Make WordPress Core


Ignore:
Location:
branches/2.7
Files:
31 edited

Legend:

Unmodified
Added
Removed
  • branches/2.7/wp-admin/categories.php

    r10537 r10933  
    295295    $(document).ready(function(){
    296296        $('#doaction, #doaction2').click(function(){
    297             if ( $('select[name^="action"]').val() == 'delete' ) {
     297            if ( $('select[name="action"]').val() == 'delete' || $('select[name="action2"]').val() == 'delete' ) {
    298298                var m = '<?php echo js_escape(__("You are about to delete the selected categories.\n  'Cancel' to stop, 'OK' to delete.")); ?>';
    299299                return showNotice.warn(m);
  • branches/2.7/wp-admin/edit-comments.php

    r10537 r10933  
    379379    $(document).ready(function(){
    380380        $('#doaction, #doaction2').click(function(){
    381             if ( $('select[name^="action"]').val() == 'delete' ) {
     381            if ( $('select[name="action"]').val() == 'delete' || $('select[name="action2"]').val() == 'delete' ) {
    382382                var m = '<?php echo js_escape(__("You are about to delete the selected comments.\n  'Cancel' to stop, 'OK' to delete.")); ?>';
    383383                return showNotice.warn(m);
  • branches/2.7/wp-admin/edit-link-categories.php

    r10537 r10933  
    230230    $(document).ready(function(){
    231231        $('#doaction, #doaction2').click(function(){
    232             if ( $('select[name^="action"]').val() == 'delete' ) {
     232            if ( $('select[name="action"]').val() == 'delete' || $('select[name="action2"]').val() == 'delete' ) {
    233233                var m = '<?php echo js_escape(__("You are about to delete the selected link categories.\n  'Cancel' to stop, 'OK' to delete.")); ?>';
    234234                return showNotice.warn(m);
  • branches/2.7/wp-admin/edit-pages.php

    r10537 r10933  
    318318    $(document).ready(function(){
    319319        $('#doaction, #doaction2').click(function(){
    320             if ( $('select[name^="action"]').val() == 'delete' ) {
     320            if ( $('select[name="action"]').val() == 'delete' || $('select[name="action2"]').val() == 'delete' ) {
    321321                var m = '<?php echo js_escape(__("You are about to delete the selected pages.\n  'Cancel' to stop, 'OK' to delete.")); ?>';
    322322                return showNotice.warn(m);
  • branches/2.7/wp-admin/edit-tags.php

    r10537 r10933  
    4444    wp_delete_term( $tag_ID, 'post_tag');
    4545
    46     wp_redirect('edit-tags.php?message=2');
     46    $location = 'edit-tags.php';
     47    if ( $referer = wp_get_referer() ) {
     48        if ( false !== strpos($referer, 'edit-tags.php') )
     49            $location = $referer;
     50    }
     51
     52    $location = add_query_arg('message', 2, $location);
     53    wp_redirect($location);
    4754    exit;
    4855
     
    261268    <label for="name"><?php _e('Tag name') ?></label>
    262269    <input name="name" id="name" type="text" value="" size="40" aria-required="true" />
    263     <p><?php _e('The name is how the tag appears on your site.'); ?></p>
     270    <p><?php _e('The name is how the tag appears on your site.'); ?></p>
    264271</div>
    265272
     
    267274    <label for="slug"><?php _e('Tag slug') ?></label>
    268275    <input name="slug" id="slug" type="text" value="" size="40" />
    269     <p><?php _e('The &#8220;slug&#8221; is the URL-friendly version of the name. It is usually all lowercase and contains only letters, numbers, and hyphens.'); ?></p>
     276    <p><?php _e('The &#8220;slug&#8221; is the URL-friendly version of the name. It is usually all lowercase and contains only letters, numbers, and hyphens.'); ?></p>
    270277</div>
    271278
     
    286293    $(document).ready(function(){
    287294        $('#doaction, #doaction2').click(function(){
    288             if ( $('select[name^="action"]').val() == 'delete' ) {
     295            if ( $('select[name="action"]').val() == 'delete' || $('select[name="action2"]').val() == 'delete' ) {
    289296                var m = '<?php echo js_escape(__("You are about to delete the selected tags.\n  'Cancel' to stop, 'OK' to delete.")); ?>';
    290297                return showNotice.warn(m);
  • branches/2.7/wp-admin/edit.php

