I've been using CKEditor with CKFinder successfully on a bunch of sites now, but on this particular one I'm unable to see thumbnails in the file browser and if I try to delete images I get this error message:

The file browser is disabled for security reasons. Please contact your system administrator and check the CKFinder configuration file.

I've googled it and this error seems to be related to a host of problems, but most of them are very basic. I haven't been able to find anyone describing the problem I'm having.

I've upgraded the module to the latest dev version and downloaded the latest CKEditor and CKFinder. I've even downloaded the pre-setup module from http://ckeditor.com/download to see if maybe I'd forgotten something when I set it up manually, but to no avail.

If I give anonymous user the "allow CKFinder file uploads" permission everything works, but I do not want to do that, nor have I ever had to do that on a site before.

All my sites are completely different and they are live so testing is a bit hard. Trying to spot differences in drupal installations is also a bit futile as they are so different, but I'm creating this issue to see if other people are perhaps having the same problem and will supply more information as needed.

Comments

mkesicki’s picture

mkesicki commented
Status: Active » Postponed (maintainer needs more info)

Please check in drupal status page (admin/reports/status) if there are any errors with CKEditor/CKFinder reported. Please check also in readme file in "Installing CKFinder" section if you did everything what is described there.

GMO-2’s picture

GMO-2 commented

Strange... I've done all the recommended CKFinder install changes to the config.php and settings.php files and couldn't get rid of the (The file browser is disabled for security reasons. Please contact your system administrator and check the CKFinder configuration file.) error message. I've been working on this for hours.

Thanks to this post & thread; if all users have the CKFinder file uploads allowed, the darn BROWSE SERVER file upload function works. I'm scratching my head.

Now, how do we get it to work without allowing anonymous or even authenticated users, the ability to upload files to the server and insert files from the server? That's not safe.

Thanks!