Closed ARNHOE closed 10 years ago
tractorcow
commented
10 years ago Actually it does require you to be logged in, or in dev mode.
https://github.com/tractorcow/silverstripe-dynamiccache/blob/3.1/code/DynamicCache.php#L244
I might rewrite it to run off flush rather than having a separate cache querystring parameter, and hook it into the built in flush protection. would you agree that's a better solution?
ARNHOE
commented
10 years ago It would be great if it could get part of the ?flush tool. But when you ?flush as a normal user you get redirected to a login page. That doesn't happen with cache=flush, so that's why I thought it wasn't protected.
tractorcow
commented
10 years ago I recently rewrote the module to bypass caching if "flush" is in the querystring, so it doesn't actually clear the cache in that instance. Part of the reason I suggest to do another rewrite...
tractorcow
commented
10 years ago I've moved the code that flushes the cache into the Page_Controller extension. This means the cache flush now actually runs within the flush protection control loop in main.php.
cache=flush still works, but only if logged in as admin.
Hi Damo,
Currently ?cache=flush can be called, whether you are logged in as a admin or not even logged in.
Would it be possible to limit this to admins only?