上传文件,确保它是 pdf,然后使用 Swiftmailer
我已经在一些代码上苦苦挣扎了一段时间了。我有一个看起来像这样的html表单(我知道它真的很坚固。只是想让它工作):
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>" >
<table>
<tr>
<td> Name </td>
<td> <input type="text" name="name" size="30"></td>
</tr>
<tr>
<td> Email </td>
<td> <input type="text" name="email" size="30"></td>
</tr>
<tr> <td> </td><td> </td> </tr>
<tr>
<td> Title of Article </td>
<td> <input type="text" name="title" size="40"></td>
</tr>
<tr>
<td> Course </td>
<td>
<select name="course">
<option>CEG - Computer Architecture I</option>
<option>BIO - General Biology I</option>
<option>BIO - General Biology II</option>
<option>BIO - Introduction to Human Genetics</option>
</select>
</td>
</tr>
<tr>
<td> File </td>
<td> <input type="file" name="file" id="file"></td>
</tr>
<tr> <td> </td><td> </td> </tr>
<tr>
<td valign="top"> Additional Info </td>
<td><textarea rows="3" cols="40" name="info"></textarea></td>
</tr>
</table>
<input type="checkbox" name="agree"> I agree to the points outlined above and am willing to submit my article <br>
< input type="submit" name="submit" value="Submit">
</form>
这个表单调用自身,这就是我现在所拥有的:
if (isset($_POST['submit'])) {
if ( !isset($_POST['agree']) ||
!isset($_POST['name']) ||
!isset($_POST['email']) ||
!isset($_POST['title']) ||
!isset($_POST['course']) ||
!isset($_POST['file'])) {
echo 'Please complete all required fields<br>';
} else {
$name = $_POST['name'];
$email = $_POST['email'];
$title = $_POST['title'];
$course = $_POST['course'];
$file = $_POST['file'];
$message = "Name: ".$name."\n";
$message .= "Email: ".$email."\n\n";
$message .= "Title of Article: ".$title."\n";
$message .= "Program: ".$course."\n\n";
$message .= "Additional Info: ".$info;
if ( !preg_match("/.pdf$/", $file) ) {
echo 'Article must be in pdf format<br>';
exit;
}
require_once 'include/swift_required.php';
$transport = Swift_MailTransport::newInstance();
$mailer = Swift_Mailer::newInstance($transport);
$swift = Swift_Message::newInstance()
->setSubject('New Institutum Submission')
->setFrom(array($email => $name))
->setTo(array('[email protected]'))
->setBody($message)
->attach(Swift_Attachment::fromPath($file));
$result = $mailer->send($swift);
if ($result) { echo 'Article sent. Please allow required amount of time to review submission.\n';
echo 'You will be contacted by email when we go over your submission.'; }
else { echo 'Message failed'; }
}
}
我正在使用正则表达式来检查它是否是pdf 文件,但我怀疑这是正确的处理方式(因为有人可以用 pdf 扩展名重命名文件)。另外,我还没有实现暂时上传文件的方法。这是假设我需要在使用 swiftmailer 将文件添加为附件之前在本地上传文件(对吗?)。
我至少走在正确的轨道上吗?我从来没有以这种方式真正接触过 PHP。
需要一些调试:
# Create the message
# ----------------------------------------------------------------
$name = $_POST['name'];
$email = $_POST['email'];
$title = $_POST['title'];
$course = $_POST['course'];
$file = $_POST['file'];
$message = "Name: ".$name."\n";
$message .= "Email: ".$email."\n\n";
$message .= "Title of Article: ".$title."\n";
$message .= "Program: ".$course."\n\n";
$message .= "Additional Info: ".$info;
# Upload temporary files
# ----------------------------------------------------------------
$uploaddir = '/home/public/uploads/';
$uploadfile = $uploaddir . basename($_FILES['file']['name']);
if (move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile) == false) {
echo 'Could not move file';
exit;
}
if ($_FILES['file']['type'] != "application/pdf") {
echo 'Not a pdf file';
unlink($uploadfile);
exit;
}
I've been struggling with some code for a while now. I have an html form that looks like this (It's really rugged, I know. Just trying to get it to work):
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>" >
<table>
<tr>
<td> Name </td>
<td> <input type="text" name="name" size="30"></td>
</tr>
<tr>
<td> Email </td>
<td> <input type="text" name="email" size="30"></td>
</tr>
<tr> <td> </td><td> </td> </tr>
<tr>
<td> Title of Article </td>
