Unknown wordpress http referrer error for user file upload

I have a wordpress plugin user file upload. It shows repeated file upload fileds under /wp-admin/user-edit.php so admin can upload files to user account.

This works well till 139 files and after that its shows us an unknown error.

Read More

From this URL

/wp-admin/user-edit.php?user_id=20&wp_http_referer=%2xxxyz.com%2Fwp-admin%2Fusers.php%3Fpaged%3D2

Its going to this below URL only for the 139 no. file.

/wp-admin/user-edit.php

We have consulted with so many wordpress consultant but there is no luck. We had also increased the wp memory to 256M and max execution time.

enter image description here

When I viewed the source I got these things.

    <!DOCTYPE html>
<!-- Ticket #11289, IE bug fix: always pad the error page with enough characters such that it is greater than 512 bytes, even after gzip compression abcdefghijklmnopqrstuvwxyz1234567890aabbccddeeffgghhiijjkkllmmnnooppqqrrssttuuvvwwxxyyzz11223344556677889900abacbcbdcdcededfefegfgfhghgihihjijikjkjlklkmlmlnmnmononpopoqpqprqrqsrsrtstsubcbcdcdedefefgfabcadefbghicjkldmnoepqrfstugvwxhyz1i234j567k890laabmbccnddeoeffpgghqhiirjjksklltmmnunoovppqwqrrxsstytuuzvvw0wxx1yyz2z113223434455666777889890091abc2def3ghi4jkl5mno6pqr7stu8vwx9yz11aab2bcc3dd4ee5ff6gg7hh8ii9j0jk1kl2lmm3nnoo4p5pq6qrr7ss8tt9uuvv0wwx1x2yyzz13aba4cbcb5dcdc6dedfef8egf9gfh0ghg1ihi2hji3jik4jkj5lkl6kml7mln8mnm9ono
-->
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US">
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <meta name="viewport" content="width=device-width">
    <title>WordPress &rsaquo; Error</title>

</head>
<body id="error-page">
    <p>Invalid user ID.</p></body>
</html>

The function in my Plugins file

 //change upload directory
    public function user_upload_files_dir($upload) {
        //check if this a user-edit page
        $current_page = basename($_SERVER['HTTP_REFERER']);
        $current_page_tmp = explode("?", $current_page);
        $current_page = $current_page_tmp[0];
        if ($current_page != "user-edit.php")
            return $upload;

        // check if it a async-upload request
        $referer = basename($_SERVER['REQUEST_URI']);
        if ($referer != "async-upload.php")
            return $upload;

        //get userid from http http_referer
        $p = parse_url($_SERVER['HTTP_REFERER']);
        parse_str($p["query"], $get);
        $user_id = $get['user_id'];

        //change upload directory to user-files/$user_id
        $baseDir = WP_CONTENT_DIR . '/uploads/user-files/';
        $baseUrl = WP_CONTENT_URL . '/uploads/user-files/';
        $upload['subdir'] = $user_id;
        $upload['path'] = $baseDir . $upload['subdir'];
        $upload['url'] = $baseUrl . $upload['subdir'];

        return $upload;
    }

    //Enqueue class assets
    public function enqueue() {
        global $pagenow;
        if ($pagenow != "user-edit.php")
            return;
        // Enqueue styles
        wp_enqueue_style('bhuufu_admin_styles', BHUUFU_URL . '/assets/css/admin_styles.css');
        // Enqueue scripts
        wp_enqueue_script('jquery');
        wp_enqueue_script('bhuufu_repeatable-fields.js', BHUUFU_URL . '/assets/js/repeatable-fields.js');
        wp_enqueue_script('bhuufu_admin_script', BHUUFU_URL . 'assets/js/stb_admin.js');
        // Hook to add/remove files
        do_action('BHUUFU/assets/enqueue');
    }

