• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
flash upload ( Flash File Uploader ) and DX Auth user auth system problem uploading behind login

#1
[eluser]bugboy[/eluser]
Hello All

I'm using two very nice codes i have found from you guys which i'm loving.

flash file uploader
http://don.citarella.net/index.php/actio...-uploader/
forum post where found
http://ellislab.com/forums/viewthread/90701/#490804

And i'm using the most recent release of DX Auth
http://ellislab.com/forums/viewthread/98465/

How ever once i place flash file upload behind DX Auth it keeps returning a 302 error however as soon as i take dx auth off it works great.

i think it has to do with the sessions and flash login but i have no idea how to get round this. Any idea or pointers into the right direction.

Controller
Code:
class New_upload extends Controller {
    /**
     * uploads constructor
     *
     * @return void
     * @author Chris Newton
     **/    
    
    function New_upload()
    {
        parent::Controller();
        log_message('debug', 'uploads Controller Initialized');
        
        $this->load->library('DX_Auth');
$this->dx_auth->check_uri_permissions();
        
        
    }
    function index()
    {

        $this->flash_upload();
    }
    /**
     * flash_upload
     *
     * @access public
     * @return void
     * @author Chris Newton
     **/
    function flash_upload()
    {        
        $data=NULL;
        $data['session_id'] = $this->session->userdata('session_id');
        $this->load->view('view_upload_form', $data);
    }
    /**
     * process_flash_upload
     *
     * an interface for _upload_file below specifically configured for uploads from flash.
     * @access public
     * @return void
     * @author Chris Newton
     **/
    function process_flash_upload()
    {
    
        // LOOKING FOR AN EXPLICIT SESS ID FROM FLASH!
        // OTHERWISE IT'LL CREATE ITS OWN, AND SCREW UP YOUR UPLOAD!!!
        if ($this->input->post('session_id'))
        {
            session_id($this->input->post('session_id'));
        }
        // for overriding flash input field name default
        if ($this->input->post('fieldname') )
        {
            $field_name=$this->input->post('fieldname');
        }
        else
        {
            // the default name for Flash upload field is Filedata
            $field_name = "Filedata";
        }

        $return_data=$this->_upload_file($field_name);
        $string="";
        foreach ($return_data as $key => $item)
        {
            // returns in query string format "success=success&error=err_message"
            $string.=$key."=".$item."&";
        }
        // remove last & character
        $string = rtrim($string, "&");
        // echos a string of data
        // Flash has to have receieve string data for the upload to complete
        // @see _upload_file below for $data returned
        echo $string;
    }
    /**
     * _upload_file
     *
     * a generic uploader, you can use this with flash or standard uploads
     *
     * @access private
     * @param string $field_name This is the name of the input field that contains the file upload data.
     * @return array returns success(failure or success) and errors(all error messages split with a | if any errors are reported)
     * @author Chris Newton
     **/
    private function _upload_file($field_name)
    {
    
        //$this->dx_auth->check_uri_permissions();
    
        $data=array();
        // 1. Using upload.php config file
        //$this->load->library('upload');

        // 2. Configuring the upload library on-the-fly
        // set your config options
        
        $config['upload_path']                    = './uploads/'; // upload path needs to have permissions set to 777 (writable)
        $config['allowed_types']                 = 'jpg';
        $config['max_size']                        = '0';
        $config['max_width']                      = '4000';
        $config['max_height']                     = '4000';
        $config['min_width']                      = '0';
        $config['min_height']                     = '0';
        $config['remove_spaces']                = TRUE;
        $config['overwrite']                    = FALSE;
        $this->load->library('upload',$config);
        
        
        
        $data['success']    = "failure";
        
        if (! $this->upload->do_upload($field_name))
        {
            $data['errors']    =    rtrim($this->upload->display_errors('','|'),"|");
            $data['success']=    'failure';
            // log_message('debug',$this->upload->display_errors('','|'));
        }
        else
        {
            /*
            $filedata                =    $this->upload->data();
            foreach ($filedata as $item)
            {
                log_message('debug', "Upload info: ". $item);
            }
            */
            $data['success']        =    'success';
            $data['filedata']        =     $this->upload->data();
        }
        return $data;
    }
    function test()
    {
        echo $this->config->item('mimes');

    }
}

#2
[eluser]bugboy[/eluser]
My view file
Code:
<?php
//require_once("assets/getid3/getid3.php"); $id3 = new getID3();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
&lt;html &gt;
&lt;head&gt;
    &lt;title&gt;Flash File Uploader&lt;/title&gt;
    [removed][removed]

