[wp-trac] [WordPress Trac] #11032: Theme editor is not accessible
WordPress Trac
wp-trac at lists.automattic.com
Sat Nov 28 13:23:06 UTC 2009
#11032: Theme editor is not accessible
--------------------------+-------------------------------------------------
Reporter: pavelevap | Owner: westi
Type: defect (bug) | Status: accepted
Priority: normal | Milestone: 2.9
Component: Themes | Version: 2.9
Severity: major | Keywords: dev-feedback
--------------------------+-------------------------------------------------
Comment(by dd32):
not only that, but {{{$real_file}}} seems useless, as
validate_file_to_edit() no longer returns anything, so its NULL on all
platforms..
Attached patch appears to fix things for me.. but no idea of the
repurcussions it may have.
Order in validate_file changed to increase security of theme edits while
branch 2 is commented out (Else if it hit that condition, it'd pass right
through without checking the allowed files)
--
Ticket URL: <http://core.trac.wordpress.org/ticket/11032#comment:17>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list