I created most of the site from scratch, the one thing I did a 'hack' job on is the php form script for applicants. I looked around at various snippets of code and somewhat spliced it together to make one script.
http://www.mountainlifeadventures.com/Applicants.php
my friend would like me to add a cover-letter and headshot upload fields.
now I could probably figure out how to do it all myself, but I know it would be a really botchy script. I suck to put it kindly at php and I'm doing my friend a favor with this portfolio work, but also he needs the site to be done fast, and I would really appreciate to take a little extra time and create a script that works solidly and securely rather then a hack job of a script. Also this is a good learning experience for me, getting feedback on my hackjob and maybe even help re-writting or recreating the whole thing entirely if you think it's that much of a mess.
here is the scripts code:
Code: Select all
<?php
if(isset($_POST['submit'])) {
$to = "info@mountainlifeadventures.com";
$sex = $_POST['format'];
$subject = $_POST['subject'];
$name_field = $_POST['name'];
$email_field = $_POST['email'];
$age = $_POST['age'];
$message = $_POST['message'];
$fname = basename($_FILES['uploaded_file']['name']);
$location = "http://www.mountainlifeadventures.com/uploads/".$email_field.'/';
//$location = 'http://www.mountainlifeadventures.com/uploads/'.$email_field"/".$filename;
foreach($_POST['selection'] as $servicesbox) {
$services .= "Jobs Selected: $servicesbox\n<br>";
}
//use to test: echo is_dir(dirname(__FILE__).'/uploads/'.$email_field);
if(!is_dir(dirname(__FILE__).'/uploads/'.$email_field) != 0) {
umask(0);
mkdir(dirname(__FILE__).'/uploads/'.$email_field, 0777);
}
//?heck that we have a file
if((!empty($_FILES["uploaded_file"])) && ($_FILES['uploaded_file']['error'] == 0)) {
$filename = basename($_FILES['uploaded_file']['name']);
$ext = substr($filename, strrpos($filename, '.') + 1);
if ($_FILES["uploaded_file"]["size"] < 53000000) {
//Determine the path to which we want to save this file
$newname = dirname(__FILE__).'/uploads/'.$email_field.'/'.$filename;
//Check if the file with the same name is already exists on the server
if (!file_exists($newname)) {
//Attempt to move the uploaded file to it's new place
if ((move_uploaded_file($_FILES['uploaded_file']['tmp_name'],$newname))) {
$body = "From: $name_field\n<br> Age: $age\n<br> E-Mail: $email_field\n<br> Subject: $subject\n<br> $services\n<br> Message:\n<br> $message\n<p> Sex: $sex\n<br> Document Location:\n<br> $location";
ob_start();
$random_hash = md5(date('r', time()));
//define the headers we want passed. Note that they are separated with \r\n
$headers = "From: ".$email_field."\r\nReply-To: ".$to;
//add boundary string and mime type specification
$headers .= "\r\nContent-Type: text/html; charset=iso-8859-1; boundary=\"PHP-mixed-".$random_hash."\"";
//read the atachment file contents into a string,
//encode it with MIME base64,
//and split it into smaller chunks
mail($to, $subject, $body, $headers);
ob_flush();
include 'uploadedsuccessfully.php';
}
else {
echo "Error: A problem occurred during file upload!";
}
} else {
unlink($newname);
move_uploaded_file($_FILES['uploaded_file']['tmp_name'],$newname);
$body = "From: $name_field\n<br> Age: $age\n<br> E-Mail: $email_field\n<br> Subject: $subject\n<br> $services\n<br> Message:\n<br> $message\n<p> Sex: $sex\n<br> Document Location:\n<br> $location";
ob_start();
$random_hash = md5(date('r', time()));
//define the headers we want passed. Note that they are separated with \r\n
$headers = "From: ".$email_field."\r\nReply-To: ".$to;
//add boundary string and mime type specification
$headers .= "\r\nContent-Type: text/html; charset=iso-8859-1; boundary=\"PHP-mixed-".$random_hash."\"";
//read the atachment file contents into a string,
//encode it with MIME base64,
//and split it into smaller chunks
mail($to, $subject, $body, $headers);
ob_flush();
include 'uploadedsuccessfully.php';
}
} else {
echo "Error: Only files under 53MB are accepted for upload";
}
} else {
include 'error.php';
}
}
?>
any help on how to fix up this script so that maybe it works even differently then it does now.
I like how I have put it together in a way where it emails him and also stores the stuff on the server itself, originally I wanted to have it where it just emails him all the stuff, but this script simply stores everything onto the server and relays the link to the applicants folder.
Suggestions or even help with re-writing this mess into something really slick would be appreciated, and if anyone does that if you could put lots of comments describing what each section of your code is doing so I can learn from it.