WordPress.org

Make WordPress Core

Ticket #8548: themefix.diff

File themefix.diff, 923 bytes (added by zedlander, 9 years ago)

Diff to avoid filtering out '/' from theme filenames.

  • wp-includes/theme.php

     
    849849        if ( !current_user_can( 'switch_themes' ) )
    850850                return;
    851851
    852         $_GET['template'] = preg_replace('|[^a-z0-9_.-]|i', '', $_GET['template']);
     852        $_GET['template'] = preg_replace('|[^a-z0-9_.-/]|i', '', $_GET['template']);
    853853
    854854        if ( validate_file($_GET['template']) )
    855855                return;
     
    857857        add_filter('template', create_function('', "return '{$_GET['template']}';") );
    858858
    859859        if ( isset($_GET['stylesheet']) ) {
    860                 $_GET['stylesheet'] = preg_replace('|[^a-z0-9_.-]|i', '', $_GET['stylesheet']);
     860                $_GET['stylesheet'] = preg_replace('|[^a-z0-9_.-/]|i', '', $_GET['stylesheet']);
    861861                if ( validate_file($_GET['stylesheet']) )
    862862                        return;
    863863                add_filter('stylesheet', create_function('', "return '{$_GET['stylesheet']}';") );