WordPress.org

Make WordPress Core


Ignore:
Timestamp:
10/04/2017 12:19:16 AM (3 years ago)
Author:
westonruter
Message:

File Editors: Introduce sandboxed live editing of PHP files with rollbacks for both themes and plugins.

  • Edits to active plugins which cause PHP fatal errors will no longer auto-deactivate the plugin. Supersedes #39766.
  • Introduce sandboxed PHP file edits for active themes, preventing accidental whitescreening of a user's site when introducing a fatal error.
  • After writing a change to a PHP file for an active theme or plugin, perform loopback requests on the file editor admin screens and the homepage to check for fatal errors. If a fatal error is encountered, roll back the edited file and display the error to the user to fix and try again.
  • Introduce a secure way to scrape PHP fatal errors from a site via wp_start_scraping_edited_file_errors() and wp_finalize_scraping_edited_file_errors().
  • Moves file modifications from theme-editor.php and plugin-editor.php to common wp_edit_theme_plugin_file() function.
  • Refactor themes and plugin editors to submit file changes via Ajax instead of doing full page refreshes when JS is available.
  • Use get method for theme/plugin dropdowns.
  • Improve styling of plugin editors, including width of plugin/theme dropdowns.
  • Improve notices API for theme/plugin editor JS component.
  • Strip common base directory from plugin file list. See #24048.
  • Factor out functions to list editable file types in wp_get_theme_file_editable_extensions() and wp_get_plugin_file_editable_extensions().
  • Scroll to line in editor that has linting error when attempting to save. See #41886.
  • Add checkbox to dismiss lint errors to proceed with saving. See #41887.
  • Only style the Update File button as disabled instead of actually disabling it for accessibility reasons.
  • Ensure that value from CodeMirror is used instead of textarea when CodeMirror is present.
  • Add "Are you sure?" check when leaving editor when there are unsaved changes.

Supersedes [41560].
See #39766, #24048, #41886.
Props westonruter, Clorith, melchoyce, johnbillion, jjj, jdgrimes, azaozz.
Fixes #21622, #41887.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/load.php

    r40992 r41721  
    11131113    return apply_filters( 'file_mod_allowed', ! defined( 'DISALLOW_FILE_MODS' ) || ! DISALLOW_FILE_MODS, $context );
    11141114}
     1115
     1116/**
     1117 * Start scraping edited file errors.
     1118 *
     1119 * @since 4.9.0
     1120 */
     1121function wp_start_scraping_edited_file_errors() {
     1122    if ( ! isset( $_REQUEST['wp_scrape_key'] ) || ! isset( $_REQUEST['wp_scrape_nonce'] ) ) {
     1123        return;
     1124    }
     1125    $key = substr( sanitize_key( wp_unslash( $_REQUEST['wp_scrape_key'] ) ), 0, 32 );
     1126    $nonce = wp_unslash( $_REQUEST['wp_scrape_nonce'] );
     1127
     1128    if ( get_transient( 'scrape_key_' . $key ) !== $nonce ) {
     1129        echo "###### begin_scraped_error:$key ######";
     1130        echo wp_json_encode( array(
     1131            'code' => 'scrape_nonce_failure',
     1132            'message' => __( 'Scrape nonce check failed. Please try again.' ),
     1133        ) );
     1134        die();
     1135    }
     1136    register_shutdown_function( 'wp_finalize_scraping_edited_file_errors', $key );
     1137}
     1138
     1139/**
     1140 * Finalize scraping for edited file errors.
     1141 *
     1142 * @since 4.9.0
     1143 *
     1144 * @param string $scrape_key Scrape key.
     1145 */
     1146function wp_finalize_scraping_edited_file_errors( $scrape_key ) {
     1147    $error = error_get_last();
     1148    if ( empty( $error ) ) {
     1149        return;
     1150    }
     1151    if ( ! in_array( $error['type'], array( E_CORE_ERROR, E_COMPILE_ERROR, E_ERROR, E_PARSE, E_USER_ERROR, E_RECOVERABLE_ERROR ), true ) ) {
     1152        return;
     1153    }
     1154    $error = str_replace( ABSPATH, '', $error );
     1155    echo "###### begin_scraped_error:$scrape_key ######";
     1156    echo wp_json_encode( $error );
     1157}
Note: See TracChangeset for help on using the changeset viewer.