WordPress.org

Make WordPress Core

Changeset 21069


Ignore:
Timestamp:
06/12/12 18:39:16 (3 years ago)
Author:
nacin
Message:

Theme Customizer: Validate themes with more than just an existence check.

  • The current theme goes through validate_current_theme().
  • If doing a preview of a different theme, we check theme->errors().

Also:

  • Don't attach previewing hooks when previewing the current theme.

Aside from being unnecessary, this prevents issues with a theme with
the error of theme_parent_invalid.

  • Call send_origin_headers() earlier, to allow wp_die( '0' ) to properly

be returned in a domain mapping situation.

  • Fix the 'Save & Activate' message on themes.php.

fixes #20921.

Location:
trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/customize.php

    r21031 r21069  
    162162            'preview'       => esc_url( $url ? $url : home_url( '/' ) ), 
    163163            'parent'        => esc_url( admin_url() ), 
    164             'activated'     => esc_url( admin_url( 'themes.php?activated=true' ) ), 
     164            'activated'     => admin_url( 'themes.php?activated=true&previewed' ), 
    165165            'ajax'          => esc_url( admin_url( 'admin-ajax.php', 'relative' ) ), 
    166166            'allowed'       => array_map( 'esc_url', $allowed_urls ), 
  • trunk/wp-admin/themes.php

    r21010 r21069  
    9393?> 
    9494 
    95 <?php if ( ! validate_current_theme() ) : ?> 
    96 <div id="message1" class="updated"><p><?php _e('The active theme is broken. Reverting to the default theme.'); ?></p></div> 
    97 <?php elseif ( isset($_GET['activated']) ) : 
    98         if ( isset($wp_registered_sidebars) && count( (array) $wp_registered_sidebars ) && current_user_can('edit_theme_options') ) { ?> 
    99 <div id="message2" class="updated"><p><?php printf( __('New theme activated. This theme supports widgets, please visit the <a href="%s">widgets settings</a> screen to configure them.'), admin_url( 'widgets.php' ) ); ?></p></div><?php 
    100         } else { ?> 
    101 <div id="message2" class="updated"><p><?php printf( __( 'New theme activated. <a href="%s">Visit site</a>' ), home_url( '/' ) ); ?></p></div><?php 
    102         } 
    103     elseif ( isset($_GET['deleted']) ) : ?> 
    104 <div id="message3" class="updated"><p><?php _e('Theme deleted.') ?></p></div> 
    105 <?php endif; ?> 
    106  
    10795<div class="wrap"><?php 
    10896screen_icon(); 
     
    115103</h2> 
    116104<?php 
     105if ( ! validate_current_theme() || isset( $_GET['broken'] ) ) : ?> 
     106<div id="message1" class="updated"><p><?php _e('The active theme is broken. Reverting to the default theme.'); ?></p></div> 
     107<?php elseif ( isset($_GET['activated']) ) : 
     108        if ( isset( $_GET['previewed'] ) ) { ?> 
     109        <div id="message2" class="updated"><p><?php printf( __( 'Settings saved and theme activated. <a href="%s">Visit site</a>.' ), home_url( '/' ) ); ?></p></div> 
     110        <?php } elseif ( isset($wp_registered_sidebars) && count( (array) $wp_registered_sidebars ) && current_user_can('edit_theme_options') ) { ?> 
     111<div id="message2" class="updated"><p><?php printf( __('New theme activated. This theme supports widgets, please visit the <a href="%s">widgets settings</a> screen to configure them.'), admin_url( 'widgets.php' ) ); ?></p></div><?php 
     112        } else { ?> 
     113<div id="message2" class="updated"><p><?php printf( __( 'New theme activated. <a href="%s">Visit site</a>' ), home_url( '/' ) ); ?></p></div><?php 
     114        } 
     115    elseif ( isset($_GET['deleted']) ) : ?> 
     116<div id="message3" class="updated"><p><?php _e('Theme deleted.') ?></p></div> 
     117<?php 
     118endif; 
    117119 
    118120$ct = wp_get_theme(); 
  • trunk/wp-includes/class-wp-customize-manager.php

    r21054 r21069  
    7373     * @since 3.4.0 
    7474     */ 
    75     private function wp_die( $ajax_message, $message ) { 
     75    protected function wp_die( $ajax_message, $message = null ) { 
    7676        if ( $this->doing_ajax() ) 
    7777            wp_die( $ajax_message ); 
     78 
     79        if ( ! $message ) 
     80            $message = __( 'Cheatin&#8217; uh?' ); 
    7881 
    7982        wp_die( $message ); 
     
