Theme Editor: Ensure files listed recursively can be both viewed and edited.

Prevent edits to 2-level deep theme files from returning a `disallowed_theme_file` error when attempting to save an edit. Aligns logic for gathering `$allowed_files` in `theme-editor.php` for listing files with the validation logic in `wp_edit_theme_plugin_file()`.

Amends [41806].
See #6531.
Fixes #42425.


git-svn-id: https://develop.svn.wordpress.org/trunk@42112 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Weston Ruter 2017-11-02 23:04:54 +00:00
parent 4f0527afdc
commit 3fab757196

View File

@ -432,15 +432,15 @@ function wp_edit_theme_plugin_file( $args ) {
foreach ( $editable_extensions as $type ) {
switch ( $type ) {
case 'php':
$allowed_files = array_merge( $allowed_files, $theme->get_files( 'php', 1 ) );
$allowed_files = array_merge( $allowed_files, $theme->get_files( 'php', -1 ) );
break;
case 'css':
$style_files = $theme->get_files( 'css' );
$style_files = $theme->get_files( 'css', -1 );
$allowed_files['style.css'] = $style_files['style.css'];
$allowed_files = array_merge( $allowed_files, $style_files );
break;
default:
$allowed_files = array_merge( $allowed_files, $theme->get_files( $type ) );
$allowed_files = array_merge( $allowed_files, $theme->get_files( $type, -1 ) );
break;
}
}