Index: wp-admin/edit-category-form.php
===================================================================
--- wp-admin/edit-category-form.php	(revision 6592)
+++ wp-admin/edit-category-form.php	(working copy)
@@ -5,14 +5,14 @@
 	$form = '<form name="editcat" id="editcat" method="post" action="categories.php">';
 	$action = 'editedcat';
 	$nonce_action = 'update-category_' . $cat_ID;
-	do_action('edit_category_form_pre', $category);
+	do_action('edit_category_form_pre', ( isset($category) ) ? $category : null);
 } else {
 	$heading = __('Add Category');
 	$submit_text = __('Add Category &raquo;');
 	$form = '<form name="addcat" id="addcat" method="post" action="categories.php" class="add:the-list:">';
 	$action = 'addcat';
 	$nonce_action = 'add-category';
-	do_action('add_category_form_pre', $category);
+	do_action('add_category_form_pre', ( isset($category) ) ? $category : null);
 }
 ?>
 
@@ -20,30 +20,31 @@
 <h2><?php echo $heading ?></h2>
 <div id="ajax-response"></div>
 <?php echo $form ?>
-<input type="hidden" name="action" value="<?php echo $action ?>" />
-<input type="hidden" name="cat_ID" value="<?php echo $category->term_id ?>" />
+<input type="hidden" name="action" value="<?php echo ( isset($action) ) ? $action : '' ?>" />
+<input type="hidden" name="cat_ID" value="<?php echo ( isset($category->term_id) ) ? $category->term_id : ''?>" />
 <?php wp_nonce_field($nonce_action); ?>
 	<table class="editform" width="100%" cellspacing="2" cellpadding="5">
 		<tr class="form-field form-required">
 			<th width="33%" scope="row" valign="top"><label for="cat_name"><?php _e('Category name:') ?></label></th>
-			<td width="67%"><input name="cat_name" id="cat_name" type="text" value="<?php echo attribute_escape($category->name); ?>" size="40" /></td>
+			<td width="67%"><input name="cat_name" id="cat_name" type="text" value="<?php echo ( isset($category->name) ) ? attribute_escape($category->name) : ''; ?>" size="40" /></td>
 		</tr>
 		<tr class="form-field">
 			<th scope="row" valign="top"><label for="category_nicename"><?php _e('Category slug:') ?></label></th>
-			<td><input name="category_nicename" id="category_nicename" type="text" value="<?php echo attribute_escape($category->slug); ?>" size="40" /></td>
+			<td><input name="category_nicename" id="category_nicename" type="text" value="<?php echo ( isset($category->attribute_escape) ) ? attribute_escape($category->slug) : ''; ?>" size="40" /></td>
 		</tr>
 		<tr class="form-field">
 			<th scope="row" valign="top"><label for="category_parent"><?php _e('Category parent:') ?></label></th>
 			<td>
-	  			<?php wp_dropdown_categories('hide_empty=0&name=category_parent&orderby=name&selected=' . $category->parent . '&hierarchical=1&show_option_none=' . __('None')); ?>
+	  			<?php $parent = ( isset($category->parent) ) ? $category->parent : '';
+				wp_dropdown_categories('hide_empty=0&name=category_parent&orderby=name&selected=' . $parent . '&hierarchical=1&show_option_none=' . __('None')); ?>
 	  		</td>
 		</tr>
 		<tr class="form-field">
 			<th scope="row" valign="top"><label for="category_description"><?php _e('Description: (optional)') ?></label></th>
-			<td><textarea name="category_description" id="category_description" rows="5" cols="50" style="width: 97%;"><?php echo wp_specialchars($category->description); ?></textarea></td>
+			<td><textarea name="category_description" id="category_description" rows="5" cols="50" style="width: 97%;"><?php echo ( isset($category->description) ) ? wp_specialchars($category->description) : ''; ?></textarea></td>
 		</tr>
 	</table>
 <p class="submit"><input type="submit" name="submit" value="<?php echo $submit_text ?>" /></p>
-<?php do_action('edit_category_form', $category); ?>
+<?php do_action('edit_category_form', ( isset($category) ) ? $category : null); ?>
 </form>
 </div>
Index: wp-admin/edit-link-form.php
===================================================================
--- wp-admin/edit-link-form.php	(revision 6592)
+++ wp-admin/edit-link-form.php	(working copy)
@@ -14,7 +14,7 @@
 function xfn_check($class, $value = '', $deprecated = '') {
 	global $link;
 
