Hi,
Here's the idea: User hits a page where he can create an "item. On this page he can upload files and before submitting form (powered by Flash for users with Flash/Javascript support and powered by pure PHP + 5 file unputs + iframe for users without Flash/Javascript). It needs to stay on the same page.
When user hits a page I'm using this snippet to create long unique ID:
$random_id = hash('SHA512', (time() * microtime()) . mt_rand(1, 1000) . mt_rand(1, 1000) . uniqid((time() * microtime())));. This variable is stored in session. Anyway, I need to recreate it every time user hits this page (because he may cancel adding item this time and decide to add it few minutes later). I store it also in hidden input in frontend (to let Flash/HTML form send this variable with $_POST array)
When user uploads a file with Flash/Javascript OR when he uploads a file using PHP/iframe I'm validating files, renaming & moving them to a temporary directory with temporary name ($randon_id).
When form is submitted I'm using $random_id to find uploaded files and add correct item id to files table.
Now I'm facing quite big problem. Os course I use frontend validation (but it's a kind of "toy", only to increase usability) so I need to validate form by PHP. Sometimes happen user provide incorrect data (incorrect format, etc.). When user hits submit button, page reloads. And now I come with my problem:
When page is reloaded $random_id changes as it's being refreshed. So, hidden input in HTML form (once again, it's used by Flash form and HTML form as well). How to avoid this?
To clarify: No, I don't want to block my website for users without Flash/Javascript. Accessability is a key for me, this website needs to work for anyone (with and without Javascript/Flash, etc.).
PS. I'mg using KohanaPHP framework.
Regards,
Top