Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Categories
- All Discussions3,345
- Uploadify
- ↳ Implementation Help2,554
- ↳ Bugs525
- ↳ Feature Requests177
- ↳ Showcase66
- UploadiFive
- ↳ Implementation Help14
- ↳ Bugs3
- ↳ Feature Requests6
Upload Works on IE but NOT on Firefox
-
Alright, so I have made some changes to the uploadify.php and the JavaScript code for the Uploadify script.
When I try attempting an upload -
On Firefox: It does everything normal, files selecting faster than IE, and even says "Completed" after upload then deletes the filename box like normal. BUT the file isn't actually uploaded.
On IE: There is a 3-second delay after a file has been selected. I attempt to upload, everything is fine AND the file was actually uploaded to the server unlike Firefox.
So...what is wrong with it, and how do I fix?
---------
EDIT: Look at the uploadify.php script. My best bet would be that it doesn't read the $username for the $path; or $targetPath;
I think I read on another article, that Uploadify creates a session for itself...idk if it will interfere with the Quadodo Login Script, which also uses Sessions to store username and whatnot. This also makes it weird, since it works with IE but not on firefox. If my bet is correct, then does IE use different session storing or something? Also if my best is true, how would I fix?
Here is my uploadify.php script:
<?php
define('QUADODO_IN_SYSTEM', true);
require_once('header.php');
$username = $qls->user_info['username'];
?>
<?php
function generate_number_string($length) {
$real_number = '';
// List of numbers to include in the name
$numbers = array('1', '2', '3', '4', '5', '6', '7', '8', '9');
for ($x = 0; $x < $length; $x++) {
$real_number .= $numbers[array_rand($numbers)];
}
return $real_number;
}
$un = generate_number_string(9);
?>
<?php
if (!empty($_FILES)) {
if($_REQUEST['folder'] == \"/\") {
$path = \"/location/diffren/$username/rootfiles/$un\";
$tempFile = $_FILES['Filedata']['tmp_name'];
$targetPath = $_SERVER['DOCUMENT_ROOT'] . $path . '/';
} else {
$path = \"/location/diffren/$username/rootfolders\";
$tempFile = $_FILES['Filedata']['tmp_name'];
$targetPath = $_SERVER['DOCUMENT_ROOT'] . $path . $_REQUEST['folder'] . '/';
}
$targetFile = str_replace('//','/',$targetPath) . $_FILES['Filedata']['name'];
$filename = $_FILES['Filedata']['name'];
mkdir(\"/location/diffren/$username/rootfiles/$un\");
move_uploaded_file($tempFile,$targetFile);
echo \"1\";
// } else {
// echo 'Invalid file type.';
// }
}
?>
Here is my JavaScript:
<script type=\"text/javascript\">
$(document).ready(function() {
$(\"#uploadify\").uploadify({
'uploader' : 'upload/example/scripts/uploadify.swf',
'script' : 'upload/example/scripts/uploadify.php',
'cancelImg' : 'upload/cancel.png',
folder :'/',
'queueID' : 'fileQueue',
'auto' : false,
'multi' : true
});
$(\"#company\").change(function () {
var path = $(this).val();
$(\"#uploadify\").uploadifySettings('folder', path);
});
});
</script>
Here is my HTML:
Destination to Upload Files:
<select id=\"company\" name=\"company\">
<option value=\"/\">Home</option>
<option>Test</option>
<option>Test2</option>
<option>Tedfst</option>
<option>Tedfgsst</option>
<option>Tdfgsest</option>
</select> -
You are correct in that it appears IE handles sessions differently. Follow this post and it should solve your issue
http://uploadify.com/forum/viewtopic.php?f=5&t=43 -
So it doesn't work. On the upload file name boxes, it says, "HTTP Error" and highlights the whole box with a red. So here is my codes:
JavaScript File:
$(\"#uploadify\").uploadify({
'uploader' : 'upload/example/scripts/uploadify.swf',
'script' : 'upload/example/scripts/uploadify.php',
'cancelImg' : 'upload/cancel.png',
folder :'/',
'queueID' : 'fileQueue',
'auto' : false,
'multi' : true,
'scriptData': {'session_name': '<?= session_id(); ?>'}
});
PHP (Uploadify.php) File:<?php
$username = session_id($_GET['session_name']);
session_start();
if ($_SESSION['mydata'] != $username) {
header(\"HTTP/1.0 404 Not Found\");
exit;
}
?>
<?php
if (!empty($_FILES)) {
if($_REQUEST['folder'] == \"/\") {
$path = \"/location/diffren/$username/rootfiles/$un\";
$tempFile = $_FILES['Filedata']['tmp_name'];
$targetPath = $_SERVER['DOCUMENT_ROOT'] . $path . '/';
} else {
$path = \"/location/diffren/$username/rootfolders\";
$tempFile = $_FILES['Filedata']['tmp_name'];
$targetPath = $_SERVER['DOCUMENT_ROOT'] . $path . $_REQUEST['folder'] . '/';
}
$targetFile = str_replace('//','/',$targetPath) . $_FILES['Filedata']['name'];
$filename = $_FILES['Filedata']['name'];
mkdir(\"/location/diffren/$username/rootfiles/$un\");
move_uploaded_file($tempFile,$targetFile);
?> -
use onError to find out the error code responsible
-
What code do I put in to do this? And just by looking at the code, did I do everything right?