-	$link_rel = $link->link_rel;
+	$link_rel = ( isset($link->link_rel) ) ? $link->link_rel : null;
 	$rels = preg_split('/\s+/', $link_rel);
 
 	if ('' != $value && in_array($value, $rels) ) {
@@ -51,13 +51,13 @@
 <h3 class="dbx-handle"><?php _e('Target') ?></h3>
 <div class="dbx-content">
 <label for="link_target_blank" class="selectit">
-<input id="link_target_blank" type="radio" name="link_target" value="_blank" <?php echo(($link->link_target == '_blank') ? 'checked="checked"' : ''); ?> />
+<input id="link_target_blank" type="radio" name="link_target" value="_blank" <?php echo((isset($link->link_target) && $link->link_target == '_blank') ? 'checked="checked"' : ''); ?> />
 <code>_blank</code></label>
 <label for="link_target_top" class="selectit">
-<input id="link_target_top" type="radio" name="link_target" value="_top" <?php echo(($link->link_target == '_top') ? 'checked="checked"' : ''); ?> />
+<input id="link_target_top" type="radio" name="link_target" value="_top" <?php echo((isset($link->link_target) && $link->link_target == '_top') ? 'checked="checked"' : ''); ?> />
 <code>_top</code></label>
 <label for="link_target_none" class="selectit">
-<input id="link_target_none" type="radio" name="link_target" value="" <?php echo(($link->link_target == '') ? 'checked="checked"' : ''); ?> />
+<input id="link_target_none" type="radio" name="link_target" value="" <?php echo((isset($link->link_target) && $link->link_target == '') ? 'checked="checked"' : ''); ?> />
 <?php _e('none') ?></label>
 </div>
 </fieldset>
@@ -84,11 +84,11 @@
 </tr>
 <tr>
 <th width="20%" scope="row" valign="top"><label for="link_url"><?php _e('Address:') ?></label></th>
-<td width="80%"><input type="text" name="link_url" id="link_url" value="<?php echo $link->link_url; if ( empty( $link->link_url ) ) echo 'http://'; ?>" style="width: 95%" /></td>
+<td width="80%"><input type="text" name="link_url" id="link_url" value="<?php echo ( empty( $link->link_url ) ) ? 'http://' : $link->link_url; ?>" style="width: 95%" /></td>
 </tr>
 <tr>
 <th scope="row" valign="top"><label for="link_description"><?php _e('Description:') ?></label></th>
-<td><input type="text" name="link_description" id="link_description" value="<?php echo $link->link_description; ?>" style="width: 95%" /></td>
+<td><input type="text" name="link_description" id="link_description" value="<?php echo ( ! empty( $link->link_description ) ) ? $link->link_description : ''; ?>" style="width: 95%" /></td>
 </tr>
 </table>
 
@@ -104,7 +104,7 @@
 <table class="editform" width="100%" cellspacing="2" cellpadding="5">
 	<tr>
 		<th width="20%" scope="row"><?php _e('rel:') ?></th>
-		<td width="80%"><input type="text" name="link_rel" id="link_rel" size="50" value="<?php echo $link->link_rel; ?>" /></td>
+		<td width="80%"><input type="text" name="link_rel" id="link_rel" size="50" value="<?php echo ( ! empty($link->link_rel) ) ? $link->link_rel : ''; ?>" /></td>
 	</tr>
 	<tr>
 		<th scope="row"><?php _e('<a href="http://gmpg.org/xfn/">XFN</a> Creator:') ?></th>
@@ -217,15 +217,15 @@
 <table class="editform" width="100%" cellspacing="2" cellpadding="5">
 	<tr>
 		<th width="20%" scope="row"><?php _e('Image Address:') ?></th>
-		<td width="80%"><input type="text" name="link_image" size="50" value="<?php echo $link->link_image; ?>" style="width: 95%" /></td>
+		<td width="80%"><input type="text" name="link_image" size="50" value="<?php echo ( isset($link->link_image) ) ? $link->link_image : ''; ?>" style="width: 95%" /></td>
 	</tr>
 	<tr>
 		<th scope="row"><?php _e('RSS Address:') ?> </th>
-		<td><input name="link_rss" type="text" id="rss_uri" value="<?php echo $link->link_rss; ?>" size="50" style="width: 95%" /></td>
+		<td><input name="link_rss" type="text" id="rss_uri" value="<?php echo ( isset($link->link_rss) ) ? $link->link_rss : ''; ?>" size="50" style="width: 95%" /></td>
 	</tr>
 	<tr>
 		<th scope="row"><?php _e('Notes:') ?></th>
-		<td><textarea name="link_notes" cols="50" rows="10" style="width: 95%"><?php echo $link->link_notes; ?></textarea></td>
+		<td><textarea name="link_notes" cols="50" rows="10" style="width: 95%"><?php echo ( isset($link->link_notes) ) ? $link->link_notes : ''; ?></textarea></td>
 	</tr>
 	<tr>
 		<th scope="row"><?php _e('Rating:') ?></th>
@@ -233,7 +233,7 @@
 		<?php
 			for ($r = 0; $r < 10; $r++) {
 				echo('            <option value="'.$r.'" ');
-				if ($link->link_rating == $r)
+				if (isset($link->link_rating) && $link->link_rating == $r)
 					echo 'selected="selected"';
 				echo('>'.$r.'</option>');
 			}
Index: wp-admin/edit-page-form.php
===================================================================
--- wp-admin/edit-page-form.php	(revision 6592)
+++ wp-admin/edit-page-form.php	(working copy)
@@ -3,7 +3,7 @@
 <h2 id="write-post"><?php _e('Write Page'); ?></h2>
 <?php
 
-if (0 == $post_ID) {
+if (empty($post_ID) || 0 == $post_ID) {
 	$form_action = 'post';
 	$nonce_action = 'add-page';
 	$temp_ID = -1 * time(); // don't change this formula without looking at wp_write_post()
@@ -20,7 +20,7 @@
 
 $sendto = clean_url(stripslashes(wp_get_referer()));
 
-if ( 0 != $post_ID && $sendto == get_permalink($post_ID) )
+if ( ! empty($post_ID) && $sendto == get_permalink($post_ID) )
 	$sendto = 'redo';
 ?>
 
@@ -73,7 +73,7 @@
 
 <fieldset id="passworddiv" class="dbx-box">
 <h3 class="dbx-handle"><?php _e('Page Password') ?></h3>
-<div class="dbx-content"><input name="post_password" type="text" size="13" id="post_password" value="<?php echo attribute_escape( $post->post_password ); ?>" /></div>
+<div class="dbx-content"><input name="post_password" type="text" size="13" id="post_password" value="<?php echo ( isset($post->post_password) ) ? attribute_escape( $post->post_password ) : ''; ?>" /></div>
 </fieldset>
 
 <fieldset id="pageparent" class="dbx-box">
@@ -98,7 +98,7 @@
 
 <fieldset id="slugdiv" class="dbx-box">
 <h3 class="dbx-handle"><?php _e('Page Slug') ?></h3>
-<div class="dbx-content"><input name="post_name" type="text" size="13" id="post_name" value="<?php echo attribute_escape( $post->post_name ); ?>" /></div>
+<div class="dbx-content"><input name="post_name" type="text" size="13" id="post_name" value="<?php echo attribute_escape( ( isset($post->post_name) ) ? $post->post_name : '' ); ?>" /></div>
 </fieldset>
 
 <?php if ( $authors = get_editable_authors( $current_user->id ) ) : // TODO: ROLE SYSTEM ?>
Index: wp-admin/edit-pages.php
===================================================================
--- wp-admin/edit-pages.php	(revision 6592)
+++ wp-admin/edit-pages.php	(working copy)
@@ -41,7 +41,7 @@
 
 <form name="searchform" id="searchform" action="" method="get">
 	<fieldset><legend><?php _e('Search Terms&hellip;') ?></legend>
-		<input type="text" name="s" id="s" value="<?php echo attribute_escape( stripslashes( $_GET['s'] ) ); ?>" size="17" />
+		<input type="text" name="s" id="s" value="<?php echo ( isset($_GET['s']) ) ? attribute_escape( stripslashes( $_GET['s'] ) ) : ''; ?>" size="17" />
 	</fieldset>
 
 
Index: wp-admin/edit.php
===================================================================
--- wp-admin/edit.php	(revision 6592)
+++ wp-admin/edit.php	(working copy)
@@ -4,7 +4,7 @@
 $title = __('Posts');
 $parent_file = 'edit.php';
 wp_enqueue_script( 'admin-posts' );
-if ( 1 == $_GET['c'] )
+if ( isset($_GET['c']) && 1 == $_GET['c'] )
 	wp_enqueue_script( 'admin-comments' );
 require_once('admin-header.php');
 
@@ -31,13 +31,13 @@
 if ( is_single() ) {
 	printf(__('Comments on %s'), apply_filters( "the_title", $post->post_title));
 } else {
-	if ( $post_listing_pageable && !is_archive() && !is_search() )
+	if ( isset($post_listing_pageable) && $post_listing_pageable && !is_archive() && !is_search() )
 		$h2_noun = is_paged() ? sprintf(__( 'Previous %s' ), $post_status_label) : sprintf(__('Latest %s'), $post_status_label);
 	else
-		$h2_noun = $post_status_label;
+		$h2_noun = ( isset($post_status_label) ) ? $post_status_label : null;
 	// Use $_GET instead of is_ since they can override each other
 	$h2_author = '';
-	$_GET['author'] = (int) $_GET['author'];
+	$_GET['author'] = ( isset($_GET['author']) ) ? (int) $_GET['author'] : 0;
 	if ( $_GET['author'] != 0 ) {
 		if ( $_GET['author'] == '-' . $user_ID ) { // author exclusion
 			$h2_author = ' ' . __('by other authors');
@@ -111,7 +111,7 @@
 <?php } ?>
 
 	<fieldset><legend><?php _e('Category&hellip;') ?></legend>
-		<?php wp_dropdown_categories('show_option_all='.__('All').'&hide_empty=1&hierarchical=1&show_count=1&selected='.$cat);?>
+		<?php wp_dropdown_categories('show_option_all='.__('All').'&hide_empty=1&hierarchical=1&show_count=1&selected='.((isset($cat))?$cat:0));?>
 	</fieldset>
 	<input type="submit" id="post-query-submit" value="<?php _e('Filter &#187;'); ?>" class="button" />
 </form>
Index: wp-admin/includes/plugin.php
===================================================================
--- wp-admin/includes/plugin.php	(revision 6592)
+++ wp-admin/includes/plugin.php	(working copy)
@@ -18,11 +18,11 @@
 	$name = $plugin_name[1];
 	$name = trim( $name );
 	$plugin = $name;
-	if ('' != trim($plugin_uri[1]) && '' != $name ) {
+	if (isset($plugin_uri[1]) && '' != trim($plugin_uri[1]) && '' != $name ) {
 		$plugin = '<a href="' . trim( $plugin_uri[1] ) . '" title="'.__( 'Visit plugin homepage' ).'">'.$plugin.'</a>';
 	}
 
-	if ('' == $author_uri[1] ) {
+	if (! isset($author_uri[1]) || '' == $author_uri[1] ) {
 		$author = trim( $author_name[1] );
 	} else {
 		$author = '<a href="' . trim( $author_uri[1] ) . '" title="'.__( 'Visit author homepage' ).'">' . trim( $author_name[1] ) . '</a>';
Index: wp-admin/includes/post.php
===================================================================
--- wp-admin/includes/post.php	(revision 6592)
+++ wp-admin/includes/post.php	(working copy)
@@ -134,8 +134,10 @@
 		$text       = wp_specialchars( stripslashes( urldecode( $_REQUEST['text'] ) ) );
 		$text       = funky_javascript_fix( $text);
 		$popupurl   = clean_url($_REQUEST['popupurl']);
-        $post_content = '<a href="'.$popupurl.'">'.$post_title.'</a>'."\n$text";
-    }
+		$post_content = '<a href="'.$popupurl.'">'.$post_title.'</a>'."\n$text";
+	} else
+		$post_content = '';	
+		
 
 	if ( !empty( $_REQUEST['excerpt'] ) )
 		$post_excerpt = wp_specialchars( stripslashes( $_REQUEST['excerpt'] ));
@@ -478,8 +480,8 @@
 	global $wpdb;
 	if ( false === $q )
 		$q = $_GET;
-	$q['m']   = (int) $q['m'];
-	$q['cat'] = (int) $q['cat'];
+	$q['m']   = ( isset($q['m']) ) ? (int) $q['m'] : 0;
+	$q['cat'] = ( isset($q['cat']) ) ? (int) $q['cat'] : 0;
 	$post_stati  = array(	//	array( adj, noun )
 				'draft' => array(__('Draft'), _c('Drafts|manage posts header')),
 				'future' => array(__('Scheduled'), __('Scheduled posts')),
@@ -497,10 +499,10 @@
 		$post_status_q = '&post_status=' . $q['post_status'];
 	}
 
