Opened 12 years ago
Closed 12 years ago
#22079 closed defect (bug) (fixed)
Plugin filenames can break links in the admin menu
Reported by: | simonwheatley | Owned by: | SergeyBiryukov |
---|---|---|---|
Milestone: | 3.6 | Priority: | normal |
Severity: | normal | Version: | 2.7 |
Component: | Administration | Keywords: | has-patch commit |
Focuses: | Cc: |
Description
For example:
Creating a plugin at wp-content/plugins/import.php
will break the Tools > Import link, changing the (correct) link from
/wp-admin/import.php
to
/wp-admin/tools.php?page=import.php
. This also works/breaks with
plugins.php
,
export.php
, etc.
The issue seems to be some code in [http://core.trac.wordpress.org/browser/tags/3.4.2/wp-admin/menu-header.php#L153 _wp_menu_output]
, which checks for the existence of files in the plugins directory and changes the link if they are found. I'm guessing this code relates to the ability to link to plugin files from the admin menu?
Attachments (2)
Change History (15)
#7
@
12 years ago
This appears to have been fixed elsewhere. Creating a wp-content/plugins/import.php
file no longer breaks the Import link.
#8
@
12 years ago
I am still able to reproduce the problem using the following.
Create import.php in the plugins dir and add the following
<?php /* Plugin Name: Test Import */
Then activate the plugin and check the tools import link.
It changes the link from import.php to tools.php?page=import.php and shows permissions error.
#10
@
12 years ago
- Keywords dev-feedback removed
- Version changed from 3.4.2 to 2.7
It's not just wp-content/plugins/import.php
.
Filenames like these break the corresponding admin menu links too:
wp-content/plugins/edit.php
wp-content/plugins/edit-comments.php
wp-content/plugins/plugin-install.php
(#20710)
We need the ! file_exists( ABSPATH . "/wp-admin/$menu_file" )
check in all the three places where we have the file_exists( WP_PLUGIN_DIR . "/$menu_file" )
check. See 22079.2.patch.
Checks for the filename in the wp-admin directory. Doesn't allow overriding of default files in the admin.