Index: wp-admin/includes/file.php =================================================================== --- wp-admin/includes/file.php (revision 12933) +++ wp-admin/includes/file.php (working copy) @@ -325,6 +325,9 @@ // Compute the URL $url = $uploads['url'] . "/$filename"; + if ( is_multisite() ) + delete_transient( 'dirsize_cache' ); + return apply_filters( 'wp_handle_upload', array( 'file' => $new_file, 'url' => $url, 'type' => $type ) ); } Index: wp-includes/ms-default-filters.php =================================================================== --- wp-includes/ms-default-filters.php (revision 12933) +++ wp-includes/ms-default-filters.php (working copy) @@ -4,7 +4,7 @@ add_action ( 'init', 'maybe_add_existing_user_to_blog' ); add_action ( 'wpmu_new_user', 'newuser_notify_siteadmin' ); add_action ( 'wpmu_activate_user', 'add_new_user_to_blog', 10, 3 ); -add_action ( 'sanitize_user', 'strtolower_usernames', 10, 3 ); +add_action ( 'sanitize_user', 'strtolower' ); // Blogs add_filter ( 'wpmu_validate_blog_signup', 'signup_nonce_check' ); Index: wp-includes/ms-functions.php =================================================================== --- wp-includes/ms-functions.php (revision 12933) +++ wp-includes/ms-functions.php (working copy) @@ -17,7 +17,7 @@ function get_blogaddress_by_id( $blog_id ) { $bloginfo = get_blog_details( (int) $blog_id, false ); // only get bare details! - return clean_url("http://" . $bloginfo->domain . $bloginfo->path); + return esc_url( 'http://' . $bloginfo->domain . $bloginfo->path ); } function get_blogaddress_by_name( $blogname ) { @@ -26,9 +26,9 @@ if ( is_subdomain_install() ) { if ( $blogname == 'main' ) $blogname = 'www'; - return clean_url( "http://" . $blogname . "." . $current_site->domain . $current_site->path ); + return esc_url( 'http://' . $blogname . '.' . $current_site->domain . $current_site->path ); } else { - return clean_url( "http://" . $current_site->domain . $current_site->path . $blogname . '/' ); + return esc_url( 'http://' . $current_site->domain . $current_site->path . $blogname . '/' ); } } @@ -38,16 +38,15 @@ } else { if ( $domain != $_SERVER['HTTP_HOST'] ) { $blogname = substr( $domain, 0, strpos( $domain, '.' ) ); - if ( $blogname != 'www.' ) { - $url = 'http://' . substr( $domain, strpos( $domain, '.' ) + 1 ) . $path . $blogname . '/'; - } else { // we're installing the main blog - $url = 'http://' . substr( $domain, strpos( $domain, '.' ) + 1 ) . $path; - } + $url = 'http://' . substr( $domain, strpos( $domain, '.' ) + 1 ) . $path; + // we're not installing the main blog + if ( $blogname != 'www.' ) + $url .= $blogname . '/'; } else { // main blog $url = 'http://' . $domain . $path; } } - return clean_url($url); + return esc_url( $url ); } function get_sitestats() { @@ -55,13 +54,13 @@ $stats['blogs'] = get_blog_count(); - $count_ts = get_site_option( "get_user_count_ts" ); + $count_ts = get_site_option( 'user_count_ts' ); if ( time() - $count_ts > 3600 ) { - $count = $wpdb->get_var( "SELECT COUNT(ID) FROM {$wpdb->users}" ); - update_site_option( "user_count", $count ); - update_site_option( "user_count_ts", time() ); + $count = $wpdb->get_var( "SELECT COUNT(ID) FROM $wpdb->users" ); + update_site_option( 'user_count', $count ); + update_site_option( 'user_count_ts', time() ); } else { - $count = get_site_option( "user_count" ); + $count = get_site_option( 'user_count' ); } $stats['users'] = $count; return $stats; @@ -70,13 +69,13 @@ function get_admin_users_for_domain( $sitedomain = '', $path = '' ) { global $wpdb; - if ( $sitedomain == '' ) + if ( ! $sitedomain ) $site_id = $wpdb->siteid; else - $site_id = $wpdb->get_var( $wpdb->prepare("SELECT id FROM $wpdb->site WHERE domain = %s AND path = %s", $sitedomain, $path) ); + $site_id = $wpdb->get_var( $wpdb->prepare( "SELECT id FROM $wpdb->site WHERE domain = %s AND path = %s", $sitedomain, $path ) ); - if ( $site_id != false ) - return $wpdb->get_results( $wpdb->prepare("SELECT u.ID, u.user_login, u.user_pass FROM $wpdb->users AS u, $wpdb->sitemeta AS sm WHERE sm.meta_key = 'admin_user_id' AND u.ID = sm.meta_value AND sm.site_id = %d", $site_id), ARRAY_A ); + if ( $site_id ) + return $wpdb->get_results( $wpdb->prepare( "SELECT u.ID, u.user_login, u.user_pass FROM $wpdb->users AS u, $wpdb->sitemeta AS sm WHERE sm.meta_key = 'admin_user_id' AND u.ID = sm.meta_value AND sm.site_id = %d", $site_id ), ARRAY_A ); return false; } @@ -119,34 +118,32 @@ $details = wp_cache_get( $blog_id . $all, 'blog-details' ); if ( $details ) { - if ( !is_object($details) && $details == -1 ) - return false; - elseif ( !is_object($details) ) // Clear old pre-serialized objects. Cache clients do better with that. - wp_cache_delete( $blog_id . $all, 'blog-details' ); - else - return $details; + if ( ! is_object( $details ) ) { + if ( $details == -1 ) + return false; + else + // Clear old pre-serialized objects. Cache clients do better with that. + wp_cache_delete( $blog_id . $all, 'blog-details' ); + } + return $details; } - $details = $wpdb->get_row( $wpdb->prepare("SELECT * FROM $wpdb->blogs WHERE blog_id = %d /* get_blog_details */", $blog_id) ); - if ( !