Steve-Dee-Designs
/
woocommerce
mirror of https://github.com/woocommerce/woocommerce.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix non-lowercase theme activation issue (https://github.com/woocommerce/woocommerce-admin/pull/4393) (https://github.com/woocommerce/woocommerce-admin/pull/4706) 

Use sanitize_text_field instead of sanitize_title_with_dashes to clean up the theme name during theme activation and installation. Remove another sanitize_title because it also need to allow non-lowercase slug as well. Use the sanitized theme name as slug for:
- Checking whether current theme is allowed to activate
- Checking whether current theme is one of installed theme
- Slug of theme on Onboarding::get_theme_data() method.
This commit is contained in:
Ayub Adiputra 2020-07-22 03:53:33 +07:00 committed by GitHub
parent 3862223149
commit e2d41ea718
2 changed files with 12 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
plugins/woocommerce-admin/src/API/OnboardingThemes.php
View File

@ -86,19 +86,18 @@ class OnboardingThemes extends \WC_REST_Data_Controller {
*/ */
public function install_theme( $request ) { public function install_theme( $request ) {
$allowed_themes = Onboarding::get_allowed_themes(); $allowed_themes = Onboarding::get_allowed_themes();
$theme = sanitize_title_with_dashes( $request['theme'] ); $theme = sanitize_text_field( $request['theme'] );
if ( ! in_array( $theme, $allowed_themes, true ) ) { if ( ! in_array( $theme, $allowed_themes, true ) ) {
return new \WP_Error( 'woocommerce_rest_invalid_theme', __( 'Invalid theme.', 'woocommerce-admin' ), 404 ); return new \WP_Error( 'woocommerce_rest_invalid_theme', __( 'Invalid theme.', 'woocommerce-admin' ), 404 );
} }
$slug = sanitize_key( $theme );
$installed_themes = wp_get_themes(); $installed_themes = wp_get_themes();
if ( in_array( $slug, array_keys( $installed_themes ), true ) ) { if ( in_array( $theme, array_keys( $installed_themes ), true ) ) {
return( array( return( array(
'slug' => $slug, 'slug' => $theme,
'name' => $installed_themes[ $slug ]->get( 'Name' ), 'name' => $installed_themes[ $theme ]->get( 'Name' ),
'status' => 'success', 'status' => 'success',
) ); ) );
} }
@ -112,7 +111,7 @@ class OnboardingThemes extends \WC_REST_Data_Controller {
$api = themes_api( $api = themes_api(
'theme_information', 'theme_information',
array( array(
'slug' => $slug, 'slug' => $theme,
'fields' => array( 'fields' => array(
'sections' => false, 'sections' => false,
), ),
@ -125,7 +124,7 @@ class OnboardingThemes extends \WC_REST_Data_Controller {
sprintf( sprintf(
/* translators: %s: theme slug (example: woocommerce-services) */ /* translators: %s: theme slug (example: woocommerce-services) */
__( 'The requested theme `%s` could not be installed. Theme API call failed.', 'woocommerce-admin' ), __( 'The requested theme `%s` could not be installed. Theme API call failed.', 'woocommerce-admin' ),
$slug $theme
), ),
500 500
); );
@ -140,14 +139,14 @@ class OnboardingThemes extends \WC_REST_Data_Controller {
sprintf( sprintf(
/* translators: %s: theme slug (example: woocommerce-services) */ /* translators: %s: theme slug (example: woocommerce-services) */
__( 'The requested theme `%s` could not be installed.', 'woocommerce-admin' ), __( 'The requested theme `%s` could not be installed.', 'woocommerce-admin' ),
$slug $theme
), ),
500 500
); );
} }
return array( return array(
'slug' => $slug, 'slug' => $theme,
'name' => $api->name, 'name' => $api->name,
'status' => 'success', 'status' => 'success',
); );
@ -161,24 +160,23 @@ class OnboardingThemes extends \WC_REST_Data_Controller {
*/ */
public function activate_theme( $request ) { public function activate_theme( $request ) {
$allowed_themes = Onboarding::get_allowed_themes(); $allowed_themes = Onboarding::get_allowed_themes();
$theme = sanitize_title_with_dashes( $request['theme'] ); $theme = sanitize_text_field( $request['theme'] );
if ( ! in_array( $theme, $allowed_themes, true ) ) { if ( ! in_array( $theme, $allowed_themes, true ) ) {
return new \WP_Error( 'woocommerce_rest_invalid_theme', __( 'Invalid theme.', 'woocommerce-admin' ), 404 ); return new \WP_Error( 'woocommerce_rest_invalid_theme', __( 'Invalid theme.', 'woocommerce-admin' ), 404 );
} }
require_once ABSPATH . 'wp-admin/includes/theme.php'; require_once ABSPATH . 'wp-admin/includes/theme.php';
$slug = sanitize_key( $theme );
$installed_themes = wp_get_themes(); $installed_themes = wp_get_themes();
if ( ! in_array( $theme, array_keys( $installed_themes ), true ) ) { if ( ! in_array( $theme, array_keys( $installed_themes ), true ) ) {
/* translators: %s: theme slug (example: woocommerce-services) */ /* translators: %s: theme slug (example: woocommerce-services) */
return new \WP_Error( 'woocommerce_rest_invalid_theme', sprintf( __( 'Invalid theme %s.', 'woocommerce-admin' ), $slug ), 404 ); return new \WP_Error( 'woocommerce_rest_invalid_theme', sprintf( __( 'Invalid theme %s.', 'woocommerce-admin' ), $theme ), 404 );
} }
$result = switch_theme( $theme ); $result = switch_theme( $theme );
if ( ! is_null( $result ) ) { if ( ! is_null( $result ) ) {
return new \WP_Error( 'woocommerce_rest_invalid_theme', sprintf( __( 'The requested theme could not be activated.', 'woocommerce-admin' ), $slug ), 500 ); return new \WP_Error( 'woocommerce_rest_invalid_theme', sprintf( __( 'The requested theme could not be activated.', 'woocommerce-admin' ), $theme ), 500 );
} }
return( array( return( array(

2
plugins/woocommerce-admin/src/Features/Onboarding.php
View File

@ -455,7 +455,7 @@ class Onboarding {
*/ */
public static function get_theme_data( $theme ) { public static function get_theme_data( $theme ) {
return array( return array(
'slug' => sanitize_title( $theme->stylesheet ), 'slug' => sanitize_text_field( $theme->stylesheet ),
'title' => $theme->get( 'Name' ), 'title' => $theme->get( 'Name' ),
'price' => '0.00', 'price' => '0.00',
'is_installed' => true, 'is_installed' => true,