I'm constructing a site which requires authenticated uploads. I've found the swfupload tool, which works really well with with attachment_fu. However, I'm having a heck of a time getting the uploads to work over an authenticated session.
I've implemented this code (inquirylabs.com get_session_id_from_query_string_on_post.rb) via environment.rb, but I can't get it work work properly, since I get HTTP 500 errors when I try an post to a url that has embedded URL parameters. What I'm trying to do is this:
window.onload = function () { swfu = new SWFUpload({ upload_url : '<%= swfupload_photos_path %>?_acp_session=<%= session.session_id %>', ...
when I try to upload the request, I see a POST in the rails log as follows:
127.0.0.1 - - [19/Jan/2008:12:41:57 Mountain Standard Time] "POST / photos/swfupload?_acp_session=BAh7CToMdXNlcl9pZGkGOg...
so the session id is being inserted into the string. However, a HTTP 500 is generated before the CGI::Session object is every instantiated, and I don't know why - there are no error messages in the log that indicate where the error is occurring.
I've tried to escape the query string, and while that seems to work 'better' (I get the 500 later in the request), it still doesn't work.
Ideally, a pointer to some demo code that implements swfUpload and session id passing would be great.
I'm on the latest released version of Rails: 2.0.2.