Jump to content

Changing product sort order options in category page throws 'category doesn't exist'


Recommended Posts

I've updated a site from Cubecart 6.2.x to 6.5.5 and now the product sort order 'sort by' box in the category pages on the front end when you change the sort order returns a 404 page with the message 'category doesn't exist'.

When I run error reporting on any page of the site there's about 15 warnings or more along the lines of: 

/home/northerwood/G0DG68Q0/htdocs/ronlines/classes/somefilename - file_exists() [function.file-exists.php]: open_basedir restriction in effect. File [somefilename] is not within the allowed path(s): [someotherfilepath]

The file names vary in the warnings but they are all messages around 'XXXX is not within the allowed path(s)'. Does this mean CC scripts are going looking for files in locations to which open_basedir restrictions are not allowing access? How do I go about checking this? The site is in a subfolder in the hosting account but posts about moving sites suggest that CC copes with this. It's never been moved, it's always been in a subfolder.

Any advice on what I should be looking at to investigate this issue?

Link to comment
Share on other sites

(Not an expert on server operating systems, so...) CubeCart will add to PHP's 'include_path' all of the directories that class files can be found. This means that CubeCart will look in every one of these directories for the class when the code wants to instantiate a named class.

That includes the path that PHP's 'php.ini' configuration file has for its 'include_path'.

Then there is this open_basedir feature that may have a series of directories that PHP is allowed to look in.

Sometimes, the directories listed for open_basedir do not include the 'include_path' stated in the php.ini configuration file.

Most of the time, the client of a hosted account does not have access to the configuration settings needed to fix this.

So, please contact your hosting provider and mention to them about this open_basedir issue. They should be able to fix it.

 

Link to comment
Share on other sites

8 hours ago, bsmither said:

The 404 was fixed in CC656. See:

https://github.com/cubecart/v6/issues/3577

 

Thanks for fast reply, I've now run an update to CC656 via the admin panel updater. However, now instead of throwing a 404 page, the product filter dropdown is failing to load its options, just shows a pair of empty brackets/braces.

I would have uploaded a snippet of screenshot but the forum won't let me upload an image but the issue can be seen in the product sort box on e.g. https://www.ronlines.com/electronics.html
Is this likely to be related to the openbase_dir issues referred to in your earlier reply? 

9 hours ago, bsmither said:

(Not an expert on server operating systems, so...) CubeCart will add to PHP's 'include_path' all of the directories that class files can be found. This means that CubeCart will look in every one of these directories for the class when the code wants to instantiate a named class.

That includes the path that PHP's 'php.ini' configuration file has for its 'include_path'.

Then there is this open_basedir feature that may have a series of directories that PHP is allowed to look in.

Sometimes, the directories listed for open_basedir do not include the 'include_path' stated in the php.ini configuration file.

Most of the time, the client of a hosted account does not have access to the configuration settings needed to fix this.

So, please contact your hosting provider and mention to them about this open_basedir issue. They should be able to fix it.

 

Yes this is shared hosting on which I don't have access to PHPini, however the datacentre support team replied: "It looks like Cubecart is trying to open files outside of account home directory ('/smarty_autoloader.class.php' for example) which is causing the open_basedir security warning."

At the moment, I can't see where /smarty_autoloader.class.php is actually sitting in the CC files, but do you have any further thoughts based on the above?

Link to comment
Share on other sites

"CubeCart will add to PHP's 'include_path' ..."

In CubeCart's admin, near the bottom of the navigation pane, click on PHP Info. On the page that is displayed, scroll to the Core table, and find include_path, Master Value column.

It might be something like, .:/usr/share/php:, possibly followed by more directories that are not within CubeCart's installation.

It is likely that one of these directories conflicts with open_basedir settings. Your hosting provider is the only one able to fix this.

The Sort box issue fix can be found here:

https://github.com/cubecart/v6/issues/3626

 

Link to comment
Share on other sites

1 hour ago, bsmither said:

In CubeCart's admin, near the bottom of the navigation pane, click on PHP Info. On the page that is displayed, scroll to the Core table, and find include_path, Master Value column.

The Master Value for include_path is shown as .:
Which is to say 'period' and 'colon'
On that basis, it appears there are no paths to external directories defined?
Have I read that right, and would that empty setting likely cause issues?

The local_value column for include_path has values for the plugins for Google Analytics and Paypal Commerce.

Re your advice "The Sort box issue fix can be found here:

https://github.com/cubecart/v6/issues/3626

Thanks, I've had a look at the mods posted in Github and compared them to my Cubecart files, I would say the CC 6.5.6 update files I ran 6 hours ago already has its file  classes/catalogue.class.php with those mods applied to it, presumably it has been hotfixed. I guess I need to wait and see if Al Brockbanks replies in this thread after the weekend.

