Skip to content

Commit af55fd0

Browse files
Copilotswissspidy
andcommitted
Validate derived slugs from --dir option to prevent corrupted bootstrap.php
Co-authored-by: swissspidy <841956+swissspidy@users.noreply.github.com>
1 parent 191afb2 commit af55fd0

1 file changed

Lines changed: 8 additions & 7 deletions

File tree

src/Scaffold_Command.php

Lines changed: 8 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -828,13 +828,6 @@ private function scaffold_plugin_theme_tests( $args, $assoc_args, $type ) {
828828

829829
if ( ! empty( $args[0] ) ) {
830830
$slug = $args[0];
831-
if ( in_array( $slug, [ '.', '..' ], true ) ) {
832-
WP_CLI::error( "Invalid {$type} slug specified. The slug cannot be '.' or '..'." );
833-
}
834-
// Validate slug contains only alphanumeric characters, underscores, and dashes.
835-
if ( ! preg_match( '/^[a-zA-Z0-9_-]+$/', $slug ) ) {
836-
WP_CLI::error( "Invalid {$type} slug specified. The slug can only contain alphanumeric characters, underscores, and dashes." );
837-
}
838831
if ( 'theme' === $type ) {
839832
$theme = wp_get_theme( $slug );
840833
if ( $theme->exists() ) {
@@ -869,6 +862,14 @@ private function scaffold_plugin_theme_tests( $args, $assoc_args, $type ) {
869862
WP_CLI::error( "Invalid {$type} specified." );
870863
}
871864

865+
// Validate slug contains only alphanumeric characters, underscores, and dashes.
866+
if ( in_array( $slug, [ '.', '..' ], true ) ) {
867+
WP_CLI::error( "Invalid {$type} slug specified. The slug cannot be '.' or '..'." );
868+
}
869+
if ( ! preg_match( '/^[a-zA-Z0-9_-]+$/', $slug ) ) {
870+
WP_CLI::error( "Invalid {$type} slug specified. The slug can only contain alphanumeric characters, underscores, and dashes." );
871+
}
872+
872873
$name = ucwords( str_replace( '-', ' ', $slug ) );
873874
$package = str_replace( ' ', '_', $name );
874875

0 commit comments

Comments
 (0)