Make WordPress Core

Opened 8 years ago

Closed 8 years ago

Last modified 3 years ago

#36776 closed defect (bug) (duplicate)

Theme update error: "Download failed. Could not open handle for fopen() to ..." (file name too long)

Reported by: janr's profile JanR Owned by:
Milestone: Priority: normal
Severity: normal Version:
Component: Upgrade/Install Keywords:
Focuses: Cc:

Description

Note: I'm still investigating and debugging this issue.

A theme update fails with the following error:

Download failed. Could not open handle for fopen() to ...

when two conditions are met:

  1. hosted on Windows Server
  2. extreme long temporary name for the update file

In the case of one of our customers, the temporary filename is
D:\www\example.com\www/wp-content/enfold.zipAWSAccessKeyIdAKIAJYG5ROGJ6X7Z3M6QExpires1462528521SignaturevVcIoALl287s8b4Ema4weAdA5yI3Dresponse-content-dispositionattachment3Bfilename3Dthemeforest-4519990-enfold-responsive-multipurpose-theme-wordpress-theme-YPRt5D.tmp (slightly edited).

This is well over 260 characters which is the maximum MAX_PATH in the Windows API. The missing question mark (enfold.zipAWSA...) and missing percent signs (%, 3B instead of %3B) feels like urlencode/urldecode gone bad.

In this specific case, the update file is downloaded from an extremely long Envato/ThemeForest URL:

https://s3.amazonaws.com/marketplace-downloads.envato.com/files/184010637/enfold.zip?AWSAccessKeyId=(AccessKey)&Expires=(Expires)&Signature=(Signature)%3D&response-content-disposition=attachment%3B+filename%3Dthemeforest-4519990-enfold-responsive-multipurpose-theme-wordpress-theme.zip

One could blame Envato for this extremely long URL, but that's not the point of this ticket :-) Point is, we need to limit the maximum file length for temporary downloaded files in WordPress. Hacking my way through /wp-includes/class-wp-http-curl.php (bad idea), I was able to download the theme update file. Simply strip everything after the question mark ('?').

On line 187, add:

$r['filename'] = preg_replace("/(.*\.zip)?(.*)/", "$1", $r['filename']);
$this->stream_handle = fopen($r['filename'], 'w+' );

However, the temporary file name is used in multiple places. This simply resulted in /wp-admin/includes/file.php not being able to delete the file (line 493).

PS: there is an older support thread describing this very issue (not related to me or the client case I'm working on now), on kriesi.at: http://www.kriesi.at/support/topic/enfold-theme-problem-with-fopen-when-updating-the-theme/.

Change History (1)

#1 @ocean90
8 years ago

  • Component changed from General to Upgrade/Install
  • Milestone Awaiting Review deleted
  • Resolution set to duplicate
  • Status changed from new to closed
  • Version 4.5.1 deleted

Duplicate of #33053.

Note: See TracTickets for help on using tickets.