[wp-trac] [WordPress Trac] #29772: wp-admin/plugins.php should not load plugins so it can be used to disable broke activated plugins
WordPress Trac
noreply at wordpress.org
Fri Oct 31 00:17:24 UTC 2014
#29772: wp-admin/plugins.php should not load plugins so it can be used to disable
broke activated plugins
-----------------------------------+------------------------------
Reporter: aubreypwd | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Administration | Version: trunk
Severity: normal | Resolution:
Keywords: has-patch 2nd-opinion | Focuses: administration
-----------------------------------+------------------------------
Comment (by pento):
`wp-admin/repair.php` has potential, combined with a `wp-
admin/maint/repair.php`-style define to enable it.
`plugins.php` *must* load plugins, as most plugins change the plugin
table. It would also leave sites potentially vulnerable if they have a
security plugin that wouldn't be loaded, or if they use a custom
authentication plugin.
`wp-admin/repair.php` wouldn't be able to load custom authentication
plugins, either.
That said, I'm not entirely sure that a repair script is the right
approach. Updating a plugin won't re-enable it if it's broken, so that
problem is already taken care of. I agree that the theme/plugin editor
could be more robust, it'd be worth investigating if we can test loading
edited PHP files, before saving them.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/29772#comment:12>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list