WordPress.org

Make WordPress Core

Ticket #9452: 9452.url.patch

File 9452.url.patch, 1.2 KB (added by bingorabbit, 9 years ago)

URL Fix Patch

  • home/bingorabbit/Desktop/localhost/wordpress-latest/wp-admin/plugin-editor.php

     
    169176<?php   if ( ! $error ) { ?>
    170177        <form name="template" id="template" action="plugin-editor.php" method="post">
    171178        <?php wp_nonce_field('edit-plugin_' . $file) ?>
     179        <?php
     180            // Get the extension of the file.
     181        echo $plugin;
     182        $ext = substr($file, strpos($file, '.') + 1);
     183        // List of included files
     184        $include = array("php", "html", "css", "txt");
     185        if( false === array_search($ext, $include) ) :
     186            echo ("You can't edit this file.");
     187            break;
     188           endif;
     189        ?>
    172190                <div><textarea cols="70" rows="25" name="newcontent" id="newcontent" tabindex="1" class="codepress <?php echo $codepress_lang ?>"><?php echo $content ?></textarea>
    173191                <input type="hidden" name="action" value="update" />
    174192                <input type="hidden" name="file" value="<?php echo $file ?>" />