WordPress inconsistently parsing “template name: xxx” in template files

I started developing a custom theme for wordpress and I noticed an evident bug, which seems strange to me given the ‘size’ and popularity of WordPress.

WordPress uses a convention so that files named like page_mytemplatename.php are considered “page templates” and are parsed in order to populate the “Template” dropdown in page edit options.

Read More

It is known, intended and documented that writing a comment in a page template file stating

/* Template Name: myCustomTemplateNameHere */

tells wordpress to add “myCustomTemplateNameHere” to the dropdown.

Now… I would expect wordpress to be smart enough to look for the “Template Name: xxxx” pattern only in the first comment (and only if the first comment is the first thing at all in the .php file!) but instead I found that writing “template name: xxxxxxx” somewhere in ANY template OR in any file which is INCLUDED via ‘include’ or ‘require’ directive, causes wordpress to actually populate the menu with wathever garbage is written after the colon, even php code itself!

for example, a statement like this, in the middle of a file even indirectly included by ‘include’ directive

echo "current template name: " . $tpl_name;

will cause the appearance of a ” . $tpl_name; template in the dropdown!

To my opinion, this seems totally unckecked and may lead to security issues in wordpress! this could potentially lead to some sort of injection, even thou I must admit it would be tricky to get there…

anyway, the fact that we seem not to be free to write a comment like

/* writing template name: namehere would cause wordpress to populate a dropdown */

or even writing code containing the sequence of characters “Template name: xxxx” without actually causing the side effect sounds like a bug to me.

also, I noticed it happens even if template name: xxxx is written inside included or required files… why this happens. does wordppress parse ALL files or even look for includes and parse included files? this would seem tricky and terribly wrong to me!

did I manage to show my point?

I am running WordPress 4.3.1 (pretty much the latest at the time of this writing)

can someone confirm this to be a bug I should keep in mind while I write my theme?

thank you.

Related posts

1 comment

  1. I’ve run some experiments in WordPress 4.3.1, and the following are my results:

    As intended / you would expect, comments in this form, anywhere on a page:

    <?php
    /**
     * Template Name:  $foobar;
     */
    ?>
    

    result: Does get listed as a template

    Straight html in a page template:

    template name: foobar
    

    result: does get listed as a template

    PHP code as a comment, like so:

    <?php
    /**
     * echo 'Template Name:' . $foobar;
     */
    ?>
    

    result: does get listed as a template

    PHP code NOT as a comment, like so:

    <?php
    
    echo 'Template Name:' . $foobar;
    
    ?>
    

    result: surprisingly, this DOES get listed as a template (the template name listed is ' . $foobar;)

    Examining the WP core code that parses templates, it loads all .php files in the theme, and then looks for the following regular expression in the contents of the PHP:

    preg_match( '|Template Name:(.*)$|mi', file_get_contents(...))
    

    Conclusion:

    1. This is clearly the way the code is written to work.
    2. This is probably not a bug. How is it problematic to list files in the Template select dropdown that aren’t templates?
    3. Avoid using that key phrase in your files (“Template Name:”) and it will avoid showing incorrect template names in the dropdown.

Comments are closed.