Spiga

zend framework losing session on swf/flash upload

by Gabi Solomon

Recently i tried to integrate the well known swfupload script into a website.
If you are here you must probably know that normally the flash request looses session since it doesn’t send cookie headers. The recommended workaround is to send the sessionid as a parameter through post, and in the action page set the session_id() to the post variable before the session start.

I did this but for some reason, my zend application refused to accept the new session_id. I struggled with it for quite a few hours, and finally narrowed it down to a php problem since the session_id would get set properly but after session start the session would be empty.

Really hitting a dead end i headed to stackoverflow ( really thankful for the guys that made this site possible ) and tried my luck there and wrote a question. And i got my answer :D

Seemed like the problem was with the php extension Suhosin witch has a session protection to prevent session stealing. A very useful thing but in this case it made me spend quite a few hours puzzled and staring at the monitor.

Hope you this is also your problem,
Cheers