Exclude file from theme editor

In general I wouldn’t recommend editing files that way and just disable it with the well known DISALLOW_FILE_EDIT or DISALLOW_FILE_MODS constants, that are checked within the map_meta_cap() function.

But anyway it’s interesting to see if we can find a way to exclude files from the theme editor. Here are some ideas:

There doesn’t seem to be an explicit filter on the allowed files used in the theme editor:

$allowed_files = $theme->get_files( 'php', 1 );
$has_templates = ! empty( $allowed_files );
$style_files = $theme->get_files( 'css' );
$allowed_files['style.css'] = $style_files['style.css'];
$allowed_files += $style_files;

But we could stop the file from being updated with:

Example #1

add_action( 'check_admin_referer', function( $action, $result )
{   
    // Edit this to your needs
    $locked_file="404.php";
    $locked_theme="twentyfifteen";

    // Disallow editing for this file
    if( 
           false !== strpos( $action, 'edit-theme_' ) 
        && false !== strpos( $action, $locked_theme . "https://wordpress.stackexchange.com/" . $locked_file ) 
    ) 
        wp_die( __( "Sorry, you can't edit this file!" ) );

}, 10, 2 );

Note that I’m being rather lazy here with the file/theme check, so that could be improved 😉

Now the error message only shows up after we have edited the file and pressed the

Update File button. That could be frustrated user experience.

We could instead halt the screen-output as soon as we click on the file edit link. That’s not great user experience either, but better than the other one.

So we could add this to the previous example:

Example #2

Here we disable the edit_theme capability, for all users, on the theme-editor.php screen, when the GET parameters file and theme have certain values.

add_action( 'load-theme-editor.php', function()
{   
    add_filter( 'user_has_cap', function( $allcaps, $caps, $args, $wp_user )
    {
        // Edit this to your needs
        $locked_file="404.php";
        $locked_theme="twentyfifteen";

        // Disallow editing for this file
        $file   = filter_input( INPUT_GET, 'file', FILTER_SANITIZE_STRING );
        $theme  = filter_input( INPUT_GET, 'theme', FILTER_SANITIZE_STRING );       
        if( 
               isset( $allcaps['edit_themes'] ) 
            && $locked_file === $file 
            && $locked_theme === $theme 
            && isset( $args[0] ) 
            && 'edit_themes' === $args[0] 
            && isset( $args[1] ) 
            && 1 == $args[1] 
        )
            $allcaps['edit_themes'] = 0;

        return $allcaps;
    }, 10, 4 );
});

or use the map_meta_cap filter instead. But this looks rather complicated so let’s just simplify it to this:

add_action( 'load-theme-editor.php', function()
{   
    // Edit this to your needs
    $locked_file="404.php";
    $locked_theme="twentyfifteen";

    // Disallow editing for this file
    $file   = filter_input( INPUT_GET, 'file', FILTER_SANITIZE_STRING );
    $theme  = filter_input( INPUT_GET, 'theme', FILTER_SANITIZE_STRING );

    if( 
          $locked_file === $file 
        && $locked_theme === $theme 
    )
        wp_die( __( "Sorry, you can't edit this file!" ) );

});

Another approach would be to remove the files from the select box with Javascript.

Related Posts:

