r\n" .
         " boundary=\"{$mime_boundary}\"";

      // next, we'll build the message body
      // note that we insert two dashes in front of the
      // MIME boundary when we use it
      $message = "This is a multi-part message in MIME format.\n\n" .
         "--{$mime_boundary}\n" .
         "Content-Type: text/plain; charset=\"iso-8859-1\"\n" .
         "Content-Transfer-Encoding: 7bit\n\n" .
         $message . "\n\n";

      // now we'll insert a boundary to indicate we're starting the attachment
      // we have to specify the content type, file name, and disposition as
      // an attachment, then add the file content and set another boundary to
      // indicate that the end of the file has been reached
      $message .= "--{$mime_boundary}\n" .
         "Content-Type: {$type};\n" .
         " name=\"{$name}\"\n" .
         //"Content-Disposition: attachment;\n" .
         //" filename=\"{$fileatt_name}\"\n" .
         "Content-Transfer-Encoding: base64\n\n" .
         $data . "\n\n" .
         "--{$mime_boundary}--\n";
//Added content here******************************************
define ("MAX_SIZE","50"); 

function getExtension($str) {
$i = strrpos($str,".");
if (!$i) { return ""; }
$l = strlen($str) - $i;
$type = substr($str,$i+1,$l);
return $ext;
}

$errors=0;
$filename = stripslashes($_FILES['image']['name']);

$type = getExtension($name);
$type = strtolower($extension);

if (($type != "jpg") && ($type != "jpeg") && ($type != "png") && ($type != "pdf") && ($type != "dwg") && ($type != "gif")) 
{
echo 'Unknown file extension! Only .gif, .jpg, .png, pdf and dwg and files are allowed to be uploaded </a>.';
$errors=1;
die ();
}

$size=filesize($_FILES['image']['tmp_name']);

if ($size > MAX_SIZE*1024)
{
echo 'You have exceeded the size limit!';
$errors=1;
die ();
}




//End Added content**********************************



      // now we just send the message
      if (@mail($to, $subject, $message, $headers))
         echo "Message Sent";
      else
         echo "Failed to send";
   }
} else {
?>
<p>Send an e-mail with an attachment:</p>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" 
   enctype="multipart/form-data" name="form1">
   <p>From name: <input type="text" name="fromname"></p>
   <p>From e-mail: <input type="text" name="fromemail"></p>
   <p>File: <input type="file" name="filename"></p>
   <p><input type="submit" name="Submit" value="Submit"></p>
</form>
<?php } ?> 

Link to comment
https://forums.phpfreaks.com/topic/125135-email-form-and-attachments/
Share on other sites

Does it say "wrong file type" .. or does it say .. "Unknown file extension! Only .gif, .jpg, .png, pdf and dwg and files are allowed to be uploaded" ??

 

Have you double checked the function getExtension is returning the right value?

 

Adam

Well just cut and paste the function into a new file and test it out, eg:

 

<?php

function getExtension($str) {
$i = strrpos($str,".");
if (!$i) { return ""; }
$l = strlen($str) - $i;
$type = substr($str,$i+1,$l);
return $ext;
}

print getExtension('testfile.jpg');

?>

 

if it works properly should return "jpg", but possibly could be returning ".jpg" ??

 

You could use something MUCH simpler like:

 

function file_extension($filename) {
   $path_info = pathinfo($filename);
   return $path_info['extension'];
}

 

 

Adam

Now I have

 

define ("MAX_SIZE","50"); 

function file_extension($filename) {
    $path_info = pathinfo($filename);
    return $path_info['extension'];
}

$errors=0;
$filename = stripslashes($_FILES['image']['name']);

$type = file_extension($name);
$type = strtolower($extension);

if (($type != "jpg") && ($type != "jpeg") && ($type != "png") && ($type != "pdf") && ($type != "dwg") && ($type != "gif")) 
{
echo 'Unknown file extension! Only .gif, .jpg, .png, pdf and dwg and files are allowed to be uploaded </a>.';
$errors=1;
die ();
}

$size=filesize($_FILES['image']['tmp_name']);

if ($size > MAX_SIZE*1024)
{
echo 'You have exceeded the size limit!';
$errors=1;
die ();
}

And I still get "Unknown file extension! Only .gif, .jpg, .png, pdf and dwg and files are allowed to be uploaded ."

