From 01022681174caaab7dfeb79e2518e887ab0c5dd4 Mon Sep 17 00:00:00 2001 From: rboren Date: Wed, 17 Nov 2004 03:15:44 +0000 Subject: [PATCH] Theme, plugin, and file editing cleanup. Work in progress. git-svn-id: http://svn.automattic.com/wordpress/trunk@1858 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/admin-functions.php | 84 +++++++++++++++++++++ wp-admin/menu.php | 5 +- wp-admin/plugin-editor.php | 138 ++++++++++++++++++++++++++++++++++ wp-admin/templates.php | 107 ++++++-------------------- wp-admin/theme-editor.php | 141 ++++++++++++++--------------------- 5 files changed, 305 insertions(+), 170 deletions(-) create mode 100644 wp-admin/plugin-editor.php diff --git a/wp-admin/admin-functions.php b/wp-admin/admin-functions.php index a46a9b11af..16ea74ddab 100644 --- a/wp-admin/admin-functions.php +++ b/wp-admin/admin-functions.php @@ -729,4 +729,88 @@ function add_options_page($page_title, $menu_title, $access_level, $file) { $submenu['options-general.php'][] = array($menu_title, $access_level, $file, $page_title); } + +function validate_file_to_edit($file, $allowed_files = '') { + if ('..' == substr($file,0,2)) + die (__('Sorry, can’t edit files with ".." in the name. If you are trying to edit a file in your WordPress home directory, you can just type the name of the file in.')); + + if (':' == substr($file,1,1)) + die (__('Sorry, can’t call files with their real path.')); + + if ( !empty($allowed_files) && (! in_array($file, $allowed_files)) ) { + die (__('Sorry, that file cannot be edited.')); + } + + $file = stripslashes($file); + + return $file; +} + +function get_real_file_to_edit($file) { + $home = get_settings('home'); + if (($home != '') + && ($home != get_settings('siteurl')) && + ('index.php' == $file || get_settings('blogfilename') == $file || + '.htaccess' == $file)) { + $home_root = parse_url($home); + $home_root = $home_root['path']; + $root = str_replace($_SERVER["PHP_SELF"], '', $_SERVER["PATH_TRANSLATED"]); + $home_root = $root . $home_root; + $real_file = $home_root . '/' . $file; + } else { + $real_file = ABSPATH . $file; + } + + return $real_file; +} + +$wp_file_descriptions = array('index.php' => __('Main Template'), + 'wp-layout.css' => __('Stylesheet'), + 'style.css' => __('Stylesheet'), + 'wp-comments.php' => __('Comments Template'), + 'comments.php' => __('Comments Template'), + 'wp-comments-popup.php' => __('Popup Comments Template'), + 'comments-popup.php' => __('Popup Comments Template'), + 'wp-footer.php' => __('Footer Template'), + 'footer.php' => __('Footer Template'), + 'wp-header.php' => __('Header Template'), + 'header.php' => __('Header Template'), + 'wp-sidebar.php' => __('Sidebar Template'), + 'sidebar.php' => __('Sidebar Template'), + 'archive.php' => __('Archive Template'), + 'category.php' => __('Category Template'), + 'page.php' => __('Page Template'), + 'search.php' => __('Search Template'), + 'single.php' => __('Post