locking down URLs: image/iframe, image/flush, image/transferlegacycontent

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@48828 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Ingo Schommer 2008-01-30 04:29:23 +00:00
parent 97f3d722b4
commit d2ee619caa

View File

@ -433,6 +433,8 @@ class Image_Uploader extends Controller {
* Ensures the css is loaded for the iframe.
*/
function iframe() {
if(!Permission::check('ADMIN')) Security::permissionFailure($this);
Requirements::css("cms/css/Image_iframe.css");
return array();
}
@ -711,6 +713,8 @@ class Image_Uploader extends Controller {
* Flush all of the generated images.
*/
function flush() {
if(!Permission::check('ADMIN')) Security::permissionFailure($this);
$images = DataObject::get("Image","");
$numItems = 0;
$num = 0;
@ -731,6 +735,8 @@ class Image_Uploader extends Controller {
* @deprecated This function is only used to migrate content from old databases.
*/
function transferlegacycontent() {
if(!Permission::check('ADMIN')) Security::permissionFailure($this);
$images = DB::query("SELECT * FROM _obsolete_Image");
echo "<h3>Transferring images</h3>";
foreach($images as $image) {