Posted By

davo on 12/21/11


Tagged

email php upload Encryption gpg


Versions (?)

gpg encrypt message and file on upload, then email


 / Published in: PHP
 

Simple script utilising the gpg_encrypt.php code (http://business-php.com/opensource/gpg_encrypt/) that will encrypt both the body and attachment of an email on upload.

  1. <html><body>
  2. <form action="<?php echo($_SERVER[REQUEST_URI]);?>" method="post" enctype="multipart/form-data">
  3. <textarea name="message" cols="30" rows="6"><?php echo($_POST[message]);?></textarea>
  4. <br />
  5. <label for='email_file'>Select A File To Email:</label>
  6. <input type="file" name="email_file">
  7. <br />
  8. <input type="submit" value="Encrypt and send your message">
  9. <hr>
  10. <?php
  11. if(!empty($_POST[message])) {
  12. $message = $_POST[message];
  13.  
  14. //Settings
  15. $mailto = "[email protected]";
  16. $max_allowed_file_size = 5120; // size in KB default 5meg 5120
  17. $allowed_extensions = array("zip", "doc", "pdf", "png", "jpg", "jpeg", "gif", "bmp");
  18. $gpglocation = '/usr/bin/gpg';
  19. $gnupgp = '/home/user/.gnupg';
  20. $keyid = 'XXXXXXXXXXXXXXXXXXX'; // see: http://business-php.com/opensource/gpg_encrypt/
  21.  
  22.  
  23. /** ----------- End of config --------------- **/
  24.  
  25. // pgp_encrypt.php see: http://business-php.com/opensource/gpg_encrypt/
  26. require_once('gpg_encrypt.php');
  27.  
  28. //Get the email file information
  29. $name_of_email_file = basename($_FILES['email_file']['name']);
  30. //get the file extension of the file
  31. $type_of_email_file = substr($name_of_email_file, strrpos($name_of_email_file, '.') + 1);
  32. $size_of_email_file = $_FILES["email_file"]["size"]/1024;//size in KBs
  33. //Validations
  34. if($size_of_email_file > $max_allowed_file_size )
  35. {
  36. $errors .= "\n Size of file should be less than $max_allowed_file_size";
  37. }
  38. //------ Validate the file extension -----
  39. $allowed_ext = false;
  40. for($i=0; $i<sizeof($allowed_extensions); $i++)
  41. {
  42. if(strcasecmp($allowed_extensions[$i],$type_of_email_file) == 0)
  43. {
  44. $allowed_ext = true;
  45. }
  46. }
  47. if(!$allowed_ext)
  48. {
  49. $errors .= "\n The email file is not supported file type. ".
  50. " Only the following file types are supported: ".implode(',',$allowed_extensions);
  51. }
  52.  
  53. // Obtain file upload vars
  54. $tmp_name = $_FILES['email_file']['tmp_name'];
  55. if (is_uploaded_file($tmp_name)) {
  56. $file = fopen($tmp_name,'rb');
  57. $data = fread($file,filesize($tmp_name));
  58. fclose($file);
  59.  
  60. // Generate a boundary string
  61. $semi_rand = md5(time());
  62. $mime_boundary = "==Multipart_Boundary_x{$semi_rand}x";
  63. // Add the headers for a file attachment
  64. $headers .= "MIME-Version: 1.0\n" . "Content-Type: multipart/mixed;\n" . " boundary=\"{$mime_boundary}\"";
  65. // Add a multipart boundary above the plain message
  66. $message = "This is a multi-part message in MIME format.\n\n" . "--{$mime_boundary}\n" . "Content-Type: text/plain; charset=\"iso-8859-1\"\n" . "Content-Transfer-Encoding: 7bit\n\n" . $message . "\n\n";
  67. // Base64 encode the file data
  68. $data = chunk_split(base64_encode($data));
  69.  
  70. // Add file attachment to the message
  71. $message .= "--{$mime_boundary}\n" . "Content-Type: {$type_of_email_file};\n" . " name=\"{$name_of_email_file}\"\n" . "Content-Disposition: attachment;\n" . " filename=\"{$name_of_email_file}\"\n" . "Content-Transfer-Encoding: base64\n\n" . $data . "\n\n" . "--{$mime_boundary}--\n";
  72. }
  73.  
  74. $gpg = gpg_encrypt("${message}", $gpglocation , $gnupgp, $keyid);
  75.  
  76. if("$gpg[2]" == '0') {
  77. mail($mailto, 'encrypted message of type '.$type_of_email_file, "$gpg[0]", $headers);
  78. echo('Your message was encrypted and sent');
  79. } else {
  80. echo("<pre>\n$gpg[1]</pre><br /><div>$errors</div>");
  81. }
  82. }
  83. ?>
  84. </body>
  85. </html>

Report this snippet  

You need to login to post a comment.