[wp-hackers] Removing edit theme files features

Andy Charrington-Wilden andycharrington at gmail.com
Wed Jan 16 12:57:58 UTC 2013 

I agree. The whole point is to make it accessible to users who dont know or want to use ftp.

How about introducing a system whereby the edited file is temporarily copied (with the changes) then run through php_check_syntax(), then providing a positive result, the changes are duplicated to the live copy and the temp file deleted?

I would happily write a plugin to do this if anyone is interested? I might do it anyway, as a POC.

:-)


Andy Charrington-Wilden
Fish Can't Whistle Limited


This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Fish Can't Whistle.
If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone.
Please contact the sender if you believe you have received this email in error

Fish Can't Whistle Ltd is a company registered in England and Wales. Registered number: 7781289. Registered Office: Studio 30, Fazeley Studios, 191 Fazeley Street, Digbeth, Birmingham B5 5SE








On 16 Jan 2013, at 12:54, Steve Taylor <steve at sltaylor.co.uk> wrote:

>> How about disabling it by default and then enabling through a constant set
>> in wp-config.php? Then most users won't have access to the editor, but
>> people who need it can enable it through FTP + text editor.
> 
> This wouldn't really work. If the editor is aimed at people who don't
> know or care how to FTP, it doesn't make sense to require an FTP
> operation to enable it! :-/
> 
> That said, I agree that there's an issue with the risk of 500 errors.
> I've disabled it by default in all my installations since I
> accidentally took a client site down one weekend. I didn't have FTP
> access to their production server, and there was one tiny tweak I
> wanted to make while their tech support wasn't around to get the files
> transferred from staging :-D
> 
> Plugins seem to refuse to activate when they throw an error. Not sure
> if this happens with the plugin editor - but some kind of sandboxing
> would be the #1 improvement to make on WP file editing.
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers

More information about the wp-hackers mailing list