Index: wp-content/themes/default/comments.php
===================================================================
--- wp-content/themes/default/comments.php	(revision 6695)
+++ wp-content/themes/default/comments.php	(working copy)
@@ -1,5 +1,5 @@
 <?php // Do not delete these lines
-	if ('comments.php' == basename($_SERVER['SCRIPT_FILENAME']))
+	if (!empty($_SERVER['SCRIPT_FILENAME']) && 'comments.php' == basename($_SERVER['SCRIPT_FILENAME']))
 		die ('Please do not load this page directly. Thanks!');
 
 	if (!empty($post->post_password)) { // if there's a password
Index: wp-content/themes/default/header.php
===================================================================
--- wp-content/themes/default/header.php	(revision 6695)
+++ wp-content/themes/default/header.php	(working copy)
@@ -14,7 +14,7 @@
 
 <?php
 // Checks to see whether it needs a sidebar or not
-if ( !$withcomments && !is_single() ) {
+if ( !empty($withcomments) && !is_single() ) {
 ?>
 	#page { background: url("<?php bloginfo('stylesheet_directory'); ?>/images/kubrickbg-<?php bloginfo('text_direction'); ?>.jpg") repeat-y top; border: none; }
 <?php } else { // No sidebar ?>
Index: wp-includes/cache.php
===================================================================
--- wp-includes/cache.php	(revision 6695)
+++ wp-includes/cache.php	(working copy)
@@ -353,8 +353,10 @@
 			$data = '';
 
 		$this->cache[$group][$id] = $data;
-		unset ($this->non_existant_objects[$group][$id]);
 
+		if(isset($this->non_existant_objects[$group][$id]))
+			unset ($this->non_existant_objects[$group][$id]);
+
 		return true;
 	}
 
Index: wp-includes/classes.php
===================================================================
--- wp-includes/classes.php	(revision 6695)
+++ wp-includes/classes.php	(working copy)
@@ -185,14 +185,14 @@
 			@header('Content-Type: ' . get_option('html_type') . '; charset=' . get_option('blog_charset'));
 		} else {
 			// We're showing a feed, so WP is indeed the only thing that last changed
-			if ( $this->query_vars['withcomments']
-				|| ( !$this->query_vars['withoutcomments']
-					&& ( $this->query_vars['p']
-						|| $this->query_vars['name']
-						|| $this->query_vars['page_id']
-						|| $this->query_vars['pagename']
-						|| $this->query_vars['attachment']
-						|| $this->query_vars['attachment_id']
+			if ( !empty($this->query_vars['withcomments'])
+				|| ( empty($this->query_vars['withoutcomments'])
+					&& ( !empty($this->query_vars['p'])
+						|| !empty($this->query_vars['name'])
+						|| !empty($this->query_vars['page_id'])
+						|| !empty($this->query_vars['pagename'])
+						|| !empty($this->query_vars['attachment'])
+						|| !empty($this->query_vars['attachment_id'])
 					)
 				)
 			)
@@ -208,7 +208,7 @@
 				$client_etag = stripslashes(stripslashes($_SERVER['HTTP_IF_NONE_MATCH']));
 			else $client_etag = false;
 
-			$client_last_modified = trim( $_SERVER['HTTP_IF_MODIFIED_SINCE']);
+			$client_last_modified = empty($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? '' : trim($_SERVER['HTTP_IF_MODIFIED_SINCE']);
 			// If string is empty, return 0. If not, attempt to parse into a timestamp
 			$client_modified_timestamp = $client_last_modified ? strtotime($client_last_modified) : 0;
 
