#55515 closed defect (bug) (wontfix)
About the problem that the php file of the theme editor and plugin editor cannot be edited in multi-site
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | Priority: | normal | |
| Severity: | normal | Version: | 5.9.2 |
| Component: | Networks and Sites | Keywords: | dev-feedback has-test-info |
| Focuses: | multisite | Cc: |
Description
Nice to meet you.
Create a ticket for the first time. If you do not follow the rules, please let me know.
In multi-site, when editing with the theme editor and plugin editor of the management screen, the php file is in an uneditable state.
After verification, it was possible to solve it by changing the admin_url function on lines 552 to 562 of wp-admin / includes / file.php to the network_admin_url function.
https://github.com/WordPress/WordPress/blob/master/wp-admin/includes/file.php#L552-L562
The problem is that I'm making a validation request containing wp_scrape_key for a php file, but even for multi-site the request is now sent to /wp-admin/theme-editor.php.
Therefore, when verifying wp_scrap_key, it will be redirected to /wp-admin/network/theme-editor.php and cannot be verified, resulting in loopback_request_failed that cannot be edited.
This seems to be happening at all multi-sites. If anyone knows, please let me know.
Attachments (1)
Change History (6)
This ticket was mentioned in PR #2497 on WordPress/wordpress-develop by 1shiharat.
4 years ago
#1
#2
@
14 months ago
- Keywords dev-feedback has-testing-info added; has-patch removed
Thank you for reporting this issue and for providing a detailed analysis.
I tested the behaviour on both an existing and a fresh WordPress 6.8 multisite installation and was able to edit plugin and theme files directly through the editors without encountering any issues, as long as the proper access rights were set.
Since the problem no longer seems to occur in the latest version, and the functionality works as expected, I would suggest closing this ticket as “won’t fix.”
Thanks again for your efforts in improving WordPress.
#4
@
12 months ago
- Milestone Awaiting Review deleted
- Resolution set to wontfix
- Status changed from new to closed
#5
@
3 months ago
Hello
I ran into the same issue and spent quite some time debugging it. In my case this happened in a WordPress Multisite installation when trying to edit functions.php via the built-in Theme Editor in the network admin.
The strange thing was that:
saving style.css worked
saving functions.php always failed with the message that WordPress could not verify the site communication and therefore reverted the change
no PHP error appeared in debug.log
the AJAX request itself returned HTTP 200
After adding extensive logging I found that the actual save request works correctly (admin-ajax.php, action edit-theme-plugin-file). The problem occurs in the second request that WordPress performs to validate the PHP file.
WordPress sends a loopback request like this:
/wp-admin/theme-editor.php?theme=...&file=functions.php&wp_scrape_key=...&wp_scrape_nonce=...
In a Multisite environment this request ends up loading the network theme editor page, returning the full admin HTML instead of the expected scrape response. Because of that the validation step fails and WordPress rolls back the change even though the file itself is valid.
Key observations from the logs:
save request succeeds
response code 200
no PHP errors
loopback request returns the full network theme editor HTML
https://core.trac.wordpress.org/ticket/55515
Trac ticket: