Form Handling with PHP

Lesson 5 - Attachments

Index   Lesson << Prev 1 2 3 4 5 6 7 Next >>

Okay, now we've talked about a lot of the more basic features of sending e-mail with PHP. Now let's deal with something slightly more complex. We're going to allow the user to send a file as an attachment to the e-mail message. Don't get scared! It's not that bad.

To begin, let's talk just a little bit about how attachments are handled by mail servers and clients. This is done using Multipurpose Internet Mail Extensions, commonly called MIME. Using MIME allows you to set the message body to multi-part, indicating that there are more parts to it than just the body of the message. All this is done by using the message headers.

Up until now, we have only been concerned with the first three parameters used by the PHP mail() function. The mail() function can also accept a fourth parameter, which is used for message headers. A simple example of a message header would be to specify the From address that is shown in the message. That might look like this:

mail($to, $subject, $message, "From: John Doe <[email protected]>\r\n");
	

Now, when the message is sent, the From portion of the message will show John Doe as the sender and his e-mail address as [email protected] Note that each header is terminated with the carraige return and linefeed: "\r\n".

Now that we understand how to add a header, let's consider how we go about attaching a file to an e-mail message. This is basically a two step process. First, we have to upload the file to the server, then we plug it into the body of the e-mail message. We use a multi-part message (MIME) with MIME boundaries to tell the e-mail client where the message ends and the attachment begins. A boundary marker is nothing fancy or mysterious, but you need to make sure that it is a string that is unlikely to appear in the body of the message.

There's another consideration that we need to think about as well. E-mail messages normally use only the first seven bits of a byte to represent a character. This is fine, except in the case of a file attachment. The attachment may be using all eight bits. Because of that, we need to encode it. Most all e-mail clients understand base64 encoding and PHP includes a function that will encode data using the base64 algorithm for just this purpose. One last thing is that e-mail software, both client and server, normally limit line length. PHP also includes a function called chunk_split that will break the base64 encoded data into lines that will work in the e-mail software.

Now that we've covered all that, let's look at a PHP script that will display a form then, when the form is submitted, send an e-mail with a file attachment. NOTE that this is not production code! There is no error checking here. In a real world script, you will probably want to test the file type and size before sending it. At the very least, you'll want to fail gracefully if the user doesn't specify a file to attach.


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>E-mail with Attachment</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<?php
   if ($_SERVER['REQUEST_METHOD']=="POST"){

   // we'll begin by assigning the To address and message subject
   $to="[email protected]";

   $subject="E-mail with attachment";

   // get the sender's name and email address
   // we'll just plug them a variable to be used later
   $from = stripslashes($_POST['fromname'])."<".stripslashes($_POST['fromemail']).">";

   // generate a random string to be used as the boundary marker
   $mime_boundary="==Multipart_Boundary_x".md5(mt_rand())."x";

   // store the file information to variables for easier access
   $tmp_name = $_FILES['filename']['tmp_name'];
   $type = $_FILES['filename']['type'];
   $name = $_FILES['filename']['name'];
   $size = $_FILES['filename']['size'];

   // here we'll hard code a text message
   // again, in reality, you'll normally get this from the form submission
   $message = "Here is your file: $name";

   // if the upload succeded, the file will exist
   if (file_exists($tmp_name)){

      // check to make sure that it is an uploaded file and not a system file
      if(is_uploaded_file($tmp_name)){

         // open the file for a binary read
         $file = fopen($tmp_name,'rb');

         // read the file content into a variable
         $data = fread($file,filesize($tmp_name));

         // close the file
         fclose($file);

         // now we encode it and split it into acceptable length lines
         $data = chunk_split(base64_encode($data));
     }

      // now we'll build the message headers
      $headers = "From: $from\r\n" .
         "MIME-Version: 1.0\r\n" .
         "Content-Type: multipart/mixed;\r\n" .
         " boundary=\"{$mime_boundary}\"";

      // next, we'll build the message body
      // note that we insert two dashes in front of the
      // MIME boundary when we use it
      $message = "This is a multi-part message in MIME format.\n\n" .
         "--{$mime_boundary}\n" .
         "Content-Type: text/plain; charset=\"iso-8859-1\"\n" .
         "Content-Transfer-Encoding: 7bit\n\n" .
         $message . "\n\n";

      // now we'll insert a boundary to indicate we're starting the attachment
      // we have to specify the content type, file name, and disposition as
      // an attachment, then add the file content and set another boundary to
      // indicate that the end of the file has been reached
      $message .= "--{$mime_boundary}\n" .
         "Content-Type: {$type};\n" .
         " name=\"{$name}\"\n" .
         //"Content-Disposition: attachment;\n" .
         //" filename=\"{$fileatt_name}\"\n" .
         "Content-Transfer-Encoding: base64\n\n" .
         $data . "\n\n" .
         "--{$mime_boundary}--\n";