Template'), + '404.php' => __('404 Template'), + 'my-hacks.php' => __('my-hacks.php (legacy hacks support)'), + + '.htaccess' => __('.htaccess (for rewrite rules)') + ); + +function get_file_description($file) { + global $wp_file_descriptions; + + if (isset($wp_file_descriptions[$file])) { + return $wp_file_descriptions[$file]; + } + + return $file; +} + +function update_recently_edited($file) { + $oldfiles = (array) get_option('recently_edited'); + if ($oldfiles) { + $oldfiles = array_reverse($oldfiles); + $oldfiles[] = $file; + $oldfiles = array_reverse($oldfiles); + $oldfiles = array_unique($oldfiles); + if ( 5 < count($oldfiles) ) + array_pop($oldfiles); + } else { + $oldfiles[] = $file; + } + update_option('recently_edited', $oldfiles); +} + ?> \ No newline at end of file diff --git a/wp-admin/menu.php b/wp-admin/menu.php index 93b13b0172..9e87f4126e 100644 --- a/wp-admin/menu.php +++ b/wp-admin/menu.php @@ -24,6 +24,7 @@ $submenu['edit.php'][15] = array(__('Categories'), 1, 'categories.php'); $submenu['edit.php'][20] = array(__('Comments'), 1, 'edit-comments.php'); $awaiting_mod = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->comments WHERE comment_approved = '0'"); $submenu['edit.php'][25] = array(sprintf(__("Awaiting Moderation (%s)"), $awaiting_mod), 1, 'moderation.php'); +$submenu['edit.php'][30] = array(__('Files'), 5, 'templates.php'); $submenu['link-manager.php'][5] = array(__('Manage Links'), 5, 'link-manager.php'); $submenu['link-manager.php'][10] = array(__('Add Link'), 5, 'link-add.php'); @@ -40,9 +41,11 @@ $submenu['options-general.php'][20] = array(__('Discussion'), 5, 'options-discus $submenu['options-general.php'][25] = array(__('Permalinks'), 5, 'options-permalink.php'); $submenu['options-general.php'][30] = array(__('Miscellaneous'), 5, 'options-misc.php'); +$submenu['plugins.php'][5] = array(__('Plugins'), 5, 'plugins.php'); +$submenu['plugins.php'][10] = array(__('Plugin Editor'), 5, 'plugin-editor.php'); + $submenu['themes.php'][5] = array(__('Themes'), 5, 'themes.php'); $submenu['themes.php'][10] = array(__('Theme Editor'), 5, 'theme-editor.php'); -$submenu['themes.php'][15] = array(__('Other Files'), 5, 'templates.php'); do_action('admin_menu', ''); diff --git a/wp-admin/plugin-editor.php b/wp-admin/plugin-editor.php new file mode 100644 index 0000000000..507e4fa828 --- /dev/null +++ b/wp-admin/plugin-editor.php @@ -0,0 +1,138 @@ +read()) !== false) { + if ( !preg_match('|^\.+$|', $plug_file) && preg_match('|\.php$|', $plug_file) ) + $plugin_files[] = "wp-content/plugins/$plug_file"; + } +} + +if (count($plugin_files)) { + natcasesort($plugin_files); +} + +if (file_exists(ABSPATH . 'my-hacks.php')) { + $plugin_files[] = 'my-hacks.php'; +} + + +if (empty($file)) { + $file = $plugin_files[0]; +} + +$file = validate_file_to_edit($file, $plugin_files); +$real_file = get_real_file_to_edit($file); + +switch($action) { + +case 'update': + + if ($user_level < 5) { + die(__('

