Flash & PHP Session

#1 August 20th, 2006, 06:35 AM

Hi,

I have an upload application written in PHP and Flash. The PHP page
gets the file information via $_POST. Moreover, the user never
actually visits the PHP page, rather Flash sends the information to the
PHP page and then loads the result, all in the background. Right now,
the php page cannot access the $_SESSION. Is there anyway that I can
conitnue the PHP session when doing this or does the user have to visit
the PHP page?

Thanks.

Steve

#2 August 20th, 2006, 05:05 PM

Steve Cook wrote:

Quote:

Hi,
>
I have an upload application written in PHP and Flash. The PHP page
gets the file information via $_POST. Moreover, the user never
actually visits the PHP page, rather Flash sends the information to the
PHP page and then loads the result, all in the background. Right now,
the php page cannot access the $_SESSION. Is there anyway that I can
conitnue the PHP session when doing this or does the user have to visit
the PHP page?
>
Thanks.
>
Steve
>

Looks like your flash isn't sending the session cookie along with the
rest of the request.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

#3 August 20th, 2006, 09:45 PM

Jerry Stuckle wrote:

Quote:

Steve Cook wrote:

Quote:

Hi,

I have an upload application written in PHP and Flash. The PHP page
gets the file information via $_POST. Moreover, the user never
actually visits the PHP page, rather Flash sends the information to the
PHP page and then loads the result, all in the background. Right now,
the php page cannot access the $_SESSION. Is there anyway that I can
conitnue the PHP session when doing this or does the user have to visit
the PHP page?

Thanks.

Steve

>
Looks like your flash isn't sending the session cookie along with the
rest of the request.
>
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

Do you have an idea how I can get flash to send the session cookie?

#4 August 20th, 2006, 10:35 PM

Steve Cook wrote:

Quote:

Jerry Stuckle wrote:
>

Quote:

>>Steve Cook wrote:
>>

Quote:

>>>Hi,
>>>
>>>I have an upload application written in PHP and Flash. The PHP page
>>>gets the file information via $_POST. Moreover, the user never
>>>actually visits the PHP page, rather Flash sends the information to the
>>>PHP page and then loads the result, all in the background. Right now,
>>>the php page cannot access the $_SESSION. Is there anyway that I can
>>>conitnue the PHP session when doing this or does the user have to visit
>>>the PHP page?
>>>
>>>Thanks.
>>>
>>>Steve
>>>

>>
>>Looks like your flash isn't sending the session cookie along with the
>>rest of the request.
>>
>>--
>>==================
>>Remove the "x" from my email address
>>Jerry Stuckle
>>JDS Computer Training Corp.
>>jstucklex@attglobal.net
>>==================

>
>
Do you have an idea how I can get flash to send the session cookie?
>

I think you're going to have to ask that in a Flash newsgroup. We're
PHP programmers here.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

#5 August 21st, 2006, 12:25 AM

Jerry Stuckle wrote:

Quote:

Steve Cook wrote:

Quote:

Jerry Stuckle wrote:

Quote:

>Steve Cook wrote:
>
>>Hi,
>>
>>I have an upload application written in PHP and Flash. The PHP page
>>gets the file information via $_POST. Moreover, the user never
>>actually visits the PHP page, rather Flash sends the information to the
>>PHP page and then loads the result, all in the background. Right now,
>>the php page cannot access the $_SESSION. Is there anyway that I can
>>conitnue the PHP session when doing this or does the user have to visit
>>the PHP page?
>>
>>Thanks.
>>
>>Steve
>>
>
>Looks like your flash isn't sending the session cookie along with the
>rest of the request.
>
>--
>==================
>Remove the "x" from my email address
>Jerry Stuckle
>JDS Computer Training Corp.
>jstucklex@attglobal.net
>==================

Do you have an idea how I can get flash to send the session cookie?

>
I think you're going to have to ask that in a Flash newsgroup. We're
PHP programmers here.
>
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

I definitely know how to pass the session_id via flash. I guess I
should have asked how do I manually set the session_id value in PHP?
In other words how do I populate the session_id variable?

