2003-05-22 08:12:53 -04:00
< ? php
2004-04-25 19:57:43 -04:00
require_once ( '../wp-includes/wp-l10n.php' );
2004-09-22 02:33:54 -04:00
$title = __ ( 'Template & file editing' );
$parent_file = 'themes.php' ;
2003-05-22 08:12:53 -04:00
function add_magic_quotes ( $array ) {
foreach ( $array as $k => $v ) {
if ( is_array ( $v )) {
$array [ $k ] = add_magic_quotes ( $v );
} else {
$array [ $k ] = addslashes ( $v );
}
}
return $array ;
}
2004-03-29 17:43:07 -05:00
function validate_file ( $file ) {
if ( '..' == substr ( $file , 0 , 2 ))
2004-04-25 19:57:43 -04:00
die ( __ ( 'Sorry, can’t edit files with ".." in the name. If you are trying to edit a file in your WordPress home directory, you can just type the name of the file in.' ));
2004-03-29 17:43:07 -05:00
if ( ':' == substr ( $file , 1 , 1 ))
2004-04-25 19:57:43 -04:00
die ( __ ( 'Sorry, can’t call files with their real path.' ));
2004-03-29 17:43:07 -05:00
if ( '/' == substr ( $file , 0 , 1 ))
$file = '.' . $file ;
$file = stripslashes ( $file );
$file = str_replace ( '../' , '' , $file );
return $file ;
}
2003-05-22 08:12:53 -04:00
if ( ! get_magic_quotes_gpc ()) {
2004-04-20 18:56:47 -04:00
$_GET = add_magic_quotes ( $_GET );
$_POST = add_magic_quotes ( $_POST );
$_COOKIE = add_magic_quotes ( $_COOKIE );
2003-05-22 08:12:53 -04:00
}
2003-12-18 04:36:13 -05:00
$wpvarstoreset = array ( 'action' , 'standalone' , 'redirect' , 'profile' , 'error' , 'warning' , 'a' , 'file' );
for ( $i = 0 ; $i < count ( $wpvarstoreset ); $i += 1 ) {
$wpvar = $wpvarstoreset [ $i ];
if ( ! isset ( $$wpvar )) {
2004-04-20 18:56:47 -04:00
if ( empty ( $_POST [ " $wpvar " ])) {
if ( empty ( $_GET [ " $wpvar " ])) {
2003-12-18 04:36:13 -05:00
$$wpvar = '' ;
2003-05-22 08:12:53 -04:00
} else {
2004-04-20 18:56:47 -04:00
$$wpvar = $_GET [ " $wpvar " ];
2003-05-22 08:12:53 -04:00
}
} else {
2004-04-20 18:56:47 -04:00
$$wpvar = $_POST [ " $wpvar " ];
2003-05-22 08:12:53 -04:00
}
}
}
switch ( $action ) {
2003-05-22 20:12:22 -04:00
case 'update' :
2003-05-22 08:12:53 -04:00
2003-05-22 20:12:22 -04:00
$standalone = 1 ;
2004-09-22 02:33:54 -04:00
require_once ( './admin-header.php' );
2003-05-22 08:12:53 -04:00
2004-04-17 14:44:10 -04:00
if ( $user_level < 5 ) {
2004-04-25 19:57:43 -04:00
die ( __ ( '<p>You have do not have sufficient permissions to edit templates for this blog.</p>' ));
2003-05-22 08:12:53 -04:00
}
2004-04-20 18:56:47 -04:00
$newcontent = stripslashes ( $_POST [ 'newcontent' ]);
$file = $_POST [ 'file' ];
2004-03-29 17:43:07 -05:00
$file = validate_file ( $file );
$real_file = '../' . $file ;
if ( is_writeable ( $real_file )) {
$f = fopen ( $real_file , 'w+' );
fwrite ( $f , $newcontent );
fclose ( $f );
header ( " Location: templates.php?file= $file &a=te " );
} else {
header ( " Location: templates.php?file= $file " );
}
2003-05-22 08:12:53 -04:00
exit ();
break ;
default :
2004-09-22 02:33:54 -04:00
require_once ( './admin-header.php' );
2004-04-17 14:44:10 -04:00
if ( $user_level <= 5 ) {
2004-04-25 19:57:43 -04:00
die ( __ ( '<p>You have do not have sufficient permissions to edit templates for this blog.</p>' ));
