Edit File by line
/home/zeestwma/redstone.../wp-admin/includes
File: file.php
<?php
[0] Fix | Delete
/**
[1] Fix | Delete
* Filesystem API: Top-level functionality
[2] Fix | Delete
*
[3] Fix | Delete
* Functions for reading, writing, modifying, and deleting files on the file system.
[4] Fix | Delete
* Includes functionality for theme-specific files as well as operations for uploading,
[5] Fix | Delete
* archiving, and rendering output when necessary.
[6] Fix | Delete
*
[7] Fix | Delete
* @package WordPress
[8] Fix | Delete
* @subpackage Filesystem
[9] Fix | Delete
* @since 2.3.0
[10] Fix | Delete
*/
[11] Fix | Delete
[12] Fix | Delete
/** The descriptions for theme files. */
[13] Fix | Delete
$wp_file_descriptions = array(
[14] Fix | Delete
'functions.php' => __( 'Theme Functions' ),
[15] Fix | Delete
'header.php' => __( 'Theme Header' ),
[16] Fix | Delete
'footer.php' => __( 'Theme Footer' ),
[17] Fix | Delete
'sidebar.php' => __( 'Sidebar' ),
[18] Fix | Delete
'comments.php' => __( 'Comments' ),
[19] Fix | Delete
'searchform.php' => __( 'Search Form' ),
[20] Fix | Delete
'404.php' => __( '404 Template' ),
[21] Fix | Delete
'link.php' => __( 'Links Template' ),
[22] Fix | Delete
'theme.json' => __( 'Theme Styles & Block Settings' ),
[23] Fix | Delete
// Archives.
[24] Fix | Delete
'index.php' => __( 'Main Index Template' ),
[25] Fix | Delete
'archive.php' => __( 'Archives' ),
[26] Fix | Delete
'author.php' => __( 'Author Template' ),
[27] Fix | Delete
'taxonomy.php' => __( 'Taxonomy Template' ),
[28] Fix | Delete
'category.php' => __( 'Category Template' ),
[29] Fix | Delete
'tag.php' => __( 'Tag Template' ),
[30] Fix | Delete
'home.php' => __( 'Posts Page' ),
[31] Fix | Delete
'search.php' => __( 'Search Results' ),
[32] Fix | Delete
'date.php' => __( 'Date Template' ),
[33] Fix | Delete
// Content.
[34] Fix | Delete
'singular.php' => __( 'Singular Template' ),
[35] Fix | Delete
'single.php' => __( 'Single Post' ),
[36] Fix | Delete
'page.php' => __( 'Single Page' ),
[37] Fix | Delete
'front-page.php' => __( 'Homepage' ),
[38] Fix | Delete
'privacy-policy.php' => __( 'Privacy Policy Page' ),
[39] Fix | Delete
// Attachments.
[40] Fix | Delete
'attachment.php' => __( 'Attachment Template' ),
[41] Fix | Delete
'image.php' => __( 'Image Attachment Template' ),
[42] Fix | Delete
'video.php' => __( 'Video Attachment Template' ),
[43] Fix | Delete
'audio.php' => __( 'Audio Attachment Template' ),
[44] Fix | Delete
'application.php' => __( 'Application Attachment Template' ),
[45] Fix | Delete
// Embeds.
[46] Fix | Delete
'embed.php' => __( 'Embed Template' ),
[47] Fix | Delete
'embed-404.php' => __( 'Embed 404 Template' ),
[48] Fix | Delete
'embed-content.php' => __( 'Embed Content Template' ),
[49] Fix | Delete
'header-embed.php' => __( 'Embed Header Template' ),
[50] Fix | Delete
'footer-embed.php' => __( 'Embed Footer Template' ),
[51] Fix | Delete
// Stylesheets.
[52] Fix | Delete
'style.css' => __( 'Stylesheet' ),
[53] Fix | Delete
'editor-style.css' => __( 'Visual Editor Stylesheet' ),
[54] Fix | Delete
'editor-style-rtl.css' => __( 'Visual Editor RTL Stylesheet' ),
[55] Fix | Delete
'rtl.css' => __( 'RTL Stylesheet' ),
[56] Fix | Delete
// Other.