#6 August 21st, 2006, 01:25 AM

Steve Cook wrote:

Quote:

Jerry Stuckle wrote:
>

Quote:

>>Steve Cook wrote:
>>

Quote:

>>>Jerry Stuckle wrote:
>>>
>>>
>>>>Steve Cook wrote:
>>>>
>>>>
>>>>>Hi,
>>>>>
>>>>>I have an upload application written in PHP and Flash. The PHP page
>>>>>gets the file information via $_POST. Moreover, the user never
>>>>>actually visits the PHP page, rather Flash sends the information to the
>>>>>PHP page and then loads the result, all in the background. Right now,
>>>>>the php page cannot access the $_SESSION. Is there anyway that I can
>>>>>conitnue the PHP session when doing this or does the user have to visit
>>>>>the PHP page?
>>>>>
>>>>>Thanks.
>>>>>
>>>>>Steve
>>>>>
>>>>
>>>>Looks like your flash isn't sending the session cookie along with the
>>>>rest of the request.
>>>>
>>>>--
>>>>==================
>>>>Remove the "x" from my email address
>>>>Jerry Stuckle
>>>>JDS Computer Training Corp.
>>>>jstucklex@attglobal.net
>>>>==================
>>>
>>>
>>>Do you have an idea how I can get flash to send the session cookie?
>>>

>>
>>I think you're going to have to ask that in a Flash newsgroup. We're
>>PHP programmers here.
>>
>>--
>>==================
>>Remove the "x" from my email address
>>Jerry Stuckle
>>JDS Computer Training Corp.
>>jstucklex@attglobal.net
>>==================

>
>
I definitely know how to pass the session_id via flash. I guess I
should have asked how do I manually set the session_id value in PHP?
In other words how do I populate the session_id variable?
>

You don't. PHP does, based on the session id passed back by the browser
- which is stored in a cookie.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

#7 August 21st, 2006, 06:55 AM

"Jerry Stuckle" <jstucklex@attglobal.netschreef in bericht
news:i8adnfdQ7qUVk3TZnZ2dnUVZ_qOdnZ2d@comcast.com. ..

Quote:

Steve Cook wrote:

Quote:

>Jerry Stuckle wrote:
>>

Quote:

>>>Steve Cook wrote:
>>>
>>>>Jerry Stuckle wrote:
>>>>
>>>>
>>>>>Steve Cook wrote:
>>>>>
>>>>>
>>>>>>Hi,
>>>>>>
>>>>>>I have an upload application written in PHP and Flash. The PHP page
>>>>>>gets the file information via $_POST. Moreover, the user never
>>>>>>actually visits the PHP page, rather Flash sends the information to
>>>>>>the
>>>>>>PHP page and then loads the result, all in the background. Right now,
>>>>>>the php page cannot access the $_SESSION. Is there anyway that I can
>>>>>>conitnue the PHP session when doing this or does the user have to
>>>>>>visit
>>>>>>the PHP page?
>>>>>>
>>>>>>Thanks.
>>>>>>
>>>>>>Steve
>>>>>>
>>>>>
>>>>>Looks like your flash isn't sending the session cookie along with the
>>>>>rest of the request.
>>>>>
>>>>>--
>>>>>==================
>>>>>Remove the "x" from my email address
>>>>>Jerry Stuckle
>>>>>JDS Computer Training Corp.
>>>>>jstucklex@attglobal.net
>>>>>==================
>>>>
>>>>
>>>>Do you have an idea how I can get flash to send the session cookie?
>>>>
>>>
>>>I think you're going to have to ask that in a Flash newsgroup. We're
>>>PHP programmers here.
>>>
>>>--
>>>==================
>>>Remove the "x" from my email address
>>>Jerry Stuckle
>>>JDS Computer Training Corp.
>>>jstucklex@attglobal.net
>>>==================

>>
>>
>I definitely know how to pass the session_id via flash. I guess I
>should have asked how do I manually set the session_id value in PHP?
>In other words how do I populate the session_id variable?
>>

>
You don't. PHP does, based on the session id passed back by the browser -
which is stored in a cookie.
>
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