2003-05-22 08:12:53 -04:00
}
2003-05-22 20:12:22 -04:00
if ( '' == $file ) {
2004-09-22 02:33:54 -04:00
$file = 'index.php' ;
} else {
$oldfiles = ( array ) get_option ( 'recently_edited' );
if ( $oldfiles ) {
$oldfiles = array_reverse ( $oldfiles );
$oldfiles [] = $file ;
$oldfiles = array_reverse ( $oldfiles );
$oldfiles = array_unique ( $oldfiles );
if ( 5 < count ( $oldfiles ) )
array_pop ( $oldfiles );
2003-05-22 08:12:53 -04:00
} else {
2004-09-22 02:33:54 -04:00
$oldfiles [] = $file ;
2003-05-22 08:12:53 -04:00
}
2004-09-22 02:33:54 -04:00
update_option ( 'recently_edited' , $oldfiles );
2003-05-22 08:12:53 -04:00
}
2004-06-07 23:40:17 -04:00
$home = get_settings ( 'home' );
2004-08-27 01:20:59 -04:00
if (( $home != '' && $home != get_settings ( 'siteurl' )) &&
( 'index.php' == $file || get_settings ( 'blogfilename' ) == $file ||
'.htaccess' == $file )) {
$home_root = parse_url ( $home );
$home_root = $home_root [ 'path' ];
2004-09-22 02:33:54 -04:00
$root = str_replace ( $_SERVER [ 'PHP_SELF' ], '' , $_SERVER [ 'PATH_TRANSLATED' ]);
2004-08-27 01:20:59 -04:00
$home_root = $root . $home_root ;
$real_file = $home_root . '/' . $file ;
2004-06-07 23:40:17 -04:00
} else {
$file = validate_file ( $file );
$real_file = '../' . $file ;
}
2003-05-22 08:12:53 -04:00
2004-03-29 17:43:07 -05:00
if ( ! is_file ( $real_file ))
2003-05-22 08:12:53 -04:00
$error = 1 ;
2003-05-22 20:12:22 -04:00
2003-05-22 08:12:53 -04:00
if ( ! $error ) {
2004-03-29 17:43:07 -05:00
$f = fopen ( $real_file , 'r' );
$content = fread ( $f , filesize ( $real_file ));
2003-05-22 08:12:53 -04:00
$content = htmlspecialchars ( $content );
}
?>
2004-05-07 19:56:33 -04:00
< ? php if ( isset ( $_GET [ 'a' ])) : ?>
2004-04-25 19:57:43 -04:00
< div class = " updated " >< p >< ? php _e ( 'File edited successfully.' ) ?> </p></div>
2004-04-17 14:44:10 -04:00
< ? php endif ; ?>
2003-12-07 20:55:38 -05:00
< div class = " wrap " >
2004-09-22 02:33:54 -04:00
< ? php
if ( is_writeable ( $real_file )) {
echo '<h2>' . sprintf ( __ ( 'Editing <strong>%s</strong>' ), $file ) . '</h2>' ;
} else {
echo '<h2>' . sprintf ( __ ( 'Browsing <strong>%s</strong>' ), $file ) . '</h2>' ;
}
?>
< div id = " templateside " >
< ? php
if ( $recents = get_option ( 'recently_edited' ) ) :
?>
< h3 >< ? php _e ( 'Recent' ); ?> </h3>
< ? php
echo '<ol>' ;
foreach ( $recents as $recent ) :
$display = preg_replace ( '|.*/(.*)$|' , '$1' , $recent );
echo " <li><a href='templates.php?file= $recent '> $display </a> " ;
endforeach ;
echo '</ol>' ;
endif ;
?>
< h3 >< ? php _e ( 'Common' ); ?> </h3>
< ul >
< li >< a href = " templates.php?file=index.php " >< ? php _e ( 'Main Index' ) ?> </a></li>
< li >< a href = " templates.php?file=wp-layout.css " >< ? php _e ( 'Main Stylesheet' ) ?> </a></li>
< li >< a href = " templates.php?file=wp-comments.php " >< ? php _e ( 'Comments' ) ?> </a></li>
< li >< a href = " templates.php?file=wp-comments-popup.php " >< ? php _e ( 'Popup comments' ) ?> </a></li>
< li >< a href = " templates.php?file=.htaccess " >< ? php _e ( '.htaccess (for rewrite rules)' ) ?> </a></li>
