如何允许wp_mail附件具有特定的扩展名和文件大小?
[英]How to allow specific extensions and file size to wp_mail attachment?
问题描述
I am trying to create a form with an attachment option that will be sent to an email when the form is submitted on a word press site. 
我正在尝试创建带有附件选项的表单,当在Word Press网站上提交表单时,该附件选项将发送到电子邮件。
My code work fine and it sends email in a HTML table format to my email address. 我的代码工作正常,它以HTML表格格式将电子邮件发送到我的电子邮件地址。 Also I am able to send attachment using the code. 我也可以使用该代码发送附件。 The issue arises when I consider the attachment file extensions and file size. 当我考虑附件文件扩展名和文件大小时,就会出现此问题。 I do not know that how to restrict big size of files and set attachments for some allowed extensions only. 我不知道该如何限制文件的大尺寸并仅为某些允许的扩展名设置附件。
My code is: 我的代码是:
<?php
//Setup an empty array.
$errors = array();
if($_POST["submit"]) {
$to = "myemail@gmail.com";
$subject = "New reservations request";
$hotel = $_POST["hotel_url"];
$sender = $_POST["sendername"];
$senderEmail = $_POST["senderEmail"];
//Check the name and make sure that it isn't a blank/empty string.
if(empty($sender)){
//Blank string, add error to $errors array.
$errors['sendername'] = "Please enter your name!";
}
/* attachment */
move_uploaded_file($_FILES["attachment"]["tmp_name"],WP_CONTENT_DIR .'/uploads/'.basename($_FILES['attachment']['name']));
$attachments = array(WP_CONTENT_DIR ."/uploads/".$_FILES["attachment"]["name"]);
if(empty($errors)){
$mailBody = "<table border='1'>
<tr>
<th>No</td>
<th>Item</td>
<th>Description</td>
</tr>
<tr>
<td>01</td>
<td>Hotel</td>
<td>$hotel</td>
</tr>
<tr>
<td>02</td>
<td>Name</td>
<td>$sender</td>
</tr>
<tr>
<td>03</td>
<td>E-Mail</td>
<td>$senderEmail</td>
</tr>
</table>";
$headers = array('From: '.$_POST['sendername'].' <'.$_POST['senderEmail'].'>');
$mail_sent = wp_mail( $to, $subject, $mailBody, $headers, $attachments );
}
}
if ($mail_sent) {
?>
<p>Request sent</p>
<?php
} else {
?>
<form id="" name="" action="<?php echo get_permalink(); ?>" method="post" enctype="multipart/form-data">
<input type="hidden" name="hotel_url" value="<?php echo get_permalink();?>" />
<div class="section-heading"><h6>Your Details</h6></div>
<div class="label-input-wrapper">
<div class="form-label">Name</div>
<div class="form-input">
<input type="text" name="sendername"/>
<?php if(isset($errors['sendername'])) { echo '<span style="color: red">'.$errors['sendername'].'</span>'; } ?>
</div>
</div>
<div class="label-input-wrapper">
<div class="form-label">E-Mail</div>
<div class="form-input">
<input type="email" name="senderEmail" pattern="[a-z0-9._%+-]+@[a-z0-9.-]+\.[a-z]{2,4}$" required value="<?PHP if(!empty($errors)) { echo $senderEmail;} ?>"/>
</div>
</div>
<label for='uploaded_file'>Select A File To Upload:</label>
<input type="file" name="attachment">
<input type="submit" value="Submit" name="submit">
</form>
<?php
}
?>
The above code send the attachment to my mail and gets saved into my uploads directory. 上面的代码将附件发送到我的邮件,并保存到我的上载目录中。 I know I have to do something around this area /* attachment */ to allow specific extensions and size of the file. 我知道我必须在/ *附件* /周围做些事情,以允许文件的特定扩展名和大小。 but how to do that? 但是该怎么做呢? eg: if I have to allow .png, .jpg, .pdf only and the maximum file is 1mb how can I do that? 例如:如果我只允许.png,.jpg,.pdf,最大文件为1mb,我该怎么做? where and what code I have to amend into the above codes? 我必须在上面的代码中将何处代码修改为?
1 个解决方案
解决方案1
1 已采纳 2014-09-06 19:59:26
It is possible to check the extension of the uploaded file, however this is not a good guarantee that it is actually that file type (since you are trusting the client to send you the info). 可以检查上载文件的扩展名,但是并不能很好地保证它实际上是该文件类型(因为您信任客户端向您发送信息)。 A better way to do this would be to check the file on the server after it has been uploaded, but before it is attached to the email. 更好的方法是在文件上传后但不将其附加到电子邮件之前检查服务器上的文件。 You can do this for images with exif_imagetype() . 您可以使用exif_imagetype()对图像执行此操作。 The file size can be gotten in bytes using the aptly named filesize() function. 可以使用适当命名的filesize()函数以字节为单位获取filesize() 。
To check for different image mime types (assuming they are all images from your question) 要检查不同的图像哑剧类型(假设它们都是您问题中的所有图像)
// some number of max bytes for the attachment (1mb)
$file_max_bytes = 1000000;
// valid mime types for the upload
$mime_types = array( IMAGETYPE_PDF, IMAGETYPE_PNG, IMAGETYPE_JPEG, IMAGETYPE_GIF );
// tmp uploaded file
$file_name = $_FILES['attachment']['tmp_name'];
// info about the uploaded file, type and size
$mime_type = exif_imagetype( $file_name );
$file_size_bytes = filesize( $file_name );
// in list of valid types and less than max size?
if ( in_array( $mime_type, $mime_types ) && ( $file_size_bytes < $file_max_bytes ) ){
// valid, attach and send here
} else {
// invalid, wrong type or too big, respond with error
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.