Changes from tags/3.1.3 at r58098 to tags/3.1.4 at r58098

Location:

tags/3.1.4

Files:

• readme.html (modified) (1 diff)
• wp-admin/custom-header.php (modified) (1 diff)
• wp-admin/includes/deprecated.php (modified) (2 diffs)
• wp-admin/includes/media.php (modified) (3 diffs)
• wp-admin/includes/post.php (modified) (6 diffs)
• wp-admin/includes/update-core.php (modified) (1 diff)
• wp-admin/js/user-profile.dev.js (modified) (1 diff)
• wp-admin/js/user-profile.js (modified) (1 diff)
• wp-admin/options-general.php (modified) (1 diff)
• wp-content/themes/twentyten/languages/twentyten.pot (modified) (4 diffs)
• wp-includes/bookmark.php (modified) (2 diffs)
• wp-includes/formatting.php (modified) (3 diffs)
• wp-includes/post.php (modified) (3 diffs)
• wp-includes/query.php (modified) (2 diffs)
• wp-includes/script-loader.php (modified) (1 diff)
• wp-includes/taxonomy.php (modified) (2 diffs)
• wp-includes/version.php (modified) (1 diff)
• wp-includes/wp-db.php (modified) (1 diff)
• wp-settings.php (modified) (1 diff)

tags/3.1.4/readme.html

@@ -9 +9 @@
 <h1 id="logo">
     <a href="http://wordpress.org/"><img alt="WordPress" src="wp-admin/images/wordpress-logo.png" width="250" height="68" /></a>
-    <br /> Version 3.1.3
+    <br /> Version 3.1.4
 </h1>
 <p style="text-align: center">Semantic Personal Publishing Platform</p>

tags/3.1.4/wp-admin/custom-header.php

@@ -597 +597 @@
         'post_mime_type' => $type,
         'guid' => $url,
-        'context' => 'custom-header');
+        'context' => 'custom-header'
+        );
 
         // Save the data

tags/3.1.4/wp-admin/includes/deprecated.php

@@ -455 +455 @@
         _deprecated_function( __FUNCTION__, '3.1', 'WP_User_Query' );
 
-        $this->search_term = $search_term;
+        $this->search_term = stripslashes( $search_term );
         $this->raw_page = ( '' == $page ) ? false : (int) $page;
         $this->page = (int) ( '' == $page ) ? 1 : $page;
@@ -486 +486 @@
             $search_sql = 'AND (';
             foreach ( array('user_login', 'user_nicename', 'user_email', 'user_url', 'display_name') as $col )
-                $searches[] = $col . " LIKE '%$this->search_term%'";
+                $searches[] = $wpdb->prepare( $col . ' LIKE %s', '%' . like_escape($this->search_term) . '%' );
             $search_sql .= implode(' OR ', $searches);
             $search_sql .= ')';

tags/3.1.4/wp-admin/includes/media.php

@@ -229 +229 @@
     ), $post_data );
 
+    // This should never be set as it would then overwrite an existing attachment.
+    if ( isset( $attachment['ID'] ) )
+        unset( $attachment['ID'] );
+
     // Save the data
     $id = wp_insert_attachment($attachment, $file, $post_id);
@@ -281 +285 @@
         'post_content' => $content,
     ), $post_data );
+
+    // This should never be set as it would then overwrite an existing attachment.
+    if ( isset( $attachment['ID'] ) )
+        unset( $attachment['ID'] );
 
     // Save the attachment metadata
@@ -420 +428 @@
     if ( !empty($_POST['attachments']) ) foreach ( $_POST['attachments'] as $attachment_id => $attachment ) {
         $post = $_post = get_post($attachment_id, ARRAY_A);
+        $post_type_object = get_post_type_object( $post[ 'post_type' ] );
+
+        if ( !current_user_can( $post_type_object->cap->edit_post, $attachment_id ) )
+            continue;
+
         if ( isset($attachment['post_content']) )
             $post['post_content'] = $attachment['post_content'];

tags/3.1.4/wp-admin/includes/post.php

@@ -136 +136 @@
         $post_data = &$_POST;
 
+    // Clear out any data in internal vars.
+    unset( $post_data['filter'] );
+
     $post_ID = (int) $post_data['post_ID'];
     $post = get_post( $post_ID );
@@ -342 +345 @@
         }
 
-        $tax_names = get_object_taxonomies( get_post($post_ID) );
+        $post = get_post( $post_ID );
+        $tax_names = get_object_taxonomies( $post );
         foreach ( $tax_names as $tax_name ) {
             $taxonomy_obj = get_taxonomy($tax_name);
@@ -363 +367 @@
             unset( $post_data['tax_input']['category'] );
         }
+
+        $post_data['post_mime_type'] = $post->post_mime_type;
+        $post_data['guid'] = $post->guid;
 
         $post_data['ID'] = $post_ID;
@@ -535 +542 @@
     $_POST['post_mime_type'] = '';
 
+    // Clear out any data in internal vars.
+    unset( $_POST['filter'] );
+
     // Check for autosave collisions
     // Does this need to be updated? ~ Mark
@@ -552 +562 @@
             return edit_post();
         }
+    }
+
+    // Edit don't write if we have a post id.
+    if ( isset( $_POST['ID'] ) ) {
+        $_POST['post_ID'] = $_POST['ID'];
+        unset ( $_POST['ID'] );
+    }
+    if ( isset( $_POST['post_ID'] ) ) {
+        return edit_post();
     }
 
@@ -998 +1017 @@
     $q['post_type'] = 'attachment';
     $post_type = get_post_type_object( 'attachment' );
-    $states = array( 'inherit' );
+    $states = 'inherit';
     if ( current_user_can( $post_type->cap->read_private_posts ) )
-        $states[] = 'private';
+        $states .= ',private';
 
     $q['post_status'] = isset( $q['status'] ) && 'trash' == $q['status'] ? 'trash' : $states;

tags/3.1.4/wp-admin/includes/update-core.php

@@ -295 +295 @@
     $required_php_version = '4.3';
     $required_mysql_version = '4.1.2';
-    $wp_version = '3.1.3';
+    $wp_version = '3.1.4';
     $php_compat     = version_compare( $php_version, $required_php_version, '>=' );
     $mysql_compat   = version_compare( $mysql_version, $required_mysql_version, '>=' ) || file_exists( WP_CONTENT_DIR . '/db.php' );

tags/3.1.4/wp-admin/js/user-profile.dev.js

@@ -30 +30 @@
     }
 
-    $(document).ready( function() {
+    $(document).ready(function() {
         $('#pass1').val('').keyup( check_pass_strength );
         $('#pass2').val('').keyup( check_pass_strength );
         $('#pass-strength-result').show();
-        $('.color-palette').click(function(){$(this).siblings('input[name=admin_color]').attr('checked', 'checked')});
-        $('#nickname').blur(function(){
-            var str = $(this).val() || $('#user_login').val();
-            var select = $('#display_name');
-            var sel = select.children('option:selected').attr('id');
-            select.children('#display_nickname').remove();
-            if ( ! select.children('option[value=' + str + ']').length )
-                select.append('<option id="display_nickname" value="' + str + '">' + str + '</option>');
-            $('#'+sel).attr('selected', 'selected');
+        $('.color-palette').click(function(){$(this).siblings('input[name="admin_color"]').prop('checked', true)});
+        $('#first_name, #last_name, #nickname').blur(function(){
+            var select = $('#display_name'), current = select.find('option:selected').attr('id'), dub = [],
+                inputs = {
+                    display_nickname : $('#nickname').val(),
+                    display_username : $('#user_login').val(),
+                    display_firstname : $('#first_name').val(),
+                    display_lastname : $('#last_name').val()
+                };
+
+            if ( inputs.display_firstname && inputs.display_lastname ) {
+                inputs['display_firstlast'] = inputs.display_firstname + ' ' + inputs.display_lastname;
+                inputs['display_lastfirst'] = inputs.display_lastname + ' ' + inputs.display_firstname;
+            }
+
+            $('option', select).remove();
+            $.each(inputs, function( id, value ) {
+                var val = value.replace(/<\/?[a-z][^>]*>/gi, ''); 
+
+                if ( inputs[id].length && $.inArray( val, dub ) == -1 ) {
+                    dub.push(val);
+                    $('<option />', {
+                        'id': id,
+                        'text': val,
+                        'selected': (id == current)
+                    }).appendTo( select );
+                }
+            });
         });
-        $('#first_name, #last_name').blur(function(){
-            var select = $('#display_name');
-            var first = $('#first_name').val(), last = $('#last_name').val();
-            var sel = select.children('option:selected').attr('id');
-            $('#display_firstname, #display_lastname, #display_firstlast, #display_lastfirst').remove();
-            if ( first && ! select.children('option[value=' + first + ']').length )
-                select.append('<option id="display_firstname" value="' + first + '">' + first + '</option>');
-            if ( last && ! select.children('option[value=' + last + ']').length )
-                select.append('<option id="display_lastname" value="' + last + '">' + last + '</option>');
-            if ( first && last ) {
-                if ( ! select.children('option[value=' + first + ' ' + last + ']').length )
-                    select.append('<option id="display_firstlast" value="' + first + ' ' + last + '">' + first + ' ' + last + '</option>');
-                if ( ! select.children('option[value=' + last + ' ' + first + ']').length )
-                    select.append('<option id="display_lastfirst" value="' + last + ' ' + first + '">' + last + ' ' + first + '</option>');
-            }
-            $('#'+sel).attr('selected', 'selected');
-        });
-    });
+    });
 
