__group__,ticket,summary,owner,component,_version,priority,severity,milestone,type,_status,workflow,_created,modified,_description,_reporter
Future Releases,14565,After Category Quick Edit Update Parent Category Dropdown,,Administration,3.0.1,normal,trivial,Future Release,defect (bug),new,has-patch,2010-08-08T22:07:45Z,2010-12-26T23:09:36Z,"On a clean install I went to Posts -> Categories and used Quick Edit to rename 'Uncategorized' to 'Rename-Test' I then went to create a new Category using the form on the left and the Parent drop down still lists 'Uncategorized'.

Should this be updated without have to reload the page?",Dempsey
Future Releases,16993,wp-mail.php doesn't account for half-hour and quarter-hour timezones.,,Blog by Email,3.1,normal,trivial,Future Release,defect (bug),new,has-patch,2011-03-29T06:55:06Z,2012-11-07T22:14:58Z,"To reproduce the problem, install Wordpress and set it to post by email. Send a post from an email address which is configured to use a half-hour or quarter-hour timezone (like Afghanistan, +0430).

wp-mail.php calculates the timezone by multiplying the timezone offset by 36. This works fine for whole-hour timezones (Pacific Time -0800, -800 * 36 = -28800 seconds). For half-hour and quarter-hour time zones this does not work (Afghanistan +0430, 430 * 36 = 15480, should be 16200). The reason this happens is because an hour has 60 minutes as opposed to 100  minutes. 430 / 100 = 4.3 hours, not 4.5 hours. 450 * 36 result in 16200 minutes, but timezones are represented as hours and minutes, not fractional hours.

This results in posts that are posted via email from a half-hour or quarter-hour timezone to be posted in the future or in the past from when it was actually posted.",neoscrib
Future Releases,17391,Alternative color schemes and theme settings in editor styles,azaozz,Editor,3.2,normal,trivial,Future Release,defect (bug),assigned,,2011-05-12T13:14:56Z,2012-01-14T19:10:10Z,"Hello there. 

There is no support for links color change in editor-style.css. 
If you change it in Theme Options, you will see the same:

{{{
a {
	color: #1b8be0;
	text-decoration: none;
}
}}}

As we want the editor to be WYSIWYRG, maybe we should include this change in editor-style.css too. 

I have tried to do that with `add_editor_style()`, but it is only intended for .css archives. 
I have tried to add it as a filter extending `twentyeleven_print_link_color_style` in `mce_css` and `tiny_mce_before_init`, unsuccessfully.  

All ideas for what can I use to make tinyMCE read the options are welcome. ",bi0xid
Future Releases,15394,"Ancient ""Are you sure you want to do this"" now confusing",,Warnings/Notices,3.1,normal,trivial,Future Release,defect (bug),new,,2010-11-11T21:51:26Z,2012-09-15T00:14:05Z,"The default failing nonce message did not pass the wife test. Asking ""Are you sure you want to do this?"" now that there is no longer ""OK"" and ""Cancel"" buttons is confusing and my wife just asked me ""How do I tell I'm sure?""

Not sure about the best wording, I took the same approach as Twitter's expired OAuth token links with a message that does not let user think there is something to confirm.",ozh
Next Release,7392,Don't create new autosave revision if nothing has changed yet,westi,Autosave,2.6,normal,minor,3.6,defect (bug),reopened,has-patch,2008-07-23T22:03:39Z,2013-05-09T15:22:06Z,"I noticed that simply loading and saving a post creates a new revision. This seems rather dumb to me. Could we not load the post up, compare it with the revision, and not create a whole new revision if nothing changed (ignoring post save time, of course)?

Discuss.",Otto42
Next Release,16843,wp_unique_post_slug() doesn't check pagination base when CPT has archive,,Post Types,3.1,normal,minor,3.6,defect (bug),new,has-patch,2011-03-13T06:22:22Z,2013-01-14T00:12:14Z,Title says it all.,scribu
Future Releases,24149,Set RTL body class for iframes,,Administration,,normal,minor,Future Release,defect (bug),new,commit,2013-04-21T03:57:06Z,2013-04-22T06:36:02Z,"iframe_header() sets the current locale string in the body class, but not the RTL flag. Please add this.

This came up in MP6 development, where MP6 does not (at this moment) rely on a separate rtl stylesheet like in the current admin CSS, but instead relies more on the body having .rtl set.",mitchoyoshitaka
Future Releases,8420,Disable error redirects when in DOING_AJAX,kapeels*,Administration,2.7,low,minor,Future Release,enhancement,accepted,has-patch,2008-11-29T00:28:10Z,2010-11-28T11:30:25Z,"If a DB/install error occurs in admin during ajax requests (like autosave), the response shouldn't return the whole redirected page, see $ATT (admin-ajax-install-trigger.png). If something goes awry and we're DOING_AJAX, an error message that could fit inline would be better.",janbrasna
Future Releases,17884,Remove redundant checks in settings API functions,,Administration,,normal,minor,Awaiting Review,enhancement,new,has-patch,2011-06-24T20:20:44Z,2013-01-03T19:25:30Z,"There are several isset() checks in some settings fields functions that are meant to prevent notices, but they're simply unnecessary.

PHP doesn't emit notices in those cases.",scribu
Future Releases,19019,Reduce duplication in $wpdb,,Database,,normal,minor,Future Release,enhancement,new,commit,2011-10-20T21:16:00Z,2013-04-22T19:53:27Z,"Currently, update(), insert() and soon delete() [see #18948] use the same code to generate the WHERE clause.

It should be moved into a helper method.",scribu
Future Releases,8368,Scheduling post time behavior and language refinements,garyc40,Editor,2.7,low,minor,Future Release,enhancement,assigned,,2008-11-26T17:56:19Z,2013-01-22T17:38:00Z,"On post editor, in publish module, at Publish Immediately-Edit. 

If click Edit, layer opens revealing the entry boxes for date and time of publication but still says Publish Immediately. Text should change to say ""Publish at:"" b/c it's weird if you change time and screen still says immediately until you click OK. 

Move OK button to the right side of module (submission buttons to the right as standard placement) with cancel to left (as with other places).

If you start to type in an alternate time then hit cancel, it reverts to publish immediately, which makes sense. If you have already scheduled the publish time but you decide to change it and start typing a different alternate time, if you hit cancel it does not revert to your originally scheduled time, but to publish immediately. It should revert to your previously saved schedule time. Should have a separate link to revert to publish immediately. ",jane
Future Releases,19549,Please remove X-Mailer from class-phpmailer,westi,External Libraries,3.3,normal,minor,Future Release,enhancement,assigned,dev-feedback,2011-12-14T20:37:14Z,2012-06-02T13:32:25Z,"It is nobody's business what software I am using to send mail, or what version number it is. Providing version numbers of server-side packages to strangers is an unnecessary security exposure.  With each update to WordPress, I apply this patch.  I would appreciate it if you would either include this patch yourselves, or provide a hook where I can do this myself without modifying the source.


{{{
--- wp-includes/class-phpmailer.php	5 Jul 2011 20:53:19 -0000	1.3
+++ wp-includes/class-phpmailer.php	14 Dec 2011 19:43:32 -0000
@@ -1129,8 +1129,8 @@
     } else {
       $result .= sprintf(""Message-ID: <%s@%s>%s"", $uniq_id, $this->ServerHostname(), $this->LE);
     }
-// jwz: no.    $result .= $this->HeaderLine('X-Priority', $this->Priority);
-// jwz: no.    $result .= $this->HeaderLine('X-Mailer', 'PHPMailer (phpmailer.sourceforge.net) [version ' . $this->Version . ']');
+    $result .= $this->HeaderLine('X-Priority', $this->Priority);
+    $result .= $this->HeaderLine('X-Mailer', 'PHPMailer '.$this->Version.' (phpmailer.sourceforge.net)');
 
     if($this->ConfirmReadingTo != '') {
       $result .= $this->HeaderLine('Disposition-Notification-To', '<' . trim($this->ConfirmReadingTo) . '>');

}}}",jwz
Future Releases,10823,Bad handling of ampersand in post titles,,Formatting,2.8.4,normal,minor,Future Release,defect (bug),new,has-patch,2009-09-21T10:59:50Z,2013-01-23T22:12:06Z,"Titles with ampersand (&amp;) are not correctly handled:[[BR]]

1/ the_title_attribute() doesn't transform & to &amp; causing XHTML validation errors[[BR]]

2/ titles with & followed by ; generate truncated post name (slug)
e.g. ""Test this & believe ; what ?"" => ""test-this-what""",Commeuneimage
Future Releases,4298,wpautop bugs,markjaquith*,Formatting,2.7,low,minor,Future Release,defect (bug),accepted,dev-feedback,2007-05-19T22:14:10Z,2010-04-04T06:42:21Z,"wpautop should at least ignore multiline html tags, and possibly ignore any area enclosed within html.

{{{
<table
 style=""width: 120px; height: 92px; text-align: left; margin-left: auto; margin-right: auto;""
 border=""1"" cellpadding=""7"" cellspacing=""2"">
  <tbody>
    <tr>
      <td><small><small style=""font-family: Arial;"">Once
I saw it here, I instantly knew what I wanted. I love my new woven wood
shades.</small></small><br>
      <small><small>- Ginny Good</small></small></td>
    </tr>
  </tbody>
</table>
}}}

gets formatted as:

{{{
<table<br />
 style=""width: 120px; height: 92px; text-align: left; margin-left: auto; margin-right: auto;""<br />
 border=""1"" cellpadding=""7"" cellspacing=""2""><br />
<tbody>
<tr>
<td><small><small style=""font-family: Arial;"">Once<br />
I saw it here, I instantly knew what I wanted. I love my new woven wood<br />
shades.</small></small><br /><br />
      <small><small>- Ginny Good</small></small></td>

</tr>
</tbody>
</table>
}}}

",Denis-de-Bernardy
Future Releases,21466,Allow post password cookie expiry to be customized,,General,3.4.1,lowest,minor,Future Release,enhancement,new,has-patch,2012-08-04T20:52:35Z,2013-04-16T11:23:29Z,"It'd be nice if you could customize the expiry time for the post password cookie that is set in `wp-login.php?action=postpass`.

The only solution right now is [https://gist.github.com/3259814 pretty ugly].",Viper007Bond
Future Releases,14432,Role-based help text,garyc40,Help/About,3.0,normal,minor,Future Release,enhancement,assigned,has-patch,2010-07-27T18:53:00Z,2012-11-19T18:35:24Z,The text in the Help tab is based on the screen seen by an admin. We should make it so the role of the logged in user determines the text. ,jane
Future Releases,15534,Add more info to moderation emails,,Mail,3.0,normal,minor,Future Release,enhancement,new,has-patch,2010-11-21T23:43:41Z,2011-01-09T07:07:35Z,"When comments have been approved, include who approved it in the email that gets sent to admin saying there's a new comment. I.e.:

""Ryan approved this comment:
[current comment info in email]""",jane
Future Releases,19730,"Death ""Add Media"" link after permanently deleting media items.",,Media,3.3,normal,minor,Future Release,defect (bug),new,has-patch,2012-01-04T10:30:13Z,2012-05-01T13:27:10Z,"After deleting a media item permanently and try to directly add a new one via the 'title-menu-link' (the button-link near the ""Media"" title in the admin screen) will result in a death link (""Invalid post type"").

Follow these steps to reproduce the death link(s):

If you have no '''unattachted''' media in your library, first do this:
- Media > Add New
- From the 'title' menu ""Add New"" (Button near ""Media Library"" at the top)
- Add a random image/file and press ""Save changes""
- You'll get redirected back to the overview of all your media.

If you already have one or more '''unattached''' media items in the library:
- Click on the ""Delete Permanently"" link of the file you just uploaded (the unattached file) (and press oke in the alert dialog)
- This is where something goes wrong: You'r now redirected to the edit.php page where you can read: ""Item permanently deleted."". Now click again on the ""Add New"" link in the title-menu near the title ""Media""
- You're now redirected to an invalid page: ""Invalid post type"".
",Jordi-Fun
Future Releases,19629,return option for media_sideload_image,,Media,3.3,normal,minor,Future Release,enhancement,new,has-patch,2011-12-21T09:14:50Z,2012-11-12T21:10:09Z,"An optional parameter to return the attachment id opposed to the html would be beneficial to those attempting to make use of this functionality outside of press this.

Ticket: #11993 has an enhancement suggestion to allow adding thumbnails from URL.  I have written a solution for this enhancement, and the result duplicates the functionality of media_sideload_image() setting the post thumbnail opposed to returning the image html markup.",slbmeh
Future Releases,20419,get_sample_permalink() passes the wrong post_status to wp_unique_post_slug(),,Permalinks,3.3,normal,minor,Future Release,defect (bug),new,has-patch,2012-04-11T23:15:38Z,2013-05-09T04:19:10Z,"get_sample_permalink() fakes a 'publish' post_status so that it can create a pseudo-permalink for drafts and scheduled posts.  Also wp_unique_post_slug() bails when the post_status is 'draft', 'pending', or 'auto-draft', so faking a 'publish' post_status helps there too.

However, that means the incorrect post_status is passed to the 'wp_unique_post_slug' filter at times, creating unexpected behaviour -- namely sometimes the $post_status parameter of the wp_unique_post_slug filter will report a non-published post is published.  

The best approach here seems to be to let the wp_unique_post_slug() function know when a fake $post_status is being passed to it, what that status is so it can be passed to the wp_unique_post_slug filter.  That way anybody using the filter will always get the actual post status all the time without having to do anything special.

Related: #14111",mintindeed
Future Releases,16849,Add a filter for $overrides in wp_handle_upload(),,Plugins,3.1,normal,minor,Future Release,enhancement,new,commit,2011-03-13T17:38:56Z,2013-03-19T06:21:47Z,"I'm writing a plugin that needs to set a $unique_filename_callback in wp_handle_upload() during a normal post attachment upload (not a custom upload form), but there's no way to do it without a filter like this one:

{{{
$overrides = apply_filters( 'wp_handle_upload_overrides', $overrides );
}}}


For now I just modded my /wp-admin/includes/file.php to add it, but obviously that's not an ideal solution, especially since I plan on adding the plugin to the repository for others to use.",iandunn
Future Releases,14380,Caption shortcode inserts inline style forcing width of containing div,nacin*,Shortcodes,,normal,minor,Future Release,defect (bug),accepted,dev-feedback,2010-07-21T19:45:21Z,2013-01-31T22:03:52Z,"This is related to #9066.

The problem is that the image caption shortcode inserts an inline style on the containing div which sets the width to an arbitrary value which cannot be overriden by the theme's stylesheet.

The proposed solution is to replace the shortcode function with a custom one which creates the markup without the inline style, but this is undesirable. It adds unnecessary complexity for beginners and is just generally annoying and shouldn't be necessary.

Creating an inline style violates web standards and contradicts the  philosophy behind a theme-based architecture.

The inline style on the div should be removed so that theme developers can style the caption like they would any other element, without having to resort to inconvenient workarounds.",iandunn
Future Releases,19159,When Inactive Widgets list gets long it is hard to clear,cdog*,Widgets,3.3,normal,minor,Future Release,enhancement,accepted,has-patch,2011-11-05T09:48:59Z,2012-12-30T12:03:38Z,"If you have a lot of inactive widgets it can be really hard manual labour to remove them all.

