[wp-trac] Re: [WordPress Trac] #4448: Update theme files
WordPress Trac
wp-trac at lists.automattic.com
Fri Jun 27 14:57:31 GMT 2008
#4448: Update theme files
----------------------------+-----------------------------------------------
Reporter: neoen | Owner: anonymous
Type: defect | Status: reopened
Priority: high | Milestone: 2.6
Component: Administration | Version: 2.2
Severity: normal | Resolution:
Keywords: needs-patch |
----------------------------+-----------------------------------------------
Comment (by Otto42):
Yes, it is possible to create this error in some situations. The theme
editor does an is_writable check before attempting to write the file, but
is_writable is not reliable in all situations and it can return true even
if the file is not accessible.
In theme-editor.php, this code:
{{{
if (is_writeable($real_file)) {
$f = fopen($real_file, 'w+');
fwrite($f, $newcontent);
fclose($f);
$location = "theme-
editor.php?file=$file&theme=$theme&a=te";
} else {
$location = "theme-editor.php?file=$file&theme=$theme";
}
}}}
...has no error checking on the fopen. $f needs to be compared to ===
FALSE before attempting to fwrite and fclose it.
--
Ticket URL: <http://trac.wordpress.org/ticket/4448#comment:9>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list