Making WordPress.org

Changeset 3408


Ignore:
Timestamp:
06/17/2016 11:44:08 AM (8 years ago)
Author:
obenland
Message:

Plugin Directory: Combine 404 redirect checks.

Fixes a bug where disabled plugins would cause a redirect loop for logged-out
users.

See [3377].

File:
1 edited

Legend:

Unmodified
Added
Removed
  • sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/class-plugin-directory.php

    r3385 r3408  
    3030        add_filter( 'rest_api_allowed_post_types', array( $this, 'filter_allowed_post_types' ) );
    3131        add_filter( 'pre_update_option_jetpack_options', array( $this, 'filter_jetpack_options' ) );
    32         add_action( 'template_redirect', array( $this, 'redirect_hidden_plugins' ) );
    3332        add_action( 'template_redirect', array( $this, 'prevent_canonical_for_plugins' ), 9 );
    3433        add_action( 'template_redirect', array( $this, 'redirect_old_plugin_urls' ) );
     
    547546
    548547    /**
    549      * Redirects Committers and Admins to a plugin's edit page if it's disabled or closed.
    550      */
    551     public function redirect_hidden_plugins() {
    552         if ( ! is_404() ) {
    553             return;
    554         }
    555 
    556         $post = self::get_plugin_post( get_query_var( 'name', false ) );
    557 
    558         if ( $post instanceof \WP_Post && in_array( $post->post_status, array( 'disabled', 'closed' ), true ) && current_user_can( 'edit_post', $post ) ) {
    559             wp_safe_redirect( add_query_arg( array( 'post' => $post->ID, 'action' => 'edit' ), admin_url( 'post.php' ) ) );
    560             die();
    561         }
    562     }
    563 
    564     /**
    565548     * Prevents Canonical redirecting to other plugins on 404's.
    566549     */
     
    580563            die();
    581564        }
    582 
    583565        // We don't have attachments, but /$plugin/random() will hit this check.
    584566        if ( is_404() ) {
     567
    585568            // [1] => plugins [2] => example-plugin-name [2..] => random()
    586569            $plugin_slug = explode( '/', $_SERVER['REQUEST_URI'] )[2];
     570
    587571            if ( $plugin = self::get_plugin_post( $plugin_slug ) ) {
    588                 wp_safe_redirect( get_permalink( $plugin->ID ) );
    589                 die();
     572                $is_disabled = in_array( $plugin->post_status, array( 'disabled', 'closed' ), true );
     573
     574                if ( $is_disabled && current_user_can( 'edit_post', $plugin ) ) {
     575                    wp_safe_redirect( add_query_arg( array( 'post' => $plugin->ID, 'action' => 'edit' ), admin_url( 'post.php' ) ) );
     576                    die();
     577                } else if ( ! $is_disabled ) {
     578                    wp_safe_redirect( get_permalink( $plugin->ID ) );
     579                    die();
     580                }
    590581            }
    591582        }
Note: See TracChangeset for help on using the changeset viewer.