osCommerce image upload errors in custom cart.

One of my client's carts in osCommerce is spitting out some errors that I can't figure out. The problem occurs when I use a custom feature created for uploading images to items in shopping_cart.php

When I hit upload it takes me to myclientsite.com/catalog/img_upload.php?action=image_upload

Here are the errors:

Warning: move_uploaded_file(images/1_33_Desert.jpg) [function.move-uploaded-file]: failed to open stream: Permission denied in /home/clientsite/public_html/catalog/img_upload.php on line 61

Warning: move_uploaded_file() [function.move-uploaded-file]: Unable to move '/tmp/phpMDtKcj' to 'images/1_33_Desert.jpg' in /home/clientsite/public_html/catalog/img_upload.php on line 61

Warning: Cannot modify header information - headers already sent by (output started at /home/clientsite/public_html/catalog/img_upload.php:61) in /home/clientsite/public_html/catalog/includes/functions/general.php on line 54

and the lines in question:

61) if(move_uploaded_file($_FILES['image_'.(int)$HTTP_POST_VARS['products_id'][$i].'_'.$arr_pro.'_'.$k]['tmp_name'],$uploadfilename))

54) header('Location: ' . $url);

The reason I don't know what to do is we payed someone on getafreelancer.com to do this but it has been a couple years so I can't really remember what they did. Now the site is getting unexplainable errors. From the information I have given is there anything anyone can see that can be done?
general.php
img-upload.php
LVL 1
merchantwebAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Avinash ZalaWeb ExpertCommented:
i think your upload directory have not proper permissions to upload new images or any files to that directory.

try to permissions of that directory to 777 and then try again.

Thanks
Addy
0
merchantwebAuthor Commented:
Thanks, but I tried it and that didn't seem to help. Any other ideas?
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Avinash ZalaWeb ExpertCommented:
Are you getting below variable correctly?

$HTTP_POST_VARS['products_id'][$i]

$arr_pro

$k


Just echo it and check that are coming proper or not?
0
Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

merchantwebAuthor Commented:
Where/ how would I check if I am getting the variable correctly? Forgive my inexperience. I am not sure what you mean by echo it and check that they're coming proper. How do I echo it and check?
0
Avinash ZalaWeb ExpertCommented:
Your should DO like below in php code:

echo $HTTP_POST_VARS['products_id'][$i];
echo "<br/>";
echo $arr_pro;
echo "<br/>";
echo $k;
echo "<br/>";
exit;

Place this code in your php file before below line:
 if(move_uploaded_file($_FILES['image_'.(int)$HTTP_POST_VARS['products_id'][$i].'_'.$arr_pro.'_'.$k]['tmp_name'],$uploadfilename))

My code will print value of the variable and stop the execution.

Place this code and let me know what happen.

Thanks
Addy
0
merchantwebAuthor Commented:
It returned this error:

Parse error: syntax error, unexpected T_ELSE in /home/revenge/public_html/catalog/img_upload.php on line 76

here is the snippet to make sure I inserted correctly. The else statement is line 76

      if(move_uploaded_file($_FILES['image_'.(int)$HTTP_POST_VARS['products_id'][$i].'_'.$arr_pro.'_'.$k]['tmp_name'],$uploadfilename))
                                    echo $HTTP_POST_VARS['products_id'][$i];
echo "<br/>";
echo $arr_pro;
echo "<br/>";
echo $k;
echo "<br/>";
exit;
                                    {
                                          
                                          $newpath=$uploadfilename;
                                          $uploadsucsess="Sucsess";
                                       
                                          
                                    }
                                    else
                                    {
                                          $uploadsucsess="Fail";
                                    }
                              }
                              
                              if($uploadsucsess=="Sucsess")
                                    {
                        
                                    
                                          if(isset($arr_pro) && $arr_pro!="")
                                          {
                                                $pro_att = $arr_pro;
                                          }
                                          else
                                          {
                                                
                                                $pro_att = 0;
                                          }

                                          
0
Avinash ZalaWeb ExpertCommented:
Try attached code:
<?php

echo $HTTP_POST_VARS['products_id'][$i];
echo "<br/>";
echo $arr_pro;
echo "<br/>";
echo $k;
echo "<br/>";
exit;

	 if(move_uploaded_file($_FILES['image_'.(int)$HTTP_POST_VARS['products_id'][$i].'_'.$arr_pro.'_'.$k]['tmp_name'],$uploadfilename))
                                   
	{
		  
		  $newpath=$uploadfilename;
		  $uploadsucsess="Sucsess";
	   
		  
	}
	else
	{
		  $uploadsucsess="Fail";
	}
  

if($uploadsucsess=="Sucsess")
{


	if(isset($arr_pro) && $arr_pro!="")
	{
		$pro_att = $arr_pro;
	}
	else
	{
		
		$pro_att = 0;
	}
}
?>

Open in new window

0
merchantwebAuthor Commented:
The page returned...

