Opened 2 years ago

Closed 2 years ago

#335 closed enhancement (invalid)

whitelist auth for admin functions

Reported by: godog Owned by: moo
Priority: minor Milestone: undecided
Component: cacher Version: 3.0.4
Keywords: Cc:
Application: PHP Version:
Other Exts: SAPI: Irrelevant
Probability: Blocked By:


thanks for xcache!

I was trying to get some stats out and was wondering if some of the admin functions could be whitelisted (say via config, via a list of functions) to not require auth, e.g. if you are trying to get statistics out (say towards a monitoring platform) then they are effectively read-only (xcache_count and xcache_info). Whitelist rationale being that calling these functions just gets data out.


I've come up with sth like this:

  "compiling", "disabled", "misses", "hits", "clogs",
  "ooms", "errors", "cached", "deleted", "size", "avail"

function xcache_type_stats($type) {

  $total = array();
  $type_stats = array();

  for ($i = 0; $i < xcache_count($type); $i++) {
    $type_stats[] = xcache_info($type, $i);

  foreach($type_stats as $unused => $type_stat) {
    foreach($type_stat as $k => $v) {
      if(!in_array($k, $EXPORTED_STATS)) {

      if(!isset($total[$k])) {
        $total[$k] = 0;
      $total[$k] += $v;
  return $total;

Change History (2)

comment:1 Changed 2 years ago by godog

  • Priority changed from major to minor

comment:2 Changed 2 years ago by moo

  • Resolution set to invalid
  • Status changed from new to closed

you can check config.example.php, see how to "by pass" the http auth by actually providing auth info in $_SERVER array. any more question can be ask in google groups #xcache

Note: See TracTickets for help on using tickets.