It would be much nicer if there was a delete all button like this plugin adds http://wordpress.org/extend/plugins/remove-inactive-widgets/",westi
Next Release,16567,Can't create categories with different names but similar slugs on Edit Post screen,,Administration,3.0.5,normal,normal,3.6,defect (bug),new,needs-unit-tests,2011-02-15T18:29:10Z,2013-01-09T23:38:54Z,"We run a blog that deals with programming languages. Today we were creating a post concerning the C programming language and attempted to create a new category for it, called ""C"" (just one character). This angered WordPress; it appeared to create a superfluous ""Uncategorized"" category, but it wound up not actually creating any categories for the post.

I've attached a screenie so you can see what this looks like after I attempt to create the category.

If it's for some reason forbidden to create categories comprised of a single character, maybe a validation error message of some kind would be in order?",jeffreymcmanus
Next Release,14773,Error in slug parsing leads to unlimited URLs for the same article = duplicate content,,Canonical,,normal,normal,3.6,defect (bug),assigned,has-patch,2010-09-03T14:20:45Z,2013-04-11T03:30:30Z,"an example says more than 1000 words:

right url:

http://ahmongwoman.wordpress.com/2010/09/02/i-am-not-hmong-and-i-dont-speak-spanish/

wrong urls:

http://ahmongwoman.wordpress.com/2010/09/02/i-am-not------hmong-and-i-dont-speak-spanish/

http://ahmongwoman.wordpress.com/2010/09/02/i----am-not-hmong-and-i-dont-speak-spanish/

http://ahmongwoman.wordpress.com/2010/09/02/i-am-not-----hmong-and-i-------dont-speak---------spanish/

Problem:

Wordpress returns the article with HTTP status code 200 for the wrong URLs.

This is a serious issue for people regarding search engine optimization (duplicate content).

Expected results:

Wordpress returns HTTP Status code 301 with Location-Header and right URL to the client.",thermoman
Next Release,14856,Add an $args parameter to comment_text filter,,Comments,,normal,normal,3.6,enhancement,new,has-patch,2010-09-12T12:20:06Z,2013-05-04T23:25:53Z,"When using the {{{comment_text}}} filter, there are times when the context provided by {{{$args}}} would be extremely useful. For example to know the depth of the commen. I propose adding an additional parameter for {{{comment_text}}} to add the {{{$args}}}.

I've incorporated the proposed {{{$comment_ID}}} parameter from #14261, which looks to add a {{{$comment_id}}} parameter to the same filter, in the hope that this is helpful... let me know if not and I'll refactor.

I've included a small plugin to demo the use and prove the new parameters are working, and the diff for a small tweak to Twenty Ten v1.1 which is needed to use this plugin with that theme.",simonwheatley
Next Release,14601,wp_new_comment method doesn't allow passed in values for IP and user-agent,,Comments,3.0.1,normal,normal,3.6,enhancement,new,has-patch,2010-08-12T14:20:21Z,2013-05-04T12:03:02Z,"In a scenario where you have a client that receives comments from the internet and pre-processes those comments before feeding them into wordpress through xmlrpc the ip and user-agent of the commenting internet user gets lost because there is no way of passing those values into the wp_new_comment function. 

`$_SERVER['REMOTE_ADDR']` and `$_SERVER['HTTP_USER_AGENT']` are hard-coded, which in the above mentioned scenario will always have the IP and user-agent from the client that feeds the comments into wp through xmlrpc.

The attached patch will used passed in values and only fall back to `$_SERVER['REMOTE_ADDR']` and `$_SERVER['HTTP_USER_AGENT']` if not passed in.",mrutz
Next Release,17375,Serialzed option values broken for classes and strings on unserialize for C and S,markjaquith,General,3.1,normal,normal,3.6,defect (bug),reviewing,has-patch,2011-05-11T11:42:09Z,2013-01-14T01:06:27Z,"Wordpress has a feature build in to store arrays and objects into option values.

This is done by transparently serializing on storing and unserialize on retrieving.

The implementation is broken.

Wordpress is unable to unserialize serialized option values if they contain a serialized representation of classes implementing the [http://www.php.net/manual/en/class.serializable.php PHP serializeable interface] (C instead of O).

This is because the is_serialized() does not recorgnize that type of value.",hakre
Next Release,17262,wp_get_attachment_thumb_file is always false,,Media,3.0,normal,normal,3.6,defect (bug),new,has-patch,2011-04-27T18:36:19Z,2013-05-05T03:33:40Z,The issue is that on line 3863 we always search for `$imagedata['thumb']` and it never exists. Instead we have `$imagedata['thumbnail']`. This always exists.,lonnylot
Next Release,13822,Menu items that get unpublished still appear,nacin,Menus,3.0,normal,normal,3.6,defect (bug),reopened,has-patch,2010-06-10T16:30:12Z,2013-03-21T14:53:47Z,"We need to properly account for menu items linked to unpublished/pending post type objects.

My thought is they should probably be hidden from the frontend with an indication on the backend (like ""(Pending)"") that they are are unpublished/pending.

We need to properly handle private posts too.",nacin
Next Release,14975,Nav-menu system does not always run titles through 'the_title' filter.,,Menus,,normal,normal,3.6,enhancement,new,commit,2010-09-27T15:19:48Z,2013-05-04T23:41:26Z,I am using the qTranslate plugin that uses the 'the_title' filter to parse its multilingual content (separated with comment tags). All titles are parsed well except for the titles appearing in the menu system's meta boxes; It seems this is because nav-menu functions don't run the titles through this filter.,Goldfrapper
Next Release,15907,inconsistent handling of plugin_folder in get_plugins(),,Plugins,,normal,normal,3.6,defect (bug),new,has-patch,2010-12-20T03:35:16Z,2013-05-05T00:25:18Z,"If you pass the name of a folder to get_plugins, it needs to have a leading slash which then stores the plugin list from that folder in {{{$wp_plugins['/folder-name']}}}. 

Secondly, the plugin file/path does not include folder-name passed to get_plugins, so the returned data has to have the {{{'folder-name/'}}} added to the key of each plugin's information before it can be used throughout WP. The code I'm currently using to work around the issue is

{{{
			$my_plugins = get_plugins( '/extra' );
			$extra = array();
			if( !empty( $my_plugins ) ) {
				foreach( $my_plugins as $k => $v )
					$extra['extra/' . $k] = $v;
			}
}}}

related #15906",wpmuguru
Next Release,16834,UI problem in Permalinks SubPanel (on RTL sites),ramiy,RTL,3.1,normal,normal,3.6,enhancement,reopened,has-patch,2011-03-11T15:15:12Z,2013-05-18T07:11:57Z,"hi,
i want to report a UI problem in RTL sites, on the Settings->Permalinks SubPanel.

See the  Attached screenshots.",ramiy
Next Release,16705,"Unclear wording: ""An administrator must always approve the comment """,,Text Changes,3.1,normal,normal,3.6,defect (bug),new,commit,2011-02-28T21:22:12Z,2013-05-05T01:04:18Z,"I'm not certain if I should classify this as a bug or as a need to revise wording in the options menu, or if I should put in a feature request for a refined option...

...but...

If, under Settings->Discussion you have ""An administrator must always approve the comment"" checked, if the author of the post receiving the comment has the ""edit_comment"" capability, they will receive an email notification to moderate the comment in the queue.

After viewing the wp_notify_moderator function for 3.1 in pluggable.php (and comparing it to 3.0.5's version) I can see this functionality seems to be coded in by design.

What's confusing is that the option reads ""An administrator must always approve the comment"" and it's difficult to discern if that means the user role of ""Administrator"" or anyone who can be an ""administrator"" of the comments.

It's also hard to tell from the reading of the option text whether or not this means that the function is implemented incorrectly, or if the option is simply poorly worded.

In either case, it would be useful to be able to have more granular control over who is getting these email notifications for comment moderation.

Failing that, if the ""An administrator must always approve the comment"" is checked, that should mean that only users with the ""Administrator"" role should be able to approve the comment.

...depending on what the expected behavior of this functionality is meant to be.",joe.woidpress
Next Release,13239,Filter locate_template template_names variable,,Themes,3.0,normal,normal,3.6,enhancement,reopened,has-patch,2010-05-03T21:43:05Z,2013-05-04T11:09:25Z,"I recently encountered a situation where it would be very helpful to supply alternate template file locations; however, this cannot be accomplished as the locate_template function is being used and that function's arguments are not filterable. So, I created a patch that adds the filter.

This patch adds two filters: locate_template and locate_template-TEMPLATENAME. This allows for both general and specific filtering.

The following example shows how this could be used to modify the location of a BuddyPress template file.

{{{
function filter_member_header_template( $template ) { 
    return dirname( __FILE__ ) . '/buddypress/members/single/member-header.php';
}
add_filter( 'locate_template-members/single/member-header.php', 'filter_member_header_template' );
}}}

While the value of this example is debatable as BuddyPress could be updated to support alternate template locations, the value of the patch itself is high. This opens up a new ability for plugins to modify template file locations, giving plugins a hook into the content rendering process without requiring themes to be modified.",chrisbliss18
Next Release,20101,Can't use 'show_admin_bar' filter with conditional tags,nacin,Toolbar,,normal,normal,3.6,defect (bug),reopened,commit,2012-02-22T19:10:11Z,2013-04-22T22:10:49Z,"I'm trying to show the admin bar only on the front page:

{{{
function scribu_show_admin_bar() {
  return is_front_page();
}

add_filter( 'show_admin_bar', 'scribu_show_admin_bar' );
}}}

However, this doesn't work because '_wp_admin_bar_init' is called on 'init', before the main WP_Query is set up.",scribu
Next Release,16057,download_url() error checking fails to notice that the file wasnt correctly witten to disk,,Upgrade/Install,3.0,normal,normal,3.6,defect (bug),new,has-patch,2011-01-01T01:36:51Z,2013-01-21T23:45:37Z,"When upgrading/installing plugins, themes and WordPress download_url() is called to download the package to a temporary file.

At present, the return value of fwrite() is not checked, the result can be that the file is not written to disk correctly and subsequently, the Zip extraction fails.

This appears as if it can be caused by the user running out of disk space, as seen here: http://erisds.co.uk/wordpress/wordpress-automatic-upgrades-one-of-the-pitfalls

I'm attaching a patch which appears to fix it for me, however, As I do not have a setup where I can enforce a quota I cannot test the saving of the file without fudging the return value of fwrite() to something lower than expected.",dd32
Future Releases,10422,Answering to comment from Dashboard does not update Dashboard statistics,,Administration,2.8.1,normal,normal,Future Release,defect (bug),new,has-patch,2009-07-16T05:18:48Z,2012-09-17T19:50:52Z,"Hi there,

there is a short statistics ""Right now/At a Glance"" box in Dashboard, containing number of posts, pages, comments etc.

There is also a box with list of most recent comments in the Dashboard.

If a user answers to a comment in this ""Recent comments"" box in Dashboard, which uses AJAX, so it does not reload the whole page, it creates a new comment, but the number of comments in the ""Right now"" box is not updated.

I know this is not a critical bug, but it would be really nice if it works.

Take care, Honza

P.S.: As there is no ""Dashboard"" component in the Trac, I did not know whether to assign it to Administration or Comments component. I put it into Administration, if you think it better suits to Comments or any other component, please feel free to change it.",honza.skypala
Future Releases,19206,Improve internal admin menu code,,Administration,3.3,normal,normal,Future Release,defect (bug),new,has-patch,2011-11-08T17:53:44Z,2011-11-09T16:27:02Z,"The internal admin menu code is both hard to read and filled with several unnecessary branches. This makes maintaining the code quite difficult.

A few uses of list and smarter branching can considerably improve _wp_menu_output. Patch attached. Let's revisit this when we branch for 3.4.",koopersmith
Future Releases,14949,Login gives false assurance of having logged out,filosofo,Administration,3.1,normal,normal,Future Release,defect (bug),new,has-patch,2010-09-23T10:39:34Z,2012-09-20T22:02:19Z,"If you visit `wp-login.php?loggedout=true` while logged in, WordPress falsely tells you that ""You are now logged out.""

This is a problem because it could lead you to think, e.g., that a public computer is no longer authenticated with access to your WP admin.

Patch redirects a still-authenticated user back to the admin from the login page if she requests the above page without actually having logged out.",filosofo
Future Releases,13655,Login/Install/User Edit should stripslashes() $_POST data,,Administration,3.0,normal,normal,Future Release,defect (bug),new,has-patch,2010-05-31T11:33:17Z,2010-11-13T08:05:36Z,"Following on from #13654 All Login/Registration/Install/User Edit functionality should stripslash $_POST data.

At present, it seems that we do not stripslash at all.

For existing user passwords, we should migrate passwords to their non-stripslashed versions:

 [5/31/10 6:34:11 AM] Mark Jaquith: We could migrate people.[[BR]]

 [5/31/10 6:34:13 AM] Dion (dd32): Perhaps oughta just add proper stripslashing in 3.1, and add back-compat to change password from non-stripslashed to stripslashed.. similar to the md5->phpass implementation..[[BR]]

 [5/31/10 6:35:13 AM] Mark Jaquith: Yep. If the PW doesn't match, addslashes() and compare again. If that matches, set the new PW hash. Right?[[BR]]

 [5/31/10 6:35:19 AM] Dion (dd32): yep

",dd32
Future Releases,19247,Add post type and taxonomy to admin body class,,Administration,3.3,normal,normal,Awaiting Review,enhancement,new,has-patch,2011-11-15T08:19:35Z,2013-04-14T10:03:13Z,"I often have a need for targetted CSS selectors based on the current screen's post type (eg. to hide unwanted UI elements), so I usually end up adding `post-type-{$post_type}` with the `admin_body_class` filter. It'd be nice if this was in core.",johnbillion
Future Releases,15865,Make it easy to disable options / user settings,westi,Administration,,normal,normal,Future Release,enhancement,new,has-patch,2010-12-17T17:52:29Z,2013-01-21T04:12:48Z,"We have a wonderful option white listing system.

The one thing it doesn't support is hiding the ui of core options if you don't want them changed.

We should have a generic way of doing this.",westi
Future Releases,6286,"Proposed changes to ""E-mail me whenever"" Discussion Options",,Administration,2.5,normal,normal,Future Release,enhancement,new,has-patch,2008-03-18T19:14:55Z,2013-01-13T20:40:03Z,"WRT the ""E-mail me whenever"" options on the Discussion options page:

[[Image(http://img132.imageshack.us/img132/4215/picture1vf1.png)]]

 1. For ""a comment is helf for moderation,"" the ""me"" is ambiguous.  It should specify that it means the blog admin e-mail address.
 1. For ""anyone posts a comment,"" again, ""me"" is ambiguous.  In this case ""me"" means the author of the post.  The comment notification setting is personal, and therefore should be set in the profile options (where it can retain the ""me"").  Some authors may want e-mail notification, others might not.",markjaquith
Future Releases,17906,Refactor submit box code,,Administration,,normal,normal,Future Release,enhancement,new,has-patch,2011-06-27T13:27:34Z,2011-06-28T16:01:10Z,"The code for the post submit metabox is a mess. It should be cleaned up, so that changes such as #17028 can be done more easily.

