April 2009 Archives

After looking at the open source alternatives, I decided the price was worth to buy the MCIMageManager plugin for TinyMCE. This open source (LGPL) Rich Text Editor is probably the best out there: the great image upload plugin, developed by the same folks, is however not free - but definitely worth its money.

The backend of MCImageManger is in PHP or .NET: I decided to stick with the PHP version, as my web server is on Unix, but still had to find out how to integrate it with my web application (which is in Perl) making sure only logged in users would be allowed to upload files. There are code examples for JSP, ASP Classic and several PHP configurations, but nothing related to Perl. So, I ported the authentication script - it was easy enough and here's the result.

If you use Perl and you want to integrate authentication with the one of your system, you need to use ExternalAuthenticator in order to share sessions between Perl and PHP/.NET. It's not that difficult: since the Perl ExternalAuthenticator script is not provided, you can find one I wrote myself here.

MCImageManager configuration

File to edit is likely ''config.php''. If you use ''Web.config'', these instructions still apply.
First of all, you need to enable the ''ExternalAuthenticator'':

$mcImageManagerConfig['authenticator'] = "ExternalAuthenticator";

Scroll down a bit and you'll find the relevant configuration options for ''ExternalAuthenticator'':

// ExternalAuthenticator config
$mcImageManagerConfig['ExternalAuthenticator.external_auth_url'] = "/manage/tinymce_auth.pl";
$mcImageManagerConfig['ExternalAuthenticator.secret_key'] = "TheKey";


Put this file at the location you specified in ''config.php''. You need to edit some parth: the secret key and, of course, the part which verifies the user is authenticated.


use strict;
use warnings;

use CGI::Carp qw/fatalsToBrowser/;
use CGI::Simple;
use CGI::Session;
use HTML::Entities;
use Digest::MD5 qw/md5_hex/;

# Must match the one in config.php
my $secretKey = "TheKey";

my $q = CGI::Simple->new();
print $q->header(
    -type   => 'text/html; charset=UTF-8',

my $session = CGI::Session->new();

# See if session-id is OK
if ( !$session->param('idadmin') =~ /^\d+$/ ) {
     print "Not logged in";

# Come configuration variables can be overridden here
my %configuration = (
    #'filesystem.rootpath'   => '/some/path',
    #'filesystem.path'       => '/some/path',
my @confkeys = sort keys %configuration;

my $data = '';
for my $ck (@confkeys) {
    $data .= $configuration{$ck};
my $key = md5_hex($data . $secretKey);

print '<html>';
print '<body onload="document.forms[0].submit();">';
print '<form method="post" action="' . encode_entities($q->param('return_url')) . '">';
print '<input type="hidden" name="key" value="'. encode_entities($key) . '" />';
for my $ck (@confkeys) {
     my $enc_ck = $ck; $enc_ck =~ s/\./_/g;
     print '<input type="hidden" name="'
        . encode_entities($enc_ck)
        . '" value="'
        . encode_entities($configuration{$ck})
        . '" />'
print '</form></body></html>';

This work is free software, by , and is provided as-is. If you need support, ask in the TinyMCE forums.

About this Archive

This page is an archive of entries from April 2009 listed from newest to oldest.

March 2009 is the previous archive.

May 2009 is the next archive.

Find recent content on the main index or look in the archives to find all content.



OpenID accepted here Learn more about OpenID
Powered by Movable Type 5.14-en