Jump to content

File size validation in email form

meddler

By meddler
in PHP Coding Help

 Share

Recommended Posts

meddler Newbie

meddler

Posted
Posted

This is driving me up the wall...!

 

I have a form that is filled in for a job application and validates the fields before emailing the details plus an uploaded CV. The form also sends a confirmation email to the sender.

 

The problem i have is the checking of the file size.

 

The filesize should be limited to 200kb.

 

Firstly php.ini is set to 8mb default (which i don't have control over), so if someone uploads a file bigger than that i get a php POST CONTENT warning. I'd like to have my system stop this and error in the form before php.ini gets involved.

 

Secondly if the size is lower than 8mb but over 200kb it clears the cv directory path and displays the error message that says there is nothing in the upload field instead of the filesize error.

 

Please help as this is killing me now!

 

P.S. i've taken the inappropriate content out and the CSS

 


<?php
//define the error messages for invalid data
define("errorName","INVALID NAME! minimum of 2 characters long");
define("errorAdd","INVALID ADDRESS! minimum of 5 characters long");
define("errorCity","INVALID CITY! Please enter a valid city name");
define("errorPost","INVALID POSTCODE!");
//define("errorGender","SELECT! please select your gender");
define("errorEmail","INVALID EMAIL! Please enter a valid email address!");
define("errorCV","Please enter a CV to upload!");
define("errorfile","NO CV! Please enter a path to upload your CV");
define("errorFormat","INVALID FILE FORMAT! Please upload zip, pdf, txt or doc file");
define("errorSizemes","INVALID FILE SIZE! Please upload a file smaller than 200kb");

ini_set("sendmail_from", " job-application@test.com ");

ini_set('display_errors', 0);

$max_file_size="200";


function createForm($sName="",$fName="",$address1="",$address2="",$city="",$county="",$pCode="",$telephone="",$mobile="",$email="",$fileatt="")
{
?>

<form name='contact' method='post' action='<?php echo $_SERVER['PHP_SELF']; ?>' enctype='multipart/form-data'>
    <fieldset>
    <div id="formtext">
    <label for="sName">Surname *</label><br />
    <label for="fName" class="fields">Forename *</label><br />
    <label for="address1">Address *</label><br />
<label for="address2"></label><br />
    <label for="city">City/Town *</label><br />
    <label for="county">County</label><br />
    <label for="pCode">Post Code *</label><br />
    <label for="telephone">Home Telephone</label><br />
    <label for="mobile">Mobile</label><br />
    <label for="email">Email Address *</label>
    <br />
    <label for="fileatt">Upload CV *</label>
    </div><!--close formtext-->
    <div id="formfields">
    <input name="sName" type="text" id="sName" class="fields" value="<?php echo $sName; ?>" tabindex="1" size="35"/><br />
<input type="text" id="fName" name="fName" value="<?php echo $fName; ?>" tabindex="2" /><br />
    <input name="address1" type="text" value="<?php echo $address1; ?>" id="address1" class="fields" tabindex="3" size="35" maxlength="15" /><br />
    <input name="address2" type="text" id="address2" class="fields" value="<?php echo $address2; ?>" size="35" tabindex="4" maxlength="50" /><br />
    <input name="city" type="text" tabindex="5" class="fields" id="city" value="<?php echo $city; ?>" size="35" maxlength="50"/><br />
    <input name="county" type="text" class="fields" id="county" tabindex="6" value="<?php echo $county; ?>" size="35" maxlength="50" /><br />
    <input name="pCode" type="text" class="fields" id="pCode" tabindex="7" value="<?php echo $pCode; ?>" size="15" maxlength="10" />
    <br />
    <input name="telephone" type="text" class="fields" id="telephone" tabindex="8" value="<?php echo $telephone; ?>" size="25" maxlength="20" /><br />
    <input name="mobile" type="text" class="fields" id="mobile" tabindex="9" value="<?php echo $mobile; ?>" size="25" maxlength="20" /><br />
    <input name="email" type="text" class="fields" id="email" tabindex="10" value="<?php echo $email; ?>" size="35" maxlength="50" /><br />
    <input type="hidden" name="MAX_FILE_SIZE" value="200000">
    <input name="fileatt" type="file" class="fields" id="fileatt" value="<?php echo $fileatt; ?>" tabindex="11" size="35" max length="100"/><br />
    <p class="style2">File size cannot exceed 200kb. Accepted formats (.doc / .pdf / .txt / .zip)</p>
    <input type="submit" name="submit" class="submitbutton" value="submit" />
</div><!--close formfields-->
    </fieldset>
    