      // now we just send the message
      if (@mail($to, $subject, $message, $headers))
         echo "Message Sent";
      else
         echo "Failed to send";
   }
} else {
?>
<p>Send an e-mail with an attachment:</p>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" 
   enctype="multipart/form-data" name="form1">
   <p>From name: <input type="text" name="fromname"></p>
   <p>From e-mail: <input type="text" name="fromemail"></p>
   <p>File: <input type="file" name="filename"></p>
   <p><input type="submit" name="Submit" value="Submit"></p>
</form>
<?php } ?>
</body>
</html>
			

That's all there is to it! Well ... almost.

Multiple Attachments

There have been a few people ask, so let's take this one step further. What if you want to accept more than one file that can be attached. Okay, we'll do an example that will accept two files. Hopefully, if you've worked through the tutorials to get this far, you can extrapolate and modify if you need more than that.

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
   "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>E-mail with Attachment</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<?php
if ($_SERVER['REQUEST_METHOD']=="POST"){

   // we'll begin by assigning the To address and message subject
   $to="[email protected]";
   $subject="E-mail with attachment";

   // get the sender's name and email address
   // we'll just plug them a variable to be used later
   $from = stripslashes($_POST['fromname'])."<".stripslashes($_POST['fromemail']).">";

   // generate a random string to be used as the boundary marker
   $mime_boundary="==Multipart_Boundary_x".md5(mt_rand())."x";

   // now we'll build the message headers
   $headers = "From: $from\r\n" .
   "MIME-Version: 1.0\r\n" .
      "Content-Type: multipart/mixed;\r\n" .
      " boundary=\"{$mime_boundary}\"";

   // here, we'll start the message body.
   // this is the text that will be displayed
   // in the e-mail
   $message="This is an example";

   // next, we'll build the invisible portion of the message body
   // note that we insert two dashes in front of the MIME boundary 
   // when we use it
   $message = "This is a multi-part message in MIME format.\n\n" .
      "--{$mime_boundary}\n" .
      "Content-Type: text/plain; charset=\"iso-8859-1\"\n" .
      "Content-Transfer-Encoding: 7bit\n\n" .
   $message . "\n\n";

   // now we'll process our uploaded files
   foreach($_FILES as $userfile){
      // store the file information to variables for easier access
      $tmp_name = $userfile['tmp_name'];
      $type = $userfile['type'];
      $name = $userfile['name'];
      $size = $userfile['size'];

      // if the upload succeded, the file will exist
      if (file_exists($tmp_name)){

         // check to make sure that it is an uploaded file and not a system file
         if(is_uploaded_file($tmp_name)){
 	
            // open the file for a binary read
            $file = fopen($tmp_name,'rb');
 	
            // read the file content into a variable
            $data = fread($file,filesize($tmp_name));

            // close the file
            fclose($file);
 	
            // now we encode it and split it into acceptable length lines
            $data = chunk_split(base64_encode($data));
         }
 	
         // now we'll insert a boundary to indicate we're starting the attachment
         // we have to specify the content type, file name, and disposition as
         // an attachment, then add the file content.
         // NOTE: we don't set another boundary to indicate that the end of the 
         // file has been reached here. we only want one boundary between each file
         // we'll add the final one after the loop finishes.
         $message .= "--{$mime_boundary}\n" .
            "Content-Type: {$type};\n" .
            " name=\"{$name}\"\n" .
            "Content-Disposition: attachment;\n" .
            " filename=\"{$fileatt_name}\"\n" .
            "Content-Transfer-Encoding: base64\n\n" .
         $data . "\n\n";
      }
   }
   // here's our closing mime boundary that indicates the last of the message
   $message.="--{$mime_boundary}--\n";
   // now we just send the message
   if (@mail($to, $subject, $message, $headers))
      echo "Message Sent";
   else
      echo "Failed to send";
} else {
?>
<p>Send an e-mail with an attachment:</p>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" 
   enctype="multipart/form-data" name="form1">
   <p>From name: <input type="text" name="fromname"></p>
   <p>From e-mail: <input type="text" name="fromemail"></p>
   <p>File: <input type="file" name="file1"></p>
   <p>File: <input type="file" name="file2"></p>
   <p><input type="submit" name="Submit" value="Submit"></p>
</form>
<?php } ?>
</body>
</html>

This script should handle any reasonable number of attachments. All you need to do to add more is to enter more place more file inputs in your form.

Lesson 6