    r10537 r10933  
    302302    $(document).ready(function(){
    303303        $('#doaction, #doaction2').click(function(){
    304             if ( $('select[name^="action"]').val() == 'delete' ) {
     304            if ( $('select[name="action"]').val() == 'delete' || $('select[name="action2"]').val() == 'delete' ) {
    305305                var m = '<?php echo js_escape(__("You are about to delete the selected posts.\n  'Cancel' to stop, 'OK' to delete.")); ?>';
    306306                return showNotice.warn(m);
  • branches/2.7/wp-admin/import/mt.php

    r10537 r10933  
    4040
    4141<?php wp_import_upload_form( add_query_arg('step', 1) ); ?>
    42 <form method="post" action="<?php echo add_query_arg('step', 1); ?>" class="import-upload-form">
     42<form method="post" action="<?php echo attribute_escape(add_query_arg('step', 1)); ?>" class="import-upload-form">
    4343
    4444<?php wp_nonce_field('import-upload'); ?>
  • branches/2.7/wp-admin/import/opml.php

    r10537 r10933  
    9393        } else { // try to get the upload file.
    9494            $overrides = array('test_form' => false, 'test_type' => false);
     95            $_FILES['userfile']['name'] .= '.txt';
    9596            $file = wp_handle_upload($_FILES['userfile'], $overrides);
    9697
  • branches/2.7/wp-admin/includes/import.php

    r10537 r10933  
    6161function wp_import_handle_upload() {
    6262    $overrides = array( 'test_form' => false, 'test_type' => false );
    63     $_FILES['import']['name'] .= '.import';
     63    $_FILES['import']['name'] .= '.txt';
    6464    $file = wp_handle_upload( $_FILES['import'], $overrides );
    6565
  • branches/2.7/wp-admin/includes/media.php

    r10537 r10933  
    11681168            $item .= $field[$field['input']];
    11691169        elseif ( $field['input'] == 'textarea' ) {
    1170             $item .= "<textarea type='text' id='$name' name='$name'" . $aria_required . ">" . htmlspecialchars( $field['value'] ) . "</textarea>";
     1170            $item .= "<textarea type='text' id='$name' name='$name'" . $aria_required . ">" . wp_specialchars( $field['value'] ) . "</textarea>";
    11711171        } else {
    11721172            $item .= "<input type='text' id='$name' name='$name' value='" . attribute_escape( $field['value'] ) . "'" . $aria_required . "/>";
  • branches/2.7/wp-admin/includes/update-core.php

    r10537 r10933  
    162162'wp-images/wp-small.png',
    163163'wp-images/wpminilogo.png',
    164 'wp.php',
    165 'wp-content/themes/default/attachment.php',
    166 'wp-content/themes/default/images/kubrickbg.jpg',
    167 'wp-content/plugins/markdown.php',
    168 'wp-content/plugins/textile1.php',
     164'wp.php'
    169165);
    170166
  • branches/2.7/wp-admin/includes/user.php

    r10537 r10933  
    394394    $wpdb->query( $wpdb->prepare("DELETE FROM $wpdb->usermeta WHERE user_id = %d", $id) );
    395395
     396    $user = new WP_User($id);
     397
    396398    wp_cache_delete($id, 'users');
    397399    wp_cache_delete($user->user_login, 'userlogins');
  • branches/2.7/wp-admin/link-manager.php

    r10537 r10933  
    169169        $link->link_category = wp_get_link_cats($link->link_id);
    170170        $short_url = str_replace('http://', '', $link->link_url);
    171         $short_url = preg_replace('/^www./i', '', $short_url);
     171        $short_url = preg_replace('/^www\./i', '', $short_url);
    172172        if ('/' == substr($short_url, -1))
    173173            $short_url = substr($short_url, 0, -1);
     
    276276    $(document).ready(function(){
    277277        $('#doaction, #doaction2').click(function(){
    278             if ( $('select[name^="action"]').val() == 'delete' ) {
     278            if ( $('select[name="action"]').val() == 'delete' || $('select[name="action2"]').val() == 'delete' ) {
    279279                var m = '<?php echo js_escape(__("You are about to delete the selected links.\n  'Cancel' to stop, 'OK' to delete.")); ?>';
    280280                return showNotice.warn(m);
  • branches/2.7/wp-admin/setup-config.php

    r10537 r10933  
    4343    wp_die("<p>The file 'wp-config.php' already exists. If you need to reset any of the configuration items in this file, please delete it first. You may try <a href='install.php'>installing now</a>.</p>");
    4444
    45 // Check if wp-config.php exists above the root directory
    46 if (file_exists('../../wp-config.php') && ! file_exists('../../wp-load.php'))
     45// Check if wp-config.php exists above the root directory but is not part of another install
     46if (file_exists('../../wp-config.php') && ! file_exists('../../wp-settings.php'))
    4747    wp_die("<p>The file 'wp-config.php' already exists one level above your WordPress installation. If you need to reset any of the configuration items in this file, please delete it first. You may try <a href='install.php'>installing now</a>.</p>");
    4848
  • branches/2.7/wp-admin/upload.php

