Attachments in phpMailer

Question

I cant seem to figure out the follow:

• How to make the attached file only be a specific file (example: only a .jpg file can be attached).
• Limit the file size

• After the file is sent, it gets deleted from the server

  <div class="white-jumbotron">
    <div class="container">
  
  <form action="" method="post" enctype="multipart/form-data">
  
  <div class="form-group">
    <label for="name" class="col-sm-2 control-label">First Name</label>
    <div class="col-sm-10">
      <input class="form-control" type="text" name="firstName" id="firstName" required />
      <p class='text-danger'></p>
    </div>
  </div>
  
  <div class="form-group">
    <label for="name" class="col-sm-2 control-label">Last Name</label>
    <div class="col-sm-10">
      <input class="form-control" type="text" name="lastName" id="lastName" required />
      <p class='text-danger'></p>
    </div>
  </div>
  
  <div class="form-group">
    <label for="name" class="col-sm-2 control-label">Email</label>
    <div class="col-sm-10">
      <input class="form-control" type="text" name="email" id="email" required />
      <p class='text-danger'></p>
    </div>
  </div>
  
  <div class="form-group">
    <label for="name" class="col-sm-2 control-label">Resume upload</label>
    <div class="col-sm-10">
      <input type="file" name="uploaded_file" id="uploaded_file">
      <br /> 
    </div>
  </div>
  <div class="col-sm-10">
    <input type="submit" name="submit" class="btn btn-green" />
  </div>
  </form>
  
  <?php
  if(isset($_POST['submit'])) {
   $emailAddress = '[email protected]';
   require "class.phpmailer.php";
   $msg = 'First Name:'.$_POST['firstName'].'<br /> Last name:'.$_POST['lastName'].'<br /> Email:'.$_POST['email'].'<br />';
    move_uploaded_file($_FILES["uploaded_file"]["tmp_name"], $_FILES["uploaded_file"]["name"]);
    $mail = new PHPMailer();
    $mail->IsMail();
  
    $mail->AddReplyTo($_POST['email'], $_POST['name']);
    $mail->AddAddress($emailAddress);
    $mail->SetFrom($_POST['email'], $_POST['name']);
    $mail->Subject = "Subject";
    $mail->MsgHTML($msg);
    $mail->AddAttachment( $_FILES["uploaded_file"]["name"]);
    $mail->Send();
  
    echo'<script> window.location="../careers-sent.php"; </script> ';
  }
  ?>
  
    </div>
  </div>
  

Answer 1

First of all, split the view (<div...) and the processing (<?php...) in two different files to avoid sending again the mail when the user presses F5.

1) In the processing, put a condition on the filename

if (preg_match("/\\.jpg$/",$_FILES["uploaded_file"]["name"]))
{
    //OK
}
else
{
    //KO, redirect to error page
}

2) Can't test here but I suppose there can also be a "size" attibute of the file

3) Put a check on the send

if ($mail->send())
{
    unlink($_FILES["uploaded_file"]["name"]);
}
else
{
    //KO, log to debug file
}

EDIT : code integration

view.php (rename at convenience)

<div class="white-jumbotron">
  <div class="container">

  <form action="" method="post" action="val_mail.php" enctype="multipart/form-data">

    <div class="form-group">
      <label for="name" class="col-sm-2 control-label">First Name</label>
      <div class="col-sm-10">
        <input class="form-control" type="text" name="firstName" id="firstName" required />
        <p class='text-danger'></p>
      </div>
    </div>

    <div class="form-group">
       <label for="name" class="col-sm-2 control-label">Last Name</label>
       <div class="col-sm-10">
         <input class="form-control" type="text" name="lastName" id="lastName" required />
         <p class='text-danger'></p>
       </div>
    </div>

    <div class="form-group">
      <label for="name" class="col-sm-2 control-label">Email</label>
      <div class="col-sm-10">
        <input class="form-control" type="text" name="email" id="email" required />
        <p class='text-danger'></p>
      </div>
    </div>

    <div class="form-group">
      <label for="name" class="col-sm-2 control-label">Resume upload</label>
      <div class="col-sm-10">
        <input type="file" name="uploaded_file" id="uploaded_file">
        <br /> 
      </div>
    </div>
    <div class="col-sm-10">
      <input type="submit" name="submit" class="btn btn-green" />
    </div>
  </form>

val_mail.php (rename at convenience but match with the above action attribute of the form)

<?php
if(isset($_POST['submit'])) {
  if (!preg_match("/\\.jpg$/",$_FILES["uploaded_file"]["name"]))
  {
    echo'<script> window.location="../error-attachment.php"; </script> '; exit;// create error page
  }
  $emailAddress = '[email protected]';
  require "class.phpmailer.php";
  $msg = 'First Name:'.$_POST['firstName'].'<br /> Last  name:'.$_POST['lastName'].'<br /> Email:'.$_POST['email'].'<br />';
  move_uploaded_file($_FILES["uploaded_file"]["tmp_name"],  $_FILES["uploaded_file"]["name"]);
  $mail = new PHPMailer();
  $mail->IsMail();

  $mail->AddReplyTo($_POST['email'], $_POST['name']);
  $mail->AddAddress($emailAddress);
  $mail->SetFrom($_POST['email'], $_POST['name']);
  $mail->Subject = "Subject";
  $mail->MsgHTML($msg);
  $mail->AddAttachment( $_FILES["uploaded_file"]["name"]);
  if ($mail->Send())
  {
     unlink($_FILES["uploaded_file"]["name"]);
  }
  else
  {
     echo'<script> window.location="../error-sent.php"; </script> '; exit;// create error page
  }

  echo'<script> window.location="../careers-sent.php"; </script> ';
}
?>