[wpmu-trac] [WordPress MU Trac] #783: Apparent bug in wpmu-edit.php

WordPress MU Trac wpmu-trac at lists.automattic.com
Thu Oct 30 15:35:59 GMT 2008 

#783: Apparent bug in wpmu-edit.php
------------------------+---------------------------------------------------
 Reporter:  bkurt78     |       Owner:  somebody
     Type:  defect      |      Status:  new     
 Priority:  normal      |   Milestone:          
Component:  component1  |     Version:          
 Severity:  major       |    Keywords:          
------------------------+---------------------------------------------------
 I'm running a site using wpmu 2.6.0 at the current time and we just ran
 into an interesting problem.  Basically, I had some users contact me that
 their blog was no longer usable.  So I took at look at things and noticed
 that their blog entry in wp_blogs was indeed still there however the
 tables that would normally compose their blogs were gone.  In fact in
 total the tables for 10 blogs had disappeared from the database.  So I
 went back through the apache logs and here is what I found to be the
 issue.  There was an entry in the access logs that looked like the
 following:

 xxx.xxx.xxx.xxx - - [21/Oct/2008:09:30:24 -0400] "POST /wp-admin/wpmu-
 edit.php?action=deleteblog HTTP/1.1" 302 - "https://xxx.xxx.xxx/wp-admin
 /wpmu-
 edit.php?action=confirm&action2=deleteblog&id=28&msg=You+are+about+to+delete+the+blog+%2Ftestpodpress%2F"
 "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/525.13
 (KHTML, like Gecko) Chrome/0.2.149.30 Safari/525.13"

 So I took the URL string in the log entry above and ran it against a test
 database of ours and it reproduced the problem.  We had blogs with blog
 ids of 280-289.  After submitting the above url and confirming the
 deletion of the blog the tables wp_28[0-9]_* get deleted from the
 database.  I was able to restore the tables from backup so it wasn't a
 huge deal, but it would appear that possibly something was interpreted
 very wrongly in the wpmu-edit.php script.  Let me know if I can provide
 any further information or test anything for you.  Thanks.

-- 
Ticket URL: <http://trac.mu.wordpress.org/ticket/783>
WordPress MU Trac <http://mu.wordpress.org/>
WordPress Multiuser

More information about the wpmu-trac mailing list