XMS Systems

Back to Fred Mac Donald's Blog

Set upload folders dynamically for KCFinder

Set upload folders dynamically for KCFinder

A quick fix to set dynamic upload folders for KCFinder

When integrating KCFinder as the remote file manager for managing images that needs to be used in articles or pages on XMS Systems I ran into a couple of problems.

Let me explain...

Depending who is logged in and what access rights they have to the site the folder structure could be either one of the following

  •  /my_uploads/media/
  • /my_uploads/media/members/member_account_number_pulled_from_secure_session_variable/
     

No matter how I configured KCFinder it always insisted on the following folder structure

  •  /my_uploads/media/image/
  • /my_uploads/media/members/member_account_number_pulled_from_secure_session_variable/image/
     

It always created an 'image' folder. The result is that I was unable to upgrade from a previous remote file browser that gave me endless mod_sec issues and by the looks of it is not fully php5.3 compatible.

After searching countless hours on the forums and all over the internet, all I could find was "How do I..." and not a single "This is how to..."

Well here is the solution to using dynamic upload folders for KCFinder.
 

1. Edit the KCFinder config.php file

    First we need to make sure the KCFinder session variables are properly configured

'_sessionVar' => &$_SESSION['KCFINDER'],
    
'_sessionLifetime' => 30,
'_sessionDir' => "/home/something/tmp", // Path from server root

'_sessionDomain' => ".mydomain.com", // Note the "dot" in front of the domain
'_sessionPath' => "/tmp", // This will be the tmp folder on your hosting account, typically a folder above the root of your site. Make sure to CHMOD this folder to 1777 to ensure only the owner of the session can delete the file.

It is worth mentioning that you need to make sure the uploader is disabled to not logged in users by setting this line
'disabled' => true,

Rather activate the uploader from within your application where you can set the authentication.

2. Initialise the php session at the top of the config.php file

3. Edit the 'types' => array and comment out all the different 'types'

// CKEditor & FCKEditor types
// 'files'   =>  "",
// 'flash'   =>  "swf",
// 'images'  =>  "*img",

// TinyMCE types
// 'files'    =>  "",
// 'media'   =>  "swf flv avi mpg mpeg qt mov wmv asf rm",
// 'image'   =>  "*img",

4. Add the following 'type' to the array

$_SESSION['fold_type'] =>  "*img swf flv avi mpg mpeg qt mov wmv asf rm", // Folder now dynamically defined in the application

5. Save your config.php file

6. Open your application page where you initialize your editor and call KCFinder

7. Before initializing your editor, add the following lines declaring the various KCFinder variables

$_SESSION['KCFINDER'] = array();
$_SESSION['KCFINDER']['disabled'] = false; // Activate the uploader, Users to this page MUST be authenticated
$_SESSION['KCFINDER']['uploadURL'] = "/uploads"; // Based on my first folder structure
$_SESSION['fold_type'] = "media"; // Based on my first folder structure

or

$_SESSION['KCFINDER'] = array();
$_SESSION['KCFINDER']['disabled'] = false; // Activate the uploader, Users to this page MUST be authenticated
$_SESSION['KCFINDER']['uploadURL'] = "/my_uploads/media/Members"; // Based on my second folder structure
$_SESSION['fold_type'] = "member_account_number_pulled_from_secure_session_variable"; // Based on my second folder structure

8 Leave the line where you call the uploader like this;

file: '../tiny_mce/plugins/kcfinder/browse.php?opener=tinymce',

What happens is that your $_SESSION['fold_type'] variable is passed to the 'type' array in the config.php file.

Now you should have your folders dynamically created and different users can have their own private upload folders.
When a user edit a page their folder will automatically be created and they will not have access to any other folder above their own.

That left me with one more problem "Portability".

Since the remote browser is integrated into a CMS that needs to be installed easily and quikly with the minimum of configuration I want the config.php file to configure itself when the CMS is installed onto a new account on my servers.

This ment that I had to come up with a way to "auto configure" the following two values;

'_sessionDir' => "/home/something/tmp", // Path from server root
'_sessionDomain' => ".mydomain.com", // Note the "dot" in front of the domain

To achieve this I implemented a rudimentary bit of code, ugly but functional. After starting the session at the top of the config.php file I added the following code:

$base_url = explode("/",$_SERVER['DOCUMENT_ROOT']);
$base_url = '/'.$base_url[1].'/'.$base_url[2].'/tmp'; // assuming the full path is "/home/username/tmp"
$domain = '.'.$_SERVER['HTTP_HOST'];

Now update the two session variables like this;

'_sessionDir' => $base_url,
'_sessionDomain' => $domain,

Please make sure you have all your user authentication in place and configure the config.php file as required to stop unwanted files from being uploaded and file extentions from being renamed.

Written by:  - Updated 12 May, 2016  
comments powered by Disqus
Search Manual

More in "Development and Change Log"

Manual Categories

about XMS Systems | ✉ contact XMS Systems

© 2024 - XMS Systems

Powered by XMS Systems | hosted by ExelWebs.com | Manage

flashy