This file uploader is disabled. Please check the "editor/filemanager/connectors/php/config.php"
ecshop 后台上传图片报错
This file uploader is disabled. Please check the "editor/filemanager/connectors/php/config.php"
上传图片时候遇到这样的错误:This file uploader is disabled. Please check the "editor/filemanager/connectors/php/config.php" file.
报错的原因是:FCKeditor的安全机制阻止了上传文件,上传文件牵扯到很多的网站漏洞,FCKeditor要求对其配置文件进修改,修改$Config['Enabled'] = false,为TRUE。当然这样修改是最不好的,没考虑的身份认证问题
// SECURITY: You must explicitly enable this "connector". (Set it to "true").安全性:你必须明确自己运行connector的状态
// WARNING: don't just set "$Config['Enabled'] = true ;", you must be sure that only
// authenticated users can access this file or use some kind of session checking.
警告:不要仅仅设置$Config['Enabled'] = true 你必须确定只有通过用户验证和SESSION验证的人才可以访问这个文件。(所以你可以添加相应的代码到该文件 以限制只有一部分人可以使用,提高安全性)
$Config['Enabled'] = false ; 有人说改这个变量改成true,这样是不安全的。
其实出现这样的问题是因为你登陆的时间长了,系统不给你权限了,只要退出重新登陆一下既可,更新下缓存,就可以了。
解决办法:
打开editor/filemanager/connectors/aspx/config.ascx修改CheckAuthentication()方法,返回true
C# code
private bool CheckAuthentication()
{
// WARNING : DO NOT simply return "true". By doing so, you are allowing
// "anyone" to upload and list the files in your server. You must implement
// some kind of session validation here. Even something very simple as...
//
// return ( Session[ "IsAuthorized" ] != null && (bool)Session[ "IsAuthorized" ] == true );
//
// ... where Session[ "IsAuthorized" ] is set to "true" as soon as the
// user logs in your system.
return true;
}
随便看了一下config.ascx里的内容,发现如果想让对每个用户进行不同的配置,FCKeditor支持的更好了。