Posted on 2011-05-10
Last Modified: 2012-06-27
Hello, I'm using PHPMailer-FE 4.0.6 to create a form where the user can upload multiple files. The form itself works and e-mails me successfully with proper error checking.

However, the user is able to upload files of any extension and they will attach and be sent with the e-mail. I tried setting the following line in form.config.php to no avail
$_POST['allowedFileTypes']        = 'pdf|jpg|jpeg|png|gif|zip';

Doing some searches on Google proved unsuccessful. Played around with the code in phpmailer-fe.php as well. Any ideas on what has to change in the default phpmailer-fe.php code to allow only certain file extensions to be attached/uploaded? Or am I missing something else.

Thanks in advance for any help!
Question by:aaron248
    LVL 36

    Accepted Solution

    Other wise, try to put check point before upload, like,

    if($value != "image/jpeg" AND $value != "image/pjpeg" AND $value != "")
    exit('Sorry , current format is <b>'.($value).'</b> ,only Jpeg or jpg are allowed.') ;
    LVL 17

    Assisted Solution

    First, this maybe a stupid question, but it has to be asked first
    Did you make sure you uncommented the line:
    $_POST['allowedFileTypes'] = .....

    By default, it is commented out in the config files.

    Second, you have to uncomment this line in several config files if you are using them, form.config.php, default.config.php, contactus.config.php, etc. I did a global find in my php editor to find these, and there may be more.

    Author Closing Comment

    I didn't even think to look default.config.php. I had it already uncommented in form.config.php. Doing that and adding the exit() statement did the trick. Thanks guys for the help!


    Featured Post

    How to improve team productivity

    Quip adds documents, spreadsheets, and tasklists to your Slack experience
    - Elevate ideas to Quip docs
    - Share Quip docs in Slack
    - Get notified of changes to your docs
    - Available on iOS/Android/Desktop/Web
    - Online/Offline

    Join & Write a Comment

    Email signatures have numerous marketing benefits. Here are 8 top reasons to turn your email signature into a marketing channel.
    These days socially coordinated efforts have turned into a critical requirement for enterprises.
    In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
    The viewer will learn how to dynamically set the form action using jQuery.

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now