[wp-trac] [WordPress Trac] #28821: Admin page registered with add_menu_page() allows access through wrong URls and hightlights wrong top level menu item
WordPress Trac
noreply at wordpress.org
Thu Jul 10 21:05:20 UTC 2014
#28821: Admin page registered with add_menu_page() allows access through wrong URls
and hightlights wrong top level menu item
----------------------------+-----------------------------
Reporter: F J Kaiser | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Administration | Version: 3.9.1
Severity: normal | Keywords:
Focuses: administration |
----------------------------+-----------------------------
'''Steps to reproduce:'''
* Add a top level admin menu page (with the plugin provided below).
* Access the new top level admin menu via the menu item (bottom of menu)
* Try to access it via one of the following URLs
{{{
http://example.com/wp-admin/options-general.php?page=trac
http://example.com/wp-admin/tools.php?page=trac
http://example.com/wp-admin/admin.php?page=trac
http://example.com/wp-admin/edit-comments.php?page=trac
http://example.com/wp-admin/edit.php?post_type=page&page=trac
http://example.com/wp-admin/upload.php?page=trac
http://example.com/wp-admin/edit.php?page=trac
http://example.com/wp-admin/index.php?page=trac
... etc ...
// Sub menu items that have the same behavior
http://vagrant.local/wp/wp-admin/plugin-install.php?page=trac
http://vagrant.local/wp/wp-admin/themes.php?page=custom-header&page=trac
http://vagrant.local/wp/wp-admin/themes.php?post-
new.php?post_type=page&page=trac
... etc ...
}}}
'''Bug description:''' Every of the above links will (falsely) work and
bring you to the registered page. The top level menu item will be
hightlighted while the sub menu item does not exist.
The following URls will work (with above bug) as well, but ''not''
highlight any menu item:
{{{
http://example.com/wp-admin/edit-tags.php?taxonomy=post_tag&page=trac
http://example.com/wp-admin/edit-tags.php?taxonomy=category&page=trac
}}}
I would not really consider this a ''"feature"''.
----
'''Test Plugin'''
{{{
<?php
/** Plugin Name: (Trac) Add Top Level Test Menu Page */
add_action( 'admin_menu', function()
{
add_menu_page(
'Hello Trac',
'Trac',
'manage_options',
'trac',
function()
{
?>
<h1>Hello Trac!</h1>
<?php settings_errors(); ?>
<form action="options.php" method="post">
<label for="trac">Enter Trac ID</label>
<input type="text" name="trac" />
</form>
<?php
}
);
} );
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/28821>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list