Make WordPress Core

Changeset 42245 for branches/4.9


Ignore:
Timestamp:
11/27/2017 03:28:00 AM (7 years ago)
Author:
dd32
Message:

Theme Editor: Validate files are editable based on their relative filenames, rather than full file path.

This fixes theme editing on Windows platforms where validate_file() will return 2 on a full file path.

Merges [42244] to the 4.9 branch.
Fixes #42609.

Location:
branches/4.9
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • branches/4.9

  • branches/4.9/src/wp-admin/includes/file.php

    r42112 r42245  
    446446        }
    447447
    448         if ( 0 !== validate_file( $real_file, $allowed_files ) ) {
     448        // Compare based on relative paths
     449        if ( 0 !== validate_file( $file, array_keys( $allowed_files ) ) ) {
    449450            return new WP_Error( 'disallowed_theme_file', __( 'Sorry, that file cannot be edited.' ) );
    450451        }
Note: See TracChangeset for help on using the changeset viewer.