so I have this javascript code for loading swfuploader onto a page ( http://code.google.com/p/swfupload/)
swfuPubThumbnailUploader = new SWFUpload({
upload_url : "/upload_thumbnail",
flash_url : "/Flash/swfupload.swf",
file_size_limit : 512 + " MB",
file_post_name: 'files[swf]',
file_types : '*.jpg;*.jpeg;*.gif;*.png',
file_types_description: "Image Files",
file_queue_limit : 1,
button_placeholder_id: 'swf-trans-file-selector',
button_text: '',
button_image_url: '',
button_width: "85",
button_height: "25",
button_cursor : SWFUpload.CURSOR.HAND,
button_window_mode : SWFUpload.WINDOW_MODE.TRANSPARENT,
post_params : {
"sid" : sid
},
preserve_relative_urls : true,
file_queued_handler : fileQueued,
file_queue_error_handler : fileQueueError,
file_dialog_complete_handler : fileDialogComplete,
file_dialog_start_handler : sLibraryFileDialogStart,
upload_start_handler : sLibraryPubUploadStart,
upload_progress_handler : sLibraryPubUploadProgress,
upload_error_handler : sLibraryPubUploadError,
upload_success_handler : sLibraryPubUploadSuccess,
upload_complete_handler : sLibraryPubUploadComplete,
queue_complete_handler : queueComplete, // Queue plugin event
custom_settings: {
progressTarget : ("fsPPUploadProgress")
}
});
but then whenever I upload (upload images, to be more specific...) using swfuploader, swfuploader will complain about 302 error which suggest that the url is redirecting...but then when I visited the upload url '/upload_thumbnail' no redirection takes place and the upload url loaded fine...so I checked out fiddler to check the two cases and here are the requests for each of the case
For when I visited /upload_thumbnail via browser:
GET /upload_thumbnail HTTP/1.1
Host: my.domain.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:12.0) Gecko/20100101 Firefox/12.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: __utma=171146939.260757561.1311084520.1336078159.1336400574.117; __utmz=171146939.1311084520.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=104299925.1228643063.1313075490.1335542105.1335567483.41; __utmz=104299925.1333981938.38.25.utmcsr=my.domain.com:8090|utmccn=(referral)|utmcmd=referral|utmcct=/browse/MD-2760; __qca=P0-29539114-1325619242917; SESS5ccc5f20cb72179af2f569e77eaa49da=6vde0rln7q3384k5lcvedsgfh3; SimpleSAMLAuthToken=_c2f653a6e9b18b10439d73849fb1142a7d43851998; __utmc=171146939; has_js=1
If-Modified-Since: Mon, 07 May 2012 19:13:38 +0000
If-None-Match: "1336418018"
Which loads fine with status 200
Then the one from swfuploader
POST /upload_thumbnail HTTP/1.1
Accept: text/*
Content-Type: multipart/form-data; boundary=----------gL6Ef1Ef1KM7Ij5gL6ae0gL6GI3GI3
User-Agent: Shockwave Flash
Host: my.domain.com
Content-Length: 847357
Connection: Keep-Alive
Pragma: no-cache
Cookie: __utma=171146939.1934231828.1323362429.1328283903.1333582993.5; __utmz=171146939.1323362429.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=104299925.1653270920.1323362234.1334760245.1335992862.7; __utmz=104299925.1323362234.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); SESS5ccc5f20cb72179af2f569e77eaa49da=0qjn1gva2rhlcqiqp2g7liumd0; __qca=P0-1855943596-1327334275533
which ended up with status 302 and redirection to a login page....
So I found out that the culprit is the Cookie: request....if I switch the browser's COOKIE request to the swfuploader's Cookie request the swfuploader request would load with status 200 properly...
My first question is.....WHY? What's wrong with the swfuploader's Cookie request?
And secondly, how can this be translated to my javascript SWFUpload code at the topmost such that the actual swfuploader in the browser will have its Cookie request fixed appropriately....
The default PHP session handler mechanism uses both your Cookie and your User-Agent to match a session to a user. As Flash identifies itself to the server with the user-agent of "ShockWave Flash", which is different than your browser's UA, php assigns a new session to the request.
You can check this if you output
_POST
data and then compare those values with the ones you get aftersession_start()
or if you change your browser UA to exactly match that sent by Flash.The solution?
Pass the session ID to the server whatever way you want, the default being
_POST
, and initialize the session with the correct id.SWFUpload provides you with
post_params
that "defines the name/value pairs that will be posted with each uploaded file".And then on the server side...