WordPress.org

Forums

Snitch
Backslashes are stripped in filename on Windows system (1 post)

  1. Ov3rfly
    Member
    Posted 2 years ago #

    Example output at "Herkunftsdatei" (from file):

    WordPress: Core
    /C:Dokumente und EinstellungenUserEigene Dateienexample.comwp-includescron.php:253

    Tracked down the problem...

    Example $meta data passed to insert_post($meta):

    Array
    (
        [url] => http://example.com/wp-cron.php?doing_wp_cron=1361230108.2317440509796142578125
        [code] =>
        [host] => example.com
        [file] => C:\Dokumente und Einstellungen\User\Eigene Dateien\example.com\wp-includes\cron.php
        [line] => 253
        [meta] => Array
            (
                [type] => WordPress
                [name] => Core
            )
    
        [state] => -1
    )

    With this data insert_post(..) uses WordPress API add_post_meta(..) which uses add_metadata(..) which does $meta_value = stripslashes_deep($meta_value); which strips the single backslashes, and boom, the filename is stored in db without backslashes.

    Looking at the current WordPress 3.6-alpha source it seems that add_post_meta() with "expected slashed" data will be replaced by a wp_add_post_meta() which then "expects unslashed" data...

    Current 1.0.3 snitch_cpt.class.php in function insert_post($meta), line 650

    /* Add meta values */
    foreach($meta as $key => $value) {
    	add_post_meta(
    		$post_id,
    		'_snitch_' .$key,
    		$value,
    		true
    	);
    }

    Possible quickfix, works here, might need more/better conditions when to apply...

    /* Add meta values */
    foreach($meta as $key => $value) {
    	if ($key == 'file' && DIRECTORY_SEPARATOR == '\\')
    		$value = addslashes($value);
    	add_post_meta(
    		$post_id,
    		'_snitch_' .$key,
    		$value,
    		true
    	);
    }

    Example output at "Herkunftsdatei" (from file) with the quickfix in place:

    WordPress: Core
    /C:\Dokumente und Einstellungen\User\Eigene Dateien\example.com\wp-includes\cron.php:253

    Another small bug can be observed here, a leading slash / is hardcoded in front of the filename in code tag:
    snitch_cpt.class.php in function _html_file($post_id), line 487

    echo sprintf(
    	'<div><p class="label blacklisted_%s"></p>%s: %s<br /><code>/%s:%d</code><div class="row-actions">%s</div></div>',

    http://wordpress.org/extend/plugins/snitch/

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • Snitch
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic