This is driving me up the wall...! I have a form that is filled in for a job application and validates the fields before emailing the details plus an uploaded CV. The form also sends a confirmation email to the sender. The problem i have is the checking of the file size. The filesize should be limited to 200kb. Firstly php.ini is set to 8mb default (which i don't have control over), so if someone uploads a file bigger than that i get a php POST CONTENT warning. I'd like to have my system stop this and error in the form before php.ini gets involved. Secondly if the size is lower than 8mb but over 200kb it clears the cv directory path and displays the error message that says there is nothing in the upload field instead of the filesize error. Please help as this is killing me now! P.S. i've taken the inappropriate content out and the CSS <?php //define the error messages for invalid data define("errorName","INVALID NAME! minimum of 2 characters long"); define("errorAdd","INVALID ADDRESS! minimum of 5 characters long"); define("errorCity","INVALID CITY! Please enter a valid city name"); define("errorPost","INVALID POSTCODE!"); //define("errorGender","SELECT! please select your gender"); define("errorEmail","INVALID EMAIL! Please enter a valid email address!"); define("errorCV","Please enter a CV to upload!"); define("errorfile","NO CV! Please enter a path to upload your CV"); define("errorFormat","INVALID FILE FORMAT! Please upload zip, pdf, txt or doc file"); define("errorSizemes","INVALID FILE SIZE! Please upload a file smaller than 200kb"); ini_set("sendmail_from", " job-application@test.com "); ini_set('display_errors', 0); $max_file_size="200"; function createForm($sName="",$fName="",$address1="",$address2="",$city="",$county="",$pCode="",$telephone="",$mobile="",$email="",$fileatt="") { ?> <form name='contact' method='post' action='<?php echo $_SERVER['PHP_SELF']; ?>' enctype='multipart/form-data'> <fieldset> <div id="formtext"> <label for="sName">Surname *</label><br /> <label for="fName" class="fields">Forename *</label><br /> <label for="address1">Address *</label><br /> <label for="address2"></label><br /> <label for="city">City/Town *</label><br /> <label for="county">County</label><br /> <label for="pCode">Post Code *</label><br /> <label for="telephone">Home Telephone</label><br /> <label for="mobile">Mobile</label><br /> <label for="email">Email Address *</label> <br /> <label for="fileatt">Upload CV *</label> </div><!--close formtext--> <div id="formfields"> <input name="sName" type="text" id="sName" class="fields" value="<?php echo $sName; ?>" tabindex="1" size="35"/><br /> <input type="text" id="fName" name="fName" value="<?php echo $fName; ?>" tabindex="2" /><br /> <input name="address1" type="text" value="<?php echo $address1; ?>" id="address1" class="fields" tabindex="3" size="35" maxlength="15" /><br /> <input name="address2" type="text" id="address2" class="fields" value="<?php echo $address2; ?>" size="35" tabindex="4" maxlength="50" /><br /> <input name="city" type="text" tabindex="5" class="fields" id="city" value="<?php echo $city; ?>" size="35" maxlength="50"/><br /> <input name="county" type="text" class="fields" id="county" tabindex="6" value="<?php echo $county; ?>" size="35" maxlength="50" /><br /> <input name="pCode" type="text" class="fields" id="pCode" tabindex="7" value="<?php echo $pCode; ?>" size="15" maxlength="10" /> <br /> <input name="telephone" type="text" class="fields" id="telephone" tabindex="8" value="<?php echo $telephone; ?>" size="25" maxlength="20" /><br /> <input name="mobile" type="text" class="fields" id="mobile" tabindex="9" value="<?php echo $mobile; ?