Limit false positives when enabling WP_Customize_Manager
|Reported by:||nacin||Owned by:||ryan|
I'm doing some final reviews of some of our more intricate 3.4 features, to see where plugin conflicts are most likely.
For instantiating the customizer, this is our current check:
( isset( $_REQUEST['customize'] ) && 'on' == $_REQUEST['customize'] ) || 'customize.php' == basename( $_SERVER['PHP_SELF'] )
- While ?customize=something in itself will not conflict with this (we avoid registering a query var), we should consider making this $_REQUEST['wp_customize'] to avoid any chance of ?customize=on conflicting with a theme. Since we now have customize.php for direct URL access, it won't make our user-side URLs any uglier.
- That customize.php check will catch plugins with a customize.php file that is directly accessed. While this is going to be a rare conflict, we should include an is_admin() check to ensure we are only looking in the wp-admin directory.
Severity = major in that things will break if there is a conflict. Priority = lowest in that the chance of a conflict is rare.