Will post a patch shortly.",scribu
Future Releases,16774,Remember list view/excerpt view setting,,Administration,3.1,normal,normal,Awaiting Review,enhancement,new,has-patch,2011-03-06T13:37:18Z,2012-07-03T19:43:23Z,"I love the new excerpt view, except that the next time I go to the Articles page, it shows me the list view again. The selected view should be retained as a setting.",texttheater
Future Releases,18788,Remove redundant type attributes from script and style tags,,Administration,3.3,normal,normal,Future Release,enhancement,new,has-patch,2011-09-27T06:54:02Z,2013-04-15T10:28:35Z,"Now that the admin is using the HTML5 doctype everywhere, the `type=""text/javascript""` and `type=""text/css""` attributes on script and style tags are unnecessary (if they weren't anyway), and I think they can be safely removed to trim a few hundred bytes from core. Should be a simple search and replace exercise.",solarissmoke
Future Releases,18786,meta_form() should place some restrictions on meta keys,,Administration,,normal,normal,Future Release,enhancement,new,dev-feedback,2011-09-26T22:37:58Z,2013-04-22T21:12:23Z,"meta_form() echoes out all meta keys into a dropdown for the custom fields box, unless they start with an underscore (as bound by the query).

We should consider is_protected_meta( $key, 'post' ) and/or current_user_can( 'add_post_meta', $post->ID, $key ). This isn't a security thing, just an opportunity to hide some things from the user they don't need to see.

On the other hand, it's definitely a number of extra calculations. is_protected_meta() is light as long as there's no filter on things (and if there is, we probably want to know). current_user_can() might be a bit more weight than necessary here.",nacin
Future Releases,18710,post_deleted_messages filter,nacin*,Administration,,normal,normal,Future Release,enhancement,accepted,has-patch,2011-09-19T21:19:21Z,2012-06-11T13:05:21Z,It would be nice to be able to updated post deleted messages like you can through the post_updated_messages filter.,jgadbois
Future Releases,15384,wp-login.php refactor,,Administration,,normal,normal,Future Release,enhancement,new,,2010-11-11T12:40:35Z,2012-05-31T21:40:02Z,"wp-login.php needs some serious work. When looking to do some improvements in #5919, I realized I literally needed a goto in order to achieve the goals outlined in this comment:

http://core.trac.wordpress.org/ticket/5919#comment:39

I am thinking a WP_Login class with some methods that can handle various different forms, POST handling, and rerouting.",nacin
Future Releases,18179,WP_Meta_Box,,Administration,,normal,normal,Future Release,feature request,new,has-patch,2011-07-20T01:05:50Z,2013-03-08T16:31:47Z,"Ryan, Nacin, and I would like to see a Meta Box class in 3.3. Let's make it happen.

Attached is a first pass (in plugin form, for ease). It provides a basic API and supports multiple instances. Instances are stored in a static meta box registry, which should require minimal interaction.

Keep in mind that meta boxes are not just registered on CPT pages — they are also used on the dashboard, in menus, and in custom UIs. The parent class should be suitable for each of these cases.

I think we should move caps to the main Meta Box class (and allow subclasses/instances to specify/override the cap through $args), and also provide $args to enable/disable any checks we perform before saving (e.g. autosave, etc).

It would also be interesting to integrate this with the proposed metadata API improvements.

See #15066 for prior discussion.",koopersmith
Future Releases,20729,Improve Admin Colors CSS enqueuing,,Appearance,3.1,normal,normal,Future Release,defect (bug),new,,2012-05-22T17:19:58Z,2012-05-22T17:20:17Z,"The hacky way in which we enqueue the admin colors css means that you get different ordering of the CSS between the development version of the scripts and the script-loader sourced version of the scripts.

This can cause CSS bugs which don't show when developing but do when running with the script loader - e.g. #16827

It also makes it harder to implement a custom css concatenator.

We should do something like - http://core.trac.wordpress.org/attachment/ticket/16827/colors-hacked-fixed.diff

To make this properly enqueue the styles.

We should also make this kind of call fire a {{{_doing_it_wrong()}}} as {{{true}}} is not a url :)

{{{
$styles->add( 'colors', true, array('wp-admin') );
}}}

This code harks back from [7976]",westi
Future Releases,20733,Theme customizer doesn't order sections based on order added,,Appearance,3.4,normal,normal,Future Release,defect (bug),new,,2012-05-22T23:36:48Z,2013-01-21T15:16:04Z,"When adding sections to the theme customizer, sections with the same priority are given seemingly random order. From the [http://core.trac.wordpress.org/ticket/19910 original customizer ticket]:

> Settings and sections both contain priority parameters (you can specify these in the constructor or alter them afterwards) which serve as the primary means of sorting sections before they're rendered. The order settings/sections are added serves as a secondary sorting mechanism (tiebreaker) when multiple items share the same priority.

I was under the impression that if the priority was the same, the sections would appear in the order they were added. However, if you add sections A, B, and C (in that order) it seems to display them in order B, C, A.

To replicate, add this code to your theme:

{{{
add_action( 'customize_register', 'theme_customize_register' );

function theme_customize_register( $wp_customize ) {
	// Register Section A
	$wp_customize->add_section( 'theme_section_a', array(
		'title'    => 'Section A',
		'priority' => 35,
	) );
	$wp_customize->add_setting( 'theme_option_a', array(
		'type'              => 'option',
	) );
	$wp_customize->add_control( 'theme_option_a', array(
		'section'    => 'theme_section_a',
		'type'       => 'text',
	) );

	// Register Section B
	$wp_customize->add_section( 'theme_section_b', array(
		'title'    => 'Section B',
		'priority' => 35,
	) );
	$wp_customize->add_setting( 'theme_option_b', array(
		'type'              => 'option',
	) );
	$wp_customize->add_control( 'theme_option_b', array(
		'section'    => 'theme_section_b',
		'type'       => 'text',
	) );

	// Register Section C
	$wp_customize->add_section( 'theme_section_c', array(
		'title'    => 'Section C',
		'priority' => 35,
	) );
	$wp_customize->add_setting( 'theme_option_c', array(
		'type'              => 'option',
	) );
	$wp_customize->add_control( 'theme_option_c', array(
		'section'    => 'theme_section_c',
		'type'       => 'text',
	) );
}
}}}

'''Expected result:''' Sections show up in order A, B, C

'''Actual result:''' Sections show up in order B, C, A

Sorry if I'm doing something stupid, or if this isn't the intended functionality. I'm running trunk without any plugins.",andyadams
Future Releases,21785,Add header image uploads with cropping to the customizer,,Appearance,3.4,normal,normal,Future Release,task (blessed),new,,2012-09-04T04:56:41Z,2013-04-26T01:08:30Z,"See #21355 for an explanation for why header image uploads (sans cropping) was removed from the 3.4 branch. This ticket is about adding it back, with a crop step, to ensure proper support.",nacin
Future Releases,15069,Autosave function assumes that there is only on tinyMCE on the page,,Autosave,3.0.1,normal,normal,Future Release,defect (bug),new,,2010-10-08T10:28:12Z,2011-01-14T09:35:22Z,"Autosave javascript assumes there is only one tinyMCE instance on the post editor page, thus breaking autosave feature under the next circumstances:
1. Content editor is in HTML mode
2. Some custom tinyMCE instances are added to the page by some plugin or theme.

A patch that fixes that problem is attached.",karevn
Future Releases,24128,Twenty Eleven: add postMessage support for header_textcolor,,Bundled Theme,,normal,normal,Future Release,enhancement,new,has-patch,2013-04-18T17:43:32Z,2013-04-23T16:53:14Z,"Similar to Twenty Twelve and Twenty Thirteen, this would add immediate visual feedback in the Theme Customizer UI when header text is hidden, or its color value changes.",lancewillett
Future Releases,20875,Introduce wp_cache_get_multi(),,Cache,,normal,normal,Future Release,enhancement,new,has-patch,2012-06-07T13:56:28Z,2013-04-16T17:12:29Z,"Both options (see #10274) and themes (see #20103) could benefit from a cache backend that implements get_multi(). For options, this means we can use individual keys. For both themes and options, we'd be able to make fast multiple gets.

Both APC and Memcached (but not Memcache) implement multiple-get. A fallback would be looping over get().

Separately, as this would be a new function we use in core, we probably need to start doing some kind of versioning for drop-ins like db.php and object-cache.php.",nacin
Future Releases,15565,More context for clean_post_cache(),,Cache,3.1,normal,normal,Future Release,enhancement,new,has-patch,2010-11-24T17:41:07Z,2012-10-17T14:21:18Z,"I'd like more context to be available when the clean_post_cache hook is run.

Scenario: I have a plugin caches the post_IDs of most post queries that go through WP_Query.  Invalidating that cache is done via the clean_post_cache hook, but requires a bunch of fragile hacks to prevent cache invalidation for things like comment inserts, which update the post's comment_count (which could, in theory, affect a WP_Query, but that's another story).

Option 1: Add extra actions to provide context.  This is the simpler option.  Patch 1 does this for the above scenario.

Option 2: Add an optional context parameter to clean_post_cache().  This is more general, but I can't think of anyplace else WordPress uses as similar approach.  Patch two.",mdawaffe
Future Releases,23327,Cache incrementors for get_bookmarks(),,Cache,3.5.1,normal,normal,Future Release,task (blessed),new,,2013-01-30T18:24:08Z,2013-04-16T17:11:33Z,"Make use of a caching incrementor and store queries in individual cache buckets to avoid memory exhaustion.

Pattern this after #23167, which does the same thing for get_pages().

See #23173 for an explanation of the motivation behind this.",ryan
Future Releases,15256,?cat=## permalinks do not redirect when category is a parent,,Canonical,3.0.1,high,normal,Future Release,defect (bug),reopened,needs-unit-tests,2010-10-30T05:44:18Z,2013-02-25T13:08:53Z,"One of my plugin users reported this while using dropdowns to display his categories: http://wordpress.org/support/topic/plugin-my-category-order-multiple-widget-support-broken

I was able to duplicate it on my own site in 3.0.1. Any category that has children displayed in the dropdown will redirect to /?cat=## instead of the the friendly /category-name permalink when selected. Select any other category or one of the children and they redirect correctly.

Any thoughts?",froman118
Future Releases,10935,WP_Query and is_day() bug,ryan,Canonical,2.8.4,normal,normal,Future Release,defect (bug),new,commit,2009-10-09T05:05:24Z,2013-05-07T20:31:05Z,"When you configure Wordpress with permalinks such as /%year%/%month% and even /%year%/%month%/%day/ there is
a failure when you request URLs like /2009/10/58, because it's still generating the query to the database
(AND YEAR(wp_posts.post_date)='2009' AND MONTH(wp_posts.post_date)='10' AND DAYOFMONTH(wp_posts.post_date)='58').
Also, is_day() returns true, when it should be returning false.

As adding a post with that date is nearly impossible trough the wordpress admin or the database, no posts will be found, so
Wordpress will show ""No page found"", but with HTTP status 200 OK, not 404 Not Found.

I think it's important to validate the day on the applicacion side, so for some ideas to work correctly under WP
(like take advantage of sticky posts and show all post for the month in day requests), and most importantly to save
those wasted mysql queries.

Of course I could validate the day using a filter, but that is not the general idea!",raliste
Future Releases,12456,Canonical URL redirect issue with post_id/postname permalink structure,dd32*,Canonical,2.9.2,normal,normal,Future Release,enhancement,accepted,tested,2010-03-02T14:06:38Z,2013-05-16T12:31:07Z,"The issue:

Using /%post_id%/%postname%/ as permalink structure,
Most canonical redirects work fine, except: 

domain.com/post_id/ brings you to the post but does not redirect to the canonical domain.com/post_id/postname/

Additional info:

The above permalink structure conforms to best practice as described in the codex:
http://codex.wordpress.org/Using_Permalinks#Structure_Tags

Therefore I figured this was a bug, given the attention given to redirecting to the canonical url ""So to avoid confusing search engines and to consolidate your rankings for your content, there should only be one URL for a resource."" 
http://markjaquith.wordpress.com/2007/09/25/wordpress-23-canonical-urls/
",Frank.Prendergast
Future Releases,10543,Incorrect (non-UTF-8) character handling in tag's name and slug,westi*,Charset,2.8.2,normal,normal,Future Release,defect (bug),accepted,needs-unit-tests,2009-08-04T05:26:11Z,2010-11-13T01:15:40Z,"Incorrect (non-UTF-8) character tag's name and slug are handled in different way: name is truncated on 1st such character, and in slug they are just removed (no truncation). WP should handle both in the same way - drop invalid characters, instead of truncation.

I found this issue recently. One of the Polish programs for adding posts to the Wordpresses does not encode tags in UTF-8 - it left them in ISO-8859-2. I notified author of this bug. Unfortunately there are many copies around, so it may take a long time before everyone upgrade.",sirzooro
Future Releases,18007,is_serialized trouble for multibytes encoding,,Charset,3.2,normal,normal,Future Release,defect (bug),new,has-patch,2011-07-06T16:51:52Z,2013-04-10T12:47:42Z,"Possible bug in the ''is_serialized'' function, in a multibytes environment :

== Context ==

* ''utf-8'' encoded database fields
* auto overlaoding singlebyte functions from conf (see http://www.php.net/manual/en/mbstring.overload.php)

Retrieving an option from the database, the ''get_option'' function try to deserialize it.

== Bug scenario ==
 * the ''strlen'' call is actually a ''mb_strlen'' one
 * the ''$length'' var is the number of characters (not bytes)
 * using {{{ $data[$length-1] }}} don't retrieve the last char but one before, it's actual position is undefined, depending on the other content of the string
 * this ''$lastc'' is not '';'' or ''}'' 
 * the string is understood has not serialized

== Patch proposal ==

here is a fix i made to make it work with multibytes string :
Not tested it for single bytes, but there is no reason for it to not work.
{{{
--- a/wp-includes/functions.php
+++ b/wp-includes/functions.php
@@ -256,7 +256,7 @@ function is_serialized( $data ) {
                return false;
        if ( ':' !== $data[1] )
                return false;
-       $lastc = $data[$length-1];
+       $lastc = substr($data, -1);
        if ( ';' !== $lastc && '}' !== $lastc )
                return false;
        $token = $data[0];
}}}

",challet
Future Releases,16134,Check capabilities/role before adding comment links to email,,Comments,3.0.4,normal,normal,Future Release,defect (bug),new,has-patch,2011-01-07T10:23:06Z,2011-02-19T20:35:22Z,"Currently the Trash it, Delete it, Spam it are added to comment notifcation emails, which are sent to the author.

However, the author may have had their role changed down to a lower-role (or had capability removed) since they wrote the post, and no longer would have permissions to use the links added to the email. 

It may also be the case that a subscriber user was assigned as the Post Author (perhaps as a sort of Guest Author) for a post, and never had the permissions to use those links.

Can some sort of check be added, before these links be added to the email?",GaryJ
Future Releases,14711,Indexes for comment_author_email and user_id,,Comments,3.0,normal,normal,Future Release,defect (bug),new,,2010-08-27T07:18:30Z,2011-01-08T19:36:17Z,"There are currently no indexes on any of the author columns in wp_comments.  That means there's no efficient way to count the comments written by a given commenter, for example.

The enclosed patch adds two separate non-unique indexes, one each for comment_author_email and user_id.
",tellyworth
Future Releases,11286,Normal User Input Causes Status 500,,Comments,2.8.4,normal,normal,Future Release,defect (bug),new,commit,2009-11-30T21:45:04Z,2012-11-26T22:20:40Z,"To reproduce:  Click the Submit Comment button on any post with no other input.

