Check User Access On Outside File


I have a form with a CkEditor WYSIYWG textarea input.

To enable file upload, I uploaded a CkEditor extension to my site’s public folder. In that folder is a file ‘index.html’ which is used for handling the file upload.

The only problem now is, that everybody can access this ‘index.html’ and upload or delete files to my site.

That’s why this extensions has also a file ‘security.php’ with a function checkAccess(). My question is, how can I make this file part of my application so that I can use ‘!Yii::app()->user->isGuest’ in the checkAccess() function?

Maybe its better to wrap the CkEditor into a CWidget.

You can find some extensions for this.

But the file isn’t part of CkEditor itself, it’s like an extension.

My question is actually, how can I access ‘Yii::app()’ from a file that is not part of the framework? For example I could include ‘index.php’ of the yii application but that doesn’t work because it will load whole the site.

See 2. Using Yii in 3rd-Party Systems