Index: wp-includes/comment-template.php
===================================================================
--- wp-includes/comment-template.php	(revision 6695)
+++ wp-includes/comment-template.php	(working copy)
@@ -729,7 +729,7 @@
 	}
 
 	if ( !empty($post->post_password) ) { // if there's a password
-		if ( $_COOKIE['wp-postpass_' . COOKIEHASH] != $post->post_password ) {  // and it doesn't match the cookie
+		if ( !isset($_COOKIE['wp-postpass_' . COOKIEHASH]) || $_COOKIE['wp-postpass_' . COOKIEHASH] != $post->post_password ) {  // and it doesn't match the cookie
 			echo __('Enter your password to view comments');
 			return;
 		}
Index: wp-includes/feed.php
===================================================================
--- wp-includes/feed.php	(revision 6695)
+++ wp-includes/feed.php	(working copy)
@@ -145,7 +145,7 @@
 
 function rss_enclosure() {
 	global $post;
-	if ( !empty($post->post_password) && ($_COOKIE['wp-postpass_'.COOKIEHASH] != $post->post_password) )
+	if ( !empty($post->post_password) && (!isset($_COOKIE['wp-postpass_'.COOKIEHASH]) || $_COOKIE['wp-postpass_'.COOKIEHASH] != $post->post_password) )
 		return;
 
 	foreach (get_post_custom() as $key => $val) {
Index: wp-includes/link-template.php
===================================================================
--- wp-includes/link-template.php	(revision 6695)
+++ wp-includes/link-template.php	(working copy)
@@ -524,6 +524,7 @@
 	$current_post_date = $post->post_date;
 
 	$join = '';
+	$posts_in_ex_cats_sql = '';
 	if ( $in_same_cat || !empty($excluded_categories) ) {
 		$join = " INNER JOIN $wpdb->term_relationships AS tr ON p.ID = tr.object_id INNER JOIN $wpdb->term_taxonomy tt ON tr.term_taxonomy_id = tt.term_taxonomy_id";
 
@@ -615,7 +616,7 @@
 		$qs_regex = '|\?.*?$|';
 		preg_match( $qs_regex, $request, $qs_match );
 
-		if ( $qs_match[0] ) {
+		if ( !empty( $qs_match[0] ) ) {
 			$query_string = $qs_match[0];
 			$request = preg_replace( $qs_regex, '', $request );
 		} else {
Index: wp-includes/pluggable.php
===================================================================
--- wp-includes/pluggable.php	(revision 6695)
+++ wp-includes/pluggable.php	(working copy)
@@ -775,7 +775,7 @@
 	$lp  = parse_url($location);
 	$wpp = parse_url(get_option('home'));
 
-	$allowed_hosts = (array) apply_filters('allowed_redirect_hosts', array($wpp['host']), $lp['host']);
+	$allowed_hosts = (array) apply_filters('allowed_redirect_hosts', array($wpp['host']), isset($lp['host']) ? $lp['host'] : '');
 
 	if ( isset($lp['host']) && ( !in_array($lp['host'], $allowed_hosts) && $lp['host'] != strtolower($wpp['host'])) )
 		$location = get_option('siteurl') . '/wp-admin/';
Index: wp-includes/post-template.php
===================================================================
--- wp-includes/post-template.php	(revision 6695)
+++ wp-includes/post-template.php	(working copy)
@@ -86,7 +86,7 @@
 	$output = '';
 
 	if ( !empty($post->post_password) ) { // if there's a password
-		if ( stripslashes($_COOKIE['wp-postpass_'.COOKIEHASH]) != $post->post_password ) {	// and it doesn't match the cookie
+		if ( !isset($_COOKIE['wp-postpass_'.COOKIEHASH]) || stripslashes($_COOKIE['wp-postpass_'.COOKIEHASH]) != $post->post_password ) {	// and it doesn't match the cookie
 			$output = get_the_password_form();
 			return $output;
 		}
@@ -141,7 +141,7 @@
 	$output = '';
 	$output = $post->post_excerpt;
 	if ( !empty($post->post_password) ) { // if there's a password
-		if ( $_COOKIE['wp-postpass_'.COOKIEHASH] != $post->post_password ) {  // and it doesn't match the cookie
+		if ( !isset($_COOKIE['wp-postpass_'.COOKIEHASH]) || $_COOKIE['wp-postpass_'.COOKIEHASH] != $post->post_password ) {  // and it doesn't match the cookie
 			$output = __('There is no excerpt because this is a protected post.');
 			return $output;
 		}
Index: wp-includes/user.php
===================================================================
--- wp-includes/user.php	(revision 6695)
+++ wp-includes/user.php	(working copy)
@@ -216,7 +216,7 @@
 
