[wp-trac] [WordPress Trac] #11032: Theme editor is not accessible

WordPress Trac wp-trac at lists.automattic.com
Sat Nov 28 13:23:06 UTC 2009


#11032: Theme editor is not accessible
--------------------------+-------------------------------------------------
 Reporter:  pavelevap     |       Owner:  westi       
     Type:  defect (bug)  |      Status:  accepted    
 Priority:  normal        |   Milestone:  2.9         
Component:  Themes        |     Version:  2.9         
 Severity:  major         |    Keywords:  dev-feedback
--------------------------+-------------------------------------------------

Comment(by dd32):

 not only that, but {{{$real_file}}} seems useless, as
 validate_file_to_edit() no longer returns anything, so its NULL on all
 platforms..

 Attached patch appears to fix things for me.. but no idea of the
 repurcussions it may have.

 Order in validate_file changed to increase security of theme edits while
 branch 2 is commented out (Else if it hit that condition, it'd pass right
 through without checking the allowed files)

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/11032#comment:17>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list