I've recently read an article[1] about a similar problem: the guy used fckeditor, and it had built-in upload support. He ended up making the handler php a front controller, so he could use the security support of symfony.
[1] http://jonocode.wordpress.com/2009/06/22/how-to-secure-fckeditor-against-unauthorized-access-in-a-symfony-application/ On Tue, Jun 23, 2009 at 22:39, kevinkevin<[email protected]> wrote: > > Thanks > > I did take a look at the demos and the classic form demo looks good. > > Now I just need to figure a few things out and determine if there are > any security issues due to a user being required to be logged in to > get to the form. > > I really don't want people being able to find this swfupload and > trying to upload files unauthorized. > > Thanks > > On Jun 23, 11:53 am, Johannes Heinen <[email protected]> > wrote: >> Ärm *working* depends on what you mean with that ;). Ok, to be honest: >> It is a week old and has been tested on a fox3, linux flash 10 plugin >> and symfony 1.2. I cannot guarantee cross browser compliance yet, >> because i am still writing on it - i plan a 1.0 release for all >> related plugin with symfony 1.3. >> >> There are no critical issues at all, but it probably will come to >> display issues in IE6 and so on, the usual problems. The good news: it >> is not abandoned, so if you'll give it a try i can look after some >> issues in relatively short time periods. But as i said before: First >> take a look at the "raw" swfupload script with its demo-queue >> implementation or the "old" swfupload symfony plugin for symfony 1.0 >> version, it will probably work with 1.2 also. >> >> To answer your questions: These widgets provide javascript callbacks >> to process server responses, so that you are able to inform the client >> browser with additional information after a file has been uploaded. >> The more special your requirements are, the more time you'll probably >> have to spent writing javascript. >> >> greetings >> joshi >> >> On 23 Jun., 20:44, kevinkevin <[email protected]> wrote: >> >> >> >> > Is your plugin working? >> >> > it appears to say not documented or cross browser checked.... >> >> > thanks >> > Kevin >> >> > On Jun 23, 11:20 am, Johannes Heinen <[email protected]> >> > wrote: >> >> > > Hi, >> >> > > fancyupload and swfupload (google shows the urls) are the 2 flash >> > > upload scripts i know that can be easily integrated into a form (or >> > > can be used without one, though). >> >> > > There are symfony plugins for swfupload, i don't know if one for >> > > fancyupload also exists. On of them, the 1.2 plugin, was written by >> > > me, but it is more intendent to be >> > > used within a sfForm together with javascript-serialization, so this >> > > should be less interesting for you. I you only want to have a push >> > > button, than you'll be probably >> > > lucky with fancyupload, though it requires mootools to run its >> > > frontend. swfupload is more flexible and highly customizable. >> >> > > Note that you'll face a general problem: At the time the user puts the >> > > files onto the server, still no unique identifier exists for the >> > > dataset that would have been saved if >> > > the user had had submitted the form. >> >> > > cheers >> > > de joshi >> >> > > On 23 Jun., 20:09, Eno <[email protected]> wrote: >> >> > > > On Tue, 23 Jun 2009, kevinkevin wrote: >> > > > > What I want is a flash piece that mimics the file tag [______] >> > > > > [browse] and then when you click browse it is able to browse the PC >> > > > > file structure and limit files to certain extensions and also file >> > > > > size (say 2M) . Then it could either upload the image in real time >> > > > > and save a key/id to a hidden tag in the form? or dynamically >> > > > > generate >> > > > > and populate a file tag in the form with the file path. >> >> > > > > Does this make sense? and is anyone familiar with any small flash >> > > > > type scripts that do this or similar to solve my problem? >> >> > > > We successfully used the imagemanager component with TinyMCE to manage >> > > > images uploads. Its integrated into the WYSIWYG editor so the user can >> > > > edit descriptions and insert text right there. >> >> > > > Note: Image manager is a plugin for TinyMCE and is not free (but quite >> > > > cheap). >> >> > > > Seehttp://tinymce.moxiecode.com/plugins_imagemanager.php >> >> > > > --- Hide quoted text - >> >> > > - Show quoted text -- Hide quoted text - >> >> - Show quoted text - > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~----------~----~----~----~------~----~------~--~---