< li >< a href = " templates.php?file=my-hacks.php " >< ? php _e ( 'my-hacks.php (legacy hacks support)' ) ?> </a></li>
</ ul >
</ div >
< ? php if ( ! $error ) { ?>
< form name = " template " id = " template " action = " templates.php " method = " post " >
< div >< textarea cols = " 70 " rows = " 25 " name = " newcontent " id = 'newcontent' tabindex = " 1 " >< ? php echo $content ?> </textarea>
2003-12-07 20:55:38 -05:00
< input type = " hidden " name = " action " value = " update " />
< input type = " hidden " name = " file " value = " <?php echo $file ?> " />
2004-09-22 02:33:54 -04:00
</ div >
< ? php if ( is_writeable ( $real_file ) ) : ?>
2004-04-17 14:44:10 -04:00
< p class = " submit " >
2004-09-22 02:33:54 -04:00
< ? php
echo " <input type='submit' name='submit' value=' " . __ ( 'Update File' ) . " »' tabindex='2' /> " ;
?>
2004-04-17 14:44:10 -04:00
</ p >
2004-09-22 02:33:54 -04:00
< ? php else : ?>
< p >< em >< ? php _e ( 'If this file was writable you could edit it.' ); ?> </em></p>
< ? php endif ; ?>
2003-12-07 20:55:38 -05:00
</ form >
< ? php
2003-05-22 08:12:53 -04:00
} else {
2004-04-25 19:57:43 -04:00
echo '<div class="error"><p>' . __ ( 'Oops, no such file exists! Double check the name and try again, merci.' ) . '</p></div>' ;
2003-05-22 08:12:53 -04:00
}
2004-09-22 02:33:54 -04:00
?>
</ div >
2004-02-05 09:48:55 -05:00
< div class = " wrap " >
2004-09-22 02:33:54 -04:00
< h2 > Other Files </ h2 >
2004-04-25 19:57:43 -04:00
< p >< ? php _e ( 'To edit a file, type its name here. You can edit any file <a href="http://wiki.wordpress.org/index.php/MakeWritable" title="Read more about making files writable">writable by the server</a>, e.g. CHMOD 666.' ) ?> </p>
2003-12-07 20:55:38 -05:00
< form name = " file " action = " templates.php " method = " get " >
< input type = " text " name = " file " />
2004-04-25 19:57:43 -04:00
< input type = " submit " name = " submit " value = " <?php _e('Edit file »') ?> " />
2003-12-07 20:55:38 -05:00
</ form >
2004-09-22 02:33:54 -04:00
2004-04-17 14:44:10 -04:00
< ? php
$plugins_dir = @ dir ( ABSPATH . 'wp-content/plugins' );
if ( $plugins_dir ) {
while (( $file = $plugins_dir -> read ()) !== false ) {
if ( ! preg_match ( '|^\.+$|' , $file ) && preg_match ( '|\.php$|' , $file ) )
$plugin_files [] = $file ;
}
}
if ( $plugins_dir || $plugin_files ) :
?>
< p > Plugin files :</ p >
< ul >
< ? php foreach ( $plugin_files as $plugin_file ) : ?>
< li >< a href = " templates.php?file=wp-content/plugins/<?php echo $plugin_file ; ?> " >< ? php echo $plugin_file ; ?> </a></li>
< ? php endforeach ; ?>
2004-02-05 09:48:55 -05:00
</ ul >
2004-04-17 14:44:10 -04:00
< ? php endif ; ?>
2004-04-25 19:57:43 -04:00
< p >< ? php _e ( 'Note: of course, you can also edit the files/templates in your text editor of choice and upload them. This online editor is only meant to be used when you don’t have access to a text editor or FTP client.' ) ?> </p>
2003-12-07 20:55:38 -05:00
</ div >
< ? php
2003-05-22 08:12:53 -04:00
break ;
}
2004-04-25 19:57:43 -04:00
include ( " admin-footer.php " ) ?>