    r10537 r10933  
    416416    $(document).ready(function(){
    417417        $('#doaction, #doaction2').click(function(e){
    418             if ( $('select[name^="action"]').val() == 'delete' ) {
     418            if ( $('select[name="action"]').val() == 'delete' || $('select[name="action2"]').val() == 'delete' ) {
    419419                var m = '<?php echo js_escape(__("You are about to delete the selected attachments.\n  'Cancel' to stop, 'OK' to delete.")); ?>';
    420420                return showNotice.warn(m);
  • branches/2.7/wp-admin/users.php

    r10537 r10933  
    241241<?php screen_icon(); ?>
    242242<h2><?php echo wp_specialchars( $title );
    243 if ( isset($_GET['s']) && $_GET['s'] )
    244     printf( '<span class="subtitle">' . __('Search results for &#8220;%s&#8221;') . '</span>', wp_specialchars( get_search_query() ) ); ?>
     243if ( isset($_GET['usersearch']) && $_GET['usersearch'] )
     244    printf( '<span class="subtitle">' . __('Search results for &#8220;%s&#8221;') . '</span>', wp_specialchars( $_GET['usersearch'] ) ); ?>
    245245</h2>
    246246
  • branches/2.7/wp-app.php

    r10537 r10933  
    2626/** Feed Handling API */
    2727require_once(ABSPATH . WPINC . '/feed.php');
     28
     29/** Admin Image API for metadata updating */
     30require_once(ABSPATH . '/wp-admin/includes/image.php');
    2831
    2932$_SERVER['PATH_INFO'] = preg_replace( '/.*\/wp-app\.php/', '', $_SERVER['REQUEST_URI'] );
     
    699702
    700703        $post_title = $parsed->title[1];
    701         $post_content = $parsed->content[1];
     704        $post_content = $parsed->summary[1];
    702705        $pubtimes = $this->get_publish_time($parsed->updated);
    703706        $post_modified = $pubtimes[0];
     
    815818        }
    816819
     820        $upload_dir = wp_upload_dir( );
    817821        $location = get_post_meta($entry['ID'], '_wp_attached_file', true);
    818822        $filetype = wp_check_filetype($location);
     823
     824        $location = "{$upload_dir['basedir']}/{$location}";
    819825
    820826        if(!isset($location) || 'attachment' != $entry['post_type'] || empty($filetype['ext']))
     
    844850        }
    845851
     852        wp_update_attachment_metadata( $postID, wp_generate_attachment_metadata( $postID, $location ) );
     853
    846854        log_app('function',"put_file($postID)");
    847855        $this->ok();
     
    10671075        log_app('function',"get_feed($page, '$post_type')");
    10681076        ob_start();
     1077
     1078        $this->ENTRY_PATH = $post_type;
    10691079
    10701080        if(!isset($page)) {
     
    11371147                break;
    11381148            case 'attachment':
     1149                $this->ENTRY_PATH = 'attachment';
    11391150                $varname = 'attachment_id';
    11401151                break;
  • branches/2.7/wp-includes/comment-template.php

    r10537 r10933  
    293293    if ( $comment->user_id > 0 && $user = get_userdata($comment->user_id) ) {
    294294        // For all registered users, 'byuser'
    295         $classes[] = 'byuser comment-author-' . $user->user_nicename;
     295        $classes[] = 'byuser';
     296        $classes[] = 'comment-author-' . $user->user_nicename;
    296297        // For comment authors who are the author of the post
    297298        if ( $post = get_post($post_id) ) {
  • branches/2.7/wp-includes/comment.php

    r10537 r10933  
    740740        return false;
    741741
     742    // Move children up a level.
     743    $children = $wpdb->get_col( $wpdb->prepare("SELECT comment_ID FROM $wpdb->comments WHERE comment_parent = %d", $comment_id) );
     744    if ( !empty($children) ) {
     745        $wpdb->update($wpdb->comments, array('comment_parent' => $comment->comment_parent), array('comment_parent' => $comment_id));
     746        clean_comment_cache($children);
     747    }
     748
    742749    $post_id = $comment->comment_post_ID;
    743750    if ( $post_id && $comment->comment_approved == 1 )
     
