You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am running into a problem using wp-config.php upgrade constants and the “Security fix for save status via Ajax” introduced in 1.8.8 (06/05/2013) in the following two methods...
publicfunction save_active() {
publicfunction save_config() {
//check_ajax_referer( 'wm_config-update', 'wp-maintenance-mode-nonce' );$nonce = $_POST['nonce'];
if ( ! wp_verify_nonce( $nonce, 'wp-maintenance-mode-nonce' ) )
wp_die( __( 'You are not authorised to perform this operation.' ) );
if ( ! current_user_can( 'manage_options' ) )
wp_die( __( 'You are not authorised to perform this operation.' ) );
Logged in as ‘administrator’, installs and upgrades succeed, but saving configuration settings fail; wp-maintenance-mode records are not created/updated in the wp-options table.
The configuration uses SSH with public/private keys and wp-config.php upgrade constants, where ‘FTP_USER’ is not defined as a user in WP...
/** * Upgrade constants (SSH connection information for 'automatic' updates/installs) */define('FS_METHOD', 'ssh2');
define('FTP_PUBKEY','/home/user/.ssh/wordpress/id_rsa.pub');
define('FTP_PRIKEY','/home/user/.ssh/wordpress/id_rsa');
define('FTP_USER','user');
define('FTP_HOST','subdomain.domain.tld:port');
See the details on the WP forum... http://wordpress.org/support/topic/ftp_user-fails-security-fix-for-save-status-via-ajax-introduced-in-188
The text was updated successfully, but these errors were encountered: