Ticket #5092: config.php

File config.php, 8.7 KB (added by Lubomir Licko, 10 years ago)
Line 
1<?php
2/*
3 * ### CKFinder : Configuration File - Basic Instructions
4 *
5 * In a generic usage case, the following tasks must be done to configure
6 * CKFinder:
7 *     1. Check the $baseUrl and $baseDir variables;
8 *     2. If available, paste your license key in the "LicenseKey" setting;
9 *     3. Create the CheckAuthentication() function that enables CKFinder for authenticated users;
10 *
11 * Other settings may be left with their default values, or used to control
12 * advanced features of CKFinder.
13 */
14
15/**
16 * This function must check the user session to be sure that he/she is
17 * authorized to upload and access files in the File Browser.
18 *
19 * @return boolean
20 */
21function CheckAuthentication()
22{
23        //WARNING : DO NOT simply return "true". By doing so, you are allowing
24        //"anyone" to upload and list the files in your server. You must implement
25        //some kind of session validation here. Even something very simple as...
26
27        //return isset($_SESSION['IsAuthorized']) && $_SESSION['IsAuthorized'];
28        return true;
29
30        //... where $_SESSION['IsAuthorized'] is set to "true" as soon as the
31        //user logs in your system.
32
33        //return false;
34}
35
36// LicenseKey : Paste your license key here. If left blank, CKFinder will be
37// fully functional, in demo mode.
38$config['LicenseName'] = 'www.crscb.cz';
39$config['LicenseKey'] = 'M63S-FK13-X35P-MK15-3379-DN1K-BDF7';
40
41/*
42To make it easy to configure CKFinder, the $baseUrl and $baseDir can be used.
43Those are helper variables used later in this config file.
44*/
45
46/*
47$baseUrl : the base path used to build the final URL for the resources handled
48in CKFinder. If empty, the default value (/userfiles/) is used.
49
50Examples:
51        $baseUrl = 'http://example.com/ckfinder/files/';
52        $baseUrl = '/userfiles/';
53
54ATTENTION: The trailing slash is required.
55*/
56//$baseUrl = '/ckfinder/userfiles/';
57$baseUrl = '/pages/userfiles/';
58
59/*
60$baseDir : the path to the local directory (in the server) which points to the
61above $baseUrl URL. This is the path used by CKFinder to handle the files in
62the server. Full write permissions must be granted to this directory.
63
64Examples:
65        // You may point it to a directory directly:
66        $baseDir = '/home/login/public_html/ckfinder/files/';
67        $baseDir = 'C:/SiteDir/CKFinder/userfiles/';
68
69        // Or you may let CKFinder discover the path, based on $baseUrl:
70        $baseDir = resolveUrl($baseUrl);
71
72ATTENTION: The trailing slash is required.
73*/
74$baseDir = resolveUrl($baseUrl);
75
76/*
77 * ### Advanced Settings
78 */
79
80/*
81Thumbnails : thumbnails settings. All thumbnails will end up in the same
82directory, no matter the resource type.
83*/
84$config['Thumbnails'] = Array(
85                'url' => $baseUrl . '_thumbs',
86                'directory' => $baseDir . '_thumbs',
87                'enabled' => true,
88                'directAccess' => false,
89                'maxWidth' => 100,
90                'maxHeight' => 100,
91                'bmpSupported' => false,
92                'quality' => 80);
93
94/*
95Set the maximum size of uploaded images. If an uploaded image is larger, it
96gets scaled down proportionally. Set to 0 to disable this feature.
97*/
98$config['Images'] = Array(
99                'maxWidth' => 1600,
100                'maxHeight' => 1200,
101                'quality' => 80);
102
103/*
104RoleSessionVar : the session variable name that CKFinder must use to retrieve
105the "role" of the current user. The "role", can be used in the "AccessControl"
106settings (bellow in this page).
107
108To be able to use this feature, you must initialize the session data by
109uncommenting the following "session_start()" call.
110*/
111$config['RoleSessionVar'] = 'CKFinder_UserRole';
112//session_start();
113
114/*
115AccessControl : used to restrict access or features to specific folders.
116
117Many "AccessControl" entries can be added. All attributes are optional.
118Subfolders inherit their default settings from their parents' definitions.
119
120        - The "role" attribute accepts the special '*' value, which means
121          "everybody".
122        - The "resourceType" attribute accepts the special value '*', which
123          means "all resource types".
124*/
125
126$config['AccessControl'][] = Array(
127                'role' => '*',
128                'resourceType' => '*',
129                'folder' => '/',
130
131                'folderView' => true,
132                'folderCreate' => true,
133                'folderRename' => true,
134                'folderDelete' => true,
135
136                'fileView' => true,
137                'fileUpload' => true,
138                'fileRename' => true,
139                'fileDelete' => true);
140
141/*
142For example, if you want to restrict the upload, rename or delete of files in
143the "Logos" folder of the resource type "Images", you may uncomment the
144following definition, leaving the above one:
145
146$config['AccessControl'][] = Array(
147                'role' => '*',
148                'resourceType' => 'Images',
149                'folder' => '/Logos',
150
151                'fileUpload' => false,
152                'fileRename' => false,
153                'fileDelete' => false);
154*/
155
156/*
157ResourceType : defines the "resource types" handled in CKFinder. A resource
158type is nothing more than a way to group files under different paths, each one
159having different configuration settings.
