scubaguy Posted October 8, 2007 Share Posted October 8, 2007 This script is supposed to take the form submitted add some content saved in a session and send it to the recipient with the file attached. Form content: <FORM ACTION="../summary.php" METHOD="POST" ENCTYPE="multipart/form-data"> <input type="hidden" name="MAX_FILE_SIZE" value="1000000"> <input type="hidden" name="env_report" value="REMOTE_HOST,REMOTE_ADDR,HTTP_USER_AGENT"> <!-- blah, blah, blah --> <td width="425"><input name="attachment" type="file" class="block1" size="55" maxlength="155"></td> </tr> </table> <!-- blah, blah, blah --> </form> PHP Script: <?php //set the variables $recipient = "order@xyz.com, webmaster@xyz.com"; $bcc = ""; $subject = "Website order form with upload"; $referers = array ('xyz.com'); $banlist = array (); define("SEPARATOR", ($separator)?$separator:": "); define("NEWLINE", ($newline)?$newline:"\n"); //bring the information out of the session $firstname=$_SESSION[firstname]; $lastname=$_SESSION[lastname]; $address=$_SESSION[address]; $city=$_SESSION[city]; $state=$_SESSION[state]; $zip=$_SESSION[zip]; $email=$_SESSION[email]; $phone=$_SESSION[phone]; $cellphone=$_SESSION[cellphone]; //set the session information into stuff to be emailed with this form $formcontent="This customer submitted an order with an uploaded file.\n\nCUSTOMER INFORMATION\n\nFirst Name: $firstname\nLast Name: $lastname\nAddress: $address\nCity: $city\nState: $state\nZip Code: $zip\nEmail address: $email\nPhone number: $phone\nCell phone: $cellphone\n\n\n\nThe contents of the order are as follows:\n\n"; //check the banlist function check_banlist($banlist, $email) { if (count($banlist)) { $allow = true; foreach($banlist as $banned) { $temp = explode("@", $banned); if ($temp[0] == "*") { $temp2 = explode("@", $email); if (trim(strtolower($temp2[1])) == trim(strtolower($temp[1]))) $allow = false; } else { if (trim(strtolower($email)) == trim(strtolower($banned))) $allow = false; } } } if (!$allow) { print_error("You are using from a <b>banned email address.</b>"); } } //check the referer and stop anyone from outside the website from using this function check_referer($referers) { if (count($referers)) { $found = false; $temp = explode("/",getenv("HTTP_REFERER")); $referer = $temp[2]; if ($referer=="") {$referer = $_SERVER['HTTP_REFERER']; list($remove,$stuff)=split('//',$referer,2); list($home,$stuff)=split('/',$stuff,2); $referer = $home; } for ($x=0; $x < count($referers); $x++) { if (eregi ($referers[$x], $referer)) { $found = true; } } if ($referer =="") $found = false; if (!$found){ print_error("You are coming from an <b>unauthorized domain.</b>"); error_log("[FormMail.php] Illegal Referer. (".getenv("HTTP_REFERER").")", 0); } return $found; } else { return true; } } if ($referers) check_referer($referers); if ($banlist) check_banlist($banlist, $email); // This function takes the sorts, excludes certain keys and // makes a pretty content string. function parse_form($array, $sort = "") { // build reserved keyword array $reserved_keys[] = "MAX_FILE_SIZE"; $reserved_keys[] = "required"; $reserved_keys[] = "redirect"; $reserved_keys[] = "require"; $reserved_keys[] = "path_to_file"; $reserved_keys[] = "recipient"; $reserved_keys[] = "subject"; $reserved_keys[] = "sort"; $reserved_keys[] = "style_sheet"; $reserved_keys[] = "bgcolor"; $reserved_keys[] = "text_color"; $reserved_keys[] = "link_color"; $reserved_keys[] = "vlink_color"; $reserved_keys[] = "alink_color"; $reserved_keys[] = "title"; $reserved_keys[] = "missing_fields_redirect"; $reserved_keys[] = "env_report"; $reserved_keys[] = "submit"; if (count($array)) { if (is_array($sort)) { foreach ($sort as $field) { $reserved_violation = 0; for ($ri=0; $ri<count($reserved_keys); $ri++) if ($array[$field] == $reserved_keys[$ri]) $reserved_violation = 1; if ($reserved_violation != 1) { if (is_array($array[$field])) { for ($z=0;$z<count($array[$field]);$z++) $content .= $field.SEPARATOR.$array[$field][$z].NEWLINE; } else $content .= $field.SEPARATOR.