Link to comment
Share on other sites

The reason I posted such a poor version of the message is that Cloudflare was blocking me from posting the full content of the message into my post. Let's try with a screenshot:

Sorry, the problem is I get a 200 error in either Chrome or Firefox when I try to upload an image. And if I try to paste in the messages to the body of a reply Cloudflare stops it, it's really frustrating. Let's see if I can get it to you via Dropbox:

https://www.dropbox.com/scl/fi/1zt8izp0bsfy43hix69tp/cubecart-debug-message.txt?rlkey=ydrlwtfc2dd9alpv4ghet5i7o&dl=0

or 

https://www.dropbox.com/scl/fi/l25d5mhd4vqlhgdizt35r/message-2.png?rlkey=8p6eyanwh14i6t73ouh3o3tzu&dl=0

 

OK, that seems to have worked, appreciate you bearing with me. Thanks.

Link to comment
Share on other sites

Well, because I know very little about open_basedir, my conclusion is suspect.

An allowed path is /home. Your site is in a sub-directory of /home. If open_basedir allows for the entire tree of /home, then all should be good here.

Something is calling for the file /smarty_autoloader.class.php. This is not right for two reasons:

1. the file smarty_autoloader.class.php does not exist.

2. And if it did, the leading slash says this file must be at the root of the server - which it cannot be.

What is needed is to find out where that call came from.

From where did you copy the error messages from?

If from the admin's Error Log, (1)System Error Log tab, or directly from the database (2)CubeCart_system_error_log, there may be a backtrace available.

1. Hover over a message. There will be a tooltip popup that will show the path of PHP execution to where the problem happened.

2. The 'backtrace' column has the path of PHP execution to where the problem happened.

Link to comment
Share on other sites

On 8/25/2024 at 12:44 AM, bsmither said:

From where did you copy the error messages from?

- from the Cubecart Debug Console which appears in a popup during page load when I have 'Enable debugging' enabled in the Cubecart admin settings.

In the detail of MySQLi queries shown in the popup there is some info about paths in the error message. The source of the query seems to be 
/classes/autoloader.class.php

line 75 of this file calls for Smarty.class.php but it specifies a full, and correct, path for it in a subdirectory:

//If its smarty we need to use the smarty loader
        if ($class == 'Smarty') {
            require_once CC_INCLUDES_DIR.'lib/smarty/Smarty.class.php';
            return true;
        }

Does this mean something in the open_basedir behaviour of the server is resulting in the file request being redirected from the correct subdirectory, to site root instead?

Sounds like a question for my datacentre support team, but I would be interested in your further thoughts?

Link to comment
Share on other sites

"there is some info about paths in the error message."

Please let us know the entirety of those paths.

Since this INSERT query, with the details of the error, was seen in CubeCart's Debug console, those details should also appear in admin, Error Log, System Error Log tab, as described earlier.

 

Link to comment
Share on other sites

Hi, sorry I hadn't recognised exactly what you were referring to in the admin System Error Log and therefore was too sketchy. I've now followed the path described above and copied the content of the first page of error messages into the attached. I can also see what you mean about the on-hover tooltips now, it makes a lot more sense. Here's a typical tooltip content:

file_exists() (autoloader.class.php:93)
class_exists() (Smarty.class.php:74)
require_once() (autoloader.class.php:75)
autoload() (controller.admin.pre_session.inc.php:37)
include() (admin_yQ9BhX.php:34)

Thanks for sticking with me to guide me to the data.

Sorry I can't get file attachment to work, upload is blocked with a 200 error. Here's a Dropbox link: https://www.dropbox.com/scl/fi/wdkdqsnv00wcmho6auz56/cubecart-error-message2.doc?rlkey=pfrnv3ir5fmp8pxiehwgd2re1&dl=0

Link to comment
Share on other sites

If the second reason posited as described above is the cause, then there seems to be an empty element in the include_path setting for PHP, or somehow an empty element is getting added.

You can try to make the edits in the following Github issue:

https://github.com/cubecart/v6/issues/3634

 

 

Link to comment
Share on other sites

You might also want to make this edit in /classes/autoloader.class.php, near line 92:

Find:

foreach (self::$_paths as $path) {

Change to:

foreach (self::$_paths as $path) { $GLOBALS['debug']->debugMessage('Looking in this $path: '.empty($path)?"Empty":$path);

Then, when viewing CubeCart's Debug Console, at the bottom will be the collection of Debug Messages.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...