In way over my head (MooTools Filemanager)
140 views
Skip to first unread message
Chad Meyers
Apr 24, 2012, 10:33:17 AM4/24/12
to MooTools Users
So I am using MooTools Filemanager (https://github.com/frozeman/
mootools-filemanager) with CKEditor. It all works fine until
I .htaccess password protect my CMS.
File structure looks like this
example.com
->admin (is .htaccess protected, and has index.php for user interface)
-->includes
--->fileManager (all files for manager are in here)
-> images/currentProjects/ (directory accessed by file manager)
As soon as the .htaccess password protect is in place, the upload
fails with an error that says
"Error
No response was given from the uploader, this may mean that
"mod_security" is active on the server and one of the rules in
mod_security has cancelled this request. If you can not disable
mod_security, you may need to use the NoFlash Uploader."
the server does not have "mod_security"
The file manager is using Swiff.Uploader or something like that.
Not sure if this is the place to post this, but I don't know where
else to look.
Maybe someone can recommend another file manager, though I really like
this one.
mootools-filemanager) with CKEditor. It all works fine until
I .htaccess password protect my CMS.
File structure looks like this
example.com
->admin (is .htaccess protected, and has index.php for user interface)
-->includes
--->fileManager (all files for manager are in here)
-> images/currentProjects/ (directory accessed by file manager)
As soon as the .htaccess password protect is in place, the upload
fails with an error that says
"Error
No response was given from the uploader, this may mean that
"mod_security" is active on the server and one of the rules in
mod_security has cancelled this request. If you can not disable
mod_security, you may need to use the NoFlash Uploader."
the server does not have "mod_security"
The file manager is using Swiff.Uploader or something like that.
Not sure if this is the place to post this, but I don't know where
else to look.
Maybe someone can recommend another file manager, though I really like
this one.
Ger Hobbelt
Apr 24, 2012, 12:13:22 PM4/24/12
to mootool...@googlegroups.com
mtfm has an issue tracker but never mind (my branch at least is waiting for me to locate some quality spare time to wrap things up again).
My hunch (without verifying) is that you're hit by this issue due to the url where mtfm is uploading /to/ (the index.php file which would include the mtfm backend php code) is htaccess password protected this way; you want to go and sniff the HTTP traffic using the development tools in your browser (though sniffing traffic from Flash components can be a pain in the xxx, unless you resort to tougher measures like using the WireShark network protocol sniffer (which will do HTTP 'decoding' of those TCP packets travelling across the line for you, so it's relatively easy to pick up as a tool).
I most often 'debug'/'diagnose' this sort of thing by sniffing the traffic and [if necessary/helpful to cut down on the problem complexity] replaying it in rudimentary form by hand using the browser when the going gets a tough and the suspect is somewhere between browser and backend user code.
Met vriendelijke groeten / Best regards,
Ger Hobbelt
--------------------------------------------------
web: http://www.hobbelt.com/
http://www.hebbut.net/
mail: g...@hobbelt.com
mobile: +31-6-11 120 978
--------------------------------------------------
Met vriendelijke groeten / Best regards,
Ger Hobbelt
--------------------------------------------------
web: http://www.hobbelt.com/
http://www.hebbut.net/
mail: g...@hobbelt.com
mobile: +31-6-11 120 978
--------------------------------------------------
Sanford Whiteman
Apr 24, 2012, 1:41:49 PM4/24/12
to Chad Meyers
> ... I .htaccess password protect my CMS.
Be more precise: post your .htaccess. There are a lot of directives
that would be irrelevant, but some that are critical to running an RFC
1867 POST acceptor...
-- S.
Chad Meyers
Apr 24, 2012, 3:01:07 PM4/24/12
to MooTools Users
htaccess file
AuthType Basic
AuthName "Site Admin Access Only"
AuthUserFile /home/117149/.htpasswd
AuthGroupFile /home/117149/.htgroup
Require user sbh_admin sdc
pretty basic.
I really would like to get this straightened out. doing sniffing is
beyond what I think I can do. I will see what I can find. In the
mean time I found elFinder, it works fine, but it is jQuery based.
AuthType Basic
AuthName "Site Admin Access Only"
AuthUserFile /home/117149/.htpasswd
AuthGroupFile /home/117149/.htgroup
Require user sbh_admin sdc
pretty basic.
I really would like to get this straightened out. doing sniffing is
beyond what I think I can do. I will see what I can find. In the
mean time I found elFinder, it works fine, but it is jQuery based.
Sanford Whiteman
Apr 24, 2012, 3:13:32 PM4/24/12
to Chad Meyers
> pretty basic.
No pun intended. :)
You're using basic auth, and Flash won't pass those creds unless you
configure MTFM to pass them in the query string.
-- S.
Lennart
Jul 13, 2012, 10:30:59 AM7/13/12
to mootool...@googlegroups.com
I'm having the same issue. What do I need to put where to make basic authentication work?
Sanford Whiteman
Jul 13, 2012, 4:39:57 PM7/13/12
to Lennart
> I'm having the same issue. What do I need to put where to make basic
> authentication work?
You need to simulate the basic auth by passing them in the query
> authentication work?
string and then interpreting u=<username>&p=<password> on the server
side.
It's similar to when you can't send, for example, PUT, so you send a
special hint like &pretend-method-was=PUT.
-- S.
Reply all
Reply to author
Forward
0 new messages