    99102     */ 
    100103    public function setup_theme() { 
     104        send_origin_headers(); 
     105 
    101106        if ( is_admin() && ! $this->doing_ajax() ) 
    102107            auth_redirect(); 
    103         elseif ( $this->doing_ajax() && ! is_user_logged_in()) 
    104             wp_die( 0 ); 
    105  
    106         send_origin_headers(); 
     108        elseif ( $this->doing_ajax() && ! is_user_logged_in() ) 
     109            $this->wp_die( 0 ); 
     110 
     111        show_admin_bar( false ); 
     112 
     113        if ( ! current_user_can( 'edit_theme_options' ) ) 
     114            $this->wp_die( -1 ); 
    107115 
    108116        $this->original_stylesheet = get_stylesheet(); 
     
    110118        $this->theme = wp_get_theme( isset( $_REQUEST['theme'] ) ? $_REQUEST['theme'] : null ); 
    111119 
    112         // You can't preview a theme if it doesn't exist, or if it is not allowed (unless active). 
    113         if ( ! $this->theme->exists() ) 
    114             $this->wp_die( -1, __( 'Cheatin&#8217; uh?' ) ); 
    115  
    116         if ( $this->theme->get_stylesheet() != get_stylesheet() && ( ! $this->theme()->is_allowed() || ! current_user_can( 'switch_themes' ) ) ) 
    117             $this->wp_die( -1, __( 'Cheatin&#8217; uh?' ) ); 
    118  
    119         if ( ! current_user_can( 'edit_theme_options' ) ) 
    120             $this->wp_die( -1, __( 'Cheatin&#8217; uh?' ) ); 
     120        if ( $this->is_theme_active() ) { 
     121            // Once the theme is loaded, we'll validate it. 
     122            add_action( 'after_setup_theme', array( $this, 'after_setup_theme' ) ); 
     123        } else { 
     124            if ( ! current_user_can( 'switch_themes' ) ) 
     125                $this->wp_die( -1 ); 
     126 
     127            // If the theme isn't active, you can't preview it if it is not allowed or has errors. 
     128            if ( $this->theme()->errors() ) 
     129                $this->wp_die( -1 ); 
     130 
     131            if ( ! $this->theme()->is_allowed() ) 
     132                $this->wp_die( -1 ); 
     133        } 
    121134 
    122135        $this->start_previewing_theme(); 
    123         show_admin_bar( false ); 
     136    } 
     137 
     138    function after_setup_theme() { 
     139        if ( ! $this->doing_ajax() && ! validate_current_theme() ) { 
     140            wp_redirect( 'themes.php?broken=true' ); 
     141            exit; 
     142        } 
    124143    } 
    125144 
     
    138157        $this->previewing = true; 
    139158 
    140         add_filter( 'template', array( $this, 'get_template' ) ); 
    141         add_filter( 'stylesheet', array( $this, 'get_stylesheet' ) ); 
    142         add_filter( 'pre_option_current_theme', array( $this, 'current_theme' ) ); 
    143  
    144         // @link: http://core.trac.wordpress.org/ticket/20027 
    145         add_filter( 'pre_option_stylesheet', array( $this, 'get_stylesheet' ) ); 
    146         add_filter( 'pre_option_template', array( $this, 'get_template' ) ); 
    147  
    148         // Handle custom theme roots. 
    149         add_filter( 'pre_option_stylesheet_root', array( $this, 'get_stylesheet_root' ) ); 
    150         add_filter( 'pre_option_template_root', array( $this, 'get_template_root' ) ); 
     159        if ( ! $this->is_theme_active() ) { 
     160            add_filter( 'template', array( $this, 'get_template' ) ); 
     161            add_filter( 'stylesheet', array( $this, 'get_stylesheet' ) ); 
     162            add_filter( 'pre_option_current_theme', array( $this, 'current_theme' ) ); 
     163     
     164            // @link: http://core.trac.wordpress.org/ticket/20027 
     165            add_filter( 'pre_option_stylesheet', array( $this, 'get_stylesheet' ) ); 
     166            add_filter( 'pre_option_template', array( $this, 'get_template' ) ); 
     167     
     168            // Handle custom theme roots. 
     169            add_filter( 'pre_option_stylesheet_root', array( $this, 'get_stylesheet_root' ) ); 
     170            add_filter( 'pre_option_template_root', array( $this, 'get_template_root' ) ); 
     171        } 
    151172 
    152173        do_action( 'start_previewing_theme', $this ); 
     
