Ste*_*kes 2 c# asp.net webforms file-upload ashx
我使用uploadify上传文件,他们自动发布到处理程序.然后我修改了我在网站的公共类中设置为静态属性的处理程序中的会话.然后我尝试在aspx页面中访问同一个会话,值为null.我有一种感觉这是因为cookie,但需要有办法解决这个问题,而不会在网址中暴露sessionid.
ASHX:
public class Upload : IHttpHandler, IReadOnlySessionState, IRequiresSessionState
{
public void ProcessRequest(HttpContext context)
{
...
CMSSession.Current.UploadedFiles.Add(fileName);
}
}
会话班:
public class CMSSession
{
public static CMSSession Current
{
get
{
CMSSession session = (CMSSession)HttpContext.Current.Session["__CMSSession__"];
if (session == null)
{
session = new CMSSession();
HttpContext.Current.Session["__CMSSession__"] = session;
}
return session;
}
}
public List<string> UploadedFiles { get; set; }
}
ASPX:
if (CMSSession.Current.UploadedFiles != null)
{
...
}
else
{
IT'S ALWAYS NULL
}
Web.Config中:
<sessionState mode="InProc" cookieless="false" /> - causes session to always null in aspx when modified in ashx
<sessionState mode="InProc" cookieless="true" /> - session value is not null, but sessionid is exposed in the url
如何在不将cookieless更改为true的情况下访问和修改ASHX文件中的当前会话,然后从ASPX页面访问会话?
我已经尝试使用HttpContext并使用传递给ASHX的上下文......没有任何效果.
与此问题相同,但必须有一种更安全的方式:在ashx中设置会话并在aspx上获取该会话
有任何想法吗?
我找到了答案:当从FLASH调用处理程序(如swfupload或uploadify)时,它不会将当前的sessionid传递给处理程序.然后处理程序创建一个新会话.要解决此问题,请执行以下操作:
您的用户界面:JavaScript:
$(Selector).uploadify({
swf: 'uploadify.swf',
uploader: 'Upload.ashx?ASPSESSID=<%=Session.SessionID%>'
});
添加到:Global.asax:
void Application_BeginRequest(object sender, EventArgs e)
{
try
{
string session_param_name = "ASPSESSID";
string session_cookie_name = "ASP.NET_SESSIONID";
string session_value = Request.Form[session_param_name] ?? Request.QueryString[session_param_name];
if (session_value != null) { UpdateCookie(session_cookie_name, session_value); }
}
catch (Exception) { }
}
void UpdateCookie(string cookie_name, string cookie_value)
{
HttpCookie cookie = HttpContext.Current.Request.Cookies.Get(cookie_name);
if (cookie == null)
{
HttpCookie cookie1 = new HttpCookie(cookie_name, cookie_value);
Response.Cookies.Add(cookie1);
}
else
{
cookie.Value = cookie_value;
HttpContext.Current.Request.Cookies.Set(cookie);
}
}
上传和简化上传:http://snipplr.com/view/15180/
如果使用formsauthentication,您可能需要使用authid:
&AUTHID=<%= Request.Cookies[FormsAuthentication.FormsCookieName] == null ? "" : Request.Cookies[FormsAuthentication.FormsCookieName].Value %>
将它附加到jQuery中的uploader参数.
然后将以下内容添加到全局:
try
{
string auth_param_name = "AUTHID";
string auth_cookie_name = FormsAuthentication.FormsCookieName;
string auth_value = Request.Form[auth_param_name] ?? Request.QueryString[auth_param_name];
if (auth_value != null) { UpdateCookie(auth_cookie_name, auth_value); }
}
catch (Exception) { }
您现在可以从IE,Chrome,FF等处理程序中访问同一个会话(甚至使用我在问题中使用的静态会话对象).