<?php
// my code
$attachment =$_FILES['upl']['name'];
echo $attachment ."<br>";
@$attachment=$_FILES['upl']['name'];
$name ="ali";
$from="example@yahoo.com";
$to="mymail@yahoo.com";
$subject="upload form";
$message = "this is an sample upload form";
$max_file_size = 1000; //
$formats = array('jpg','gif','png' ,'txt' ,'zip');
if ( empty($name) || empty($from) || empty($message) ){
die("required field !<br>");
}
if (!preg_match('/[A-Za-z0-9_-]+\@[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+/',$from)){
die("innvalid email!<br>");
}
$hash = md5(uniqid(time()));
$header = "";
$header .= "From: ".$name."<".$from.">\nReply-To: ".$from."";
$header .= "MIME-Version: 1.0\n";
$header .= "Content-Type: multipart/mixed; boundary="".$hash.""\n\n";
$header .= "This is a multi-part message in MIME format.\n";
$header .= "--".$hash."\n";
$header .= "Content-type: text/html; charset=utf-8\n";
$header .= "Content-Transfer-Encoding: 7bit\n\n";
$header .= $message."\n\n";
if (!empty ($attachment)) {
$tmp_name = $_FILES['upl']['tmp_name'];
$type = $_FILES['upl']['type'];
$file_name = $_FILES['upl']['name'];
$file_size = $_FILES['upl']['size']/1024;
if ($file_size>$max_file_size) {
die("max file size is ".$max_file_size." K B<br>");}
@$ext = end(explode('.',$file_name));
if(!in_array($ext,$formats)){
echo "innvalid extension ! the valid extension are";
foreach($formats as $value){
echo $value." , ";
}echo " type<br>"; die('');}
$content = chunk_split(------_encode(file_get_contents($tmp_name)));
$header .= "--".$hash."\n";
$header .= "Content-Type: application/octet-stream; name="".$file_name.""\n";
$header .= "Content-Transfer-Encoding: ------\n";
$header .= "Content-Disposition: attachment; filename="".$file_name.""\n\n";
$header .= $content."\n\n";
$sendemail = @mail($to,$subject,null,$header);
if($sendemail)
{
echo "your message has been sent.<br>";
}
else
{
echo "sorry .your message not be sent ! something is wrong ! try again ...<br>";
}
}
// orginal code
// A list of permitted file extensions
$allowed = array('png', 'jpg', 'gif','zip', 'txt');
if(isset($_FILES['upl']) && $_FILES['upl']['error'] == 0){
$extension = pathinfo($_FILES['upl']['name'], PATHINFO_EXTENSION);
if(!in_array(strtolower($extension), $allowed)){
echo '{"status":"error"}';
exit;
}
if(move_uploaded_file($_FILES['upl']['tmp_name'], 'uploads/'.$_FILES['upl']['name'])){
echo '{"status":"success"}';
exit;
}
}
echo '{"status":"error"}';
exit;
?>