I beg to differ:

Do something like:

<?php
ini_set('session.use_cookies', '0');
session_start();
?>

Put your flash movie in the same page and echo the SID behind it (old school
style):

<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000"
codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0"
width="32" height="32">
<param name="movie" value="whatever.swf?<?php echo SID ?>">
<param name="quality" value="high">
<embed src="whatever.swf?<?php echo SID ?>" width="32" height="32"
quality="high" pluginspage="http://www.macromedia.com/go/getflashplayer"
type="application/x-shockwave-flash" sid=""></embed></object>

This will give you access to the variable PHPSESSID in flash. Make sure you
append this to every GET request to php.

Notice though that appending session ID's to GET request are often
considered a security risk. But since you are using flash and thus requests
are made in the background (not through addressbar requests), it's somewhat
safer to use IMO.

Cheers

#8 August 21st, 2006, 07:15 AM

"amygdala" <noreply@noreply.comschreef in bericht
news:44e95b9a$0$2013$9a622dc7@news.kpnplanet.nl...

Quote:

>
"Jerry Stuckle" <jstucklex@attglobal.netschreef in bericht
news:i8adnfdQ7qUVk3TZnZ2dnUVZ_qOdnZ2d@comcast.com. ..

Quote:

>Steve Cook wrote:

Quote:

>>Jerry Stuckle wrote:
>>>
>>>>Steve Cook wrote:
>>>>
>>>>>Jerry Stuckle wrote:
>>>>>
>>>>>
>>>>>>Steve Cook wrote:
>>>>>>
>>>>>>
>>>>>>>Hi,
>>>>>>>
>>>>>>>I have an upload application written in PHP and Flash. The PHP page
>>>>>>>gets the file information via $_POST. Moreover, the user never
>>>>>>>actually visits the PHP page, rather Flash sends the information to
>>>>>>>the
>>>>>>>PHP page and then loads the result, all in the background. Right
>>>>>>>now,
>>>>>>>the php page cannot access the $_SESSION. Is there anyway that I can
>>>>>>>conitnue the PHP session when doing this or does the user have to
>>>>>>>visit
>>>>>>>the PHP page?
>>>>>>>
>>>>>>>Thanks.
>>>>>>>
>>>>>>>Steve
>>>>>>>
>>>>>>
>>>>>>Looks like your flash isn't sending the session cookie along with the
>>>>>>rest of the request.
>>>>>>
>>>>>>--
>>>>>>==================
>>>>>>Remove the "x" from my email address
>>>>>>Jerry Stuckle
>>>>>>JDS Computer Training Corp.
>>>>>>jstucklex@attglobal.net
>>>>>>==================
>>>>>
>>>>>
>>>>>Do you have an idea how I can get flash to send the session cookie?
>>>>>
>>>>
>>>>I think you're going to have to ask that in a Flash newsgroup. We're
>>>>PHP programmers here.
>>>>
>>>>--
>>>>==================
>>>>Remove the "x" from my email address
>>>>Jerry Stuckle
>>>>JDS Computer Training Corp.
>>>>jstucklex@attglobal.net
>>>>==================
>>>
>>>
>>I definitely know how to pass the session_id via flash. I guess I
>>should have asked how do I manually set the session_id value in PHP?
>>In other words how do I populate the session_id variable?
>>>

>>
>You don't. PHP does, based on the session id passed back by the
>browser - which is stored in a cookie.
>>
>--
>==================
>Remove the "x" from my email address
>Jerry Stuckle
>JDS Computer Training Corp.
>jstucklex@attglobal.net
>==================

>
I beg to differ:
>
Do something like:
>
<?php
ini_set('session.use_cookies', '0');
session_start();
?>
>
Put your flash movie in the same page and echo the SID behind it (old
school style):
>
<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000"
codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0"
width="32" height="32">
<param name="movie" value="whatever.swf?<?php echo SID ?>">
<param name="quality" value="high">
<embed src="whatever.swf?<?php echo SID ?>" width="32" height="32"
quality="high" pluginspage="http://www.macromedia.com/go/getflashplayer"
type="application/x-shockwave-flash" sid=""></embed></object>
>
This will give you access to the variable PHPSESSID in flash. Make sure
you append this to every GET request to php.
>
Notice though that appending session ID's to GET request are often
considered a security risk. But since you are using flash and thus
requests are made in the background (not through addressbar requests),
it's somewhat safer to use IMO.
>
Cheers
>

Ooops I didn't thoroughly read the whole thread. I didn't read that a
session was already started.

