Page 1 of 1

Upload files via email

Posted: Wed Apr 05, 2006 3:32 am
by ed209
I've always wondered about giving users the option of uploading files via email (starting with image files). I've seen it done on larger sites which makes it seem difficult to achieve. I'm trying to find out what it would take to accomplish this. Here are a few thoughts so far.

1. associate the email address with the user, probably dynamically create an email address rather than assign a permanent one for that user. Also create a subdomain for this use user_ident@uploads.example.com
1a. What happens if someone else sent an email to that address? Should the password be included somewhere.

2. Email arrives in the inbox (this is where I get a little lost).
2a. Check 'To' address to get our user.
2b. Get the attached files.
2c. Check the files for type and size. Would there be size limits as it's different from uploading via a form?

3. If the file is ok, I guess php could just work on it as though it was a regular uploaded file.
3a. File type wrong or other problems, send an email back with the error?

It would also be nice to get hold of the 'Subject' and 'Message'. For example, the 'Subject' could be the image title and 'Message' text could be the image description.

Also, what about multiple image attachments?

Any thoughts appreciated. Is this possible, is it worth it? I guess it's not worth it for web based mail as they might as well upload the image via a regular users area!

Posted: Wed Apr 05, 2006 9:22 am
by feyd
It's definitely possible. I'd use a catch-all account so as to not require adding email addresses all the time. To increase security a bit, I would likely require that they get an email upload tag (some unique, one-time use identifier) if they want to send an email. This tag would be associated with the user so if there's any funny business with the email headers, you can send a response to that user's registered email, not the reply-to address in the email. Could also have the server send a confirmation that the uploading should take place to the user's registered email to increase the security a bit more.

As to whether it's worth while, I don't know. I don't know your project so I can't say whether people would find it useful or not. I'd hate to have a complex feature that doesn't get used. I think it's a question you should postulate to your users.

Posted: Wed Apr 05, 2006 9:48 am
by ed209
The reason behind it is batch uploading. The uploaded files would be of artwork. Minimum requirements for a piece of artwork are image (or images), title and description (email terms Attachments, Subject, Message). I guess you could also use the email address to categorise the artwork i.e.

user_ident-sculpture-abstract@uploads.example.com

or

user_ident-painting-artdecco@uploads.example.com

Artists may want to upload 20, 30 or more pieces of artwork. It would be much easier to create a load of emails so they could leave them sending when they're not at their computer.

So, the user logs in and finds out what their unique identifier is for that session (session not meaning $_SESSION, but usage timeframe) - they can request a new email address to send to anytime. Maybe it could expire on a time frame.

Yes, catch all, good point. This would be for the subdmain - uploads.example.com.

Also, receiving emails ONLY from the users registered address is a pretty good security measure.

Email upload may be overkill for dealing with batch uploads, but I love a challenge. This is pretty neat too
http://www.air4web.com/files/upload/

Posted: Wed Apr 05, 2006 12:25 pm
by ed209
a catch all is sending all emails to uploads@example.com

the uploads@example.com inbox is a text file. Would I now set up a cron job to get PHP to open and work with the text file? Or is there some action triggered when the inbox is updated?

Posted: Wed Apr 05, 2006 12:35 pm
by feyd
some mail servers have triggers that fire when an email is received, however a cron can work just the same, but more of an active monitor.

Posted: Wed Apr 05, 2006 1:38 pm
by ed209
at the risk of turning this into a blog... here's the progress.

I've found out that cPanel can pipe emails to a script. So I have a catch all for @uploads.example.com sending the emails to /home/mydir/path/to/my/script.php

The problem is how do I receive that data within the php script. I've only really worked with GET/POST.

I have used ob_get_contents() in the past and have started looking into hw_Root() and Hyperwave although I may be barking up the wrong tree.

Posted: Wed Apr 05, 2006 3:13 pm
by Ambush Commander
Hmm... it really depends on how the host has it setup. I'd suggest var_dumping both, as well as $argv.

Posted: Wed Apr 05, 2006 3:19 pm
by ed209
at the moment I'm struggling to get the script called at all! I've had a couple of delayed responses as I am emailing myself from the script.

To grab the data I am trying out

Code: Select all

readfile("php://stdin");
I think this is producing an array, but it's a slow process of trial and error as there isn't that much documentation on it.

Posted: Wed Apr 05, 2006 5:02 pm
by ed209
this seems to work after piping the email to:

|/home/myaccount/path/to/script.php

Code: Select all

#!/usr/bin/php -q
<?php

function read_email(){
$email = "";

$email_lines = file("php://stdin");
foreach ($email_lines as $line_num => $line){
	$email .= "Line {$line_num}: " . $line . "<br />\n";
}
	return $email;
}


?>

also these might be of use for cPanel users.
http://forums.cpanel.net/showthread.php?t=50985
http://forums.cpanel.net/showthread.php?t=39083

Posted: Thu Apr 06, 2006 4:22 am
by ed209
this may be easier than piping then working with the email source as a string

viewtopic.php?p=253143#253143