</form>
  
  <?php
}

// This function validates an email address
function isValidEmail($email){
   $pattern = "^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$";
     
   if (eregi($pattern, $email)){
      return true;
   }
   else {
      return false;
   }   
}

// Check file type 
function isCorrectFormat($fileatt_name){
$pattern = "^.+\.(pdf|txt|doc|zip)";

if (eregi($pattern, $fileatt_name)){
	return true;
	}
	else{
	return false;
	}
}

    // Redirects to another Page using HTTP-META Tag
     function redirect( $url, $delay = 0, $message = "" )
     {
        /* redirects to a new URL using meta tags */
        echo "<meta http-equiv='Refresh' content='".$delay."; url=".$url."'>";
        die;
     }
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

</head>
<body>
<?php
if (!isset($_POST['submit']))  {
    createForm();
} else  {
      $sName = isset($_POST['sName']) ? $_POST['sName'] : "";
  $fName = isset($_POST['fName']) ? $_POST['fName'] : "";
      $address1 = isset($_POST['address1']) ? $_POST['address1'] : "";
  $address2 = isset($_POST['address2']) ? $_POST['address2'] : "";
  $city = isset($_POST['city']) ? $_POST['city'] : "";
      $county = isset($_POST['county']) ? $_POST['county'] : "";
  $pCode = isset($_POST['pCode']) ? $_POST['pCode'] : "";
  $telephone = isset($_POST['telephone']) ? $_POST['telephone'] : "";
  $mobile = isset($_POST['mobile']) ? $_POST['mobile'] : "";
  $email = isset($_POST['email']) ? $_POST['email'] : "";
  
  
  	//file upload
  $fileatt      = $_FILES['fileatt']['tmp_name'];
  $fileatt_type = $_FILES['fileatt']['type'];
  $fileatt_name = $_FILES['fileatt']['name'];
  $filebytes =    $_FILES['fileatt']['size'];
  $max_bytes = $max_file_size*1024;
  //$filebytes = filesize($fileatt);
  
  
  //system information	  
  $ip = getenv("REMOTE_ADDR");
  $httpref = getenv ("HTTP_REFERER");
  $httpagent = getenv ("HTTP_USER_AGENT");
  
  //error definition
      $error  = false;
      $errorsName = '';
      $errorfName = '';
      $erroraddress = '';
  $errorcity = '';
  $errorpCode = '';
  $errortelephone = '';
  $errormobile = '';
  $erroremail = '';
  $errorfileatt = '';
  $errorformat = '';
  $errorSize = '';

      
  //error validation
  	
  if (strlen($sName)<2) {
          $error = true;
          $errorsName = errorName;
      }
  
  if (strlen($fName)<2) {
  	  $error = true;
	  $errorfName = errorName;
  }
  
  if (strlen($address1)<5) {
  	  $error = true;
	  $erroraddress = errorAdd;
  }
  
  if (strlen($city)<2) {
      $error = true;
	  $errorcity = errorCity;
  }
  
      if (!isValidEmail($email)) {
          $error = true;
          $erroremail = errorEmail;
      }
  
      if (strlen($pCode)<5) {
  	  $error = true;
	  $errorpCode = errorPost;
  }	  
  
  if (strlen($fileatt)<5) {
          $error = true;
	  $errorfileatt = errorfile;
  }
  
  Elseif(!isCorrectFormat($fileatt_name)) {
  		$error = true;
		$errorformat = errorFormat;
	}
  Elseif ($filebytes > $max_bytes){
  		$error = true;
		$errorSize = errorSizemes;
	}


      if ($error){
?>
<?php 
	if ($errorsName == errorName){
	    echo "<li> $errorsName </li>";
	} 

