Thank you for the solution, I've already added it to my blog ;)
Cary
· 3 years ago
Hey...thanks for the fix!
Stuart
· 3 years ago
Hmmm - did not work for me :( Im getting a 500 - Internal Server Error (a wordpress one, not a real apache one). Only effects me when I try and post an entry with code in it.
Any ideas??
Aaron
· 3 years ago
Wait a day or two. WP 2.0.2 will be out which fixes this and a bunch of other bugs.
Trevor
· 3 years ago
Didn't work for me. I continue receiving stuff like this:
WordPress database error: [You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''schroeder\') as score FROM wp_posts where id=567' at line 1] SELECT MATCH(post_content, post_title) against ('schroeder\') as score FROM wp_posts where id=567;
WordPress database error: [You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''don\') as score FROM wp_posts where id=567' at line 1] SELECT MATCH(post_content, post_title) against ('don\') as score FROM wp_posts where id=567;
Nimrod
· 3 years ago
Installed WP 2.0.2. The bug is still there. Even worse, the patch above does not work :(
Aaron
· 3 years ago
Nimrod--
The problem was fixed in 2.0.2 and the patch is not required. If you have installed WP 2.0.2 and ran the upgrade script, what version is your wp-admin reporting???
Nimrod
· 3 years ago
[Comment ID #4695 Will Be Quoted Here]
I am using 2.0.2. I reuploaded the unmodified functions.php. Anyway, I have tracked down the culprit. It seems that the host that my blog is on is using mod_security.
The post that triggers the behavior is very long and contains what would be interpreted as a shell scripting attack by mod_security. I found out that it gets triggered only if my post contained the word 'curl' in it. Since I am on a virtual hosted environment, I cannot turn off mod_security or even change the rules it uses.
The work-around I have found is to wrap the words 'curl' with tags.
Nimrod
· 3 years ago
That last bit should have been:
The work-around I have found is to wrap the words 'curl' with SPAN tags.
Aaron
· 3 years ago
Actually you can use <code> or <pre> or a combination of both as well. Do you have a plugin that executes PHP in the post because that could be making it wonky as well.
Nimrod
· 3 years ago
[Comment ID #4698 Will Be Quoted Here]
No, I don't think so. I do have PHP Markdown installed. But since the words 'curl' is usually found in <code> or <pre> markup on my post, I was not able to use Markdown to format text with 'curl' in them. Markdown would use HTML entities for anything that is formatted as code (indented by 4 spaces). So I had to resort to using HTML tags.
Stacie
· 3 years ago
Well, I finally did it and updated. Now, do I still do the second patch or will I mess something up? Everything is running great right now.
Aaron
· 3 years ago
Which version are you running, Stacie?
Minks
· 3 years ago
I tried that on wp 2.02 and still face the same problem. Any other soloution
Minks
· 3 years ago
Finally, I found the problem. It's the word that trigger the problem. So I changed it to plural or tense and the problem solved. This is crazy, because that sentence doesn't make sense let alone is grammatically correct.
I find this really ridculous, what is wrong with the word curl? Any significant issue to technical or program problem?
Aaron Brazell
· 3 years ago
Are you running PHP exec or something? 'curl' is a unix library for fetching/grokking URLs from the command line and PHP has wrapper functions around it.
All Comments
Im getting a 500 - Internal Server Error (a wordpress one, not a real apache one). Only effects me when I try and post an entry with code in it.
Any ideas??
WordPress database error: [You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''schroeder\') as score FROM wp_posts where id=567' at line 1]
SELECT MATCH(post_content, post_title) against ('schroeder\') as score FROM wp_posts where id=567;
WordPress database error: [You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''don\') as score FROM wp_posts where id=567' at line 1]
SELECT MATCH(post_content, post_title) against ('don\') as score FROM wp_posts where id=567;
The problem was fixed in 2.0.2 and the patch is not required. If you have installed WP 2.0.2 and ran the upgrade script, what version is your wp-admin reporting???
I am using 2.0.2. I reuploaded the unmodified functions.php. Anyway, I have tracked down the culprit. It seems that the host that my blog is on is using mod_security.
The post that triggers the behavior is very long and contains what would be interpreted as a shell scripting attack by mod_security. I found out that it gets triggered only if my post contained the word 'curl' in it. Since I am on a virtual hosted environment, I cannot turn off mod_security or even change the rules it uses.
Here is the post http://abing.gotdns.com/2006/03/14/php4-and-php...
The work-around I have found is to wrap the words 'curl' with tags.
The work-around I have found is to wrap the words 'curl' with SPAN tags.
No, I don't think so. I do have PHP Markdown installed. But since the words 'curl' is usually found in <code> or <pre> markup on my post, I was not able to use Markdown to format text with 'curl' in them. Markdown would use HTML entities for anything that is formatted as code (indented by 4 spaces). So I had to resort to using HTML tags.
I find this really ridculous, what is wrong with the word curl? Any significant issue to technical or program problem?