_SESSION and form

[zauberkuh]

I am in the progress of creating a script to upload images with, but I have now come to a problem while wanting to add some data to the database.

The form start looks like this:

<form action='upload.php' method='post' enctype='multipart/form-data'>

 

When I am uploading pictures from gallery.php it is supposed to check if the user has the level required to upload images. So when it sends the data to upload.php it should make a mysql query to check whether the level is high enough or not. The problem, now, is that when you log in your user id is stored in $_SESSION["uid"] which is used in the mysql query, but it does not receive the uid on upload.php. Is there any way in which I can make upload.php receive the $_SESSION["uid"]? In a secure way, not being by inserting the uid in a $_POST or in the link.

 

I have made a session_start(); in upload.php and required the functions.php (which created the $_SESSION["uid"]) file in upload.php also. None of it makes upload.php get the $_SESSION["uid"].