    //conditionally_add_scripts_and_styles
    public function conditionally_add_scripts_and_styles($posts) {

        if (empty($posts))
            return $posts;
        $shortcode_found = false;
        foreach ($posts as $post) {

            if (stripos($post->post_content, '[list_user_files]') !== false) {
                $shortcode_found = true;
                break;
            }
        }

        if ($shortcode_found) {
            wp_enqueue_style('user-upload-css', BHUUFU_URL . 'assets/css/styles.css');
        }

        return $posts;
    }

    //user_file_upload_fields
    function add_user_file_upload_fields($user) {
        $bhu_uufef = get_user_meta($user->ID, 'user_file_uploads', true);
        wp_enqueue_media();
        ?>
        <h3><?php _e('File Uploads', 'wpcf7'); ?></h3>
        <div class="ff-repeatable">
            <table>
                <thead>
                    <tr>
                        <th><?php _e('Url', 'wpcf7'); ?></th>
                        <th><?php _e('Name', 'wpcf7'); ?></th>
                        <th><?php _e('Decsription', 'wpcf7'); ?></th>
                        <th><img alt="Add Row" class="ff-add-row" src="<?php echo BHUUFU_URL; ?>assets/images/add.png"></th>
                    </tr>
                </thead>
                <tbody>
                    <tr class="ff-add-template" style="">
                        <td><input type="text" name="bhuufu-user-uploads[file_url_tmp][]" class="medium-text file_url" value="" /></td>
                        <td><input type="text" name="bhuufu-user-uploads[file_name_tmp][]" class="medium-text file_name" value="" /></td>
                        <td><input type="text" name="bhuufu-user-uploads[file_description_tmp][]" class="medium-text file_description" value="" /></td>
                        <td>
                            <input type="hidden" name="bhuufu-user-uploads[file_id_tmp][]" class="medium-text file_id" value="" />
                            <input type="hidden" name="bhuufu-user-uploads[file_oname_tmp][]" class="medium-text file_oname" value="" />
                            <input type="hidden" name="bhuufu-user-uploads[file_mime_tmp][]" class="medium-text file_mime" value="" />
                            <input class="button _unique_name_button" name="_unique_name_button" value="Select File" />
                            <img alt="Remove Row" class="ff-remove-row" src="<?php echo BHUUFU_URL; ?>assets/images/remove.png">
                        </td>
                    </tr>
                    <?php
                    if (isset($bhu_uufef['file_url']) && $extra_fields = array_filter($bhu_uufef['file_url'])) {
                        foreach ($extra_fields as $key => $value) {
                            echo'<tr>
                        <td><input type="text" name="bhuufu-user-uploads[file_url_tmp][]" class="medium-text file_url" value="' . $bhu_uufef['file_url'][$key] . '" /></td>
                        <td><input type="text" name="bhuufu-user-uploads[file_name_tmp][]" class="medium-text file_name" value="' . $bhu_uufef['file_name'][$key] . '" /></td>
                        <td><input type="text" name="bhuufu-user-uploads[file_description_tmp][]" class="medium-text file_description" value="' . $bhu_uufef['file_description'][$key] . '" /></td>
                        <td>
                        <input type="hidden" name="bhuufu-user-uploads[file_id_tmp][]" class="medium-text file_id" value="' . $bhu_uufef['file_id'][$key] . '" />
                        <input type="hidden" name="bhuufu-user-uploads[file_oname_tmp][]" class="medium-text file_oname" value="' . $bhu_uufef['file_oname'][$key] . '" />
                        <input type="hidden" name="bhuufu-user-uploads[file_mime_tmp][]" class="medium-text file_mime" value="' . $bhu_uufef['file_mime'][$key] . '" />
                        <input class="button _unique_name_button" name="_unique_name_button" value="Select File" />
                        <img alt="Remove Row" class="ff-remove-row" src="' . BHUUFU_URL . 'assets/images/remove.png">
                        </td>
                    </tr>';
                        }
                    } else {
                        echo'
                     <tr>
                        <td><input type="text" name="bhuufu-user-uploads[file_url_tmp][]" class="medium-text file_url" value="" /></td>
                        <td><input type="text" name="bhuufu-user-uploads[file_name_tmp][]" class="medium-text file_name" value="" /></td>
                        <td><input type="text" name="bhuufu-user-uploads[file_description_tmp][]" class="medium-text file_description"  value="" /></td>
                        <td>
                        <input type="hidden" name="bhuufu-user-uploads[file_id_tmp][]" class="medium-text file_id" value="" />
                        <input type="hidden" name="bhuufu-user-uploads[file_oname_tmp][]" class="medium-text file_oname" value="" />
                        <input type="hidden" name="bhuufu-user-uploads[file_mime_tmp][]" class="medium-text file_mime" value="" />
                        <input class="button _unique_name_button" name="_unique_name_button" value="Select File" />
                        <img alt="Remove Row" class="ff-remove-row" src="' . BHUUFU_URL . 'assets/images/remove.png">
                        </td> 
                    </tr>';
                    }
                    ?>
                </tbody>            
            </table>
        </div>
        <?php
    }

