wp_edit_theme_plugin_file() – Attempts to edit a file for a theme or plugin.
You appear to be a bot. Output may be restricted
Description
Attempts to edit a file for a theme or plugin.
When editing a PHP file, loopback requests will be made to the admin and the homepage to attempt to see if there is a fatal error introduced. If so, the PHP change will be reverted.
Usage
$true|WP_Error = wp_edit_theme_plugin_file( $args );
Parameters
- $args
- ( string[] ) required – { Args. Note that all of the arg values are already unslashed. They are, however, coming straight from
$_POST
and are not validated or sanitized in any way. - $file
- ( string ) required – Relative path to file.
- $plugin
- ( string ) required – Path to the plugin file relative to the plugins directory.
- $theme
- ( string ) required – Theme being edited.
- $newcontent
- ( string ) required – New content for the file.
- $nonce
- ( string ) required – Nonce. }
Returns
true|WP_Error True on success or WP_Error
on failure.
Source
File name: wordpress/wp-admin/includes/file.php
Lines:
1 to 100 of 276
function wp_edit_theme_plugin_file( $args ) { if ( empty( $args['file'] ) ) { return new WP_Error( 'missing_file' ); } if ( 0 !== validate_file( $args['file'] ) ) { return new WP_Error( 'bad_file' ); } if ( ! isset( $args['newcontent'] ) ) { return new WP_Error( 'missing_content' ); } if ( ! isset( $args['nonce'] ) ) { return new WP_Error( 'missing_nonce' ); } $file = $args['file']; $content = $args['newcontent']; $plugin = null; $theme = null; $real_file = null; if ( ! empty( $args['plugin'] ) ) { $plugin = $args['plugin']; if ( ! current_user_can( 'edit_plugins' ) ) { return new WP_Error( 'unauthorized', __( 'Sorry, you are not allowed to edit plugins for this site.' ) ); } if ( ! wp_verify_nonce( $args['nonce'], 'edit-plugin_' . $file ) ) { return new WP_Error( 'nonce_failure' ); } if ( ! array_key_exists( $plugin, get_plugins() ) ) { return new WP_Error( 'invalid_plugin' ); } if ( 0 !== validate_file( $file, get_plugin_files( $plugin ) ) ) { return new WP_Error( 'bad_plugin_file_path', __( 'Sorry, that file cannot be edited.' ) ); } $editable_extensions = wp_get_plugin_file_editable_extensions( $plugin ); $real_file = WP_PLUGIN_DIR . '/' . $file; $is_active = in_array( $plugin, (array) get_option( 'active_plugins', array() ), true ); } elseif ( ! empty( $args['theme'] ) ) { $stylesheet = $args['theme']; if ( 0 !== validate_file( $stylesheet ) ) { return new WP_Error( 'bad_theme_path' ); } if ( ! current_user_can( 'edit_themes' ) ) { return new WP_Error( 'unauthorized', __( 'Sorry, you are not allowed to edit templates for this site.' ) ); } $theme = wp_get_theme( $stylesheet ); if ( ! $theme->exists() ) { return new WP_Error( 'non_existent_theme', __( 'The requested theme does not exist.' ) ); } if ( ! wp_verify_nonce( $args['nonce'], 'edit-theme_' . $stylesheet . '_' . $file ) ) { return new WP_Error( 'nonce_failure' ); } if ( $theme->errors() && 'theme_no_stylesheet' === $theme->errors()->get_error_code() ) { return new WP_Error( 'theme_no_stylesheet', __( 'The requested theme does not exist.' ) . ' ' . $theme->errors()->get_error_message() ); } $editable_extensions = wp_get_theme_file_editable_extensions( $theme ); $allowed_files = array(); foreach ( $editable_extensions as $type ) { switch ( $type ) { case 'php': $allowed_files = array_merge( $allowed_files, $theme->get_files( 'php', -1 ) ); break; case 'css': $style_files = $theme->get_files( 'css', -1 ); $allowed_files['style.css'] = $style_files['style.css']; $allowed_files = array_merge( $allowed_files, $style_files ); break; default: $allowed_files = array_merge( $allowed_files, $theme->get_files( $type, -1 ) ); break; } } // Compare based on relative paths.