Disable access to app/cache + allow pchart generated files BT#18720

Author: jmontoyaa

Diff for: app/cache/.htaccess

@@ -1 +1,8 @@
+order deny,allow
+deny from all
+# pChart generated files should be allowed
+<FilesMatch "^[0-9a-f]+$">
+    order allow,deny
+    allow from all
+</FilesMatch>
 php_flag engine off

Diff for: main/admin/archive_cleanup.php

@@ -46,7 +46,17 @@
     }
 
     $archive_path = api_get_path(SYS_ARCHIVE_PATH);
-    $htaccess = 'php_flag engine off';
+    $htaccess = <<<TEXT
+order deny,allow
+deny from all
+# pChart generated files should be allowed
+<FilesMatch "^[0-9a-f]+$">
+    order allow,deny
+    allow from all
+</FilesMatch>
+php_flag engine off
+TEXT;
+
     $result = rmdirr($archive_path, true, true);
     if (false === $result) {
         Display::addFlash(Display::return_message(get_lang('ArchiveDirCleanupFailed'), 'error'));