WordPress.org

Make WordPress Core

Changeset 42244


Ignore:
Timestamp:
11/27/2017 03:27:19 AM (6 months ago)
Author:
dd32
Message:

Theme Editor: Validate files are editable based on their relative filenames, rather than full file path.

This fixes theme editing on Windows platforms where validate_file() will return 2 on a full file path.

Fixes #42609.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/includes/file.php

    r42224 r42244  
    446446        }
    447447
    448         if ( 0 !== validate_file( $real_file, $allowed_files ) ) {
     448        // Compare based on relative paths
     449        if ( 0 !== validate_file( $file, array_keys( $allowed_files ) ) ) {
    449450            return new WP_Error( 'disallowed_theme_file', __( 'Sorry, that file cannot be edited.' ) );
    450451        }
Note: See TracChangeset for help on using the changeset viewer.