ganelvi

I have intentionally set my server up to have WordPress use FTP. I liked having to type in the password to update for an extra layer of security. This meant I didn’t have to let the webserver’s user be able to write to all of the WordPress files.

But there’s always the tension between security and convenience and I’ve decided to give in to convenience for now. ??

I added define(‘FS_METHOD’,’direct’); to wp-config.php and set group permissions to be writeable and the update worked.

I’m marking this as resolved.

Your help is appreciated – I’m not blaming anyone either. Updates have gone smoothly for countless releases.

Nothing shows up in the error logs and it still happens without any plugins enabled.

I looked at the code this morning and here are a few things I found:

wp-admin/update-core.php

$version = isset( $_POST['version'] )? $_POST['version'] : false;
    $locale = isset( $_POST['locale'] )? $_POST['locale'] : 'en_US';
    $update = find_core_update( $version, $locale );
    if ( !$update )
        return;

On my systems, $version is empty and find_core_update returns false.

wp-admin/includes/update.php

$updates = $from_api->updates;
    foreach ( $updates as $update ) {
        if ( $update->current == $version && $update->locale == $locale )
            return $update;
    }
    return false; // Returns here

Since $version is empty and $update->current is not empty, it never returns an update. I used Chrome Developer tools to add a version field and set it to 4.1, like so:

<input name="version" type="hidden" value="4.1">

I verified it was set, but that still didn’t fix anything.

I enabled debugging but didn’t see anything related to the update. There are deprecated warnings about register_sidebar_widget() and has_cap() being called with user levels instead of roles and capabilities.

Your browser is probably clearing the cookies when it closes.

I’m glad to hear that. I’ve found it quite useful already, as the spam keeps rolling in.

I would choose to make that a configurable option, because I used relative links to my own site and just realized that means when the post shows up in RSS aggregators the links aren’t going to work. I came here trying to figure out how to search for a quote symbol.
I want to search for this: href=”/archives
But no matter how I escape the quote, it doesn’t seem to work. The HTML entity (%22) didn’t work either.

I was getting this error as well and to fix it I just added the following line:
$content = $wpdb->escape($content);
below the command on line 694:
$content = format_to_post($content);
Here’s the diff if I haven’t explained it well enough.
— post.php 2004-10-05 15:40:24.000000000 -0600
+++ newpost.php 2004-10-05 15:40:20.000000000 -0600
@@ -692,6 +692,7 @@
}
$content = balanceTags($content);
$content = format_to_post($content);
+ $content = $wpdb->escape($content);
$result = $wpdb->query(“
UPDATE $tablecomments SET

Glad I could help.

I had that happen when I didn’t have php-mysql installed.