 })(jQuery);

tags/3.1.4/wp-admin/js/user-profile.js

@@ -1 @@
-(function(a){function b(){var e=a("#pass1").val(),d=a("#user_login").val(),c=a("#pass2").val(),f;a("#pass-strength-result").removeClass("short bad good strong");if(!e){a("#pass-strength-result").html(pwsL10n.empty);return}f=passwordStrength(e,d,c);switch(f){case 2:a("#pass-strength-result").addClass("bad").html(pwsL10n.bad);break;case 3:a("#pass-strength-result").addClass("good").html(pwsL10n.good);break;case 4:a("#pass-strength-result").addClass("strong").html(pwsL10n.strong);break;case 5:a("#pass-strength-result").addClass("short").html(pwsL10n.mismatch);break;default:a("#pass-strength-result").addClass("short").html(pwsL10n["short"])}}a(document).ready(function(){a("#pass1").val("").keyup(b);a("#pass2").val("").keyup(b);a("#pass-strength-result").show();a(".color-palette").click(function(){a(this).siblings("input[name=admin_color]").attr("checked","checked")});a("#nickname").blur(function(){var e=a(this).val()||a("#user_login").val();var c=a("#display_name");var d=c.children("option:selected").attr("id");c.children("#display_nickname").remove();if(!c.children("option[value="+e+"]").length){c.append('<option id="display_nickname" value="'+e+'">'+e+"</option>")}a("#"+d).attr("selected","selected")});a("#first_name, #last_name").blur(function(){var c=a("#display_name");var f=a("#first_name").val(),d=a("#last_name").val();var e=c.children("option:selected").attr("id");a("#display_firstname, #display_lastname, #display_firstlast, #display_lastfirst").remove();if(f&&!c.children("option[value="+f+"]").length){c.append('<option id="display_firstname" value="'+f+'">'+f+"</option>")}if(d&&!c.children("option[value="+d+"]").length){c.append('<option id="display_lastname" value="'+d+'">'+d+"</option>")}if(f&&d){if(!c.children("option[value="+f+" "+d+"]").length){c.append('<option id="display_firstlast" value="'+f+" "+d+'">'+f+" "+d+"</option>")}if(!c.children("option[value="+d+" "+f+"]").length){c.append('<option id="display_lastfirst" value="'+d+" "+f+'">'+d+" "+f+"</option>")}}a("#"+e).attr("selected","selected")})})})(jQuery);
+(function(a){function b(){var e=a("#pass1").val(),d=a("#user_login").val(),c=a("#pass2").val(),f;a("#pass-strength-result").removeClass("short bad good strong");if(!e){a("#pass-strength-result").html(pwsL10n.empty);return}f=passwordStrength(e,d,c);switch(f){case 2:a("#pass-strength-result").addClass("bad").html(pwsL10n.bad);break;case 3:a("#pass-strength-result").addClass("good").html(pwsL10n.good);break;case 4:a("#pass-strength-result").addClass("strong").html(pwsL10n.strong);break;case 5:a("#pass-strength-result").addClass("short").html(pwsL10n.mismatch);break;default:a("#pass-strength-result").addClass("short").html(pwsL10n["short"])}}a(document).ready(function(){a("#pass1").val("").keyup(b);a("#pass2").val("").keyup(b);a("#pass-strength-result").show();a(".color-palette").click(function(){a(this).siblings('input[name="admin_color"]').prop("checked",true)});a("#first_name, #last_name, #nickname").blur(function(){var c=a("#display_name"),e=c.find("option:selected").attr("id"),f=[],d={display_nickname:a("#nickname").val(),display_username:a("#user_login").val(),display_firstname:a("#first_name").val(),display_lastname:a("#last_name").val()};if(d.display_firstname&&d.display_lastname){d.display_firstlast=d.display_firstname+" "+d.display_lastname;d.display_lastfirst=d.display_lastname+" "+d.display_firstname}a("option",c).remove();a.each(d,function(i,g){var h=g.replace(/<\/?[a-z][^>]*>/gi,"");if(d[i].length&&a.inArray(h,f)==-1){f.push(h);a("<option />",{id:i,text:h,selected:(i==e)}).appendTo(c)}})})})})(jQuery);