-	if ( 'pending' === $q['post_status'] ) {
+	if ( isset($q['post_status']) && 'pending' === $q['post_status'] ) {
 		$order = 'ASC';
 		$orderby = 'modified';
-	} elseif ( 'draft' === $q['post_status'] ) {
+	} elseif ( isset($q['post_status']) && 'draft' === $q['post_status'] ) {
 		$order = 'DESC';
 		$orderby = 'modified';
 	} else {
Index: wp-admin/includes/template.php
===================================================================
--- wp-admin/includes/template.php	(revision 6592)
+++ wp-admin/includes/template.php	(working copy)
@@ -241,15 +241,15 @@
 function wp_manage_posts_columns() {
 	$posts_columns = array();
 	$posts_columns['id'] = '<div style="text-align: center">' . __('ID') . '</div>';
-	if ( 'draft' === $_GET['post_status'] )
+	if ( isset($_GET['post_status']) && 'draft' === $_GET['post_status'] )
 		$posts_columns['modified'] = __('Modified');
-	elseif ( 'pending' === $_GET['post_status'] )
+	elseif ( isset($_GET['post_status']) && 'pending' === $_GET['post_status'] )
 		$posts_columns['modified'] = __('Submitted');
 	else
 		$posts_columns['date'] = __('When');
 	$posts_columns['title'] = __('Title');
 	$posts_columns['categories'] = __('Categories');
-	if ( !in_array($_GET['post_status'], array('pending', 'draft', 'future')) )
+	if ( ! isset($_GET['post_status']) || !in_array($_GET['post_status'], array('pending', 'draft', 'future')) )
 		$posts_columns['comments'] = '<div style="text-align: center">' . __('Comments') . '</div>';
 	$posts_columns['author'] = __('Author');
 	$posts_columns = apply_filters('manage_posts_columns', $posts_columns);
@@ -361,6 +361,8 @@
 	$url = $user_object->user_url;
 	$short_url = str_replace( 'http://', '', $url );
 	$short_url = str_replace( 'www.', '', $short_url );
+	$first_name = ( isset( $user_object->first_name ) ) ? $user_object->first_name : '';
+	$last_name = ( isset( $user_object->last_name ) ) ? $user_object->last_name : '';
 	if ('/' == substr( $short_url, -1 ))
 		$short_url = substr( $short_url, 0, -1 );
 	if ( strlen( $short_url ) > 35 )
@@ -369,7 +371,7 @@
 	$r = "<tr id='user-$user_object->ID'$style>
 		<td><input type='checkbox' name='users[]' id='user_{$user_object->ID}' class='$role' value='{$user_object->ID}' /> <label for='user_{$user_object->ID}'>{$user_object->ID}</label></td>
 		<td><label for='user_{$user_object->ID}'><strong>$user_object->user_login</strong></label></td>
-		<td><label for='user_{$user_object->ID}'>$user_object->first_name $user_object->last_name</label></td>
+		<td><label for='user_{$user_object->ID}'>$first_name $last_name</label></td>
 		<td><a href='mailto:$email' title='" . sprintf( __('e-mail: %s' ), $email ) . "'>$email</a></td>
 		<td><a href='$url' title='website: $url'>$short_url</a></td>";
 	$r .= "\n\t\t<td align='center'>";
@@ -587,7 +589,7 @@
 	global $wp_locale, $post, $comment;
 
 	if ( $for_post )
-		$edit = ( in_array($post->post_status, array('draft', 'pending') ) && (!$post->post_date || '0000-00-00 00:00:00' == $post->post_date ) ) ? false : true;
+		$edit = ( in_array($post->post_status, array('draft', 'pending') ) && (empty($post->post_date) || '0000-00-00 00:00:00' == $post->post_date ) ) ? false : true;
 	
 	$tab_index_attribute = '';
 	if ( (int) $tab_index > 0 )
@@ -596,7 +598,9 @@
 	echo '<fieldset><legend><input type="checkbox" class="checkbox" name="edit_date" value="1" id="timestamp"'.$tab_index_attribute.' /> <label for="timestamp">'.__( 'Edit timestamp' ).'</label></legend>';
 
 	$time_adj = time() + (get_option( 'gmt_offset' ) * 3600 );
-	$post_date = ($for_post) ? $post->post_date : $comment->comment_date;
+	$post_date = ( ! empty( $post->post_date ) ) ? $post->post_date : null;
+	$comment_date = ( ! empty( $comment->comment_date ) ) ? $comment->comment_date : null;
+	$post_date = ($for_post) ? $post_date : $comment_date;
 	$jj = ($edit) ? mysql2date( 'd', $post_date ) : gmdate( 'd', $time_adj );
 	$mm = ($edit) ? mysql2date( 'm', $post_date ) : gmdate( 'm', $time_adj );
 	$aa = ($edit) ? mysql2date( 'Y', $post_date ) : gmdate( 'Y', $time_adj );
@@ -773,7 +777,7 @@
 
 function wp_remember_old_slug() {
 	global $post;
-	$name = attribute_escape($post->post_name); // just in case
+	$name = ( ! empty($post->post_name) ) ? attribute_escape($post->post_name) : ''; // just in case
 	if ( strlen($name) )
 		echo '<input type="hidden" id="wp-old-slug" name="wp-old-slug" value="' . $name . '" />';
 }
Index: wp-admin/includes/theme.php
===================================================================
--- wp-admin/includes/theme.php	(revision 6592)
+++ wp-admin/includes/theme.php	(working copy)
@@ -38,8 +38,8 @@
 			preg_match( '|Template Name:(.*)$|mi', $template_data, $name );
 			preg_match( '|Description:(.*)$|mi', $template_data, $description );
 
