Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

All other Modules

Discuss all other Modules here.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

SWFUpload in restricted area


Reply

3 Posts   1499 Views

Avatar
chluebke

14 July 2009 at 8:02am Community Member, 2 Posts

Hi,

I'd like to use the SWFUpload module to upload multiple files for a limited group of users. I've set up a page type following the tutorial on http://doc.silverstripe.org/doku.php?id=modules:swfuploadfield. It works as long as the page is available for public. But if my upload page is in a restricted area (login required) the following message is displayed:

"Log in. That page is secured. Enter your credentials below and we will send you right along."

I tried to add the session id as a parameter ('upload_url' => 'handleswfupload?PHPSESSID=' . session_id()) - same error. Using a hidden form field (new HiddenField('PHPSESSID', '', session_id()) in the FieldSet) also fails.

Btw: I'm using Firefox 3.0.11, just tested in IE and it works (!) even w/o any tricks.

What can I do? Please don't ask me to use IE ;-)

Greetings from Germany,
Christian

Avatar
UncleCheese

14 July 2009 at 8:17am 4085 Posts

Tricky. I'm not sure passing PHPSESSID in the url is enough to set the session. Is it? You may have to delete your session and create a new one based on that parameter. I'm not sure. You're on the right track, though.

Avatar
netminds

21 July 2009 at 9:38pm (Last edited: 21 July 2009 9:38pm), Community Member, 3 Posts

Hello,

I am having the very same problem here with SeaMonkey and Safari (both on Windows Vista x64). Maybe the reason why it works in IE is a security hole in IE ;-)

So far I only found a dirty workaround for this problem. Duplicate your upload page. Change the URL so that it is hard to guess. Make it accessible to everyone and hide it from the menus and search. Then change the upload_url like this: SWFUploadConfig::set_var('upload_url', '/app/copy-of-my-upload-page/handleswfupload');

Hope this helps until we find a real solution :-)