[57] Fix | Delete
'my-hacks.php' => __( 'my-hacks.php (legacy hacks support)' ),
[58] Fix | Delete
'.htaccess' => __( '.htaccess (for rewrite rules )' ),
[59] Fix | Delete
// Deprecated files.
[60] Fix | Delete
'wp-layout.css' => __( 'Stylesheet' ),
[61] Fix | Delete
'wp-comments.php' => __( 'Comments Template' ),
[62] Fix | Delete
'wp-comments-popup.php' => __( 'Popup Comments Template' ),
[63] Fix | Delete
'comments-popup.php' => __( 'Popup Comments' ),
[64] Fix | Delete
);
[65] Fix | Delete
[66] Fix | Delete
/**
[67] Fix | Delete
* Gets the description for standard WordPress theme files.
[68] Fix | Delete
*
[69] Fix | Delete
* @since 1.5.0
[70] Fix | Delete
*
[71] Fix | Delete
* @global array $wp_file_descriptions Theme file descriptions.
[72] Fix | Delete
* @global array $allowed_files List of allowed files.
[73] Fix | Delete
*
[74] Fix | Delete
* @param string $file Filesystem path or filename.
[75] Fix | Delete
* @return string Description of file from $wp_file_descriptions or basename of $file if description doesn't exist.
[76] Fix | Delete
* Appends 'Page Template' to basename of $file if the file is a page template.
[77] Fix | Delete
*/
[78] Fix | Delete
function get_file_description( $file ) {
[79] Fix | Delete
global $wp_file_descriptions, $allowed_files;
[80] Fix | Delete
[81] Fix | Delete
$dirname = pathinfo( $file, PATHINFO_DIRNAME );
[82] Fix | Delete
$file_path = $allowed_files[ $file ];
[83] Fix | Delete
[84] Fix | Delete
if ( isset( $wp_file_descriptions[ basename( $file ) ] ) && '.' === $dirname ) {
[85] Fix | Delete
return $wp_file_descriptions[ basename( $file ) ];
[86] Fix | Delete
} elseif ( file_exists( $file_path ) && is_file( $file_path ) ) {
[87] Fix | Delete
$template_data = implode( '', file( $file_path ) );
[88] Fix | Delete
[89] Fix | Delete
if ( preg_match( '|Template Name:(.*)$|mi', $template_data, $name ) ) {
[90] Fix | Delete
/* translators: %s: Template name. */
[91] Fix | Delete
return sprintf( __( '%s Page Template' ), _cleanup_header_comment( $name[1] ) );
[92] Fix | Delete
}
[93] Fix | Delete
}
[94] Fix | Delete
[95] Fix | Delete
return trim( basename( $file ) );
[96] Fix | Delete
}
[97] Fix | Delete
[98] Fix | Delete
/**
[99] Fix | Delete
* Gets the absolute filesystem path to the root of the WordPress installation.
[100] Fix | Delete
*
[101] Fix | Delete
* @since 1.5.0
[102] Fix | Delete
*
[103] Fix | Delete
* @return string Full filesystem path to the root of the WordPress installation.
[104] Fix | Delete
*/
[105] Fix | Delete
function get_home_path() {
[106] Fix | Delete
$home = set_url_scheme( get_option( 'home' ), 'http' );
[107] Fix | Delete
$siteurl = set_url_scheme( get_option( 'siteurl' ), 'http' );
[108] Fix | Delete
[109] Fix | Delete
if ( ! empty( $home ) && 0 !== strcasecmp( $home, $siteurl ) ) {
[110] Fix | Delete
$wp_path_rel_to_home = str_ireplace( $home, '', $siteurl ); /* $siteurl - $home */
[111] Fix | Delete
$pos = strripos( str_replace( '\\', '/', $_SERVER['SCRIPT_FILENAME'] ), trailingslashit( $wp_path_rel_to_home ) );
[112] Fix | Delete
$home_path = substr( $_SERVER['SCRIPT_FILENAME'], 0, $pos );
[113] Fix | Delete
$home_path = trailingslashit( $home_path );
[114] Fix | Delete
} else {
[115] Fix | Delete
$home_path = ABSPATH;
[116] Fix | Delete
}
[117] Fix | Delete
[118] Fix | Delete
return str_replace( '\\', '/', $home_path );
[119] Fix | Delete
}
[120] Fix | Delete
[121] Fix | Delete
/**
[122] Fix | Delete
* Returns a listing of all files in the specified folder and all subdirectories up to 100 levels deep.
