I have used tinybrowser with tiny mce as a plugin (My panel is php based). When uploading, there is link like this:
www.****.com/dashboard/tiny_mce/plugins/tinybrowser/tinybrowser.php?type=image
This link can open in all browser without permission. What is the solution in this case? Could I use my admin panel's session control in tinyMce plugins?? Thanks in advance
I'll take advantage of the panel session in order to not allow users to get there without authorization. I guess you already have some scripts tha control that, so it'd be as easy as include them where you want to secure your app.
I have solved this:
in config_tinybrowser.php you have to uncomment and configure this lines:
if(isset($_GET['sessidpass'])) session_id($_GET['sessidpass']); // workaround for Flash session bug
session_start();
$tinybrowser['sessioncheck'] = 'good-user'; //name of session variable to check