The workaround I've found for this goes: Make the Flash uploader post to /attachments/upload/(session id)
Then in attachments controller, recreate the session: function upload($sessionId) { session_destroy(); session_id($sessionId); session_start(); ... I then have to manually do any authentication checks and such. Seems to work alright though. On Aug 9, 10:51 am, simon <[EMAIL PROTECTED]> wrote: > You're absolutely right - I'm getting two different session IDs. And > security is set to medium... > > Is there anything I can do about this? If I send the correct session > ID as a GET variable, is there any way that the right session can be > recovered or found? > > S > > On Aug 8, 6:28 pm, "John David Anderson (_psychic_)" > > <[EMAIL PROTECTED]> wrote: > > On Aug 8, 2007, at 11:25 AM, John David Anderson (_psychic_) wrote: > > > > On Aug 8, 2007, at 11:19 AM, simon wrote: > > > >> Not sure... where is the session id located? > > > > In your cookies - you can also get it by calling session_id(). > > > I should mention that if CAKE_SECURITY is set to 'high' the ID will > > always change between requests. Set it to 'medium' while you're > > working on this issue. If the ID changes when you're on 'medium' its > > because the session got nuked somehow. > > > -- John --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---