tags/3.1.4/wp-admin/options-general.php

@@ -128 +128 @@
 if ( $new_admin_email && $new_admin_email != get_option('admin_email') ) : ?>
 <div class="updated inline">
-<p><?php printf( __('There is a pending change of the admin e-mail to <code>%1$s</code>. <a href="%2$s">Cancel</a>'), $new_admin_email, esc_url( admin_url( 'options.php?dismiss=new_admin_email' ) ) ); ?></p>
+<p><?php printf( __('There is a pending change of the admin e-mail to <code>%1$s</code>. <a href="%2$s">Cancel</a>'), esc_html( $new_admin_email ), esc_url( admin_url( 'options.php?dismiss=new_admin_email' ) ) ); ?></p>
 </div>
 <?php endif; ?>

tags/3.1.4/wp-content/themes/twentyten/languages/twentyten.pot

@@ -5 +5 @@
 "Project-Id-Version: Twenty Ten 1.2\n"
 "Report-Msgid-Bugs-To: http://wordpress.org/tag/twentyten\n"
-"POT-Creation-Date: 2011-02-22 08:27:35+00:00\n"
+"POT-Creation-Date: 2011-06-13 13:27:47+00:00\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -17 +17 @@
 msgstr ""
 
+#. translators: %s - title of parent post
 #: loop-attachment.php:23
 msgid "<span class=\"meta-nav\">&larr;</span> %s"
@@ -187 +188 @@
 msgstr ""
 
+#. translators: header image description
 #: functions.php:140
 msgid "Berries"
 msgstr ""
 
+#. translators: header image description
 #: functions.php:146
 msgid "Cherry Blossoms"
 msgstr ""
 
+#. translators: header image description
 #: functions.php:152
 msgid "Concave"
 msgstr ""
 
+#. translators: header image description
 #: functions.php:158
 msgid "Fern"
 msgstr ""
 
+#. translators: header image description
 #: functions.php:164
 msgid "Forest Floor"
 msgstr ""
 
+#. translators: header image description
 #: functions.php:170
 msgid "Inkwell"
 msgstr ""
 
+#. translators: header image description
 #: functions.php:176
 msgid "Path"
 msgstr ""
 
+#. translators: header image description
 #: functions.php:182
 msgid "Sunset"
@@ -227 +236 @@
 msgstr ""
 
