solved, found answer in another post here:
http://www.yiiframework.com/forum/index.php?/topic/10989-how-to-protect-ckfinder-with-yii/
sorry
Hi guys,
i’m a tootal beginner in OOP and YII but i need to integrate JASFinder (file uploader/manager) into CKEditor under YII. CKEditor works fine but i have one problem: the JASFinder part (working outside the YII framework, opening in a new window) needs to be authenticated and to check if a logged user accesses it, it should check the $_SESSION value but i have no idea what could be the name of the ‘username’ key in YII?
Here’s the part from JASFinder Config file I added. I marked the part that i don’t know how to fill with ‘?’ signs:
By the way, i changed the default session name in Yii’s main.php to “MyFirstSession” just to check if anything what i do is right so here, from the config.php snippet it’s named MyFirstSession too.
session_name("MyFirstSession");
session_start();
function CheckAuthentication() {
if( isset($_SESSION['<img src='http://www.yiiframework.com/forum/public/style_emoticons/default/huh.gif' class='bbc_emoticon' alt='???' />?<img src='http://www.yiiframework.com/forum/public/style_emoticons/default/huh.gif' class='bbc_emoticon' alt='???' />?<img src='http://www.yiiframework.com/forum/public/style_emoticons/default/huh.gif' class='bbc_emoticon' alt='???' />?<img src='http://www.yiiframework.com/forum/public/style_emoticons/default/huh.gif' class='bbc_emoticon' alt='???' />??']) ) {
return true;
}
return false;
}
$Config['Enabled'] = CheckAuthentication();
I didn’t change anything in the demo/components/UserIdentity.php because i wanted to leave it simple as i’m learning this great stuff.
PS.
i tried to var_dump what’s inside YII’s $_SESSION and it came out it holds the key i want followed by some numbers and i did this silly thing that works but i’d appreciate some pro bro help here - thanks!
function CheckAuthentication()
{
$dudu='false';
foreach ($_SESSION as $kokolio){
if ($kokolio=='bazingastaff') {$dudu='true';}
}
if( $dudu=='true' )
{
return true;
}
return false;
}