$details ) { + $details = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM $wpdb->blogs WHERE blog_id = %d", $blog_id ) ); + if ( ! $details ) { wp_cache_set( $blog_id . $all, -1, 'blog-details' ); return false; } - if ( !$get_all ) { + if ( ! $get_all ) { wp_cache_set( $blog_id . $all, $details, 'blog-details' ); return $details; } - $wpdb->suppress_errors(); - switch_to_blog( $blog_id ); - $details->blogname = get_option( 'blogname' ); - $details->siteurl = get_option( 'siteurl' ); - $details->post_count = get_option( 'post_count' ); - restore_current_blog(); - $wpdb->suppress_errors( false ); + $details->blogname = get_blog_option( $blog_id, 'blogname' ); + $details->siteurl = get_blog_option( $blog_id, 'siteurl' ); + $details->post_count = get_blog_option( $blog_id, 'post_count' ); - $details = apply_filters('blog_details', $details); + $details = apply_filters( 'blog_details', $details ); wp_cache_set( $blog_id . $all, $details, 'blog-details' ); @@ -629,7 +626,7 @@ if ( is_array( $most_active ) ) { reset( $most_active ); foreach ( (array) $most_active as $key => $details ) { - $url = clean_url("http://" . $details['domain'] . $details['path']); + $url = esc_url("http://" . $details['domain'] . $details['path']); echo "
  • " . $details['postcount'] . " $url
    • "; } } @@ -1151,15 +1148,15 @@ else $activate_url = "http://{$domain}{$path}wp-activate.php?key=$key"; - $activate_url = clean_url($activate_url); + $activate_url = esc_url($activate_url); $admin_email = get_site_option( "admin_email" ); if ( $admin_email == '' ) $admin_email = 'support@' . $_SERVER['SERVER_NAME']; $from_name = get_site_option( "site_name" ) == '' ? 'WordPress' : wp_specialchars( get_site_option( "site_name" ) ); $message_headers = "MIME-Version: 1.0\n" . "From: \"{$from_name}\" <{$admin_email}>\n" . "Content-Type: text/plain; charset=\"" . get_option('blog_charset') . "\"\n"; - $message = sprintf( apply_filters( 'wpmu_signup_blog_notification_email', __( "To activate your blog, please click the following link:\n\n%s\n\nAfter you activate, you will receive *another email* with your login.\n\nAfter you activate, you can visit your blog here:\n\n%s" ) ), $activate_url, clean_url( "http://{$domain}{$path}" ), $key ); + $message = sprintf( apply_filters( 'wpmu_signup_blog_notification_email', __( "To activate your blog, please click the following link:\n\n%s\n\nAfter you activate, you will receive *another email* with your login.\n\nAfter you activate, you can visit your blog here:\n\n%s" ) ), $activate_url, esc_url( "http://{$domain}{$path}" ), $key ); // TODO: Don't hard code activation link. - $subject = sprintf( apply_filters( 'wpmu_signup_blog_notification_subject', __( '[%1s] Activate %2s' ) ), $from_name, clean_url( 'http://' . $domain . $path ) ); + $subject = sprintf( apply_filters( 'wpmu_signup_blog_notification_subject', __( '[%1s] Activate %2s' ) ), $from_name, esc_url( 'http://' . $domain . $path ) ); wp_mail($user_email, $subject, $message, $message_headers); return true; } @@ -1326,7 +1323,7 @@ if ( is_email($email) == false ) return false; - $options_site_url = clean_url("http://{$current_site->domain}{$current_site->path}wp-admin/ms-options.php"); + $options_site_url = esc_url("http://{$current_site->domain}{$current_site->path}wp-admin/ms-options.php"); switch_to_blog( $blog_id ); $blogname = get_option( 'blogname' ); @@ -1357,7 +1354,7 @@ $user = new WP_User($user_id); - $options_site_url = clean_url("http://{$current_site->domain}{$current_site->path}wp-admin/ms-options.php"); + $options_site_url = esc_url("http://{$current_site->domain}{$current_site->path}wp-admin/ms-options.php"); $msg = sprintf(__("New User: %1s Remote IP: %2s @@ -1594,13 +1591,6 @@ return $dirsize[ $directory ][ 'size' ]; } -function clear_dirsize_cache( $file = true ) { - delete_transient( 'dirsize_cache' ); - return $file; -} -add_filter( 'wp_handle_upload', 'clear_dirsize_cache' ); -add_action( 'delete_attachment', 'clear_dirsize_cache' ); - function recurse_dirsize( $directory ) { $size = 0; @@ -1835,11 +1825,7 @@ update_blog_status( $wpdb->blogid, 'public', (int) $value ); } add_action('update_option_blog_public', 'update_blog_public', 10, 2); - -function strtolower_usernames( $username, $raw, $strict ) { - return strtolower( $username ); -} - + /* Redirect all hits to "dashboard" blog to wp-admin/ Dashboard. */ function redirect_mu_dashboard() { global $current_site, $current_blog; @@ -1854,12 +1840,10 @@ add_action( 'template_redirect', 'redirect_mu_dashboard' ); function get_dashboard_blog() { - global $current_site; + if ( $blog = get_site_option( 'dashboard_blog' ) ) + return get_blog_details( $blog ); - if ( get_site_option( 'dashboard_blog' ) == false ) - return get_blog_details( $current_site->blog_id ); - else - return get_blog_details( get_site_option( 'dashboard_blog' ) ); + return get_blog_details( $GLOBALS['current_site']->blog_id ); } function is_user_option_local( $key, $user_id = 0, $blog_id = 0 ) { @@ -1878,29 +1862,12 @@ return false; } -function retrieve_password_sitename( $title ) { - global $current_site; - return sprintf( __( '[%s] Password Reset' ), $current_site->site_name ); -} -add_filter( 'retrieve_password_title', 'retrieve_password_sitename' ); - -function reset_password_sitename( $title ) { - global $current_site; - return sprintf( __( '[%s] Your new password' ), $current_site->site_name ); -} -add_filter( 'password_reset_title', 'reset_password_sitename' ); - -function lowercase_username( $username, $raw_username, $strict ) { - return strtolower( $username ); -} -add_filter( 'sanitize_user', 'lowercase_username', 10, 3 ); - function users_can_register_signup_filter() { $registration = get_site_option('registration'); if ( $registration == 'all' || $registration == 'user' ) return true; - else - return false; + + return false; } add_filter('option_users_can_register', 'users_can_register_signup_filter'); @@ -1949,7 +1916,7 @@ * * @since 2.8.5 **/ -function filter_SSL( $url) { +function filter_SSL( $url ) { if ( !is_string( $url ) ) return get_bloginfo( 'url' ); //return home blog url with proper scheme Index: wp-includes/post.php =================================================================== --- wp-includes/post.php (revision 12933) +++ wp-includes/post.php (working copy) @@ -3177,6 +3177,9 @@ $backup_sizes = get_post_meta( $post->ID, '_wp_attachment_backup_sizes', true ); $file = get_attached_file( $post_id ); + if ( is_multisite() ) + delete_transient( 'dirsize_cache' ); + do_action('delete_attachment', $post_id); wp_delete_object_term_relationships($post_id, array('category', 'post_tag')); Index: wp-login.php =================================================================== --- wp-login.php (revision 12933) +++ wp-login.php (working copy) @@ -195,11 +195,14 @@ else $message .= 'http://' . trailingslashit( $current_site->domain . $current_site->path ) . "wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login) . "\r\n"; - // The blogname option is escaped with esc_html on the way into the database in sanitize_option - // we want to reverse this for the plain text arena of emails. - $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES); + if ( is_multisite() ) + $blogname = $GLOBALS['current_site']->site_name; + else + // The blogname option is escaped with esc_html on the way into the database in sanitize_option + // we want to reverse this for the plain text arena of emails. + $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES); - $title = sprintf(__('[%s] Password Reset'), $blogname); + $title = sprintf( __('[%s] Password Reset'), $blogname ); $title = apply_filters('retrieve_password_title', $title); $message = apply_filters('retrieve_password_message', $message, $key); @@ -244,11 +247,14 @@ $message .= sprintf(__('Password: %s'), $new_pass) . "\r\n"; $message .= site_url('wp-login.php', 'login') . "\r\n"; - // The blogname option is escaped with esc_html on the way into the database in sanitize_option - // we want to reverse this for the plain text arena of emails. - $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES); + if ( is_multisite() ) + $blogname = $GLOBALS['current_site']->site_name; + else + // The blogname option is escaped with esc_html on the way into the database in sanitize_option + // we want to reverse this for the plain text arena of emails. + $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES); - $title = sprintf(__('[%s] Your new password'), $blogname); + $title = sprintf( __('[%s] Your new password'), $blogname ); $title = apply_filters('password_reset_title', $title); $message = apply_filters('password_reset_message', $message, $new_pass);