[123] Fix | Delete
*
[124] Fix | Delete
* The depth of the recursiveness can be controlled by the $levels param.
[125] Fix | Delete
*
[126] Fix | Delete
* @since 2.6.0
[127] Fix | Delete
* @since 4.9.0 Added the `$exclusions` parameter.
[128] Fix | Delete
* @since 6.3.0 Added the `$include_hidden` parameter.
[129] Fix | Delete
*
[130] Fix | Delete
* @param string $folder Optional. Full path to folder. Default empty.
[131] Fix | Delete
* @param int $levels Optional. Levels of folders to follow, Default 100 (PHP Loop limit).
[132] Fix | Delete
* @param string[] $exclusions Optional. List of folders and files to skip.
[133] Fix | Delete
* @param bool $include_hidden Optional. Whether to include details of hidden ("." prefixed) files.
[134] Fix | Delete
* Default false.
[135] Fix | Delete
* @return string[]|false Array of files on success, false on failure.
[136] Fix | Delete
*/
[137] Fix | Delete
function list_files( $folder = '', $levels = 100, $exclusions = array(), $include_hidden = false ) {
[138] Fix | Delete
if ( empty( $folder ) ) {
[139] Fix | Delete
return false;
[140] Fix | Delete
}
[141] Fix | Delete
[142] Fix | Delete
$folder = trailingslashit( $folder );
[143] Fix | Delete
[144] Fix | Delete
if ( ! $levels ) {
[145] Fix | Delete
return false;
[146] Fix | Delete
}
[147] Fix | Delete
[148] Fix | Delete
$files = array();
[149] Fix | Delete
[150] Fix | Delete
$dir = @opendir( $folder );
[151] Fix | Delete
[152] Fix | Delete
if ( $dir ) {
[153] Fix | Delete
while ( ( $file = readdir( $dir ) ) !== false ) {
[154] Fix | Delete
// Skip current and parent folder links.
[155] Fix | Delete
if ( in_array( $file, array( '.', '..' ), true ) ) {
[156] Fix | Delete
continue;
[157] Fix | Delete
}
[158] Fix | Delete
[159] Fix | Delete
// Skip hidden and excluded files.
[160] Fix | Delete
if ( ( ! $include_hidden && '.' === $file[0] ) || in_array( $file, $exclusions, true ) ) {
[161] Fix | Delete
continue;
[162] Fix | Delete
}
[163] Fix | Delete
[164] Fix | Delete
if ( is_dir( $folder . $file ) ) {
[165] Fix | Delete
$files2 = list_files( $folder . $file, $levels - 1, array(), $include_hidden );
[166] Fix | Delete
if ( $files2 ) {
[167] Fix | Delete
$files = array_merge( $files, $files2 );
[168] Fix | Delete
} else {
[169] Fix | Delete
$files[] = $folder . $file . '/';
[170] Fix | Delete
}
[171] Fix | Delete
} else {
[172] Fix | Delete
$files[] = $folder . $file;
[173] Fix | Delete
}
[174] Fix | Delete
}
[175] Fix | Delete
[176] Fix | Delete
closedir( $dir );
[177] Fix | Delete
}
[178] Fix | Delete
[179] Fix | Delete
return $files;
[180] Fix | Delete
}
[181] Fix | Delete
[182] Fix | Delete
/**
[183] Fix | Delete
* Gets the list of file extensions that are editable in plugins.
[184] Fix | Delete
*
[185] Fix | Delete
* @since 4.9.0
[186] Fix | Delete
*
[187] Fix | Delete
* @param string $plugin Path to the plugin file relative to the plugins directory.
[188] Fix | Delete
* @return string[] Array of editable file extensions.