    15431550 * @subpackage Cache
    15441551 *
    1545  * @param int $id Comment ID to remove from cache
    1546  */
    1547 function clean_comment_cache($id) {
    1548     wp_cache_delete($id, 'comment');
     1552 * @param int|array $id Comment ID or array of comment IDs to remove from cache
     1553 */
     1554function clean_comment_cache($ids) {
     1555    foreach ( (array) $ids as $id )
     1556        wp_cache_delete($id, 'comment');
    15491557}
    15501558
  • branches/2.7/wp-includes/compat.php

    r10537 r10933  
    100100    // Added in PHP 5.1.0
    101101    // Error checks from PEAR::PHP_Compat
    102     function htmlspecialchars_decode( $str, $quote_style = ENT_COMPAT )
     102    function htmlspecialchars_decode( $string, $quote_style = ENT_COMPAT )
    103103    {
    104104        if ( !is_scalar( $string ) ) {
     
    112112        }
    113113
    114         return wp_specialchars_decode( $str, $quote_style );
     114        return wp_specialchars_decode( $string, $quote_style );
    115115    }
    116116}
  • branches/2.7/wp-includes/feed.php

    r10537 r10933  
    404404        if ($key == 'enclosure') {
    405405            foreach ( (array) $val as $enc ) {
    406                 $enclosure = split("\n", $enc);
     406                $enclosure = explode("\n", $enc);
    407407
    408408                //only get the the first element eg, audio/mpeg from 'audio/mpeg mpga mp2 mp3'
    409                 $t = split('[ \t]', trim($enclosure[2]) );
     409                $t = preg_split('/[ \t]/', trim($enclosure[2]) );
    410410                $type = $t[0];
    411411
  • branches/2.7/wp-includes/formatting.php

    r10537 r10933  
    638638 */
    639639function sanitize_title($title, $fallback_title = '') {
     640    $raw_title = $title;
    640641    $title = strip_tags($title);
    641     $title = apply_filters('sanitize_title', $title);
     642    $title = apply_filters('sanitize_title', $title, $raw_title);
    642643
    643644    if ( '' === $title || false === $title )
  • branches/2.7/wp-includes/functions.php

    r10537 r10933  
    13891389        $status_header = apply_filters( 'status_header', $status_header, $header, $text, $protocol );
    13901390
    1391     if ( version_compare( phpversion(), '4.3.0', '>=' ) )
    1392         return @header( $status_header, true, $header );
    1393     else
    1394         return @header( $status_header );
     1391    return @header( $status_header, true, $header );
    13951392}
    13961393
     
    26222619        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    26232620        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
     2621        curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
    26242622
    26252623        curl_exec($ch);
     
    29132911    return $can_clone ? clone( $object ) : $object;
    29142912}
    2915 
    2916 
    29172913?>
  • branches/2.7/wp-includes/pluggable.php

    r10537 r10933  
    307307                        $from_email = trim( $from_email );
    308308                    } else {
    309                         $from_name = trim( $content );
     309                        $from_email = trim( $content );
    310310                    }
    311311                } elseif ( 'content-type' == strtolower($name) ) {
     
    12521252
    12531253        if ( defined('SECURE_AUTH_SALT') ) {
    1254             $salt = SECRET_AUTH_SALT;
     1254            $salt = SECURE_AUTH_SALT;
    12551255        } else {
    12561256            $salt = get_option('secure_auth_salt');
  • branches/2.7/wp-includes/post.php

    r10537 r10933  
    34573457
    34583458    $post = _wp_post_revision_fields( $post, $autosave );
    3459 
     3459    $post = add_magic_quotes($post); //since data is from db
     3460   
    34603461    $revision_id = wp_insert_post( $post );
    34613462    if ( is_wp_error($revision_id) )
     
    35333534
    35343535    $update['ID'] = $revision['post_parent'];
     3536   
     3537    $update = add_magic_quotes( $update ); //since data is from db
    35353538
    35363539    $post_id = wp_update_post( $update );
  • branches/2.7/wp-includes/query.php

    r10537 r10933  
    14521452            $this->is_comment_feed = true;
    14531453
    1454         if ( !( $this->is_singular || $this->is_archive || $this->is_search || $this->is_feed || $this->is_trackback || $this->is_404 || $this->is_admin || $this->is_comments_popup ) )
     1454        if ( !( $this->is_singular || $this->is_archive || $this->is_search || $this->is_feed || $this->is_trackback || $this->is_404 || $this->is_admin || $this->is_comments_popup || $this->is_robots ) )
    14551455            $this->is_home = true;
    14561456
     
