mail () function sends multiple emails, need help...

spencerhill

Heya,
The script below uses the mail() function, and everything works fine, except it sends three emails everytime to the same email address. Can anyone tell me why its doing this and how I can fix it?
Thanks!

-Spence

$upload_dir = "../upload/";
$upload_url = $url_dir."../upload/";
$message ="";

mail('spencerhill@hookmedia.biz', "A client has uploaded a file to your server!", "This is an automatic notification that someone has uploaded a file to your server. Thank you for choosing Hook Media www.HookMedia.biz", "From: Your Website");

/*********************************************************
Create Upload Directory
**********************************************************/
if (!is_dir("upload")) {
if (!mkdir($upload_dir))
die ("upload_files directory doesn't exist and creation failed");
if (!chmod($upload_dir,0755))
die ("change permission to 755 failed.");
}

/*********************************************************
Process User's Request
**********************************************************/

if ($REQUEST) {
$resource = fopen("log.txt","a");
fwrite($resource,date("Ymd h:i:s")."DELETE - $SERVER[REMOTE_ADDR]"."$_REQUEST\n");
fclose($resource);

if (strpos($REQUEST,"/.")>0); //possible hacking
else if (strpos($REQUEST,"files/") === false); //possible hacking
else if (substr($REQUEST,0,6)=="files/") {
unlink($REQUEST);
print "<script>window.location.href='$url_this?message=deleted successfully'</script>";
}
}
else if ($FILES['userfile']) {
$resource = fopen("log.txt","a");
fwrite($resource,date("Ymd h:i:s")."UPLOAD - $SERVER[REMOTE_ADDR]"
.$FILES['userfile']['name']." "
.$FILES['userfile']['type']."\n");
fclose($resource);

$message = do_upload($upload_dir, $upload_url);
print "<script>window.location.href='$url_this?message=$message'</script>";
}
else if (!$_FILES['userfile']);
else
$message = "Invalid File Specified.";

/*********************************************************
List Files
**********************************************************/
$handle=opendir($upload_dir);
$filelist = "";
while ($file = readdir($handle)) {
if(!is_dir($file) && !is_link($file)) {
$filelist .= "<br><a href='$upload_dir$file'>".$file."</a>";
$filelist .= " <a href='?del=$upload_dir$file' title='delete'>x</a>";
}
}

function do_upload($upload_dir, $upload_url) {

$temp_name = $_FILES['userfile']['tmp_name'];
$file_name = $_FILES['userfile']['name'];

$file_name = str_replace("\","",$file_name);
$file_name = str_replace("'","",$file_name);
$file_type = $FILES['userfile']['type'];
$file_size = $FILES['userfile']['size'];
$result = $_FILES['userfile']['error'];
$file_url = $upload_url.$file_name;
$file_path = $upload_dir.$file_name;

//File Name Check
if ( $file_name =="") { 
	$message = "Invalid File Name Specified";
	return $message;
}
//File Size Check
else if ( $file_size > 2000000) {
//	print $file_size;
//    $message = "The file size is over 1MB.";
//    return $message;
}
//File Type Check  -- Prevent possible attacks
else if ( strpos($file_name,".php") !== false 
       || strpos($file_name,".cgi") !== false 
       || strpos($file_name,".htm") !== false 
       || strpos($file_name,".phtm") !== false ) 
  return;
else if ( strpos($file_type,"image") !== false
  || $file_type == "application/msword");
else {
    //$message = "Sorry, demo. only allows image or ms-word upload." ;
    //$message .= "<br>You may allow other types(i.e, .zip) on your own server." ;
    //return $message;
}

$result  =  move_uploaded_file($temp_name, $file_path);
if (!chmod($file_path,0755))
 	$message = "change permission to 755 failed.";
else
  $message = ($result)?"$file_name uploaded successfully." :
   	      "Somthing is wrong with uploading a file, please contact us via our Contact Us page.";

return $message;

}

?>
<style type="text/css">

</style><center class="style1">
<p> </p>
<form name="upload" id="upload" ENCTYPE="multipart/form-data" method="post">
Upload File <input type="file" id="userfile" name="userfile">
<input type="submit" name="upload" value="Upload">
</form>

<p><?=$_REQUEST[message]?>
</p>
</center>

bastien

try placing the mail call into the upload function like this:

function do_upload($upload_dir, $upload_url) {

  //default values
  $boolSuccessFlag = false;

  $temp_name = $_FILES['userfile']['tmp_name'];
  $file_name = $_FILES['userfile']['name'];
  $file_name = str_replace("\\","",$file_name);
  $file_name = str_replace("'","",$file_name);
  $file_type = $_FILES['userfile']['type'];
  $file_size = $_FILES['userfile']['size'];
  $result    = $_FILES['userfile']['error'];
  $file_url  = $upload_url.$file_name;
  $file_path = $upload_dir.$file_name;

//File Name Check
if ( $file_name =="") {
  $message = "Invalid File Name Specified";
  return $message;
}
//File Size Check
else if ( $file_size > 2000000) {
// print $file_size;
// $message = "The file size is over 1MB.";
// return $message;
}
//File Type Check -- Prevent possible attacks
else if ( strpos($file_name,".php") !== false
|| strpos($file_name,".cgi") !== false
|| strpos($file_name,".htm") !== false
|| strpos($file_name,".phtm") !== false )
return;
else if ( strpos($file_type,"image") !== false
|| $file_type == "application/msword");
else {
//$message = "Sorry, demo. only allows image or ms-word upload." ;
//$message .= "<br>You may allow other types(i.e, .zip) on your own server." ;
//return $message;
}

$result = move_uploaded_file($temp_name, $file_path);
if (!chmod($file_path,0755))
$message = "change permission to 755 failed.";
else
if ($result){
   $message = "$file_name uploaded successfully.";
   $boolSuccessFlag = true;
}else{
   $message = "Somthing is wrong with uploading a file, please contact us via our Contact Us page.";
}

if  ($boolSuccessFlag == true){
  mail('spencerhill@hookmedia.biz', "A client has uploaded a file to your server!", "This is an automatic notification that someone has uploaded a file to your server. Thank you for choosing Hook Media www.HookMedia.biz", "From: Your Website");
}

return $message;
}