 	$userdata = $user->data;
 	$user_login	= $user->user_login;
-	$user_level	= (int) $user->user_level;
+	$user_level	= (int) isset($user->user_level) ? $user->user_level : 0;
 	$user_ID	= (int) $user->ID;
 	$user_email	= $user->user_email;
 	$user_url	= $user->user_url;
Index: wp-includes/wp-db.php
===================================================================
--- wp-includes/wp-db.php	(revision 6695)
+++ wp-includes/wp-db.php	(working copy)
@@ -339,7 +339,7 @@
 			$this->query($query);
 
 		// Extract var out of cached results based x,y vals
-		if ( $this->last_result[$y] ) {
+		if ( !empty( $this->last_result[$y] ) ) {
 			$values = array_values(get_object_vars($this->last_result[$y]));
 		}
 
Index: wp-login.php
===================================================================
--- wp-login.php	(revision 6695)
+++ wp-login.php	(working copy)
@@ -174,7 +174,7 @@
 // Main
 //
 
-$action = $_REQUEST['action'];
+$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : '';
 $errors = new WP_Error();
 
 if ( isset($_GET['key']) )
@@ -351,17 +351,17 @@
 		$errors->add('test_cookie', __("<strong>ERROR</strong>: Cookies are blocked or not supported by your browser. You must <a href='http://www.google.com/cookies.html'>enable cookies</a> to use WordPress."));
 
 	// Some parts of this script use the main login form to display a message
-	if		( TRUE == $_GET['loggedout'] )			$errors->add('loggedout', __('You are now logged out.'));
-	elseif	( 'disabled' == $_GET['registration'] )	$errors->add('registerdiabled', __('User registration is currently not allowed.'));
-	elseif	( 'confirm' == $_GET['checkemail'] )	$errors->add('confirm', __('Check your e-mail for the confirmation link.'));
-	elseif	( 'newpass' == $_GET['checkemail'] )	$errors->add('newpass', __('Check your e-mail for your new password.'));
-	elseif	( 'registered' == $_GET['checkemail'] )	$errors->add('registered', __('Registration complete. Please check your e-mail.'));
+	if		( isset($_GET['loggedout']) && TRUE == $_GET['loggedout'] )			$errors->add('loggedout', __('You are now logged out.'));
+	elseif	( isset($_GET['registration']) && 'disabled' == $_GET['registration'] )	$errors->add('registerdiabled', __('User registration is currently not allowed.'));
+	elseif	( isset($_GET['checkemail']) && 'confirm' == $_GET['checkemail'] )	$errors->add('confirm', __('Check your e-mail for the confirmation link.'));
+	elseif	( isset($_GET['checkemail']) && 'newpass' == $_GET['checkemail'] )	$errors->add('newpass', __('Check your e-mail for your new password.'));
+	elseif	( isset($_GET['checkemail']) && 'registered' == $_GET['checkemail'] )	$errors->add('registered', __('Registration complete. Please check your e-mail.'));
 
 	login_header(__('Login'), '', $errors);
 ?>
 
 <form name="loginform" id="loginform" action="wp-login.php" method="post">
-<?php if ( !in_array( $_GET['checkemail'], array('confirm', 'newpass') ) ) : ?>
+<?php if ( !isset($_GET['checkemail']) || !in_array( $_GET['checkemail'], array('confirm', 'newpass') ) ) : ?>
 	<p>
 		<label><?php _e('Username') ?><br />
 		<input type="text" name="log" id="user_login" class="input" value="<?php echo attribute_escape(stripslashes($user_login)); ?>" size="20" tabindex="10" /></label>
@@ -384,7 +384,7 @@
 </form>
 
 <p id="nav">
-<?php if ( in_array( $_GET['checkemail'], array('confirm', 'newpass') ) ) : ?>
+<?php if ( isset($_GET['checkemail']) && in_array( $_GET['checkemail'], array('confirm', 'newpass') ) ) : ?>
 <?php elseif (get_option('users_can_register')) : ?>
 <a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=register"><?php _e('Register') ?></a> |
 <a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=lostpassword" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a>