我正在将 CKEditor 与 KCFinder 一起使用 - 我想根据动态值上传个人文件。
我想在用户登录后根据 SESSION 值动态更改用户可以上传的文件夹。
登录后,我想限制用户可以通过 KCFinder 插件访问的文件夹,例如..
User abc their path would be abc/images
User foo their path would be foo/images
User abc cannot see foo's images & vice-versa
问问题
9517 次
2 回答
5
我遇到了同样的问题,更糟糕的是,这取决于谁登录、管理员或标准成员。
当然,我将它集成到 TinyMCE 中,但我认为原则是相同的
这是我对问题的解决方案
我的文件夹结构是
/my_uploads/media
/my_uploads/media/member_folder
在 config.php 文件的顶部初始化 php 会话
session_start()
编辑 'types' => 数组并注释掉所有不同的 'types'
// CKEditor & FCKEditor types // 'files' => "", // 'flash' => "swf", // 'images' => "*img", // TinyMCE types // 'files' => "", // 'media' => "swf flv avi mpg mpeg qt mov wmv asf rm", // 'image' => "*img",将以下“类型”添加到数组中
$_SESSION['fold_type'] => "*img swf flv avi mpg mpeg qt mov wmv asf rm",
保存您的 config.php 文件
打开您初始化编辑器并调用 KCFinder 的应用程序页面
在初始化编辑器之前,添加以下行来声明各种 KCFinder 变量
$_SESSION['KCFINDER'] = array(); $_SESSION['KCFINDER']['disabled'] = false; // Activate the uploader, $_SESSION['KCFINDER']['uploadURL'] = "/uploads"; $_SESSION['fold_type'] = "media";
或者
$_SESSION['KCFINDER'] = array();
$_SESSION['KCFINDER']['disabled'] = false; // Activate the uploader,
$_SESSION['KCFINDER']['uploadURL'] = "/my_uploads/media/Members";
$_SESSION['fold_type'] = "member_account_number_pulled_from_secure_session_variable";
7 像这样离开您调用上传者的行;
file: '../tiny_mce/plugins/kcfinder/browse.php?opener=tinymce',
于 2012-05-13T17:01:07.100 回答
1
它可以通过多种方式完成。我正在解释一个过程,我根据我的 php 应用程序的代码结构应用了该过程。我为不同的应用程序遵循相同的代码结构/框架,每个应用程序都作为我服务器中的一个子文件夹。因此,合乎逻辑的需要将单个 CKeditor 与 KCfinder 一起使用并以某种方式对其进行配置,以使其适用于所有应用程序。CKeditor的内容部分还可以。它可以很容易地被来自单个 CKeditor 组件的不同应用程序或项目重用。但是文件上传会出现问题,例如图像、视频或任何其他文档。为了使其适用于不同的项目,文件必须上传到不同项目的单独文件夹中。而对于 $_CONFIG['uploadURL'] 必须配置动态文件夹路径,意味着每个项目的不同文件夹路径,但在同一位置调用相同的 CKeditor KCfinder 组件。我正在逐步解释一些不同的过程。这些对我来说在 KCfinder 2.51 版上工作得很好,我希望他们也能在其他人身上工作。如果它不适用于其他开发人员,那么他们可能需要根据他们的项目代码结构和文件夹写入权限以及 CKeditor 和 KCfinder 版本在这些过程中进行一些调整。
1) 在 CKeditor\filemanagers\kcfinder_2_51\config.php 文件中
a) 在 $_CONFIG 数组定义中,搜索此行 'disabled' => false,如果发现任何替换为 'disabled' => true,则在该文件的末尾放置以下代码。代码是自我解释的,其中注释掉了逻辑和细节。代码是:
//Code to assign $_CONFIG['uploadURL'] dynamic value: different for different projects or sites: added by Mrinal Nandi on 5 oct, 2013: start
//session dependent dynamic $_CONFIG['uploadURL'] setting :start
////session dependent secure method: only for single site setting: i.e. one CKeditor KCfinder for each one project domain or subdomain, not one CKeditor KCfinder for multiple project:start
// session_start();
//if(isset($_SESSION['KCFINDER']['uploadURL']) && $_SESSION['KCFINDER']['uploadURL']!="") { //$_SESSION['SESSION_SERVER_RELATIVEPATH']: relative folder path of the project corresponding to the webroot; should be like "/project/folder/path/" //set this session variable in a common file in your project where the session started
// $file_upload_relative_path=$_SESSION['KCFINDER']['uploadURL'];
//}
////session dependent secure method: only for single site setting: i.e. one CKeditor KCfinder for each one project domain or subdomain, not one CKeditor KCfinder for multiple project:start
//Using a single CKeditor KCfinder component for different projects or sites (multisite): start
//session dependent settings a single CKeditor KCfinder component for different projects or sites (multisite): start
//Assuming different session_name for different projects, if represented as different sub-folders, but not work if represented as sub-domains or different domains
//Secure and deny access for unauthorized users without any session, thus restrict access via direct link
//but not work if projects represented as sub-domains or different domains, then have to use the session independent way provided bellow (though it is insecure), or have to implement some session related way as per the project flow and structure
session_name(base64_decode($_REQUEST['param_project']));
session_start();
if(isset($_SESSION['KCFINDER']['uploadURL']) && $_SESSION['KCFINDER']['uploadURL']!="") { //$_SESSION['SESSION_SERVER_RELATIVEPATH']: relative folder path of the project corresponding to the webroot; should be like "/project/folder/path/" //set this session variable in a common file in your project where the session started
