[fr]
La solution au problème qui fait qu'on se retrouve parfois régulièrement expulsé de la partie admin de Wordpress, et qui implique des URLs d'une longueur indécente, ne menant nulle part. Il suffit de supprimer deux lignes dans wp-login.php.
[en]
Yesterday, without a warning or an explanation, my WordPress install started acting funky. Even though I was logged in, I would be faced with very very long URLs showing me a broken login page when I tried to go back to the admin section (something like http://climbtothestars.org/wp-login.php/wp-admin/wp-smilies/wp-content/wp-admin/post.php?action=edit&post=xxxx). Deleting all the cruft after wp-login.php allowed me to log in, but a few clicks later I would find myself faced again with the same nasty situation.
This is caused by a bug in wp-login.php. What happens is that the Blog URL option gets changed to that long funky line in the database, and of course, it messes everything up.
The first thing I did was correct the siteurl value in the database (options table), because I have direct access to the database and like sticking my hands in there. If you don’t have access to the database, you can probably (I’m not certain) set this right through the Options screen in the admin section for your blog. (Remember, if you feel locked out, go directly to http://example.com/wp-login.php to log in.)
There is a forum thread about this problem, but the solution isn’t presented very clearly to my taste — hence this post.
Now for the fix: if you are not going to be moving your blog around (ie, changing the blog address) without having direct access to the database, you can edit the file wp-login.php and delete a couple of lines. Open wp-login.php in your favourite text editor, and do a search for get_settings(’siteurl’)
— that will bring you to the right place in the file. Delete these lines:
// If someone has moved WordPress let's try to detect it
if ( dirname('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'])
!= get_settings('siteurl') )
update_option('siteurl', dirname('http://' . $_SERVER['HTTP_HOST'] .
$_SERVER['REQUEST_URI']) );
I’ve had a similar problem with my Blogsome test blog — with the URL for the CSS file going all funky. It seems to be back to normal, but I’ll check that they are indeed aware of the problem.
Subscribe in newsreader
5 Comments
Thank you for this post. As usual in the WP forums, the fix was not presented in any straightforward way. sigh
Glad it’s fixed, it ate all my comments yesterday but I was mainly trying to draw your attention to the problem. Incidentally I can’t install Spam Karma as my ISP (Infomaniak) doesn’t allow exec()for security reasons. The install aborts.. back to square one I suppose. At least I upgraded to WP 1.3 alpha and changed the template.
Thanks for the fix–Reading the WP support forum was bit foggy
mmm.. I was thinking that everyone have faced with this problem should also make the fllowing:
update wp_options set option_value='‘ where pption_name=’siteurl’; where is your actual site url….
Thanks for this great info - my site was getting knocked down every few hours but since removing those lines it’s been rock solid
@li
11 Trackbacks
in, but a few clicks later I would find myself faced again with the same nasty situation. Testei a vulnerabilidade no meu prà³prio blog e funcionou: isto fi […]
;even worse than I could have broken it myself. Luckily there’s a not-too-hard fix, here. Hope that took care of it!
ou are using any version ABOVE (NOT including) 1.2, then I’d have a look at this and this. The latter is probably a better explanation. Ohh and not tryi […]
user unintentionally (or intentionally) causing your site to crash. There is a simple fix here. I think it has bee […]
malicious people can break your blog just by accessing it with a certain URL. Wonderful. The fix is to delete some lines of code from wp-login.php, which is […]
gize. It’s been taken care of and won’t happen again . For those interested, Climb To The Stars has the fix and more info about the problem. […]
led under: Administrivia — Administrator @ 11:36 pm
can be corrected by changing a few lines from wp-login.php. The procedure is described by climbtothestars.
ms there are so messy that I had a hard time figuring out how to fix it. That’s when Stephanie Booth came to the rescue. She has managed to give a much […]
Wordpress Warning
There is a bug in Wordpress 1.2.1 and earlier that allows losers with nothing better to do to hack into…