[189] Fix | Delete
*/
[190] Fix | Delete
function wp_get_plugin_file_editable_extensions( $plugin ) {
[191] Fix | Delete
[192] Fix | Delete
$default_types = array(
[193] Fix | Delete
'bash',
[194] Fix | Delete
'conf',
[195] Fix | Delete
'css',
[196] Fix | Delete
'diff',
[197] Fix | Delete
'htm',
[198] Fix | Delete
'html',
[199] Fix | Delete
'http',
[200] Fix | Delete
'inc',
[201] Fix | Delete
'include',
[202] Fix | Delete
'js',
[203] Fix | Delete
'json',
[204] Fix | Delete
'jsx',
[205] Fix | Delete
'less',
[206] Fix | Delete
'md',
[207] Fix | Delete
'patch',
[208] Fix | Delete
'php',
[209] Fix | Delete
'php3',
[210] Fix | Delete
'php4',
[211] Fix | Delete
'php5',
[212] Fix | Delete
'php7',
[213] Fix | Delete
'phps',
[214] Fix | Delete
'phtml',
[215] Fix | Delete
'sass',
[216] Fix | Delete
'scss',
[217] Fix | Delete
'sh',
[218] Fix | Delete
'sql',
[219] Fix | Delete
'svg',
[220] Fix | Delete
'text',
[221] Fix | Delete
'txt',
[222] Fix | Delete
'xml',
[223] Fix | Delete
'yaml',
[224] Fix | Delete
'yml',
[225] Fix | Delete
);
[226] Fix | Delete
[227] Fix | Delete
/**
[228] Fix | Delete
* Filters the list of file types allowed for editing in the plugin file editor.
[229] Fix | Delete
*
[230] Fix | Delete
* @since 2.8.0
[231] Fix | Delete
* @since 4.9.0 Added the `$plugin` parameter.
[232] Fix | Delete
*
[233] Fix | Delete
* @param string[] $default_types An array of editable plugin file extensions.
[234] Fix | Delete
* @param string $plugin Path to the plugin file relative to the plugins directory.
[235] Fix | Delete
*/
[236] Fix | Delete
$file_types = (array) apply_filters( 'editable_extensions', $default_types, $plugin );
[237] Fix | Delete
[238] Fix | Delete
return $file_types;
[239] Fix | Delete
}
[240] Fix | Delete
[241] Fix | Delete
/**
[242] Fix | Delete
* Gets the list of file extensions that are editable for a given theme.
[243] Fix | Delete
*
[244] Fix | Delete
* @since 4.9.0
[245] Fix | Delete
*
[246] Fix | Delete
* @param WP_Theme $theme Theme object.
[247] Fix | Delete
* @return string[] Array of editable file extensions.
[248] Fix | Delete
*/
[249] Fix | Delete
function wp_get_theme_file_editable_extensions( $theme ) {
[250] Fix | Delete
[251] Fix | Delete
$default_types = array(
[252] Fix | Delete
'bash',
[253] Fix | Delete
'conf',
[254] Fix | Delete
'css',
[255] Fix | Delete
'diff',
[256] Fix | Delete
'htm',
[257] Fix | Delete
'html',
[258] Fix | Delete
'http',
[259] Fix | Delete
'inc',
[260] Fix | Delete
'include',
[261] Fix | Delete
'js',
[262] Fix | Delete
'json',
[263] Fix | Delete
'jsx',
[264] Fix | Delete
'less',
[265] Fix | Delete
'md',
[266] Fix | Delete
'patch',
[267] Fix | Delete
'php',
[268] Fix | Delete
'php3',
[269] Fix | Delete
'php4',
[270] Fix | Delete
'php5',
[271] Fix | Delete
'php7',
[272] Fix | Delete
'phps',
[273] Fix | Delete
'phtml',
[274] Fix | Delete
'sass',
[275] Fix | Delete
'scss',
[276] Fix | Delete
'sh',
[277] Fix | Delete
'sql',
[278] Fix | Delete
'svg',
[279] Fix | Delete
'text',
[280] Fix | Delete
'txt',
[281] Fix | Delete
'xml',
[282] Fix | Delete
'yaml',
[283] Fix | Delete
'yml',
[284] Fix | Delete
);
[285] Fix | Delete
[286] Fix | Delete
/**
[287] Fix | Delete
* Filters the list of file types allowed for editing in the theme file editor.
[288] Fix | Delete
*
[289] Fix | Delete
* @since 4.4.0
[290] Fix | Delete
*
[291] Fix | Delete
* @param string[] $default_types An array of editable theme file extensions.
[292] Fix | Delete
* @param WP_Theme $theme The active theme object.
