WordPress.org

Make WordPress Core

Changeset 42244


Ignore:
Timestamp:
11/27/17 03:27:19 (2 months ago)
Author:
dd32
Message:

Theme Editor: Validate files are editable based on their relative filenames, rather than full file path.

This fixes theme editing on Windows platforms where validate_file() will return 2 on a full file path.

Fixes #42609.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/includes/file.php

    r42224 r42244  
    446446        } 
    447447 
    448         if ( 0 !== validate_file( $real_file, $allowed_files ) ) { 
     448        // Compare based on relative paths 
     449        if ( 0 !== validate_file( $file, array_keys( $allowed_files ) ) ) { 
    449450            return new WP_Error( 'disallowed_theme_file', __( 'Sorry, that file cannot be edited.' ) ); 
    450451        } 
Note: See TracChangeset for help on using the changeset viewer.