Recently I had this strange problem with session data disapearing when using swfupload. It was strange becouse when i debugged my php application everything was fine, SESSIONID was passed trough POST when swfupload made request, it was valid session (sessiondata with that id was stored in database) but when session_start() is called $_SESSION array becomes empty!
I've track down the problem, and just wanted to post that here in case someone has same situation (as i haven't found anything on the net about this issue). Problem is that server on which i was debugging has suhosin extension installed which has ability to encrypt session data and to use user-agent as part of the encryption key. And as you know swfupload has UA "Shockwave Flash" and this can't be changed.
Solution is to disable suhosin.session.cryptua in php.ini (it can't be set wia ini_set so you must have access to php.ini)
my 2c
February 11, 2009 - 2:19pm
Thank you so much for this tip. Although the problem wasn't solved by turning suhosin.session.cryptua to "Off". It did solve the problem when I ignored the whole module.
This offcourse is a difficult thing to do on servers of other (which my application should run un too). So could you tell me if there might be other variables involved in the session loosing bug?
One strange thing though... before turning this module off, SWF Upload did work properly in Firefox, but not in IE. Strange when it's a server based problem?
April 7, 2010 - 2:21am
check suhosin.session.encrypt too