Implementing CKEditor and CKFinder in CakePHP 1.3 With Authentication

If you are using database as saving session values in database

Configure::write('', 'database');

Then getting session values will be different.

$db = new DATABASE_CONFIG();
$dbh = mysql_connect($db->default['host'],$db->default['login'],$db->default['password']);
$dbn = mysql_select_db($db->default['database'], $dbh);

$query = 'SELECT data FROM cake_sessions WHERE id="'.mysql_real_escape_string($_COOKIE['emoz']).'"';
if (mysql_num_rows($result)!=0)
	while ($row = mysql_fetch_assoc($result))
		$session_data = $row['data'];

if you are using CakePHP 1.2 then use tabe name “sessions” instead of cake_sessions.

CakePHP is my favorite framework because it is “easy”. As for WYSIWYG editor I use CKEditor+CKFinder. There are many ways to implement CKEditor+CKFinder in CakePHP but I use the simplest way possible.

Step 1: Implementing CKEditor+CKFinder

First download CKEditor and CKFinder. Then put those folder in app\webroot\js\ folder. Then add them to layout

echo $this->Html->script('ckeditor/ckeditor');
echo $this->Html->script('ckfinder/ckfinder');

Create an element app\views\elements\fck.ctp. put The put the following code in it.

$textareas = explode(',',$textareas);
var editor<?php echo $i;?> = CKEDITOR.replace( '<?php echo $textareas[$i]?>' );
CKFinder.SetupCKEditor( editor<?php echo $i;?>, { BasePath : '/js/ckfinder/', RememberLastFolder : false } ) ;
<?php	}?>

The $textareas is coma delimited string where you put you textareas id. as you can see you put one or more textareas ids here. now all you have to do is call the element with the id of the textarea. Now you can easily guess the ids by model name and field name for example your model name UserPage and field name is free_text then id will be UserPageFreeText. now call the element like this

echo $this-->element('fck', array('textareas'=>'UserPageFreeText'));

remember to put it after the textarea. now will see this

now comes the authentication part.

Step 2: Authentication in CKEditor

you don’t any want any one to upload files to your server. so you need to check the session. it pretty simple and easy. open app\webroot\js\ckfinder\config.php. put the following codes there


That’s it. now you will get session values that you set in CakePHP. now check them in CheckAuthentication function like this

function CheckAuthentication(){
//WARNING : DO NOT simply return "true". By doing so, you are allowing
//"anyone" to upload and list the files in your server. You must implement
//some kind of session validation here. Even something very simple as...
  if(empty($_SESSION['User']) )	{
    return false;
  }	else	{
   return true;

That’s it. Hope you find it as simple as I find it.

About Zakir Hyder

This entry was written by .

29. January 2011 by Zakir Hyder
Categories: CakePHP, CKEditor, CKFinder, PHP, Web Development | Tags: , , , , , | Comments


  1. […] we start, i suggest you to see my previous two post about CKFinder here and here. In this post i will show how you can manage ACL and also how you can limit you user to on folder […]