Fix access by secret when login is forced

core.php

@@ -1337,7 +1337,7 @@ if(!isset($pageindex->{$env->page}) and isset($_GET["search-redirect"]))
 // Note we use $_GET here because $env->action isn't populated at this point
 if($settings->require_login_view === true && // If this site requires a login in order to view pages
    !$env->is_logged_in && // And the user isn't logged in
-   !in_array($_GET["action"], [ "login", "checklogin", "opensearch-description" ])) // And the user isn't trying to login, or get the opensearch description
+   !in_array($_GET["action"], [ "login", "checklogin", "opensearch-description", "invindex-rebuild", "stats-update" ])) // And the user isn't trying to login, or get the opensearch description, or access actions that apply their own access rules
 {
 	// Redirect the user to the login page
 	http_response_code(307);