Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Emailing Uploaded attachments with PHP

Posted on 2009-04-10
4
Medium Priority
?
425 Views
Last Modified: 2013-12-17
I have a web application developed that is essentially a form that users fill out and upload and image. The php grabs the submission and emails it off to the client. Nothing is stored on the web server. Works great in our dev environment (of course) which is a windows box runing php 5.2.0 (CGI/FastCGI) but not the production environment. The production environment is a linux box,Apache 2.0 Handler, php 4.3.10.
Now in both environments the form works, users fill it out and upload their image. And in both environments the email is sent (see attachments for the source code of the sent emails - New1.txt is the dev environment - works, New2.txt is the live box - no worky). The dev environ email has the image attached with all the email body etc. as one would expect. The production box email is virtually identical in the source code but the image is not attached but rather streamed code in the body. Upgrading the php on the production box is NOT really an option there are a bunch of other sites and legacy code that I don't want to risk hosing.  Could it be an apache setting?
$sent=false;
if ($_SERVER['REQUEST_METHOD']=='POST') {
 //Validate construct error string
// Receiving variables
$f_name = addslashes($_POST['f_name']);
$l_name = addslashes($_POST['l_name']);
$story = addslashes($_POST['story']);
$email = addslashes($_POST['email']);
$spa_model = implode(", ",$_POST['spa_model']);
 
 if (strlen($f_name) <= 0)
 {
 $Error .= "<br />Please enter your 'First Name'\n";
 }
 if (strlen($l_name) <= 0)
 {
 $Error .= "<br />Please enter your 'Last Name'\n";
 }
 if ((strlen($email) != 0 ) && (! ereg('[A-Za-z0-9_-]+\@[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+', $email)))
 {
 $Error .= "<br />Please enter a valid 'Email Address'\n";
 }
 
 if (strlen($email) == 0 )
 {
 $Error .= "<br />Please enter an 'Email Address'\n";
 }
 
 if (strlen($spa_model) <= 0)
 {
 $Error .= "<br />Please check at least one 'Spa' model\n";
 }
 
 
 if (strlen($story) <= 0)
 {
 $Error .= "<br />Please enter 'Your Story'\n";
 }
 
if (strlen($Error) <= 0) {
$tmp = $_FILES['userfile']['tmp_name'];
$sep = md5(time());
$filename = $_FILES['userfile']['name'];
$filedata = file_get_contents($tmp); //Get file contents
$fdata = chunk_split(base64_encode($filedata));   //Encoding all the data read from file to "base64" the standard for email attachments
$to = "dana.gray@gmail.com"; //Email address to send this to
//Determine mime type
$ext = explode('.', $filename);
$ext = $ext[1];
 
if($ext == "JPG" || $ext == "jpg" || $ext == "JPEG" || $ext == "jpeg") {
$mime_type = "image/jpeg";
}
elseif($ext == "gif" || $ext == "GIF") {
$mime_type = "image/gif";
}
elseif($ext == "bmp" || $ext == "BMP") {
$mime_type = "image/bmp"; //I think that's the mime type for BMP files
}
elseif($ext == "txt" || $ext == "TXT") {
$mime_type = "text/plain";
}
else {
//exit("Error: Wrong file type!");
}
// 
 
$subject = "Submission from Site";
 
  // Setting basic headers info
  $headers = "From: \"$f_name $l_name\" <{$email}>\n";
  
  //Making a random number to use afterwards with help of current time
  $semi_rand = md5( time() );
  
  //Defining the type of email as Mime email
  $mime_boundary = "==Multipart_Boundary_x{$semi_rand}x";
  
  //Appending to headers, telling that its multipart message with text and attachment
  $headers .= "\nMIME-Version: 1.0\n" .
    "Content-Type: multipart/mixed;\n" .
    " boundary=\"{$mime_boundary}\"";
  
  //The start of the message
  $message = "This is a multi-part message in MIME format.\n\n" .
    "--{$mime_boundary}\n" .
    "Content-Type: text/plain; charset=\"iso-8859-1\"\n" .
    "Content-Transfer-Encoding: 7bit\n\n";
  //Begin the text message. 
  $message .= " Submission information:\n"
	. "name: $f_name $l_name \n"
	. "email: $email\n"
	. "spa: $spa_model\n"
	. "story: $story\n";
 
  //Appending the file data to the email including the file name etc
  $message .= "--{$mime_boundary}\n" .
    "Content-Type: {$mime_type};\n" .
    " name=\"MyStory\"\n" .
    "Content-Disposition: attachment;\n" .
    " filename=\"{$filename}\"\n" .
    "Content-Transfer-Encoding: base64\n\n" .
    $fdata . "\n\n" .
    "--{$mime_boundary}--\n";
 
 
mail($to, $subject, $message, $headers);
//mail($to2, $subject, $message, $headers);
//
$sent=true;
 
 }
} // end if ($_SERVER['REQUEST_METHOD']=='POST')
 
?>

Open in new window

New1.txt
New2.txt
0
Comment
Question by:DanaGray
  • 3
4 Comments
 
LVL 7

Expert Comment

by:darrickhartman
ID: 24122871
Do you have php-gd installed?
0
 

Author Comment

by:DanaGray
ID: 24123524
Yep
0
 

Author Comment

by:DanaGray
ID: 24123531
GD Support  enabled  
GD Version  bundled (2.0.28 compatible)  
FreeType Support  enabled  
FreeType Linkage  with freetype  
GIF Read Support  enabled  
GIF Create Support  enabled  
JPG Support  enabled  
PNG Support  enabled  
WBMP Support  enabled  
XBM Support  enabled  
0
 

Accepted Solution

by:
DanaGray earned 0 total points
ID: 24197268
Revised code to create temporary file and email that rather than reading contents directly from uploaded file. This works on Apache server. Not resolved as to why windows environment with php will perform as expected while apache environment does not.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Want to know how to use Exchange Server Eseutil command? Go through this article as it gives you the know-how.
Phishing emails are a popular malware delivery vehicle for attack.  While there are many ways for an attacker to increase the chances of success for their phishing emails, one of the most effective methods involves spoofing the message to appear to …
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
Suggested Courses

572 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question