headers
Ibrahim A. Mohamed | 3 Apr 2009 03:50
Picon
Gravatar

Editing Plugin files in 2.8

Dear all,

In 2.8, a new feature added to the Plugin editor in which you can edit any
file, not the plugin's file only. A problem can be found, especially with
plugins that has pictures included like akismet that you can edit these
files, which is not logical, why should I edit a picture file in an editor?
:)

So, I think we can remove this by adding some rules for files that can be
editted, or files that don't need to be editted like image files this might
solve the problem. For example, for Akismet, in wp-admin/plugin-editor.php
in line 164 where it says:

<?php foreach($plugin_files as $plugin_file) : ?>
> <li<?php echo $file == $plugin_file ? ' class="highlight"' : ''; ?>><a
> href="plugin-editor.php?file=<?php echo $plugin_file; ?>&plugin=<?php echo
> $plugin; ?>"><?php echo $plugin_file ?></a></li>
> <?php endforeach; ?>
>

We can make it:

<?php foreach($plugin_files as $plugin_file) :
> // Get the extension of the file.
>     $ext = substr($plugin_file, strpos($plugin_file, '.') + 1);
> // Extensions to be eliminated
>     if($ext != 'gif' && $ext != 'jpg') : ?>
>         <li<?php echo $file == $plugin_file ? ' class="highlight"' : '';
> ?>><a href="plugin-editor.php?file=<?php echo $plugin_file; ?>&plugin=<?php
> echo $plugin; ?>"><?php echo $plugin_file ?></a></li>
(Continue reading)

Permalink | Reply | 536 comments |
headers
Silverstein, Jesse | 3 Apr 2009 04:46
Picon

RE: Editing Plugin files in 2.8

If this change goes in, it makes sense to include a slew of extensions that cannot be edited in a text editor,
but might be included in a plugin:
$exlude = array("gif", "jpg", "png", "bmp", "swf", "flv", "mp3", "wav" /* others */);

Then change 
if($ext != 'gif' && $ext != 'jpg') : ?>
to
if ( false !== array_search($ext, $exclude)) continue; ?>
and take out the endif line.

-Jesse Silverstein

-----Original Message-----
From: wp-testers-bounces <at> lists.automattic.com
[mailto:wp-testers-bounces <at> lists.automattic.com] On Behalf Of Ibrahim A. Mohamed
Sent: Thursday, April 02, 2009 9:51 PM
To: wp-testers <at> lists.automattic.com
Subject: [wp-testers] Editing Plugin files in 2.8

Dear all,

In 2.8, a new feature added to the Plugin editor in which you can edit any
file, not the plugin's file only. A problem can be found, especially with
plugins that has pictures included like akismet that you can edit these
files, which is not logical, why should I edit a picture file in an editor?
:)

So, I think we can remove this by adding some rules for files that can be
editted, or files that don't need to be editted like image files this might
solve the problem. For example, for Akismet, in wp-admin/plugin-editor.php
(Continue reading)

Permalink | Reply | 7 comments |
headers
Peter Westwood | 3 Apr 2009 08:01
Picon

Re: Editing Plugin files in 2.8


On 3 Apr 2009, at 03:46, Silverstein, Jesse wrote:

> If this change goes in, it makes sense to include a slew of  
> extensions that cannot be edited in a text editor, but might be  
> included in a plugin:
> $exlude = array("gif", "jpg", "png", "bmp", "swf", "flv", "mp3",  
> "wav" /* others */);

It may make more sense to whitelist rather than blacklist here.

It is going to be easier to define a set of safe file extensions than  
try and list all the unsafe ones.

Could someone raise a trac ticket (and write a patch if so inclined ;-))

westi
--

-- 
Peter Westwood
http://blog.ftwr.co.uk | http://westi.wordpress.com
C53C F8FC 8796 8508 88D6 C950 54F4 5DCD A834 01C5
Permalink | Reply | 3 comments |
headers
Van Winkle Enterprises | 3 Apr 2009 13:35
Gravatar

Re: Editing Plugin files in 2.8

I am traveling today and will be away from my desk. If you have an emergency
please call 914-591-7230. I will respond to your email as quickly as
possible.

