homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
Forum Library, Charter, Moderators: coopster & jatar k

PHP Server Side Scripting Forum

Trouble with form file attachments on PHP script
I need this script to allow only .rtf attachments. I have tried everything.

 7:49 pm on Mar 20, 2003 (gmt 0)

I am trying to make it so users can upload files using a html form that calls the following script as it's post action - though I only want to accept .rtf files. Any help you could provide to doctor this script would be greatly appreciated. If you want to suggest an alternative script/method, I am open to that too.

// Read POST request params into global vars
$to = $_POST['to'];
$from = $_POST['from'];
$subject = $_POST['subject'];
$message = $_POST['message'];

// Obtain file upload vars
if($_FILES['fileatt']['type'] == "application/rtf") {
// file is rtf
} else {
// file is not rtf

$fileatt = $_FILES['fileatt']['tmp_name'];
$fileatt_name = $_FILES['fileatt']['name'];

$headers = "From: $from";
//If file exists...
if(file_exists($fileatt)) {
// Read the file to be attached ('rb' = read binary)
$file = fopen($fileatt,'rb');
if (is_uploaded_file($fileatt)) {
$data = fread($file,filesize($fileatt));

// Generate a boundary string
$semi_rand = md5(time());
$mime_boundary = "==Multipart_Boundary_x{$semi_rand}x";

// Add the headers for a file attachment
$headers .= "\nMIME-Version: 1.0\n" .
"Content-Type: multipart/mixed;\n" .
" boundary=\"{$mime_boundary}\"";

// Add a multipart boundary above the plain message
$message = "This is a multi-part message in MIME format.\n\n" .
"--{$mime_boundary}\n" .
"Content-Type: text/plain; charset=\"iso-8859-1\"\n" .
"Content-Transfer-Encoding: 7bit\n\n" .
$message . "\n\n";

// Base64 encode the file data
$data = chunk_split(base64_encode($data));

// Add file attachment to the message
$message .= "--{$mime_boundary}\n" .
"Content-Type: {$fileatt_type};\n" .
" name=\"{$fileatt_name}\"\n" .
//"Content-Disposition: attachment;\n" .
//" filename=\"{$fileatt_name}\"\n" .
"Content-Transfer-Encoding: base64\n\n" .
$data . "\n\n" .



 5:35 pm on Mar 21, 2003 (gmt 0)

Hi charly and Welcome to WebmasterWorld,

what type of doctoring are you looking for? Is the script working, not working, too slow?

not totally sure what the question is.

<added>ok I'm an idiot and just read the description line in the thread title.

if you put echo lines in that if statement does it always fail, does it always succeed, what happens.


 5:44 pm on Mar 21, 2003 (gmt 0)

have you tried maybe text/rtf as well?
I am reading throught this to see what I can see


 6:23 pm on Mar 21, 2003 (gmt 0)

$allowedFile = false;
$allowedFileTypes = array("text/rtf", "application/rtf");
foreach($allowedFileTypes as $this) {
if ($_FILES['fileatt']['type'] == $this) {
$allowedFile = true;
if (!$allowedFile) {
// show error or send them to error page
echo "file must be rtf";
// unlink the temp file
unlink [php.net]($_FILES['fileatt']['tmp_name']);

seems like that should work but it would depend on whether those are the proper mime types.

Global Options:
 top home search open messages active posts  

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved