CakePHP and TinyMCE Session Lesson
Integrating TinyMCE into CakePHP applications is easy. Integrating the File and Image Manager authentication is another story...
For a while now I have been wondering what the 'right' way is to set up the TinyMCE Image and File Managers, so that when I log into my CakePHP application, I don't need to log in again to the Image/File Managers.
Simply setting a logged in session variable at the top of the session auth file - and therefore bypassing authentication altogether - works, but presents a security risk.
The answer is actually simple though. CakePHP stores it's sessions using the name specified in your app/config/core.php file:
Configure::write('Session.cookie', 'CAKEPHP');
While CAKEPHP is the default, you can obviously change this.
TinyMCE by default, assumes the session is called PHPSESSID. This assumption is what causes the gap between being logged in to your CakePHP app, and the Image/File Managers.
The solution? Name the session before it is started, for both the Image Manager and the File Manager. Open the following files:
/tiny_mce/plugins/imagemanager/classes/Authenticators/SessionAuthenticator.php
/tiny_mce/plugins/filemanager/classes/Authenticators/SessionAuthenticator.php
Add the following just above the @session_start(); line.
session_name('CAKEPHP'); //this obviously must match your /app/config/core.php setting
Finally, we need to set the isLoggedIn variable. Go to your users_controller.php file and find the login function. It should look something like this for the integration to be complete:
function login() { $this->layout = 'admin'; if($this->Auth->user()) { //user logged in $_SESSION['isLoggedIn'] = true; //perform any other project specific actions here and redirect to loginRedirect ... } }
Now log in and go to your Image/File Managers... No additional login required!
Happy uploading!