I am running CKfinder under IIS7 using the PHP connector. I have no issues with uploads of files as the upload path has write permissions granted to the iusr account.
My issue is that several of my sites have had files uploaded to them by nasty people. I believe this was done outside the CKfinder package, possibly directly via http.
I wish to set the permissions to read only for anonymous visitors - read only permission for the iusr account. I have created a new account, 'CKfinderUsr' with full control over the upload folder.
Trouble is a can't work out how to have the CKfinder user given the write permissions by having their session login with the user I created, 'CKfinderUsr'.
I had a look at the PHP $_SERVER['PHP_AUTH_USER'] but couldn't get that to work.It pops up the sign in dialog but I don't think the session then runs under the the CKfinder user.The upload fails with permission denied.
I'd realy like to put the login in my sign in script so that authenticated users can upload via CKfinder & CKeditor.BTW, my sign in script autheticates agains a table in SQL Server.
I'd be much obliged if someone can help out with this - read only permission for iusr but full control for people who need to upload via CKfinder or CKeditor.
Thanks,
Stipo.