(New page: = Installation Instructions = # Copy the distribution files to your web server inside the "/ckfinder/" folder or any other folder in your web site. # Create a folder in the server to hold...) |
|||
(7 intermediate revisions by 4 users not shown) | |||
Line 1: | Line 1: | ||
− | = Installation Instructions = | + | == Installation Instructions == |
− | # Copy the distribution files to your web server inside the | + | # Copy the distribution files to your web server inside the '''/ckfinder/''' folder or any other folder in your web site. |
− | # Create a folder in the server to hold all uploaded files. By default, CKFinder is configured to use the | + | # Create a folder in the server to hold all uploaded files. By default, CKFinder is configured to use the '''/ckfinder/userfiles/''' folder in your web site. |
# Make the above user files folder writable by the internet user. On Windows, give write permissions to the IUSR_<ServerName> user. | # Make the above user files folder writable by the internet user. On Windows, give write permissions to the IUSR_<ServerName> user. | ||
− | # Edit the | + | # Edit the '''config.ascx''' file. Be sure you have correctly set all settings in that file, and that you have enabled CKFinder on it. See [[CKFinder_1.x/Developers Guide/ASP.NET/Configuration|Configuration]] for more information.<br> |
+ | # Create a reference to CKFinder.dll in your project:<br> - manually copy CKFinder.dll file (it's in the "ckfinder/bin/Release" directory) to the "bin" directory of your web site<br> - or in your Visual Studio.NET project: right-click "References" in the "Solution Explorer", use "Browse" to select CKFinder.dll from the directory you have saved it in. | ||
− | You should be ready to go. Just browse _samples/aspx/standalone.aspx to test and see CKFinder. | + | You should be ready to go. Just browse '''_samples/aspx/standalone.aspx''' to test and see CKFinder in action. |
+ | |||
+ | == Security Tips == | ||
+ | |||
+ | * In IIS, you may set '''Execute Permissions''' to "'''none'''" in the properties of the user files folder (the folder created in the above step 2). | ||
+ | * The '''config.ascx''' file contains many '''important security settings'''. Be sure you have reviewed and understood all of them. | ||
+ | * Implement a '''full authentication''' solution in the '''CheckAuthentication() function''', based on session variables for example. Do not simply "return true" from it as it will make it possible to any user to upload and delete files in your server, including anonymous users. |
Latest revision as of 08:30, 28 May 2010
Installation Instructions
- Copy the distribution files to your web server inside the /ckfinder/ folder or any other folder in your web site.
- Create a folder in the server to hold all uploaded files. By default, CKFinder is configured to use the /ckfinder/userfiles/ folder in your web site.
- Make the above user files folder writable by the internet user. On Windows, give write permissions to the IUSR_<ServerName> user.
- Edit the config.ascx file. Be sure you have correctly set all settings in that file, and that you have enabled CKFinder on it. See Configuration for more information.
- Create a reference to CKFinder.dll in your project:
- manually copy CKFinder.dll file (it's in the "ckfinder/bin/Release" directory) to the "bin" directory of your web site
- or in your Visual Studio.NET project: right-click "References" in the "Solution Explorer", use "Browse" to select CKFinder.dll from the directory you have saved it in.
You should be ready to go. Just browse _samples/aspx/standalone.aspx to test and see CKFinder in action.
Security Tips
- In IIS, you may set Execute Permissions to "none" in the properties of the user files folder (the folder created in the above step 2).
- The config.ascx file contains many important security settings. Be sure you have reviewed and understood all of them.
- Implement a full authentication solution in the CheckAuthentication() function, based on session variables for example. Do not simply "return true" from it as it will make it possible to any user to upload and delete files in your server, including anonymous users.