Expected Result:  Status 200 or 403 with feedback to user.

Actual Result:  Status 500 with feedback to user.

Status 500 means the server is at fault for an unexpected error condition, which is not the case here.  It is the incorrect response to send, and it is alarming to see it show up in a server log without an error message.

Patch should be ready shortly...",miqrogroove
Future Releases,761,Add hook to conditionally disable comment notifications [w/ patch],matt,Comments,1.2.2,normal,normal,Future Release,enhancement,reopened,has-patch,2005-01-27T07:42:58Z,2012-11-07T07:56:15Z,"E-mail notifications for posted comments are controlled by the  'comments_notify' setting.  E-mail notifications for comments needing modification are controlled by the 'moderation_notify' setting.  Each is an all or nothing setting, i.e. if 'on', ALL post authors will receive notifications when appropriate.  AFAIK, there isn't a  clean way for a plugin to insert itself into the notification process.",coffee2code
Future Releases,13820,AJAX update the comment bubbles on edit-comments.php,,Comments,3.0,normal,normal,Future Release,task (blessed),assigned,has-patch,2010-06-10T13:45:27Z,2012-03-08T01:58:35Z,"We update the bubble in the Comments admin menu item. We should also update the counts in the ""In Response To"" bubbles, as well as the bubble color.",matt
Future Releases,21870,@ error control operator hides fatal error on mysql_fetch_object,,Database,1.5,normal,normal,Future Release,defect (bug),new,has-patch,2012-09-11T14:59:36Z,2012-11-07T19:49:19Z,"I ran a get_posts() query that took me a while to track down to the @ error control operator on the mysql_fetch_object call (see wp-db.php:1219 in trunk), therefore PHP was silently die'ing on me because of a memory limit error.

I'm curious as to what use cases there are for the error control operator to be used here. In my case, I want to see these errors and fix my code accordingly, or tailor my query to the memory constraints, or rethink my data relations in the database.

",ericlewis
Future Releases,15004,Missing index on signups table,pento,Database,,normal,normal,Future Release,defect (bug),assigned,commit,2010-10-01T03:48:25Z,2013-05-07T17:36:17Z,"{{{
wp-includes/ms-functions.php:590:
$signup = $wpdb->get_row( $wpdb->prepare(""SELECT * FROM $wpdb->signups WHERE user_email = %s"", $user_email) );
wp-includes/ms-functions.php:595:
$wpdb->query( $wpdb->prepare(""DELETE FROM $wpdb->signups WHERE user_email = %s"", $user_email) );
}}}

But there is no index on user_email in the signups table.  Makes these queries perform a full table scan which is slow when you have lots of signups.

Attached patch adds the index but I can't figure out how schema upgrades on MS-specific tables ever get run after the initial activation of MS mode and table creation.

",barry
Future Releases,15499,Add an index for get_lastpostmodified query,,Database,3.0.1,normal,normal,Future Release,enhancement,new,dev-feedback,2010-11-19T18:20:31Z,2012-12-04T21:50:27Z,"I had a friend (Jools Wills) look over a WordPress site recently, to get a fresh view on what might be optimised, and he noticed a query which might benefit from an additional index on ```WP_Posts```. The query ```SELECT post_modified_gmt FROM $wpdb->posts WHERE post_status = 'publish' AND post_type = 'post' ORDER BY post_modified_gmt DESC LIMIT 1``` in ```get_lastpostmodified``` is run for last modified date in GMT, and currently doesn't use an index. This SQL is run whenever certain types of feed are requested as far as I can see.

We added ```CREATE INDEX type_status_modified ON wp_posts (post_type, post_status, post_modified_gmt);``` and ```CREATE INDEX type_status_modified_no_id ON wp_posts (post_type, post_status, post_date_gmt);``` and the query runs a lot faster now. The following timings were taken running the first query (```post_modified_gmt```) on a 36,362 row posts table. Note that it doesn't use filesort after the index has been added.

''Before:''

{{{
mysql> EXPLAIN SELECT post_modified_gmt FROM slgr_posts WHERE post_status = 'publish' AND post_type = 'post' ORDER BY post_modified_gmt DESC LIMIT 1;
+----+-------------+------------+------+------------------+------------------+---------+-------------+-------+-----------------------------+
| id | select_type | table      | type | possible_keys    | key              | key_len | ref         | rows  | Extra                       |
+----+-------------+------------+------+------------------+------------------+---------+-------------+-------+-----------------------------+
|  1 | SIMPLE      | slgr_posts | ref  | type_status_date | type_status_date | 124     | const,const | 24718 | Using where; Using filesort |
+----+-------------+------------+------+------------------+------------------+---------+-------------+-------+-----------------------------+
1 row in set (0.03 sec)
}}}


 * 0.21290683746338ms
 * 0.25690102577209ms
 * 0.230553150177ms
 * 0.2274341583252ms
 * 0.23083996772766ms

''After:''

{{{
mysql> EXPLAIN SELECT post_modified_gmt FROM slgr_posts WHERE post_status = 'publish' AND post_type = 'post' ORDER BY post_modified_gmt DESC LIMIT 1;
+----+-------------+------------+------+---------------------------------------+----------------------+---------+-------------+-------+-------------+
| id | select_type | table      | type | possible_keys                         | key                  | key_len | ref         | rows  | Extra       |
+----+-------------+------------+------+---------------------------------------+----------------------+---------+-------------+-------+-------------+
|  1 | SIMPLE      | slgr_posts | ref  | type_status_date,type_status_modified | type_status_modified | 124     | const,const | 24718 | Using where |
+----+-------------+------------+------+---------------------------------------+----------------------+---------+-------------+-------+-------------+
1 row in set (0.00 sec)
}}}

 * 0.00082707405090332ms
 * 0.00072288513183594ms
 * 0.00074386596679688ms
 * 0.00066494941711426ms
 * 0.00066208839416504ms

In ```get_lastpostmodified``` both these queries are run, so the total savings in my case on a quiet server are nearly 0.5 seconds... worth having, I reckon.

I've not created a patch for schema changes before, but I think the only place the change would need to go would be ```scheme.php```? Suggested patch attached.",simonwheatley
Future Releases,20316,Garbage collect transients,,Database,,normal,normal,Future Release,enhancement,new,dev-feedback,2012-03-28T22:04:35Z,2013-05-14T15:57:57Z,"Per an IRC discussion and long-considered changes:

 * In wp_scheduled_delete(), look for expired transients and purge them.

 * On DB upgrade, purge all transients, regardless of expiration. (This should probably happen on auto-update as well, but let's let that part slide for now, as DB upgrade will run on all major releases these days.)

We should only do this if ! $_wp_using_ext_object_cache.",nacin
Future Releases,5932,"wpdb should reconnect and retry query when ""MySQL server has gone away""",pento,Database,3.0,normal,normal,Future Release,enhancement,assigned,has-patch,2008-02-20T08:17:01Z,2012-11-07T06:15:56Z,"Using 2.3.3, here are the type of errors that crop up in error_log everyday. 


{{{

[25-Jan-2008 08:37:35] WordPress database error MySQL server has gone away for query UPDATE wp_options SET option_value = '0' WHERE option_name = 'doing_cron'
[25-Jan-2008 09:23:19] WordPress database error MySQL server has gone away for query UPDATE wp_options SET option_value = '0' WHERE option_name = 'doing_cron'
[26-Jan-2008 00:03:54] WordPress database error MySQL server has gone away for query UPDATE wp_options SET option_value = '0' WHERE option_name = 'doing_cron'
[26-Jan-2008 00:04:29] WordPress database error MySQL server has gone away for query SELECT * FROM wp_posts, wp_postmeta WHERE wp_posts.ID = wp_postmeta.post_id AND wp_postmeta.meta_key = '_pingme' LIMIT 1
[26-Jan-2008 00:04:29] WordPress database error MySQL server has gone away for query SELECT * FROM wp_posts, wp_postmeta WHERE wp_posts.ID = wp_postmeta.post_id AND wp_postmeta.meta_key = '_encloseme' LIMIT 1
[26-Jan-2008 00:04:29] WordPress database error MySQL server has gone away for query SELECT ID FROM wp_posts WHERE CHAR_LENGTH(TRIM(to_ping)) > 7 AND post_status = 'publish'
[26-Jan-2008 00:05:09] WordPress database error MySQL server has gone away for query SELECT * FROM wp_posts, wp_postmeta WHERE wp_posts.ID = wp_postmeta.post_id AND wp_postmeta.meta_key = '_pingme' LIMIT 1
[26-Jan-2008 00:05:09] WordPress database error MySQL server has gone away for query SELECT * FROM wp_posts, wp_postmeta WHERE wp_posts.ID = wp_postmeta.post_id AND wp_postmeta.meta_key = '_encloseme' LIMIT 1
[26-Jan-2008 00:05:09] WordPress database error MySQL server has gone away for query SELECT ID FROM wp_posts WHERE CHAR_LENGTH(TRIM(to_ping)) > 7 AND post_status = 'publish'
[26-Jan-2008 00:05:47] WordPress database error MySQL server has gone away for query SELECT * FROM wp_posts, wp_postmeta WHERE wp_posts.ID = wp_postmeta.post_id AND wp_postmeta.meta_key = '_pingme' LIMIT 1
[26-Jan-2008 00:05:47] WordPress database error MySQL server has gone away for query SELECT * FROM wp_posts, wp_postmeta WHERE wp_posts.ID = wp_postmeta.post_id AND wp_postmeta.meta_key = '_encloseme' LIMIT 1
[26-Jan-2008 00:05:47] WordPress database error MySQL server has gone away for query SELECT ID FROM wp_posts WHERE CHAR_LENGTH(TRIM(to_ping)) > 7 AND post_status = 'publish'
.................
}}}
",dtc
Future Releases,16077,Placement of link popup in full-size visual editor when browser window is resized,garyc40,Editor,3.1,normal,normal,Future Release,defect (bug),assigned,has-patch,2011-01-02T19:47:30Z,2013-01-22T16:54:13Z,"To recreate: Writing a post in the full-window view of the visual editor, click the link popup. While popup open, resize browser window to be smaller. Link popup stays in original location, even if the window gets small enough to cut it off. 

You can move the link popup by dragging the top bar. If you do this, then the link popup will stay in the new place b/c our save state stuff, even when you're writing in the regular size visual editor.

Preferred UX: if browser window resizes, have link popup recenter itself in the overlay. ",jane
Future Releases,23630,Simplify the DFW implementation,,Editor,,normal,normal,Future Release,enhancement,new,,2013-02-26T16:44:57Z,2013-03-06T20:04:42Z,"I was sad to see that distraction free writing [http://make.wordpress.org/core/2013/01/08/wordpress-3-6-distraction-free-writing-improvements/#comment-7469 didn't get picked up] for 3.6.  I decided to play around with a rough proof of concept to see how difficult it would be to use the existing TinyMCE instance for DFW.

Benefits of handling it this way include:

- It eliminates the need (and complexity) of juggling multiple instances of TinyMCE
- We'll be able to remove a bunch of the old DFW code
- It makes the transition between regular mode and DFW mode much more smooth
- It can be as fully featured as we want it to be",lessbloat
Future Releases,20903,Exporter gets stuck in a loop a loop/break in the category hierarchy,westi,Export,3.1,normal,normal,Future Release,defect (bug),new,has-patch,2012-06-11T11:26:07Z,2012-06-12T08:13:02Z,"Ideally it should be impossible for a loop/incorrect parentage in a category hierarchy to exist.

But sometimes they do.

If one does exist then {{{export_wp()}}} gets stuck :(

It gets stuck in this code:

{{{
		// put categories in order with no child going before its parent
		while ( $cat = array_shift( $categories ) ) {
			if ( $cat->parent == 0 || isset( $cats[$cat->parent] ) )
				$cats[$cat->term_id] = $cat;
			else
				$categories[] = $cat;
		}
}}}

Similar to #20635 but different.",westi
Future Releases,19307,"Need ability to export ""All content"" but limited to date range",,Export,3.1,normal,normal,Future Release,enhancement,new,,2011-11-20T23:19:43Z,2012-07-11T07:39:18Z,"Need ability to export ""All content"" but limited to date range

==== ENV ====

 WP 3.3-beta3-19254 (trunk r19367)

==== Additional Details ====

For a larger site is a common scenario to need to export all content, but because of resource limitations or time constraints it cannot be done in a single export.

Exporting individual post types is not a work around, further you lose attachments on posts when exporting just ""posts"", and that breaks features including Featured Images.

==== Also Consider ====

Another common scenario for media and enterprise customer is wanting to export a period of time to further analysis that content, or stage it in their development environment for debugging an issue, or developing new designs and features.",lloydbudd
Future Releases,17767,Anonymous comments can break comments RSS feed,westi*,Feeds,3.2,normal,normal,Future Release,defect (bug),accepted,has-patch,2011-06-11T11:30:34Z,2013-05-20T12:00:48Z,"dc:creator and description elements should not be parsed.

Author field that can break RSS:
{{{
&#1040;&#1079; &#1089;&#1077; &#1082;&#1072;&#1079;&#1074;&#1072;&#1084; &#1042;&#1077;&#1089;&#1077;&#1083;&#1080;&#1085; &#1053;&#1080;&#1082;&#1086;&#1083;&#1086;&#1074;, &#1090;&#1086;&#1074;&#1072; &#1077; &#1077;&#1076;&#1085;&#1086; &#1084;&#1085;&#1086;&#1075;&#1086; &#1076;&#1098;&#1083;&#1075;&#1086; &#1080;&#1084;&#1077;
}}}

Comment text that can break RSS:
{{{
&amp;ndash;
}}} 

(and most of the $allowedentitynames)",dzver
Future Releases,10984,If content uses the nextpage tag then only the first page is shown in feeds,,Feeds,2.8.4,normal,normal,Future Release,defect (bug),new,dev-feedback,2009-10-20T11:03:11Z,2012-08-27T17:40:40Z,"If content uses the nextpage tag then only the first page is shown in feeds if the ""full text"" option is selected in ""Settings > Reading > Show Full Text (in feed)"". 

No links are displayed to read the full content and no indication is given in the feed that it isn't the full content.

I think the behaviour should be to ignore pagination in feeds which are set to ""full text"".

I have attached a patch which alters the behaviour of the_content() so that if it is used in the context of a feed it concatenates the pages to form the full content and returns that.",simonwheatley
Future Releases,13066,Last-Modified headers for individual comment feeds are incorrect,jgci*,Feeds,3.0,low,normal,Future Release,defect (bug),accepted,dev-feedback,2010-04-21T07:32:34Z,2010-11-28T16:18:31Z,"The WP::send_headers function currently uses get_lastcommentmodified() to set the Last-Modified header for all comment feeds. This is a problem when used for individual post comment feeds. The function gets the last modified comment across all blog posts. That means that every time a comment is posted anywhere, the Last-Modified header for ALL comment feeds is refreshed. Issues:

1. This is technically incorrect, since only the global comment feed and one specific post's comment feed have changed with the last comment (not all possible comment feeds); and 

2. It means that If-Modified-Since requests for other post comment feeds will not receive a 304 response when they should do (since their content hasn't changed). On blogs with many posts and many comment feeds, this will have a large impact on bandwidth because lots of requests will receive 200 responses where 304's would have done, just because a comment was posted on some other post.

