/file_upload.php Secret

## file_upload.php
<?php

$formerror = 0;
$form = "<form action='' method='post' id='upload_work' enctype='multipart/form-data'>
  <input type='file' name='upload_file'>
  <input type='submit' value='Upload' name='submit_work'>
</form>";

  if ($input->post->submit_work) {
  // form has been submitted

    $page->of(false);

    // check if a valid file has been submitted
    if(file_exists($_FILES['upload_file']['tmp_name']) || is_uploaded_file($_FILES['upload_file']['tmp_name'])) {

      // instantiate the class and give it the name of the HTML field
      $u = new WireUpload('upload_file');
      // tell it to only accept 1 file
      $u->setMaxFiles(1);
      // tell it to rename rather than overwrite existing files
      $u->setOverwrite(f);
      // have it put the files in their final destination. this should be okay since
      // the WireUpload class will only create PW compatible filenames
      $u->setDestinationPath($page->files->path);
      // tell it what extensions to expect
      $u->setValidExtensions(array('doc', 'docx', 'txt', 'xls', 'xlsx', 'pdf', 'png', 'jpg', 'jpeg', 'gif'));
      // execute() returns an array, so we'll foreach() it even though only 1 file
      foreach($u->execute() as $filename) $page->files->add($filename);
      $page->save();
      $page->of(true);

      $doc_type = $_FILES["upload_file"]["type"];
      $allowed_doc_types = array(
        'application/msword',
        'application/vnd.openxmlformats-officedocument.wordprocessingml.document',
        'text/plain',
        'image/jpeg',
        'image/pjpeg',
        'image/gif',
        'application/excel',
        'application/vnd.ms-excel',
        'application/x-excel',
        'application/png',
        'application/pdf',

      );


      if (!in_array($doc_type, $allowed_doc_types)) {
        echo "<h5>Sorry, that is not a valid extension. Please ensure it is one of the following valid extensions: doc, docx, txt, xls, xlsx, pdf, png, jpg, jpeg, gif </h5>";
        echo $form;
      }

      elseif ($_FILES["upload_file"]["size"] > 500000) {
        echo "<h5>Sorry, that file is too large. Please ensure your file is 500kb or less in size.</h5>";
        echo $form;
      }

      else {

      echo "<h3>Thank you. Your file has been uploaded.</h3>";
      echo "<p>Please <a href='{$config->urls->root}students/{$page->name}'>click here</a> to return to your profile page</p>";

      require_once("./scripts/PHPMailer/class.phpmailer.php");

      $to_name = "Company Name";
      $to = "me@gmail.com";
      $subject = "Student {$page->name} has uploaded a document";
      $form_message = "
      <h4>{$page->name} has uploaded a document to their profile.<h4>
      <p>You can visit their profile <a href={$page->httpUrl}>here</a>.</p>
      <p>Alternatively, you can visit the page in the admin by clicking <a href='http://localhost/admin/page/edit/?id={$page->id}'>here</a>.</p>
      <p>http://localhost{$page->files->last()->url}</p>
      ";

      $doc_path = "http://localhost{$page->files->last()->url}";
      $doc_name = "http://localhost{$page->files->last()->filename}";


      $from = "webmaster@company.com";
      $from_name = "Webmaster - Company Name";

      $mail = new PHPMailer();

      $mail->IsSMTP();
      $mail->CharSet = 'UTF-8';
      $mail->Host = "smtp.gmail.com";
      $mail->SMTPAuth = true;
      $mail->SMTPSecure = "ssl";
      $mail->Username = "me@gmail.com";
      $mail->Password = "mypass";
      $mail->Port = "465";

      $mail->From = "$from";
      $mail->FromName = "$from_name";
      $mail->AddAddress($to, $to_name);

      $mail->WordWrap = 50;
      $mail->IsHTML(true);

      $mail->Subject = "$subject";
      $mail->Body    = "$form_message";
      $mail->AddAttachment($doc_path);

      $mail->Send();

      }

    } else { // end if file has been submitted

      // form has been submitted but something went wrong
      $formerror = 1;
      echo "<h5>Sorry there was a problem uploading your files. Please ensure they have a valid extension.</h5>";
      echo $form;

    } // end invalid file

  } // end if form has been submitted

   else {
    echo "<h3>Upload documents</h3>";
    echo "<p>Please feel free to upload your document {$page->first_name} with any of the following valid file extensions - doc, docx, xls, xlsx, pdf, png, jpg, jpeg, gif. Please also ensure it is 500kb or less in size.";
    echo $form;
   }