-
This post http://uploadify.com/forum/viewtopic.php?f=5&t=12#p3439
You may also find this post helpful for reporting errors in the upload script http://uploadify.com/forum/viewtopic.php?f=5&t=14 -
Alright, now it popups "Could not find upload script. Use path relative to: path/to/my/website/home"
So now...I'm pretty sure it's the following code. I don't get what to leave default and what to edit in the solution link to solve the session problem for FF.
Mind elaborating on this link? http://uploadify.com/forum/viewtopic.php?f=5&t=43
Is it possible if you can go on AIM, so this'll be easier? Thanks.
if ($_SESSION['mydata'] != 'whatever') {
header(\"HTTP/1.0 404 Not Found\");
exit;
} -
The example you have drawn from was initially for v1.6 of uploadify. No biggie you just need to change
$username = session_id($_GET['session_name']);
to
$username = session_id($_POST['session_name']);
v1.6 only used GET, in v2 we changed it so it could use GET or POST and set POST as the default.
Also you haven't shown where or how you have set $_SESSION['mydata']. I'm assuming you have added the following to your html
[code=php]<?php<br />session_start();
$_SESSION['mydata'] = session_id();
?>[/code]
Re: the second link. Flash does not report on errors encountered in the upload script. A way around is to send all error information as an echo'd response to onComplete and then parse that response. Hence rather than sending a 404 header, you could send "error: not logged in" and then alert the user to that error. You can also echo any variables you want to test inside the upload script, and see what they are in onComplete's response. -
Instead of
<?php
session_start();
$_SESSION['mydata'] = session_id();
?>
I did:<?php
session_start();
$_SESSION['mydata'] = $username;
?>
And the $username variable came from the $username = $qls->user_info['username']; which gives us the username from the current session.
----
I added that in the same script as my uploader and the javascript codes....but still got the HTTP error.
Here is my codes:
JavaScript Code:$(\"#uploadify\").uploadify({
'uploader' : 'upload/example/scripts/uploadify.swf',
'script' : 'upload/example/scripts/uploadify.php',
'cancelImg' : 'upload/cancel.png',
folder :'/',
'queueID' : 'fileQueue',
'auto' : false,
'multi' : true,
'scriptData': {'session_name': '<?= session_id(); ?>'}
});
PHP Code (Above the JS Code, Located in the Same Script.)<?php
define('QUADODO_IN_SYSTEM', true);
require_once('header.php');
$username = $qls->user_info['username'];
session_start();
$_SESSION['mydata'] = $username;
?>
Now in the uploadify.php Script;<?php
$username = session_id($_POST['session_name']);
session_start();
if ($_SESSION['mydata'] != $username) {
header(\"HTTP/1.0 404 Not Found\");
exit;
}
?>
What's wrong with it? -
Okay I see where your problem is. I don't have alot of time at the moment, but I'll try to quickly outline what the issue is. It'll be several hours before I can provide you furhter help.
You are storing the session_id into $session_name. And then in the upload script your pulling that session_id and storing it into $username. This is the problem: you are comparing the retrieved session_id to the username stored in $_SESSION['mydata']. These are two completely different values. When you restart the session it doesn't pull across all local variables ie $a, $b etc... It only pulls across values stored in $_SESSION.
From the looks of your upload script your not using anything other than the username from your original session, so I'm guessing that your main aim is to try and add some basic security to your upload script?
If that is correct, I have some ideas but it'll need to wait until later. Otherwise you can try and nut it out using the description above.