-			$name = $name[1];
-			$description = $description[1];
+			$name = ( isset($name[1]) ) ? $name[1] : null;
+			$description = ( isset($description[1]) ) ? $description[1] : null;
 
 			if ( !empty( $name ) ) {
 				$page_templates[trim( $name )] = basename( $template );
Index: wp-admin/includes/upload.php
===================================================================
--- wp-admin/includes/upload.php	(revision 6592)
+++ wp-admin/includes/upload.php	(working copy)
@@ -163,11 +163,11 @@
 <?php	endif; ?>
 			<tr>
 				<th scope="row"><label for="post_title"><?php _e('Title'); ?></label></th>
-				<td><input type="text" id="post_title" name="post_title" value="<?php echo $attachment->post_title; ?>" /></td>
+				<td><input type="text" id="post_title" name="post_title" value="<?php echo ( isset($attachment->post_title) ) ? $attachment->post_title : ''; ?>" /></td>
 			</tr>
 			<tr>
 				<th scope="row"><label for="post_content"><?php _e('Description'); ?></label></th>
-				<td><textarea name="post_content" id="post_content"><?php echo $attachment->post_content; ?></textarea></td>
+				<td><textarea name="post_content" id="post_content"><?php echo ( isset($attachment->post_conent) ) ? $attachment->post_content : ''; ?></textarea></td>
 			</tr>
 			<?php if (isset($attachment_data['image_meta'])) { ?>
 				<tr>
Index: wp-admin/includes/user.php
===================================================================
--- wp-admin/includes/user.php	(revision 6592)
+++ wp-admin/includes/user.php	(working copy)
@@ -217,17 +217,17 @@
 
 function get_user_to_edit( $user_id ) {
 	$user = new WP_User( $user_id );
-	$user->user_login   = attribute_escape($user->user_login);
-	$user->user_email   = attribute_escape($user->user_email);
-	$user->user_url     = clean_url($user->user_url);
-	$user->first_name   = attribute_escape($user->first_name);
-	$user->last_name    = attribute_escape($user->last_name);
-	$user->display_name = attribute_escape($user->display_name);
-	$user->nickname     = attribute_escape($user->nickname);
-	$user->aim          = attribute_escape($user->aim);
-	$user->yim          = attribute_escape($user->yim);
-	$user->jabber       = attribute_escape($user->jabber);
-	$user->description  =  wp_specialchars($user->description);
+	$user->user_login   = ( isset($user->user_login) ) ? attribute_escape($user->user_login) : '';
+	$user->user_email   = ( isset($user->user_email) ) ? attribute_escape($user->user_email) : '';
+	$user->user_url     = ( isset($user->user_url) ) ? clean_url($user->user_url) : '';
+	$user->first_name   = ( isset($user->first_name) ) ? attribute_escape($user->first_name) : '';
+	$user->last_name    = ( isset($user->last_name) ) ? attribute_escape($user->last_name) : '';
+	$user->display_name = ( isset($user->display_name) ) ? attribute_escape($user->display_name) : '';
+	$user->nickname     = ( isset($user->nickname) ) ? attribute_escape($user->nickname) : '';
+	$user->aim          = ( isset($user->aim) ) ? attribute_escape($user->aim) : '';
+	$user->yim          = ( isset($user->yim) ) ? attribute_escape($user->yim) : '';
+	$user->jabber       = ( isset($user->jabber) ) ? attribute_escape($user->jabber) : '';
+	$user->description  = ( isset($user->description) ) ? wp_specialchars($user->description) : '';
 
 	return $user;
 }
Index: wp-admin/includes/widgets.php
===================================================================
--- wp-admin/includes/widgets.php	(revision 6592)
+++ wp-admin/includes/widgets.php	(working copy)
@@ -146,10 +146,10 @@
 function wp_widget_control( $key, $widget, $display = 'display' ) {
 	static $i = 0;
 	global $wp_registered_widgets, $wp_registered_widget_controls;
-	$control = $wp_registered_widget_controls[$widget];
-	$widget  = $wp_registered_widgets[$widget];
+	$control = (isset($wp_registered_widget_controls[$widget])) ? $wp_registered_widget_controls[$widget] : null;
+	$widget  = (isset($wp_registered_widgets[$widget])) ? $wp_registered_widgets[$widget] : null;
 
-	$id_format = $widget['id'];
+	$id_format = ( isset($widget['id']) ) ? $widget['id'] : null;
 	if ( 'template' == $display && isset($control['params'][0]['number']) ) {
 		// number == -1 implies a template where id numbers are replaced by a generic '%i%'
 		$control['params'][0]['number'] = -1;
Index: wp-admin/link-add.php
===================================================================
--- wp-admin/link-add.php	(revision 6592)
+++ wp-admin/link-add.php	(working copy)
@@ -16,7 +16,7 @@
 require('admin-header.php');
 ?>
 
-<?php if ($_GET['added'] && '' != $_POST['link_name']) : ?>
+<?php if ( ! empty($_GET['added']) && '' != $_POST['link_name']) : ?>
 <div id="message" class="updated fade"><p><?php _e('Link added.'); ?></p></div>
 <?php endif; ?>
 
Index: wp-admin/link-manager.php
===================================================================
--- wp-admin/link-manager.php	(revision 6592)
+++ wp-admin/link-manager.php	(working copy)
@@ -129,7 +129,10 @@
 			$short_url = substr($short_url, 0, 32).'...';
 
