Title: sofaking21's Replies | WordPress.org

---

# sofaking21

  [  ](https://wordpress.org/support/users/sofaking21/)

 *   [Profile](https://wordpress.org/support/users/sofaking21/)
 *   [Topics Started](https://wordpress.org/support/users/sofaking21/topics/)
 *   [Replies Created](https://wordpress.org/support/users/sofaking21/replies/)
 *   [Reviews Written](https://wordpress.org/support/users/sofaking21/reviews/)
 *   [Topics Replied To](https://wordpress.org/support/users/sofaking21/replied-to/)
 *   [Engagements](https://wordpress.org/support/users/sofaking21/engagements/)
 *   [Favorites](https://wordpress.org/support/users/sofaking21/favorites/)

 Search replies:

## Forum Replies Created

Viewing 15 replies - 1 through 15 (of 21 total)

1 [2](https://wordpress.org/support/users/sofaking21/replies/page/2/?output_format=md)
[→](https://wordpress.org/support/users/sofaking21/replies/page/2/?output_format=md)

 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [Hacked By BevolfTR WwW.MilliKuvvetler.Net](https://wordpress.org/support/topic/hacked-by-bevolftr-wwwmillikuvvetlernet/)
 *  [sofaking21](https://wordpress.org/support/users/sofaking21/)
 * (@sofaking21)
 * [14 years, 3 months ago](https://wordpress.org/support/topic/hacked-by-bevolftr-wwwmillikuvvetlernet/#post-2453213)
 * A quick search yielded nothing for me. Are you using any other plugins? Is there
   a timthumb.php file in your theme’s libraries or anything like that? Do you have
   a link to where you downloaded the plugin?
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [Unable to upload media](https://wordpress.org/support/topic/unable-to-upload-media-8/)
 *  [sofaking21](https://wordpress.org/support/users/sofaking21/)
 * (@sofaking21)
 * [14 years, 3 months ago](https://wordpress.org/support/topic/unable-to-upload-media-8/#post-2451836)
 * That’s not a stupid question at all. If you don’t have access to the actual operating
   system, then you will likely have to contact your host. It’s possible that they
   tweaked something on their side and it had minor consequences (like messing up
   file system permissions) that they didn’t fully anticipate.
 * The error you indicated in your original post should give them all the information
   they need to correct the issue.
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [Simple question](https://wordpress.org/support/topic/simple-question-15/)
 *  [sofaking21](https://wordpress.org/support/users/sofaking21/)
 * (@sofaking21)
 * [14 years, 3 months ago](https://wordpress.org/support/topic/simple-question-15/#post-2451199)
 * Excerpts. Hopefully your theme supports them and would display the_excerpt().
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [Unable to upload media](https://wordpress.org/support/topic/unable-to-upload-media-8/)
 *  [sofaking21](https://wordpress.org/support/users/sofaking21/)
 * (@sofaking21)
 * [14 years, 3 months ago](https://wordpress.org/support/topic/unable-to-upload-media-8/#post-2451819)
 * The user account for your web server does not have sufficient permissions to 
   the wp-content folder.
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [Launching New Site TOMORROW and can't save changes](https://wordpress.org/support/topic/launching-new-site-tomorrow-and-cant-save-changes/)
 *  [sofaking21](https://wordpress.org/support/users/sofaking21/)
 * (@sofaking21)
 * [14 years, 3 months ago](https://wordpress.org/support/topic/launching-new-site-tomorrow-and-cant-save-changes/#post-2452594)
 * I’m assuming the same result after changing themes to Twenty Eleven?
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [Fatal Error](https://wordpress.org/support/topic/fatal-error-417/)
 *  [sofaking21](https://wordpress.org/support/users/sofaking21/)
 * (@sofaking21)
 * [14 years, 3 months ago](https://wordpress.org/support/topic/fatal-error-417/#post-2452497)
 * FTP in and move or remove the folder that contains that plugin.
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [Fatal Error](https://wordpress.org/support/topic/fatal-error-417/)
 *  [sofaking21](https://wordpress.org/support/users/sofaking21/)
 * (@sofaking21)
 * [14 years, 3 months ago](https://wordpress.org/support/topic/fatal-error-417/#post-2452494)
 * You just answered your own question. Disable the Events Manager plugin. You may
   not want to use that plugin anyway: there’s a documented XSS attack against version
   3.1.2 of Events Manager Extended.
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [Launching New Site TOMORROW and can't save changes](https://wordpress.org/support/topic/launching-new-site-tomorrow-and-cant-save-changes/)
 *  [sofaking21](https://wordpress.org/support/users/sofaking21/)
