I was wondering if I only let authenticated/custom user groups in Drupal see/use CKEditor (no "anonymous user" or regular "authenticated user" types) if this is safe or if my site is vulnerable to possible attackers. Read the whole process below.....
CKEditor works great, but I need help with CKFinder..
CKFinder's config.php file asks that there be some simple validation in the function CheckAuthentication() I tried the code below and it did not work.
Then I just added the "return true;" and it worked.
I was wondering if I only let authenticated/custom user groups in Drupal see/use CKEditor (no "anonymous user" or regular "authenticated user" types) if this is safe or if my site is vulnerable to possible attackers.
CKEditor works great, but I need help with CKFinder..
CKFinder's config.php file asks that there be some simple validation in the function CheckAuthentication() I tried the code below and it did not work.
session_start();
function CheckAuthentication()
{
return isset($_SESSION['IsAuthorized']) && $_SESSION['IsAuthorized'];
}Then I just added the "return true;" and it worked.
function CheckAuthentication()
{
return true;
}I was wondering if I only let authenticated/custom user groups in Drupal see/use CKEditor (no "anonymous user" or regular "authenticated user" types) if this is safe or if my site is vulnerable to possible attackers.
Re: CKFinder - CheckAuthentication() & Drupal
Sense I never heard back from anyone on this I decided to use IMCE for my file transfers http://drupal.org/project/imce It was easy to use with CKEditor and seems to work.
Re: CKFinder - CheckAuthentication() & Drupal
For anyone interested in finding an answer for this question: please make sure that you're using the latest version of the CKEditor module.
After downloading and installing the module, please open attached README.txt file and follow the instruction (section: "How to install CKFinder").
Wiktor Walc
CTO, CKSource - http://cksource.com
--
Follow CKEditor on: Twitter | Facebook | Google+