San*_*gha 0 php security ckfinder elfinder
我正在使用此配置让我的Elfinder与CKEditor一起使用.
$opts = array(
// 'debug' => true,
'roots' => array(
array(
'driver' => 'LocalFileSystem', // driver for accessing file system (REQUIRED)
'path' => '../../uploads/', // path to files (REQUIRED)
'URL' => dirname($_SERVER['PHP_SELF']) . '/../../uploads/', // URL to files (REQUIRED)
'accessControl' => 'access' , // disable and hide dot starting files (OPTIONAL)
'uploadAllow' => array('image/jpg', 'image/png'),
'alias' => 'Home',
'mimeDetect' => 'internal',
'imgLib' => 'gd',
),
),
);
但是,我能够上传所有文件甚至PHP文件!我只想上传图片.我无法限制上传.我哪里错了?
加:
'uploadOrder'=> array('allow','deny')
如果没有这个,默认策略是allow,如果它们都不匹配.
根据:https: //github.com/Studio-42/elFinder/wiki/Connector-configuration-options#wiki-uploadOrder