[wp-trac] [WordPress Trac] #25048: file_exists check in menu-header.php causes issue with backend menu on an IIS server
WordPress Trac
noreply at wordpress.org
Thu Aug 15 04:00:56 UTC 2013
#25048: file_exists check in menu-header.php causes issue with backend menu on an
IIS server
-------------------------+-------------------------------------------------
Reporter: chriscct7 | Owner:
Type: defect | Status: new
(bug) | Milestone: Awaiting Review
Priority: normal | Version: 3.5
Component: Menus | Keywords: 2nd-opinion dev-feedback needs-
Severity: normal | patch
-------------------------+-------------------------------------------------
On line 153 of menu-header.php (based on 3.6 branch), a file_exists check
wreaks havok on IIS powered servers.
Let's say $sub_file is either a full url to the intended page, or a
admin.php page slug, both valid values for that varible.
In an Apache server, the file_exists, returns false, and WordPress
continues along, making the link, which works fine.
On Windows IIS servers, however, the file_exists, when fails, indirectly
throws a PHP warning. A good number of Windows based servers use an
open_basedir restriction to prevent people from accessing areas they
aren't supposed to be in. So, when the filepath inside that file_exists is
outside what the user is supposed to be able to access, where the menu
item would be, is a PHP warning.
A suggested fix would be to make sure $sub_file is a file (ending in a
.php) before running a file_exists check on it.
Issue first detected in 3.5, but probably exists earlier than that (didn't
check)
--
Ticket URL: <http://core.trac.wordpress.org/ticket/25048>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list