X-Cart: shopping cart software

X-Cart forums (https://forum.x-cart.com/index.php)
-   Dev Questions (https://forum.x-cart.com/forumdisplay.php?f=20)
-   -   ckfinder with ckeditor (https://forum.x-cart.com/showthread.php?t=61025)

jck 09-27-2011 03:48 AM
ckfinder with ckeditor
 
How to install ckfinder with ckeditor and provide security using CheckAuthentication() funtion locate in config.php

I know we must use auth.php on config.php and take some session variable, but when include auth.php and try to use $login var, i get xml errors from ckfinder.

Please need some help. Thank you.

qualiteam 10-19-2011 01:05 AM
Re: ckfinder with ckeditor
 
X-Cart uses its own session handling routines.

Thus the modification will be a little bit more complex:

1. create a new file "<xcart_dir>/admin/file_manager.php"
PHP Code:
<?php
/* vim: set ts=4 sw=4 sts=4 et: */

require './auth.php';
require $xcart_dir.'/include/security.php';

if ($login) {

    func_setcookie('xcart_scookie'$XCART_SESSION_NAME);
    func_setcookie('ckfinder_auth'md5($XCARTSESSID));

    clearstatcache();

    include $xcart_dir.'/include/lib/ckfinder/ckfinder.php';

    // You can use the "CKFinder" class to render CKFinder in a page:
    $finder = new CKFinder() ;
    $finder->BasePath '../include/lib/ckfinder/';  // The path for the installation of CKFinder (default = "/ckfinder/").
    $finder->SelectFunction 'ShowFileInfo';
    $finder->Create() ;
}

?>

2. upload the ckfinder distribution pack content into the "<xcart_dir>/include/lib/ckfinder" directory.

3. change certain parts of the "<xcart_dir>/include/lib/ckfinder/config.php" file as follows:
PHP Code:
...
function CheckAuthentication()
{
        // WARNING : DO NOT simply return "true". By doing so, you are allowing
        // "anyone" to upload and list the files in your server. You must implement
        // some kind of session validation here. Even something very simple as...

        // return isset($_SESSION['IsAuthorized']) && $_SESSION['IsAuthorized'];

        // ... where $_SESSION['IsAuthorized'] is set to "true" as soon as the
        // user logs in your system. To be able to use session variables don't
        // forget to add session_start() at the top of this file.

        global $_COOKIE;

        return isset($_COOKIE['xcart_scookie']) 
                && isset($_COOKIE['ckfinder_auth']) 
                && isset($_COOKIE[$_COOKIE['xcart_scookie']]) 
                && $_COOKIE['ckfinder_auth'] == md5($_COOKIE[$_COOKIE['xcart_scookie']]);
}
...
$baseUrl "userfiles/";
...
$baseDir dirname(__FILE__).'/userfiles/'

4. alter the "<xcart_dir>/skin/common_files/admin/menu_box.tpl" template and add:
Code:
<a href="{$catalogs.admin}/file_manager.php">{$lng.lbl_file_manager}</a>
right before e.g.:
Code:
<a href="{$catalogs.admin}/import.php">{$lng.lbl_import_export}</a>

5. add a new language variable "lbl_file_manager" via X-Cart languages section and specify its value.

After that you a new menu entry should appear under Tools menu -> "File manager".

qualiteam 10-19-2011 01:07 AM
Re: ckfinder with ckeditor
 
Moving to "Completed Custom Mods & Templates" forum.

jck 12-09-2011 06:58 AM
Re: ckfinder with ckeditor
 
I forgot to answer. Sorry.

Your reply helped me a lot. Just to say, thank you very much.


All times are GMT -8. The time now is 04:29 AM.

Powered by vBulletin Version 3.5.4
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.