-
Yeah, coincidentally, I am also busy, and I will be online in a few hours. BUT...my aim is really to upload the file according to the user. See, every user that is registered to my website, has there own folder in my directory.
So for example, Bob signs up. PHP will make a folder of there own...so (usrs/Bob/indexfiles/) When Bob uploads a file, I want his file to be uploaded on (usrs/Bob/indexfiles/filename.txt) or perhaps he wants to upload it to his own created folder (usrs/Bob/folders/Folder2/filename.txt)
My problem is...the scripts have trouble echoing out the current username due to sessions, so for this example, Bob. It has trouble echoing out Bob, so the uploadify will end up trying to upload an invalid destination (usrs//indexfiles/lol.txt)
I, personally, don't really get sessions...so that's why I have trouble with this. Yes, if you can further help me with this issue, that will be greatly appreciated. Thanks. Like I said before, will it be easier if we talked on AIM? My AIM is: Forum Builder I gotta go now, but I will be back in two hours. -
Sorry it's taken so long to post this, but things have been getting out of hand with my other business.
Essentially SESSIONs work like this. You can create multiple SESSIONS each with it's own id. These SESSIONS are stored on your server. SESSIONS are in essence arrays/objects. For each call flash passes to uploadify.php it cuts your session and creates it own. As a result you need to re-establish your session to be able to draw the values stored within the $_SESSION array. When a SESSION is re-established it does not give you access to local variables ie $username, these local variables are only able to be called within the same page where it was created.
So what we will do is: for security store an encoded string in a SESSION. We will re-establish this SESSION in uploadify.php and test to see if a passed value within scriptData matches the stored info within the SESSION. If it doesn't we will exit. All info you need to access within uploadify.php can be passed through scriptData.
Here's what I would do.
[code=php] <?php<br /> session_start();
$_SESSION['mydata'] = md5(session_id()); // "mydata" can be anything, but keeping it something different to the examples decreases the possibility of someone working out what it could be used for. md5 keeps it encrypted for security
?>[/code]
Javascript$(\"#uploadify\").uploadify({
'uploader' : 'upload/example/scripts/uploadify.swf',
'script' : 'upload/example/scripts/uploadify.php',
'cancelImg' : 'upload/cancel.png',
folder :'/',
'queueID' : 'fileQueue',
'auto' : false,
'multi' : true,
'scriptData': {'session_name': '<?= session_id(); ?>', 'user_name': <?= $username ?>} // pass the username as script data.
});
In uploadify.php
[code=php]<?php<br />function generate_number_string($length) {
$real_number = '';
// List of numbers to include in the name
$numbers = array('1', '2', '3', '4', '5', '6', '7', '8', '9');
for ($x = 0; $x < </span>$length; $x++) {
$real_number .= $numbers[array_rand($numbers)];
}
return $real_number;
}
// This portion of code is for security checking
$session = $_POST['session_name']
session_id($session); // re-establish the session
session_start();
if ($_SESSION['mydata'] != md5($session)) { // Test to see if what is stored in the SESSION is valid. Make sure you change 'mydata' to what ever you set it to in the above php code
header("HTTP/1.0 404 Not Found");
exit;
}
$un = generate_number_string(9);
// Get the values passed via scriptData
$username = $_POST['user_name']; // You shouldn't need to test if $username exists because to get to the upload page, as I understand it the user has already logged on and is valid.
// I think you have some issues with the construction of your target paths. It could be because I don't fully understand how your putting your paths together, but hopefully using scriptData as I have you can understand how to obtain the values you need, and you can debug to obtain your correct paths.
if (!empty($_FILES)) {
if($_REQUEST['folder'] == "/") {
$path = "/location/diffren/$username/rootfiles/$un";
$targetPath = $_SERVER['DOCUMENT_ROOT'] . $path . '/';
} else {
$path = "/location/diffren/$username/rootfolders";
$targetPath = $_SERVER['DOCUMENT_ROOT'] . $path . '/'. ' $_REQUEST['folder'] . '/'; // I think you were missing / between $path and $_REQUEST
}
$tempFile = $_FILES['Filedata']['tmp_name']; // this can come out of the if statement. There was no difference within each if choice.
