WordPress.org

Make WordPress Core


Ignore:
Timestamp:
11/02/2017 11:04:54 PM (7 months ago)
Author:
westonruter
Message:

Theme Editor: Ensure files listed recursively can be both viewed and edited.

Prevent edits to 2-level deep theme files from returning a disallowed_theme_file error when attempting to save an edit. Aligns logic for gathering $allowed_files in theme-editor.php for listing files with the validation logic in wp_edit_theme_plugin_file().

Amends [41806].
See #6531.
Fixes #42425.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/includes/file.php

    r42011 r42112  
    433433            switch ( $type ) {
    434434                case 'php':
    435                     $allowed_files = array_merge( $allowed_files, $theme->get_files( 'php', 1 ) );
     435                    $allowed_files = array_merge( $allowed_files, $theme->get_files( 'php', -1 ) );
    436436                    break;
    437437                case 'css':
    438                     $style_files = $theme->get_files( 'css' );
     438                    $style_files = $theme->get_files( 'css', -1 );
    439439                    $allowed_files['style.css'] = $style_files['style.css'];
    440440                    $allowed_files = array_merge( $allowed_files, $style_files );
    441441                    break;
    442442                default:
    443                     $allowed_files = array_merge( $allowed_files, $theme->get_files( $type ) );
     443                    $allowed_files = array_merge( $allowed_files, $theme->get_files( $type, -1 ) );
    444444                    break;
    445445            }
Note: See TracChangeset for help on using the changeset viewer.