'2009/07'에 해당되는 글 1건

  1. 2009/07/29 Swfupload session solution in Zend Framework

Swfupload session solution in Zend Framework

개발 2009/07/29 10:48
One issue many people run into when using SWFUpload with Zend Framewok is that sessions are often lost in the upload process. Fortunately there is a way to prevent these incessant session-less side-effects.

The problem lies in the built-in security of the Session class. It tries to detect session hi-jacking by checking the User Agent before resuming a session. Normally this is good practice, however some browsers send a "Flash Player" User Agent when using SWFUpload, which results in lots of blood and mayhem as you could imagine.

Now, this is solution.

Upload Script (view)
<script type="text/javascript">
...
post_params:
   {
    "PHPSESSID": "<?php echo Zend_Session::getId()?>"
   },
...
</script>


Php session started In ZF controller.
So, this code input bootstrap before first line.

/application/bootstrap.php


/* swfupload session issue
 * http://swfupload.org/forum/generaldiscussion/1008 *
 */
if ($_POST['PHPSESSID'] && strpos($_SERVER['REQUEST_URI'], "/upload")!==false) {
 $_COOKIE['PHPSESSID'] = $_POST['PHPSESSID'];
}

"/upload" have to change your controller or controller/action patten. It prevents security issue.

It is not good solution. If you have good solution, you comment this article.

ref.
http://swfupload.org/forum/generaldiscussion/1008
http://blogs.bigfish.tv/adam/2008/04/01/cakephp-12-sessions-and-swfupload/
저작자 표시
Posted by iHWAN
TAG , , ,
트랙백 0, 댓글 0개가 달렸습니다