I have a doubt with ckfinder.
i have a wesite mywebsite.com
in that am going to use ckfinder, now i just check with the demo version.
The problem is anyone can upload files to my server using the below url
mywebsite.com/includes/ckfinder/ckfinder.html with out any permission.
and also they can upload files using
mywebsite.com/includes/fckeditor/editor/filemanager/connectors/uploadtest.html
how can i fix this issue?
You just have to implement
You just have to implement properly the "CheckAuthentication" function in your configuration and then you'll be safe.
http://docs.cksource.com/CKFinder_2.x/Developers_Guide/PHP/Configuration/Quick_Start
Added the session variables.
Added the session variables. But Still the issue is there
issue fixed in ckfinder but issue with ckeditor not fixed
issue fixed in ck finder but still issue with this path
mywebsite.com/includes/fckeditor/editor/filemanager/connectors/uploadtest.html
FCKeditor is old, outdated,
FCKeditor is old, outdated, unsupported and you should just remove that whole folder.