You have do not have sufficient permissions to edit templates for this blog.

')); + } + + $newcontent = stripslashes($_POST['newcontent']); + if (is_writeable($real_file)) { + $f = fopen($real_file, 'w+'); + fwrite($f, $newcontent); + fclose($f); + header("Location: plugin-editor.php?file=$file&a=te"); + } else { + header("Location: plugin-editor.php?file=$file"); + } + + exit(); + +break; + +default: + + require_once('admin-header.php'); + if ($user_level <= 5) { + die(__('

You have do not have sufficient permissions to edit plugins for this blog.

')); + } + + update_recently_edited($file); + + if (!is_file($real_file)) + $error = 1; + + if (!$error) { + $f = fopen($real_file, 'r'); + $content = fread($f, filesize($real_file)); + $content = htmlspecialchars($content); + } + + ?> + +

+ +
+ ' . sprintf(__('Editing %s'), $file) . ''; + } else { + echo '

' . sprintf(__('Browsing %s'), $file) . '

'; + } + ?> +
+

+ + +
    + +
  • ">
    • + +
+ +
+ +
+
+ + +
+ +

+"; +?> +

+ +

+ +
+

' . __('Oops, no such file exists! Double check the name and try again, merci.') . '

'; + } + ?> + + diff --git a/wp-admin/templates.php b/wp-admin/templates.php index 021f72cc01..08ca4f1620 100644 --- a/wp-admin/templates.php +++ b/wp-admin/templates.php @@ -1,23 +1,7 @@ You have do not have sufficient permissions to edit templates for this blog.

')); } - if ('' == $file) { - $file = 'index.php'; - } else { - $oldfiles = (array) get_option('recently_edited'); - if ($oldfiles) { - $oldfiles = array_reverse($oldfiles); - $oldfiles[] = $file; - $oldfiles = array_reverse($oldfiles); - $oldfiles = array_unique($oldfiles); - if ( 5 < count($oldfiles) ) - array_pop($oldfiles); - } else { - $oldfiles[] = $file; - } - update_option('recently_edited', $oldfiles); - } + update_recently_edited($file); - $home = get_settings('home'); - if (($home != '' && $home != get_settings('siteurl')) && - ('index.php' == $file || get_settings('blogfilename') == $file || - '.htaccess' == $file)) { - $home_root = parse_url($home); - $home_root = $home_root['path']; - $root = str_replace($_SERVER['PHP_SELF'], '', $_SERVER['PATH_TRANSLATED']); - $home_root = $root . $home_root; - $real_file = $home_root . '/' . $file; - } else { - $file = validate_file($file); - $real_file = '../' . $file; - } - if (!is_file($real_file)) $error = 1; @@ -127,21 +86,18 @@ if ( $recents = get_option('recently_edited') ) : '; foreach ($recents as $recent) : - $display = preg_replace('|.*/(.*)$|', '$1', $recent); - echo "
  • $display"; + echo "
  • " . get_file_description(basename($recent)) . ""; endforeach; echo ''; endif; ?>

    + + +
    • + +
    @@ -174,23 +130,6 @@ endif;
    -read()) !== false) { - if ( !preg_match('|^\.+$|', $file) && preg_match('|\.php$|', $file) ) - $plugin_files[] = $file; - } -} -if ($plugins_dir || $plugin_files) : -?> -

    Plugin files:

    - -

    You have do not have sufficient permissions to edit themes for this blog.

    ')); } - - $themes = get_themes(); - if (! isset($theme) || empty($theme)) { - $theme = get_current_theme(); - } - - $stylesheet_files = $themes[$theme]['Stylesheet Files']; - $template_files = $themes[$theme]['Template Files']; - - if ('' == $file) { - $file = $stylesheet_files[0]; - } - - $home = get_settings('home'); - if (($home != '') - && ($home != get_settings('siteurl')) && - ('index.php' == $file || get_settings('blogfilename') == $file || - '.htaccess' == $file)) { - $home_root = parse_url($home); - $home_root = $home_root['path']; - $root = str_replace($_SERVER["PHP_SELF"], '', $_SERVER["PATH_TRANSLATED"]); - $home_root = $root . $home_root; - $real_file = $home_root . '/' . $file; - } else { - $file = validate_file($file); - $real_file = '../' . $file; - } + update_recently_edited($file); if (!is_file($real_file)) $error = 1; @@ -128,24 +98,43 @@ default:
    " . sprintf(__('Editing %s'), $file) . "

    "; - + if (is_writeable($real_file)) { + echo '

    ' . sprintf(__('Editing %s'), $file) . '

    '; + } else { + echo '

    ' . sprintf(__('Browsing %s'), $file) . '

    '; + } + ?> +
    +

    '%s' theme files"), $theme) ?>

    + + + + +
    + -
    - + a +
    - + +
    +

    - "; - } else { - echo ""; - } - ?> +"; +?>

    + +

    +
    -
    -

    %s theme files:'), $theme) ?>

    - - -

    -
    -