Jump to content

passing full pathname on file input

dasein

By dasein
in PHP Coding Help

 Share

Recommended Posts

PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

The path of an uploaded file on the client computer is -

 

A) Not available using an type="file" input field, and

B) It is not relevant after the file has been uploaded.

 

What exactly are you trying to do, your post was not very clear.

Link to comment
Share on other sites
dasein Newbie

dasein

Posted
  • Author
Posted

I have an email page running through a php script, but I wanted to allow the user to upload an attachment from their client machine. The problem I'm having PFMaBiSmAd, is when you click on BROWSE and select a file, it shows the entire pathname in the textbox, but won't pass that to the php script...only the file name itself. Someone suggested using a hidden type to capture the full pathname...not sure how to go about doing that though. Thanks, sorry about not being clear in the first place. I understand the security point, but I  don't understand the point in having a <input type="file"...> if it doesn't allow full pathname capture?

Link to comment
Share on other sites
.josh Advanced Member

.josh

Posted
Posted

The point pfm was making is why do you need that info in the first place.

 

Not sure if it's possible (can't try, not on my computer), but it might be possible to grab it with javascript, using document.getElementById('elementidhere').value (and then sending it as a hidden field value)

 

Or maybe possibly using .innerHTML on some surrounding tag and regexing for it.  I mean, if it's physically in the browser window, theoretically you should be able to somehow pluck it out using javascript.

 

Link to comment
Share on other sites
premiso Regular Member

premiso

Posted
Posted

Impossible. You cannot do it, even with Javascript because of Security reasons. I would hate to give anyone who I upload files to my directory structure.

 

Stop turnin' your wheels, it cannot be done except with ActiveX controls as I stated above, which the user has to allow.

 

There should be no reason for you to need that information anyways.

Link to comment
Share on other sites
dasein Newbie

dasein

Posted
  • Author
Posted

I would hate to give anyone who I upload files to my directory structure.

There should be no reason for you to need that information anyways.

But all I want to do is allow a user on his machine to do a browse to find a file to attach to an emailer page that mails out with $subject, $header, $message, $from, $to, but with an attachment the user selected. When the file is attached, only the file name comes through in the email. I wouldn't want anyone getting my directory layout either. You're saying, then, there's no way to do this at all except ActiveX?

Link to comment
Share on other sites
dasein Newbie

dasein

Posted
  • Author
Posted

I would hate to give anyone who I upload files to my directory structure.

There should be no reason for you to need that information anyways.

But all I want to do is allow a user on his own machine to do a browse to find a file to attach to an emailer page that mails out with $subject, $header, $message, $from, $to, but with an attachment the user selected. When the file is attached, only the file name comes through in the email (I think I can easily parse away everything left of the final '/' before the filename itself. I wouldn't want anyone getting my directory layout either. You're saying, then, there's no way to do this at all except ActiveX?

Link to comment
Share on other sites
redarrow Advanced Member

redarrow

Posted
Posted

works lovly can be done there you go.

 

<?php
/* Mailer with Attachments */ 

$action = $_REQUEST['action']; 
global $action; 

function showForm() { 
?> 

  <form enctype="multipart/form-data" name="send" method="post" action="<?=$_SERVER['PHP_SELF']?>"> 
  <input type="hidden" name="action" value="send" /> 
  <input type="hidden" name="MAX_FILE_SIZE" value="10000000" /> 
    <p>Recipient Name: <input name="to_name" size="50" /> 
    Recipient Email: <input name="to_email" size="50" /> 
    From Name:  <input name="from_name" size="50" /> 
    From Email:  <input name="from_email" size="50" /> 
    Subject:  <input name="subject" size="50" /> 
    Message: <textarea name="body" rows="10" cols="50"></textarea> 
    Attachment: <input type="file" name="attachment" size="50" /> 
    <input type="submit" value="Send Email" /></p> 
   