$filename = stripslashes($_FILES['image']['name']);

$type = getExtension($name);
$type = strtolower($extension);

 

Problem is here i think, should be:

 

$filename = stripslashes($_FILES['filename']['name']);
$type = strtolower( getExtension( $filename));

oh yeah you changed it to:

 

function file_extension($filename) {
    $path_info = pathinfo($filename);
    return $path_info['extension'];
}

 

... so needs to be:

 

$filename = stripslashes($_FILES['filename']['name']);
$type = strtolower( file_extension( $filename));

Ok I am getting close. Now I have this

<?php
   if ($_SERVER['REQUEST_METHOD']=="POST"){

   // we'll begin by assigning the To address and message subject
   $to="me@you.com";

   $subject="E-mail with attachment";

   // get the sender's name and email address
   // we'll just plug them a variable to be used later
   $from = stripslashes($_POST['fromname'])."<".stripslashes($_POST['fromemail']).">";

   // generate a random string to be used as the boundary marker
   $mime_boundary="==Multipart_Boundary_x".md5(mt_rand())."x";

   // store the file information to variables for easier access
   $tmp_name = $_FILES['filename']['tmp_name'];
   $type = $_FILES['filename']['type'];
   $name = $_FILES['filename']['name'];
   $size = $_FILES['filename']['size'];

   // here we'll hard code a text message
   // again, in reality, you'll normally get this from the form submission
   $message = "Here is your file: $name";

   // if the upload succeded, the file will exist
   if (file_exists($tmp_name)){

      // check to make sure that it is an uploaded file and not a system file
      if(is_uploaded_file($tmp_name)){

         // open the file for a binary read
         $file = fopen($tmp_name,'rb');

         // read the file content into a variable
         $data = fread($file,filesize($tmp_name));

         // close the file
         fclose($file);

         // now we encode it and split it into acceptable length lines
         $data = chunk_split(base64_encode($data));
     }

      // now we'll build the message headers
      $headers = "From: $from\r\n" .
         "MIME-Version: 1.0\r\n" .
         "Content-Type: multipart/mixed;\r\n" .
         " boundary=\"{$mime_boundary}\"";

      // next, we'll build the message body
      // note that we insert two dashes in front of the
      // MIME boundary when we use it
      $message = "This is a multi-part message in MIME format.\n\n" .
         "--{$mime_boundary}\n" .
         "Content-Type: text/plain; charset=\"iso-8859-1\"\n" .
         "Content-Transfer-Encoding: 7bit\n\n" .
         $message . "\n\n";

      // now we'll insert a boundary to indicate we're starting the attachment
      // we have to specify the content type, file name, and disposition as
      // an attachment, then add the file content and set another boundary to
      // indicate that the end of the file has been reached
      $message .= "--{$mime_boundary}\n" .
         "Content-Type: {$type};\n" .
         " name=\"{$name}\"\n" .
         //"Content-Disposition: attachment;\n" .
         //" filename=\"{$fileatt_name}\"\n" .
         "Content-Transfer-Encoding: base64\n\n" .
         $data . "\n\n" .
         "--{$mime_boundary}--\n";

define ("MAX_SIZE","50"); 

function file_extension($filename) {
    $path_info = pathinfo($filename);
    return $path_info['extension'];
}




$errors=0;
$filename = stripslashes($_FILES['filename']['name']);
$type = strtolower( file_extension( $filename));


if (($type != "jpg") && ($type != "jpeg") && ($type != "png") && ($type != "pdf") && ($type != "dwg") && ($type != "gif")) 
{

echo 'Unknown file extension. Only .gif, .jpg, .png, pdf and dwg and files are allowed to be uploaded </a>.';
echo $path_parts['extension'], "\n";
$errors=1;
die ();
}



$size=filesize($_FILES['image']['tmp_name']);

if $size = $_FILES['filename']['size'];
{
echo 'You have exceeded the size limit!';
$errors=1;
die ();
}





      // now we just send the message
      if (@mail($to, $subject, $message, $headers))
         echo "Message Sent";
      else
         echo "Failed to send";
   }
} else {
?>
<p>Send an e-mail with an attachment:</p>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" 
   enctype="multipart/form-data" name="form1">
   <p>From name: <input type="text" name="fromname"></p>
   <p>From e-mail: <input type="text" name="fromemail"></p>
   <p>File: <input type="file" name="filename"></p>
   <p><input type="submit" name="Submit" value="Submit"></p>
</form>
<?php } ?> 

And I get this error

Parse error: syntax error, unexpected T_VARIABLE, expecting '(' in .....on line 109

 

Which  is this line

if $size = $_FILES['filename']['size'];

Don't understand what you're trying to do there though...

 

$size=filesize($_FILES['image']['tmp_name']);

if ($size == $_FILES['filename']['size']);

{
echo 'You have exceeded the size limit!';
echo $size;
$errors=1;
die ();
}

 

$_FILES['image'] .. isn't actually used on the form, not sure why you have lots of references to it? But you need to set a size limit yourself. with that you're basically setting the filesize limit to equal the filesize of a file i'm not even sure exists; filesize($_FILES['image']['tmp_name']) ...? should look something more like:

 

if ($_FILES['filename']['size'] >= 1048576) {
echo 'You have exceeded the size limit of 1Mb!';
echo ' Actual size: '.$_FILES['filename']['size'];
$errors=1;
die ();
}

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.