(Created page with '== The CheckAuthentication() function<br> == By default, CKFinder will not work due to authentication restrictions. You must first be sure that you have configured it properly, …') |
(No difference)
|
Revision as of 20:35, 14 May 2010
Contents
The CheckAuthentication() function
By default, CKFinder will not work due to authentication restrictions. You must first be sure that you have configured it properly, and then enable it.
Once you have completely configured CKFinder, you are ready to enable it for use. The CheckAuthentication() function is used for that. In this function, you must implement the code that ensures that the requests are coming from an authenticated user. This is usually done by assigning a session variable when the user logs on your system.
Return "true" if the user is properly authenticated. We strongly recommend you to NOT simply return "true" from this function without implementing authentication checks. Anonymous users would be able to use CKFinder, including uploading and deleting files from your server.
The following is a sample implementation for it:
function CheckAuthentication() { return isset($_SESSION['IsAuthorized']) && $_SESSION['IsAuthorized']; }
Sessions
The {{{roleSessionVar}}}
is a session variable name that CKFinder must use to retrieve the role of the current user.
{{{code1}}}
To switch between different user roles, change the session variable: {{{code2}}}
For more information about using session variables refer to the Sessions article.
Example 3
In your {{{file}}} file you can create three different roles.
First role is assigned to every user (wildcard *
is used):
{{{code3}}}
Second role defines a registered user: {{{code4}}}
Third role defines the administrator: {{{code5}}}
With the above settings you have created three different user permission sets. The default user (everybody) is allowed to browse all files and folders. A registered user also has the ability to upload files and create folders. The administrator is granted full permissions.
Now suppose you have an authentication mechanism somewhere in your Web application.
License
If you purchased CKFinder you should put your license key in the config.php file:
$config['LicenseName'] = 'put your license name here'; $config['LicenseKey'] = 'put your license key here';
If you leave this fields blank CKFinder will be fully functional but it will be ruining in demo mode.
baseUrl
The $baseUrl is the base path used to build the final URL for the resources handled in CKFinder. Examples:
$baseUrl = 'http://example.com/ckfinder/files/'; $baseUrl = '/userfiles/';
If you leave this field empty the default value (/userfiles/) will be used. Notice that the trailing slash is required.
baseDir
The $baseDir is the path to the local directory (in the server) which points to the above $baseUrl URL. This is the path used by CKFinder to handle the files in the server. Full write permissions must be granted to this directory. Examples:
You may point it to a directory directly:
$baseDir = '/home/login/public_html/ckfinder/files/'; $baseDir = 'C:/SiteDir/CKFinder/userfiles/';
Or you may let CKFinder discover the path, based on $baseUrl:
$baseDir = resolveUrl($baseUrl);
Remember that CKFinder will only discover the path when the base url is a local web path ( relative to document root ).
Example:
$baseUrl = '/userfiles/'
If it is a full URL address.
Example:
$baseUrl = 'http://example.com/ckfinder/files/'
the path won't be discovered. Notice that the trailing slash is required.