User Name Password Register
DaniWeb IT Discussion Community
Home
Forums
Tutorials
Code Snippets
Blogs
Link Directory
All
What is DaniWeb IT Discussion Community?
You're currently browsing the PHP section within the Web Development category of DaniWeb, a massive community of 329,043 software developers, web developers, Internet marketers, and tech gurus who are all enthusiastic about making contacts, networking, and learning from each other. In fact, there are 3,496 IT professionals currently interacting right now! Registration is free, only takes a minute and lets you enjoy all of the interactive features of the site.
Join our community!
FAQ | Community Rules | Welcome Guide
Please support our PHP advertiser: Lunarpages PHP Web Hosting

Serious problem with attchments-please help

Join Date: Mar 2008
Posts: 151
Reputation: Suomedia is an unknown quantity at this point 
Rep Power: 1
Solved Threads: 19
Suomedia Suomedia is offline Offline
Junior Poster

Re: Serious problem with attchments-please help

  #17  
Mar 26th, 2008
No problem you asking questions, thats what this forum is for. My apologies for being too busy to reply earlier - I tried to edit my last post but it would not let me.

Here is your file corrected:


Help with Code Tags 
<?php

$firstname = $_POST['FirstName'];
$lastname = $_POST['Lastname'];
$date = $_POST['Date'];
$month = $_POST['Months'];
$year = $_POST['Year'];
$Gender = $_POST['Gender'];
$country = $_POST['Country'];
$Province = $_POST['ProvinceStateRegion'];
$CityTown = $_POST['CityTown'];
$emailaddress = $_POST['EmailAddess'];
$lookingfor = $_POST['LookingFor'];
$interestedin = $_POST['InterestedIn'];
$Duration = $_POST['Duration'];
$tnc_agree = $_POST['tnc_agree'];
	
$to = "ContiAds! <you@your_domain.com>"; // put here the email address you want this sent to
$subject = "New ContiAds SignUp!";
$body = "<html>".
	"<head>".
	"<title>Contact Request</title>".
	"<style type='text/css'>".
	"body,td,th {".
		"font-family: Geneva, Arial, Helvetica, sans-serif;".
		"font-size: 12px;".
	"}".
	".style1 {font-size: 24px}".
	"</style></head>".
	"<body>".
	"<p align='center' class='style1'>ContiAds New Signup</p>".
	"<table width='498' border='0' align='center' cellpadding='5' cellspacing='0'>".
	  "<tr>".
		"<td colspan='2' valign='top' bgcolor='#333333' height='2px'></td>".
	  "</tr>".
	  "<tr>".
		"<td width='104' valign='top'>Full Name:</td>".
		"<td width='374'>".$firstname." ".$lastname."</td>".
	 "</tr>".
	  "<tr>".
		"<td valign='top'>Date:</td>".
		"<td>".$date."</td>".
	  "</tr>".
	  "<tr>".
		"<td valign='top'>Month:</td>".
		"<td>".$month."</td>".
	  "</tr>".
	  "<tr>".
		"<td valign='top'>Year:</td>".
		"<td>".$year."</td>".
	  "</tr>".
	  "<tr>".
		"<td valign='top'>Gender:</td>".
		"<td>".$Gender."</td>".
	  "</tr>".
	  "<tr>".
		"<td valign='top'>Country:</td>".
		"<td>".$country."</td>".
	  "</tr>".
	  "<tr>".
		"<td valign='top'>Province:</td>".
		"<td>".$Province."</td>".
	  "</tr>".
	  "<tr>".
		"<td valign='top'>Email Address:</td>".
		"<td>".$emailaddress."</td>".
	  "</tr>".
	  "<tr>".
		"<td valign='top'>Looking For:</td>".
		"<td>".$lookingfor."</td>".
	  "</tr>".
	  "<tr>".
		"<td valign='top'>Interested In:</td>".
		"<td>".$interestedin."</td>".
	  "</tr>".
	  "<tr>".
		"<td valign='top'>Duration:</td>".
		"<td>".$Duration."</td>".
	  "</tr>".
	  "<tr>".
		"<td colspan='2' valign='top' bgcolor='#333333' height='2px'></td>".
	  "</tr>".
	"</table>".
	"</body>".
	"</html>";
	
