使用 Codeigniter、Redux 和 SWFUpload 上传图像。 “未认证”当浏览器上传时
我在网站的安全(使用 Redux)管理区域中有一个图像上传表单。当 SWFAddress 上传时,它不会被视为已登录。
我使用 SWFUpload 创建了一个多图像上传表单,并使用 CodeIgniter 创建了一个后端脚本。 长话短说 - 一切都运行良好,并且出于测试目的而关闭了安全性。
但是,当我重新打开身份验证时,上传者会从服务器收到我的响应“未经过身份验证”?如何使表格得到验证?
他是我的 CI 脚本:
<?php
class Api extends Controller {
function Api() {
parent::Controller();
// Check authentication by turning the security on
if ($this->redux_auth->logged_in())
else {
$this->_returnError('Not Authenticated');
exit;
}
}
function upload() {
// ... i've shortened this bit ...
if ( ! $this->upload->do_upload('Myfile'))
{
//echo "fail";
}
else
{
//echo "success";
}
}
我真的超出了我的能力范围,因为我不太了解浏览器和服务器实际上如何处理通信。任何帮助将不胜感激?
我尝试添加到 post_params: {"PHPSESSID" : "session->userdata('session_id'); ?>"}, 到我的实例 os SWFObject。这并没有什么区别。
I have an image upload form in a secured (with Redux) admin area of my website. When SWFAddress uploads it's not seen as logged in.
I created a multiple image upload form with SWFUpload and a back-end script with CodeIgniter. To cut a long painful story short - it all worked fine and dandy with the security turned off for testing purposes.
But when I turn the authentication back on, the uploader is getting my response "Not Authenticated" from the server? How can I make the form be authenticated?
He is my CI script:
<?php
class Api extends Controller {
function Api() {
parent::Controller();
// Check authentication by turning the security on
if ($this->redux_auth->logged_in())
else {
$this->_returnError('Not Authenticated');
exit;
}
}
function upload() {
// ... i've shortened this bit ...
if ( ! $this->upload->do_upload('Myfile'))
{
//echo "fail";
}
else
{
//echo "success";
}
}
I'm really out of my depth here, as I don't really much about how communication is actually handled by the browser and the server. Any help will be appreciated?!
I tried adding to
post_params: {"PHPSESSID" : "session->userdata('session_id'); ?>"},
To my instance os SWFObject. This didn't make and difference.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我无法通过比较会话 ID 来登录。我通过将上传 IP 与会话中包含的用户 IP 进行比较,设置了对上传脚本的有限访问。我不确定这有多安全。
http://codeigniter.com/forums/viewthread/97399/P30/
I can't get it to login by comparing the session ids. I've set up limited access to the upload script by comparing the upload IP with the users IP contained in the session. I am unsure of how safe this is.
http://codeigniter.com/forums/viewthread/97399/P30/