Opened 13 years ago
Closed 13 years ago
#19009 closed defect (bug) (fixed)
wpmu_delete_blog() can wipe out an entire network
Reported by: | nacin | Owned by: | nacin |
---|---|---|---|
Milestone: | 3.3 | Priority: | normal |
Severity: | critical | Version: | 3.0 |
Component: | Multisite | Keywords: | |
Focuses: | Cc: |
Description
Steps to reproduce:
- Create a network.
- Create a second blog.
- Via BLOG_ID_CURRENT_SITE, set the second blog to be the main blog.
- Delete the original blog at the / path.
wpmu_delete_blog() will wipe out all blogs LIKE blog\_prefix%, which nukes the entire network.
Solution: iterate over and drop $wpdb->tables('blog')
only.
Attachments (3)
Change History (9)
#2
@
13 years ago
19009.2.diff keeps the wpmu_drop_tables filter. As commented above, it kicks $force to false if $blog_id == 1.
Also, cruft like autosave_draft_ids and the blog_list site_option is canned.
#4
@
13 years ago
I think we should also prevent $force when $current_site->path == $blog->path && $current_site->domain == $blog->domain
. When this site disappears, the network admin will likely not work, and startup might fail.
Ideally we need to make this more explicit, such as denying the ability to delete these blogs in the UI (at the cap level, perhaps). Perhaps a better API distinction needs to be made with is_main_site(), the root domain/path, and blog_id 1, which can all be different.
#5
@
13 years ago
19009.3.diff avoids destroying the initial, main, or root blogs -- three different concepts that are often all the same blog.
Also, wpmu_delete_blog(), for blog ID 1, should automatically kick force to false. Otherwise things go haywire.