Upload files using python sessions - Wordpress Tutorials, Tips, Themes and Plugins.

I need to upload images to wordpress programmatically, ideally without installing additional plugins. However I am open to best practices that involve plugins.

So far I have been able to log in and move about the site using sessions, but when I try to upload a file to media-new.php or async-upload.php I get the following error message

<div class="wp-die-message">The link you followed has expired.</div>

The file is a test text file with a single line (also the upload limit on the site is 1GB) so it’s not the common file size limit. This is what I have so far. Let me know if I am barking up the wrong tree.

import sys, requests, re

f = 'test.txt'
rstring='name="_wpnonce" value="(0-9a-z){10}"'

user='username'
password='password'
url1='https://example.com/wp-login.php'
url2='https://example.com/wp-admin/media-new.php'
url3='https://example.com/wp-admin/async-upload.php'

headerauth= {
        'Cookie':'wordpress_test_cookie=WP Cookie check; ROUTEID=.1',
        'Content-Type': 'application/x-www-form-urlencoded'
        }
dataauth = {
        'log':user,
        'pwd':password,
        'wp-submit':'Log In',
        'redirect_to': url2,
        'testcookie': 1
        }
image = {'async-upload':('test.txt', open(f, "rb"))}
testimage = open(f, "rb")

session1=requests.session()
session1.get(url1)
r1 = session1.post(url1, headers=headerauth, data=dataauth)

test = re.search('value="[0-9a-z]{10}"', r1.text)
nonce = re.search('[0-9a-z]{10}', test.group(0))
nonce = nonce.group(0)

dataupload = {
        'post_id': '0',
        '_wp_http_referer': '/wp-admin/media-new.php',
        '_wpnonce': nonce ,
        'action': 'upload_attachement',
        'html-upload': 'Upload',
        }
testheaders = {
        'Connection': 'keep-alive',
        'Referer': 'https://example.com/wp-admin/upload.php'
        }
testdata = {
        'post_id': '0',
        '_wpnonce': nonce,
        'type': '',
        'tab': '',
        'short': '1',
        }
testdata2 = {
        'name': 'test.txt',
        'action': 'upload-attachement',
        '_wpnonce': nonce,
        'wpmf_folder': '0',
        }

r3 = session1.post(url2, data=dataupload, files=image)
#r3 = session1.post(url3, data=testdata2, files=image)
title = re.search('<title>.+</title>', r3.text)
print(r3)
print(title.group(0))

This topic was modified 3 days, 14 hours ago by cspit.

Source link

Shopping cart