[293] Fix | Delete
*/
[294] Fix | Delete
$file_types = apply_filters( 'wp_theme_editor_filetypes', $default_types, $theme );
[295] Fix | Delete
[296] Fix | Delete
// Ensure that default types are still there.
[297] Fix | Delete
return array_unique( array_merge( $file_types, $default_types ) );
[298] Fix | Delete
}
[299] Fix | Delete
[300] Fix | Delete
/**
[301] Fix | Delete
* Prints file editor templates (for plugins and themes).
[302] Fix | Delete
*
[303] Fix | Delete
* @since 4.9.0
[304] Fix | Delete
*/
[305] Fix | Delete
function wp_print_file_editor_templates() {
[306] Fix | Delete
?>
[307] Fix | Delete
<script type="text/html" id="tmpl-wp-file-editor-notice">
[308] Fix | Delete
<div class="notice inline notice-{{ data.type || 'info' }} {{ data.alt ? 'notice-alt' : '' }} {{ data.dismissible ? 'is-dismissible' : '' }} {{ data.classes || '' }}">
[309] Fix | Delete
<# if ( 'php_error' === data.code ) { #>
[310] Fix | Delete
<p>
[311] Fix | Delete
<?php
[312] Fix | Delete
printf(
[313] Fix | Delete
/* translators: 1: Line number, 2: File path. */
[314] Fix | Delete
__( 'Your PHP code changes were not applied due to an error on line %1$s of file %2$s. Please fix and try saving again.' ),
[315] Fix | Delete
'{{ data.line }}',
[316] Fix | Delete
'{{ data.file }}'
[317] Fix | Delete
);
[318] Fix | Delete
?>
[319] Fix | Delete
</p>
[320] Fix | Delete
<pre>{{ data.message }}</pre>
[321] Fix | Delete
<# } else if ( 'file_not_writable' === data.code ) { #>
[322] Fix | Delete
<p>
[323] Fix | Delete
<?php
[324] Fix | Delete
printf(
[325] Fix | Delete
/* translators: %s: Documentation URL. */
[326] Fix | Delete
__( 'You need to make this file writable before you can save your changes. See <a href="%s">Changing File Permissions</a> for more information.' ),
[327] Fix | Delete
__( 'https://developer.wordpress.org/advanced-administration/server/file-permissions/' )
[328] Fix | Delete
);
[329] Fix | Delete
?>
[330] Fix | Delete
</p>
[331] Fix | Delete
<# } else { #>
[332] Fix | Delete
<p>{{ data.message || data.code }}</p>
[333] Fix | Delete
[334] Fix | Delete
<# if ( 'lint_errors' === data.code ) { #>
[335] Fix | Delete
<p>
[336] Fix | Delete
<# var elementId = 'el-' + String( Math.random() ); #>
[337] Fix | Delete
<input id="{{ elementId }}" type="checkbox">
[338] Fix | Delete
<label for="{{ elementId }}"><?php _e( 'Update anyway, even though it might break your site?' ); ?></label>
[339] Fix | Delete
</p>
[340] Fix | Delete
<# } #>
[341] Fix | Delete
<# } #>
[342] Fix | Delete
<# if ( data.dismissible ) { #>
[343] Fix | Delete
<button type="button" class="notice-dismiss"><span class="screen-reader-text">
[344] Fix | Delete
<?php
[345] Fix | Delete
/* translators: Hidden accessibility text. */
[346] Fix | Delete
_e( 'Dismiss' );
[347] Fix | Delete
?>
[348] Fix | Delete
</span></button>
[349] Fix | Delete
<# } #>
[350] Fix | Delete
</div>
[351] Fix | Delete
</script>
[352] Fix | Delete
<?php
[353] Fix | Delete
}
[354] Fix | Delete
[355] Fix | Delete
/**
[356] Fix | Delete
* Attempts to edit a file for a theme or plugin.
[357] Fix | Delete
*
[358] Fix | Delete
* When editing a PHP file, loopback requests will be made to the admin and the homepage
[359] Fix | Delete
* to attempt to see if there is a fatal error introduced. If so, the PHP change will be
[360] Fix | Delete
* reverted.
