oh yes, I do remember that about the session sharring. We had to do something like that before, but I didn't work on it so I will have to look at it. I think they ended up sharing a cookie or something to improve security.
Thanks for the reminder & tip. K- On Jun 23, 11:33 pm, Johannes Heinen <[email protected]> wrote: > Yey, that should do in any environment. The only problems out there > affects the flash player itself. Due to a few bugs > or lack of implementational features, you are not able to share your > browser's user session with flash player. This > avoids authentification by http in any way. You'd have to re- > authenticate when you use flash to pass files to a http-secured > webserver - but probably your player (older versions) will crash if > the server returns a "must authenticate" header. > > It is no problem to pass the flash params to a symfony action - but > don't forget to give it the current user's session id. > > Besides there are a lot of other flash player bugs/issues depending on > your browser, flash player and operating system, > so i wish happy debugging ;) > > On 23 Jun., 23:19, Gábor Fási <[email protected]> wrote: > > > > > I've recently read an article[1] about a similar problem: the guy used > > fckeditor, and it had built-in upload support. He ended up making the > > handler php a front controller, so he could use the security support > > of symfony. > > > [1]http://jonocode.wordpress.com/2009/06/22/how-to-secure-fckeditor-agai... > > > On Tue, Jun 23, 2009 at 22:39, kevinkevin<[email protected]> wrote: > > > > Thanks > > > > I did take a look at the demos and the classic form demo looks good. > > > > Now I just need to figure a few things out and determine if there are > > > any security issues due to a user being required to be logged in to > > > get to the form. > > > > I really don't want people being able to find this swfupload and > > > trying to upload files unauthorized. > > > > Thanks > > > > On Jun 23, 11:53 am, Johannes Heinen <[email protected]> > > > wrote: > > >> Ärm *working* depends on what you mean with that ;). Ok, to be honest: > > >> It is a week old and has been tested on a fox3, linux flash 10 plugin > > >> and symfony 1.2. I cannot guarantee cross browser compliance yet, > > >> because i am still writing on it - i plan a 1.0 release for all > > >> related plugin with symfony 1.3. > > > >> There are no critical issues at all, but it probably will come to > > >> display issues in IE6 and so on, the usual problems. The good news: it > > >> is not abandoned, so if you'll give it a try i can look after some > > >> issues in relatively short time periods. But as i said before: First > > >> take a look at the "raw" swfupload script with its demo-queue > > >> implementation or the "old" swfupload symfony plugin for symfony 1.0 > > >> version, it will probably work with 1.2 also. > > > >> To answer your questions: These widgets provide javascript callbacks > > >> to process server responses, so that you are able to inform the client > > >> browser with additional information after a file has been uploaded. > > >> The more special your requirements are, the more time you'll probably > > >> have to spent writing javascript. > > > >> greetings > > >> joshi > > > >> On 23 Jun., 20:44, kevinkevin <[email protected]> wrote: > > > >> > Is your plugin working? > > > >> > it appears to say not documented or cross browser checked.... > > > >> > thanks > > >> > Kevin > > > >> > On Jun 23, 11:20 am, Johannes Heinen <[email protected]> > > >> > wrote: > > > >> > > Hi, > > > >> > > fancyupload and swfupload (google shows the urls) are the 2 flash > > >> > > upload scripts i know that can be easily integrated into a form (or > > >> > > can be used without one, though). > > > >> > > There are symfony plugins for swfupload, i don't know if one for > > >> > > fancyupload also exists. On of them, the 1.2 plugin, was written by > > >> > > me, but it is more intendent to be > > >> > > used within a sfForm together with javascript-serialization, so this > > >> > > should be less interesting for you. I you only want to have a push > > >> > > button, than you'll be probably > > >> > > lucky with fancyupload, though it requires mootools to run its > > >> > > frontend. swfupload is more flexible and highly customizable. > > > >> > > Note that you'll face a general problem: At the time the user puts > > >> > > the > > >> > > files onto the server, still no unique identifier exists for the > > >> > > dataset that would have been saved if > > >> > > the user had had submitted the form. > > > >> > > cheers > > >> > > de joshi > > > >> > > On 23 Jun., 20:09, Eno <[email protected]> wrote: > > > >> > > > On Tue, 23 Jun 2009, kevinkevin wrote: > > >> > > > > What I want is a flash piece that mimics the file tag [______] > > >> > > > > [browse] and then when you click browse it is able to browse the > > >> > > > > PC > > >> > > > > file structure and limit files to certain extensions and also > > >> > > > > file > > >> > > > > size (say 2M) . Then it could either upload the image in real > > >> > > > > time > > >> > > > > and save a key/id to a hidden tag in the form? or dynamically > > >> > > > > generate > > >> > > > > and populate a file tag in the form with the file path. > > > >> > > > > Does this make sense? and is anyone familiar with any small > > >> > > > > flash > > >> > > > > type scripts that do this or similar to solve my problem? > > > >> > > > We successfully used the imagemanager component with TinyMCE to > > >> > > > manage > > >> > > > images uploads. Its integrated into the WYSIWYG editor so the user > > >> > > > can > > >> > > > edit descriptions and insert text right there. > > > >> > > > Note: Image manager is a plugin for TinyMCE and is not free (but > > >> > > > quite > > >> > > > cheap). > > > >> > > > Seehttp://tinymce.moxiecode.com/plugins_imagemanager.php > > > >> > > > --- Hide quoted text - > > > >> > > - Show quoted text -- Hide quoted text - > > > >> - Show quoted text -- Hide quoted text - > > - Show quoted text - --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~----------~----~----~----~------~----~------~--~---
