4
I've solved it. Now the editor will first check if you are a XOOPS admin, if yes it will let you manage images and upload.
Here's the solution:
Open class/xoopseditor/ckeditor/ckfinder/config.php
around line line 32 find:
return false;
replace with:
include_once "../../../../../../../mainfile.php";
$isadmin = ($xoopsUser && $xoopsUser->isAdmin()) ? 1 : 0;
if ($isadmin===1) {
return true;
} else {
return false;
}
So the entire function should look like this:
function CheckAuthentication()
{
//WARNING : DO NOT simply return "true". By doing so, you are allowing
//"anyone" to upload and list the files in your server. You must implement
//some kind of session validation here. Even something very simple as...
// return isset($_SESSION['IsAuthorized']) && $_SESSION['IsAuthorized'];
//... where $_SESSION['IsAuthorized'] is set to "true" as soon as the
//user logs in your system.
include_once "../../../../../../../mainfile.php";
$isadmin = ($xoopsUser && $xoopsUser->isAdmin()) ? 1 : 0;
if ($isadmin===1) {
return true;
} else {
return false;
}
}
