1. Silahkan download terlebih dahulu file CKEditor dan KCFinder dari
website resminya. Ekstrak dan copy file-file CKEditor dan KCFinder
dengan susunan seperti di bawah ini.
2. Buka file config.js yang terdapat di dalam folder ckeditor dan ubah konfigurasinya dengan kode seperti di bawah ini :
CKEDITOR.editorConfig = function( config )
{
config.filebrowserBrowseUrl = '../asset/kcfinder/browse.php?type=files';
config.filebrowserImageBrowseUrl = '../asset/kcfinder/browse.php?type=images';
config.filebrowserFlashBrowseUrl = '../../asset/kcfinder/browse.php?type=flash';
config.filebrowserUploadUrl = '../../asset/kcfinder/upload.php?type=files';
config.filebrowserImageUploadUrl = '../../asset/kcfinder/upload.php?type=images';
config.filebrowserFlashUploadUrl = '../../asset/kcfinder/upload.php?type=flash';
};
|
class Tes_Kcfinder extends CI_Controller {
function __construct()
{
parent::__construct();
session_start();
}
function index()
{
$this->load->view('tes-kcfinder/login');
}
function login()
{
$usr = $this->input->post('username');
$pass = $this->input->post('password');
if($usr=="admin" || $pass=="admin"){
$_SESSION['ses_admin']="admin";
$_SESSION['ses_kcfinder']=array();
$_SESSION['ses_kcfinder']['disabled'] = false;
$_SESSION['ses_kcfinder']['uploadURL'] = "../content_upload";
$this->admin();
}
else { $this->index(); }
}
function admin()
{
$session=isset($_SESSION['ses_admin']) ? $_SESSION['ses_admin']:'';
if($session==""){
$this->login();
}
else { $this->load->view('tes-kcfinder/admin'); }
}
function logout()
{
session_destroy();
$this->login();
}
}
|
login.php
<form method="post" action="<?php echo base_url(); ?>tes_kcfinder/login"> <label>Username</label> <input type="text" name="username" /> <label>Password </label> <input type="password" name="password" /> <input type="submit" value="Masuk" /> </form> |
<script type="text/javascript" src="<?php echo base_url(); ?>asset/ckeditor/ckeditor.js"></script> <textarea class="ckeditor" name="editor"></textarea> |
$_CONFIG = array(
'disabled' => true,
'denyZipDownload' => false,
'denyUpdateCheck' => false,
'denyExtensionRename' => false,
'theme' => "oxygen",
'uploadURL' => "upload",
'uploadDir' => "",
'dirPerms' => 0755,
'filePerms' => 0644,
'access' => array(
'files' => array(
'upload' => true,
'delete' => true,
'copy' => true,
'move' => true,
'rename' => true
),
'dirs' => array(
'create' => true,
'delete' => true,
'rename' => true
)
),
'deniedExts' => "exe com msi bat php phps phtml php3 php4 cgi pl",
'types' => array(
// CKEditor & FCKEditor types
'files' => "",
'flash' => "swf",
'images' => "*img",
// TinyMCE types
'file' => "",
'media' => "swf flv avi mpg mpeg qt mov wmv asf rm",
'image' => "*img",
),
'filenameChangeChars' => array(/*
' ' => "_",
':' => "."
*/),
'dirnameChangeChars' => array(/*
' ' => "_",
':' => "."
*/),
'mime_magic' => "",
'maxImageWidth' => 0,
'maxImageHeight' => 0,
'thumbWidth' => 100,
'thumbHeight' => 100,
'thumbsDir' => ".thumbs",
'jpegQuality' => 90,
'cookieDomain' => "",
'cookiePath' => "",
'cookiePrefix' => 'KCFINDER_',
// THE FOLLOWING SETTINGS CANNOT BE OVERRIDED WITH SESSION CONFIGURATION
'_check4htaccess' => true,
//'_tinyMCEPath' => "/tiny_mce",
'_sessionVar' => &$_SESSION['ses_kcfinder'],
//'_sessionLifetime' => 30,
//'_sessionDir' => "/full/directory/path",
//'_sessionDomain' => ".mysite.com",
//'_sessionPath' => "/my/path",
);
|
Satu hal yang perlu diperhatikan dari file manager seperti KCFinder adalah permasalahan security-nya. Seperti kasus blog teman saya yang lupa mengubah konfigurasi dari false menjadi true, jadilah ada orang jahil yang bisa menerobos masuk ke file browse.php dan meng-upload file shell. Akhirnya semua direktori dan file-file yang terdapat di dalam hostingan ludes terhapus
. OK deh, sekian dulu postingan saya kali ini. Semoga bermanfaat untuk
rekan-rekan yang sedang dibuat pusing oleh CKEditor maupun KCFinder.Happy Blogging and Keep Coding
Cheerrrss….!!!!
password : azislah.com