<td> <input type="text" name="title" size="40"></td>
</tr>
<tr>
<td> Course </td>
<td>
<select name="course">
<option>CEG - Computer Architecture I</option>
<option>BIO - General Biology I</option>
<option>BIO - General Biology II</option>
<option>BIO - Introduction to Human Genetics</option>
</select>
</td>
</tr>
<tr>
<td> File </td>
<td> <input type="file" name="file" id="file"></td>
</tr>
<tr> <td> </td><td> </td> </tr>
<tr>
<td valign="top"> Additional Info </td>
<td><textarea rows="3" cols="40" name="info"></textarea></td>
</tr>
</table>
<input type="checkbox" name="agree"> I agree to the points outlined above and am willing to submit my article <br>
< input type="submit" name="submit" value="Submit">
</form>
This form calls itself, this is what I have up to now:
if (isset($_POST['submit'])) {
if ( !isset($_POST['agree']) ||
!isset($_POST['name']) ||
!isset($_POST['email']) ||
!isset($_POST['title']) ||
!isset($_POST['course']) ||
!isset($_POST['file'])) {
echo 'Please complete all required fields<br>';
} else {
$name = $_POST['name'];
$email = $_POST['email'];
$title = $_POST['title'];
$course = $_POST['course'];
$file = $_POST['file'];
$message = "Name: ".$name."\n";
$message .= "Email: ".$email."\n\n";
$message .= "Title of Article: ".$title."\n";
$message .= "Program: ".$course."\n\n";
$message .= "Additional Info: ".$info;
if ( !preg_match("/.pdf$/", $file) ) {
echo 'Article must be in pdf format<br>';
exit;
}
require_once 'include/swift_required.php';
$transport = Swift_MailTransport::newInstance();
$mailer = Swift_Mailer::newInstance($transport);
$swift = Swift_Message::newInstance()
->setSubject('New Institutum Submission')
->setFrom(array($email => $name))
->setTo(array('[email protected]'))
->setBody($message)
->attach(Swift_Attachment::fromPath($file));
$result = $mailer->send($swift);
if ($result) { echo 'Article sent. Please allow required amount of time to review submission.\n';
echo 'You will be contacted by email when we go over your submission.'; }
else { echo 'Message failed'; }
}
}
I'm using regex to check if it s a pdf file, but I doubt that's the correct way of doing things (as someone could just rename a file with a pdf extension). Also, I haven't implemented a way to upload the file temporarily yet. This is assuming I need to upload the file locally before using swiftmailer to add it as an attachment (right?).
Am I at least on the right track? I've never really dealt with PHP in this way.
Needs some debugging:
# Create the message
# ----------------------------------------------------------------
$name = $_POST['name'];
$email = $_POST['email'];
$title = $_POST['title'];
$course = $_POST['course'];
$file = $_POST['file'];
$message = "Name: ".$name."\n";
$message .= "Email: ".$email."\n\n";
$message .= "Title of Article: ".$title."\n";
$message .= "Program: ".$course."\n\n";
$message .= "Additional Info: ".$info;
# Upload temporary files
# ----------------------------------------------------------------
$uploaddir = '/home/public/uploads/';
$uploadfile = $uploaddir . basename($_FILES['file']['name']);
if (move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile) == false) {
echo 'Could not move file';
exit;
}
if ($_FILES['file']['type'] != "application/pdf") {
echo 'Not a pdf file';
unlink($uploadfile);
exit;
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
您的
You're missing
enctype="multipart/form-data"on your<form>, which will also kill the upload before it even has a chance to get started.您不想检查文件扩展名,因为它可能被操纵。
相反,正确的方法是检查 MIME 类型。请参阅此处(示例 2)。
PDF 文件的 MIME 类型是
application/pdf另请注意 Saxoier 的评论:
You don't want to check the file-extension as it could be manipulated.
Instead, the way to go is checking for the MIME-Type. See here (example 2).
The MIME-type of a PDF-file is
application/pdfAlso note Saxoier's comment: