Warning: This is an idea only, don't apply without understanding what are u doing clearly
authentication check
Runtime configuration
oFCKeditor.Config['WA_CONFIG'] = 'f=table:field&id=ROWID';
fck_image.js
// Set the actual uploader URL.
var wa_config = oEditor.FCK.Config['WA_CONFIG']?oEditor.FCK.Config['WA_CONFIG']:'';
if ( FCKConfig.ImageUpload )
GetE('frmUpload').action = FCKConfig.ImageUploadURL + '&' + wa_config;config.php
global $Config ; require_once(realpath(dirname(__FILE__).'/../../../../../').'/fckeditor.conf.php');
upload.php
require('config.php') ;
require('util.php') ;
if (!isset($Config['Enabled'])) $Config['Enabled'] = false;fckeditor.conf.php
... $path = 'fckimages/'.$_GET['f'].'/'; if (!is_dir(NX_PATH.$path)) die(htmlspecialchars($path)); // break attempt possibly $path.= intval($_GET['id']).'/'; if (!is_dir(NX_PATH.$path)) mkdir(NX_PATH.$path); if (!is_dir(NX_PATH.$path)) die(); $Config['UserFilesAbsolutePath'] = NX_PATH.$path; $Config["UserFilesPath"] = NX_URL.$path;
upload.php
if ( is_file( $sFilePath ) )
{
$oldumask = umask(0) ;
chmod( $sFilePath, 0777 ) ;
umask( $oldumask ) ;
if (isset($_POST['WA_size'])){
$size = intval($_POST['WA_size']);
if ($size) rx_resize_image($sFilePath, $size, $size);
}
}browser.html
oConnector.ConnectorUrl += 'f=' + GetUrlParam('f') + '&id=' + GetUrlParam('id') + '&' ;fckimage.js
function BrowseServer()
{
var wa_config = oEditor.FCK.Config['WA_CONFIG']?oEditor.FCK.Config['WA_CONFIG']:'';
OpenServerBrowser(
'Image',
FCKConfig.ImageBrowserURL + '&' + wa_config,
FCKConfig.ImageBrowserWindowWidth,
FCKConfig.ImageBrowserWindowHeight ) ;
}browser.../io.php
function ServerMapFolder( $resourceType, $folderPath )
{
// Get the resource type directory.
$sResourceTypePath = $GLOBALS["UserFilesDirectory"];// . strtolower( $resourceType ) . '/' ;
...
function GetUrlFromPath( $resourceType, $folderPath )
{
$resourceType = '';
...http://blog.animeforge.ru/W.Ed./353/