?>
	<?php

	$formerror = 0;
	$form = "<form action='' method='post' id='upload_work' enctype='multipart/form-data'>
	<input type='file' name='upload_file'>
	<input type='submit' value='Upload' name='submit_work'>
	</form>";

	if ($input->post->submit_work) {
	// form has been submitted

	$page->of(false);

	// check if a valid file has been submitted
	if(file_exists($_FILES['upload_file']['tmp_name']) \|\| is_uploaded_file($_FILES['upload_file']['tmp_name'])) {

	// instantiate the class and give it the name of the HTML field
	$u = new WireUpload('upload_file');
	// tell it to only accept 1 file
	$u->setMaxFiles(1);
	// tell it to rename rather than overwrite existing files
	$u->setOverwrite(f);
	// have it put the files in their final destination. this should be okay since
	// the WireUpload class will only create PW compatible filenames
	$u->setDestinationPath($page->files->path);
	// tell it what extensions to expect
	$u->setValidExtensions(array('doc', 'docx', 'txt', 'xls', 'xlsx', 'pdf', 'png', 'jpg', 'jpeg', 'gif'));
	// execute() returns an array, so we'll foreach() it even though only 1 file
	foreach($u->execute() as $filename) $page->files->add($filename);
	$page->save();
	$page->of(true);

	$doc_type = $_FILES["upload_file"]["type"];
	$allowed_doc_types = array(
	'application/msword',
	'application/vnd.openxmlformats-officedocument.wordprocessingml.document',
	'text/plain',
	'image/jpeg',
	'image/pjpeg',
	'image/gif',
	'application/excel',
	'application/vnd.ms-excel',
	'application/x-excel',
	'application/png',
	'application/pdf',

	);


	if (!in_array($doc_type, $allowed_doc_types)) {
	echo "<h5>Sorry, that is not a valid extension. Please ensure it is one of the following valid extensions: doc, docx, txt, xls, xlsx, pdf, png, jpg, jpeg, gif </h5>";
	echo $form;
	}

	elseif ($_FILES["upload_file"]["size"] > 500000) {
	echo "<h5>Sorry, that file is too large. Please ensure your file is 500kb or less in size.</h5>";
	echo $form;
	}

	else {

	echo "<h3>Thank you. Your file has been uploaded.</h3>";
	echo "<p>Please <a href='{$config->urls->root}students/{$page->name}'>click here</a> to return to your profile page</p>";

	require_once("./scripts/PHPMailer/class.phpmailer.php");

	$to_name = "Company Name";
	$to = "me@gmail.com";
	$subject = "Student {$page->name} has uploaded a document";
	$form_message = "
	<h4>{$page->name} has uploaded a document to their profile.<h4>
	<p>You can visit their profile <a href={$page->httpUrl}>here</a>.</p>
	<p>Alternatively, you can visit the page in the admin by clicking <a href='http://localhost/admin/page/edit/?id={$page->id}'>here</a>.</p>
	<p>http://localhost{$page->files->last()->url}</p>
	";

	$doc_path = "http://localhost{$page->files->last()->url}";
	$doc_name = "http://localhost{$page->files->last()->filename}";


	$from = "webmaster@company.com";
	$from_name = "Webmaster - Company Name";

	$mail = new PHPMailer();

	$mail->IsSMTP();
	$mail->CharSet = 'UTF-8';
	$mail->Host = "smtp.gmail.com";
	$mail->SMTPAuth = true;
	$mail->SMTPSecure = "ssl";
	$mail->Username = "me@gmail.com";
	$mail->Password = "mypass";
	$mail->Port = "465";

	$mail->From = "$from";
	$mail->FromName = "$from_name";
	$mail->AddAddress($to, $to_name);

	$mail->WordWrap = 50;
	$mail->IsHTML(true);

	$mail->Subject = "$subject";
	$mail->Body = "$form_message";
	$mail->AddAttachment($doc_path);

	$mail->Send();

	}

	} else { // end if file has been submitted

	// form has been submitted but something went wrong
	$formerror = 1;
	echo "<h5>Sorry there was a problem uploading your files. Please ensure they have a valid extension.</h5>";
	echo $form;

	} // end invalid file

	} // end if form has been submitted

	else {
	echo "<h3>Upload documents</h3>";
	echo "<p>Please feel free to upload your document {$page->first_name} with any of the following valid file extensions - doc, docx, xls, xlsx, pdf, png, jpg, jpeg, gif. Please also ensure it is 500kb or less in size.";
	echo $form;
	}

	?>