WordPress.org

Make WordPress Core

Ticket #18563: 18563.diff

File 18563.diff, 3.6 KB (added by trepmal, 9 years ago)
  • wp-admin/plugin-editor.php

     
    3737
    3838$plugin_files = get_plugin_files($plugin);
    3939
    40 if ( empty($file) )
     40// List of allowable extensions
     41$editable_extensions = array( 'php', 'txt', 'text', 'js', 'css', 'html', 'htm', 'xml', 'inc', 'include' );
     42$editable_extensions = (array) apply_filters( 'editable_extensions', $editable_extensions );
     43
     44foreach ( $plugin_files as $i => $plugin_file ) {
     45        // Get the extension of the file
     46        if ( preg_match( '/\.([^.]+)$/', $plugin_file, $matches ) ) {
     47                $ext = strtolower( $matches[1] );
     48                // If extension is not in the acceptable list, skip it
     49                if ( ! in_array( $ext, $editable_extensions ) )
     50                        unset( $plugin_files[$i] );
     51        } else {
     52                // No extension found
     53                unset( $plugin_files[$i] );
     54        }
     55}
     56$plugin_files = array_values( $plugin_files );
     57
     58if ( empty( $file ) && empty( $plugin_files ) ) {
     59        wp_die( __( 'This plugin does not have any editable files.' ) );
     60} else if ( empty( $file ) ) {
    4161        $file = $plugin_files[0];
    42 else
    43         $file = stripslashes($file);
     62} else if ( ! in_array( $file, $plugin_files ) ) {
     63        wp_die( __( 'This filetype is not editable! Double check the name and try again.' ) );
     64} else {
     65        $file = stripslashes( $file );
     66}
    4467
    45 $file = validate_file_to_edit($file, $plugin_files);
     68$file = validate_file_to_edit( $file, $plugin_files );
    4669$real_file = WP_PLUGIN_DIR . '/' . $file;
     70
     71if ( ! is_file( $real_file ) )
     72        wp_die( __( 'No such file exists! Double check the name and try again.' ) );
     73
    4774$scrollto = isset($_REQUEST['scrollto']) ? (int) $_REQUEST['scrollto'] : 0;
    4875
    4976switch ( $action ) {
     
    94121                exit;
    95122        }
    96123
    97         // List of allowable extensions
    98         $editable_extensions = array('php', 'txt', 'text', 'js', 'css', 'html', 'htm', 'xml', 'inc', 'include');
    99         $editable_extensions = (array) apply_filters('editable_extensions', $editable_extensions);
    100 
    101         if ( ! is_file($real_file) ) {
    102                 wp_die(sprintf('<p>%s</p>', __('No such file exists! Double check the name and try again.')));
    103         } else {
    104                 // Get the extension of the file
    105                 if ( preg_match('/\.([^.]+)$/', $real_file, $matches) ) {
    106                         $ext = strtolower($matches[1]);
    107                         // If extension is not in the acceptable list, skip it
    108                         if ( !in_array( $ext, $editable_extensions) )
    109                                 wp_die(sprintf('<p>%s</p>', __('Files of this type are not editable.')));
    110                 }
    111         }
    112 
    113124        add_contextual_help($current_screen,
    114125                '<p>' . __('You can use the editor to make changes to any of your plugins&#8217; individual PHP files. Be aware that if you make changes, plugins updates will overwrite your customizations.') . '</p>' .
    115126                '<p>' . __('Choose a plugin to edit from the menu in the upper right and click the Select button. Click once on any file name to load it in the editor, and make your changes. Don&#8217;t forget to save your changes (Update File) when you&#8217;re finished.') . '</p>' .
     
    202213        <ul>
    203214<?php
    204215foreach ( $plugin_files as $plugin_file ) :
    205         // Get the extension of the file
    206         if ( preg_match('/\.([^.]+)$/', $plugin_file, $matches) ) {
    207                 $ext = strtolower($matches[1]);
    208                 // If extension is not in the acceptable list, skip it
    209                 if ( !in_array( $ext, $editable_extensions ) )
    210                         continue;
    211         } else {
    212                 // No extension found
    213                 continue;
    214         }
    215216?>
    216217                <li<?php echo $file == $plugin_file ? ' class="highlight"' : ''; ?>><a href="plugin-editor.php?file=<?php echo urlencode( $plugin_file ) ?>&amp;plugin=<?php echo urlencode( $plugin ) ?>"><?php echo $plugin_file ?></a></li>
    217218<?php endforeach; ?>