Hello everyone,
and here is the code on the email-thankyou.php form processor:
<?php
// Notes: This code produces an email that appears to be from the person completing the form.
// some servers will not allow this and the email must be sent from an email account under that
// servers domain.
// Code initilization
$to_email = 'YourName <YourEmail@domain.com>';
$email_subject = '[Website Form] Testing an email form';
$err_message = false;
// Path to the upload folder - incorrect path will cause a 'Move File Error'
$UPLOAD_DIR = "uploads/";
// Determines if the file is removed from the server after the email has been sent
$remove_file = true;
// Grab the form vars
$email = (isset($_POST['email'])) ? $_POST['email'] : '' ;
$form_message = (isset($_POST['message'])) ? $_POST['message'] : '' ;
$name = (isset($_POST['name'])) ? $_POST['name'] : '' ;
// Check for email injection
if (has_newlines($email) || has_emailheaders($form_message) || has_newlines($name)) {
die("Possible email injection occuring");
}
// Are we uploading a file
if (isset($_FILES['file1']) && strlen($_FILES['file1']['name']) > 0) {
// First we upload the file
require_once 'class-upload.php';
$upload = new cUpload('file1', $UPLOAD_DIR);
// Max file size
$upload->set_max_file_size(1, UPLOAD_SIZE_MBYTES);
// Array of valid extensions (use * to allow all files)
$upload->set_types(array('*'));
// Rename to a unique name
$upload->unique_name = false;
// Do we need to change permission on a Linux server
$win = (substr(PHP_OS, 0, 3) == "WIN");
if (!$win) { $upload->new_permission = 0644;}
// Upload the current file
$process = $upload->process();
if (!$process) {
$err_message = $upload->get_message().'<br />';
$upload_name = false;
} else {
$upload_name = $upload->filename;
$size = $upload->file_size;
$type = $upload->file_type;
}
} else {
$upload_name = false;
}
// Start building the email
$from = stripslashes($name)."<".stripslashes($email).">";
// Check if an attachement is included in the sent email
if ($upload_name && !$err_message) {
// Build email data
// generate a random string to be used as the boundary marker
$mime_boundary = "==Multipart_Boundary_x".md5(mt_rand())."x";
// open the file for a binary read
$file = fopen($UPLOAD_DIR.$upload_name, 'rb');
// read the file content into a variable
$data = fread($file, filesize($UPLOAD_DIR.$upload_name));
// close the file
fclose($file);
// now we encode it and split it into acceptable length lines
$data = chunk_split(base64_encode($data));
// now we'll build the message headers
$headers = "From: $from
" . “MIME-Version: 1.0
" . “Content-Type: multipart/mixed;
" . " boundary=”{$mime_boundary}”";
// next, we’ll build the message body
// note that we insert two dashes in front of the
// MIME boundary when we use it
$message = "This is a multi-part message in MIME format.
" . "–{$mime_boundary}
" . "Content-Type: text/plain; charset=“iso-8859-1”
" . "Content-Transfer-Encoding: 7bit
" . $form_message . "
“;
// now we’ll insert a boundary to indicate we’re starting the attachment
// we have to specify the content type, file name, and disposition as
// an attachment, then add the file content and set another boundary to
// indicate that the end of the file has been reached
$message .= “–{$mime_boundary}
" . “Content-Type: {$type};
" . " name=”{$upload_name}”
" .
“Content-Disposition: attachment;
" .
// " filename=”{$fileatt_name}”
" .
"Content-Transfer-Encoding: base64
" . $data . "
" . "–{$mime_boundary}–
";
} else {
// No attachment so build as normal
$headers = 'From: '.$from;
$message = "Name: $name
Email: $email
$form_message";
}
// Everything pass so now send the email
if (!$err_message) {
mail($to_email, $email_subject, $message, $headers);
}
// Delete the file from the server
if ($upload_name && !$err_message && $remove_file) {
unlink($UPLOAD_DIR.$upload_name);
}
function has_emailheaders($text) {
return preg_match("/(%0A|%0D|
+|\r+)(content-type:|to:|cc:|bcc:)/i", $text);
}
function has_newlines($text) {
return preg_match("/(%0A|%0D|
+|\r+)/i", $text);
}
?>
</head>
<body>
<div style=“text-align:center”>
<h1>Thank You for filling out our form</h1>
<h2>The email has been sent</h2>
<?php
// Display any issues with the file upload
if ($err_message) {echo $err_message;}
?>
</div>
</body></html>
What am I missing here?
Thanks for your help!
