[wp-trac] [WordPress Trac] #58541: WP_Filesystem_SSH2:put_contents (and others) does not check for $sftp_link to be up
WordPress Trac
noreply at wordpress.org
Tue Jun 20 01:31:22 UTC 2023
#58541: WP_Filesystem_SSH2:put_contents (and others) does not check for $sftp_link
to be up
-----------------------------------------+------------------------------
Reporter: jobst | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Filesystem API | Version:
Severity: major | Resolution:
Keywords: has-patch reporter-feedback | Focuses:
-----------------------------------------+------------------------------
Comment (by jobst):
Hi @costdev
As I expected none of the required parms for the connection are initiated
when you call 'WP_Filesystem()' without parms.
I have read the code over and over again, I checked what happens when
people pass the proper values. When you pass credentials, all works
correctly, if you do not pass credentials a call to
{{{
$wp_filesystem->put_contents($file, $content);
}}}
will fail.
Below is one of the problems I have to show passing without credentials
WILL fail.
'pinf' is a function I wrote which can take
arrays/objects/strings/whatever and knows what to do with it.
{{{
private static function create_files() {
// Allow us to easily interact with the filesystem.
require_once ABSPATH . 'wp-admin/includes/file.php';
pinf("============================================= this is JUST
before");
global $wp_filesystem;
WP_Filesystem();
pinf($wp_filesystem, "============================================= this
is JUST after");
// Install files and folders for uploading files and prevent hotlinking.
$upload_dir = wp_upload_dir();
$files = array(
'base' => $upload_dir['basedir'] . '/uael_uploads',
'file' => '.htaccess',
'content' => 'deny from all',
);
pinf($files,"UAEL -> modules/display-conditions/module.php");
if ( wp_mkdir_p( $files['base'] ) && ! file_exists( trailingslashit(
$files['base'] ) . $files['file'] ) ) {
$wp_filesystem->put_contents( $files['base'] . '/' . $files['file'],
$files['content'], FS_CHMOD_FILE );
}
}
}}}
Below is the printout of the pinf function JUST after the call
'WP_Filesystem();' with no parms passed.
The port number and method are correctly assigned,m everything else is
empty - expected, there is no way after I read all the code that hostname
etc will have any values.
The error it produces (note this is the wp_filesytem object):
{{{
[20-Jun-2023 01:14:11 UTC] =============================================
this is JUST after WP_Filesystem_ssh2 Object
(
[link] =>
[sftp_link] =>
[keys] =>
[verbose] =>
[cache] => Array
(
)
[method] => ssh2
[errors] => WP_Error Object
(
[errors] => Array
(
[empty_hostname] => Array
(
[0] => SSH2 hostname is required
)
[empty_username] => Array
(
[0] => SSH2 username is required
)
[empty_password] => Array
(
[0] => SSH2 password is required
)
)
[error_data] => Array
(
)
[additional_data:protected] => Array
(
)
)
[options] => Array
(
[port] => 22
)
)
}}}
My wp-config.php file is correct, I am 100% sure, below are some of the
lines.
Also I use KEYS, not a password.
{{{
define('FS_METHOD', 'ssh2');
define('FTP_USER', 'REDACTED');
define('FTP_PASS', '');
define('FTP_HOST', '127.0.0.1:22');
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/58541#comment:7>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list