Hi there - this is my first time using PHP, and I've run into what I hope is a relatively simple problem to fix. Basically I've been following a tutorial that should let me build a form that will allow users to send me word files etc through the site. The problem is that I've been getting this error message when I test the form:
Warning: Unexpected character in input: '\' (ASCII=92) state=1 in /hermes/web12a/b1229/moo.floathousebookscom/php-form-action.php on line 82
Parse error: syntax error, unexpected T_STRING in /hermes/web12a/b1229/moo.floathousebookscom/php-form-action.php on line 82This is line 82 in its current state:
$message = new Mail_mime($crlf = “\r\n”);
"($crlf = “\r\n”)" was added by me after reading some advice online. It changed the error code I was getting beforehand, but seems to have syntax problems.
The PHP in whole looks like this:
<?php
// Pear library includes
// You should have the pear lib installed
include_once('Mail.php');
include_once(Mail/mime.php);
//Settings
$max_allowed_file_size = 5000; // size in KB
$allowed_extensions = array("doc", "docx", "odf", "txt");
$upload_folder = 'http://www.example.com/upload_folder'; //<-- this folder must be writeable by the script
$your_email = 'example@example.com';//<<-- update this to your email address
$errors ='';
if(isset($_POST['submit']))
{
//Get the uploaded file information
$name_of_uploaded_file = basename($_FILES['uploaded_file']['name']);
//get the file extension of the file
$type_of_uploaded_file = substr($name_of_uploaded_file,
strrpos($name_of_uploaded_file, '.') + 1);
$size_of_uploaded_file = $_FILES["uploaded_file"]["size"]/1024;
///------------Do Validations-------------
if(empty($_POST['name'])||empty($_POST['email']))
{
$errors .= "\n Name and Email are required fields. ";
}
if(IsInjected($visitor_email))
{
$errors .= "\n Bad email value!";
}
if($size_of_uploaded_file > $max_allowed_file_size )
{
$errors .= "\n Size of file should be less than $max_allowed_file_size";
}
//------ Validate the file extension -----
$allowed_ext = false;
for($i=0; $i<sizeof($allowed_extensions); $i++)
{
if(strcasecmp($allowed_extensions[$i],$type_of_uploaded_file) == 0)
{
$allowed_ext = true;
}
}
if(!$allowed_ext)
{
$errors .= "\n The uploaded file is not supported file type. ".
" Only the following file types are supported: ".implode(',',$allowed_extensions);
}
//send the email
if(empty($errors))
{
//copy the temp. uploaded file to uploads folder
$path_of_uploaded_file = $upload_folder . $name_of_uploaded_file;
$tmp_path = $_FILES["uploaded_file"]["tmp_name"];
if(is_uploaded_file($tmp_path))
{
if(!copy($tmp_path,$path_of_uploaded_file))
{
$errors .= '\n error while copying the uploaded file';
}
}
//send the email
$name = $_POST['name'];
$visitor_email = $_POST['email'];
$user_message = $_POST['message'];
$to = $your_email;
$subject="New form submission";
$from = $your_email;
$text = "A user $name has sent you this message:\n $user_message";
$message = new Mail_mime($crlf = “\r\n”);
$message->setTXTBody($text);
$message->addAttachment($path_of_uploaded_file);
$body = $message->get();
$extraheaders = array("From"=>$from, "Subject"=>$subject,"Reply-To"=>$visitor_email);
$headers = $message->headers($extraheaders);
$mail = Mail::factory("mail");
$mail->send($to, $headers, $body);
//redirect to 'thank-you page
header('Location: thank-you.html');
}
}
///////////////////////////Functions/////////////////
// Function to validate against any email injection attempts
function IsInjected($str)
{
$injections = array('(\n+)',
'(\r+)',
'(\t+)',
'(%0A+)',
'(%0D+)',
'(%08+)',
'(%09+)'
);
$inject = join('|', $injections);
$inject = "/$inject/i";
if(preg_match($inject,$str))
{
return true;
}
else
{
return false;
}
}
?>Anyway, as this is my first time, I'll be needing to have really obvious mistakes pointed out to me, because I'm blind to them. If I've left out any info that's needed please let me know, and thanks a lot!