$file_upload_relative_path=$_SESSION['KCFINDER']['uploadURL'];
}
//session dependent settings a single CKeditor KCfinder component for different projects or sites (multisite): end
//session dependent dynamic $_CONFIG['uploadURL'] setting :end
////session independent dynamic $_CONFIG['uploadURL'] setting: without using session :start
//if(isset($_REQUEST['param_project']) && $_REQUEST['param_project']!=""){ //base64 encoded relative folder path for file upload in the project, corresponding to the webroot; should be like "/project/folder/file/upload/path/" before encoding
// $file_upload_relative_path=base64_decode($_REQUEST['param_project']);
//
//}
////session independent dynamic $_CONFIG['uploadURL'] setting: without using session :end
if(isset($file_upload_relative_path) && trim($file_upload_relative_path)!="" ){
if(isset($_SESSION['KCFINDER']['uploadURL'])){
$_CONFIG['disabled']=false;
} else if(is_dir($file_upload_relative_path)) { //to make it relatively secure so that hackers can not create any upload folder automatcally in the server, using a direct link and can not upload files there
$_CONFIG['disabled']=false;
}
}
// Path to user files relative to the document root.
$_CONFIG['uploadURL']= $file_upload_relative_path;
$_CONFIG['param_project'] = $_REQUEST['param_project'];
//Using a single CKeditor KCfinder component for different projects or sites (multisite): end
//Code to assign $_CONFIG['uploadURL'] dynamic value: different for different projects or sites: added by Mrinal Nandi on 5 oct, 2013: end
2) 在 ckeditor\filemanagers\kcfinder_2_51\js\browser\misc.js
搜索这一行: var data = 'browse.php?type=' + encodeURIComponent(this.type) + '&lng=' + this.lang;
用该行替换它:
var data = 'browse.php?type=' + encodeURIComponent(this.type) + '&lng=' + this.lang + '¶m_project=' + this.param_project;
3) 在 ckeditor\filemanagers\kcfinder_2_51\tpl\tpl_javascript.php
搜索这一行: browser.type = "type) ?>";
将这些命令放在该行之后:
browser.param_project = "<?php echo text::jsValue($this->config['param_project']) ?>";
4) 在 ckeditor\filemanagers\kcfinder_2_51\core\uploader.php 在 __construct() 函数中搜索此行:
if (isset($this->config['_check4htaccess']) &&
$this->config['_check4htaccess']
) {
$htaccess = "{$this->config['uploadDir']}/.htaccess";
if (!file_exists($htaccess)) {
if (!@file_put_contents($htaccess, $this->get_htaccess()))
$this->backMsg("Cannot write to upload folder. {$this->config['uploadDir']}");
} else {
if (false === ($data = @file_get_contents($htaccess)))
$this->backMsg("Cannot read .htaccess");
if (($data != $this->get_htaccess()) && !@file_put_contents($htaccess, $data))
$this->backMsg("Incorrect .htaccess file. Cannot rewrite it!");
}
}
并注释掉整个部分
4)现在你想在你的项目中显示CKeditor,你必须把这些行放在相应的php文件/页面中,显然与你的项目/应用程序相对应的变量值发生了变化。但请先阅读评论,以确定您应该保留哪些行以及根据您的流程应该注释掉哪些行:
include_once(Absolute/Folder/path/for/CKeditor/."ckeditor/ckeditor.php") ;
//If you did not want a session oriented way, cooment out the session related lines
$_SESSION['KCFINDER'] = array();
$_SESSION['KCFINDER']['uploadURL']=$SERVER_RELATIVEPATH."userfiles/";
$CKEditor = new CKEditor();
$CKEditor->basePath = HTTP_COMPONENTPATH."ckeditor_3.6.2/ckeditor/";
//$_SESSION['KCFINDER']['uploadURL']="/userfiles/fashion_qr/";
$CKEditor->config["filebrowserBrowseUrl"] = ($CKEditor->basePath)."filemanagers/kcfinder_2_51/browse.php?type=files¶m_project=".base64_encode(session_name());
$CKEditor->config["filebrowserImageBrowseUrl"] = ($CKEditor->basePath)."filemanagers/kcfinder_2_51/browse.php?type=images¶m_project=".base64_encode(session_name());
$CKEditor->config["filebrowserFlashBrowseUrl"] = ($CKEditor->basePath)."filemanagers/kcfinder_2_51/browse.php?type=flash¶m_project=".base64_encode(session_name());
$CKEditor->editor("Content", getIfSet($data['Content']));
//if you did not want a session oriented way, then in the above code code segment, just replace all the texts: base64_encode(session_name()) with this one: base64_encode(session_name($SERVER_RELATIVEPATH."userfiles/"))
你完成了。
于 2013-10-07T15:07:18.660 回答