The problem is I determine upload directory based on session data. But in my specific case, if he change SID, he'll end up uploading files to non existing directory and get upload error.
This is ok, comparing to uploadify suggestion to set upload dir path as parameter on client :) Regards, Saša Stamenković On Tue, Mar 9, 2010 at 12:08 PM, unifant <[email protected]> wrote: > > ok, now i found an other way to do my work. > > 1. I don't use static session and don't start session with given session-id > anymore because of security issue > > 2. I let the uploader upload the files in specific directory, regardless of > session specific things > > 3. When upload of a file is complete (onComplete in uploadify) i make an > ajax-request to an other script or controller, doing session-specific work > like writing in db, session a.s.o. because there are no cookie-bugs in ajax > requests ;) > > best regards yasin > -- > View this message in context: > http://n4.nabble.com/Zend-Session-setId-tp643859p1585799.html > Sent from the Zend Framework mailing list archive at Nabble.com. >