 * (@sofaking21)
 * [14 years, 3 months ago](https://wordpress.org/support/topic/launching-new-site-tomorrow-and-cant-save-changes/#post-2452491)
 * Standard troubleshooting is pretty important on a new release. Disable ALL your
   plugins including any plugins in your mu-plugins folder. If the same behavior
   persists, change your theme to the Twenty Eleven theme and test.
 * If it’s a plugin, start turning them back one one at a time until you find the
   offender. Also, checking your PHP error logs may be a good place to start.
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [IIS7 Plugin Hell](https://wordpress.org/support/topic/iis7-plugin-hell/)
 *  [sofaking21](https://wordpress.org/support/users/sofaking21/)
 * (@sofaking21)
 * [14 years, 4 months ago](https://wordpress.org/support/topic/iis7-plugin-hell/#post-2437199)
 * Is this a production environment? I’d run PROCMON and monitor where it’s failing.
   It really sounds like a permissions issue to me.
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [IIS7 Plugin Hell](https://wordpress.org/support/topic/iis7-plugin-hell/)
 *  [sofaking21](https://wordpress.org/support/users/sofaking21/)
 * (@sofaking21)
 * [14 years, 4 months ago](https://wordpress.org/support/topic/iis7-plugin-hell/#post-2437105)
 * Here’s my preferred method: run your application pool under a service account.
   Then, make sure that anonymous authentication uses the application pool identity
   instead of impersonating IUSR. Then, set up all your NTFS (and share permissions
   if you’re using DFS or some other network share) for the service account. I only
   allow full permissions for the wp-content folder; everything else is read/execute.
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [Commenter Cookies](https://wordpress.org/support/topic/commenter-cookies/)
 *  Thread Starter [sofaking21](https://wordpress.org/support/users/sofaking21/)
 * (@sofaking21)
 * [14 years, 6 months ago](https://wordpress.org/support/topic/commenter-cookies/#post-2319723)
 * I tried the following, but it didn’t work. WordPress is still reading and using
   the cookie to fill in the value of the field.
 *     ```
       <?php
       if( ! function_exists('wp_get_current_commenter') ) {
       	function wp_get_current_commenter() {
       		$comment_author = '';
       		$comment_author_email = '';
       		$comment_author_url = '';
   
       		return apply_filters('wp_get_current_commenter', compact('comment_author', 'comment_author_email', 'comment_author_url'));
       	}
       }
       ?>
       ```
   
 * Any help here would be greatly appreciated.
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [Commenter Cookies](https://wordpress.org/support/topic/commenter-cookies/)
 *  Thread Starter [sofaking21](https://wordpress.org/support/users/sofaking21/)
 * (@sofaking21)
 * [14 years, 6 months ago](https://wordpress.org/support/topic/commenter-cookies/#post-2319715)
 * You are correct, the cookies are stored on the commenter’s computer. That’s not
   the issue. Here are the steps I used to verify this:
 * 1. I did an nslookup on my site and got the edge server IP that I would be hitting.
   Just to make sure I didn’t hop edge servers, I made a hosts entry to point my
   site to that IP.
    2. I then contacted someone half-way across the country and
   told this person to make the same hosts entry. 3. I went to a post and left a
   comment, thereby setting the cookies on my local machine. 4. I navigated to another
   post, scrolled down to verify that my information was pre-filled into the post.
   5. I then told my guinea pig to navigate to the second post. 6. I asked this 
   person to tell me if anything was filled into the comment form. When he said 
   yes, I asked him to read it to me. Successful test: Fatty McButterpants was in
   the name field and [fatty@mcbutterpants.com](https://wordpress.org/support/users/sofaking21/replies/fatty@mcbutterpants.com?output_format=md)
   was in the email field.
 * The tester and I are on completely separate networks with no proxies in between.
   So, as you can see, WordPress reads the information in the cookies, then delivers
   the form as flat HTML with the values pre-filled. All of this gets cached because
   it is being delivered as flat HTML.
 * There seems to be a couple of places of interest. The first is in wp-includes/
   theme-compat/comments.php:
 *     ```
       <p><input type="text" name="author" id="author" value="<?php echo esc_attr($comment_author); ?>" size="22" tabindex="1" <?php if ($req) echo "aria-required='true'"; ?> />
       <label for="author"><small><?php _e('Name'); ?> <?php if ($req) _e('(required)'); ?></small></label></p>
   