$targetFile = str_replace('//','/',$targetPath) . $_FILES['Filedata']['name'];
$filename = $_FILES['Filedata']['name'];
// you should test to see if this dir exists first and then create it. And given you have two ways to create the target path, shouldn't you use $targetPath instead of manually creating the path?
mkdir("/location/diffren/$username/rootfiles/$un");
move_uploaded_file($tempFile,$targetFile);
?>[/code]
I haven't used the QUADODO system, so I can't advise how to combine uploadify to use QUADODO user system. But with what I posted above it should still work. You can use QUADODO to login to your upload page, and then uploadify can then create it's own little security checks to prevent unauthorised access.
Have fun... -
I have the same problem and I post a title yesterday.
The only difference is I am using ASP instead of PHP.
So how can we implement your posting for ASP? -
EDIT:
I changed the JS script from:to'scriptData': {'session_name': '<?= session_id(); ?>', 'user_name': <?= $username ?>}Note single quotes ' for <?= $username ?>'scriptData': {'session_name': '<?= session_id(); ?>', 'user_name': '<?= $username ?>'}
I think something is wrong with the JavaScript. Because when I try your JS code, and I executed the page, it gave me a normal HTML Browse File, instead of the "Browse" uploadify like it's supposed to.$(\"#uploadify\").uploadify({
'uploader' : 'upload/example/scripts/uploadify.swf',
'script' : 'upload/example/scripts/uploadify.php',
'cancelImg' : 'upload/cancel.png',
folder :'/',
'queueID' : 'fileQueue',
'auto' : false,
'multi' : true,
'scriptData': {'session_name': '<?= session_id(); ?>', 'user_name': <?= $username ?>}
}); -
Now, when I try uploading a file on the adding_files.php page...what it does, is on the 100% mark for completion on the page, it highlights the whole filebox to red, and says "HTTP Error" and the box just stays there on the page.
Here is my adding_files.php page (This is the page where users will can upload files.)<?php
define('QUADODO_IN_SYSTEM', true);
require_once('header.php');
$username = $qls->user_info['username'];
?>
<?php
session_start();
$_SESSION['mydata'] = md5(session_id());
?>
<?php
// The rest of the code for adding_files.php is just JavaScript, and the HTML to call out the Uploadify.
?>
Here is my JavaScript:$(\"#uploadify\").uploadify({
'uploader' : 'upload/example/scripts/uploadify.swf',
'script' : 'upload/example/scripts/uploadify.php',
'cancelImg' : 'upload/cancel.png',
folder :'/',
'queueID' : 'fileQueue',
'auto' : false,
'multi' : true,
'scriptData': {'session_name': '<?= session_id(); ?>', 'user_name': '<?= $username ?>'}
});
Here is my Uploadify.php Script:<?php
function generate_number_string($length) {
$real_number = '';
// List of numbers to include in the name
$numbers = array('1', '2', '3', '4', '5', '6', '7', '8', '9');
for ($x = 0; $x < $length; $x++) {
$real_number .= $numbers[array_rand($numbers)];
}
return $real_number;
}
?>
<?php
// This portion of code is for security checking
$session = $_POST['session_name'];
session_id($session); // re-establish the session
session_start();
if ($_SESSION['mydata'] != md5($session)) { // Test to see if what is stored in the SESSION is valid. Make sure you change 'mydata' to what ever you set it to in the above php code
header(\"HTTP/1.0 404 Not Found\");
exit;
}
?>
<?php
$un = generate_number_string(9);
// Get the values passed via scriptData
$username = $_POST['user_name']; // You shouldn't need to test if $username exists because to get to the upload page, as I understand it the user has already logged on and is valid.
// I did not edit the remaining script, so it's not relevant to be shown.
?>
ALSO, when I try executing the uploadify.php script, it gave me these PHP error:
Warning: session_start() [function.session-start]: The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in /location/scripts/uploadify.php on line 37
Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /location/scripts/uploadify.php on line 37
Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /location/scripts/uploadify.php:37) in /location/scripts/uploadify.php on line 37
Warning: Cannot modify header information - headers already sent by (output started at /location/scripts/uploadify.php:37) in /location/scripts/uploadify.php on line 39
-------------------
EDIT: I narrowed it down more. So on uploadify.php, I took out the following code...and everything worked fine. I mean, the upload works, it uploads to right destination, on the right user folder.
