【发布时间】:2016-04-11 07:17:24
【问题描述】:
您好,我有一个网站,页面逻辑只应在两种情况下接受提交:
1) 如果验证码被主动检查
和
2) 如果至少附加了一个文件(仅允许 pdf 和图像文件类型最多三个),则附加。
问题是我们收到的是空白申请,但是,我看到了这样一种情况,您可以使用 pdf/图像附加非 pdf/图像,但仍然提交会去除所有附件。
正确的行为应该是: 如果附加了非 pdf/图像类型,则阻止提交显示错误消息“只能上传图像或 pdf”,然后在页面底部显示一条消息,并阻止表单提交,就像其他错误一样。
要有礼貌。谢谢。 :-)
页面网址:http://www.barona.com/about-barona/community-relations/community-giving-guidelines/
PHP(测试用您的电子邮件地址替换 yourremail,谢谢!):
<?php
ini_set('display_errors', 'off');
$to = 'youremail@gmail.com';
$from = 'youremail@gmail.com';
$subject = 'New Application';
$allowed_extensions = array(
'.pdf',
'.jpeg',
'.jpg',
'.png',
'.gif',
'.bmp'
);
$file1 = '';
$file2 = '';
$file3 = '';
$filename1 = '';
$filename2 = '';
$filename3 = '';
//echo "1";
if (!empty($_FILES['file1']['name'])) {
//echo "File 1 exists";
$filename1 = $_FILES['file1']['name'];
$extension = '.' . strtolower(array_pop(explode('.', $filename1)));
$size1 = $_FILES['file1']['size'];
$mime1 = $_FILES['file1']['type'];
$tmp1 = $_FILES['file1']['tmp_name'];
if (in_array($extension, $allowed_extensions)) {
$file1 = fopen($tmp1, 'rb');
$data1 = fread($file1, filesize($tmp1));
// Now read the file content into a variable
fclose($file1);
// close the file
$data1 = chunk_split(base64_encode($data1));
// Now we need to encode it and split it into acceptable length lines
$file1 = $filename1;
} else {
$filename1 = '';
}
}
//file 2:
if (!empty($_FILES['file2']['name'])) {
//echo "File 2 exists";
$filename2 = $_FILES['file2']['name'];
$extension = '.' . strtolower(array_pop(explode('.', $filename2)));
$tmp2 = $_FILES['file2']['tmp_name'];
$size2 = $_FILES['file2']['size'];
$mime2 = $_FILES['file2']['type'];
if (in_array($extension, $allowed_extensions)) {
$file2 = fopen($tmp2, 'rb');
$data2 = fread($file2, filesize($tmp2));
// Now read the file content into a variable
fclose($file2);
// close the file
$data2 = chunk_split(base64_encode($data2));
// Now we need to encode it and split it into acceptable length lines
$file2 = $filename2;
} else {
$filename2 = '';
}
}
//File 3:
if (!empty($_FILES['file3']['name'])) {
//echo "File 3 exists";
$filename3 = $_FILES['file3']['name'];
$extension = '.' . strtolower(array_pop(explode('.', $filename3)));
$tmp3 = $_FILES['file3']['tmp_name'];
$size3 = $_FILES['file3']['size'];
$mime3 = $_FILES['file3']['type'];
if (in_array($extension, $allowed_extensions)) {
$file3 = fopen($tmp3, 'rb');
$data3 = fread($file3, filesize($tmp3));
// Now read the file content into a variable
fclose($file3);
// close the file
$data3 = chunk_split(base64_encode($data3));
// Now we need to encode it and split it into acceptable length lines
$file3 = $filename3;
} else {
$filename3 = '';
}
}
//echo "2";
//Only allow image or pdf.
