From 8e940c3f7c82997e4a3ee8941e2f0bd8e062982d Mon Sep 17 00:00:00 2001
From: Sam Minnee <sam@silverstripe.com>
Date: Mon, 12 Jan 2009 22:52:41 +0000
Subject: [PATCH] BUGFIX: Disallow execution from DailyTask and HourlyTask by
 website visitors.

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@70026 467b73ca-7a2a-4603-9d3b-597d59a354a9
---
 cli/CliController.php | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/cli/CliController.php b/cli/CliController.php
index 2e558158f..c232ec741 100755
--- a/cli/CliController.php
+++ b/cli/CliController.php
@@ -6,8 +6,10 @@
  */
 abstract class CliController extends Controller {
     function init() {
-      $this->disableBasicAuth();
-      parent::init();
+		$this->disableBasicAuth();
+		parent::init();
+		// Unless called from the command line, all CliControllers need ADMIN privileges
+		if(!Director::is_cli() && !Permission::check("ADMIN")) return Security::permissionFailure();
     }
   
     function index() {