Set or change API key and update it in DB

Now is the time to tell N1ED how to update API key and token values on the server and not to store token in the cookies of a browser. urlSetApiKeyAndToken parameter is responsible for that, you must specify it among all other initialization parameters you give to your editor.

This parameter must contain an URL of some server-side script that will receive POST request with parameters n1edApiKey and n1edToken and save them into DB (update default values).

On the server side you need to create this simple script (i. e. using the name setApiKey.php). PHP sample of such script:

<?php

    // Do not forget to check user has administrator permissions here

    $apiKey = $_POST["n1edApiKey"];
    $token = $_POST["n1edToken"];

    if ($apiKey == NULL || $token == NULL) {
        throw new AccessDeniedHttpException();
    }

    // Replace it to tools your CMS offer for interacting with DB
    mysql_query(/* some query sending API key and token to DB */);

?>

Now let's substitute this URL into the initialization script of the editor we edited in the previous step:

<?php
    $apiKey = getN1EDApiKeyFromDB(); // write your own function
    $token = getN1EDTokenFromDB(); // write your own function
?>
tinymce.init({
    selector: "#editor",
    apiKey: "<?php echo $apiKey ?>",
    token: "<?php echo $token ?>",
    urlSetApiKeyAndToken:  '/setApiKey.php', // for changing (will implement in next steps)
});

Now N1ED editor will know that it should not use cookies for saving token and will use this URL to send the API key and token there.

Check it

Right now you can check just receiving access to the current API key but not its changing (you will do it on the next step).

Go into N1ED on your website, go into its configuration (pressing the "Configuration" icon) and specify your password. Check that since this moment all the configuration options are available without specifying a password for all internal users of your website. Check also the configuration dialog shows them the correct API key.

After this check please reset the token in the DB to make a more full check on the next step.