Is there any way to use the same session for Shockware (Uploadify) with Firefox/ Chrome/ Opera?

[eluser]NiconPhantom[/eluser]
Hi guys,

I am using Uploadify + CI Uploading + DB sessions. In construct of the controller where is located CI Upload I am using auth checker which checks the current session, is admin etc.

With IE everything is fine, but with Firefox/Chrome/ Opera the new session will be created if I am uploading something and as result my auth library redirects the Shockware and upload will fail with status HTTP 302 error. In my config I am using

$config['sess_match_useragent'] = FALSE; It helps me to keep my non Shockware session still active. I know that problem I see is the known issue, I have checked the forum but didn't found any solution. Of course I can leave my upload function without auth checking, but I am not sure if it secure.

If somebody knows how to fix it with CI DB sessions, please help...

[eluser]NiconPhantom[/eluser]
As workaround I am posting session id to upload controller and there I am checking the role directly from DB:

$this->db->where('session_id', $this->input->post('role'));
$query = $this->db->get('ci_sessions');
$cur_usr_data = unserialize($query->row('user_data'));

if($cur_usr_data['role'] == 'admin'){}else{$this->tank_auth->isAdmin();}

if the session which has been created before the Shockware session contains role admin, then ok, otherwise user will be rederected with auth checker. I'll add encode and decode for the $this->input->post('role') to be more secured :-)

If somebody have any idea how can I use 1 session only, please feel free to share :-)

[eluser]NiconPhantom[/eluser]
I don't know why, but it works very randomly for me. From the DB i can see only 1 session created for Shockware, but sometimes for example if I upload huge ammount of images, something happens with Shockware session and I still see 302 error. Maybe uploadify is using text based cookie and it's caused by cookie 4kb limitation. If somebody has the same issue, please help...

[eluser]InsiteFX[/eluser]
You need to extend the Session libray and tell it not to update when your doing those things!

[eluser]NiconPhantom[/eluser]
Thanks InsiteFX for reply,

Yes, I had idea like that, hovewer after the issue occurs I can't see any changes related to the Session created for Shockware and stored in the DB. There is no userdata specified, sess_id is the same. I am not sure, but maybe text based cookie is also created, I haven't yet checked that. I assume that I am not the only person who is using uploadify in backend secured with auth library... Maybe someone has the same issue? :-)

[eluser]Billa[/eluser]
@NiconPhantom Im having same problem. Could you fix it? If yes, would you like to share your solution, it might help many others. Thanks.

[eluser]NiconPhantom[/eluser]
Hi Billa,

To be honest I havent't had time to work on "good" solution yet, via extending the session library. However as a temp. solution, I have excluded isadmin checker (in my situation $this->tank_auth->isAdmin() from the upload class, so even if the new session will be created there is no problem if the new session doesn't below to administrator.