//Always set content-type when sending HTML email
$rand = md5( time() );  
$mime_boundary = '==Multipart_Boundary_' . $rand;
$headers = "From: " . $emailaddress . "\n" .
"Reply-To:" . $emailaddress . "\n" .
"MIME-Version: 1.0\n" . 
"Content-Type: multipart/mixed; boundary=\"" . $mime_boundary . "\"";
"\n\n";	

 $message = "This is a multi-part message in MIME format.\n\n" . 
                "--" . $mime_boundary . "\n" . 
                "Content-Type: text/html; charset=\"iso-8859-1\"\n" . 
                "Content-Transfer-Encoding: 7bit\n\n" .
                $body . "\n\n";
// Add file attachment to the message 

$path = '/home/suomedia/public_html/images/';  // the path to upload images (must be writable)
$filepath = $path . basename( $_FILES['Picture']['name']);
$len = strlen($_FILES['Picture']['name']) - 4;
$extension = substr($_FILES['Picture']['name'],$len);  // get the file extension
$permitted = array('.jpg', '.JPG', '.PNG', '.png', '.GIF', '.gif');  // only allow these file extensions
$success = false;
if (in_array($extension, $permitted)) {
  if(move_uploaded_file($_FILES['Picture']['tmp_name'], $filepath)) {
    $success = true;
    $fileatt_type = 'image/' . strtoupper(ltrim($extension, '.'));
    $picture_name = $_FILES['Picture']['name'];
    $file = fopen( $filepath, 'rb' ); 
    $data = fread( $file, filesize( $filepath ) ); 
    fclose( $file );
    $data = chunk_split( base64_encode( $data ) );
    $message .= "--" . $mime_boundary . "\n" . 
             "Content-Type: \"" . $fileatt_type . "\";\n" . 
             " name=\"" . $picture_name . "\"\n" . 
             "Content-Disposition: attachment;\n" . 
             " filename=\"" . $picture_name . "\"\n" . 
             "Content-Transfer-Encoding: base64\n\n" . 
             $data . "\n\n" . 
             "--" . $mime_boundary . "--\n";            
  } else {
    $success = false;
  }
} else {
  $success = false;
}                

// end file attachment

if($success == true) {
if (mail($to, $subject, $message, $headers)) {
?>
<script language="javascript" type="text/javascript">
	location.replace("Sign%20Up%20Success.htm");
</script>
<?php
} else {
?>
<script language="javascript" type="text/javascript">
	location.replace("Sign%20Up%20Failure.htm");
</script>
<?php
}
} else {
?>
<script language="javascript" type="text/javascript">
	location.replace("Sign%20Up%20Failure.htm");
</script>
<?php
}
?>

$path must be set to a file system path on your server where you want the images uploaded. The directory must have 777 permissions (writeable).

You should also try to follow the coding conventions in the above code, particularly when $variables are used within text content. You should also be aware that variables are case sensitive (including $_POST variables). It is good practice to keep all of these lower case (I have not corrected yours other than where you had upper case in one place and lower case elsewhere (please check your other file also). Put your correct email address above where I have left a comment.

Sanitizing user input means stripping the posted data from anything that may be malicious, eg. you email is sent in HTML format - I could quite easily post a malicious script to you that would execute when you open the email. Search Google for input filtering.

Yes, you need to add the file handling each time you add an attachment.


Matti Ressler
Suomedia
Last edited by Suomedia : Mar 26th, 2008 at 1:49 pm.
If you want your dreams to come true, the first thing you must do is to wake up....
Suomedia - Dynamic Content Management
Reply With Quote  
Advertising Opportunities on DaniWeb
Contact Us - Newsletter Archive - Sitemap - Privacy Statement
All times are GMT -4. The time now is 5:34 am.
Forum system based on vBulletin Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
©2003 - 2008 DaniWeb® LLC