From c1676ef38e65703cfbb658757ac73dbd0f1c238b Mon Sep 17 00:00:00 2001
From: Matt Mullenweg <matt@git.wordpress.org>
Date: Tue, 14 Dec 2004 09:45:49 +0000
Subject: [PATCH] Don't allow viewing/editing of wp-config.php through web
 interface.

git-svn-id: https://develop.svn.wordpress.org/trunk@1956 602fd350-edb4-49c9-b593-d223f7449a82
---
 wp-admin/templates.php | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/wp-admin/templates.php b/wp-admin/templates.php
index 9d04906f92..fa87d045e9 100644
--- a/wp-admin/templates.php
+++ b/wp-admin/templates.php
@@ -51,9 +51,11 @@ break;
 default:
 
 	require_once('./admin-header.php');
-	if ($user_level <= 5) {
+	if ( $user_level <= 5 )
 		die(__('<p>You have do not have sufficient permissions to edit templates for this blog.</p>'));
-	}
+
+	if ( strstr( $file, 'wp-config.php' ) )
+		die( __('<p>The config file cannot be edited or viewed through the web interface. Sorry!</p>') );
 
 	update_recently_edited($file);