[wp-testers] Re: Editing Plugin files in 2.8

Ibrahim A. Mohamed bingorabbit at gmail.com
Fri Apr 3 14:00:27 GMT 2009 

I tested it on 2.7.1 and it's ok, we can use the same implementation in
this..

On Fri, Apr 3, 2009 at 3:42 PM, Ibrahim A. Mohamed <bingorabbit at gmail.com>wrote:

> Sorry, that didn't work..looking for better solutions :)
>
>
> On Fri, Apr 3, 2009 at 3:39 PM, Ibrahim A. Mohamed <bingorabbit at gmail.com>wrote:
>
>> We can do so by adding:
>>
>> <?php if( false !== array_search($ext, $include) )
>>>         wp_die("File is not editable."); ?>
>>>
>>
>> on line 175 on the same file, my solutions shouldn't be the best for sure,
>> as I think it should be in the same function that validates the plugin file
>> if exists in wp-admin/includes/plugin.php .
>>
>> Thanks in Advance!
>>
>> On Fri, Apr 3, 2009 at 3:20 PM, Ibrahim A. Mohamed <bingorabbit at gmail.com
>> > wrote:
>>
>>> We should also consider the $file parameter sent from the URL, so when I
>>> for example type in the address bar:
>>> http://path.to/wordpress/wp-admin/plugin-editor.php?file=akismet/akismet
>>> .*gif*
>>> It works, we need to add a rule that if it was sent in URL, Edit can't
>>> happen or something.
>>>
>>>
>>> On Fri, Apr 3, 2009 at 2:24 PM, Ibrahim A. Mohamed <
>>> bingorabbit at gmail.com> wrote:
>>>
>>>> I love Peter's idea on Silverstein solution, we can do it this way:
>>>> $include = array("php", "txt", "css", "html");
>>>> instead of
>>>> $exclude = array("gif", "jpg", "png", "bmp", "swf", "flv", "mp3", "wav"
>>>> /* others */);
>>>>
>>>> and change: if( false !== array_search($ext, $exclude)) continue; ?>
>>>>
>>>> to if( false === array_search($ext, $include)) continue; ?>
>>>>
>>>> Thanks in Advance!
>>>>
>>>>
>>>> On Fri, Apr 3, 2009 at 3:50 AM, Ibrahim A. Mohamed <
>>>> bingorabbit at gmail.com> wrote:
>>>>
>>>>> Dear all,
>>>>>
>>>>> In 2.8, a new feature added to the Plugin editor in which you can edit
>>>>> any file, not the plugin's file only. A problem can be found, especially
>>>>> with plugins that has pictures included like akismet that you can edit these
>>>>> files, which is not logical, why should I edit a picture file in an editor?
>>>>> :)
>>>>>
>>>>> So, I think we can remove this by adding some rules for files that can
>>>>> be editted, or files that don't need to be editted like image files this
>>>>> might solve the problem. For example, for Akismet, in
>>>>> wp-admin/plugin-editor.php in line 164 where it says:
>>>>>
>>>>> <?php foreach($plugin_files as $plugin_file) : ?>
>>>>>> <li<?php echo $file == $plugin_file ? ' class="highlight"' : ''; ?>><a
>>>>>> href="plugin-editor.php?file=<?php echo $plugin_file; ?>&plugin=<?php echo
>>>>>> $plugin; ?>"><?php echo $plugin_file ?></a></li>
>>>>>> <?php endforeach; ?>
>>>>>>
>>>>>
>>>>> We can make it:
>>>>>
>>>>> <?php foreach($plugin_files as $plugin_file) :
>>>>>> // Get the extension of the file.
>>>>>>     $ext = substr($plugin_file, strpos($plugin_file, '.') + 1);
>>>>>> // Extensions to be eliminated
>>>>>>     if($ext != 'gif' && $ext != 'jpg') : ?>
>>>>>>         <li<?php echo $file == $plugin_file ? ' class="highlight"' :
>>>>>> ''; ?>><a href="plugin-editor.php?file=<?php echo $plugin_file;
>>>>>> ?>&plugin=<?php echo $plugin; ?>"><?php echo $plugin_file ?></a></li>
>>>>>>     <?php endif; ?>
>>>>>> <?php endforeach; ?>
>>>>>>
>>>>>
>>>>> This actually solves it for gif file and jpg one.
>>>>>
>>>>> Thanks in Advance!
>>>>>
>>>>> --
>>>>> Regards,
>>>>> Ibrahim Abdel Fattah Mohamed
>>>>> Web Developer
>>>>> Twitter: @bingorabbit
>>>>> e-mail: bingorabbit at gmail.com
>>>>> Personal bLOG: http://bingorabbit.com/
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Regards,
>>>> Ibrahim Abdel Fattah Mohamed
>>>> Web Developer
>>>> Twitter: @bingorabbit
>>>> e-mail: bingorabbit at gmail.com
>>>> Personal bLOG: http://bingorabbit.com/
>>>>
>>>
>>>
>>>
>>> --
>>> Regards,
>>> Ibrahim Abdel Fattah Mohamed
>>> Web Developer
>>> Twitter: @bingorabbit
>>> e-mail: bingorabbit at gmail.com
>>> Personal bLOG: http://bingorabbit.com/
>>>
>>
>>
>>
>> --
>> Regards,
>> Ibrahim Abdel Fattah Mohamed
>> Web Developer
>> Twitter: @bingorabbit
>> e-mail: bingorabbit at gmail.com
>> Personal bLOG: http://bingorabbit.com/
>>
>
>
>
> --
> Regards,
> Ibrahim Abdel Fattah Mohamed
> Web Developer
> Twitter: @bingorabbit
> e-mail: bingorabbit at gmail.com
> Personal bLOG: http://bingorabbit.com/
>



-- 
Regards,
Ibrahim Abdel Fattah Mohamed
Web Developer
Twitter: @bingorabbit
e-mail: bingorabbit at gmail.com
Personal bLOG: http://bingorabbit.com/

More information about the wp-testers mailing list