        [removed]
        /**
         * upload_complete
         * when the upload is successful, this function is activated.
         *
         * @return void
         * @author Chris Newton
         **/
        function upload_complete()
        {
            [removed]="";
        }
        /**
         * upload_alerts
         * You can deal with the following error messages without having to open flash
         *
         * @param string warning_type
         * Available warning types
         *    //http_error
         *  //io_error
         *  //return_data
         *  //security_error
         *  //size_error
         *  //no_file_selected
         *  //min_size_error
         * @param string msg a message string to use in the alert
         * @return void
         * @author Chris Newton
         **/
        function upload_alerts(warning_type,msg)
        {
            switch(warning_type){
                case "http_error":
                alert("http error "+msg);
                break;
                case "io_error":
                alert("input/output error "+msg);
                break;    
                case "return_data":
                alert("returned data "+msg); // might wanna turn this off after you're done debugging
                break;
                case "security_error":
                alert("security error "+msg);
                break;        
                case "size_error":
                alert("Your file is too large. Your file can not be larger than "+msg+"mb");
                break;
                case "no_file_selected":
                alert("no file selected "+msg);
                break;
                case "min_size_error":
                alert("Your file is too small. Your file must be at least "+msg+"mb");
                break;
                //default: alert(msg);
            }
        }
    [removed]
    [removed]
        var flashvars = {};
        flashvars.uploaderurl="/new_upload/process_flash_upload";
        flashvars.limit="20"; // in mb this value can also be set in the upload script, but if set here, will immediately return warning without uploading file first
        flashvars.min_size=".1"; // in mb, this value can also be set in the upload script, but if set here, will immediately return warning without uploading file first
        flashvars.session_id="&lt;?php echo $session_id; ?&gt;"; // the session id HAS to be set for flash to upload a file and have the data passed/acted upon correctly
        flashvars.types= "video|text|pdf|image|audio"; // because all flash files are passed as application/octet-stream, you'll need to set the allowed types here.
        // for more control over the individual types, you'll need to edit the flash file.
        var params = {};
        var attributes = {};
        swfobject.embedSWF("assets/flash/uploader.swf", "createMovie", "435", "40", "9.0.0", false, flashvars, params, attributes);
    [removed]
&lt;/head&gt;
&lt;body&gt;
    <div id="createMovie">&lt;!-- this is the DIV that will be overwritten by swfobject embed above --&gt;
        <div id='noflash'>
            <p>This site requires Adobe&reg; Flash Player 9 in order to run properly. Please install or upgrade your current version.</p>
            <h2><a target='_blank' href='http://www.adobe.com/go/getflashplayer'>Get Adobe Flash Player 9 Now &raquo;</a></h2>
        </div>
    </div>
&lt;/body&gt;
&lt;/html&gt;

I have to thank the guys that have created these elements they are amazing.

#3
[eluser]dexcell[/eluser]
Maybe it was because check_uri_permissions() function i guess?

#4
[eluser]bugboy[/eluser]
its to do with flash and sessions it acts like a new user.

I need the flash upload behind the secure login otherwise every tom, dick and harry could upload stuff.

Cheers for the reply though

#5
[eluser]Xeoncross[/eluser]
Yes, I had the same problem with a Mootools/flash uploader. Pass the session data as a $_GET param to the fileupload controller and then set the session id to that $_GET param.

#6
[eluser]bugboy[/eluser]
I'm not sure what you mean? Why pass it as get value?

#7
[eluser]Xeoncross[/eluser]
Flash file uploads can't send $_COOKIE or $_SESSION data - so you have to send that data as a $_GET variable. Look up the fancy upload script for mootools to see what I am talking about.

#8
[eluser]bugboy[/eluser]
ok i get that now

So the next challange is getting it to work with DX Auth's sessions settings?

#9
[eluser]Xeoncross[/eluser]
Nope, the next step is re-writing the whole CI_Session library so it can access data from an Identifier you pass it (like $_GET or $_POST) instead of just $_COOKIE.

Actually, CI Team - why can't you set the session ID from something other than a cookie? Why MUST we use cookies with no hope of getting anything else to work?

Where is the CI_Session version of session_id($my_id)?

#10
[eluser]Xeoncross[/eluser]
Quote:Flash FileReference is not an intelligent upload class, the request will not have the browser cookies, Flash saves his own cookies. When you have sessions, append them as get-data to the the URL (e.g. "upload.php?SESSID=123456789abcdef"). Of course your session-name can be different. - http://digitarald.de/project/fancyupload/

Code:
//Fix for FLASH uploads
session_id($_GET['SESSID']);
session_start();


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.