If I've understood the flow correctly, $wp_query hasn't been fully set up at the time this function is called, so changing this behaviour would require some change in the flow of things (e.g., the handling of last modified headers for feeds moves into the do_feed() function). But doing so would mean that Last-Modified headers are correct/meaningful and that many more 304 responses can be served.

Any thoughts?",solarissmoke
Future Releases,14493,"do_enclose() can ping the same URL many times, can't filter URLs to ping",nacin*,Feeds,3.0.1,normal,normal,Future Release,enhancement,accepted,has-patch,2010-07-31T18:52:01Z,2012-11-07T09:14:47Z,"If the same URL is included in a post several times, do_enclose() can check that URL for inclusion as a possible enclosure several times.

Additionally, there's no way to filter what URLs do_enclose() should ping for possible inclusion as enclosures.

Attached adds an array_unique() call to do_enclose().

Attached adds a {{{do_action_ref_array( 'pre_enclose', array( &$post_links, &$pung ) )}}} hook to allow filtration of URLs to ping.  (Matches the pre_ping hook.)

do_enclose() has several more problems this patch addresses.

 1. Correct non-functional DELETE FROM postmeta query (bad use of wpdb::prepare()).
 2. Use like_escape() in several LIKE queries.
 3. Add an {{{apply_filters( 'enclosure_mime_types', array( 'video', 'audio' ) )}}} hook.
 4. Currently do_enclose() doesn't allow root URLs as enclosures (e.g. http://example.com/), only URLs with a non-trivial path or query.  Move that functionality to the new pre_enclose filter.
 5. Efficiency improvements in conditional logic.
 6. Clean up code by reducing control structure nesting depth.",mdawaffe
Future Releases,4539,Abbreviated year followed by punctuation or markup doesn't texturize,jmstacey,Formatting,2.5,low,normal,Future Release,defect (bug),reopened,has-patch,2007-06-26T03:36:36Z,2012-12-17T14:49:10Z,"An abbreviated year followed by punctuation or markup doesn't texturize properly.

e.g. (Bruce Sterling, '97) is texturized as (Bruce Sterling, &#8216;97) when the apostrophe should be texturized as &#8217;

e.g. <li>Casino Royale '06</li> is texturized as <li>Casino Royale, &#8216;06</li> when the apostrophe should be texturized as &#8217;",pah2
Future Releases,15367,WordPress strips multiple line breaks inside of <pre> tags,garyc40,Formatting,3.1,normal,normal,Future Release,defect (bug),assigned,has-patch,2010-11-10T01:39:33Z,2012-09-12T19:49:52Z,"Write a post:

{{{
<pre>
This


is




a
test.
</pre>
}}}

You end up with this:

{{{
<pre>
This

is

a
test.
</pre>
}}}

Probably related to `wpautop()` I imagine.",Viper007Bond
Future Releases,10041,like_escape() should escape backslashes too,,Formatting,2.8,high,normal,Future Release,defect (bug),reopened,has-patch,2009-06-05T11:18:16Z,2013-04-16T17:04:06Z,"The like_escape() function doesn't escape backslashes.

source:trunk/wp-includes/formatting.php@11518#L2260
{{{
	return str_replace(array(""%"", ""_""), array(""\\%"", ""\\_""), $text);
}}}
should be ...
{{{
	return str_replace(array(""\\"", ""%"", ""_""), array(""\\\\"", ""\\%"", ""\\_""), $text);
}}}
or simply ...
{{{
	return addcslashes($text, '%_');
}}}

Considering multi-byte characters ...
{{{
	if (function_exists('mb_ereg_replace')) {
		$text = mb_ereg_replace('\\\\', '\\\\', $text);
		$text = mb_ereg_replace('%', '\\%', $text);
		$text = mb_ereg_replace('_', '\\_', $text);
		return $text;
	} else {
		return addcslashes($text, '%_');
	}
}}}",miau_jp
Future Releases,14050,shortcode_unautop() should also remove the <br /> added after shortcodes,,Formatting,3.0,normal,normal,Future Release,defect (bug),new,dev-feedback,2010-06-22T18:15:27Z,2013-01-19T08:38:00Z,"Currently `wpautop()` wraps a shortcode in `<p>` tags as well as adding a `<br />` tag after the shortcode. We then use `shortcode_unautop()` to remove the `<p>` tags, but the `<br />` stays.

To replicate, just drop a few caption shortcodes into a post and set them all to align left or right. You'll see that even though they all float (assuming that's how your theme handles them) they stair step down because of the extra `<br />`

I'm not a regex expert so someone should probably double check my patch, but it seems to work for me.",aaroncampbell
Future Releases,15657,wp_strip_all_tags causes paragraphs to run together,,Formatting,2.9,normal,normal,Future Release,defect (bug),new,needs-unit-tests,2010-12-03T06:05:40Z,2011-12-27T20:49:30Z,"If a post contains HTML like ""foo<p>bar"", the RSS feed ends up with the text ""foobar"" instead of the more appropriate ""foo bar"" or even ""foo\n\nbar"".

Here is a simple patch to wp-includes/formatting.php that fixes this: basically, convert <p>, <br> and certain similar tags to newlines before calling the PHP-builtin strip_tags() function.
",jwz
Future Releases,20771,esc_url() instead of esc_html() in wp_nonce_url(),SergeyBiryukov,Formatting,3.4,normal,normal,Future Release,enhancement,reopened,dev-feedback,2012-05-29T06:21:37Z,2013-03-18T19:44:48Z,"The `wp_nonce_url()` function currently uses `esc_html()` in its output, which doesn't really seem to be the appropriate escaping function since it's generating a URL.

Attached patch changes the output to use `esc_url()`",jkudish
Future Releases,13340,wpautop breaks inline MathMl,,Formatting,2.9.2,normal,normal,Future Release,enhancement,new,needs-unit-tests,2010-05-11T14:04:58Z,2012-04-07T01:41:16Z,"wpautop treats inline &lt;math&gt; tags as block; they in fact may be placed block or inline, with their flow model dependent on the mode or CSS display property.

Trivial to fix; just needs someone to commit the change. Remove ""|math"" from $allblocks in file wp-includes/formatting.php. math tags on their own will be wrapped in a paragraph, which is fine.

As a very convenient enhancement, please replace on line 210:

{{{
     if ($br) {
-        $pee = preg_replace_callback('/<(script|style). ....
+        $pee = preg_replace_callback('/<(script|style|math) ...
}}}

to prevent MathML being polluted with breaks (current required workaround people are using is to have the whole block on one line, which is very messy to edit).",nicholaswilson
Future Releases,13821,Changing visibility to password-protected without entering a password does not warn user,kapeels*,General,,normal,normal,Future Release,defect (bug),accepted,has-patch,2010-06-10T13:48:48Z,2012-10-01T17:42:25Z,"Tested on r15182.

If the status of a post is set to Password Protected, and a password is not specified before the user clicks the OK button in visibility and then either publishes, saves, or updates the post, no warning is given to the user that not setting a password forces the post or page to remain Public.

In fact, if updating a post, and this is the only change made, the success message (1) for updating the post appears instead, even though no change was made to the post.

If the post was previously published as Private, and switched to Password Protected without entering a password, then saved, the post switches to Public on save instead of remaining Private.

Either a failure message upon updating or a warning to the user before saving should be displayed to the user to remind them that they didn't properly set a password.

To reproduce the last case above:

1. Create a post. Publish it as Private.
2. Edit the post. Change the visibility to Password Protected, but do not enter a password. Click OK.
3. Update the post.
4. The post visibility will be changed to Public.",markel
Future Releases,15963,Don't try to add orphaned pages' parents' slugs to the page URL,,General,3.1,normal,normal,Future Release,defect (bug),new,dev-feedback,2010-12-23T11:08:55Z,2012-09-19T22:31:20Z,"If a page becomes orphaned---in other words, if a page points to a parent object that doesn't exist any more---`get_page_uri()` doesn't sanity check that the parent object actually exists.

Patch does the check without any extra work, by moving stuff around.",filosofo
Future Releases,19120,Interim login needs some work,azaozz,General,,normal,normal,Future Release,defect (bug),assigned,,2011-11-02T22:46:42Z,2012-05-02T19:43:33Z,"A CSS style causes a white 20px stripe at the top of the otherwise gray interim login screen.

That should go, and azaozz thinks the popup should as well.

3.3 for now, but the rest may be punted by azaozz.",nacin
Future Releases,17923,add_query_arg() should encode values,,General,3.2,normal,normal,Future Release,defect (bug),new,has-patch,2011-06-28T22:55:50Z,2013-02-26T14:08:52Z,"One (or me at least) would expect that the result of

{{{
add_query_arg( 'foobar', 'this&that', 'index.php' )
}}}

would be

{{{
index.php?foobar=this%26that
}}}

since the whole purpose of the function is to build a URL. However the actual result is

{{{
index.php?foobar=this&that
}}}

You're asking to the function to create a URL in which `foobar` is `this&that` but instead it creates a URL in which `foobar` is set to only `this`. You shouldn't have to pre-encode values -- the function should take care of it for you.

The function to ""blame"" for this is our `build_query()` which for some reason does not encode by default.

Semi-related: #16943",Viper007Bond
Future Releases,16221,admin bar hover class toggle adds whitespace,koopersmith*,General,3.1,low,normal,Future Release,defect (bug),accepted,close,2011-01-13T22:32:25Z,2012-12-13T19:52:17Z,"Every time I mouseover and mouseout an admin bar item, its class attribute gets longer.

Seen in Chrome while inspecting elements in the admin bar.",andy
Future Releases,22781,setUserSetting cannot handle hyphens,,General,2.7,normal,normal,Future Release,defect (bug),new,,2012-12-06T06:18:39Z,2012-12-06T18:25:43Z,"sanitize_key() can, setUserSetting should be able to as well. It's not that sanitize_key() plays a role, but it sets expectations for what is allowed in keys across core. Both keys and values should be able to accept a hyphen.

The post-thumbnail image size cannot be remembered, for example, if it is added to image_size_names_choose.",nacin
Future Releases,22487,Adding priority to settings sections.,,General,,normal,normal,Awaiting Review,enhancement,new,has-patch,2012-11-17T09:08:34Z,2013-02-05T10:35:14Z,"Currently there is no way (at least that I could find) to specify the order of settings sections on a settings page (for example, a theme options page). Use case: a child theme adding a settings section to the parent theme's ""Theme Options"" page has no way of specifying where on the page the new section should be placed.

I've modified the add_settings_section() function to allow for a priority to be set (much like when adding sections to the theme customizer). I also added `uasort($wp_settings_sections[$page], 'compare_priority');` to the do_settings_section() function, where 'compare_priority' is a slightly modified version of the compare function used to set the priority of the theme customizer sections. The patch is based on version 3.4.2, but I'd be happy to make another for the development version if that would help.

This is my first patch submitted, so please let me know if I need to do anything differently. Thanks!",alexmansfield
Future Releases,18954,Automatically whitelist screen options added via add_screen_option(),,General,,normal,normal,Future Release,enhancement,new,,2011-10-14T22:54:08Z,2011-11-25T19:27:18Z,"{{{set_screen_options()}}} currently maintains a hardcoded whitelist of screens that can set options.

The list is extendable via the filter:

{{{
apply_filters('set-screen-option', false, $option, $value);
}}}

but that's sort of a pain.  If a plugin calls {{{add_screen_option()}}}, it should be added to the whitelist automatically.

Also note that {{{set_screen_options()}}} is called so early, there's no convenient place for plugins to add to the {{{set-screen-option}}} filter.  The best workaround I've been able to come up with is to manually call {{{set_screen_options()}}} again inside the page's {{{load-$hook}}}.

Example naive plugin code that does not work in <=3.3.

{{{
# Inside a menu page's load-$hook
// Display per-page settings in screen options
add_screen_option( 'per_page', array( 'label' => __( 'Things' ) ) );
}}}",mdawaffe
Future Releases,14305,Display file for localized versions as Drop-in,nacin,General,,normal,normal,Future Release,enhancement,reviewing,has-patch,2010-07-14T09:08:03Z,2011-03-26T08:37:42Z,"Localization teams can use special files (for example cs_CZ.php) to handle special problems. This file should be shown on Plugins page, probably as Drop-in, I guess...",pavelevap
Future Releases,22405,Easier expression of file sizes and other data amounts,,General,3.5,normal,normal,Future Release,enhancement,new,has-patch,2012-11-10T08:42:05Z,2012-11-18T11:10:49Z,"In the spirit of #20987 writing {{{64 * 1024 * 1024 * 1024 * 1024}}} isn't very readable and cool.

Here is a patch, which adds a couple of constants like {{{KB_IN_BYTES}}}, {{{MB_IN_BYTES}}}, etc.",nbachiyski
Future Releases,22400,"Remove all, or at least most, uses of extract() within WordPress",,General,3.4.2,normal,normal,Future Release,enhancement,new,,2012-11-09T22:47:37Z,2013-03-13T15:19:56Z,"`extract()` is a terrible function that makes code harder to debug and harder to understand. We should discourage it's use and remove all of our uses of it.

Joseph Scott has [http://josephscott.org/archives/2009/02/i-dont-like-phps-extract-function/ a good write-up of why it's bad].",Viper007Bond
Future Releases,7394,Search: order results by relevance,,General,2.6,normal,normal,Future Release,enhancement,assigned,has-patch,2008-07-24T02:54:18Z,2013-05-14T12:42:59Z,"I have 35 pages in my WordPress install.  My ""About"" page is on '''the second page of results''' when I search for ""about""

We should put hits on the title first in the results list.

I'm open to suggestions for possible technical implementations.",markjaquith
Future Releases,16118,Support for wp_enqueue_style with negative conditional comments,,General,3.0.4,normal,normal,Future Release,enhancement,new,dev-feedback,2011-01-06T06:18:40Z,2012-12-13T21:38:49Z,"Please refer to #10891. It refers to the support for conditional comments using the global variable, wp_styles.

I have noticed that if you pass a negative conditional comment, however, this breaks. E.g. Let's say you have a lot of CSS3 rules, which don't apply to IE. You would not include that CSS:

{{{
<!--[if !IE]>-->
<link rel=""stylesheet"" id=""my-handle-css"" href=""http://my.url.com/css3.css"" type=""text/css"" media=""all""/>
<!--<![endif]-->
}}}

I know that IE9 supports CSS3, but I am using the above for illustrative purposes. One would expect that to include the conditional comment above you would do this between the register and the enqueue commands:

{{{
$GLOBALS['wp_styles']->add_data('my-handle', 'conditional', '!IE');
}}}

If you add a conditional tag to wp_styles, however, the generated markup is incorrect:

{{{
<!--[if !IE]>
<link rel='stylesheet' id='my-handle-css'  href='http://my.url.com/css3.css' type='text/css' media='all' />
<![endif]-->
}}}

Note the missing --> after [if !IE]>, and <!-- before <![endif]. This has the effect of hiding the CSS from all browsers, which wasn't the original intention. So probably a separate handling approach is required for ""show"" type of conditional comments than for ""hide"".",sayontan
Future Releases,19347,"Ugly alert: false !== strpos( $which_one_was_needle, $this_one )",westi,General,,normal,normal,Future Release,enhancement,reviewing,has-patch,2011-11-23T22:08:02Z,2012-06-28T16:29:40Z,"In WordPress {{{strpos()}}} is used hundreds of times. Very large percentage of those calls are trying to accomplish one of these 3 goals:

 * Check if a string starts with another string
 * Check if a string contains another string
 * Check if a string ends with another string

The code for doing these 3 things is not very readable, ugly, and error-prone:

{{{
0 === strpos( $one_string, $other_string )
false !== strpos( $one_string, $other_string )
strpos( $one_string, $other_string ) == ( strlen( $one_string ) - strlen( $other_string )
}}}

I propose we introduce functions to hide the ugliness and the complexity behind these three common operations:

 * {{{wp_startswith( $haystack, $needle )}}}
 * {{{wp_in( $needle, $haystack )}}}
 * {{{wp_endswith( $haystack, $needle )}}}

The logic of the arguments order is consistent and easy to remember:

''first argument'' '''verb''' ''second argument''.