    17911791
    17921792        if ( !empty($q['category__in']) ) {
    1793             $groupby = "{$wpdb->posts}.ID";
    1794         }
    1795 
    1796         if ( !empty($q['category__in']) ) {
    17971793            $join = " INNER JOIN $wpdb->term_relationships ON ($wpdb->posts.ID = $wpdb->term_relationships.object_id) INNER JOIN $wpdb->term_taxonomy ON ($wpdb->term_relationships.term_taxonomy_id = $wpdb->term_taxonomy.term_taxonomy_id) ";
    17981794            $whichcat .= " AND $wpdb->term_taxonomy.taxonomy = 'category' ";
     
    18701866        }
    18711867
    1872         if ( !empty($q['tag__in']) || !empty($q['tag_slug__in']) ) {
     1868        if ( !empty($q['category__in']) || !empty($q['meta_key']) || !empty($q['tag__in']) || !empty($q['tag_slug__in']) ) {
    18731869            $groupby = "{$wpdb->posts}.ID";
    18741870        }
     
    20242020        } else {
    20252021            // Used to filter values
    2026             $allowed_keys = array('author', 'date', 'category', 'title', 'modified', 'menu_order', 'parent', 'ID', 'rand');
     2022            $allowed_keys = array('author', 'date', 'title', 'modified', 'menu_order', 'parent', 'ID', 'rand');
    20272023            if ( !empty($q['meta_key']) ) {
    20282024                $allowed_keys[] = $q['meta_key'];
     
    22142210            $distinct = apply_filters('posts_distinct', $distinct);
    22152211            $limits = apply_filters( 'post_limits', $limits );
    2216 
    2217             if ( ! empty($q['meta_key']) )
    2218                 $fields = "$fields, $wpdb->postmeta.meta_value";
    22192212
    22202213            $fields = apply_filters('posts_fields', $fields);
  • branches/2.7/wp-includes/theme.php

    r10537 r10933  
    850850        return;
    851851
    852     $_GET['template'] = preg_replace('|[^a-z0-9_.-/]|i', '', $_GET['template']);
     852    $_GET['template'] = preg_replace('|[^a-z0-9_.\-/]|i', '', $_GET['template']);
    853853
    854854    if ( validate_file($_GET['template']) )
     
    858858
    859859    if ( isset($_GET['stylesheet']) ) {
    860         $_GET['stylesheet'] = preg_replace('|[^a-z0-9_.-/]|i', '', $_GET['stylesheet']);
     860        $_GET['stylesheet'] = preg_replace('|[^a-z0-9_.\-/]|i', '', $_GET['stylesheet']);
    861861        if ( validate_file($_GET['stylesheet']) )
    862862            return;
  • branches/2.7/wp-includes/update.php

    r10537 r10933  
    3131        $current = new stdClass;
    3232
    33     $locale = get_locale();
     33    $locale = apply_filters( 'core_version_check_locale', get_locale() );
    3434    if (
    3535        isset( $current->last_checked ) &&
  • branches/2.7/wp-includes/version.php

    r10537 r10933  
    99 * @global string $wp_version
    1010 */
    11 $wp_version = '2.7.1';
     11$wp_version = '2.7.2-alpha';
    1212
    1313/**
  • branches/2.7/wp-load.php

    r10537 r10933  
    2727    require_once( ABSPATH . 'wp-config.php' );
    2828
    29 } elseif ( file_exists( dirname(ABSPATH) . '/wp-config.php' ) && ! file_exists( dirname(ABSPATH) . '/wp-load.php' ) ) {
     29} elseif ( file_exists( dirname(ABSPATH) . '/wp-config.php' ) && ! file_exists( dirname(ABSPATH) . '/wp-settings.php' ) ) {
    3030
    31     /** The config file resides one level below ABSPATH */
     31    /** The config file resides one level above ABSPATH but is not part of another install*/
    3232    require_once( dirname(ABSPATH) . '/wp-config.php' );
    3333
  • branches/2.7/xmlrpc.php

    r10537 r10933  
    442442                'blogid'        => $blog_id,
    443443                'blogName'      => get_option( 'blogname' ),
    444                 'xmlrpc'        => get_option( 'home' ) . '/xmlrpc.php'
     444                'xmlrpc'        => site_url( 'xmlrpc.php' )
    445445            );
    446446
     
    15941594            'blogid'   => '1',
    15951595            'blogName' => get_option('blogname'),
    1596             'xmlrpc'   => get_option('home') . '/xmlrpc.php',
     1596            'xmlrpc'   => site_url( 'xmlrpc.php' )
    15971597        );
    15981598
     
    33423342        global $wpdb;
    33433343
    3344         do_action('xmlrpc_call', 'pingback.extensions.getPingsbacks');
     3344        do_action('xmlrpc_call', 'pingback.extensions.getPingbacks');
    33453345
    33463346        $this->escape($args);
Note: See TracChangeset for help on using the changeset viewer.