33
0
1
0
merchantwebAuthor Commented:
attached id the new full code for img_upload.php
<?php
/*
  $Id: privacy.php 1739 2007-12-20 00:52:16Z hpdl $

  osCommerce, Open Source E-Commerce Solutions
  http://www.oscommerce.com

  Copyright (c) 2003 osCommerce

  Released under the GNU General Public License
*/

  require('includes/application_top.php');

	 if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'image_upload')) {
 

  $total_no=0;
 
				for ($i=0, $n=sizeof($HTTP_POST_VARS['products_id']); $i<$n; $i++) {
				
				$arr_pro = substr($HTTP_POST_VARS['hdn_att_'.$i],0,strlen($HTTP_POST_VARS['hdn_att_'.$i])-1);
				
				if($arr_pro == "")
				{
					$arr_pro = 0;
				}		
				//total_no29
					
				$total_no =  $HTTP_POST_VARS['total_no'.(int)$HTTP_POST_VARS['products_id'][$i].'_'.$arr_pro];
				if($total_no == "" || $total_no == 0)
				{
					$total_no = 1;
				}
				$ex_image_imp = "";
				
				
				
				for($k=1;$k<=$total_no;$k++)
				{
				
				
				
				// echo $_FILES['image_'.(int)$HTTP_POST_VARS['products_id'][$i].'_'.$arr_pro.'_'.$k];
				 
				
					
						$ex_image_imp .= $k.'_'.(int)$HTTP_POST_VARS['products_id'][$i].'_'.$_FILES['image_'.(int)$HTTP_POST_VARS['products_id'][$i].'_'.$arr_pro.'_'.$k]['name'].',';
						$ex_image = $k.'_'.(int)$HTTP_POST_VARS['products_id'][$i].'_'.$_FILES['image_'.(int)$HTTP_POST_VARS['products_id'][$i].'_'.$arr_pro.'_'.$k]['name'];
						
					//	echo $ex_image_imp;
						
						
						
						$filenamethumb1=$ex_image;
											
						$uploadfilename=DIR_WS_IMAGES.$filenamethumb1;
						$filearr=explode(".",$filenamethumb1);
						$fileext=$filearr[count($filearr)-1];
						
echo $HTTP_POST_VARS['products_id'][$i];
echo "<br/>";
echo $arr_pro;
echo "<br/>";
echo $k;
echo "<br/>";
exit;
						if(move_uploaded_file($_FILES['image_'.(int)$HTTP_POST_VARS['products_id'][$i].'_'.$arr_pro.'_'.$k]['tmp_name'],$uploadfilename))
				
						{
							
							$newpath=$uploadfilename;
							$uploadsucsess="Sucsess";
						   
							
						}
						else
						{
							$uploadsucsess="Fail";
						}
					}
					
					if($uploadsucsess=="Sucsess")
						{
				
						
							if(isset($arr_pro) && $arr_pro!="")
							{
								$pro_att = $arr_pro;
							}
							else
							{
								
								$pro_att = 0;
							}

							
								$_SESSION['ses_image_'.(int)$HTTP_POST_VARS['products_id'][$i].'_'.$pro_att] = $_SESSION['ses_image_'.(int)$HTTP_POST_VARS['products_id'][$i].'_'.$pro_att].''.$ex_image_imp;	
						

						
						
							
						}
			}
			
			tep_db_query("update temp_ses set tmp_session = '".$osCsid."' where temp_ses_id = 1") ;
			tep_redirect(tep_href_link(FILENAME_SHOPPING_CART));
			
  	
  }
 
  
  require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>

Open in new window

0
merchantwebAuthor Commented:
This might help you help me...

Go to revengeproductsinc.com/catalog

Add something to the shopping cart then attempt to add an image to the item.

The errors occur after you click the upload button. The site did work not long ago. Thanks for your dedication to helping me solve this!
0
Avinash ZalaWeb ExpertCommented:
i think you should check the permission of the temp folder where the temp file is placed.

Assign permission to 777 to that temp folder.

Hope this helps.
Addy
0
Avinash ZalaWeb ExpertCommented:
And use $_POST instead of $HTTP_POST_VARS.

Addy
0
merchantwebAuthor Commented:
Thanks, I'll try that and let you know if it worked. Thanks again!
0
merchantwebAuthor Commented:
I'm not sure if that's the solution...When I try to change $HTTP_POST_VARS to $_POST my code editor doesn't like that...can you show me an example and would I change all instances of $HTTP_POST_VARS ??
Thanks.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
E-Commerce

From novice to tech pro — start learning today.