Jump to content
Sam-AUST

ckeditor bad config.js file

Recommended Posts

Hi guys, it appears the installed ckeditor and kcfinder bundle we have has a bad config.js file that links to admin - can anyone advise what the paths should be?

   config.filebrowserBrowseUrl = 'http://www.webdomain.com.au/admin/kcfinder/browse.php?type=files';
   config.filebrowserImageBrowseUrl = 'http://www.webdomain.com.au/admin/kcfinder/browse.php?type=images';
   config.filebrowserFlashBrowseUrl = 'http://www.webdomain.com.au/admin/kcfinder/browse.php?type=flash';
   config.filebrowserUploadUrl = 'http://www.webdomain.com.au/admin/kcfinder/upload.php?type=files';
   config.filebrowserImageUploadUrl = 'http://www.webdomain.au/admin/kcfinder/upload.php?type=images';
   config.filebrowserFlashUploadUrl = 'http://www.webdomain.com.au/admin/kcfinder/upload.php?type=flash';

The last thing anyone needs is having files image files etc uploaded to admin when it is used..

Share this post


Link to post
Share on other sites

What is the difference between "www.webdomain.au" and "www.webdomain.com.au"?
 

   config.filebrowserImageUploadUrl = 'http://www.webdomain.au/admin/kcfinder/upload.php?type=images';

:blink:
osCommerce based shop owner with minimal design and focused on background works. When the less is more.
Email managment with tracking pixel, package managment for shipping, stock management, warehouse managment with bar code reader, parcel shops management on 3000 pickup points without local store.

Share this post


Link to post
Share on other sites

Please ignore that entry, that was nothing more than a typo when I changed the domain, it's the link to the admin in this contribution that is the security risk - it allows people to follow image paths direct to your (renamed) admin section.

Share this post


Link to post
Share on other sites

According the readme,

CKEDITOR.editorConfig = function( config ) {
   config.filebrowserBrowseUrl = '/admin/kcfinder/browse.php?type=files';
   config.filebrowserImageBrowseUrl = '/admin/kcfinder/browse.php?type=images';
   config.filebrowserFlashBrowseUrl = '/admin/kcfinder/browse.php?type=flash';
   config.filebrowserUploadUrl = '/admin/kcfinder/upload.php?type=files';
   config.filebrowserImageUploadUrl = '/admin/kcfinder/upload.php?type=images';
   config.filebrowserFlashUploadUrl = '/admin/kcfinder/upload.php?type=flash';
};




NOTE: If your site resides is a subdirectory it is sometimes necessary (depending on server) to give the full path URL

Share this post


Link to post
Share on other sites

The contribution then uploads images to a folder within your admin and anyone from the front can then see your admin location - surely that isn't how it is intended?

 

This comes with the CKEditor contribution, it's a bit of a worry!!

Share this post


Link to post
Share on other sites

 

 

The contribution then uploads images to a folder within your admin and anyone from the front can then see your admin location - surely that isn't how it is intended?

Ofcourse its is possible to move the upload directory to the "catalog"  side, example make a directory upload and define path uploadURL in the the config php.

 

It was explained in the text file also;

The upload settings can be found in the the /kcfinder/config.php by default any image will be uploaded to /admin/kcfinder/upload/images/ which I personally do not like better to put them in the catalog/images/ where they belong as over the years they may gather  although it is possibile to browse and delete from the admin ckeditor so up to you.

Share this post


Link to post
Share on other sites

 

Ofcourse its is possible to move the upload directory to the "catalog"  side, example make a directory upload and define path uploadURL in the the config php.

 

It was explained in the text file also;

The upload settings can be found in the the /kcfinder/config.php by default any image will be uploaded to /admin/kcfinder/upload/images/ which I personally do not like better to put them in the catalog/images/ where they belong as over the years they may gather  although it is possibile to browse and delete from the admin ckeditor so up to you.

 

 

Hi Bert, how should the upload URL be shown? Mine just says:

 

    'uploadURL' => "upload",
    'uploadDir' => "",
 
I tried some variations, but nothing uploads ever and the "browse server" button always takes me to the front page of the website, so it doesn't work at all.

Share this post


Link to post
Share on other sites

 

Hi Bert, how should the upload URL be shown? Mine just says:

 

    'uploadURL' => "upload",
    'uploadDir' => "",
 
I tried some variations, but nothing uploads ever and the "browse server" button always takes me to the front page of the website, so it doesn't work at all.

 

here is my working config from ckeditor and kcfinder

 

ext/ckeditor/config.js

CKEDITOR.editorConfig = function( config ) {
   config.filebrowserBrowseUrl = 'kcfinder/browse.php?type=files';
   config.filebrowserImageBrowseUrl = 'kcfinder/browse.php?type=images';
   config.filebrowserFlashBrowseUrl = 'kcfinder/browse.php?type=flash';
   config.filebrowserUploadUrl = 'kcfinder/upload.php?type=files';
   config.filebrowserImageUploadUrl = 'kcfinder/upload.php?type=images';
   config.filebrowserFlashUploadUrl = 'kcfinder/upload.php?type=flash';

and from adminroot kcfinder config.php

 

    'uploadDir' => "",

Share this post


Link to post
Share on other sites

@@Fiber I just wanted to come back and thank you for this, I was able to get mine working using your settings, much appreciated.

Share this post


Link to post
Share on other sites

@@Fiber can I ask you, do you find on the catalog side of your stores with kcfinder that kcfinder sets 7 different cookies? It is showing in chrome and it seems strange to me that it does this. It may also put cookie-phobes off the website. I hardly use the kcfinder for uploading as I tend to ftp things and then link to them that way.

 

Could you check your sites? It shows with a ! in chrome and you can see the cookies easily there.

Share this post


Link to post
Share on other sites

That was optinal if i'am not mistaken, deinstall the image uloader if you don't used it and keep ckeditor

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×