    //user porfile fields save
        public function save_user_file_upload_fields($user_id) {
            if (isset($_POST['bhuufu-user-uploads']['file_url_tmp']) && $extra_fields = array_filter($_POST['bhuufu-user-uploads']['file_url_tmp'])) {
                foreach ($extra_fields as $key => $value) {
                    $_POST['bhuufu-user-uploads']['file_url'][] = $_POST['bhuufu-user-uploads']['file_url_tmp'][$key];
                    $_POST['bhuufu-user-uploads']['file_name'][] = $_POST['bhuufu-user-uploads']['file_name_tmp'][$key];
                    $_POST['bhuufu-user-uploads']['file_description'][] = $_POST['bhuufu-user-uploads']['file_description_tmp'][$key];
                    $_POST['bhuufu-user-uploads']['file_id'][] = $_POST['bhuufu-user-uploads']['file_id_tmp'][$key];
                    $_POST['bhuufu-user-uploads']['file_oname'][] = $_POST['bhuufu-user-uploads']['file_oname_tmp'][$key];
                    $_POST['bhuufu-user-uploads']['file_mime'][] = $_POST['bhuufu-user-uploads']['file_mime_tmp'][$key];
                }
            }
            unset($_POST['bhuufu-user-uploads']['file_url_tmp']);
            unset($_POST['bhuufu-user-uploads']['file_name_tmp']);
            unset($_POST['bhuufu-user-uploads']['file_description_tmp']);
            unset($_POST['bhuufu-user-uploads']['file_id_tmp']);
            unset($_POST['bhuufu-user-uploads']['file_oname_tmp']);
            unset($_POST['bhuufu-user-uploads']['file_mime_tmp']);
            update_usermeta($user_id, 'user_file_uploads', $_POST['bhuufu-user-uploads']);
        }

    //delete file
    public function deletefile() {
        global $wpdb;
        $file_id = $_REQUEST["file_id"];
        $user_id = $_REQUEST["user_id"];

        // Delete file
        $is_deleted = wp_delete_attachment($file_id);
        if ($is_deleted->ID) {
            $bhu_uufef = get_user_meta($user_id, 'user_file_uploads', true);
            $key = array_search($file_id, $bhu_uufef['file_id']);
            unset($bhu_uufef['file_url'][$key]);
            unset($bhu_uufef['file_name'][$key]);
            unset($bhu_uufef['file_description'][$key]);
            unset($bhu_uufef['file_id'][$key]);
            unset($bhu_uufef['file_oname'][$key]);
            unset($bhu_uufef['file_mime'][$key]);
            update_usermeta($user_id, 'user_file_uploads', $bhu_uufef);
            $result['status'] = "sucess";
        } else {
            $result['status'] = "fail";
        }

        echo json_encode($result);

        exit;
    }

Related posts