sergiotarxz/Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Theme Customizer: Validate themes with more than just an existence check.

Browse Source 
* The current theme goes through validate_current_theme().
 * If doing a preview of a different theme, we check theme->errors().

Also:
 * Don't attach previewing hooks when previewing the current theme.
Aside from being unnecessary, this prevents issues with a theme with
the error of theme_parent_invalid.
 * Call send_origin_headers() earlier, to allow wp_die( '0' ) to properly
be returned in a domain mapping situation.
 * Fix the 'Save & Activate' message on themes.php.

fixes #20921.



git-svn-id: https://develop.svn.wordpress.org/trunk@21069 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Andrew Nacin 2012-06-12 18:39:16 +00:00
parent 25e378229e
commit 7b32cc9e6b
3 changed files with 76 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
wp-admin/customize.php
View File

@ -161,7 +161,7 @@ do_action( 'customize_controls_print_scripts' );
'url' => array( 'url' => array(
'preview' => esc_url( $url ? $url : home_url( '/' ) ), 'preview' => esc_url( $url ? $url : home_url( '/' ) ),
'parent' => esc_url( admin_url() ), 'parent' => esc_url( admin_url() ),
'activated' => esc_url( admin_url( 'themes.php?activated=true' ) ), 'activated' => admin_url( 'themes.php?activated=true&previewed' ),
'ajax' => esc_url( admin_url( 'admin-ajax.php', 'relative' ) ), 'ajax' => esc_url( admin_url( 'admin-ajax.php', 'relative' ) ),
'allowed' => array_map( 'esc_url', $allowed_urls ), 'allowed' => array_map( 'esc_url', $allowed_urls ),
'isCrossDomain' => $cross_domain, 'isCrossDomain' => $cross_domain,

26
wp-admin/themes.php
View File

@ -92,18 +92,6 @@ wp_enqueue_script( 'customize-loader' );
require_once('./admin-header.php'); require_once('./admin-header.php');
?> ?>
<?php if ( ! validate_current_theme() ) : ?>
<div id="message1" class="updated"><p><?php _e('The active theme is broken. Reverting to the default theme.'); ?></p></div>
<?php elseif ( isset($_GET['activated']) ) :
if ( isset($wp_registered_sidebars) && count( (array) $wp_registered_sidebars ) && current_user_can('edit_theme_options') ) { ?>
<div id="message2" class="updated"><p><?php printf( __('New theme activated. This theme supports widgets, please visit the <a href="%s">widgets settings</a> screen to configure them.'), admin_url( 'widgets.php' ) ); ?></p></div><?php
} else { ?>
<div id="message2" class="updated"><p><?php printf( __( 'New theme activated. <a href="%s">Visit site</a>' ), home_url( '/' ) ); ?></p></div><?php
}
elseif ( isset($_GET['deleted']) ) : ?>
<div id="message3" class="updated"><p><?php _e('Theme deleted.') ?></p></div>
<?php endif; ?>
<div class="wrap"><?php <div class="wrap"><?php
screen_icon(); screen_icon();
if ( ! is_multisite() && current_user_can( 'install_themes' ) ) : ?> if ( ! is_multisite() && current_user_can( 'install_themes' ) ) : ?>
@ -114,6 +102,20 @@ if ( ! is_multisite() && current_user_can( 'install_themes' ) ) : ?>
<?php endif; ?> <?php endif; ?>
</h2> </h2>
<?php <?php
if ( ! validate_current_theme() || isset( $_GET['broken'] ) ) : ?>
<div id="message1" class="updated"><p><?php _e('The active theme is broken. Reverting to the default theme.'); ?></p></div>
<?php elseif ( isset($_GET['activated']) ) :
if ( isset( $_GET['previewed'] ) ) { ?>
<div id="message2" class="updated"><p><?php printf( __( 'Settings saved and theme activated. <a href="%s">Visit site</a>.' ), home_url( '/' ) ); ?></p></div>
<?php } elseif ( isset($wp_registered_sidebars) && count( (array) $wp_registered_sidebars ) && current_user_can('edit_theme_options') ) { ?>
<div id="message2" class="updated"><p><?php printf( __('New theme activated. This theme supports widgets, please visit the <a href="%s">widgets settings</a> screen to configure them.'), admin_url( 'widgets.php' ) ); ?></p></div><?php
} else { ?>
<div id="message2" class="updated"><p><?php printf( __( 'New theme activated. <a href="%s">Visit site</a>' ), home_url( '/' ) ); ?></p></div><?php
}
elseif ( isset($_GET['deleted']) ) : ?>
<div id="message3" class="updated"><p><?php _e('Theme deleted.') ?></p></div>
<?php
endif;
$ct = wp_get_theme(); $ct = wp_get_theme();
$screenshot = $ct->get_screenshot(); $screenshot = $ct->get_screenshot();

