From d3d447d6e90d79b5b03d3640049ac8fb933f118b Mon Sep 17 00:00:00 2001 From: markjaquith Date: Sat, 22 Sep 2007 00:08:50 +0000 Subject: [PATCH] Core and plugin update checking: make sure fsockopen() is available and check file resources with is_resource() -- both to prevent feof() infinite loops. Props xknown. fixes #5037 git-svn-id: http://svn.automattic.com/wordpress/trunk@6151 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/includes/update.php | 6 +++++- wp-includes/update.php | 4 ++-- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/wp-admin/includes/update.php b/wp-admin/includes/update.php index 1fc33b9a68..41945d2b3d 100644 --- a/wp-admin/includes/update.php +++ b/wp-admin/includes/update.php @@ -42,6 +42,10 @@ add_action( 'admin_notices', 'update_nag', 3 ); function wp_update_plugins() { global $wp_version; + + if ( !function_exists('fsockopen') ) + return false; + $plugins = get_plugins(); $active = get_option( 'active_plugins' ); $current = get_option( 'update_plugins' ); @@ -83,7 +87,7 @@ function wp_update_plugins() { $http_request .= $request; $response = ''; - if( false != ( $fs = @fsockopen( 'api.wordpress.org', 80, $errno, $errstr, 3) ) ) { + if( false != ( $fs = @fsockopen( 'api.wordpress.org', 80, $errno, $errstr, 3) ) && is_resource($fs) ) { fwrite($fs, $http_request); while ( !feof($fs) ) diff --git a/wp-includes/update.php b/wp-includes/update.php index 48e1fec1ca..53f79590e0 100644 --- a/wp-includes/update.php +++ b/wp-includes/update.php @@ -3,7 +3,7 @@ // A simple set of functions to check our version 1.0 update service function wp_version_check() { - if ( strpos($_SERVER['PHP_SELF'], 'install.php') !== false || defined('WP_INSTALLING') ) + if ( !function_exists('fsockopen') || strpos($_SERVER['PHP_SELF'], 'install.php') !== false || defined('WP_INSTALLING') ) return; global $wp_version; @@ -30,7 +30,7 @@ function wp_version_check() { $http_request .= "\r\n"; $response = ''; - if ( false !== ( $fs = @fsockopen( 'api.wordpress.org', 80, $errno, $errstr, 3 ) ) ) { + if ( false !== ( $fs = @fsockopen( 'api.wordpress.org', 80, $errno, $errstr, 3 ) ) && is_resource($fs) ) { fwrite( $fs, $http_request ); while ( !feof( $fs ) ) $response .= fgets( $fs, 1160 ); // One TCP-IP packet