I am trying to create a form with an attachment option that will be sent to an email when the form is submitted on a wordpress site.
My codes work fine and it sends email in a HTMKL table format to my email address. Also I am able to send attachment using the codes. The issue arises when I consider the attachment file extensions and file size. I do not know that how to restrict big size of files and set attachments for some allowed extensions only.
My code is:
<?php
//Setup an empty array.
$errors = array();
if($_POST["submit"]) {
$to = "myemail@gmail.com";
$subject = "New reservations request";
$hotel = $_POST["hotel_url"];
$sender = $_POST["sendername"];
$senderEmail = $_POST["senderEmail"];
//Check the name and make sure that it isn't a blank/empty string.
if(empty($sender)){
//Blank string, add error to $errors array.
$errors['sendername'] = "Please enter your name!";
}
/* attachment */
move_uploaded_file($_FILES["attachment"]["tmp_name"],WP_CONTENT_DIR .'/uploads/'.basename($_FILES['attachment']['name']));
$attachments = array(WP_CONTENT_DIR ."/uploads/".$_FILES["attachment"]["name"]);
if(empty($errors)){
$mailBody = "<table border="1">
<tr>
<th>No</td>
<th>Item</td>
<th>Description</td>
</tr>
<tr>
<td>01</td>
<td>Hotel</td>
<td>$hotel</td>
</tr>
<tr>
<td>02</td>
<td>Name</td>
<td>$sender</td>
</tr>
<tr>
<td>03</td>
<td>E-Mail</td>
<td>$senderEmail</td>
</tr>
</table>";
$headers = array('From: '.$_POST['sendername'].' <'.$_POST['senderEmail'].'>');
$mail_sent = wp_mail( $to, $subject, $mailBody, $headers, $attachments );
}
}
if ($mail_sent) {
?>
<p>Request sent</p>
<?php
} else {
?>
<form id="" name="" action="<?php echo get_permalink(); ?>" method="post" enctype="multipart/form-data">
<input type="hidden" name="hotel_url" value="<?php echo get_permalink();?>" />
<div class="section-heading"><h6>Your Details</h6></div>
<div class="label-input-wrapper">
<div class="form-label">Name</div>
<div class="form-input">
<input type="text" name="sendername"/>
<?php if(isset($errors['sendername'])) { echo '<span style="color: red">'.$errors['sendername'].'</span>'; } ?>
</div>
</div>
<div class="label-input-wrapper">
<div class="form-label">E-Mail</div>
<div class="form-input">
<input type="email" name="senderEmail" pattern="[a-z0-9._%+-]+@[a-z0-9.-]+\.[a-z]{2,4}$" required value="<?PHP if(!empty($errors)) { echo $senderEmail;} ?>"/>
</div>
</div>
<label for="uploaded_file">Select A File To Upload:</label>
<input type="file" name="attachment">
<input type="submit" value="Submit" name="submit">
</form>
<?php
}
?>
The above code send the attachment to my mail and it saves the file into my uploads dirctory.
I know I have to do something around this area /* attachment */ to allow specific extensions and size of the file. but how to do that?
eg: if I have to allow .png, .jpg, .pdf only and the maximum file is 1mb how can I do that? where and what code I have to amend into the above codes?
1 Answer
Add the following condition before the file upload functionality –
$allowedExts = array("pdf", "jpg", "png");
$temp = explode(".", $_FILES["attachment"]["name"]);
$extension = end($temp);
if ((($_FILES["file"]["type"] == "image/pdf")
|| ($_FILES["file"]["type"] == "image/jpg")
|| ($_FILES["file"]["type"] == "image/png"))
&& ($_FILES["file"]["size"] < 1000000)
&& in_array($extension, $allowedExts)) {
//your file upload code and other stuffs
} else {
echo "Invalid file";
}
Referred from http://www.w3schools.com/php/php_file_upload.asp
See ‘Restrictions on Upload’ section.