[wp-testers] Re: Editing Plugin files in 2.8

Ibrahim A. Mohamed bingorabbit at gmail.com
Fri Apr 3 13:39:27 GMT 2009


We can do so by adding:

<?php if( false !== array_search($ext, $include) )
>         wp_die("File is not editable."); ?>
>

on line 175 on the same file, my solutions shouldn't be the best for sure,
as I think it should be in the same function that validates the plugin file
if exists in wp-admin/includes/plugin.php .

Thanks in Advance!
On Fri, Apr 3, 2009 at 3:20 PM, Ibrahim A. Mohamed <bingorabbit at gmail.com>wrote:

> We should also consider the $file parameter sent from the URL, so when I
> for example type in the address bar:
> http://path.to/wordpress/wp-admin/plugin-editor.php?file=akismet/akismet.*
> gif*
> It works, we need to add a rule that if it was sent in URL, Edit can't
> happen or something.
>
>
> On Fri, Apr 3, 2009 at 2:24 PM, Ibrahim A. Mohamed <bingorabbit at gmail.com>wrote:
>
>> I love Peter's idea on Silverstein solution, we can do it this way:
>> $include = array("php", "txt", "css", "html");
>> instead of
>> $exclude = array("gif", "jpg", "png", "bmp", "swf", "flv", "mp3", "wav" /*
>> others */);
>>
>> and change: if( false !== array_search($ext, $exclude)) continue; ?>
>>
>> to if( false === array_search($ext, $include)) continue; ?>
>>
>> Thanks in Advance!
>>
>>
>> On Fri, Apr 3, 2009 at 3:50 AM, Ibrahim A. Mohamed <bingorabbit at gmail.com
>> > wrote:
>>
>>> Dear all,
>>>
>>> In 2.8, a new feature added to the Plugin editor in which you can edit
>>> any file, not the plugin's file only. A problem can be found, especially
>>> with plugins that has pictures included like akismet that you can edit these
>>> files, which is not logical, why should I edit a picture file in an editor?
>>> :)
>>>
>>> So, I think we can remove this by adding some rules for files that can be
>>> editted, or files that don't need to be editted like image files this might
>>> solve the problem. For example, for Akismet, in wp-admin/plugin-editor.php
>>> in line 164 where it says:
>>>
>>> <?php foreach($plugin_files as $plugin_file) : ?>
>>>> <li<?php echo $file == $plugin_file ? ' class="highlight"' : ''; ?>><a
>>>> href="plugin-editor.php?file=<?php echo $plugin_file; ?>&plugin=<?php echo
>>>> $plugin; ?>"><?php echo $plugin_file ?></a></li>
>>>> <?php endforeach; ?>
>>>>
>>>
>>> We can make it:
>>>
>>> <?php foreach($plugin_files as $plugin_file) :
>>>> // Get the extension of the file.
>>>>     $ext = substr($plugin_file, strpos($plugin_file, '.') + 1);
>>>> // Extensions to be eliminated
>>>>     if($ext != 'gif' && $ext != 'jpg') : ?>
>>>>         <li<?php echo $file == $plugin_file ? ' class="highlight"' : '';
>>>> ?>><a href="plugin-editor.php?file=<?php echo $plugin_file; ?>&plugin=<?php
>>>> echo $plugin; ?>"><?php echo $plugin_file ?></a></li>
>>>>     <?php endif; ?>
>>>> <?php endforeach; ?>
>>>>
>>>
>>> This actually solves it for gif file and jpg one.
>>>
>>> Thanks in Advance!
>>>
>>> --
>>> Regards,
>>> Ibrahim Abdel Fattah Mohamed
>>> Web Developer
>>> Twitter: @bingorabbit
>>> e-mail: bingorabbit at gmail.com
>>> Personal bLOG: http://bingorabbit.com/
>>>
>>
>>
>>
>> --
>> Regards,
>> Ibrahim Abdel Fattah Mohamed
>> Web Developer
>> Twitter: @bingorabbit
>> e-mail: bingorabbit at gmail.com
>> Personal bLOG: http://bingorabbit.com/
>>
>
>
>
> --
> Regards,
> Ibrahim Abdel Fattah Mohamed
> Web Developer
> Twitter: @bingorabbit
> e-mail: bingorabbit at gmail.com
> Personal bLOG: http://bingorabbit.com/
>



-- 
Regards,
Ibrahim Abdel Fattah Mohamed
Web Developer
Twitter: @bingorabbit
e-mail: bingorabbit at gmail.com
Personal bLOG: http://bingorabbit.com/


More information about the wp-testers mailing list