[wp-hackers] Re: Template revisioning system for WordPress
Nivanka Fonseka
fonsekaean at gmail.com
Fri Apr 10 02:47:22 GMT 2009
Dear Ryan,
Sorry for taking time to reply, Yeah I think your idea of removing the
extension is interesting.
I will check with the trunks too before developing, other wise I will
redo codes ;) which is no point.
Nivanka
On Tue, Apr 7, 2009 at 11:06 PM, Ryan Boren <ryan at boren.nu> wrote:
> Those making proposals need to look at trunk. Some of these
> suggestions are already implemented and will be released in 2.8.
>
> Old versions of templates must be saved in the filesystem in such a
> way that they are not publicly accessible. We don't want to expose
> vulnerabilities that may be lingering in old versions. This usually
> means adding a hash to file and directory names, preventing directory
> listings, and removing the .php extension.
>
> When restoring old versions back into wp-content/themes, WP_Filesystem
> should be used so that the proper owner and permissions can be
> restored.
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>
--
Nivanka Fonseka
More information about the wp-hackers
mailing list