Archive for the ‘Flash’ Category

Using Uploadify with Zend Framework

Sunday, August 30th, 2009

A quote from http://www.uploadify.com site.

Uploadify is a jQuery plugin that allows the easy integration of a multiple (or single) file uploads on your website.  It requires Flash and any backend development language.  An array of options allow for full customization for advanced users, but basic implementation is so easy that even coding novices can do it.

This article assumes that you've already read the Uploadify docs and tried to integrate it.

Everything is pretty simple however you need to overcome one obstacle with flash and cookies.
More on the flash and cookies topic go to http://swfupload.org/forum/generaldiscussion/383

My Solution:

This article can be downloaded (TXT format)

Here is how to use the uploadify
I use a variable called "__tkn" in the url to pass the session variable.
Some of you may try to use 'scriptData' which didn't work for me.

<script type="text/javascript">
jQuery(document).ready(function() {
if (jQuery("#upl_feed_file_progress")) {
jQuery("#upl_feed_file_progress").uploadify({
'uploader': '/site/share/jquery/plugins/jquery.uploadify-v2.1.0/uploadify.swf',
//                'cancelImg': '/site/share/jquery/plugins/jquery.uploadify-v2.1.0/images/cancel.png',
'script': '/mymodule/mycontroller/myaction/__tkn/<?php echo Zend_Session::getId(); ?>',
'multi': false,
'simUploadLimit': 1,
'fileExt': '*.csv;*.txt',
'fileDesc': 'Feed Files (*.csv;*.txt)',
/                'fileDataName' : 'upl_feed_file', // in $_FILES
//                'scriptData': {'PHPSESSID' : '<?php echo Zend_Session::getId(); ?>'}, // This didn't work for me.
'height': 24,
'auto': true,
'onCancel' : function (event, queueID, fileObj, data) {
alert('Error: You have cancelled the file upload.');
},
'onError' : function (event, queueID, fileObj, errorObj) {
alert('Error during file upload. Maybe the file is too big ? Size: ' +  fileObj.size + ' Error:' +  errorObj.info());
},
'onComplete' : function (event, queueID, fileObj, response, data) {
if (response == '' || response == 0 || response == "0") {
alert('Error during with the upload');
} else {
perf_error('Success!');
}
}
});
}
});

</script>

This one goes in the template ..

....
<div id="upl_feed_file_progress">You have a problem with your javascript</div>
....

Insert this in the boostrap (usually index.php) file
It should be inserted before "Zend_Session::start();"

// ------------------------------------------ START -------------------------------------------

$sessName = "PHPSESSID";
$sessOptions = array('name' => $sessName);

// Flash has problems with cookies so we pass the PHPSESSID variable via get
// it'll be injected if it doesn't exist in _SERVER["HTTP_COOKIE"] e.g. '; PHPSESSID=hdi5u83hfnu7ltlvp5q3bb53k4'
if ((stripos($_SERVER['REQUEST_URI'], '__tkn') !== false)
//    &amp;&amp; preg_match('#^[a-z\d]{25,30}$#si', $_GET[$sessName])
&amp;&amp; preg_match('#__tkn/([a-z\d]{25,30})#si', $_SERVER['REQUEST_URI'], $matches)
&amp;&amp; (stripos($_SERVER["HTTP_COOKIE"], $matches[1]) === false)) {
$sid = $matches[1];

$prefix = '';
if (!empty($_SERVER["HTTP_COOKIE"])) {
$prefix = '; ';
}

$_SERVER["HTTP_COOKIE"] .= $prefix . $sessName . '=' . $sid;
$_COOKIE[$sessName] = $sid;

Zend_Session::setId($sid);
}

Zend_Session::setOptions($sessOptions);
// ------------------------------------------ END -------------------------------------------

Your 'myaction' (/mymodule/mycontroller/myaction) should return 0 or 1.

The following code should be useful.

$viewRenderer = Zend_Controller_Action_HelperBroker::getStaticHelper('viewRenderer');
$viewRenderer->setNoRender();

// Skipping the templates
Zend_Layout::getMvcInstance()->disableLayout();

Please share your thoughts.
Are there any security holes in this approach ?


Related Resources

Tags: , , , , , ,
Posted in Flash, General, PHP | No Comments »