68
wp-includes/class-wp-customize-manager.php
View File

@ -72,10 +72,13 @@ final class WP_Customize_Manager {
* *
* @since 3.4.0 * @since 3.4.0
*/ */
private function wp_die( $ajax_message, $message ) { protected function wp_die( $ajax_message, $message = null ) {
if ( $this->doing_ajax() ) if ( $this->doing_ajax() )
wp_die( $ajax_message ); wp_die( $ajax_message );
if ( ! $message )
$message = __( 'Cheatin&#8217; uh?' );
wp_die( $message ); wp_die( $message );
} }
@ -98,29 +101,45 @@ final class WP_Customize_Manager {
* @since 3.4.0 * @since 3.4.0
*/ */
public function setup_theme() { public function setup_theme() {
send_origin_headers();
if ( is_admin() && ! $this->doing_ajax() ) if ( is_admin() && ! $this->doing_ajax() )
auth_redirect(); auth_redirect();
elseif ( $this->doing_ajax() && ! is_user_logged_in()) elseif ( $this->doing_ajax() && ! is_user_logged_in() )
wp_die( 0 ); $this->wp_die( 0 );
send_origin_headers(); show_admin_bar( false );
if ( ! current_user_can( 'edit_theme_options' ) )
$this->wp_die( -1 );
$this->original_stylesheet = get_stylesheet(); $this->original_stylesheet = get_stylesheet();
$this->theme = wp_get_theme( isset( $_REQUEST['theme'] ) ? $_REQUEST['theme'] : null ); $this->theme = wp_get_theme( isset( $_REQUEST['theme'] ) ? $_REQUEST['theme'] : null );
// You can't preview a theme if it doesn't exist, or if it is not allowed (unless active). if ( $this->is_theme_active() ) {
if ( ! $this->theme->exists() ) // Once the theme is loaded, we'll validate it.
$this->wp_die( -1, __( 'Cheatin&#8217; uh?' ) ); add_action( 'after_setup_theme', array( $this, 'after_setup_theme' ) );
} else {
if ( ! current_user_can( 'switch_themes' ) )
$this->wp_die( -1 );
if ( $this->theme->get_stylesheet() != get_stylesheet() && ( ! $this->theme()->is_allowed() || ! current_user_can( 'switch_themes' ) ) ) // If the theme isn't active, you can't preview it if it is not allowed or has errors.
$this->wp_die( -1, __( 'Cheatin&#8217; uh?' ) ); if ( $this->theme()->errors() )
$this->wp_die( -1 );
if ( ! current_user_can( 'edit_theme_options' ) ) if ( ! $this->theme()->is_allowed() )
$this->wp_die( -1, __( 'Cheatin&#8217; uh?' ) ); $this->wp_die( -1 );
}
$this->start_previewing_theme(); $this->start_previewing_theme();
show_admin_bar( false ); }
function after_setup_theme() {
if ( ! $this->doing_ajax() && ! validate_current_theme() ) {
wp_redirect( 'themes.php?broken=true' );
exit;
}
} }
/** /**
@ -137,6 +156,7 @@ final class WP_Customize_Manager {
$this->previewing = true; $this->previewing = true;
if ( ! $this->is_theme_active() ) {
add_filter( 'template', array( $this, 'get_template' ) ); add_filter( 'template', array( $this, 'get_template' ) );
add_filter( 'stylesheet', array( $this, 'get_stylesheet' ) ); add_filter( 'stylesheet', array( $this, 'get_stylesheet' ) );
add_filter( 'pre_option_current_theme', array( $this, 'current_theme' ) ); add_filter( 'pre_option_current_theme', array( $this, 'current_theme' ) );
@ -148,6 +168,7 @@ final class WP_Customize_Manager {
// Handle custom theme roots. // Handle custom theme roots.
add_filter( 'pre_option_stylesheet_root', array( $this, 'get_stylesheet_root' ) ); add_filter( 'pre_option_stylesheet_root', array( $this, 'get_stylesheet_root' ) );
