Loading ...
Sorry, an error occurred while loading the content.

Uploader and PHPSESSID

Expand Messages
  • darrellgrundy
    Love the client side uploader, but pulling my hair out trying to get the PHP server side working maintaining the user s existing session ID. I have it working
    Message 1 of 4 , Aug 3 4:00 PM
    • 0 Attachment
      Love the client side uploader, but pulling my hair out trying to get the PHP server side working maintaining the user's existing session ID. I have it working in its basic form uploading files to a specific static folder path, but of course this will be no good to me unless I can dynamically route the files to the logged-in user's file storage area.

      I have read a few other posts on the subject (specifically this one) and seems the solution revolves around echo'ing the user's session ID into the initial upload photos html page which will then be passed back to the server side PHP script (via uploader.uploadAll). OK, seems logical. The server-side script can then pull this out of the post with a
      session_id($_POST['PHPSESSID']).

      This is where I come unstuck. I have a couple of problems:

      1. Inserting the PHPSESSID value into the uploader.uploadAll call html, for me this stops the 'Upload Files' function from working [re: Uploader Control (beta): Advanced Uploader Example With Transparent UI and Automatic Queue Management]. If I try to do it literally as per other post examples with a php function line such as:

      echo 'uploader.uploadAll("http://site.com/photo_upload.php", "POST", {PHPSESSID: ';
      echo session_id();
      echo '}, "Filedata")';

      ... this works and the client html source has the session id inserted as expected, however when y
      ou select your files, click upload and it sits there without updating the red progress bar(s). It seems to be the curly braces around the PHPSESSID which causes the problem. If I replace curly braces with double quotes, then the upload functionality works OK, however the server side script, e.g.

      <?php

      session_id
      ($_POST['PHPSESSID']);
      session_start();

      $user = User::getLoggedIn();

      foreach ($_FILES as $fieldName => $file) {
        move_uploaded_file($file['tmp_name'], "uploads/" . $user->username . "/files/" . strip_tags(basename($file['name'])));
        echo (" ");
      } ?>

      ... does not work in moving the files to the logged-in user's directory. I have tried another temp hack (as used for another flash-based uploader) to assign a temporary user_id value in the session variables (replacing the Facebook User::getLoggedIn code above - which worked for the other solution), however, nothing that I do for the Yahoo Uploader has resulted in being able to resume the user's session ... and I have been problem solving this for the best part of 2 days now. If anybody has an helpful thoughts on the matter then this would be greatly appreciated.

      2. The other strange situation during problem solving was running the client browser via proxy application (Paros) to see what calls are being made. When I click on the 'Upload Files' link to transfer the files, I see no web browser requests to the server?? I presume this has something to do with the flash file doing the uploading? But I would still have thought that the request would go from the browser and allow me to see what is POST'ed etc? Weird.

      Thanks.

      Darrell



    • darrellgrundy
      After more investigation with another client (uploadify) and getting similar results, I managed to create a server side log to see what is going on and it
      Message 2 of 4 , Aug 3 6:26 PM
      • 0 Attachment
        After more investigation with another client (uploadify) and getting similar results, I managed to create a server side log to see what is going on and it seems to be caused by the setting of the session ID.

        Even by setting the session ID to a passed $_GET parameter, as follows:

        session_id($_GET['sid']);
        session_start();

        ... then echo'ing out sid later into an error log and then echo'ing out session_id(), I find the two session values to be different?? WTF?!?

        Has anybody seen a situation like this before - I realise now that it's not YUI related, but just in case it rings a bell with someone. I checked the php.ini parameters and there's nothing obviously fishy in there, such as session.auto_start set to false for example.

        Thanks.
      • darrellgrundy
        OK, fixed this issue with uploadify - as a temp hack I was sending the PHPSESSID value through in the param for folder name and the code was automatically
        Message 3 of 4 , Aug 3 11:04 PM
        • 0 Attachment
          OK, fixed this issue with uploadify - as a temp hack I was sending the PHPSESSID value through in the param for folder name and the code was automatically prefixing this with a '/' - when I assigned it via session_id(), php rejected it as it contained an illegal '/' character for the session id and generated a new one. And now back to the original Yahoo Uploader issue.
        • darrellgrundy
          So managed to fix this - it was a syntax issue - basically not rtfm ing properly. Required syntax for passing the POST params is:
          Message 4 of 4 , Aug 3 11:09 PM
          • 0 Attachment
            So managed to fix this - it was a syntax issue - basically not rtfm'ing properly. Required syntax for passing the POST params is:

            uploader.uploadAll("http://site.com/photo_upload.php", "POST", {PHPSESSID: "'; echo session_id(); echo '"}, "Filedata");


            ... i.e. you need the double quotes surrounding the session_id so that it results in {PHPSESSID: "12345656789"}

            And then at the server side the following:

            session_id($_POST['PHPSESSID']);
            session_start();

            ... now works like a charm.

            That's me over and out good buddies. =;
          Your message has been successfully submitted and would be delivered to recipients shortly.