Thanks Biesbjerg,
but it's usefull to validate the userAgent in the session to avoid
session riding ...
i don't want to open the doors...
Hausburger.
On 5 Feb., 01:13, "biesbjerg" <[EMAIL PROTECTED]> wrote:
> I use SWFUpload.
>
> But you have to hack the core though.
>
> In app/config/bootstrap.php add this:
>
> if (isset($_GET[CAKE_SESSION_COOKIE]))
> {
> session_name(CAKE_SESSION_COOKIE);
> session_id($_GET[CAKE_SESSION_COOKIE]);
>
> }
>
> Now in cake/libs/session.php find this line:
>
> if ($this->_userAgent == $this->readSessionVar("Config.userAgent") &&
> $this->time <= $this->readSessionVar("Config.time")) {
>
> And change it to :
>
> if ($this->time <= $this->readSessionVar("Config.time")) {
>
> Finally, your backend upload script should look like:
>
> "upload.php?" . session_name() . "=" . session_id();
>
> this is to transfer the session ID. The code in bootstrap makes sure
> to use the same session if CAKEPHP is set in the url.
>
> As you've guessed the problem caused by cake's session protection. It
> includes a user-agent check and flash sends this user-agent: Shockwave
> Flash
>
> Happy uploading :-)
>
> On Feb 1, 11:18 pm, "hausburger" <[EMAIL PROTECTED]> wrote:
>
> > Hello.
>
> > we use this very nice workaround (http://swfupload.mammon.se/) for a
> > multi-file-upload via Flash.
> > that works fine.
>
> > but the user should be logged in. that means there has to be a valid
> > session.
> > the session in cake are stored in cookies. and now the problem:
> > the flash/swf does not store that session cookie.
>
> > can i force CAKEPHP to use the session_id which i send via URL/GET?
> > something like that:
>
> >www.myproject.com/controller/action/?CAKEPHP=5464efsop2kdpk0ß3i5rfkstioß3t
>
> > Best Regards.
> > Oli
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Cake
PHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
