开发者

Uploading File via PHP shredding .xls files

I have a chunk of code that is taking a user uploaded file, and processing it. When the user uploads a .xls file, the file is shredded. I suspect it has something to do with the MIME but I don't know too much about them. Any help would be appreciated.

<?php include ("header1.html") ?>
<!--- End --->
<tr height="100%">
    <td align="center" valign="top" style="background-image: url('images/midbg.jpg'); background-repeat:repeat-x; padding-top: 25px; " bgcolor="#e6e6e6" >

    <!--- Body begins here --->

    <table width="725"  border="0" cellspacing="0" cellpadding="2">
     <tr>
     <td width="100%" valign="top">
     <table style="margin-left:130px; margin-top:20px;">
<tr><td>
<p><strong style="font-size:12px"> </strong> </p>
<?php

$userName = $session->userName;

if ($handle = opendir('fileuploads/'.$userName)) {
    //echo "Directory handle: $handle\n";
   // echo "Files:\n";
    $path = 'fileuploads/'.$userName.'/';
    /* This is the correct way to loop over the directory. */
    while (false !== ($file = readdir($handle))) {
        if(($file != "Thumbs.db") &&  ($file != ".")&&  ($file != ".."))
    {
    $attachment[] = $path.$file;
    }
}
//  echo '<p><b>Current total = '.$totalsize.'K</b></p>';
closedir($handle);
} 


    function fileName($inputfile,$userName)
{
    $separator = '/'.$userName.'/';
$output = split ($separator, $inputfile);
return $output[1];
}

$files = $attachment;
//print_r($files);
// email fields: to, from, subject, and so on
 $memberEmails = $_POST['emails'];
  $bcc = $_POST['bccAddress'];

if ($bcc != '')
{
$bcc = $memberEmails . ',' . $bcc; 
}
else
{
 $bcc = $memberEmails;
}

$to = $_POST['toAddress'];
if($to != '')
{
$to = $userName. "@place.com,". $to;
}
else
{
$to = $userName. "@place.com";
}
$cc = $_POST['ccAddress'];
$from = $userName. "@place.com"; 
$subject =$_POST['subject']; 
$message = $_POST['content'];
$message = str_replace('\"', '"',$message);
$headers = "From: ".$_SESSION['fullName']. "<$from>\n";

// boundary 
$semi_rand = md5(time()); 
$mime_boundary = "==Multipart_Boundary_x{$semi_rand}x"; 
// headers for attachment 
if ($cc != '')
{
$headers .= "CC: ". $cc ."\n";
}

if ($bcc != '')
{
$headers .= "BCC: ". $bcc ."\n";
}
$headers .= "MIME-Version: 1.0\n" . "Content-Type: multipart/mixed;\n" . " boundary=\"    {$mim开发者_JAVA技巧e_boundary}\""; 
// multipart boundary 
$message = "This is a multi-part message in MIME format.\n\n" . "--{$mime_boundary}\n" . "Content-Type: text/html; charset=\"iso-8859-1\"\n" . "Content-Transfer-Encoding: 7bit\n\n" . $message . "\n\n"; 

if( count($files) > 0)
{
$message .= "--{$mime_boundary}\n";
}

// preparing attachments
for($x=0;$x<count($files);$x++){
$file = fopen($files[$x],"rb");
$data = fread($file,filesize($files[$x]));
fclose($file);
$fileName= fileName($files[$x],$userName);
$data = chunk_split(base64_encode($data));
$message .= "Content-Type: {\"application/octet-stream\"};\n" . " name=\"$files[$x]\"\n" . 
"Content-Disposition: attachment;\n" . " filename=\"$fileName\"\n" . 
"Content-Transfer-Encoding: base64\n\n" . $data . "\n\n";
$y = $x +1;
if ( count($files) > $y)
{
     $message .= "--{$mime_boundary}\n";

}
}




$ok = @mail($to, $subject, $message, $headers); 


   if ($ok)
{
$logFile = "log/tmlog.log";
$logHandle = fopen($logFile, 'a');
$logData = "[" . date('Y-m-d H:i:s') . "] " .$userName. " - message sent successfully (". $to. ",".$bcc .",". $cc.")\n";
fwrite($logHandle, $logData);
fclose($logHandle);
echo '<META HTTP-EQUIV="Refresh" CONTENT="0;URL=fileuploads/sendRm.php?msg=sent">';
}
else
{
$logFile = "log/tmlog.log";
$logHandle = fopen($logFile, 'a');
$logData = "[" . date('Y-m-d H:i:s') . "] " .$userName. " - message failed\n";
fwrite($logHandle, $logData);
fclose($logHandle);
echo '<META HTTP-EQUIV="Refresh" CONTENT="0;URL=fileuploads/sendRm.php?msg=fail">';
}

}
?>


At what stage is the file damaged? At the server side immediately after the file upload, or at the email client end when the file has been emailed?

Here is the code rewritten to make it readable/standards compliant...

$mime_boundary = "==Multipart_Boundary_x{$semi_rand}x"; 

// headers for attachment 
if ($cc != '') $headers .= "Cc: $cc\r\n";    
if ($bcc != '') $headers .= "Bcc: $bcc\r\n";
$headers .= "MIME-Version: 1.0\r\n"
          . "Content-Type: multipart/mixed; boundary=\"$mime_boundary\"\r\n";

// multipart boundary 
$message = "This is a multi-part message in MIME format.\r\n"
         . "--$mime_boundary\r\n"
         . "Content-Type: text/html; charset=\"iso-8859-1\"\r\n"
         . "Content-Transfer-Encoding: 7bit\r\n"
         . "\r\n"
         . $message . "\r\n"
         . "--$mime_boundary";

if (count($files)) { // Add attachments
  for ($x = 0; $x < count($files); $x++){
    $data = chunk_split(base64_encode(file_get_contents($files[$x])));
    $fileName = fileName($files[$x], $userName);
    $message .= "\r\n"
              . "Content-Type: application/octet-stream\r\n"
              . "Content-Disposition: attachment; filename=\"$fileName\"\r\n"
              . "Content-Transfer-Encoding: base64\r\n"
              . "\r\n"
              . $data . "\r\n"
              . "--$mime_boundary";
  }
}

$message .= '--';
0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