Help! I cannot access Theme Editor file

  • castorand

    (@castorand)


    5 months ago

    Hi everyone.

    I am new to the forum so I thank everyone for your help with this.

    I installed a local wordpress website using Xampp. I am using the onepress theme and activated a onepress child theme. Everything is working fine but in the last 2 days when I click on the Theme file editor under Appearance to change the child’s theme css file I only get a blank page with the message “Sorry, that file cannot be edited.”.

    I enabled debugging but I do not get any error in the debug.log

    Could anyone help with this issue please?

    Thank you so much

Viewing 9 replies - 1 through 9 (of 9 total)
  • mikechy

    (@mikechy)

    Having the same issue with an Elementor Theme. Seems to be recent. Last update bug perhaps? are you running the latest WP version, 6.5.5?

    Thread Starter castorand

    (@castorand)

    Thank you mikechy.

    I have thought about that too because everything was working fine with version 6.5.4. The issue seems to have started after the automatic update to 6.5.5.

    Have you had any luck to resolve it?

    Thread Starter castorand

    (@castorand)

    Can anyone else help with this issue?

    Thanks

    john1971hun

    (@john1971hun)

    Someone put this in \wp-includes\functions.php : function validate_file( … ):

    // Normalize path for Windows servers
$file = wp_normalize_path( $file );

    That changes the \ sign in $file to / sign, and so it doesn’t pass the $allowed_files check.

    For example:
    $file original = C:\wamp64\www\wordpress/wp-content/themes/astra-child/style.css
    $file after wp_normalize_path -> C:/wamp64/www/wordpress/wp-content/themes/astra-child/style.css

    $allowed_files = [style.css] => C:\wamp64\www\wordpress/wp-content/themes/astra-child/style.css

    Quick solution: comment out the normalize in this function.

    Thread Starter castorand

    (@castorand)

    Thank you very much john1971hun!

    That worked!

    I presume this issue only applies to a local installation on PC?

    john1971hun

    (@john1971hun)

    Glad to hear it, @castorand !

    Probably only in a windows environment on localhost or windows server. My website on linux on the same wordpress version is not affected.

    Thread Starter castorand

    (@castorand)

    That’s good to know @john1971hun. When I move the local website to the Linux server I will try to remove the change and hopefully it will work without the commented out line in a core file.

    this is amazing, thanks.

    change to this in \wp-includes/functions.php

        // Normalize path for Windows servers

        $file = wp_normalize_path( $file );

        // Normalize all allowed file paths

        $allowed_files = array_map( 'wp_normalize_path', $allowed_files );

        //     ../ on its own is not allowed:

        if ( '../' === $file ) {

            return 1;

        }

        // More than one occurrence of ../ is not allowed:

        if ( preg_match_all( '#\.\./#', $file, $matches, PREG_SET_ORDER ) && ( count( $matches ) > 1 ) ) {

            return 1;

        }

        // ../ which does not occur at the end of the path is not allowed:

        if ( str_contains( $file, '../' ) && '../' !== mb_substr( $file, -3, 3 ) ) {

            return 1;

        }

        // Files not in the allowed file list are not allowed:

        if ( ! empty( $allowed_files ) && ! in_array( $file, $allowed_files, true ) ) {

            return 3;

        }

        // Absolute Windows drive paths are not allowed:

        if ( ':' === substr( $file, 1, 1 ) ) {

            return 2;

        }

        return 0;

    }
    • This reply was modified 4 months, 2 weeks ago by saadchellah.
Viewing 9 replies - 1 through 9 (of 9 total)
  • You must be logged in to reply to this topic.