+#. translators: 1: date, 2: time
 #: functions.php:340
 msgid "%1$s at %2$s"

tags/3.1.4/wp-includes/bookmark.php

@@ -214 +214 @@
     $orderby = strtolower($orderby);
     $length = '';
-    switch ($orderby) {
+    switch ( $orderby ) {
         case 'length':
             $length = ", CHAR_LENGTH(link_name) AS length";
@@ -221 +221 @@
             $orderby = 'rand()';
             break;
+        case 'link_id':
+            $orderby = "$wpdb->links.link_id";
+            break;
         default:
             $orderparams = array();
-            foreach ( explode(',', $orderby) as $ordparam )
-                $orderparams[] = 'link_' . trim($ordparam);
+            foreach ( explode(',', $orderby) as $ordparam ) {
+                $ordparam = trim($ordparam);
+                if ( in_array( $ordparam, array( 'name', 'url', 'visible', 'rating', 'owner', 'updated' ) ) )
+                    $orderparams[] = 'link_' . $ordparam;
+            }
             $orderby = implode(',', $orderparams);
     }
 
-    if ( 'link_id' == $orderby )
-        $orderby = "$wpdb->links.link_id";
+    if ( empty( $orderby ) )
+        $orderby = 'link_name';
+
+    $order = strtoupper( $order );
+    if ( '' !== $order && !in_array( $order, array( 'ASC', 'DESC' ) ) )
+        $order = 'ASC';
 
     $visible = '';

tags/3.1.4/wp-includes/formatting.php

@@ -2441 +2441 @@
             }
             break;
-
+        case 'new_admin_email':
+            $value = sanitize_email($value);
+            if ( !is_email($value) ) {
+                $value = get_option( $option ); // Resets option to stored value in the case of failed sanitization
+                if ( function_exists('add_settings_error') )
+                    add_settings_error('new_admin_email', 'invalid_admin_email', __('The email address entered did not appear to be a valid email address. Please enter a valid email address.'));
+            }
+            break;
         case 'thumbnail_size_w':
         case 'thumbnail_size_h':
@@ -2535 +2542 @@
             }
             break;
+        case 'WPLANG':
+            $allowed = get_available_languages();
+            if ( ! in_array( $value, $allowed ) && ! empty( $value ) )
+                $value = get_option( $option );
+            break;
 
         default :
@@ -2913 +2925 @@
  */
 function sanitize_mime_type( $mime_type ) {
-    $sani_mime_type = preg_replace( '/[^-*.a-zA-Z0-9\/]/', '', $mime_type );
+    $sani_mime_type = preg_replace( '/[^-+*.a-zA-Z0-9\/]/', '', $mime_type );
     return apply_filters( 'sanitize_mime_type', $sani_mime_type, $mime_type );
 }

tags/3.1.4/wp-includes/post.php

@@ -2411 +2411 @@
 
     $postarr = wp_parse_args($postarr, $defaults);
+
+    unset( $postarr[ 'filter' ] );
+
     $postarr = sanitize_post($postarr, 'db');
 
@@ -3422 +3425 @@
     $where_post_type = $wpdb->prepare( "post_type = '%s' AND post_status = '%s'", $post_type, $post_status );
 
+    $orderby_array = array();
+    $allowed_keys = array('author', 'post_author', 'date', 'post_date', 'title', 'post_title', 'modified',
+                          'post_modified', 'modified_gmt', 'post_modified_gmt', 'menu_order', 'parent', 'post_parent',
+                          'ID', 'rand', 'comment_count');
+    foreach ( explode( ',', $sort_column ) as $orderby ) {
+        $orderby = trim( $orderby );
+        if ( !in_array( $orderby, $allowed_keys ) )
+            continue;
+
+        switch ( $orderby ) {
+            case 'menu_order':
+                break;
+            case 'ID':
+                $orderby = "$wpdb->posts.ID";
+                break;
+            case 'rand':
+                $orderby = 'RAND()';
+                break;
+            case 'comment_count':
+                $orderby = "$wpdb->posts.comment_count";
+                break;
+            default:
+                if ( 0 === strpos( $orderby, 'post_' ) )
+                    $orderby = "$wpdb->posts." . $orderby;
+                else
+                    $orderby = "$wpdb->posts.post_" . $orderby;
+        }
+
+        $orderby_array[] = $orderby;
+
+    }
+    $sort_column = ! empty( $orderby_array ) ? implode( ',', $orderby_array ) : "$wpdb->posts.post_title";
+
+    $sort_order = strtoupper( $sort_order );
+    if ( '' !== $sort_order && !in_array( $sort_order, array( 'ASC', 'DESC' ) ) )
+        $sort_order = 'ASC';
+
     $query = "SELECT * FROM $wpdb->posts $join WHERE ($where_post_type) $where ";
     $query .= $author_query;
@@ -3547 +3587 @@
     if ( !empty($parent) )
         $object['post_parent'] = $parent;
+
+    unset( $object[ 'filter' ] );
 
