Hey Ben, I'm starting to get the hang of this. However, I'm getting None back for my get_by_id(sessionID) call. My hunch is that the reason is something else you stated: I'm not actually passing the sessionID, as I'd assumed. I'm passing a long hex string (len is 72). Perhaps this is the hash that you'd mentioned? Re-reading the swfupload docs, it's passing the contents of the cookie as a param.
Also, I'm breaking on this line: pylons.request.environ['pylons.pylons'] it's saying no such key... hmmm I put the code you specified in the __before__ method of my basecontroller, because you said it had to come as early as possible... Getting closer...! -Kevin On Jun 27, 1:31 pm, Ben Bangert <[EMAIL PROTECTED]> wrote: > On Jun 27, 2008, at 10:14 AM, k7lim wrote: > > > Thanks for the quick reply, Ben. > > Once I have that oldsession, how do I "install" it as the current one > > that the system can act on? > > You need to register it as the object that should be used as > pylons.session like so: > > import pylons > > # Get the new session by sessionID > newsession = pylons.session.get_by_id(sessionID) > > # Load the registry and replace our global session with the new one > registry = pylons.request.environ['paste.registry'] > registry.register(pylons.session, newsession) > > # Also replace the other session reference to look to the new one > pylons_obj = pylons.request.environ['pylons.pylons'] > pylons_obj.session = newsession > > That will replace all references to the old requests session, with > your new one. I'd suggest adding that to your lib/base.py so that its > replaced as early as possible. Also, to at least make it a little more > secure, rather than having just the session ID in the POST var, you > might try adding a SHA-1 hash to it so that people can't alter it on > you. This is how the session ID is signed in cookies to prevent people > from changing the session ID to try and spoof other sessions. > > Cheers, > Ben > > smime.p7s > 3KDownload --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en -~----------~----~----~----~------~----~------~--~---