 * everything starts with a beginning translates to {{{wp_startswith( ""everything"", ""a beginning"" )}}}
 * goat is in  distress translates to {{{wp_in( ""goat"", ""distress"" )}}}
 * movie ends with happy end translates to {{{wp_endswith( ""movie"", ""happy end"" )}}}

These three functions are happily used in GlotPress and WordPress.com.

The implementations are attached.",nbachiyski
Future Releases,12400,"Add a wp_loaded hook, an ob_start hook, and an front end ajax hook",,General,3.0,normal,normal,Future Release,feature request,reopened,dev-feedback,2010-02-27T01:08:08Z,2013-01-22T09:36:26Z,"Requests for some kind of wp_loaded hook have crept up here and there in trac over the years.

Typically, the requester is looking into doing front-end ajax requests and the like. There are other use cases, such as wanting to catch specific URIs -- e.g. a trailing /print/ to the url, which the permalink API is incapable of catching.

They all got rejected on grounds that there is the init hook that can be used just as well for ajax. Or the template_redirect hook in place of an ob_start hook. The list goes on.

When you want WP and plugins to be loaded '''and''' fully initialized, instantiated and ready to go, setting a priority to obscene levels on the init hook works (I typically use 1000000)... but it always feels like you're working around a crippled API.

Starting output buffers on template_redirect with a priority -1000000 feels equally clunky.

Then, there is the front-end ajax. Yes, admin-ajax.php can be used unauthenticated... But the fact of the matter is, you can end up with SSL turned on when it's not useful, and the lack of an wp-ajax.php file makes many a plugin dev wonder where in the bloody hell he should catch his own requests.

It would be sweet if this all got fixed in WP 3.0.

The argument that goes ""a hook already exists"" seems extremely invalid to me. There are many places in WP where two hooks (and oftentimes many more) can be used to achieve the same result. Think wp_headers and send_headers, for instance. What they have in common is some kind of before/after flow, which init and template_redirect are currently lacking.

One could argue that parse_request is nearby init, and that wp is nearby template_redirect, so they'd be good enough. But the first of these parses expensive regular expressions before firing, and both are only known to WP junkies.

Suggested hooks for WP 3.0:

 - a wp-ajax.php file built similarly to admin-ajax.php.
 - an wp_loaded hook at the very end of wp-settings.php, with a commentary that tells plugin authors that init should be used to instantiate, wp_loaded should be used to act once everything is instantiated, and that wp-ajax.php has hooks that are specific to ajax requests.
 - an ob_start (or pre_load_template, or whatever...) hook at the very beginning of template-loader.php, with a commentary that tells plugin authors that the new hook should be used to instantiate such as output buffering once WP is fully loaded, while the second is traditionally used to pick an arbitrary template.",Denis-de-Bernardy
Future Releases,14966,QuickPress should be a function with alot of hooks,jorbin*,General,,normal,normal,Future Release,feature request,accepted,,2010-09-26T18:12:17Z,2013-02-09T04:20:38Z,"As discussed in IRC, quickpress should be a function that is usable by:

1) Custom Post Types
2) Themes for front end posting ala p2
",jorbin
Future Releases,16158,"3.0.4 Upgrade failed on localhost testbed, successful on public site",,HTTP,3.0.1,normal,normal,Future Release,defect (bug),new,dev-feedback,2011-01-08T21:03:55Z,2011-01-09T14:15:17Z,"Running: 3.0.1, Ubuntu, Apache

I'm still looking at this but wanted to report it while I have a break.

I got the holiday notice to upgrade to 3.0.4.  When I did an auto-upgrade on my local testbed (http://localhost:9090/wp/wp-admin/update-core.php), WP reported that I have latest version.  Plugin upgrades work fine.  The auto upgrade was successful on my public sites.  I have WP_DEBUG, etc. on for my local testbed and no errors were reported.  I have upgraded my local testbed this way in the past, definitely for 3.0.1.

Below is a debug dump I hack in the WP_HTTP->request call coming from wp_version_check.  I pasted the URL use into the browser bar it returned the correct information.  Called from wordpress localhost, api.wordpress.com returns a HTML document with the <title>Page not found</title> and a bunch of info about wordpress.


{{{
[08-Jan-2011 20:42:48] URL='http://api.wordpress.org/core/version-check/1.5/?version=3.0.1&php=5.3.2-1ubuntu4.5&locale=en_US&mysql=5.0.83&local_package=&blogs=1&users=2&multisite_enabled=0'
[08-Jan-2011 20:42:48] r=array (
  'method' => 'GET',
  'timeout' => 3,
  'redirection' => 5,
  'httpversion' => '1.0',
  'user-agent' => 'WordPress/3.0.1; http://localhost:9090/wp/',
  'blocking' => true,
  'headers' => 
  array (
    'wp_install' => 'http://localhost:9090/wp/',
    'wp_blog' => 'http://localhost:9090/wp/',
    'Accept-Encoding' => 'deflate;q=1.0, compress;q=0.5',
  ),
  'cookies' => 
  array (
  ),
  'body' => NULL,
  'compress' => false,
  'decompress' => true,
  'sslverify' => true,
  'ssl' => false,
  'local' => false,
)
}}}


So two problems:

1) If the local site core check fails, it assumes what it is running is the most current.  There is no indication that the core check failed.  It seems like the ""Page Not Found"" page returned from api.wordpress.org should be displayed. See #16156, #16094 for similar issues.

2) What in the request is causing the HTTP get to fail?  I think it must something in the header information.  BUT, it USED to work.  Is the server behaving differently?",dturvene
Future Releases,13841,Some HTTP Transports do not respect transfer timeouts,,HTTP,3.0,normal,normal,Future Release,defect (bug),new,has-patch,2010-06-11T04:48:30Z,2012-08-03T01:30:39Z,"While doing some testing I found that fopen, fsockopen and streams do not respect transfer timeouts.

Out fopen transport cannot support a transfer timeout properly because we do not pass the 3rd optional parameter to fopen for stream context.  We don't do this on purpose because the 3rd parameter was not added until php 5, and that is partially what the streams transport is designed to cover.  So in short, unless we want to conditionally use the streams context here for php versions > 5, we cannot reliably use transfer timeouts.

The streams timeout was missing the context for timeout, which does support ""microtime"".  However, unsure at this point why, but the timeout needs to be divided by 2, so that the timeout happens requested timeout.

With fsockopen, we need to actually test for the timeout during the while loop, because the stream_set_timeout applies to each pass of fread and not the total process.",sivel
Future Releases,18738,Improving cron spawning and other non-blocking HTTP requests,dd32*,HTTP,,high,normal,Future Release,enhancement,accepted,has-patch,2011-09-21T17:03:50Z,2012-10-20T19:10:59Z,"The order of preference for transport methods in the HTTP API is cURL, streams, fsockopen. However cURL and streams cannot perform non-blocking requests, but fsockopen can. Therefore, fsockopen should be the highest priority transport method for non-blocking HTTP requests.

Here's an example. I have a script at `http://ctftw.com/sleep.php` which sleeps for 5 seconds.
{{{
$start = microtime( true );
wp_remote_get( 'http://ctftw.com/sleep.php', array(
	'blocking' => false
) );
$end = microtime( true );
var_dump( $end - $start );
}}}
When the cURL or streams transports are used, this request blocks the page for 5 seconds (the default request timeout is 5 seconds).

Let's disable the cURL and streams transports (leaving only fsockopen) and try again:
{{{
add_filter( 'use_curl_transport',    '__return_false' );
add_filter( 'use_streams_transport', '__return_false' );

$start = microtime( true );
wp_remote_get( 'http://ctftw.com/sleep.php', array(
	'blocking' => false
) );
$end = microtime( true );
var_dump( $end - $start );
}}}
This request does not block the page because fsockopen returns immediately after sending the request.

== Cron Spawning ==

This is a benefit to core because it improves the cron spawner (and can potentially fix #8923). The cron spawner uses a timeout of 0.01 seconds and a non-blocking request, but actually takes longer than 0.01 seconds.

Example:
{{{
$cron_url = get_option( 'siteurl' ) . '/wp-cron.php?doing_wp_cron';
$start = microtime( true );
wp_remote_post( $cron_url, array(
	'timeout' => 0.01,
	'blocking' => false
) );
$end = microtime( true );
var_dump( $end - $start );
}}}
This request takes around 1.1 seconds on the three servers I've tested it on.

Let's disable cURL and streams again (leaving only fsockopen) and see what we get:
{{{
add_filter( 'use_curl_transport',    '__return_false' );
add_filter( 'use_streams_transport', '__return_false' );

$cron_url = get_option( 'siteurl' ) . '/wp-cron.php?doing_wp_cron';
$start = microtime( true );
wp_remote_post( $cron_url, array(
	'timeout' => 0.01,
	'blocking' => false
) );
$end = microtime( true );
var_dump( $end - $start );
}}}
On each of my three servers I see a time of around 0.001 seconds.

We can therefore improve the cron spawner by setting fsockopen as the preferred transport method for non-blocking HTTP requests.

In an attempt to address #8923, we can change the cron request timeout to 1 second. If fsockopen is used, the request is lightning fast at ~0.001 seconds. If it's not available and the HTTP API falls back to cURL or streams then it takes ~1.1 second, which is the same time it takes currently. (Hopefully that makes sense.)

Patch coming up for those who want to test it.",johnbillion
Future Releases,23163,3.6 Network Admin Help Text,,Help/About,,low,normal,Future Release,enhancement,new,has-patch,2013-01-09T23:35:35Z,2013-03-09T03:19:18Z,"One of the [http://make.wordpress.org/docs Doc team's] action items for 3.6 is to work on overhauling the Network Admin help tabs, many of which contain outdated and, well, unhelpful information. 

Our goals:
* Focus on writing action vs description-based help text
* Aim for a consistent voice
* Pave the way for future Help UI changes in how we structure the information

Any Network Admin screen is fair game but by no means do we intend to change strings just for the sake of change. It was the consensus of the team to focus on this effort earlier in the release cycle than usual so that translators will have plenty of time to work on new strings and provide feedback.

Following some [https://twitter.com/DrewAPicture/status/295248525699190785 feedback] from @nacin, @markjaquith, and @aaroncampbell, it was decided the best format for concatenating help tabs strings should follow this format going forward:

{{{
$example_string = '<p>' . __( 'This is some help text' ) . '</p>';
$example_string .= '<p>' . __( 'This is some more help text' ) . '</p>';
 
get_current_screen()->add_help_tab( array(
'id'	=> 'example',
'title'	=> __( 'Example' ),
'content'	=> $example_string
) );
}}}",DrewAPicture
Future Releases,21583,Improve discoverability and visual design of Screen Options and Help Panels,,Help/About,,normal,normal,Future Release,enhancement,new,,2012-08-14T22:34:05Z,2012-11-03T05:36:33Z,"The Screen Options and Help panels are not very discoverable and, in part because of this, aren't very helpful to our users.

Here are the problems with them right now:

* Most users are blind to these tabs.
* The labels and positioning give little indication as to what these tabs actually do.
* For a lot of users, Help is not that helpful.
*They’re position in the admin creates yet another point of navigation for users to be aware of (and per #1, most of them aren’t).
* The very wide container for text makes a lot of the help text difficult to read.

Here are some proposals to improve the design and discoverability of these tabs (related images and mockups are here: http://make.wordpress.org/ui/2012/08/06/we-did-some-brainstorming-at-dev-day-today/) :
* Adding icons to these tabs would (hopefully) both make these tabs more visible and give a better indication as to what these tabs too.
* Moving these to the right side of the toolbar would give even more context to what these do, as they would be grouped with other user-specific settings.
* (6) The toolbar dropdown would allow for a slimmer content area for better readability.
* (7) The slimmer content area would let us make screen options read like a list for better scannability.
* (4/5) Putting the gear on the upper right would standardise with several other web apps (Twitter, etc).

Related: #21326",chexee
Future Releases,22302,Multisite administration - default date format,,I18N,3.1,normal,normal,Future Release,defect (bug),new,has-patch,2012-10-29T15:11:58Z,2012-11-07T18:17:39Z,"1) There is default non-translatable format for dates in multisite administration:

Sites - All sites (columns Last Updated and Registered)

Users - All users (column Registered)

Please see attached patch, I used existing localization format.

2) Sites - All sites - Edit any site. There are also Registered and Last Updated values in default date format, but I am not sure how to solve this issue...",pavelevap
Future Releases,20974,Remove obsolete locale-specific files on upgrade,dd32,I18N,3.4,low,normal,Future Release,defect (bug),assigned,has-patch,2012-06-15T14:06:43Z,2012-11-07T20:20:44Z,"We used to have `wp-content/languages/ru_RU.css` file in ru_RU package.

Since #19603, it's no longer needed, but is still left over on upgrade. We should probably include it in `$_old_files`.

I suppose the same applies to zh_CN and he_IL packages ([19825]).",SergeyBiryukov
Future Releases,18493,HTML E-Mails,westi,Mail,3.2,normal,normal,Future Release,enhancement,reviewing,,2011-08-22T00:29:44Z,2013-04-13T16:33:09Z,"Wojtek worked on the Enhanced E-Mails project for GSoC this summer.  It's definitely something that would be nice to have in core.  The plugin already exists in the repository - [http://wordpress.org/extend/plugins/enhanced-emails/ Enhanced Emails].  There are still some things that need to be cleaned up in the code, but it works pretty well.

I'm hoping we can clean it up, test it, and get it in core. ",aaroncampbell
Future Releases,22768,"EXIF/IPTC captions should populate caption/post_excerpt on upload, not description/post_content",,Media,2.5,normal,normal,Future Release,enhancement,new,,2012-12-06T00:24:39Z,2012-12-15T20:10:37Z,"It's been this way forever, but it is dumping data into the wrong field. Two schools of thought on this:

 * Plugins have used the description field, so we should not change this.

 * Users continue to struggle with moving *captions* from the description field to the caption field, so we should change this.

