Location: PHPKode > scripts > php easy :: protected form scripts set > php-easy-protected-form-scripts-set/attachment/form.php
<?php
/*************************************************************************
php easy :: protected form scripts set - Attachment Version
==========================================================================
Author:      php easy code, www.phpeasycode.com
Web Site:    http://www.phpeasycode.com
Contact:     hide@address.com
*************************************************************************/

// SETTINGS:
$sitemail = "hide@address.com"; // specify your email address here to receive emails
$mtextmax = 2000; // limit message text in number of characters allowed
$fnum = 3; // number of file attachment fields
$fsizemax = 100; // limit each attached file size in kB
$enc      = "iso-8859-1"; // email text encoding

// Request form data
$name         = $_POST["name"];
$email        = $_POST["email"];
$subject      = $_POST["subject"];
$mtext        = $_POST["mtext"];
$securitycode = $_POST["securitycode"];
$submit       = $_POST["submit"];

if($submit) {
	session_start();
	if(!isset($_SESSION["SecurityCode"])) {
		die("Error: Illegal form access!");
	}
}
?>
<html>
<head>
<title>Protected form with file attachment</title>
</head>
<body>
<?php

if(!$submit) {
	echo "<p><b>Bold</b> fields are required.</p>\n";
	echo "<form action='" . $_SERVER['PHP_SELF'] . "' method='post' enctype='multipart/form-data'>\n";
	echo "<table align='center' border='1' cellspacing='0' cellpadding='4'>\n";
	echo "<tr>\n";
	echo "<td ><p><b><label for='name'>Your name:</label></b></p></td>\n";
	echo "<td><input type='text' name='name' id='name' size='40' maxlength='50'></td>\n";
	echo "</tr><tr>\n";
	echo "<td ><p><b><label for='email'>Your email address:</label></b></p></td>\n";
	echo "<td><input type='text' name='email' id='email' size='40' maxlength='50'></td>\n";
	echo "</tr><tr>\n";
	echo "<td ><p><b><label for='subject'>Message subject:</label></b></p></td>\n";
	echo "<td><input type='text' name='subject' id='subject' size='40' maxlength='100'></td>\n";
	echo "</tr><tr>\n";
	echo "<td ><p><b><label for='mtext'>Message text:</label></b><br><small>(".$mtextmax." Chars Max)</small></p></td>\n";
	echo "<td><textarea name='mtext' id='mtext' rows='5' cols='34'></textarea></td>\n";
	echo "</tr><tr>\n";
	for($i=1;$i<=$fnum;$i++) {
		echo "<td ><p><label for='attachment".$i."'>Attachment ".$i."</label> <small>(".$fsizemax." KB Max)</small></p></td>\n";
		echo "<td><input type='file' class='file' name='attachment".$i."' id='attachment".$i."' size='35'></td>\n";
		echo "</tr><tr>\n";
	}
	echo "<td ><p><b><label for='securitycode'>Security Code:</label></b><img src='codeimg.php' width='44' height='14' border='0' alt='Security Code'></p></td>\n";
	echo "<td><input type='text' name='securitycode' id='securitycode' size='12' maxlength='4'></td>\n";
	echo "</tr><tr>\n";
	echo "<td ><p><b>Submit:</b></p></td>\n";
	echo "<td><input type='submit' name='submit' value='   Submit   '></td>\n";
	echo "</tr>\n</table>\n</form>\n<br>\n";
}
else { // Processing received data
	$formerror = "";
	if(!$name) {
		$formerror.= "You did not enter your name!\n";
	}
	elseif(strlen($name) > 50) {
		$formerror.= "Name length should NOT exceed 50 chars!\n";
	}
	if(!$email) {
		$formerror.= "You did not enter your email address!\n";
	}
	elseif(strlen($email) > 50) {
		$formerror.= "Email address length should NOT exceed 50 chars!\n";
	}
	elseif(!preg_match("/^([\w\.-]+)@([\w\.-]+)\.([\w]+)$/", $email)) { // check email address against the regular expression
		$formerror.= "The email address is not valid!\n";
	}
	if(!$subject) {
		$formerror.= "You did not enter the message subject!\n";
	}
	if(strlen($subject) > 100) {
		$formerror.= "Message subject length should NOT exceed 100 chars!\n";
	}
	if(!$mtext) {
		$formerror.= "You did not enter the message text!\n";
	}
	elseif(strlen($mtext) > $mtextmax) {
		$formerror.= "Message text length should NOT exceed 1000 chars!\n";
	}
	if($_FILES["attachment"]["size"]>($fsizemax*1024)){ 
		$formerror.= "The attached file size is larger than ".$fsizemax." KB!\n";
	}
	if(!$securitycode) {
		$formerror.= "You did not enter the security code!\n";
	}
	if($securitycode != $_SESSION["SecurityCode"]) {
		$formerror.= "The security code is wrong!\n";
	}
	if($formerror) {
		echo "<p><b>Errors filling Form:</b></p>\n";
		echo "<p>" . nl2br($formerror) . "</p>\n";
		echo "<p>Please go <a href=\"javascript:history.back()\">Back</a> and fill the form correctly.</p>\n";
		exit;
	}
	
	$boundary = md5(uniqid(time()));
	$headers  = "From: " . $name . "<" . $email . ">\n";
	$headers .= "Reply-To: " . $name . "<" . $email . ">\n";
	$headers .= "Mime-Version: 1.0\n";
	$headers .= "Content-Type: multipart/mixed;\n";
	$headers .= "\tboundary=\"----------" . $boundary . "\"\n";
	$message  = "------------" . $boundary . "\n";
	$message .= "Content-Type: text/plain;\n";
	$message .= "\tcharset=" . $enc . "\n";
	$message .= "Content-Transfer-Encoding: 8bit\n\n";
	$message .= stripslashes($mtext) . "\n\n";
	for($i=1;$i<=$fnum;$i++) {
		if(is_uploaded_file($_FILES['attachment'.$i]['tmp_name'])) {
			$attach   = $_FILES['attachment'.$i]['tmp_name'];
			$filename = basename($_FILES['attachment'.$i]['name']);
			
			$fp       = fopen($attach,"r");
			$fdata    = fread($fp, filesize($attach));
			fclose($fp);
			
			$message .= "------------" . $boundary . "\n";
			$message .= "Content-Type: " . $_FILES['attachment'.$i]['type'] . ";\n";
			$message .= "\tname=\"" . $filename . "\"\n";
			$message .= "Content-Transfer-Encoding: base64\n";
			$message .= "Content-Disposition: attachment;\n";
			$message .= "\tfilename=\"" . $filename . "\"\n\n";
			$message .= chunk_split(base64_encode($fdata)) . "\n";
		}
	}
	mail($sitemail, $subject, $message, $headers);
	echo "<p>Message successfully sent to " . $sitemail . "</p>\n";
}
?>
</body>
</html>
Return current item: php easy :: protected form scripts set