$message = "<table border='1' style='width:80%'><tr><td>File 1: </td><td>$filename1</td></tr><tr><td>File 2: </td><td>$filename2<td></tr><tr><td>File 3: </td><td>$filename3</td></tr></table>";
// email fields: to, from, subject, and so on
$headers = "From: $from\n";
$headers .= "Reply-To: $to\n";
$headers .= "BCC: cpeterson@barona.com";
// boundary
$semi_rand = md5(time());
$mime_boundary = "==Multipart_Boundary_x{$semi_rand}x";
// headers for attachment
$headers .= "\nMIME-Version: 1.0\n" . "Content-Type: multipart/mixed, html;\n" . " boundary=\"{$mime_boundary}\"";
// multipart boundary
$message = "This is a multi-part message in MIME format.\n\n" . "--{$mime_boundary}\n" . "Content-Type: text/html; charset=ISO-8859-1\n" . "Content-Transfer-Encoding: 7bit\n\n" . $message . "\n\n";
$message .= "--{$mime_boundary}\n";
if (!empty($file1)) {
$message .= "Content-Type: {\"application/octet-stream\"};\n" . " name='$filename1'\n" . "Content-Disposition: attachment;\n" . " filename=$filename1\n" . "Content-Transfer-Encoding: base64\n\n" . $data1 . "\n\n";
$message .= "--{$mime_boundary}\n";
}
if (!empty($file2)) {
$message .= "Content-Type: {\"application/octet-stream\"};\n" . " name='$filename2'\n" . "Content-Disposition: attachment;\n" . " filename=$filename2\n" . "Content-Transfer-Encoding: base64\n\n" . $data2 . "\n\n";
$message .= "--{$mime_boundary}\n";
}
if (!empty($file3)) {
$message .= "Content-Type: {\"application/octet-stream\"};\n" . " name='$filename3'\n" . "Content-Disposition: attachment;\n" . " filename=$filename3\n" . "Content-Transfer-Encoding: base64\n\n" . $data3 . "\n\n";
$message .= "--{$mime_boundary}\n";
}
// send
$ok = @mail($to, $subject, $message, $headers, '-fnoreply@yourmailer.com');
if ($ok) {
//echo "<p>Thank you for submitting your application to: $to!</p>";
header("Location: ../../../about-barona/community-relations/community-giving-guidelines/thanks/"); /* Redirect browser */
exit();
} else {
//echo "<p>mail could not be sent!</p>";
header("Location: ../../../club-barona/email-signup/error/"); /* Redirect browser */
exit();
}
?>
Wordpress HTML:
<h2>COMMUNITY GIVING GUIDELINES & DONATION APPLICATION</h2><p>In an effort to better serve you, Barona will only review requests via an online donation application. To be considered for a donation or sponsorship, you must complete the online application. Requests submitted via email, mail, phone, or fax will not be accepted. All requests will be screened and reviewed for consideration by the Community Relations Committee. In making determinations on contribution requests, the Committee places emphasis on well-managed non-profit organizations and programs. Funding decisions are also based on the quality of the organizations programs and their support of Barona Resort & Casino’s key areas of focus. Additional consideration includes the scope of each program and the overall impact on the community. Barona maintains the flexibility to accommodate new and innovative approaches to meeting the needs of the community.</p><ul><li>Due to the volume of requests received, donation requests for auction and raffle items must be submitted at least 60 – 90 days prior to the date the donation is needed.</li><li>Sponsorship requests should be submitted by October for consideration in the following year, as planning is based on a calendar year.</li><li>Sponsorships exceeding $10,000 must include performance measurement criteria and the requestor must be prepared to submit a report of achievement.</li><li>We will respond to all requests with the decision of the committee, regardless of the outcome within 6 - 8 weeks of review.</li></ul>
<h3>We generally <b> exclude </b> requests that benefit:</h3>
<ul>
<li>Local sports organizations </li>
<li>An individual person or family </li>
<li>General operating expenses </li>