>" size="25" maxlength="20" /><br /> <input name="email" type="text" class="fields" id="email" tabindex="10" value="<?php echo $email; ?>" size="35" maxlength="50" /><br /> <input type="hidden" name="MAX_FILE_SIZE" value="200000"> <input name="fileatt" type="file" class="fields" id="fileatt" value="<?php echo $fileatt; ?>" tabindex="11" size="35" max length="100"/><br /> <p class="style2">File size cannot exceed 200kb. Accepted formats (.doc / .pdf / .txt / .zip)</p> <input type="submit" name="submit" class="submitbutton" value="submit" /> </div><!--close formfields--> </fieldset> </form> <?php } // This function validates an email address function isValidEmail($email){ $pattern = "^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$"; if (eregi($pattern, $email)){ return true; } else { return false; } } // Check file type function isCorrectFormat($fileatt_name){ $pattern = "^.+\.(pdf|txt|doc|zip)"; if (eregi($pattern, $fileatt_name)){ return true; } else{ return false; } } // Redirects to another Page using HTTP-META Tag function redirect( $url, $delay = 0, $message = "" ) { /* redirects to a new URL using meta tags */ echo "<meta http-equiv='Refresh' content='".$delay."; url=".$url."'>"; die; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> </head> <body> <?php if (!isset($_POST['submit'])) { createForm(); } else { $sName = isset($_POST['sName']) ? $_POST['sName'] : ""; $fName = isset($_POST['fName']) ? $_POST['fName'] : ""; $address1 = isset($_POST['address1']) ? $_POST['address1'] : ""; $address2 = isset($_POST['address2']) ? $_POST['address2'] : ""; $city = isset($_POST['city']) ? $_POST['city'] : ""; $county = isset($_POST['county']) ? $_POST['county'] : ""; $pCode = isset($_POST['pCode']) ? $_POST['pCode'] : ""; $telephone = isset($_POST['telephone']) ? $_POST['telephone'] : ""; $mobile = isset($_POST['mobile']) ? $_POST['mobile'] : ""; $email = isset($_POST['email']) ? $_POST['email'] : ""; //file upload $fileatt = $_FILES['fileatt']['tmp_name']; $fileatt_type = $_FILES['fileatt']['type']; $fileatt_name = $_FILES['fileatt']['name']; $filebytes = $_FILES['fileatt']['size']; $max_bytes = $max_file_size*1024; //$filebytes = filesize($fileatt); //system information $ip = getenv("REMOTE_ADDR"); $httpref = getenv ("HTTP_REFERER"); $httpagent = getenv ("HTTP_USER_AGENT"); //error definition $error = false; $errorsName = ''; $errorfName = ''; $erroraddress = ''; $errorcity = ''; $errorpCode = ''; $errortelephone = ''; $errormobile = ''; $erroremail = ''; $errorfileatt = ''; $errorformat = ''; $errorSize = ''; //error validation if (strlen($sName)<2) { $error = true; $errorsName = errorName; } if (strlen($fName)<2) { $error = true; $errorfName = errorName; } if (strlen($address1)<5) { $error = true; $erroraddress = errorAdd; } if (strlen($city)<2) { $error = true; $errorcity = errorCity; } if (!isValidEmail($email)) { $error = true; $erroremail = errorEmail; } if (strlen($pCode)<5) { $error = true; $errorpCode = errorPost; } if (strlen($fileatt)<5) { $error = true; $errorfileatt = errorfile; } Elseif(!isCorrectFormat($fileatt_name)) { $error = true; $errorformat = errorFormat; } Elseif ($filebytes > $max_bytes){ $error = true; $errorSize = errorSizemes; } if ($error){ ?> <?php if ($errorsName == errorName){ echo "<li> $errorsName </li>"; } if ($errorfName == errorName){ echo "<li> $errorfName </li>"; } if ($erroraddress == errorAdd){ echo "<li> $erroraddress </li>"; } if ($errorcity == errorCity){ echo "<li> $errorcity </li>"; } if ($erroremail == errorEmail){ echo "<li> $erroremail </li>"; } if ($errorpCode == errorPost){ echo "<li> $errorpCode </li>"; } if ($errorfileatt == errorfile){ echo "<li> $errorfileatt </li>"; } if ($errorformat == errorFormat){ echo "<li> $errorformat </li>"; } if ($errorSize == errorSizemes){ echo "<li> $errorSize </li>"; } ?