     $object = sanitize_post($object, 'db');

tags/3.1.4/wp-includes/query.php

@@ -1626 +1626 @@
         }
 
-        if ( !empty($qv['post_status']) )
-            $qv['post_status'] = preg_replace('|[^a-z0-9_,-]|', '', $qv['post_status']);
+        if ( ! empty( $qv['post_status'] ) ) {
+            if ( is_array( $qv['post_status'] ) )
+                $qv['post_status'] = array_map('sanitize_key', $qv['post_status']);
+            else
+                $qv['post_status'] = preg_replace('|[^a-z0-9_,-]|', '', $qv['post_status']);
+        }
 
         if ( $this->is_posts_page && ( ! isset($qv['withcomments']) || ! $qv['withcomments'] ) )
@@ -2386 +2390 @@
         }
 
-        if ( isset($q['post_status']) && '' != $q['post_status'] ) {
+        if ( ! empty( $q['post_status'] ) ) {
             $statuswheres = array();
-            $q_status = explode(',', $q['post_status']);
+            $q_status = $q['post_status'];
+            if ( ! is_array( $q_status ) )
+                $q_status = explode(',', $q_status);
             $r_status = array();
             $p_status = array();
             $e_status = array();
-            if ( $q['post_status'] == 'any' ) {
+            if ( in_array('any', $q_status) ) {
                 foreach ( get_post_stati( array('exclude_from_search' => true) ) as $status )
                     $e_status[] = "$wpdb->posts.post_status <> '$status'";

tags/3.1.4/wp-includes/script-loader.php

@@ -260 +260 @@
     ) );
 
-    $scripts->add( 'user-profile', "/wp-admin/js/user-profile$suffix.js", array( 'jquery', 'password-strength-meter' ), '20110113' );
+    $scripts->add( 'user-profile', "/wp-admin/js/user-profile$suffix.js", array( 'jquery', 'password-strength-meter' ), '20110628' );
     $scripts->add_data( 'user-profile', 'group', 1 );
 

tags/3.1.4/wp-includes/taxonomy.php

@@ -1195 +1195 @@
     elseif ( empty($_orderby) || 'id' == $_orderby )
         $orderby = 't.term_id';
+    else
+        $orderby = 't.name';
 
     $orderby = apply_filters( 'get_terms_orderby', $orderby, $args );
@@ -1202 +1204 @@
     else
         $order = '';
+
+    $order = strtoupper( $order );
+    if ( '' !== $order && !in_array( $order, array( 'ASC', 'DESC' ) ) )
+        $order = 'ASC';
 
     $where = "tt.taxonomy IN ('" . implode("', '", $taxonomies) . "')";

tags/3.1.4/wp-includes/version.php

@@ -23 +23 @@
  * @global string $wp_version
  */
-$wp_version = '3.1.3';
+$wp_version = '3.1.4';
 
 /**

tags/3.1.4/wp-includes/wp-db.php

@@ -645 +645 @@
             if ( null === $blog_id )
                 $blog_id = $this->blogid;
+            $blog_id = (int) $blog_id;
             if ( defined( 'MULTISITE' ) && ( 0 == $blog_id || 1 == $blog_id ) )
                 return $this->base_prefix;

tags/3.1.4/wp-settings.php

@@ -259 +259 @@
 $locale = get_locale();
 $locale_file = WP_LANG_DIR . "/$locale.php";
-if ( is_readable( $locale_file ) )
+if ( ( 0 === validate_file( $locale ) ) && is_readable( $locale_file ) )
     require( $locale_file );
 unset($locale_file);