(→Integrating with FCKeditor) |
|||
Line 59: | Line 59: | ||
'''Important: It is recommended''' to always use the AllowedExtensions setting, in favor of DeniedExtensions. If you leave '''AllowedExtensions''' empty and you define an extension in '''DeniedExtensions''', for example "pdf", it will allow the upload of all the other files except the files with the "pdf" extension. However it isn't a good way to secure your server from unwanted uploads. The best way is to put all of the preferred extensions in '''AllowedExtensions'''. That's the only way to effectively secure your server from hacker's attacks. | '''Important: It is recommended''' to always use the AllowedExtensions setting, in favor of DeniedExtensions. If you leave '''AllowedExtensions''' empty and you define an extension in '''DeniedExtensions''', for example "pdf", it will allow the upload of all the other files except the files with the "pdf" extension. However it isn't a good way to secure your server from unwanted uploads. The best way is to put all of the preferred extensions in '''AllowedExtensions'''. That's the only way to effectively secure your server from hacker's attacks. | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− |
Revision as of 16:40, 15 December 2008
Resource Types are ways to organize the files in your server by type, or to group them under different features. For example, you may have a resource type called Images, where only image files can be uploaded.
Contents
Standard Resource Types
There are three built-in resources types in CKFinder: Files, Images and Flash. They appear in the configuration file as below:
ResourceType type; type = ResourceType.Add( "Files" ); type.Url = BaseUrl + "files/"; type.Dir = BaseDir == "" ? "" : BaseDir + "files/"; type.MaxSize = 0; type.AllowedExtensions = new string[] { "7z", "aiff", "asf", "avi", "bmp", "csv", "doc", "fla", "flv", "gif", "gz", "gzip", "jpeg", "jpg", "mid", "mov", "mp3", "mp4", "mpc", "mpeg", "mpg", "ods", "odt", "pdf", "png", "ppt", "pxd", "qt", "ram", "rar", "rm", "rmi", "rmvb", "rtf", "sdc", "sitd", "swf", "sxc", "sxw", "tar", "tgz", "tif", "tiff", "txt", "vsd", "wav", "wma", "wmv", "xls", "zip" }; type.DeniedExtensions = new string[] { }; type = ResourceType.Add( "Images" ); type.Url = BaseUrl + "images/"; type.Dir = BaseDir == "" ? "" : BaseDir + "images/"; type.MaxSize = 0; type.AllowedExtensions = new string[] { "bmp", "gif", "jpeg", "jpg", "png" }; type.DeniedExtensions = new string[] { }; type = ResourceType.Add( "Flash" ); type.Url = BaseUrl + "flash/"; type.Dir = BaseDir == "" ? "" : BaseDir + "flash/"; type.MaxSize = 0; type.AllowedExtensions = new string[] { "swf", "flv" }; type.DeniedExtensions = new string[] { };
DefaultResourceTypes
When opening CKFinder, you may specify which Resource Type to make visible by appending ?type=<TypeName> to the CKFinder URL. If instead the type is not passed in the URL, the DefaultResourceTypes setting will be used to identify which Resource Types to load. If blank, all Resource Types will be displayed. For example:
// Show all Resource Types: DefaultResourceTypes = ""; // Show the "Images" and "Files" Resource Types only (separated by comma): DefaultResourceTypes = "Images,Files";
Resource Type Options
For each resource type you may set several options to precisely configure its behavior.
Url and Dir
Define the base URL address and the server directory to use to handle and publish the files for this Resource Type. They follow the same rules as defined in the Quick Start section for the BaseUrl and BaseDir settings.
MaxSize
It's the maximum size allowed for uploaded file defined in Bytes.
AllowedExtensions and DeniedExtensions
You can use this settings to list the file extensions that can be upload to the server.
- AllowedExtensions - the extensions you wish CKFinder to use. If left empty, only DeniedExtensions is used to check uploads.
- DeniedExtensions - the extensions you don't wish the CKFinder to use.
Important: It is recommended to always use the AllowedExtensions setting, in favor of DeniedExtensions. If you leave AllowedExtensions empty and you define an extension in DeniedExtensions, for example "pdf", it will allow the upload of all the other files except the files with the "pdf" extension. However it isn't a good way to secure your server from unwanted uploads. The best way is to put all of the preferred extensions in AllowedExtensions. That's the only way to effectively secure your server from hacker's attacks.