 		$visible = ($link->link_visible == 'Y') ? __('Yes') : __('No');
-		++ $i;
+		if ( isset($i) ) 
+			++ $i;
+		else
+			$i = 1;
 		$style = ($i % 2) ? '' : ' class="alternate"';
 		?><tr id="link-<?php echo $link->link_id; ?>" valign="middle" <?php echo $style; ?>><?php
 		foreach($link_columns as $column_name=>$column_display_name) {
Index: wp-admin/plugin-editor.php
===================================================================
--- wp-admin/plugin-editor.php	(revision 6592)
+++ wp-admin/plugin-editor.php	(working copy)
@@ -55,7 +55,7 @@
 	if ( !current_user_can('edit_plugins') )
 		wp_die('<p>'.__('You do not have sufficient permissions to edit plugins for this blog.').'</p>');
 
-	if ( $_GET['liveupdate'] ) {
+	if ( ! empty($_GET['liveupdate']) ) {
 		check_admin_referer('edit-plugin-test_' . $file);
 		$current = get_option('active_plugins');
 		$plugin = $file;
Index: wp-admin/users.php
===================================================================
--- wp-admin/users.php	(revision 6592)
+++ wp-admin/users.php	(working copy)
@@ -8,7 +8,7 @@
 $title = __('Users');
 $parent_file = 'users.php';
 
-$action = $_REQUEST['action'];
+$action = ( isset($_REQUEST['action']) ) ? $_REQUEST['action'] : '';
 $update = '';
 
 if ( empty($_POST) ) {
@@ -61,6 +61,8 @@
 				$searches[] = $col . " LIKE '%$this->search_term%'";
 			$search_sql .= implode(' OR ', $searches);
 			$search_sql .= ')';
+		} else {
+			$search_sql = '';
 		}
 		$this->query_from_where = "FROM $wpdb->users WHERE 1=1 $search_sql";
 
@@ -276,8 +278,11 @@
 	include('admin-header.php');
 
 	// Query the users
-	$wp_user_search = new WP_User_Search($_GET['usersearch'], $_GET['userspage']);
 
+	$usersearch = ( isset($_GET['usersearch']) ) ? $_GET['usersearch'] : null;
+	$userspage = ( isset($_GET['userspage']) ) ? $_GET['userspage'] : null;
+	$wp_user_search = new WP_User_Search($usersearch, $userspage);
+
 	// Make the user objects
 	foreach ( $wp_user_search->get_results() as $userid ) {
 		$tmp_user = new WP_User($userid);
@@ -320,7 +325,7 @@
 		}
 	endif; ?>
 
-<?php if ( is_wp_error( $errors ) ) : ?>
+<?php if ( ! empty($errors) && is_wp_error( $errors ) ) : ?>
 	<div class="error">
 		<ul>
 		<?php
@@ -429,7 +434,7 @@
 </div>
 
 <?php
-	if ( is_wp_error($add_user_errors) ) {
+	if ( ! empty($add_user_errors) && is_wp_error($add_user_errors) ) {
 		foreach ( array('user_login' => 'user_login', 'first_name' => 'user_firstname', 'last_name' => 'user_lastname', 'email' => 'user_email', 'url' => 'user_uri', 'role' => 'user_role') as $formpost => $var ) {
 			$var = 'new_' . $var;
 			$$var = attribute_escape(stripslashes($_POST[$formpost]));
@@ -441,7 +446,7 @@
 <div class="wrap">
 <h2 id="add-new-user"><?php _e('Add New User') ?></h2>
 
-<?php if ( is_wp_error( $add_user_errors ) ) : ?>
+<?php if ( ! empty($add_user_errors) && is_wp_error( $add_user_errors ) ) : ?>
 	<div class="error">
 		<?php
 			foreach ( $add_user_errors->get_error_messages() as $message )
@@ -464,23 +469,23 @@
 <table class="editform" width="100%" cellspacing="2" cellpadding="5">
 	<tr class="form-field form-required">
 		<th scope="row" width="33%"><?php _e('Username (required)') ?><input name="action" type="hidden" id="action" value="adduser" /></th>
-		<td width="66%"><input name="user_login" type="text" id="user_login" value="<?php echo $new_user_login; ?>" /></td>
+		<td width="66%"><input name="user_login" type="text" id="user_login" value="<?php echo ( ! empty($new_user_login) ) ? $new_user_login : ''; ?>" /></td>
 	</tr>
 	<tr class="form-field">
 		<th scope="row"><?php _e('First Name') ?> </th>
-		<td><input name="first_name" type="text" id="first_name" value="<?php echo $new_user_firstname; ?>" /></td>
+		<td><input name="first_name" type="text" id="first_name" value="<?php echo ( ! empty($new_user_firstname) ) ? $new_user_firstname : ''; ?>" /></td>
 	</tr>
 	<tr class="form-field">
 		<th scope="row"><?php _e('Last Name') ?> </th>
-		<td><input name="last_name" type="text" id="last_name" value="<?php echo $new_user_lastname; ?>" /></td>
+		<td><input name="last_name" type="text" id="last_name" value="<?php echo ( ! empty($new_user_lastname) ) ? $new_user_lastname : ''; ?>" /></td>
 	</tr>
 	<tr class="form-field form-required">
 		<th scope="row"><?php _e('E-mail (required)') ?></th>
-		<td><input name="email" type="text" id="email" value="<?php echo $new_user_email; ?>" /></td>
+		<td><input name="email" type="text" id="email" value="<?php echo ( ! empty($new_user_email) ) ? $new_user_email : ''; ?>" /></td>
 	</tr>
 	<tr class="form-field">
 		<th scope="row"><?php _e('Website') ?></th>
-		<td><input name="url" type="text" id="url" value="<?php echo $new_user_uri; ?>" /></td>
+		<td><input name="url" type="text" id="url" value="<?php echo ( ! empty($new_user_uri) ) ? $new_user_uri : ''; ?>" /></td>
 	</tr>
 