    166187        $this->previewing = false; 
    167188 
    168         remove_filter( 'template', array( $this, 'get_template' ) ); 
    169         remove_filter( 'stylesheet', array( $this, 'get_stylesheet' ) ); 
    170         remove_filter( 'pre_option_current_theme', array( $this, 'current_theme' ) ); 
    171  
    172         // @link: http://core.trac.wordpress.org/ticket/20027 
    173         remove_filter( 'pre_option_stylesheet', array( $this, 'get_stylesheet' ) ); 
    174         remove_filter( 'pre_option_template', array( $this, 'get_template' ) ); 
    175  
    176         // Handle custom theme roots. 
    177         remove_filter( 'pre_option_stylesheet_root', array( $this, 'get_stylesheet_root' ) ); 
    178         remove_filter( 'pre_option_template_root', array( $this, 'get_template_root' ) ); 
     189        if ( ! $this->is_theme_active() ) { 
     190            remove_filter( 'template', array( $this, 'get_template' ) ); 
     191            remove_filter( 'stylesheet', array( $this, 'get_stylesheet' ) ); 
     192            remove_filter( 'pre_option_current_theme', array( $this, 'current_theme' ) ); 
     193     
     194            // @link: http://core.trac.wordpress.org/ticket/20027 
     195            remove_filter( 'pre_option_stylesheet', array( $this, 'get_stylesheet' ) ); 
     196            remove_filter( 'pre_option_template', array( $this, 'get_template' ) ); 
     197     
     198            // Handle custom theme roots. 
     199            remove_filter( 'pre_option_stylesheet_root', array( $this, 'get_stylesheet_root' ) ); 
     200            remove_filter( 'pre_option_template_root', array( $this, 'get_template_root' ) ); 
     201        } 
    179202 
    180203        do_action( 'stop_previewing_theme', $this ); 
     
    390413     */ 
    391414    public function get_template() { 
    392         return $this->theme->get_template(); 
     415        return $this->theme()->get_template(); 
    393416    } 
    394417 
     
    401424     */ 
    402425    public function get_stylesheet() { 
    403         return $this->theme->get_stylesheet(); 
     426        return $this->theme()->get_stylesheet(); 
    404427    } 
    405428 
     
    434457     */ 
    435458    public function current_theme( $current_theme ) { 
    436         return $this->theme->display('Name'); 
     459        return $this->theme()->display('Name'); 
    437460    } 
    438461 
     
    449472 
    450473        // Do we have to switch themes? 
    451         if ( $this->get_stylesheet() != $this->original_stylesheet ) { 
     474        if ( ! $this->is_theme_active() ) { 
    452475            // Temporarily stop previewing the theme to allow switch_themes() 
    453476            // to operate properly. 
     
    463486        } 
    464487 
    465         add_action( 'admin_notices', array( $this, '_save_feedback' ) ); 
    466  
    467488        die; 
    468     } 
    469  
    470     /** 
    471      * Show an admin notice after settings are saved. 
    472      * 
    473      * @since 3.4.0 
    474      */ 
    475     public function _save_feedback() { 
    476         ?> 
    477         <div class="updated"><p><?php printf( __( 'Settings saved and theme activated. <a href="%s">Visit site</a>.' ), home_url( '/' ) ); ?></p></div> 
    478         <?php 
    479489    } 
    480490 
Note: See TracChangeset for help on using the changeset viewer.