<li>Political candidates or organizations </li>
<li>Film or documentary productions </li>
<li>Memorials, endowments, or grants </li>
<li>Organizations outside of California </li>
<li>Travel expenses </li>
<li>Groups seeking educational or travel grants for contests, pageants, trips or conventions </li>
<li>Loan or loan guarantees </li>
<li>Capital improvement or building funds </li>
</ul>
<p><input id="chkTerms" name="chkTerms" onclick="validate();" required="required" type="checkbox" value="0"> I have read and understand the Community Giving Guidelines. Thank you for contacting Barona Resort & Casino regarding a contribution towards your organization. Please note that this online application must be completed in its entirety and, if necessary, submitted with all appropriate supporting documents.</p><form action="../../../wp-content/themes/barona/form-to-email.php" enctype="multipart/form-data" method="post">
<div id="DonationApplicationFormContent" style="width: 700px; margin: 10px -150px !important; display: none;">
<hr />
<h2>Instructions </h2>
<p>Follow the directions below to submit your <strong><a href="/wp-content/uploads/2015/10/DonationApplicationForm.pdf" target="_blank">Donation Application Form</a></strong>.</p>
<iframe width="560" height="315" src="https://www.youtube.com/embed/G-SDuvlur8o" frameborder="0" allowfullscreen></iframe>
<h3 style="margin: 0;">Step 1</h3>
<p>Download the Donation Application Form PDF.<br /><small>Note: Safari users, right click the "Download Now" button and select "Download Linked File As".</small><br /><br />[easy_media_download url="/wp-content/uploads/2015/10/DonationApplicationForm.pdf" force_dl="1"]</p>
<h3 style="margin: 0;">Step 2</h3>
<strong>Print</strong> or <strong>complete</strong> the form using <strong><a href="https://get.adobe.com/reader" target="_blank">Adobe Acrobat Reader</a></strong>. You can download Adobe Acrobat for free at <a href="https://get.adobe.com/reader" target="_blank">https://get.adobe.com/reader</a>
</p>
<h3 style="margin: 0;">Step 3</h3>
Click <strong>Browse</strong> to upload the completed <strong>Donation Application Form</strong> along with any supporting documents (images or PDF).
</p>
<h3 style="margin: 0;">Step 4</h3>
<p>Click the <strong>Submit</strong> button below to complete your submission. <br />
<br />
OR
<br /><br />
Email your completed PDF document with any supporting documents to <a href="mailto: donationapplicationsbarona@gmail.com">donationapplicationsbarona@gmail.com</a>.
</p>
Upload event brochures, marketing materials or other documents. Upload images or PDF files only. (Limit: 5MB max per file):
<table>
<tr style="height: 30px;">
<td>File 1:<input type="file" id="file1" name="file1"></td>
</tr>
<tr style="height: 30px;">
<td>File 2:<input type="file" id="file2" name="file2"></td>
</tr>
<tr style="height: 30px;">
<td>File 3: <input type="file" id="file3" name="file3"></td>
</tr>
</table>
<table>
<tr >
<td>
<div class="g-recaptcha" id="rcaptcha" data-sitekey="6Let2wwTAAAAAJaUZQGTCRy6Pv4YYLoQjsLUH6hs"></div></td>
</tr>
<tr>
<td>
<div id="captcha" aria-live="assertive"></div></td>
</tr>
<tr style="height: 80px;">
<td><input tabindex="11" title="Submit" type="submit" value="Submit" onclick="return get_action(this);"><input tabindex="12" title="Reset" type="reset" value="Reset"></td>
</tr>
</table>
<label id="lblStatus">*Required.</label></div>
</form>
页面来源:
见页面。 :-)
请帮助解决此问题,以免收到空白申请。以及提交前只允许使用 pdf/图像。愿意安装一个js文件。请尽可能彻底,我会选择你作为最高票/获胜者。做好我的程序员朋友!隐私万岁!
【问题讨论】:
-
“有礼貌。谢谢。:-)” - 你为什么在你的问题中包含这个?
-
您应该检查文件内容是否为空/0 以及是否包含有效的 PDF/图像标题。你已经在使用
filesize(),所以在条件语句中使用它if ( 0 == filesize( $file_path ) )- 其余的你可以谷歌。 -
当你需要调试某些东西时,首先要做的是 replace
ini_set('display_errors', 'off');witherror_reporting(E_ALL); ini_set('display_errors', 1);然后你可能得不到自己的想法有什么问题。这绝对应该在向我们寻求帮助之前完成 -
我会带上我的小魔法袋,我们会抢夺他们失明的拉尔夫
标签: javascript php html wordpress