RangerPretzel

Sounds to me like your server has a rootkit installed.

Is this your server? or is this on a host provider?

I have not posted the source code, mostly because I wrote the bulk of the program in the space of an hour or two. As such, I didn’t spend much time organizing it. I would want to clean/tighten up the code before releasing it.

As for how it works, it’s quite simple.

I decided that I would create a class that had a “header”, a List of “Items” and a “footer”. The code opens the file stream and reads forward until it hits the first <ITEM> tag that it finds. This becomes the “header”.

After that, it grabs every <ITEM> and stuffs each one into a list/array. Then anything beyond the last ITEM becomes the “footer”.

Once all of that is loaded into memory, it’s easy to create new WXR files. Just write out, say, the header, 1 thru 100 items, and the footer. Repeat for 100 thru 199, etc. etc.

Hello Mortfiles,
I just literally just authored a WXR file splitter for Windows! It’s only modestly tested, but it does appear to work fine — well, for me anyway.

If you’d like to give it a shot, I’d appreciate any feedback.

You can find the download here: https://www.rangerpretzel.com/content/view/20/1/

Cheers!

Anyone? Surely, I’m not the only one trying to export from the WordPress website and import into my own host provider running the WordPress software running into this problem. Right?

Ok, so it sounds like you’ve taken proper precautions.

It’s not so much the HTML. It is the PHP mechanism for submitting things and/or things that call the DB.

When you submit, say, a new post via WordPress’s mechanism, the PHP code is *supposed* to strip out any possible SQL code or anything else that could maliciously cause a SQL injection attack to occur, but of course, programmers working late or what-not can inadvertently create bugs which can be exploited.

What I would do if I were you is Google “harden wordpress” and see what you come up with. I imagine there are a few good articles out there on how to minimize or mitigate attacks/exploits against WordPress.

Any number of ways:
– weak password (a strong password has many letters, numbers, and characters)
– used a public terminal that had spyware on it (captured your password)
– spyware on your own personal PC (do you have anti-virus/anti-spyware on your own PC? I’m a fan of Avast.)
– SQL injection attack (theoretically WP might have a flaw in its design that the hackers are exploiting)

WordPress sites can be determined/identified typically just by unique signatures found in the HTML.

Hi Shane,
I already tried breaking the WXR file into smaller ones (as listed above.) It imported the Tags and Categories, but none of the posts.

php.ini is already modified per mdisanto’s recommendation.

.htaccess does not work for me as the host provider does not run PHP as a module.

I’ll try hacking the wp-config.php file, although the php.ini file should already take care of this…

Thanks.

Ok, so I created a shortened version (750KB) of the WXR file and it uploads quickly and gives me the “users” screen where I assign the entries to the admin and then click “submit”. It does its thing for a few seconds and says “done”.

But when I check the Posts? Still nothing.

Btw, she’s uploading a 31MB file.

My friend has a popular WordPress blog on WordPress’s site and she’s trying to move her site over to hosting on another hosting provider with her own domain name, etc.

We’ve got the WordPress PHP software installed and even altered the php.ini file so that it raises the upload limit to 64MB (per mdisanto’s recommendation.) And I’ve verified that when we do the WXR import, the WXR/XML file actually ends up in the “uploads” directory, but once it finishes uploading, nothing happens. We never reach the “users” screen.

Any updates on this issue?