The code that's making it stop working and say HTTP error is as follows:<?php
// This portion of code is for security checking
$session = $_POST['session_name'];
session_id($session); // re-establish the session
session_start();
if ($_SESSION['mydata'] != md5($session)) { // Test to see if what is stored in the SESSION is valid. Make sure you change 'mydata' to what ever you set it to in the above php code
header(\"HTTP/1.0 404 Not Found\");
exit;
}
?>
So something is wrong with that code...is there a fix, and if so...how do I fix it? -
I think I told you to put the session_start() in the wrong area. It needs to be the first call within the file
try
[code=php]
<?php<br />// This portion of code is for security checking
$session = $_POST['session_name'];
session_id($session); // re-establish the session
session_start();
if ($_SESSION['mydata'] != md5($session)) { // Test to see if what is stored in the SESSION is valid. Make sure you change 'mydata' to what ever you set it to in the above php code
header("HTTP/1.0 404 Not Found");
exit;
}
?>
<?php<br />function generate_number_string($length) {
$real_number = '';
// List of numbers to include in the name
$numbers = array('1', '2', '3', '4', '5', '6', '7', '8', '9');
for ($x = 0; $x < </span>$length; $x++) {
$real_number .= $numbers[array_rand($numbers)];
}
return $real_number;
}
?>
<?php<br />$un = generate_number_string(9);
// Get the values passed via scriptData
$username = $_POST['user_name']; // You shouldn't need to test if $username exists because to get to the upload page, as I understand it the user has already logged on and is valid.
// I did not edit the remaining script, so it's not relevant to be shown.
?>[/code] -
I put that in the VERY top of the file (Line 1), and it gave me same error. Have you edited anything in that code? Because it's the same code as I posted above.
-
I have the same problem and trying to figure out a solution
I think the 'session_name': '<?= session_id(); ?>' is wrong
if I echo the session_name it gives me the string of <?= session_id(); ?> not the id itself..
the reason is my jquery starts with ready
$(document).ready(function(){
initImageUploader();
});//ready
function initImageUploader()
{
$("#uploadify").uploadify({
'uploader' : '../javascript/lib/swfobject.swf',
'script' : '../ajaxhandler/Feed.php',
'scriptData' : {'processType' : 'SELECTPICTURE', 'session_name': '<?= session_id(); ?>' },
'cancelImg' : '../images/upload_image_cancel.png',
'folder' : '../opt/profileimages',
'method' : 'GET',
'queueID' : 'fileQueue',
'auto' : true,
'multi' : false,
'fileDesc' : 'Image File',
'fileExt' : '*.jpg;*.png;*.jpeg;*.gif;*.bmp',
'queueSizeLimit' : 2,
'sizeLimit' : 1024*1024*2,
'buttonText' : 'Select Picture',
'rollover' : false,
'onComplete' : function(event, queueID, fileObj, response, data){
alert(response);
}
});
}
can you give me advise to pass the session id to the handler.. -
To mehmetsen80: Do you get the "HTTP Error" while trying to upload something, and the PHP errors when accessing the uploadify.php script directly via browser as well?
To Travis N.: I put that in the VERY top of the file (Line 1), and it gave me same error. Have you edited anything in that code? Because it's the same code as I posted above. -
No don't get Http errors..
I extracted uploadify code from the javascript file and put it after the head tags.. now it is working..
now I can use php code for id but I meant, I would be appreciated if anybody could give me advise to pass the id to the javascript file in jquery..
anyway thank you for your help -
Hey Travis...could you please take a look at the posts above and help me? I'm still stuck...
-
This is how you would pass a PHP session id to JavaScript
$(\"#uploadify\").uploadify({
'uploader' : 'uploadify/scripts/uploadify.swf',
'script' : 'my_upload_file.php',
...
'scriptData' : {
'id': '6',
'sid': '<?php print session_id(); ?>',
}
});
However, retrieving it will not work right away because the upload script is not being ran in the same browser. It is being access by whatever user agent that the Flash player is using. This means that it will look like a completely separate PHP session to the server.
If you want to<?php
// Very important to retrieve as early as possible all the REQUEST, GET, POST, FILES ... variables that you might need.
// If you do not do so, setting the session id later will (most of the time in my case) reset all the form variables.
$id = $_REQUEST[\"id\"]; //The session ID that you have set in JavaScript using PHP.
$tempFile = $_FILES[...]; //## ...
...
$foobar1 = $_GET[...];
$foobar2 = $_POST[...];
session_id($id);
// From this point on, your session will be restored.
// So anything that had being placed in the session using $_SESSION['foo'] = 'bar' will be accessible as usual
This code is working for me.
Good luck.
A. Siby