[361] Fix | Delete
*
[362] Fix | Delete
* @since 4.9.0
[363] Fix | Delete
*
[364] Fix | Delete
* @param string[] $args {
[365] Fix | Delete
* Args. Note that all of the arg values are already unslashed. They are, however,
[366] Fix | Delete
* coming straight from `$_POST` and are not validated or sanitized in any way.
[367] Fix | Delete
*
[368] Fix | Delete
* @type string $file Relative path to file.
[369] Fix | Delete
* @type string $plugin Path to the plugin file relative to the plugins directory.
[370] Fix | Delete
* @type string $theme Theme being edited.
[371] Fix | Delete
* @type string $newcontent New content for the file.
[372] Fix | Delete
* @type string $nonce Nonce.
[373] Fix | Delete
* }
[374] Fix | Delete
* @return true|WP_Error True on success or `WP_Error` on failure.
[375] Fix | Delete
*/
[376] Fix | Delete
function wp_edit_theme_plugin_file( $args ) {
[377] Fix | Delete
if ( empty( $args['file'] ) ) {
[378] Fix | Delete
return new WP_Error( 'missing_file' );
[379] Fix | Delete
}
[380] Fix | Delete
[381] Fix | Delete
if ( 0 !== validate_file( $args['file'] ) ) {
[382] Fix | Delete
return new WP_Error( 'bad_file' );
[383] Fix | Delete
}
[384] Fix | Delete
[385] Fix | Delete
if ( ! isset( $args['newcontent'] ) ) {
[386] Fix | Delete
return new WP_Error( 'missing_content' );
[387] Fix | Delete
}
[388] Fix | Delete
[389] Fix | Delete
if ( ! isset( $args['nonce'] ) ) {
[390] Fix | Delete
return new WP_Error( 'missing_nonce' );
[391] Fix | Delete
}
[392] Fix | Delete
[393] Fix | Delete
$file = $args['file'];
[394] Fix | Delete
$content = $args['newcontent'];
[395] Fix | Delete
[396] Fix | Delete
$plugin = null;
[397] Fix | Delete
$theme = null;
[398] Fix | Delete
$real_file = null;
[399] Fix | Delete
[400] Fix | Delete
if ( ! empty( $args['plugin'] ) ) {
[401] Fix | Delete
$plugin = $args['plugin'];
[402] Fix | Delete
[403] Fix | Delete
if ( ! current_user_can( 'edit_plugins' ) ) {
[404] Fix | Delete
return new WP_Error( 'unauthorized', __( 'Sorry, you are not allowed to edit plugins for this site.' ) );
[405] Fix | Delete
}
[406] Fix | Delete
[407] Fix | Delete
if ( ! wp_verify_nonce( $args['nonce'], 'edit-plugin_' . $file ) ) {
[408] Fix | Delete
return new WP_Error( 'nonce_failure' );
[409] Fix | Delete
}
[410] Fix | Delete
[411] Fix | Delete
if ( ! array_key_exists( $plugin, get_plugins() ) ) {
[412] Fix | Delete
return new WP_Error( 'invalid_plugin' );
[413] Fix | Delete
}
[414] Fix | Delete
[415] Fix | Delete
if ( 0 !== validate_file( $file, get_plugin_files( $plugin ) ) ) {
[416] Fix | Delete
return new WP_Error( 'bad_plugin_file_path', __( 'Sorry, that file cannot be edited.' ) );
[417] Fix | Delete
}
[418] Fix | Delete
[419] Fix | Delete
$editable_extensions = wp_get_plugin_file_editable_extensions( $plugin );
[420] Fix | Delete
[421] Fix | Delete
$real_file = WP_PLUGIN_DIR . '/' . $file;
[422] Fix | Delete
[423] Fix | Delete
$is_active = in_array(
[424] Fix | Delete
$plugin,
[425] Fix | Delete
(array) get_option( 'active_plugins', array() ),
[426] Fix | Delete
true
[427] Fix | Delete
);
[428] Fix | Delete
[429] Fix | Delete
} elseif ( ! empty( $args['theme'] ) ) {
[430] Fix | Delete
$stylesheet = $args['theme'];
[431] Fix | Delete
[432] Fix | Delete
if ( 0 !== validate_file( $stylesheet ) ) {
[433] Fix | Delete
return new WP_Error( 'bad_theme_path' );
[434] Fix | Delete
}
[435] Fix | Delete
[436] Fix | Delete