	if ($errorfName == errorName){
	    echo "<li> $errorfName </li>";
	}

	if ($erroraddress == errorAdd){
	    echo "<li> $erroraddress </li>";
	}

	if ($errorcity == errorCity){
	    echo "<li> $errorcity </li>";
	}

	if ($erroremail == errorEmail){
	    echo "<li> $erroremail </li>";
	}

	if ($errorpCode == errorPost){
		echo "<li> $errorpCode </li>";
	}

	if ($errorfileatt == errorfile){
		echo "<li> $errorfileatt </li>";
	}

	if ($errorformat == errorFormat){
		echo "<li> $errorformat </li>";
		}

	if ($errorSize == errorSizemes){
	    echo "<li> $errorSize </li>";
	} 

?>
</ul>

<?php
         createForm($sName,$fName,$address1,$address2,$city,$county,$pCode,$telephone,$mobile,$email,$fileatt);
      }
      else {
    $todayis = date("l, F j, Y, g:i a") ;
	$subject = "Job Application";
	$sName = stripslashes($sName);
	$fName = stripslashes($fName);
	$address1 = stripslashes($address1);
	$address2 = stripslashes($address2);
	$city = stripslashes($city);
	$county = stripslashes($county);
	$pCode = stripslashes($pCode);
	$telephone = stripslashes($telephone);
	$mobile = stripslashes($mobile);
	$email = stripslashes($email);


//$headers = "From: $from";

if (is_uploaded_file($fileatt)) {
  // Read the file to be attached ('rb' = read binary)
  $file = fopen($fileatt,'rb');
  $data = fread($file,filesize($fileatt));
  fclose($file);

  // Generate a boundary string
  $semi_rand = md5(time());
  $mime_boundary = "==Multipart_Boundary_x{$semi_rand}x";
  
  // Add the headers for a file attachment
  $headers .= "\nMIME-Version: 1.0\n" .
              "Content-Type: multipart/mixed;\n" .
              " boundary=\"{$mime_boundary}\"";

  // Add a multipart boundary above the plain message
  $message = "This is a multi-part message in MIME format.\n\n" .
             "--{$mime_boundary}\n" .
             "Content-Type: text/plain; charset=\"iso-8859-1\"\n" .
             "Content-Transfer-Encoding: 7bit\n\n" .
             $message . "\n\n" .
		 "$todayis [GMT] \n" .
		"From: $fName $sName, ($email) \n\n" .
		"Address:   $address1 \n" .
		"           $address2 \n" .
		"           $city \n" .
		"           $county \n" .
		"           $pCode \n\n" .
            "Telephone: $telephone \n" .
		"Mobile:    $mobile \n \n";

  // Base64 encode the file data
  $data = chunk_split(base64_encode($data));

  // Add file attachment to the message
  $message .= "--{$mime_boundary}\n" .
              "Content-Type: {$fileatt_type};\n" .
              " name=\"{$fileatt_name}\"\n" .
              //"Content-Disposition: attachment;\n" .
              //" filename=\"{$fileatt_name}\"\n" .
              "Content-Transfer-Encoding: base64\n\n" .
              $data . "\n\n" .
              "--{$mime_boundary}--\n";

		mail('info@test.co.uk', $subject,  $message, $headers);

$confirm = "This email is a confirmation for the job application\n\n" .
		   "On $todayis [GMT] \n\n" .
		   "The details you posted where as follows: \n" .
		   "Name: $fName $sName \n\n" .
		   "Address:   $address1 \n" .
		   "           $address2 \n" .
		   "           $city \n" .
		   "           $county \n" .
		   "           $pCode \n\n" .
               "Telephone: $telephone \n" .
		   "Mobile:    $mobile \n \n" .
		   "Email:     $email \n \n" .
		   "CV:        $fileatt_name \n \n \n" .
		   "filename: $filebytes \n \n" .
		   "PLEASE DO NOT REPLY";
		   
		mail($email, 'Job Application Confirmation - PLEASE DO NOT REPLY', $confirm);  
}

?>

<p>Your message has been sent, Thank you!</p>
<br />
<p>If your not redirected back to the Contact page within 5 seconds, <a href="careers.php">click here to return to the careers page</a></p>

<?php
redirect("job-application3.php", 5);
    }
}
?>

</body>
</html>

Link to comment
Share on other sites
meddler Newbie

meddler

Posted
  • Author
Posted

Hi there..!

 

I've tried using the filesize function and get the same results..

 

If i output the filesize in the email it displays the bytes fine so i know that the function of getting the file size is working fine, its just something to do with the validation of these values...!

 

Thanks for your help though

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.