mirror of
https://github.com/WordPress/WordPress.git
synced 2024-12-22 17:18:32 +01:00
Fix file validation in theme editor. Props dd32. fixes #11032
git-svn-id: http://svn.automattic.com/wordpress/trunk@12310 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
888310cbbc
commit
8b5ba8c556
@ -195,8 +195,6 @@ function wp_tempnam($filename = '', $dir = ''){
|
||||
* @return unknown
|
||||
*/
|
||||
function validate_file_to_edit( $file, $allowed_files = '' ) {
|
||||
$file = stripslashes( $file );
|
||||
|
||||
$code = validate_file( $file, $allowed_files );
|
||||
|
||||
if (!$code )
|
||||
@ -206,8 +204,8 @@ function validate_file_to_edit( $file, $allowed_files = '' ) {
|
||||
case 1 :
|
||||
wp_die( __('Sorry, can’t edit files with “..” in the name. If you are trying to edit a file in your WordPress home directory, you can just type the name of the file in.' ));
|
||||
|
||||
case 2 :
|
||||
wp_die( __('Sorry, can’t call files with their real path.' ));
|
||||
//case 2 :
|
||||
// wp_die( __('Sorry, can’t call files with their real path.' ));
|
||||
|
||||
case 3 :
|
||||
wp_die( __('Sorry, that file cannot be edited.' ));
|
||||
|
@ -22,7 +22,7 @@ wp_admin_css( 'theme-editor' );
|
||||
$plugins = get_plugins();
|
||||
|
||||
if ( isset($_REQUEST['file']) )
|
||||
$plugin = $_REQUEST['file'];
|
||||
$plugin = stripslashes($_REQUEST['file']);
|
||||
|
||||
if ( empty($plugin) ) {
|
||||
$plugin = array_keys($plugins);
|
||||
@ -33,6 +33,8 @@ $plugin_files = get_plugin_files($plugin);
|
||||
|
||||
if ( empty($file) )
|
||||
$file = $plugin_files[0];
|
||||
else
|
||||
$file = stripslashes($file);
|
||||
|
||||
$file = validate_file_to_edit($file, $plugin_files);
|
||||
$real_file = WP_PLUGIN_DIR . '/' . $file;
|
||||
|
@ -35,6 +35,7 @@ $allowed_files = array_merge($themes[$theme]['Stylesheet Files'], $themes[$theme
|
||||
if (empty($file)) {
|
||||
$file = $allowed_files[0];
|
||||
} else {
|
||||
$file = stripslashes($file);
|
||||
if ( 'theme' == $dir ) {
|
||||
$file = dirname(dirname($themes[$theme]['Template Dir'])) . $file ;
|
||||
} else if ( 'style' == $dir) {
|
||||
@ -42,9 +43,8 @@ if (empty($file)) {
|
||||
}
|
||||
}
|
||||
|
||||
$real_file = validate_file_to_edit($file, $allowed_files);
|
||||
validate_file_to_edit($file, $allowed_files);
|
||||
$scrollto = isset($_REQUEST['scrollto']) ? (int) $_REQUEST['scrollto'] : 0;
|
||||
|
||||
$file_show = basename( $file );
|
||||
|
||||
switch($action) {
|
||||
@ -55,9 +55,9 @@ case 'update':
|
||||
|
||||
$newcontent = stripslashes($_POST['newcontent']);
|
||||
$theme = urlencode($theme);
|
||||
if (is_writeable($real_file)) {
|
||||
if (is_writeable($file)) {
|
||||
//is_writable() not always reliable, check return value. see comments @ http://uk.php.net/is_writable
|
||||
$f = fopen($real_file, 'w+');
|
||||
$f = fopen($file, 'w+');
|
||||
if ($f !== FALSE) {
|
||||
fwrite($f, $newcontent);
|
||||
fclose($f);
|
||||
@ -83,14 +83,14 @@ default:
|
||||
|
||||
update_recently_edited($file);
|
||||
|
||||
if ( !is_file($real_file) )
|
||||
if ( !is_file($file) )
|
||||
$error = 1;
|
||||
|
||||
if ( !$error && filesize($real_file) > 0 ) {
|
||||
$f = fopen($real_file, 'r');
|
||||
$content = fread($f, filesize($real_file));
|
||||
if ( !$error && filesize($file) > 0 ) {
|
||||
$f = fopen($file, 'r');
|
||||
$content = fread($f, filesize($file));
|
||||
|
||||
if ( '.php' == substr( $real_file, strrpos( $real_file, '.' ) ) ) {
|
||||
if ( '.php' == substr( $file, strrpos( $file, '.' ) ) ) {
|
||||
$functions = wp_doc_link_parse( $content );
|
||||
|
||||
$docs_select = '<select name="docs-list" id="docs-list">';
|
||||
@ -102,7 +102,7 @@ default:
|
||||
}
|
||||
|
||||
$content = htmlspecialchars( $content );
|
||||
$codepress_lang = codepress_get_lang($real_file);
|
||||
$codepress_lang = codepress_get_lang($file);
|
||||
}
|
||||
|
||||
?>
|
||||
@ -212,7 +212,7 @@ if ($allowed_files) :
|
||||
<?php } ?>
|
||||
|
||||
<div>
|
||||
<?php if ( is_writeable($real_file) ) : ?>
|
||||
<?php if ( is_writeable($file) ) : ?>
|
||||
<p class="submit">
|
||||
<?php
|
||||
echo "<input type='submit' name='submit' class='button-primary' value='" . esc_attr__('Update File') . "' tabindex='2' />";
|
||||
|
@ -3068,12 +3068,12 @@ function validate_file( $file, $allowed_files = '' ) {
|
||||
if ( false !== strpos( $file, './' ))
|
||||
return 1;
|
||||
|
||||
if (':' == substr( $file, 1, 1 ))
|
||||
return 2;
|
||||
|
||||
if (!empty ( $allowed_files ) && (!in_array( $file, $allowed_files ) ) )
|
||||
return 3;
|
||||
|
||||
if (':' == substr( $file, 1, 1 ))
|
||||
return 2;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user