I am developing a site which allows users to upload images to their account. And the users are allowed to fill a form and upload images as a guest, and then be asked to login if they have not logged in yet, and then the files will be saved and update the database afterwards.
I am using opencart by the way,
The controller function to handle the form is
if (!$this->customer->isLogged()) {
//let's start the session
if (!isset($_SESSION)) {
session_start();
}
$this->session->data['partner_front'] = $this->request->post;
$this->session->data['files'] = $this->request->files;
$this->session->data['redirect'] = $this->url->link('charity/partner&path=' . $project_id, '', 'SSL');
$this->response->redirect($this->url->link('account/login', '', 'SSL'));
} else {
if(!isset($this->request->get['product_id'])){
$this->model_account_customerpartner->addProduct($this->request->post);
$this->session->data['success'] = $this->language->get('text_success');
} else {
$this->model_account_customerpartner->editProduct($this->request->post);
$this->session->data['success'] = $this->language->get('text_success_update');
}
The controller function in login part is
if (isset($this->session->data['partner_front']) && $this->session->data['partner_front']) {
$this->load->model('account/customerpartner');
$this->model_account_customerpartner->addProduct($this->session->data['partner_front']);
$this->session->data['success'] = $this->language->get('text_success');
unset($this->session->data['partner_front']);
unset($this->session->data['files']);
$this->response->redirect($this->url->link('account/customerpartner/productlist', '', 'SSL'));
}
And my model function which used to upload images and create temp name for the SQL is
public function addProduct($data){
$renamedImage = '';
$renamedOImage = array();
if(isset($this->session->data['files']) && $this->session->data['files']) {
$files = $this->session->data['files'];
} else {
$files = $this->request->files;
} print_r($files);
if (isset($files['image']['name']) AND $files['image']['name']) {
if(count($files['image']['name']) == 1) {
$renamedImage = rand(100000,999999) . basename(preg_replace('~[^\w\./\\\\]+~', '', $files['image']["name"][0]));
move_uploaded_file($files["image"]["tmp_name"][0], DIR_IMAGE . MPIMAGEFOLDER .$renamedImage);
} else {
/**
* upload product base image
*/
$renamedImage = rand(100000,999999) . basename(preg_replace('~[^\w\./\\\\]+~', '', $files['image']["name"][0]));
move_uploaded_file($files["image"]["tmp_name"][0], DIR_IMAGE . MPIMAGEFOLDER .$renamedImage);
$renamedOImage[0] = $renamedImage;
foreach (array_slice($files['image']['name'], 1) as $index => $product_image) {
$renamedImg = rand(100000,999999) . basename(preg_replace('~[^\w\./\\\\]+~', '', $product_image));
//upload product images
move_uploaded_file(array_slice($files['image']["tmp_name"], 1)[$index], DIR_IMAGE . MPIMAGEFOLDER .$renamedImg);
$renamedOImage[$index] = $renamedImg;
}
}
}}
Right now, the image can be uploaded without going through the login controller function, but cannot be uploaded if the users are asked to login after submit the form. I used print_r($files) to check the structure and content of the files before move_uploaded_file function, and get the same results of both of them.
Could anyone tells me why? Thanks a lot for any helps.
You can't call move_uploaded_file in a different script, because the uploaded file is deleted when the first script exits.
What you need to do is have the first script move the file to a permanent file, and put the filename in the session variable. Then the second script can link that file into the user's entry in the database after they login.
You might want to have a cron job that periodically deletes old files that haven't been linked to any accounts.