N
N
Nik2016-09-16 16:34:33
Laravel
Nik, 2016-09-16 16:34:33

How to make friends LARAVEL + KCFINDER in ckeditor?

Hello!
I can not close access to KCFINDER for unauthorized users in any way ... As soon as I have not tried it.
It turns out to check the authorization, pass its value when loading the file manager, but the manager uses Ajax and it seems that it does not use my data in the future. The manual says to use a session, but somehow KCFINDER doesn't pay attention to it ( kcfinder.sunhater.com/integrate#session). I tried to start a session both through the laravel api, and usually $_SESSION['KCFINDER']['disabled'] = false;
I would be grateful for a tip!
Here is my kcfinder/conf/config.php file

<?php

/** This file is part of KCFinder project
  *
  *      @desc Base configuration file
  *   @package KCFinder
  *   @version 3.12
  *    @author Pavel Tzonkov <[email protected]>
  * @copyright 2010-2014 KCFinder Project
  *   @license http://opensource.org/licenses/GPL-3.0 GPLv3
  *   @license http://opensource.org/licenses/LGPL-3.0 LGPLv3
  *      @link http://kcfinder.sunhater.com
  */

/* IMPORTANT!!! Do not comment or remove uncommented settings in this file
   even if you are using session configuration.
   See http://kcfinder.sunhater.com/install for setting descriptions */

/**
 * CHECK LARAVEL USER AUTH
 */
require '../../../../bootstrap/autoload.php';
$app = require '../../../../bootstrap/app.php';
$app->make('Illuminate\Contracts\Http\Kernel')->handle(Illuminate\Http\Request::capture());
$isAuthorized = Auth::check();


if(!$isAuthorized){

    Session::put('KCFINDER.disabled', 'false');

}else{

    Session::forget('KCFINDER');
}


//dd(phpinfo());

$_CONFIG = array(


// GENERAL SETTINGS

    'disabled' => true, // true or false
    'uploadURL' => "/upload",
    'uploadDir' => "",
    'theme' => "default",

    'types' => array(

    // (F)CKEditor types
        'files'   =>  "",
        'flash'   =>  "swf",
        'images'  =>  "*img",

    // TinyMCE types
        'file'    =>  "",
        'media'   =>  "swf flv avi mpg mpeg qt mov wmv asf rm",
        'image'   =>  "*img",
    ),


// IMAGE SETTINGS

    'imageDriversPriority' => "imagick gmagick gd",
    'jpegQuality' => 90,
    'thumbsDir' => ".thumbs",

    'maxImageWidth' => 0,
    'maxImageHeight' => 0,

    'thumbWidth' => 100,
    'thumbHeight' => 100,

    'watermark' => "",


// DISABLE / ENABLE SETTINGS

    'denyZipDownload' => false,
    'denyUpdateCheck' => false,
    'denyExtensionRename' => false,


// PERMISSION SETTINGS

    'dirPerms' => 0755,
    'filePerms' => 0644,

    'access' => array(

        'files' => array(
            'upload' => true,
            'delete' => true,
            'copy'   => true,
            'move'   => true,
            'rename' => true
        ),

        'dirs' => array(
            'create' => true,
            'delete' => true,
            'rename' => true
        )
    ),

    'deniedExts' => "exe com msi bat cgi pl php phps phtml php3 php4 php5 php6 py pyc pyo pcgi pcgi3 pcgi4 pcgi5 pchi6",


// MISC SETTINGS

    'filenameChangeChars' => array(/*
        ' ' => "_",
        ':' => "."
    */),

    'dirnameChangeChars' => array(/*
        ' ' => "_",
        ':' => "."
    */),

    'mime_magic' => "",

    'cookieDomain' => "",
    'cookiePath' => "",
    'cookiePrefix' => 'KCFINDER_',


// THE FOLLOWING SETTINGS CANNOT BE OVERRIDED WITH SESSION SETTINGS

    '_normalizeFilenames' => false,
    '_check4htaccess' => true,
    //'_tinyMCEPath' => "/tiny_mce",

    '_sessionVar' => "KCFINDER",
    //'_sessionLifetime' => 30,
    '_sessionDir' => "/var/www/manager/data/mod-tmp",
    //'_sessionDomain' => ".mysite.com",
    //'_sessionPath' => "/my/path",

    //'_cssMinCmd' => "java -jar /path/to/yuicompressor.jar --type css {file}",
    //'_jsMinCmd' => "java -jar /path/to/yuicompressor.jar --type js {file}",

);


?>

Answer the question

In order to leave comments, you need to log in

2 answer(s)
N
Nik, 2016-09-23
@nikitinnv

Apparently I was too smart myself)
When, with a clear head, I sat down again at this piece of code, cleared the cookies and the session, everything worked with such a simple option, maybe it will come in handy for someone:

/**
 * CHECK LARAVEL USER AUTH
 */
require '../../../../bootstrap/autoload.php';
$app = require '../../../../bootstrap/app.php';
$app->make('Illuminate\Contracts\Http\Kernel')->handle(Illuminate\Http\Request::capture());
$isAuthorized = Auth::check();


if($isAuthorized){
    session_start();
        $_SESSION['KCFINDER'] = array();
        $_SESSION['KCFINDER']['disabled'] = false;

}else{
    if(isset($_SESSION['KCFINDER'])){
        unset($_SESSION['KCFINDER']);
    }
}


$_CONFIG = array(


// GENERAL SETTINGS

    'disabled' => true,
.....

D
Dmitry, 2017-09-27
@oldpunk

This option does not work with post requests. To fix this, you need to change it a little.

$request = Illuminate\Http\Request::capture();
$request->setMethod('GET');
$app->make('Illuminate\Contracts\Http\Kernel')->handle($request);
$isAuthorized = Auth::check();

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question