I was wondering if I only let authenticated/custom user groups in Drupal see/use CKEditor (no "anonymous user" or regular "authenticated user" types) if this is safe or if my site is vulnerable to possible attackers. Read the whole process below.....
CKEditor works great, but I need help with CKFinder..
CKFinder's config.php file asks that there be some simple validation in the function CheckAuthentication() I tried the code below and it did not work.
Then I just added the "return true;" and it worked.
I was wondering if I only let authenticated/custom user groups in Drupal see/use CKEditor (no "anonymous user" or regular "authenticated user" types) if this is safe or if my site is vulnerable to possible attackers.
CKEditor works great, but I need help with CKFinder..
CKFinder's config.php file asks that there be some simple validation in the function CheckAuthentication() I tried the code below and it did not work.
session_start();
function CheckAuthentication()
{
return isset($_SESSION['IsAuthorized']) && $_SESSION['IsAuthorized'];
}Then I just added the "return true;" and it worked.
function CheckAuthentication()
{
return true;
}I was wondering if I only let authenticated/custom user groups in Drupal see/use CKEditor (no "anonymous user" or regular "authenticated user" types) if this is safe or if my site is vulnerable to possible attackers.
Re: Security & Drupal, CKEditor3.x with CKFinder
Your answer is here: viewtopic.php?f=10&t=16073&hilit=+drupal+ckeditor+ckfinder