I have a aspx called user-photo-upload.aspx and another aspx called get-photo.aspx. I set the Session["PhotoId"] in the page_load method of user-photo-upload.aspx.
If I visit the user-photo-upload.aspx through the browser normally, the session can be retrieved in get-photo.aspx.
But if the flash uploads photo to the user-photo-upload.aspx page, I can't get the Session["PhotoId"] in get-photo.aspx.
I discover that the Session ID is different when visiting the page using browser normally or by flash. I don't know why flash uses another session.
What should I do?
The Flash plugin acts as a separate client, so both the browser and the plugin receiving individual session IDs is the expected behavior.
You will have to work around this by setting the original session ID as a variable in the Flash movie, either as a FlashVar or via JavaScript, then sending it as a GET parameter to the server along with the first request issued, and replacing the new ID created for the Flash client with the one that was given to the server.
This question relates to the same problem in Java, perhaps it can help you to solve your problem.
We had the same problem with a Flash Uploader. This is how we solved it...
(1) We added a new parameter session_id
to the client side init code of the Flash Uploader:
<script type="text/javascript">
var swfu<%=RandomId %>;
$(document).ready(function() {
swfu<%=RandomId %> = new SWFUpload({
// Backend Settings
upload_url: "./picupload.aspx",
post_params : {
"PictureCategory" : "<%= EncryptedPictureCategory() %>",
"picture_id": "<%= EncryptedPictureId() %>",
"session_id": "<%= HttpContext.Current.Session.SessionID %>"
},
// *snip* ...
</script>
(2) We altered our Session_Start method in Global.asax.cs
to accept Session IDs from the request:
protected void Session_Start(Object sender, EventArgs e)
{
if (Request["session_id"] != null)
{
bool isRedirected, isCookieAdded;
string oldSessionId = Request["session_id"];
SessionIDManager manager = new SessionIDManager();
manager.RemoveSessionID(HttpContext.Current);
manager.SaveSessionID(HttpContext.Current, oldSessionId, out isRedirected, out isCookieAdded);
}
else
{
Response.Redirect(LoginPagePath);
}
}