> </ul> <?php createForm($sName,$fName,$address1,$address2,$city,$county,$pCode,$telephone,$mobile,$email,$fileatt); } else { $todayis = date("l, F j, Y, g:i a") ; $subject = "Job Application"; $sName = stripslashes($sName); $fName = stripslashes($fName); $address1 = stripslashes($address1); $address2 = stripslashes($address2); $city = stripslashes($city); $county = stripslashes($county); $pCode = stripslashes($pCode); $telephone = stripslashes($telephone); $mobile = stripslashes($mobile); $email = stripslashes($email); //$headers = "From: $from"; if (is_uploaded_file($fileatt)) { // Read the file to be attached ('rb' = read binary) $file = fopen($fileatt,'rb'); $data = fread($file,filesize($fileatt)); fclose($file); // Generate a boundary string $semi_rand = md5(time()); $mime_boundary = "==Multipart_Boundary_x{$semi_rand}x"; // Add the headers for a file attachment $headers .= "\nMIME-Version: 1.0\n" . "Content-Type: multipart/mixed;\n" . " boundary=\"{$mime_boundary}\""; // Add a multipart boundary above the plain message $message = "This is a multi-part message in MIME format.\n\n" . "--{$mime_boundary}\n" . "Content-Type: text/plain; charset=\"iso-8859-1\"\n" . "Content-Transfer-Encoding: 7bit\n\n" . $message . "\n\n" . "$todayis [GMT] \n" . "From: $fName $sName, ($email) \n\n" . "Address: $address1 \n" . " $address2 \n" . " $city \n" . " $county \n" . " $pCode \n\n" . "Telephone: $telephone \n" . "Mobile: $mobile \n \n"; // Base64 encode the file data $data = chunk_split(base64_encode($data)); // Add file attachment to the message $message .= "--{$mime_boundary}\n" . "Content-Type: {$fileatt_type};\n" . " name=\"{$fileatt_name}\"\n" . //"Content-Disposition: attachment;\n" . //" filename=\"{$fileatt_name}\"\n" . "Content-Transfer-Encoding: base64\n\n" . $data . "\n\n" . "--{$mime_boundary}--\n"; mail('info@test.co.uk', $subject, $message, $headers); $confirm = "This email is a confirmation for the job application\n\n" . "On $todayis [GMT] \n\n" . "The details you posted where as follows: \n" . "Name: $fName $sName \n\n" . "Address: $address1 \n" . " $address2 \n" . " $city \n" . " $county \n" . " $pCode \n\n" . "Telephone: $telephone \n" . "Mobile: $mobile \n \n" . "Email: $email \n \n" . "CV: $fileatt_name \n \n \n" . "filename: $filebytes \n \n" . "PLEASE DO NOT REPLY"; mail($email, 'Job Application Confirmation - PLEASE DO NOT REPLY', $confirm); } ?> <p>Your message has been sent, Thank you!</p> <br /> <p>If your not redirected back to the Contact page within 5 seconds, <a href="careers.php">click here to return to the careers page</a></p> <?php redirect("job-application3.php", 5); } } ?> </body> </html> Code (markup):
Before anyone goes on giving advice, I think you should create a attachment email and form separately and make sure you coded that part right. You have so many fields in your code, it's a little hard to browse through, not to mention your upload, files, and attachments are in completely random locations (just hard to find). Also, try not to copy and paste code and hope it works, understand it... http://www.sitepoint.com/article/advanced-email-php/5 Now for the assistance: I tried your code out and I get an empty file. I tried with different PHP versions and still an error. I suggest you do a separate file upload script and form and test it out on your server. If it works, you can then just integrate that into your giant form.