160
161Each resource type name must be unique.
162
163When loading CKFinder, the "type" querystring parameter can be used to display
164a specific type only. If "type" is omitted in the URL, the
165"DefaultResourceTypes" settings is used (may contain the resource type names
166separated by a comma). If left empty, all types are loaded.
167
168maxSize is defined in bytes, but shorthand notation may be also used.
169Available options are: G, M, K (case insensitive).
1701M equals 1048576 bytes (one Megabyte), 1K equals 1024 bytes (one Kilobyte), 1G equals one Gigabyte.
171Example: 'maxSize' => "8M",
172*/
173$config['DefaultResourceTypes'] = '';
174
175$config['ResourceType'][] = Array(
176                'name' => 'Files',                              // Single quotes not allowed
177                'url' => $baseUrl . 'files',
178                'directory' => $baseDir . 'files',
179                'maxSize' => 0,
180                'allowedExtensions' => '7z,aiff,asf,avi,bmp,csv,doc,fla,flv,gif,gz,gzip,jpeg,jpg,mid,mov,mp3,mp4,mpc,mpeg,mpg,ods,odt,pdf,png,ppt,pxd,qt,ram,rar,rm,rmi,rmvb,rtf,sdc,sitd,swf,sxc,sxw,tar,tgz,tif,tiff,txt,vsd,wav,wma,wmv,xls,zip',
181                'deniedExtensions' => '');
182
183$config['ResourceType'][] = Array(
184                'name' => 'Images',
185                'url' => $baseUrl . 'images',
186                'directory' => $baseDir . 'images',
187                'maxSize' => 0,
188                'allowedExtensions' => 'bmp,gif,jpeg,jpg,png',
189                'deniedExtensions' => '');
190
191$config['ResourceType'][] = Array(
192                'name' => 'Flash',
193                'url' => $baseUrl . 'flash',
194                'directory' => $baseDir . 'flash',
195                'maxSize' => 0,
196                'allowedExtensions' => 'swf,flv',
197                'deniedExtensions' => '');
198
199/*
200 Due to security issues with Apache modules, it is recommended to leave the
201 following setting enabled.
202
203 How does it work? Suppose the following:
204
205        - If "php" is on the denied extensions list, a file named foo.php cannot be
206          uploaded.
207        - If "rar" (or any other) extension is allowed, one can upload a file named
208          foo.rar.
209        - The file foo.php.rar has "rar" extension so, in theory, it can be also
210          uploaded.
211
212In some conditions Apache can treat the foo.php.rar file just like any PHP
213script and execute it.
214
215If CheckDoubleExtension is enabled, each part of the file name after a dot is
216checked, not only the last part. In this way, uploading foo.php.rar would be
217denied, because "php" is on the denied extensions list.
218*/
219$config['CheckDoubleExtension'] = true;
220
221/*
222If you have iconv enabled (visit http://php.net/iconv for more information),
223you can use this directive to specify the encoding of file names in your
224system. Acceptable values can be found at:
225        http://www.gnu.org/software/libiconv/
226
227Examples:
228        $config['FilesystemEncoding'] = 'CP1250';
229        $config['FilesystemEncoding'] = 'ISO-8859-2';
230*/
231$config['FilesystemEncoding'] = 'UTF-8';
232
233/*
234Perform additional checks for image files
235if set to true, validate image size
236*/
237$config['SecureImageUploads'] = true;
238
239/*
240Indicates that the file size (maxSize) for images must be checked only
241after scaling them. Otherwise, it is checked right after uploading.
242*/
243$config['CheckSizeAfterScaling'] = true;
244
245/*
246For security, HTML is allowed in the first Kb of data for files having the
247following extensions only.
248*/
249$config['HtmlExtensions'] = array('html', 'htm', 'xml', 'js');
250
251/*
252Folders to not display in CKFinder, no matter their location.
253No paths are accepted, only the folder name.
254The * and ? wildcards are accepted.
255*/
256$config['HideFolders'] = Array(".svn", "CVS");
257
258/*
259Files to not display in CKFinder, no matter their location.
260No paths are accepted, only the file name, including extension.
261The * and ? wildcards are accepted.
262*/
263$config['HideFiles'] = Array(".*");
264
265/*
266After file is uploaded, sometimes it is required to change its permissions
267so that it was possible to access it at the later time.
268If possible, it is recommended to set more restrictive permissions, like 0755.
269Set to 0 to disable this feature.
270Note: not needed on Windows-based servers.
271*/
272$config['ChmodFiles'] = 0777 ;
273
274/*
275See comments above.
276Used when creating folders that does not exist.
277*/
278$config['ChmodFolders'] = 0755 ;
© 2003 – 2019 CKSource – Frederico Knabben. All rights reserved. | Terms of use | Privacy policy