I am in the latter school of thought. A plugin can remain compatible by ensuring it checks either description or caption before falling back to the other.",nacin
Future Releases,23331,Gmagick support,,Media,,normal,normal,Future Release,enhancement,new,has-patch,2013-01-30T22:33:53Z,2013-04-25T20:50:14Z,In 3.5 we added Imagick support. It would be great to also include Gmagick. Since Graphicmagick is just more awesome then ImageMagick.,markoheijnen
Future Releases,13235,Simplify and add filtering to call to display author for media,,Media,3.0,normal,normal,Future Release,enhancement,new,commit,2010-05-03T19:13:35Z,2011-04-25T16:03:53Z,"The author displayed on the media page (upload.php) is not filterable in any way currently. This patch adds a filter for the author ('media_author'). Perhaps more filters should be added for other fields, but at the least I would like to add this filter.",sbressler
Future Releases,21534,Walker: has_children is only set if $args[0] is an array,betzster,Menus,3.0,normal,normal,Future Release,defect (bug),new,commit,2012-08-10T02:12:33Z,2013-04-23T02:09:53Z,"You can't depend on `has_children` because it doesn't get set if `$args[0]` is an object. This is obviously an easy fix, just check if it's an object and set it in that case.

Related: #15214",betzster
Future Releases,15214,Add class for menu items containing a sub-menu,,Menus,3.1,normal,normal,Future Release,enhancement,new,has-patch,2010-10-25T20:51:40Z,2013-04-23T02:12:41Z,"I wanted to add a class to the menu item LI elements for navigation menus that have sub menus. This would allow me to do some specific styling such as using a background that shows that a sub menu is available on hover.

I found that adding this support for both the wp_nav_menu and wp_list_pages functions was quite simple. So, I put together a patch in case it might be a good candidate for core.

The new classes are menu-item-with-sub-menu and page_item_with_children for wp_nav_menu and wp_list_pages, respectively. These class names were chosen to closely match the existing navigation classes of menu-item, sub-menu, page_item, and children.

I should note that while making this modification I found that the display_element method of the Walker class doesn't set has_children when $args is an object, just when it is an array. The patch also handles fixing this shortcoming of the Walker API.",chrisbliss18
Future Releases,11957,Change Admin Menu Save-State Rules,ryan,Menus,,normal,normal,Future Release,enhancement,new,,2010-01-20T18:04:19Z,2011-02-28T11:40:19Z,"When we redid the menus in 2.7, we built in a save-state to keep open sections you had explicitly expanded until you explicitly closed it. I think it was a good experiment, and in some cases is helpful (like for people who are frequently accessing discussion settings or some such), but overall I think it adds to the problem of having too many menus expanded on a small screen pushing the lower menu items out of reach without scrolling. Mark and I have talked about various options for this, and we both agree that we should remove the save-state feature from the menu. So, the section you're in would stay open and highlighted, and if you opened another menu section to see the subs, if you had another menu open before, it would close. You could only ever have one section open at a time in addition to the one you're currently in. Maybe we could release the original save-state menus controls as a plugin in case there's anyone who prefers it that way. ",janeforshort
Future Releases,16293,"In multisite installs, users with id 1 or 2 can't be deleted",,Multisite,3.1,normal,normal,Future Release,defect (bug),reopened,dev-feedback,2011-01-19T00:21:34Z,2013-04-25T15:15:19Z,"You can't delete a user with user id of 1 or 2. 
See: source:trunk/wp-admin/network/edit.php@17326#L359",PeteMall
Future Releases,20152,Multisite simplify option name to user_roles,,Multisite,3.3.1,normal,normal,Future Release,enhancement,new,dev-feedback,2012-03-01T21:44:28Z,2013-03-07T07:02:02Z,"Currently each blog in a MS install of WP stores an array of user roles in it's [prefix]_[$blog_id]_options table as an entry with the key [prefix]_[$blog_id]_user_roles

This makes it much harder to migrate MS install of WP to a different db prefix, etc. because not only do you need to change the table prefixes you need to go into each blog's options table and then properly update that option's key.

Because the table itself is sufficiently unique there isn't a need for this. The user roles array could be stored in an option called ""user_roles"" for each blog.",colind
Future Releases,20220,add test to see if sunrise === on in ms-settings,,Multisite,3.0,normal,normal,Future Release,enhancement,new,commit,2012-03-12T19:06:56Z,2012-11-02T22:49:31Z,"We needed to disable sunrise for certain requests. 

We thought about declaring sunrise before including wp-load, but setting it to 'off'. Then having a conditial in the wp-config that only defines it to on if it is not defined and then in ms-settings to a additional check to see if sunrise is defined and equal to on. (the patch I am adding does not have the wp-config if !defined() as wp-config doesn't get updated, but if someone feels it is helpful I can add it)

Others could of changed the default defined value of sunrise and this could break bc. I am therefore not sure if the limited use case warrants it. But I thought I would suggest it.",sboisvert
Future Releases,19949,Make update_post_thumbnail_cache() work for any instance,,Performance,,normal,normal,Future Release,enhancement,new,has-patch,2012-02-02T22:40:03Z,2012-11-27T00:32:47Z,"It would be useful if update_post_thumbnail_cache() [17883] would accept an optional $wp_query parameter, so that users aren't forced to use query_posts() in order to benefit from it.",scribu
Future Releases,22828,Remove Duplicate Array Check,,Performance,3.4.2,normal,normal,Future Release,enhancement,new,has-patch,2012-12-08T18:33:52Z,2012-12-08T21:22:49Z,"I just stumbled across this silly bit of code in function get_core_updates()

{{{
if ( !isset( $from_api->updates ) || !is_array( $from_api->updates ) ) return false;
$updates = $from_api->updates;
if ( !is_array( $updates ) ) return false;
}}}
",miqrogroove
Future Releases,14642,Support Facebook's HipHop,nacin*,Performance,,normal,normal,Future Release,enhancement,accepted,has-patch,2010-08-19T03:33:20Z,2012-04-09T05:45:18Z,"Various changes to make WordPress compatible with HipHop, Facebook's
PHP-to-C++ transformer. With this patch, WordPress' codebase can be
tranformed to C++ and then compiled to binary that runs much faster
than the current PHP version.

Summary:

* sanity checks for environmentals

* string in HipHop doesn't have 'error' property

* array_merge takes only array arguments since PHP 5
  http://php.net/manual/en/function.array-merge.php

* $user needs instantiation first before being used

* always replace existing variables in registering new users
  ie. use EXTR_OVERWRITE in extract() by default",ChenHui
Future Releases,17268,Use native gettext library when available,,Performance,,normal,normal,Future Release,enhancement,new,has-patch,2011-04-28T11:32:30Z,2012-11-10T07:57:24Z,"[http://codex.wordpress.org/Translating_WordPress Here] you say that the GNU gettext-Framework is used. Exactly, ""pomo"" (file: wp-includes/l10n.php) is a complete own php-implementation of the gettext-program.

I've added a patch to solve this problem. Maybe it is not very good, but it works. On my wordpress-sites, the used php-memory returns from about 65% to about 12% and the site is running much faster when patching wp-includes/l10n.php.

I know that gettext is not available on every wordpress-installation, but when it's available, it should be used.

Sorry for my bad english, I'm german.",linushoppe
Future Releases,9102,Inverse proxy breaks permalinks,ryan,Permalinks,2.7,normal,normal,Future Release,defect (bug),new,has-patch,2009-02-12T01:58:37Z,2010-04-02T00:34:00Z,"I have a WP installation at my university's webspace (on an apache server), say http://myuni.ac.at/mydir/wordpress/ , and an inverse proxy domain http://mydomain.at/ for it.
This means that any request to the latter, eg for http://mydomain.at/2009/02/12/inverse-proxy-trouble/ , is forwarded to http://myuni.ac.at/mydir/wordpress/ , which in turn means that the REQUEST_URI there becomes /mydir/wordpress/2009/02/inverse-proxy-trouble/ . My ''home'' variable is of course set to http://mydomain.at/ (''siteurl'' is set to http://myuni.ac.at/mydir/wordpress/ -- otherwise I wouldn't be able to login to WP).

Unfortunately, when analyzing REQUEST_URI, wordpress chops off the ''home'' path, not the ''siteurl'' one. This may be okay for some purposes, but in the inverse proxy case, permalinks break. For a fix, I had to hack two wordpress core files, namely 

wp-includes/classes.php
in function parse_request: change line 162 from 

{{{
$home_path = parse_url(get_option('home'));
}}}
to
{{{
$home_path = parse_url(get_option('siteurl'));
}}}

and wp-includes/rewrite.php, in function get_pagenum_link, line 987, same modification.

This is a dirty hack, of course; so I wonder if in general, using the ''siteurl'' path is valid in any case where the ''home'' host differs from the ''siteurl'' host. If so, I suggest changing the affected files in such a manner.",Bernhard Reiter
Future Releases,10384,Make IIS Permalink support enabled based on capability not on version number,westi,Permalinks,2.8,normal,normal,Future Release,enhancement,new,commit,2009-07-11T08:37:44Z,2011-04-12T00:19:13Z,"At the moment we enable the IIS permalink support based on checks for IIS7 and then some capabilities.

We should remove the version checking and work solely on capabilities so that we don't have to revisit when IIS8 is released.",westi
Future Releases,16055,Only fire 'Side Wide Only' plugin header deprecated notice if the plugin is activated,,Plugins,3.0,normal,normal,Future Release,defect (bug),new,has-patch,2010-12-31T23:13:56Z,2010-12-31T23:25:07Z,Apparently it can be fired on a deactivated plugin. That's annoying and confusing.,nacin
Future Releases,10535,_wp_filter_build_unique_id issues with the first time a filter is hooked by a class,,Plugins,2.9,normal,normal,Future Release,defect (bug),reopened,has-patch,2009-08-02T12:22:18Z,2013-01-10T20:02:38Z,"Ref #8723

The first time _wp_filter_build_unique_id is used to generate an ID the ID returned is different to the second time it is called. This presents a problem if the first ID is used when adding a filter which then needs to be removed later in the app flow... as the IDs don't match the filter is unremovable.

One workaround proposed is to set a wp_filter_id property before add the filter, and this will cause _wp_filter_build_unique_id to bypass the problem code and effectively forces the ""unique"" ID which is generated... this workaround feels unpoetic. ;)",simonwheatley
Future Releases,14881,do_action should not pass empty string by default,,Plugins,,normal,normal,Future Release,defect (bug),new,has-patch,2010-09-15T20:44:56Z,2012-05-17T21:09:41Z,"{{{
function test( $a = true ) {
   var_dump( $a );
}
add_action( 'test', 'test' );
add_action( 'test', 'test', 10, 0 );
do_action( 'test' );
}}}
Second example is bool(true) as expected, but the first is a zero-length string.

In this case, since do_action() is not passing any arguments, then no arguments should be passed to test() -- even if by default, one argument gets passed.

The issue here is how do_action() is defined: `function do_action( $tag, $arg = '' );`. There's our zero-length string. Of note, apply_filters() does not have this same issue.

The solution looks something like what I have attached. Has yet to be benchmarked.

Of note, this does not appear to have any direct implications for passing all args by default, as proposed in #14671, but I wanted to reference it anyway.",nacin
Future Releases,15335,register_setting() filter for sanitization callback needs to indicate 2 arguments accepted,markjaquith,Plugins,3.1,normal,normal,Future Release,defect (bug),reopened,has-patch,2010-11-08T01:10:46Z,2011-10-12T16:37:35Z,"'''register_setting()''' adds the function for sanitization of the option with the following line (wp-admin/includes/plugin.php):


{{{
add_filter( ""sanitize_option_{$option_name}"", $sanitize_callback );
}}}

For users wanting to declare a function for option sanitization, use of the option name within the function is sometimes desired, and is provided for in the filter application inside the '''sanitize_option()''' declaration as such (wp-includes/formatting.php):


{{{
$value = apply_filters(""sanitize_option_{$option}"", $value, $option);
}}}

With the filter always being applied with the option name as the second argument, I see no reason not to propose that the '''add_filter()''' call in register_setting() include ""2"" as the number of accepted arguments, allowing the option name to be passed.",lumination
Future Releases,10441,Show warning when deprecated hook is registered,nacin*,Plugins,,normal,normal,Future Release,feature request,accepted,dev-feedback,2009-07-18T14:48:47Z,2013-05-07T14:27:17Z,At this moment WP shows warning when someone tries to use deprecated function or file. It will be good to do the same for deprecated hooks. My suggestion is to do this check in add_action()/add_filter() functions. They should compare hook name against list of deprecated ones and show warning if necessary.,sirzooro
Future Releases,22080,add_theme_support should merge post-thumbnail post types by default (currently stomps),,Post Thumbnails,2.9,normal,normal,Future Release,enhancement,new,has-patch,2012-10-02T19:44:59Z,2013-04-09T20:02:23Z,"As documented in the Codex:

http://codex.wordpress.org/Function_Reference/add_theme_support#Post_Thumbnails

you can pass a second param to `add_theme_support( 'post-thumbnails' )` to specify the post types you want support enabled for. I expected any post types I passed in to be added to the currently specified post types, instead the passed value stomps the existing value. This means that if you create plugin that registers a post type and enables post-thumbnails for it, you need to write code like this:

https://gist.github.com/3822786

instead of a simple:

`add_theme_support( 'post-thumbnails', array( 'my-new-post-type' ) );`

The latter makes more sense to me, and I think it's likely other devs might make the same mistake and accidentally stomp on the previous value for post-thumbnails.

The attached patch enables a merge or stomp behavior for post-thumbnails. It defaults to ""merge"". Passing a `bool true` as a 3rd param will cause the second param to replace the existing value (current behavior).",alexkingorg
Future Releases,24248,'guid' not properly escaped,,Post Types,2.5,normal,normal,Future Release,defect (bug),new,needs-unit-tests,2013-05-02T14:03:35Z,2013-05-10T20:37:34Z,"Probably related issues: #18274 #19248

'guid' being saved in database not properly escaped, example:
{{{http://www.wordpress.dev/?post_type=changeset&#038;p=57}}} , see the ampersand encode {{{&#038;}}}
It supposed to be {{{&}}} or at least {{{&amp;}}}

Once 'auto-draft' saved, 'guid' is correct: {{{http://www.wordpress.dev/?post_type=changeset&p=57}}}

Once post is saved as 'draft' or published (triggered 'update post' on auto-draft), 'guid' gets malformed.

Source of issue: inappropriate usage of {{{get_post_field()}}} function in the {{{wp_insert_post()}}}

{{{get_post_field()}}} defaults to 'display' context, we not specify context while obtaining field, and in the {{{wp_insert_post()}}} we are not going to display it anywhere, just get, check, and save again, correct?

Attached patch adds the 'raw' context to usage of {{{get_post_field()}}} with 'guid'

",meloniq
Future Releases,21963,Consolidate post insertion APIs,,Post Types,,normal,normal,Future Release,defect (bug),new,needs-unit-tests,2012-09-22T03:46:24Z,2012-12-27T15:14:44Z,"In wp-includes, we have:
 * wp_insert_post()
 * wp_insert_attachment()
 * wp_update_post()
 * wp_publish_post()

For saving from the admin, we have:
 * edit_post()
 * wp_write_post()
 * write_post()

'''wp_publish_post()''' is, as of [21942], now wraps wp_insert_post().

'''wp_update_post()''' is a fairly mundane wrapper of wp_insert_post(), but we really should eliminate the differences between the two functions and make it a straight-up wrapper.

'''wp_insert_attachment()''' was a fork of wp_insert_post(), and wp_insert_post() has gotten a lot of improvements that haven't reached wp_insert_attachment(). It doesn't take much to merge these two, though, and make wp_insert_attachment() a wrapper.

'''wp_write_post()''' calls edit_post() if it has a post ID. And since we have had a post ID since the days of auto-drafts, this function is dead code. It's wrapper, '''write_post()''', can also be deprecated.

