Help! I cannot access Theme Editor file

castorand
(@castorand)

1 year, 11 months ago

Hi everyone.

I am new to the forum so I thank everyone for your help with this.

I installed a local wordpress website using Xampp. I am using the onepress theme and activated a onepress child theme. Everything is working fine but in the last 2 days when I click on the Theme file editor under Appearance to change the child’s theme css file I only get a blank page with the message “Sorry, that file cannot be edited.”.

I enabled debugging but I do not get any error in the debug.log

Could anyone help with this issue please?

Thank you so much

Viewing 9 replies - 1 through 9 (of 9 total)

mikechy
(@mikechy)

1 year, 11 months ago

Having the same issue with an Elementor Theme. Seems to be recent. Last update bug perhaps? are you running the latest WP version, 6.5.5?

Thread Starter castorand
(@castorand)

1 year, 11 months ago

Thank you mikechy.

I have thought about that too because everything was working fine with version 6.5.4. The issue seems to have started after the automatic update to 6.5.5.

Have you had any luck to resolve it?

Thread Starter castorand
(@castorand)

1 year, 11 months ago

Can anyone else help with this issue?

Thanks
john1971hun
(@john1971hun)

1 year, 11 months ago
Someone put this in \wp-includes\functions.php : function validate_file( … ):
```
// Normalize path for Windows servers
$file = wp_normalize_path( $file );
```
That changes the \ sign in $file to / sign, and so it doesn’t pass the $allowed_files check.

For example:
$file original = C:\wamp64\www\wordpress/wp-content/themes/astra-child/style.css
$file after wp_normalize_path -> C:/wamp64/www/wordpress/wp-content/themes/astra-child/style.css

$allowed_files = [style.css] => C:\wamp64\www\wordpress/wp-content/themes/astra-child/style.css

Quick solution: comment out the normalize in this function.
- This reply was modified 1 year, 11 months ago by john1971hun.
- This reply was modified 1 year, 11 months ago by john1971hun.
Thread Starter castorand
(@castorand)

1 year, 11 months ago

Thank you very much john1971hun!

That worked!

I presume this issue only applies to a local installation on PC?
john1971hun
(@john1971hun)

1 year, 11 months ago
Glad to hear it, @castorand !

Probably only in a windows environment on localhost or windows server. My website on linux on the same wordpress version is not affected.
- This reply was modified 1 year, 11 months ago by john1971hun.
Thread Starter castorand
(@castorand)

1 year, 11 months ago

That’s good to know @john1971hun. When I move the local website to the Linux server I will try to remove the change and hopefully it will work without the commented out line in a core file.

tai01
(@tai01)

1 year, 10 months ago

this is amazing, thanks.
saadchellah
(@saadchellah)

1 year, 10 months ago
change to this in \wp-includes/functions.php
```
    // Normalize path for Windows servers

    $file = wp_normalize_path( $file );

    // Normalize all allowed file paths

    $allowed_files = array_map( 'wp_normalize_path', $allowed_files );

    // ../ on its own is not allowed:

    if ( '../' === $file ) {

        return 1;

    }

    // More than one occurrence of ../ is not allowed:

    if ( preg_match_all( '#\.\./#', $file, $matches, PREG_SET_ORDER ) && ( count( $matches ) > 1 ) ) {

        return 1;

    }

    // ../ which does not occur at the end of the path is not allowed:

    if ( str_contains( $file, '../' ) && '../' !== mb_substr( $file, -3, 3 ) ) {

        return 1;

    }

    // Files not in the allowed file list are not allowed:

    if ( ! empty( $allowed_files ) && ! in_array( $file, $allowed_files, true ) ) {

        return 3;

    }

    // Absolute Windows drive paths are not allowed:

    if ( ':' === substr( $file, 1, 1 ) ) {

        return 2;

    }

    return 0;

}
```
- This reply was modified 1 year, 10 months ago by saadchellah.