views:

147

answers:

1

I am passing a GUID as a header and a photo as a body to a php file. The GUID is used to authenticate. If it's not valid, I want to end the call and I do this using

die("GUID was expired");

This works fine, but my issue is that the whole photo is uploading before that gets called. This is bad for the user. I want to read the header and have the upload wait until I do the validity check. Is this possible in php? So rather than uploading the photo, then getting a failed response, just upload the headers from objective c, if the Guid is valid, then upload the photo.

Thanks!

A: 

I don't believe that's possible in PHP; the browser will POST the image content body before PHP ever gets a say in the matter.

One (slightly complicated) solution to this problem would be to do a HEAD request with an XMLHttpRequest just before the form is submitted using JavaScript. If the request failed, you could display an error message to the user or redirect to a login page. Otherwise, let the form submit as usual. Of course, the GUID could expire between the HEAD request and the subsequent POST, so it's not completely fool-proof.

Øystein Riiser Gundersen
Right, that's why I'm not doing two separate checks, as the expire time could creep up, and if I do an extension every time the user wants to upload an image, I think I would be exposing a security exception. Thanks for the answer though.
Angelfilm Entertainment