Opened 6 years ago

Closed 4 years ago

Last modified 4 years ago

#4028 closed defect (bug) (fixed)

Importing WXR breaks serialized postmeta value

Reported by: takayukister Owned by: anonymous
Priority: low Milestone: 2.2
Component: Administration Version: 2.2
Severity: normal Keywords: import has-patch WXR
Cc: JonathanRogers

Description

When importing WordPress eXtended RSS (WXR), every element content get escaped by addslashes() in get_tag(). This is good for usual string. But when the content is serialized string like postmeta values, this breaks the serialized format and make WordPress disable to unserialize them.

Attachments (2)

import-wordpress.diff (572 bytes) - added by takayukister 6 years ago.
I wrote a patch whitch try to unserialize.
wordpress_import_meta_serialized.patch (1.5 KB) - added by JonathanRogers 4 years ago.
Avoids serializing meta values when importing from WXR

Download all attachments as: .zip

Change History (9)

takayukister6 years ago

I wrote a patch whitch try to unserialize.

comment:1   foolswisdom6 years ago

  • Milestone changed from 2.3 to 2.2

comment:2   foolswisdom6 years ago

  • Keywords WXR added

comment:3   ryan6 years ago

Actually, nothing passed to add_post_meta should be escaped. Unlike most other functions, add_post_meta does it's own escaping. I think we just need to stripslashes() all postmeta values before handing off to add_post_meta.

comment:4   ryan6 years ago

  • Resolution set to fixed
  • Status changed from new to closed

(In [5249]) Stripslashes post meta values before handing off to add_post_meta. Use wpdb::escape instead of addslashes. Props takayukister. fixes #4028

comment:5   JonathanRogers4 years ago

  • Cc JonathanRogers added
  • Resolution fixed deleted
  • Status changed from closed to reopened
  • Version changed from 2.2 to 2.8.3

Unfortunately, this bug seems to have been re-introduced by Ticket #7347. Now, serialized post meta values are doubly serialized after importing. Since Ticket #7347 indicates there might be some reason for maybe_serialize() to doubly serialize (though I can't fathom what it might be) and add_post_meta() calls maybe_serialize(), I'm not sure where this should be fixed.

JonathanRogers4 years ago

Avoids serializing meta values when importing from WXR

comment:6   dd324 years ago

  • Resolution set to fixed
  • Status changed from reopened to closed
  • Version changed from 2.8.3 to 2.2

I think this would be better off in a new ticket JonathanRogers.

I'm going to reclose this, Could you open a new ticket related to it in the current version?

comment:7   JonathanRogers4 years ago

OK, the new one is Ticket #10619

Note: See TracTickets for help on using tickets.