tinymce + elfinder

I take tinymce Yii ext update it add spell checker (ru, en) and add elfinder


Made in two versions

  1. elfinder as a module


  • May prescribe rules

  • Normally generated url


  • What to be separate from ext
  1. And simply put in assets


  • Can not prescribe rules

  • Not normally generated url

Plus: * Be in a folder with Ext

It would be good if someone suggested how to make a folder c Ext and remove all the minuses ?

Hi ,

I’m using with module and customized ETinyMCE.


I can see the dialog and inside "file and directories" but :

b.fm.params is undefined

I got an information from "http://elrte.org/redmine/boards/2/topics/717" telling about "Destroyed global GET array". That reminded me that I was using Yii with urlmanager and rules in lighttpd server.

So I temporarily disconnected these.

Then rewrote the URL accordingly.

url : "http://deva.testbmfbm.net/index.php?r=elfinder/Default",

instead of

url : "http://deva.testbmfbm.net/elfinder/Default/connector",

When I call again, the dialog displays the file trees etc.

no more b.fm.params is undefined :) .

So later I will put back my urlrules and try to write better rules if this is the reason why the GET arrays are lost.

There is an issue to upload with you turn on Csrf.

Although, I try to solve that by adding jquery.cookie.js plugin and edited form submission to include the YII_CSRF_TOKEN but it does not seem to work.


<form method=“post” enctype=“multipart/form-data” action="’+self.fm.options.url+’" target="’+id+’"><input type=“hidden” name=“YII_CSRF_TOKEN” value="’+$.cookie(‘YII_CSRF_TOKEN’)+’">

Can anyone help? Thanks in advance.

By the way, turning off Csrf works, but that defeat the purpose of trying to make the site as secure as possible.

I solved it with

adding csrf cookie into javascript generate form in \extensions\tinymce_elfinder\tinymce\assets\elfinder\js\elfinder.full.js (also you need to change elfinder.min.js) and have the assets re-published

<input type=“hidden” name=“YII_CSRF_TOKEN” value=\’’+($.cookie.get(‘YII_CSRF_TOKEN’)).substring(($.cookie.get(‘YII_CSRF_TOKEN’)).indexOf(’"’)+1,($.cookie.get(‘YII_CSRF_TOKEN’)).lastIndexOf(’"’))+’\’><input type=“hidden” name=“cmd” value=“upload” />

and save the two js in the zip file to \extensions\tinymce_elfinder\tinymce\assets\elfinder\js

and edit \extensions\tinymce_elfinder\tinymce\ETinyMce.php


$cs->registerScriptFile($assets.’/elfinder/js/jquery.json.js’); //add this

$cs->registerScriptFile($assets.’/elfinder/js/jquery.cookie.js’); //add this


     if(Yii::app()-&gt;language &#33;= 'en') &#036;cs-&gt;registerScriptFile(&#036;assets.'/elfinder/js/i18n/elfinder.'.Yii::app()-&gt;language.'.js'); // tweak, so that no uncessary is add, this is to check if required to add language

More problem with Csrf. Flfinder when editing the file in text, cannot complete action as it fails with csrf. Do anyone know where and how to insert the YII_CSRF_TOKEN??

Please help. Thanks.

I was using this great extension, but suddenly it decided to stop working.

Elfinder, that is.

Probably due to my url rules.

Did anyone solve this issue?

I spent two days on this ()#¤&#/(%&¤ issue, so any clues would be appreciated.

I’ve just turned it off for now…>:(

Is this extension jac? http://www.yiiframework.com/extension/elrtef

Nope. It’s this one.

I am not going to touch elrt (or whatever it’s called) with a ten foot long barge pole…

I know that I can get tinyMCE to work for me, using the prefixelement plugin: that leaves <pre> code blocks alone.

All other editors are messing with it.

So if it’s going to be without a file browser, so be it. ;)

After all: it’s going to be used on a programmers blog.

I’ll just put a upload form below the text area, and problem solved.

Besides: all four rlte extensions are broken.

I know that the el guys are working on a better elFinder, and until it’s released: no touch.

I spent two days on that crap.:lol:

Doesn’t make it better that I’ve turned on cookie and csrf.

But what broke it was my url rules.

I see that four days ago they talked about a new version without post or get options, so I’m looking forward to that.

But it looks like it’s going to take a while.

I have worked, but corrected as follows:

file: ETinyMce.php

line: 806





It would be nice at least to correct such deficiencies.

The main problem now - it does not work function of load. Window opens, but does not respond to a click on INPUT

I apologize for my English, I’m Russian

Happy New Year and Merry Christmas!

For those that have problems with using this extension and validate the csrf token i modified the elfinder.full.js file so that the script can accept custom POST params when doing the upload.

Like uploadify does, this change allows you to use the scriptData option to pass your custom params:

<script type="text/javascript" charset="utf-8">

		$().ready(function() {


			var funcNum = window.location.search.replace(/^.*CKEditorFuncNum=(\d+).*$/, "$1");

            var langCode = window.location.search.replace(/^.*langCode=([a-z]{2}).*$/, "$1");



                url : '<?php echo Yii::app()->createUrl('elfinder/default/connector')?>',

                lang : langCode,

                editorCallback : function(url) {

                  window.opener.CKEDITOR.tools.callFunction(funcNum, url);



               scriptData:{<?php echo Yii::app()->request->csrfTokenName;?>:'<?php echo Yii::app()->request->getCsrfToken();?>'}





As you see, in scriptData i am passing the token so that it will be appended to the upload form and Yii can check it successfully.

The changes i did:

//In the default options area, line 704


	autoReload : 0,


        * Option added by Twisted1919

        * The scriptData will accept an object (key:value pairs)

        * It is used to pass post data to the upload method so that for example you can check

        * a CSRF Token.

        * Also, see line 1964


        scriptData : null

//In the upload method, line 1964



* Change made by Twisted1919

* Because most of the time we need to send extra data with the uploaded file

* like a csrf token, i needed a way to do this, so that the scriptData option was born.



   for(key in self.fm.options.scriptData){

	f+='<input type="hidden" name="'+key+'" id="'+key+'" value="'+self.fm.options.scriptData[key]+'" />';



// end change by Twisted1919


Attached is the archive containing just the elfinder.full.js file (you can compress it if you like).

Just overwrite the old one, and load it .

I have the same problem than you ilyaplot, it appears it’s almost all the time, the file inputs can’t be clicked. Happens on FireFox, but not on Google Chrome…

I cannot save data entered in tinymce

<?php echo Yii::app()->baseUrl; $this->widget('application.extensions.tinymce_elfinder.tinymce.ETinyMce', array('name'=>'html', 'model' => $model,

        'attribute' => 'describe',)); ?>

Hi, I don’t actually understand the install instructions, is there someone who could explain it more thoroughly please?

I put the whole elfinder folder under


, should I move the


folder to



I have the problem i don’t actually understand the install instructions, is there someone who could explain it more thoroughly please?

Long time ago I have used this extension, but recently I have completely replaced it but my own extensions.

Reasons to do so was:

  1. I think tinyMce and elFinder should be in separate extensions.

  2. I did not like how compressor and spellchecker was made in tinyMce - i think they must be in separate actions and should be configurable.

  3. I did not like this extension because elfinder backend is not configurable(except editing files inside extension), because there is no posibility to easily add few elfider backends, and also there is serious security issues - just see what is published to assets(there is connector.php without any access control).

  4. Also I want to use latest tinyMce

In case of using my extensions, you will get: latest tinymce version, more configurable integration with elFinder, separate actions for tinyMce compressor and spellchecker.

my extensions is here:



In other words, I want say - do not waste your time for this extension, there is much better replacement for it.

Thank you, it’s work with your extension.

Bogdan Savluk, thanks! Your extension working perfectly!

I have different folders in elFinder: hr, accountant, admin, employee. I have Yii roles ( hr, accountant, admin, employee). Is there a way that specific Yii roles access to only that folder. Lets say a Yii roles accountant can only have access (read and upload , delete files ) to accountant folder but not other folders like hr, admin , employee. Thank you for your help.

i wnant attach this extention to a $form->textField because i want add a file example thumbnail to my post but i cant please help me :(((