WordPress.org

Make WordPress Core

Ticket #9452: 9452.1.patch

File 9452.1.patch, 1.9 KB (added by jbsil, 9 years ago)

Includes regex to find extensions, apply_filter call for 'editable_extensions', and check for current file as well as the list

  • plugin-editor.php

     
    161161        <h3 id="bordertitle"><?php _e('Plugin Files'); ?></h3>
    162162
    163163        <ul>
    164 <?php foreach($plugin_files as $plugin_file) : ?>
     164<?php
     165//List of allowable extensions
     166$editable_extensions = apply_filters('editable_extensions', array("php", "txt", "text", "js", "css", "html", "htm", "xml", "inc", "include"));
     167foreach($plugin_files as $plugin_file) :
     168        //Get the extension of the file
     169        if (preg_match('/\.([^.]+)$/', $plugin_file, $matches)) {
     170                $ext = strtolower($matches[1]);
     171                //If extension is not in the acceptable list, skip it
     172                if ( false === array_search( $ext, $editable_extensions ) ) continue;
     173        } else {
     174                //No extension found
     175                //What action belongs here? Leave the file in the list? Going with skip for safety
     176                continue;
     177        }       ?>
    165178                <li<?php echo $file == $plugin_file ? ' class="highlight"' : ''; ?>><a href="plugin-editor.php?file=<?php echo $plugin_file; ?>&plugin=<?php echo $plugin; ?>"><?php echo $plugin_file ?></a></li>
    166179<?php endforeach; ?>
    167180        </ul>
    168181        </div>
    169 <?php   if ( ! $error ) { ?>
     182<?php   if ( ! $error ) {
     183        //Check current file
     184        if (preg_match('/\.([^.]+)$/', $file, $matches)) {
     185                $ext = strtolower($matches[1]);
     186                if ( false === array_search($ext, $editable_extensions) ) { ?>
     187Sorry, that file cannot be edited because it may not be a text file.
     188<div class="clear"> &nbsp; </div>
     189</div><?php
     190                        break;
     191                }
     192        } else { ?>
     193Sorry, that file cannot be edited because it has no extension.
     194<div class="clear"> &nbsp; </div>
     195</div><?php
     196                break;
     197        }
     198        ?>
    170199        <form name="template" id="template" action="plugin-editor.php" method="post">
    171200        <?php wp_nonce_field('edit-plugin_' . $file) ?>
    172201                <div><textarea cols="70" rows="25" name="newcontent" id="newcontent" tabindex="1" class="codepress <?php echo $codepress_lang ?>"><?php echo $content ?></textarea>