       <p><input type="text" name="email" id="email" value="<?php echo esc_attr($comment_author_email); ?>" size="22" tabindex="2" <?php if ($req) echo "aria-required='true'"; ?> />
       <label for="email"><small><?php _e('Mail (will not be published)'); ?> <?php if ($req) _e('(required)'); ?></small></label></p>
   
       <p><input type="text" name="url" id="url" value="<?php echo  esc_attr($comment_author_url); ?>" size="22" tabindex="3" />
       <label for="url"><small><?php _e('Website'); ?></small></label></p>
       ```
   
 * Alternatively in wp-includes/comment-template.php there is this:
    `$commenter
   = get_current_commenter();` and `foreach ( (array) $args['fields'] as $name =
   > $field ) { echo apply_filters( "comment_form_field_{$name}", $field ) . "\n";}`
 * I can’t find the filters indicated in the loop, so my next thought is to attack
   the wp_get_current_commenter() function. If I override this function in my mu-
   plugins to make this function basically do nothing, this should break WordPress
   from even reading the cookies with no major repercussions, correct?
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [Commenter Cookies](https://wordpress.org/support/topic/commenter-cookies/)
 *  Thread Starter [sofaking21](https://wordpress.org/support/users/sofaking21/)
 * (@sofaking21)
 * [14 years, 6 months ago](https://wordpress.org/support/topic/commenter-cookies/#post-2319661)
 * It’s a WordPress “feature” causing a server cache problem. In theory, it should
   be easy for me to tell WordPress to not set the commenter cookies.
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [Commenter Cookies](https://wordpress.org/support/topic/commenter-cookies/)
 *  Thread Starter [sofaking21](https://wordpress.org/support/users/sofaking21/)
 * (@sofaking21)
 * [14 years, 6 months ago](https://wordpress.org/support/topic/commenter-cookies/#post-2319483)
 * My site uses a content delivery network to attempt to take some of the load off
   our servers. Here’s what happens: user A visits a post and makes a comment, thereby
   having the comment cookies set. Now, user A navigates to another post which pre-
   fills the name and email address in the form. User B now visits this second post
   and because it’s cached by the CDN, user B now sees User A’s information. I need
   to keep this from happening.
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [Fatal Error – I have googled and searched forum](https://wordpress.org/support/topic/fatal-error-i-have-googled-and-searched-forum/)
 *  [sofaking21](https://wordpress.org/support/users/sofaking21/)
 * (@sofaking21)
 * [14 years, 11 months ago](https://wordpress.org/support/topic/fatal-error-i-have-googled-and-searched-forum/#post-2049697)
 * Contact your host. You are exceding the amount of memory allocated to PHP.

Viewing 15 replies - 1 through 15 (of 21 total)

1 [2](https://wordpress.org/support/users/sofaking21/replies/page/2/?output_format=md)
[→](https://wordpress.org/support/users/sofaking21/replies/page/2/?output_format=md)