[#32026] - [4] Possible to delete templates index.php file
- Closed
- 14 Jan 2021
- Medium
- Build: staging
- # 32026
Steps to reproduce the issue
forked from comment #31710 (comment)
Screen.Recording.2021-01-13.at.09.42.37.am.mp4
Expected result
It should be impossible to delete index.php in the web interface, like it is impossible to delete joomla.asset.json
Actual result
index.php can be deleted - see video.
System information (as much as possible)
Additional comments
// @wilsonge
joomla-cms-bot
- | Labels |
Added:
?
|
||
The problem would be that if you prevent someone deleting the file you also prevent them renaming the file so that they can create a completely new index.php perhaps for a new template design
You don't rename index.php, you copy it to create a new file.
A site with no active template index.php will be down, and in be in error.
A site with no active template index.php will be down, and in be in error.
Only if its the template in use
wilsonge
- | Status | New | ⇒ | Closed |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2021-01-14 12:56:27 |
| Closed_By | ⇒ | wilsonge |
Confirmed fixed
And to be clear @brianteeman I was not asking for a new feature, I was reporting that an existing feature was no longer working and was broken.
The code was already there
if (base64_decode(urldecode($file)) == '/index.php')
{
$this->setMessage(Text::_('COM_TEMPLATES_ERROR_INDEX_DELETE'), 'warning');
$url = 'index.php?option=com_templates&view=template&id=' . $id . '&file=' . $file;
$this->setRedirect(Route::_($url, false));
}
The feature to prevent index.php being deleted was added in 2013 - gulp
03-Oct-2013 Michael Babker
+ [#31266] GSoC 2013 - Improved Template Manager. Thanks Ram Tripathi
I'm impressed that we try to save the user doing dumb things but OK if we protect the Json we also should protect the index.php, beside that you already said that the language file mentions the wrong filename. Should be an easy fix.