add_filter( 'pre_option_template_root', array( $this, 'get_template_root' ) ); add_filter( 'pre_option_template_root', array( $this, 'get_template_root' ) );
}
do_action( 'start_previewing_theme', $this ); do_action( 'start_previewing_theme', $this );
} }
@ -165,6 +186,7 @@ final class WP_Customize_Manager {
$this->previewing = false; $this->previewing = false;
if ( ! $this->is_theme_active() ) {
remove_filter( 'template', array( $this, 'get_template' ) ); remove_filter( 'template', array( $this, 'get_template' ) );
remove_filter( 'stylesheet', array( $this, 'get_stylesheet' ) ); remove_filter( 'stylesheet', array( $this, 'get_stylesheet' ) );
remove_filter( 'pre_option_current_theme', array( $this, 'current_theme' ) ); remove_filter( 'pre_option_current_theme', array( $this, 'current_theme' ) );
@ -176,6 +198,7 @@ final class WP_Customize_Manager {
// Handle custom theme roots. // Handle custom theme roots.
remove_filter( 'pre_option_stylesheet_root', array( $this, 'get_stylesheet_root' ) ); remove_filter( 'pre_option_stylesheet_root', array( $this, 'get_stylesheet_root' ) );
remove_filter( 'pre_option_template_root', array( $this, 'get_template_root' ) ); remove_filter( 'pre_option_template_root', array( $this, 'get_template_root' ) );
}
do_action( 'stop_previewing_theme', $this ); do_action( 'stop_previewing_theme', $this );
} }
@ -389,7 +412,7 @@ final class WP_Customize_Manager {
* @return string Template name. * @return string Template name.
*/ */
public function get_template() { public function get_template() {
return $this->theme->get_template(); return $this->theme()->get_template();
} }
/** /**
@ -400,7 +423,7 @@ final class WP_Customize_Manager {
* @return string Stylesheet name. * @return string Stylesheet name.
*/ */
public function get_stylesheet() { public function get_stylesheet() {
return $this->theme->get_stylesheet(); return $this->theme()->get_stylesheet();
} }
/** /**
@ -433,7 +456,7 @@ final class WP_Customize_Manager {
* @return string Theme name. * @return string Theme name.
*/ */
public function current_theme( $current_theme ) { public function current_theme( $current_theme ) {
return $this->theme->display('Name'); return $this->theme()->display('Name');
} }
/** /**
@ -448,7 +471,7 @@ final class WP_Customize_Manager {
check_ajax_referer( 'customize_controls-' . $this->get_stylesheet(), 'nonce' ); check_ajax_referer( 'customize_controls-' . $this->get_stylesheet(), 'nonce' );
// Do we have to switch themes? // Do we have to switch themes?
if ( $this->get_stylesheet() != $this->original_stylesheet ) { if ( ! $this->is_theme_active() ) {
// Temporarily stop previewing the theme to allow switch_themes() // Temporarily stop previewing the theme to allow switch_themes()
// to operate properly. // to operate properly.
$this->stop_previewing_theme(); $this->stop_previewing_theme();
@ -462,22 +485,9 @@ final class WP_Customize_Manager {
$setting->save(); $setting->save();
} }
add_action( 'admin_notices', array( $this, '_save_feedback' ) );
die; die;
} }
/**
* Show an admin notice after settings are saved.
*
* @since 3.4.0
*/
public function _save_feedback() {
?>
<div class="updated"><p><?php printf( __( 'Settings saved and theme activated. <a href="%s">Visit site</a>.' ), home_url( '/' ) ); ?></p></div>
<?php
}
/** /**
* Add a customize setting. * Add a customize setting.
* *