Forget about the ini_set('session.use_cookies', '0'); part.

And do (untested):

<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000"
codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0"
width="32" height="32">
<param name="movie" value="whatever.swf?PHPSESSID=<?php echo session_id()
?>">
<param name="quality" value="high">
<embed src="whatever.swf?PHPSESSID=<?php echo session_id() ?>" width="32"
height="32" quality="high"
pluginspage="http://www.macromedia.com/go/getflashplayer"
type="application/x-shockwave-flash" sid=""></embed></object>

Then in the php page that handles flash requests:

<?php
session_id($_GET['PHPSESSID']);
session_start();
?>

Should do the trick. But maybe I'm overlooking something here.

#9 August 21st, 2006, 07:25 AM

"amygdala" <noreply@noreply.comschreef in bericht
news:44e96003$0$2030$9a622dc7@news.kpnplanet.nl...

Quote:

>
"amygdala" <noreply@noreply.comschreef in bericht
news:44e95b9a$0$2013$9a622dc7@news.kpnplanet.nl...

Quote:

>>
>"Jerry Stuckle" <jstucklex@attglobal.netschreef in bericht
>news:i8adnfdQ7qUVk3TZnZ2dnUVZ_qOdnZ2d@comcast.com ...

Quote:

>>Steve Cook wrote:
>>>Jerry Stuckle wrote:
>>>>
>>>>>Steve Cook wrote:
>>>>>
>>>>>>Jerry Stuckle wrote:
>>>>>>
>>>>>>
>>>>>>>Steve Cook wrote:
>>>>>>>
>>>>>>>
>>>>>>>>Hi,
>>>>>>>>
>>>>>>>>I have an upload application written in PHP and Flash. The PHP page
>>>>>>>>gets the file information via $_POST. Moreover, the user never
>>>>>>>>actually visits the PHP page, rather Flash sends the information to
>>>>>>>>the
>>>>>>>>PHP page and then loads the result, all in the background. Right
>>>>>>>>now,
>>>>>>>>the php page cannot access the $_SESSION. Is there anyway that I
>>>>>>>>can
>>>>>>>>conitnue the PHP session when doing this or does the user have to
>>>>>>>>visit
>>>>>>>>the PHP page?
>>>>>>>>
>>>>>>>>Thanks.
>>>>>>>>
>>>>>>>>Steve
>>>>>>>>
>>>>>>>
>>>>>>>Looks like your flash isn't sending the session cookie along with the
>>>>>>>rest of the request.
>>>>>>>
>>>>>>>--
>>>>>>>==================
>>>>>>>Remove the "x" from my email address
>>>>>>>Jerry Stuckle
>>>>>>>JDS Computer Training Corp.
>>>>>>>jstucklex@attglobal.net
>>>>>>>==================
>>>>>>
>>>>>>
>>>>>>Do you have an idea how I can get flash to send the session cookie?
>>>>>>
>>>>>
>>>>>I think you're going to have to ask that in a Flash newsgroup. We're
>>>>>PHP programmers here.
>>>>>
>>>>>--
>>>>>==================
>>>>>Remove the "x" from my email address
>>>>>Jerry Stuckle
>>>>>JDS Computer Training Corp.
>>>>>jstucklex@attglobal.net
>>>>>==================
>>>>
>>>>
>>>I definitely know how to pass the session_id via flash. I guess I
>>>should have asked how do I manually set the session_id value in PHP?
>>>In other words how do I populate the session_id variable?
>>>>
>>>
>>You don't. PHP does, based on the session id passed back by the
>>browser - which is stored in a cookie.
>>>
>>--
>>==================
>>Remove the "x" from my email address
>>Jerry Stuckle
>>JDS Computer Training Corp.
>>jstucklex@attglobal.net
>>==================

