Opened 7 years ago
Closed 7 years ago
#42425 closed defect (bug) (fixed)
Theme editor: Unable to edit files more than 1-level deep
Reported by: | westonruter | Owned by: | westonruter |
---|---|---|---|
Milestone: | 4.9 | Priority: | normal |
Severity: | normal | Version: | 4.9 |
Component: | General | Keywords: | has-patch commit dev-reviewed |
Focuses: | Cc: |
Description
In [41806] for #6531 the logic for gathering the list of $allowed_files
was modified to allow for a unlimited depth for listing out files to edit. However, the same change was not then likewise applied to wp_edit_theme_plugin_file()
when actually validating the file path to edit. The result is that a user can view the code any file in a theme but they cannot save any edits they make. The logic in wp_edit_theme_plugin_file()
needs to be updated to match the code in theme-editor.php
.
Attachments (1)
Change History (8)
This ticket was mentioned in Slack in #core-customize by westonruter. View the logs.
7 years ago
#5
@
7 years ago
- Keywords commit dev-reviewed added; dev-feedback removed
42425.0.diff fixes the bug, LGTM.
Note: See
TracTickets for help on using
tickets.
Aligns the logic between:
https://github.com/WordPress/wordpress-develop/blob/f0cb7b5/src/wp-admin/theme-editor.php#L75-L90
and
https://github.com/WordPress/wordpress-develop/blob/f0cb7b5/src/wp-admin/includes/file.php#L432-L446