 <?php if ( apply_filters('show_password_fields', true) ) : ?>
@@ -496,7 +501,7 @@
 		<th scope="row"><?php _e('Role'); ?></th>
 		<td><select name="role" id="role">
 			<?php
-			if ( !$new_user_role )
+			if ( empty($new_user_role) )
 				$new_user_role = get_option('default_role');
 			wp_dropdown_roles($new_user_role);
 			?>




	- parent . '&hierarchical=1&show_option_none=' . __('None')); ?> + parent) ) ? $category->parent : ''; + wp_dropdown_categories('hide_empty=0&name=category_parent&orderby=name&selected=' . $parent . '&hierarchical=1&show_option_none=' . __('None')); ?>
	<?php echo wp_specialchars($category->description); ?>	<?php echo ( isset($category->description) ) ? wp_specialchars($category->description) : ''; ?>
<?php echo $link->link_notes; ?>
<?php echo ( isset($link->link_notes) ) ? $link->link_notes : ''; ?>
{$user_object->ID}
$user_object->user_login
$user_object->first_name $user_object->last_name
$first_name $last_name
$short_url
"; @@ -587,7 +589,7 @@ global $wp_locale, $post, $comment; if ( $for_post ) - $edit = ( in_array($post->post_status, array('draft', 'pending') ) && (!$post->post_date || '0000-00-00 00:00:00' == $post->post_date ) ) ? false : true; + $edit = ( in_array($post->post_status, array('draft', 'pending') ) && (empty($post->post_date) || '0000-00-00 00:00:00' == $post->post_date ) ) ? false : true; $tab_index_attribute = ''; if ( (int) $tab_index > 0 ) @@ -596,7 +598,9 @@ echo '
'.__( 'Edit timestamp' ).''; $time_adj = time() + (get_option( 'gmt_offset' ) * 3600 ); - $post_date = ($for_post) ? $post->post_date : $comment->comment_date; + $post_date = ( ! empty( $post->post_date ) ) ? $post->post_date : null; + $comment_date = ( ! empty( $comment->comment_date ) ) ? $comment->comment_date : null; + $post_date = ($for_post) ? $post_date : $comment_date; $jj = ($edit) ? mysql2date( 'd', $post_date ) : gmdate( 'd', $time_adj ); $mm = ($edit) ? mysql2date( 'm', $post_date ) : gmdate( 'm', $time_adj ); $aa = ($edit) ? mysql2date( 'Y', $post_date ) : gmdate( 'Y', $time_adj ); @@ -773,7 +777,7 @@ function wp_remember_old_slug() { global $post; - $name = attribute_escape($post->post_name); // just in case + $name = ( ! empty($post->post_name) ) ? attribute_escape($post->post_name) : ''; // just in case if ( strlen($name) ) echo ''; } Index: wp-admin/includes/theme.php =================================================================== --- wp-admin/includes/theme.php (revision 6592) +++ wp-admin/includes/theme.php (working copy) @@ -38,8 +38,8 @@ preg_match( '|Template Name:(.*)$|mi', $template_data, $name ); preg_match( '|Description:(.*)$|mi', $template_data, $description ); - $name = $name[1]; - $description = $description[1]; + $name = ( isset($name[1]) ) ? $name[1] : null; + $description = ( isset($description[1]) ) ? $description[1] : null; if ( !empty( $name ) ) { $page_templates[trim( $name )] = basename( $template ); Index: wp-admin/includes/upload.php =================================================================== --- wp-admin/includes/upload.php (revision 6592) +++ wp-admin/includes/upload.php (working copy) @@ -163,11 +163,11 @@
<?php echo $attachment->post_content; ?>
<?php echo ( isset($attachment->post_conent) ) ? $attachment->post_content : ''; ?>