if ( ! current_user_can( 'edit_themes' ) ) {
[437] Fix | Delete
return new WP_Error( 'unauthorized', __( 'Sorry, you are not allowed to edit templates for this site.' ) );
[438] Fix | Delete
}
[439] Fix | Delete
[440] Fix | Delete
$theme = wp_get_theme( $stylesheet );
[441] Fix | Delete
if ( ! $theme->exists() ) {
[442] Fix | Delete
return new WP_Error( 'non_existent_theme', __( 'The requested theme does not exist.' ) );
[443] Fix | Delete
}
[444] Fix | Delete
[445] Fix | Delete
if ( ! wp_verify_nonce( $args['nonce'], 'edit-theme_' . $stylesheet . '_' . $file ) ) {
[446] Fix | Delete
return new WP_Error( 'nonce_failure' );
[447] Fix | Delete
}
[448] Fix | Delete
[449] Fix | Delete
if ( $theme->errors() && 'theme_no_stylesheet' === $theme->errors()->get_error_code() ) {
[450] Fix | Delete
return new WP_Error(
[451] Fix | Delete
'theme_no_stylesheet',
[452] Fix | Delete
__( 'The requested theme does not exist.' ) . ' ' . $theme->errors()->get_error_message()
[453] Fix | Delete
);
[454] Fix | Delete
}
[455] Fix | Delete
[456] Fix | Delete
$editable_extensions = wp_get_theme_file_editable_extensions( $theme );
[457] Fix | Delete
[458] Fix | Delete
$allowed_files = array();
[459] Fix | Delete
foreach ( $editable_extensions as $type ) {
[460] Fix | Delete
switch ( $type ) {
[461] Fix | Delete
case 'php':
[462] Fix | Delete
$allowed_files = array_merge( $allowed_files, $theme->get_files( 'php', -1 ) );
[463] Fix | Delete
break;
[464] Fix | Delete
case 'css':
[465] Fix | Delete
$style_files = $theme->get_files( 'css', -1 );
[466] Fix | Delete
$allowed_files['style.css'] = $style_files['style.css'];
[467] Fix | Delete
$allowed_files = array_merge( $allowed_files, $style_files );
[468] Fix | Delete
break;
[469] Fix | Delete
default:
[470] Fix | Delete
$allowed_files = array_merge( $allowed_files, $theme->get_files( $type, -1 ) );
[471] Fix | Delete
break;
[472] Fix | Delete
}
[473] Fix | Delete
}
[474] Fix | Delete
[475] Fix | Delete
// Compare based on relative paths.
[476] Fix | Delete
if ( 0 !== validate_file( $file, array_keys( $allowed_files ) ) ) {
[477] Fix | Delete
return new WP_Error( 'disallowed_theme_file', __( 'Sorry, that file cannot be edited.' ) );
[478] Fix | Delete
}
[479] Fix | Delete
[480] Fix | Delete
$real_file = $theme->get_stylesheet_directory() . '/' . $file;
[481] Fix | Delete
[482] Fix | Delete
$is_active = ( get_stylesheet() === $stylesheet || get_template() === $stylesheet );
[483] Fix | Delete
[484] Fix | Delete
} else {
[485] Fix | Delete
return new WP_Error( 'missing_theme_or_plugin' );
[486] Fix | Delete
}
[487] Fix | Delete
[488] Fix | Delete
// Ensure file is real.
[489] Fix | Delete
if ( ! is_file( $real_file ) ) {
[490] Fix | Delete
return new WP_Error( 'file_does_not_exist', __( 'File does not exist! Please double check the name and try again.' ) );
[491] Fix | Delete
}
[492] Fix | Delete
[493] Fix | Delete
// Ensure file extension is allowed.
[494] Fix | Delete
$extension = null;
[495] Fix | Delete
if ( preg_match( '/\.([^.]+)$/', $real_file, $matches ) ) {
[496] Fix | Delete
$extension = strtolower( $matches[1] );
[497] Fix | Delete
if ( ! in_array( $extension, $editable_extensions, true ) ) {
[498] Fix | Delete
return new WP_Error( 'illegal_file_type', __( 'Files of this type are not editable.' ) );
[499] Fix | Delete
123456
It is recommended that you Edit text format, this type of Fix handles quite a lot in one request
Function