<?php
} 

function sendMail() { 
  if (!isset ($_POST['to_email'])) { //Oops, forgot your email addy! 
    die ("<p>Oops!  You forgot to fill out the email address! Click on the back arrow to go back</p>"); 
  } 
  else { 
    $to_name = stripslashes($_POST['to_name']); 
    $from_name = stripslashes($_POST['from_name']); 
    $subject = stripslashes($_POST['subject']); 
    $body = stripslashes($_POST['body']); 
    $to_email = $_POST['to_email']; 
    $attachment = $_FILES['attachment']['tmp_name']; 
    $attachment_name = $_FILES['attachment']['name']; 
    if (is_uploaded_file($attachment)) { //Do we have a file uploaded? 
      $fp = fopen($attachment, "rb"); //Open it 
      $data = fread($fp, filesize($attachment)); //Read it 
      $data = chunk_split(base64_encode($data)); //Chunk it up and encode it as base64 so it can emailed 
        fclose($fp); 
    } 
    //Let's start our headers 
    $headers = "From: $from_name<" . $_POST['from_email'] . ">\n"; 
    $headers .= "Reply-To: <" . $_POST['from_email'] . ">\n"; 
    $headers .= "MIME-Version: 1.0\n"; 
    $headers .= "Content-Type: multipart/related; type=\"multipart/alternative\"; boundary=\"----=MIME_BOUNDRY_main_message\"\n"; 
    $headers .= "X-Sender: $from_name<" . $_POST['from_email'] . ">\n"; 
    $headers .= "X-Mailer: PHP4\n"; 
    $headers .= "X-Priority: 3\n"; //1 = Urgent, 3 = Normal 
    $headers .= "Return-Path: <" . $_POST['from_email'] . ">\n"; 
    $headers .= "This is a multi-part message in MIME format.\n"; 
    $headers .= "------=MIME_BOUNDRY_main_message \n"; 
    $headers .= "Content-Type: multipart/alternative; boundary=\"----=MIME_BOUNDRY_message_parts\"\n"; 
     
    $message = "------=MIME_BOUNDRY_message_parts\n"; 
    $message .= "Content-Type: text/plain; charset=\"iso-8859-1\"\n"; 
    $message .= "Content-Transfer-Encoding: quoted-printable\n"; 
    $message .= "\n"; 
    /* Add our message, in this case it's plain text.  You could also add HTML by changing the Content-Type to text/html */ 
    $message .= "$body\n"; 
    $message .= "\n"; 
    $message .= "------=MIME_BOUNDRY_message_parts--\n"; 
    $message .= "\n"; 
    $message .= "------=MIME_BOUNDRY_main_message\n"; 
    $message .= "Content-Type: application/octet-stream;\n\tname=\"" . $attachment_name . "\"\n"; 
    $message .= "Content-Transfer-Encoding: base64\n"; 
    $message .= "Content-Disposition: attachment;\n\tfilename=\"" . $attachment_name . "\"\n\n"; 
    $message .= $data; //The base64 encoded message 
    $message .= "\n"; 
    $message .= "------=MIME_BOUNDRY_main_message--\n"; 

    // send the message 
    mail("$to_name<$to_email>", $subject, $message, $headers); 
    print "Mail sent.  Thank you for using the MyNewName5333 Mailer."; 
  } 
} 

print <<< EOT 
<?xml version="1.0" encoding="iso-8859-1"?> 

EOT;?> 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" 
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> 
  <head> 
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> 
    <style="css" type="text/css"> 
      <!-- 
      body { 
        margin: 0px; 
        font-family: Verdana, Arial, Helvetica, sans-serif; 
        font-size: 12px; 
      } 
      a {color: #0000ff} 
      --> 
    </style> 
  </head> 
  <body> 

<?php 
switch ($action) { 
  case "send": 
    sendMail(); 
    showForm(); 
    break; 
  default: 
    showForm(); 
} 
?> 

  </body> 
</html>

Link to comment
Share on other sites
premiso Regular Member

premiso

Posted
Posted

But all I want to do is allow a user on his machine to do a browse to find a file to attach to an emailer page

 

Well that is different than this:

correctly shows but doesn't pass the full pathname on BROWSE, only the file name on the php action form

 

I think the above just confused me, and everyone else. It sounded like you want to retrieve the full path name to use in the script, when you just want to upload a file and allow the user to browse to it...

 

I have not looked at redarrows code, but here is a tutorial for what I think you want to do:

 

http://www.html-form-guide.com/email-form/php-email-form-attachment.html

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.