Sam-AUST Posted April 25, 2016 Share Posted April 25, 2016 Hi guys, it appears the installed ckeditor and kcfinder bundle we have has a bad config.js file that links to admin - can anyone advise what the paths should be? config.filebrowserBrowseUrl = 'http://www.webdomain.com.au/admin/kcfinder/browse.php?type=files'; config.filebrowserImageBrowseUrl = 'http://www.webdomain.com.au/admin/kcfinder/browse.php?type=images'; config.filebrowserFlashBrowseUrl = 'http://www.webdomain.com.au/admin/kcfinder/browse.php?type=flash'; config.filebrowserUploadUrl = 'http://www.webdomain.com.au/admin/kcfinder/upload.php?type=files'; config.filebrowserImageUploadUrl = 'http://www.webdomain.au/admin/kcfinder/upload.php?type=images'; config.filebrowserFlashUploadUrl = 'http://www.webdomain.com.au/admin/kcfinder/upload.php?type=flash'; The last thing anyone needs is having files image files etc uploaded to admin when it is used.. Quote Link to comment Share on other sites More sharing options...
tgely Posted April 25, 2016 Share Posted April 25, 2016 What is the difference between "www.webdomain.au" and "www.webdomain.com.au"? config.filebrowserImageUploadUrl = 'http://www.webdomain.au/admin/kcfinder/upload.php?type=images'; Quote osCommerce based shop owner with minimal design and focused on background works. When the less is more.Email managment with tracking pixel, package managment for shipping, stock management, warehouse managment with bar code reader, parcel shops management on 3000 pickup points without local store. Link to comment Share on other sites More sharing options...
Sam-AUST Posted April 26, 2016 Author Share Posted April 26, 2016 Please ignore that entry, that was nothing more than a typo when I changed the domain, it's the link to the admin in this contribution that is the security risk - it allows people to follow image paths direct to your (renamed) admin section. Quote Link to comment Share on other sites More sharing options...
Fiber Posted April 26, 2016 Share Posted April 26, 2016 According the readme, CKEDITOR.editorConfig = function( config ) { config.filebrowserBrowseUrl = '/admin/kcfinder/browse.php?type=files'; config.filebrowserImageBrowseUrl = '/admin/kcfinder/browse.php?type=images'; config.filebrowserFlashBrowseUrl = '/admin/kcfinder/browse.php?type=flash'; config.filebrowserUploadUrl = '/admin/kcfinder/upload.php?type=files'; config.filebrowserImageUploadUrl = '/admin/kcfinder/upload.php?type=images'; config.filebrowserFlashUploadUrl = '/admin/kcfinder/upload.php?type=flash'; }; NOTE: If your site resides is a subdirectory it is sometimes necessary (depending on server) to give the full path URL Quote Link to comment Share on other sites More sharing options...
Sam-AUST Posted April 28, 2016 Author Share Posted April 28, 2016 The contribution then uploads images to a folder within your admin and anyone from the front can then see your admin location - surely that isn't how it is intended? This comes with the CKEditor contribution, it's a bit of a worry!! Quote Link to comment Share on other sites More sharing options...
Fiber Posted April 28, 2016 Share Posted April 28, 2016 The contribution then uploads images to a folder within your admin and anyone from the front can then see your admin location - surely that isn't how it is intended? Ofcourse its is possible to move the upload directory to the "catalog" side, example make a directory upload and define path uploadURL in the the config php. It was explained in the text file also; The upload settings can be found in the the /kcfinder/config.php by default any image will be uploaded to /admin/kcfinder/upload/images/ which I personally do not like better to put them in the catalog/images/ where they belong as over the years they may gather although it is possibile to browse and delete from the admin ckeditor so up to you. Quote Link to comment Share on other sites More sharing options...
Sam-AUST Posted July 11, 2016 Author Share Posted July 11, 2016 Ofcourse its is possible to move the upload directory to the "catalog" side, example make a directory upload and define path uploadURL in the the config php. It was explained in the text file also; The upload settings can be found in the the /kcfinder/config.php by default any image will be uploaded to /admin/kcfinder/upload/images/ which I personally do not like better to put them in the catalog/images/ where they belong as over the years they may gather although it is possibile to browse and delete from the admin ckeditor so up to you. Hi Bert, how should the upload URL be shown? Mine just says: 'uploadURL' => "upload", 'uploadDir' => "", I tried some variations, but nothing uploads ever and the "browse server" button always takes me to the front page of the website, so it doesn't work at all. Quote Link to comment Share on other sites More sharing options...
Fiber Posted July 11, 2016 Share Posted July 11, 2016 Hi Bert, how should the upload URL be shown? Mine just says: 'uploadURL' => "upload", 'uploadDir' => "", I tried some variations, but nothing uploads ever and the "browse server" button always takes me to the front page of the website, so it doesn't work at all. here is my working config from ckeditor and kcfinder ext/ckeditor/config.js CKEDITOR.editorConfig = function( config ) { config.filebrowserBrowseUrl = 'kcfinder/browse.php?type=files'; config.filebrowserImageBrowseUrl = 'kcfinder/browse.php?type=images'; config.filebrowserFlashBrowseUrl = 'kcfinder/browse.php?type=flash'; config.filebrowserUploadUrl = 'kcfinder/upload.php?type=files'; config.filebrowserImageUploadUrl = 'kcfinder/upload.php?type=images'; config.filebrowserFlashUploadUrl = 'kcfinder/upload.php?type=flash'; and from adminroot kcfinder config.php 'uploadURL' => "http://mydomain.ltd/subdir/images/upload", 'uploadDir' => "", Quote Link to comment Share on other sites More sharing options...
Sam-AUST Posted July 31, 2016 Author Share Posted July 31, 2016 @@Fiber I just wanted to come back and thank you for this, I was able to get mine working using your settings, much appreciated. Quote Link to comment Share on other sites More sharing options...
Fiber Posted July 31, 2016 Share Posted July 31, 2016 Quote Link to comment Share on other sites More sharing options...
Sam-AUST Posted September 25, 2016 Author Share Posted September 25, 2016 @@Fiber can I ask you, do you find on the catalog side of your stores with kcfinder that kcfinder sets 7 different cookies? It is showing in chrome and it seems strange to me that it does this. It may also put cookie-phobes off the website. I hardly use the kcfinder for uploading as I tend to ftp things and then link to them that way. Could you check your sites? It shows with a ! in chrome and you can see the cookies easily there. Quote Link to comment Share on other sites More sharing options...
Fiber Posted September 25, 2016 Share Posted September 25, 2016 Yes i see also the cookies.. But why installed if you do not use it anyway? Quote Link to comment Share on other sites More sharing options...
Sam-AUST Posted September 26, 2016 Author Share Posted September 26, 2016 It is the default uploader with my HTML editor (it came with it). Quote Link to comment Share on other sites More sharing options...
Fiber Posted September 26, 2016 Share Posted September 26, 2016 That was optinal if i'am not mistaken, deinstall the image uloader if you don't used it and keep ckeditor Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.