[wp-hackers] Removing edit theme files features

Chris Williams chris at clwill.com
Thu Jan 17 19:48:18 UTC 2013

The codex (and common sense) say you need to thoroughly backup your site
before you dive into this deep end of the pool.  Yet there is no built-in
functionality to do that, certainly none that does the files I'll be
messing up with this tool.

Seems you're sending mixed messages.  A five minute install but one,
according to the Codex, requires shell or FTP, a text editor, an FTP
client, and so on to install it (see:
http://codex.wordpress.org/Installing_WordPress).  But you're saying they
don't know how to do that?  How did they get it installed?

I was unaware of the DISALLOW_FILE_MODS option until this thread, and you
can be betting it will be standard on my installs.  But I still wonder the
point and the safety of this tool.

On 1/17/13 10:50 AM, "Otto" <otto at ottodestruct.com> wrote:

>A developer is a person who does development.
>Like it or not, what you are saying are "users" are indeed people who
>edit their sites, modify CSS, use PHP code snippets, etc. You can
>criticize the plugin and theme editors all you like, but the bottom
>line is that WordPress is a tool for building websites, and sometimes
>building websites involves getting your hands dirty and editing code
>as well.
>Removing a feature that many people use doesn't make any sense, no
>matter how "professional" you think it is. Instead of removing it, it
>should have syntax highlighting, code checking on save, possibly error
>detection. It should make it easier for people to tinker, play with,
>and learn from.
>You and I can edit our site code via an SSH connection, but a lot of
>people don't have that sort of connection. And a lot of people who use
>WordPress have never heard of FTP and don't know how to use it.
>If somebody installs WordPress for their personal blog, and tinkers
>with their editor, and breaks their site in the process, well, that
>isn't a real big loss if they can continue on to fix it. Failing is
>the primary method human beings use for learning.
>On the other end of the spectrum, if you're using WordPress in a major
>way, doing e-commerce, maybe running a blog with a million hits a day
>or something major like that, then you can easily define
>DISALLOW_FILE_MODS to turn the editors off completely... or just don't
>give Administrator rights to people who don't need them.

More information about the wp-hackers mailing list