WordPress.org

Make WordPress Core

Ticket #9452: 9452.2.patch

File 9452.2.patch, 2.1 KB (added by jbsil, 6 years ago)

Only allows filter to add to existing list. All other changes also in this patch.

  • plugin-editor.php

     
    161161        <h3 id="bordertitle"><?php _e('Plugin Files'); ?></h3> 
    162162 
    163163        <ul> 
    164 <?php foreach($plugin_files as $plugin_file) : ?> 
     164<?php 
     165//List of allowable extensions 
     166$always_editable = array("php", "txt", "text", "js", "css", "html", "htm", "xml", "inc", "include"); 
     167$editable_extensions = apply_filters('editable_extensions', array()); 
     168if (is_array($editable_extensions)) $editable_extensions = array_unique(array_merge($editable_extensions, $always_editable)); 
     169else $editable_extensions = $always_editable; 
     170foreach($plugin_files as $plugin_file) : 
     171        //Get the extension of the file 
     172        if (preg_match('/\.([^.]+)$/', $plugin_file, $matches)) { 
     173                $ext = strtolower($matches[1]); 
     174                //If extension is not in the acceptable list, skip it 
     175                if ( false === array_search( $ext, $editable_extensions ) ) continue; 
     176        } else { 
     177                //No extension found 
     178                //What action belongs here? Leave the file in the list? Going with skip for safety 
     179                continue; 
     180        }       ?> 
    165181                <li<?php echo $file == $plugin_file ? ' class="highlight"' : ''; ?>><a href="plugin-editor.php?file=<?php echo $plugin_file; ?>&plugin=<?php echo $plugin; ?>"><?php echo $plugin_file ?></a></li> 
    166182<?php endforeach; ?> 
    167183        </ul> 
    168184        </div> 
    169 <?php   if ( ! $error ) { ?> 
     185<?php   if ( ! $error ) { 
     186        //Check current file 
     187        if (preg_match('/\.([^.]+)$/', $file, $matches)) { 
     188                $ext = strtolower($matches[1]); 
     189                if ( false === array_search($ext, $editable_extensions) ) { ?> 
     190Sorry, that file cannot be edited because it may not be a text file. 
     191<div class="clear"> &nbsp; </div> 
     192</div><?php 
     193                        break; 
     194                } 
     195        } else { ?> 
     196Sorry, that file cannot be edited because it has no extension. 
     197<div class="clear"> &nbsp; </div> 
     198</div><?php 
     199                break; 
     200        } 
     201        ?> 
    170202        <form name="template" id="template" action="plugin-editor.php" method="post"> 
    171203        <?php wp_nonce_field('edit-plugin_' . $file) ?> 
    172204                <div><textarea cols="70" rows="25" name="newcontent" id="newcontent" tabindex="1" class="codepress <?php echo $codepress_lang ?>"><?php echo $content ?></textarea>