>>
>I beg to differ:
>>
>Do something like:
>>
><?php
>ini_set('session.use_cookies', '0');
>session_start();
>?>
>>
>Put your flash movie in the same page and echo the SID behind it (old
>school style):
>>
><object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000"
>codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0"
>width="32" height="32">
> <param name="movie" value="whatever.swf?<?php echo SID ?>">
> <param name="quality" value="high">
> <embed src="whatever.swf?<?php echo SID ?>" width="32" height="32"
>quality="high" pluginspage="http://www.macromedia.com/go/getflashplayer"
>type="application/x-shockwave-flash" sid=""></embed></object>
>>
>This will give you access to the variable PHPSESSID in flash. Make sure
>you append this to every GET request to php.
>>
>Notice though that appending session ID's to GET request are often
>considered a security risk. But since you are using flash and thus
>requests are made in the background (not through addressbar requests),
>it's somewhat safer to use IMO.
>>
>Cheers
>>

>
Ooops I didn't thoroughly read the whole thread. I didn't read that a
session was already started.
>
Forget about the ini_set('session.use_cookies', '0'); part.
>
And do (untested):
>
<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000"
codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0"
width="32" height="32">
<param name="movie" value="whatever.swf?PHPSESSID=<?php echo session_id()
?>">
<param name="quality" value="high">
<embed src="whatever.swf?PHPSESSID=<?php echo session_id() ?>" width="32"
height="32" quality="high"
pluginspage="http://www.macromedia.com/go/getflashplayer"
type="application/x-shockwave-flash" sid=""></embed></object>
>
Then in the php page that handles flash requests:
>
<?php
session_id($_GET['PHPSESSID']);
session_start();
?>
>
Should do the trick. But maybe I'm overlooking something here.

And once again, I didn't read thoroughly anough:

Quote:

>This will give you access to the variable PHPSESSID in flash. Make sure
>you append this to every GET request to php.

Should of course be: POST variable to php

And then in the php page that handles flash requests:

<?php
session_id($_POST['PHPSESSID']); // instead of $_GET[...]
session_start();
?>

lol

#10 August 21st, 2006, 08:15 AM

<snip>

Quote:

>>>>>Is there anyway that I can
>>>>>conitnue the PHP session when doing this or does the user have to visit
>>>>>the PHP page?

<snip>

So basically; what I'm trying to say here is: Yes, you need flash embedded
in _a_ (not _the_) php script (within the same domain of course) to read the
cookie, and Jerry was right. ;)

As a last resort to ommitting flash put in a php file, you could use
javascript to read the cookie and append the PHPSESSID var. But you would
have to rely on the user having javascript turned on. Which is a rather big
no no.

Also, I've been out of webdeveloping for a while, so I'm not sure whether
this is still allowed by the majority of browsers anyway.

HTH

#11 August 22nd, 2006, 07:35 PM

amygdala wrote:

Quote:

Quote:

>>>>Is there anyway that I can
>>>>conitnue the PHP session when doing this or does the user have to visit
>>>>the PHP page?

>
<snip>
>
So basically; what I'm trying to say here is: Yes, you need flash embedded
in _a_ (not _the_) php script (within the same domain of course) to read the
cookie, and Jerry was right. ;)
>
As a last resort to ommitting flash put in a php file, you could use
javascript to read the cookie and append the PHPSESSID var. But you would
have to rely on the user having javascript turned on. Which is a rather big
no no.
>
Also, I've been out of webdeveloping for a while, so I'm not sure whether
this is still allowed by the majority of browsers anyway.
>
HTH

Thanks for all of your help. I ended up adding the following to the
php page to continue the session and accept the session_id from Flash:

Expand|Select|Wrap|Line Numbers

  
<?

if (!session_id()) {

if (isset($_GET['session_id'])) {

session_id($_GET['session_id]);

}

session_start();

}

?>

Thanks again.

Steve

Flash & PHP Session

Popular Articles

What is Bytes?