  1. how to add version of style.css in wordpress
  2. What is the role and history of the $content_width global variable?
  3. Override parent theme translation on child theme
  4. Add a page outside of the current theme?
  5. How to create a live demo page for a theme? [closed]
  6. Is it possible to stop a theme activation when a certain plugin is not activated
  7. add image size still doesn’t work even after regenerating thumbnails
  8. Using chunk theme from wordpress.com on my own host
  9. What is the first file wordpress looks at in a theme?
  10. Duplicate and change a Theme Widget
  11. Best location for theme translation files
  12. Two Navigation Menus in Themes Produce the same menus?
  13. Move custom code out of theme’s functions.php file
  14. Error message “The page you are looking for is temporarily unavailable.” after editing a file [closed]
  15. Adding goodies to themes
  16. A hook that runs only when the theme is previewed
  17. WordPress theme with multiple color schemes
  18. How can I have case-sensitive theme directory names when installed with Composer?
  19. Theme information in style.css being corrupted
  20. Toolbar/topbar missing on homepage only?
  21. Two Navigation Menus – secondary nav is including main nav
  22. Themes—Child Themes
  23. Protect changes made to the theme when updating
  24. When can changing a theme damage a website?
  25. how to add custom fields in page
  26. My scripts-bundle.js file is getting sent to the browser as a stylesheet css file. Help!
  27. What is the major difference between child theme and normal theme
  28. variables in translatable text
  29. Load a different theme for IE less than 9
  30. Theme Check reporting an incorrect theme slug and text domain
  31. Style the archives/category sidebar widget via theme
  32. I get the following message The uploaded file could not be moved to /home/reascom/public_html/wp-content/uploads/2012/07 [closed]
  33. Custom CSS doesn’t work in edit mode
  34. Remove transparancy in Sydney theme’s headerimage
  35. Twenty fifteen theme – change responsive menu condition
  36. Getting 503 on various files
  37. Port existing Bootstrap site to WordPress?
  38. stylesheet is not readable error after installation
  39. Updating / Transferring site
  40. Putting two themes together to create a complete site
  41. How to dynamically change theme’s slogan from admin?
  42. Using WordPress Multisite to manage multiple projects?
  43. Icons not showing [closed]
  44. Adding Sidebars in WordPress Theme
  45. Error 404 for JQuery import “jquery-1.10.2.min.map”
  46. Passing dynamic options from backend to frontend
  47. simplified explanation on child themes?
  48. Calling external Libraries in WordPress
  49. Using the same database on another Subdomain
  50. WP HTML Templates – Any way to get bloginfo() or the path to the theme folder?
  51. Theme javascript/css 404
  52. How to add more default colors?
  53. On a Https site, Css and Js Url are back to http after redirect the site
  54. Theme folder doesnt exist
  55. WordPress activate theme error $pagenow
  56. Increase content area width in TwentyFourteen [closed]
  57. How to use only scripts from new theme?
  58. Undefined variable error in theme option after updating theme [closed]
  59. Comments not displaying after changing theme
  60. Theme Translation?
  61. Two column layout in WordPress?
  62. List of categories instead of dropdown menu selector in admin options
  63. WordPress doesn’t recognise created theme
  64. How can I show some standard html code across any theme I install?
  65. Losing theme customization when switching from a theme to a child
  66. Problem of not changing the front and bottom of the Woodmart template by activating the really simple ssl pro plugin in WordPress
  67. Please help me clear my confusions about WordPress
  68. Why does an ad page open when I browse my websites’s wp-admin page?
  69. What is the correct way to set up a staging server and use github for version control?
  70. How do I use the default style for widget?
  71. WordPress fails to embed video URL on specific theme
  72. Unable to set social icons using Advance Portfolio Theme
  73. How to add extra custom social icons to page with same style?
  74. How can I theme or style the lost password page without a plugin?
  75. Dynamic image for Jumbotron on WordPress Custom Theme
  76. How to implement theme option to change bootstrap 4 container from .container to .container-fluid
  77. how make wp include urls as https?
  78. how to costume title single page
  79. use a Thumbnail size in post
  80. Why does WordPress Editor Only Use Half the Box?
  81. 500 Internal Errors
  82. Installing Theme from uploaded file. Not uploaded theme?
  83. Where can I find a theme that has a big banner
  84. Strange Theme Error – parent style occasionally showing though child theme
  85. WordPress theme not updating in Other browsers
  86. WP-CLI wp theme install url PCLZIP_ERR_BAD_FORMAT (-10) : Unable to find End of Central Dir Record signature
  87. Site broken after deleting inactive themes [closed]
  88. Can i add wordpress editor to my custom theme option? [closed]
  89. Where do URI files come from?
  90. Converting HTML5 to XHTML
  91. Best way to include pagination in a theme [closed]
  92. What happens to bespoke page template references on theme change?
  93. Stylesheet not being loaded? [closed]
  94. How to change the standard width of a page
  95. Where can I decide the number of posts to display on the blog index page?
  96. I need to disable responsive feature of a theme called Meet GavernWP [closed]
  97. how to add dynamic footer credit in Greatmag theme [closed]
  98. Absolute and relative paths
  99. Help!!! Old theme doesn’t load scripts and conflitcs with plugins
  100. Fatal error Class-wp-hook, again, but not sure what’s triggering it

Leave a Comment