Sincerely, 

Mike
Permalink | Reply | 2 comments |
headers
Van Winkle Enterprises | 3 Apr 2009 13:35
Gravatar

Re: Editing Plugin files in 2.8

I am traveling today and will be away from my desk. If you have an emergency
please call 914-591-7230. I will respond to your email as quickly as
possible.

Sincerely, 

Mike
Permalink | Reply | 534 comments |
headers
Van Winkle Enterprises | 3 Apr 2009 13:54
Gravatar

Re: Editing Plugin files in 2.8

I am traveling today and will be away from my desk. If you have an emergency
please call 914-591-7230. I will respond to your email as quickly as
possible.

Sincerely, 

Mike
Permalink | Reply | 4 comments |
headers
Van Winkle Enterprises | 3 Apr 2009 13:54
Gravatar

Re: Editing Plugin files in 2.8

I am traveling today and will be away from my desk. If you have an emergency
please call 914-591-7230. I will respond to your email as quickly as
possible.

Sincerely, 

Mike
Permalink | Reply | 1 comment |
headers
Van Winkle Enterprises | 3 Apr 2009 13:36
Gravatar

Re: Editing Plugin files in 2.8

I am traveling today and will be away from my desk. If you have an emergency
please call 914-591-7230. I will respond to your email as quickly as
possible.

Sincerely, 

Mike
Permalink | Reply | 1 comment |
headers
Ibrahim A. Mohamed | 3 Apr 2009 14:24
Picon
Gravatar

Re: Editing Plugin files in 2.8

I love Peter's idea on Silverstein solution, we can do it this way:
$include = array("php", "txt", "css", "html");
instead of
$exclude = array("gif", "jpg", "png", "bmp", "swf", "flv", "mp3", "wav" /*
others */);

and change: if( false !== array_search($ext, $exclude)) continue; ?>

to if( false === array_search($ext, $include)) continue; ?>

Thanks in Advance!

On Fri, Apr 3, 2009 at 3:50 AM, Ibrahim A. Mohamed <bingorabbit@...>wrote:

> Dear all,
>
> In 2.8, a new feature added to the Plugin editor in which you can edit any
> file, not the plugin's file only. A problem can be found, especially with
> plugins that has pictures included like akismet that you can edit these
> files, which is not logical, why should I edit a picture file in an editor?
> :)
>
> So, I think we can remove this by adding some rules for files that can be
> editted, or files that don't need to be editted like image files this might
> solve the problem. For example, for Akismet, in wp-admin/plugin-editor.php
> in line 164 where it says:
>
> <?php foreach($plugin_files as $plugin_file) : ?>
>> <li<?php echo $file == $plugin_file ? ' class="highlight"' : ''; ?>><a
>> href="plugin-editor.php?file=<?php echo $plugin_file; ?>&plugin=<?php echo
(Continue reading)

Permalink | Reply | 7 comments |
headers
Silverstein, Jesse | 3 Apr 2009 19:31
Picon

RE: Editing Plugin files in 2.8

> Could someone raise a trac ticket (and write a patch if so inclined
;-))
http://core.trac.wordpress.org/ticket/9452

I don't know if I did any of that right. T'was my first interaction with
Trac. Hopefully I didn't screw it up too badly. :)

-Jesse Silverstein

-----Original Message-----
From: wp-testers-bounces@...
[mailto:wp-testers-bounces@...] On Behalf Of Peter
Westwood
Sent: Friday, April 03, 2009 2:02 AM
To: wp-testers@...
Subject: Re: [wp-testers] Editing Plugin files in 2.8

On 3 Apr 2009, at 03:46, Silverstein, Jesse wrote:

> If this change goes in, it makes sense to include a slew of  
> extensions that cannot be edited in a text editor, but might be  
> included in a plugin:
> $exlude = array("gif", "jpg", "png", "bmp", "swf", "flv", "mp3",  
> "wav" /* others */);

It may make more sense to whitelist rather than blacklist here.

It is going to be easier to define a set of safe file extensions than  
try and list all the unsafe ones.
(Continue reading)

Permalink | Reply | 0 comments |

Gmane