[wp-hackers] Bug in wp_upload_bits?

Peter Westwood peter.westwood at ftwr.co.uk
Tue Nov 28 09:43:15 GMT 2006 

Hi Steve,

On Mon, November 27, 2006 6:16 pm, Lloyd Budd wrote:
> On 11/27/06, Steve Winton <stevewinton at gmail.com> wrote:
>> I've been playing around with XML-RPC calls today, trying to upload a
>> new media object (i.e. an MP3 file) using the
>> metaWeblog.newMediaObject procedure, and I think I may have stumbled
>> across a bug.
>>
>> Basically the content of the media file being uploaded needs to be
>> base64 encoded at the client end, but at the server end,
>> wp_upload_bits isn't base64-decoding the content again.
>>
>> I'm using WP 2.0.5, and the following fix, on line 957 of
>> functions-post.php works for me:
>>
>>         $success = @ fwrite($ifp, base64_decode($bits));
>>
>> Any thoughts/comments on this change?
>
> I do not understand the technical details, but I recall I similar
> thread "XMLRPC and the patch"
> http://comox.textdrive.com/pipermail/wp-hackers/2006-October/009397.html
> recently where Peter Westwood wrote:
>
>
> In xmlrpc.php (http://trac.wordpress.org/browser/trunk/xmlrpc.php) we
> define a new class:
>
> class wp_xmlrpc_server extends IXR_Server {
> 	function wp_xmlrpc_server() {
>
> And then instatiate it thereby executing it's constructor:
> $wp_xmlrpc_server = new wp_xmlrpc_server();
>
> This is turn calls the constuctor of the base class:
> $this->IXR_Server($this->methods);
>
>
> In the base class constructor from
> (http://trac.wordpress.org/browser/trunk/wp-includes/class-IXR.php):
>
>     function IXR_Server($callbacks = false, $data = false) {
>         ...
>         $this->serve($data);
>     }
>     function serve($data = false) {
>         ...
>         $this->message = new IXR_Message($data);
>         if (!$this->message->parse()) {
>
> The IXR_Mesage class parsing code handles the base64 encoded field as
> follows:
>
>     function tag_close($parser, $tag) {
>         $valueFlag = false;
>         switch($tag) {
> 	    ...
>             case 'base64':
>                 $value = base64_decode( trim( $this->_currentTagContents
> ) );
>                 $valueFlag = true;
>                 break;
>
> This is where the base64_decode occurs.

What LLoyd has quoted above is correct.

At the time this was last mentioned I spent some time to review the code
and test it with some clients.

As you can see from the code above the base64 decoding is handled by the
XMLRPC library.

What client are you having trouble with?
Could you send some captures of the HTTP requests sent by the client that
don't get correctly decoded?

The relevant trac ticket for this is: http://trac.wordpress.org/ticket/1008

westi
-- 
Peter Westwood <peter.westwood at ftwr.co.uk>
http://blog.ftwr.co.uk

More information about the wp-hackers mailing list