Skip to content
Permalink
Browse files
Empty the image cache only allowed for admin users
  • Loading branch information
slackero committed Sep 1, 2021
1 parent 0b2389c commit 3bc4e78503e0d8929f5f00395c62fa9af08ee265
Showing with 8 additions and 4 deletions.
  1. +7 −3 include/inc_act/ajax_connector.php
  2. +1 −1 include/inc_lib/revision/revision.php
@@ -20,9 +20,9 @@
require PHPWCMS_ROOT.'/include/inc_lib/general.inc.php';
require PHPWCMS_ROOT.'/include/inc_lib/backend.functions.inc.php';

if(empty($_SESSION["wcs_user"])) {
if(empty($_SESSION['wcs_user']) || empty($_SESSION['PHPWCMS_BROWSER_HASH']) || $_SESSION['PHPWCMS_BROWSER_HASH'] !== $GLOBALS['phpwcms']['USER_AGENT']['hash']) {
headerRedirect('', 401);
die('Sorry, access forbidden');
die();
}

if(isset($_POST['action'])) {
@@ -98,7 +98,11 @@
break;

case 'flush_image_cache':
$files = returnFileListAsArray(PHPWCMS_ROOT.'/'.PHPWCMS_IMAGES, array('jpg', 'png', 'gif', 'svg'));
if (empty($_SESSION['wcs_user_admin'])) {
headerRedirect('', 401);
die();
}
$files = returnFileListAsArray(PHPWCMS_ROOT.'/'.PHPWCMS_IMAGES, array('jpg', 'png', 'gif', 'svg', 'webp'));
$data = array('file_count' => 0, 'status' => 'ok');
if(is_array($files)) {
$data['file_count'] = count($files);
@@ -10,5 +10,5 @@
**/

define('PHPWCMS_VERSION', '1.9.29-dev');
define('PHPWCMS_RELEASE_DATE', '2021/08/29');
define('PHPWCMS_RELEASE_DATE', '2021/09/01');
define('PHPWCMS_REVISION', '552');

0 comments on commit 3bc4e78

Please sign in to comment.