$array[$field].NEWLINE; } } } while (list($key, $val) = each($array)) { $reserved_violation = 0; for ($ri=0; $ri<count($reserved_keys); $ri++) if ($key == $reserved_keys[$ri]) $reserved_violation = 1; for ($ri=0; $ri<count($sort); $ri++) if ($key == $sort[$ri]) $reserved_violation = 1; // prepare content if ($reserved_violation != 1) { if (is_array($val)) { for ($z=0;$z<count($val);$z++) $content .= $key.SEPARATOR.$val[$z].NEWLINE; } else $content .= $key.SEPARATOR.$val.NEWLINE; } } } return $content; } // mail the content function mail_it($content, $subject, $from, $recipient) { global $attachment_chunk, $attachment_name, $attachment_type, $attachment_sent, $bcc; $ob = "----=_OuterBoundary_000"; $ib = "----=_InnerBoundery_001"; $headers = "MIME-Version: 1.0\r\n"; $headers .= "From: ".$from."\n"; $headers .= "To: ".$recipient."\n"; $headers .= "Reply-To: ".$from."\n"; $headers .= "X-Priority: 1\n"; $headers .= "X-Mailer: DT Formmail".VERSION."\n"; $headers .= "Content-Type: multipart/mixed;\n\tboundary=\"".$ob."\"\n"; $message = "This is a multi-part message in MIME format.\n"; $message .= "\n--".$ob."\n"; $message .= "Content-Type: multipart/alternative;\n\tboundary=\"".$ib."\"\n\n"; $message .= "\n--".$ib."\n"; $message .= "Content-Type: text/plain;\n\tcharset=\"iso-8859-1\"\n"; $message .= "Content-Transfer-Encoding: quoted-printable\n\n"; $message .= $content."\n\n"; $message .= "\n--".$ib."--\n"; if ($attachment_name && !$attachment_sent) { $message .= "\n--".$ob."\n"; $message .= "Content-Type: $attachment_type;\n\tname=\"".$attachment_name."\"\n"; $message .= "Content-Transfer-Encoding: base64\n"; $message .= "Content-Disposition: attachment;\n\tfilename=\"".$attachment_name."\"\n\n"; $message .= $attachment_chunk; $message .= "\n\n"; $attachment_sent = 1; } $message .= "\n--".$ob."--\n"; mail($recipient, $subject, $message, $headers); } // build the body tag for page display function build_body($title, $bgcolor, $text_color, $link_color, $vlink_color, $alink_color, $style_sheet) { if ($style_sheet) echo "<LINK rel=STYLESHEET href=\"$style_sheet\" Type=\"text/css\">\n"; if ($title) echo "<title>$title</title>\n"; if (!$bgcolor) $bgcolor = "#FFFFFF"; if (!$text_color) $text_color = "#000000"; if (!$link_color) $link_color = "#0000FF"; if (!$vlink_color) $vlink_color = "#FF0000"; if (!$alink_color) $alink_color = "#000088"; if ($background) $background = "background=\"$background\""; echo "<body bgcolor=\"$bgcolor\" text=\"$text_color\" link=\"$link_color\" vlink=\"$vlink_color\" alink=\"$alink_color\" $background>\n\n"; } // prepare the content $content = parse_form($HTTP_POST_VARS, $sort); $formcontent = $formcontent.$content; $content = $formcontent; check for an attachment if there is a file upload it if ($attachment_name) { if ($attachment_size > 0) { if (!$attachment_type) $attachment_type = "application/unknown"; $content .= "Attached File: ".$attachment_name."\n"; $fp = fopen($attachment, "r"); $attachment_chunk = fread($fp, filesize($attachment)); $attachment_chunk = base64_encode($attachment_chunk); $attachment_chunk = chunk_split($attachment_chunk); } } // check for a file if there is a file upload it if ($file_name) { if ($file_size > 0) { if (!ereg("/$", $path_to_file)) $path_to_file = $path_to_file."/"; $location = $path_to_file.$file_name; if (file_exists($path_to_file.$file_name)) $location = $path_to_file.rand(1000,3000).".".$file_name; copy($file,$location); unlink($file); $content .= "Uploaded File: ".$location."\n"; } } // send it off mail_it(stripslashes($content), ($subject)?stripslashes($subject):"Website Order with upload", $email, $recipient); if (file_exists($ar_file)) { $fd = fopen($ar_file, "rb"); $ar_message = fread($fd, filesize($ar_file)); fclose($fd); mail_it($ar_message, ($ar_subject)?stripslashes($ar_subject):"RE: Website Order with upload", ($ar_from)?$ar_from:$recipient, $email); } ?> I think that the file is being uploaded but the email comes through without the attached file. I have this same script working on one server but I can't seem to get it work on this particular server. Any thoughts? Thanks Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.