I'm attaching a patch that takes care of wp_insert_post(), wp_write_post(), and write_post(). wp_update_post() will require a bit more concentration.

Needs testing and unit tests.",nacin
Future Releases,16415,Don't require CPTs to have archives in order to have feeds,,Post Types,3.1,normal,normal,Future Release,enhancement,new,commit,2011-01-30T22:58:47Z,2013-05-16T15:33:43Z,"When archives and feeds were added to custom post types (see #13818) it was set up so you had to have archives (has_archive) in order to have feeds (rewrite[feeds]).

There are some situations where it would be nice to have feeds but archives aren't needed.",aaroncampbell
Future Releases,16176,save_{$post_type},westi,Post Types,3.0.4,low,normal,Future Release,enhancement,assigned,has-patch,2011-01-10T11:46:22Z,2013-05-16T19:52:35Z,a `save_{$post_type}` hook would be convenient.,bmb
Future Releases,22556,A taxonomy archive query for attachments can't return results,,Query,3.5,normal,normal,Future Release,defect (bug),new,,2012-11-23T15:11:50Z,2012-12-19T20:08:06Z,"In #21391 we made it easier to use custom taxonomies for attachments.

Example:
{{{
function ds_register_attachment_taxonomies() {
	$args = array(
		'label' => 'Color',
	);

	register_taxonomy(
		'image-color',
		'attachment:image',
		$args
	);
}
add_action( 'init', 'ds_register_attachment_taxonomies' );
}}}

This makes it also possible to make a query for this specific taxonomy. Example: 5 images has the term ""red"". The query: !http://example.com/image-color/red/

But: The page returns no attachments.

The query:
{{{
SELECT SQL_CALC_FOUND_ROWS wp_posts.ID FROM wp_posts INNER JOIN wp_term_relationships ON (wp_posts.ID = wp_term_relationships.object_id) WHERE 1=1 AND ( wp_term_relationships.term_taxonomy_id IN (404) ) AND wp_posts.post_type IN ('attachment') AND (wp_posts.post_status = 'publish' OR wp_posts.post_status = 'private') GROUP BY wp_posts.ID ORDER BY wp_posts.post_date DESC LIMIT 0, 1
}}}

The problem is the `AND (wp_posts.post_status = 'publish' OR wp_posts.post_status = 'private')` part. Attachments post status is inherit, therefore no results.

The attached patch checks if the current post type is `attachment` and sets the post_status to `inherit`.

I would like to get this in 3.5, since it's one of the new features and could be really annoying,
",ocean90
Future Releases,15949,WP 3.0.x comments popup on pages returning 404 [including posible solution],,Query,3.0,normal,normal,Future Release,defect (bug),new,has-patch,2010-12-22T17:04:42Z,2010-12-26T23:38:37Z,"comments-popup does not work on pages (but still working on blog entries) since the 3.0.x upgrade.

i confirm bug and sollution on both: my own theme and on default them after adding comments_popup_link and comments_popup_script functions.

after a long time looking for a solution i found that the new ""handle_404"" method in class WP (wp-includes/classes.php line 475) is the responsable, substituing this method with an older one from wp 2.x brunch solves the problem.

looks like the new method ""think"" that there is no content when the index file is called with comments_popup parameter on a page id, so it returns a 404 status, as said the old one solves the problem.

",odosuiadan
Future Releases,20904,WP_Query instances getting entangled with $wp_query global,,Query,,normal,normal,Future Release,defect (bug),new,has-patch,2012-06-11T11:55:39Z,2013-05-14T13:25:32Z,"`WP_Query::the_post()` fires `setup_postdata()`, which then uses `get_query_var()`. `get_query_var()`, in turn, calls the `get()` method on the `$wp_query` global object. In this way, WP_Query instances are not truly insulated from each other - they all are tied up with `$wp_query` in a way that seems unnecessary, and causes fatal errors in some cases.

In normal use, you would never really notice the issue, because after the `'init'` action, the following offending line in `setup_postdata()` will return the 'page' query var from `$wp_query`:

{{{
$page = get_query_var('page');
}}}

And, since secondary `WP_Query` instances don't paginate in the same way as the primary query, the 'page' property on those instances doesn't matter much. So, while the value of `$page` is not strictly speaking correct in these cases (it comes from the wrong object), it generally fails silently.

However, if you instantiate a WP_Query object before 'init', you get a fatal error, because `$wp_query->get()` is an undefined method. Here's a simple mu-plugin that will demonstrate the problem:

{{{
function bbg_create_early_wp_query_object() {
	$q = new WP_Query( array(
		'post_type' => 'post'
	) );

	if ( $q->have_posts() ) {
		while ( $q->have_posts() ) {
			$q->the_post();
		}
	}
}
add_action( 'plugins_loaded', 'bbg_create_early_wp_query_object' );
}}}

My suggested solution is to move the `setup_postdata()` logic into a method of the `WP_Query` class, and then use `$this->get( 'page' )` rather than `get_query_var( 'page' )`, to ensure that you're referring to the query vars of the correct query object. The old function `setup_postdata()` then becomes a wrapper for `$wp_query->setup_postdata()`.

In addition, I modified the way that the `$more` global is set, so that it references the current object as well. This prevents `_doing_it_wrong()` errors when firing up a `WP_Query` instance before `'init'`.",boonebgorges
Future Releases,16603,Add hooks to wp_count_posts(),,Query,,normal,normal,Future Release,enhancement,new,commit,2011-02-20T19:25:18Z,2013-05-04T22:40:31Z,"[[Image(http://mikeschinkel.com/websnaps/Posts_%E2%80%B9_Watermark_Associates_Newsletter_%E2%80%94_WordPress-20110220-142441.png)]]

The use-case where this is needed is when the sites is using roles & capabilities to limit access to viewing posts to only those who have the proper capabilities to see them. 

For example, assume we have a system with a ''""Manager""'' role and a taxonomy called ''""Post Visibility""'' where terms are ''""Visible to All""'' and  ''""Visible to Managers Only.""''  We add a `'see_managers_posts'` capability to ''""Manager.""'' We then filter outs posts with the'' ""Visible to Managers Only""'' term using the `'posts_where'` and `'posts_join'` hooks when viewed by users whose role does not have the `'see_managers_posts'` capability.

With that configuration now assume for example we have 10 posts with 3 of them ''""Visible to Managers Only.""'' The post list in `/wp-admin/edit.php` will use `wp_count_posts()` to show that we have 10 posts when we can only see 7 of them. Currently to fix it so the post counts display `7` for non-managers we have to hook the `'query'` hook, which is a hook of last resort.

So, the attached patch adds two hooks to  `wp_count_posts()`: 

 - `'wp_count_posts_sql'` - To allow modifications of the SQL used to count posts, and 
 - `'wp_count_posts'` - To allow modifications of the array returned by the function.

I decided to add two (2) hooks because not having the former would mean we'd need to make two SQL queries if we need to modify the counts, and not having the latter would mean that we'd have the complexity of modifying SQL in use-cases where the a SQL query modification is not what is needed to to determine the proper counts. 
",mikeschinkel
Future Releases,16854,wp_query does not handle multiple exclude author properly,,Query,3.1,normal,normal,Future Release,enhancement,new,has-patch,2011-03-14T11:35:11Z,2013-04-25T17:07:03Z,"when making a query with $args containing 

{{{
'author' => '-2,-3,-4'
}}}

line 2008 of wp-includes/query.php only uses 1 element of the array that is created from the 
{{{
$q['author'] string
}}}

{{{
 $q['author'] = explode('-', $q['author']);
 $q['author'] = (string)absint($q['author'][1]);
}}}

I have attached a patch that works with 1 or more excluded authors

essentially it, implodes the array back into a string of author ID's rather than selecting only element [1] of the exploded array

{{{
$q['author'] = explode('-', $q['author']);
$q['author'] = implode('',$q['author']);
}}}
",commentluv
Future Releases,19392,Add auto-suggest support for all flat taxonomies in Bulk Edit.,,Quick/Bulk Edit,3.0,normal,normal,Awaiting Review,enhancement,new,,2011-11-29T18:37:18Z,2011-11-29T18:58:48Z,"Auto-suggest in the Bulk Edit area for post_tag's was fixed in 3.3. Let's add support for all other non-hierarchy tax's in 3.4. 

See [http://core.trac.wordpress.org/ticket/19176#comment:11 #19176] for more info.",scottbasgaard
Future Releases,23314,Allow published posts to be revised without being updated immediately,,Revisions,,normal,normal,Future Release,feature request,new,,2013-01-29T19:39:01Z,2013-04-10T09:08:15Z,"Two things. Let's allow contributors to submit changes for review to their published posts. Let's also allow users to make changes to their posts and pages and save those changes, without updating the published post or page.",kovshenin
Future Releases,16839,Category Base Should be Slugified,,Rewrite Rules,3.1,normal,normal,Future Release,defect (bug),reviewing,,2011-03-12T21:42:52Z,2011-08-29T23:45:18Z,"Vanilla install of 3.1. Change category base to Foo Bar.  Link generated is example.com/Foo Bar/cat (note the %20/space). Clicking link tries to access /FooBar/cat and 404's.

I see there are a few other tickets regarding categories, including #16662 but no specific mention of custom category base.

",miklb
Future Releases,23016,Allow plugins to manipulate WP_Roles ($wp_roles global) on construct,,Role/Capability,3.5,normal,normal,Future Release,defect (bug),new,,2012-12-20T08:38:46Z,2013-05-14T13:32:58Z,"The WP_Roles class is difficult to extend. There are no actions, filters, or intercept points to allow plugins to target it. Because the $wp_roles global can be created anytime (even doing_it_wrong on plugins_loaded) there's no reliable way to modify any part of $wp_roles.

(The only place WP_Roles actually has any action at all is in the set_role() method, which is the least useful function in the class since it noops all user roles if a user has more than one.)

The specific use case I have is bbPress's dynamic roles.

bbPress is unable to add its dynamic roles to the $wp_roles global on switch_to_blog(). Neither of WP_Roles's initialization methods have actions to allow bbPress to add its roles on.

* switch_to_blog() calls $wp_roles->reinit()
* then wp_get_current_user()
* finally $current_user->for_blog()

At no point can bbPress reliably append its roles to $wp_roles->roles, causing the current user to incorrectly be missing their bbPress role for that site.

More over, the WP_Roles::reinit() method seems like a one-use stop-gap to fix a specific problem, that ends up introducing other issues with trying to extend it. If the use_db flag is set to false, it bails early, and there's no way for plugins that don't use database roles to reinitialize their roles correctly again.

The attached patch does two things:

* Removes the reinit() method completely, and instead re-instantiates the $wp_roles global inside switch_to_blog(). WP_Roles::_init() is not a heavy function, and the guts are basically identical between the two methods.
* Adds a byref action to WP_Roles::init() that allow plugins like bbPress to add their dynamic roles anytime $wp_roles is created.",johnjamesjacoby
Future Releases,16719,Remove vestige add_users capability,,Role/Capability,,normal,normal,Future Release,defect (bug),new,has-patch,2011-03-01T20:17:38Z,2012-10-25T20:18:37Z,"Listed in populate_roles_300() and added in [14174], it was never used. The situation it was presumably introduced for now falls on promote_users.",nacin
Future Releases,10201,Remove user-specific caps,,Role/Capability,2.8,normal,normal,Future Release,enhancement,assigned,,2009-06-17T23:02:36Z,2013-01-04T00:51:12Z,"See IRC discussions from June 18th 2009

 * The current role system is rather complicated, But has a lot of flexibility
 * A lot of the flexibility isn't even used by most (ie. the ability to have a user with a Roll + a single capability)
 * The role system starts having trouble with a high number of users
   * To look up every user with a certain cap. it requires loading all the users, and then checking individually. 

The proposed changes are:

 * That we reduce the complex system to something much more simple:
   * Roles are retained: 1 role per meta entry, and since the meta API allows for multiple values for the same key, this would have the benefit of multiple roles, and direct lookups.
   * However:
     * Remove the ability for a user to be part of a Role, and have an extra capability added on top of that. 
 * This has the ability to significantly increase performance, As now:
   * Looking up users with a specific cap is easy:
     * Filter the role list for roles with that cap
     * SQL the usermeta table for users in those roles
     * Select those users (if needed, else return the ID's) 
 * An upgrade path is available which doesnt require extra tables, and reduces the ammount of serialization
   * The other option is a whole new set of tables.. which.. those who are sane (And there are some insane people in WP Dev..) realise that its not really needed. 
 * Fine grain control has never been possible from WP without a plugin, Nothing would change here, If a user wants fine grained control over permissions, They'd still have to run a plugin, Its just that that plugin may have to do more heavy lifting now -- since wordpress's API/role system would be simpler and not support the extra fangledangles.",Denis-de-Bernardy
Future Releases,11623,review options list and update sanitize_option(),dd32*,Security,2.9,normal,normal,Future Release,defect (bug),accepted,,2009-12-26T01:22:13Z,2010-11-13T01:18:42Z,"A lot of options have been added since 2.0.5, and as a result, not all of them have been added to {{{sanitize_option()}}}

Ideally, Options which are to be (int) or absint() should have a filter applied to them here.

Attached patch is for the first option thats brought this up, 'start_of_week' which is tested to be int in some function uses, ignored elsewhere.

I've set this to security as its preventive security..",dd32
Future Releases,21022,Allow bcrypt to be enabled via filter for pass hashing,,Security,3.4,normal,normal,Awaiting Review,enhancement,new,dev-feedback,2012-06-20T01:34:26Z,2013-03-05T19:26:57Z,"Hi,

following recent discussions on password security and how to best prevent any hackers can leverage password table they might have got I looked into the phpass used for WordPress.

While I in principle understand why WordPress uses the compatibility mode of it, I would like to see some flexibility for those who don't need the compatibility.

Thus I would propose to change in wp-includes/pluggable.php all occurances of

$wp_hasher = new PasswordHash(8, true);

to

$wp_hasher = new PasswordHash(8, apply_filters('phpass_compatibility_mode', true));

This would allow users to easily change via plugin from the ""not so secure"" compatibility mode (only salted MD5) of phpass to a more secure setting (bcrypt) in case no compatibility with other applications is required.

The plugin changing the encryption methog could then as easy as

function phpass_bcrypt() {
	return false;
}
add_filter('phpass_compatibility_mode', 'phpass_bcrypt');",th23
Future Releases,20779,Recommend a user updates keys/salts in maint/repair.php,,Security,,normal,normal,Future Release,enhancement,new,has-patch,2012-05-29T18:03:19Z,2012-06-27T20:29:33Z,"In maint/repair.php, we tell a user they need to add WP_ALLOW_REPAIR.

Since they are already going into wp-config.php, we should also encourage them to update their unique phrases for keys and salts, assuming they do not have a complete set of 8 unique ones already.",nacin
Future Releases,20635,_pad_term_count get's stuck if there is a loop in the hierarchy,westi*,Taxonomy,,normal,normal,Future Release,defect (bug),accepted,has-patch,2012-05-08T10:31:37Z,2012-12-06T22:51:42Z,"Ideally it should be impossible for a loop in a taxonomy hierarchy to exist.

But sometimes they do.

If one does exist then {{{_pad_term_counts()}}} gets stuck :(

When one of these does exist the category widget breaks the front page of your site.

We currently hook {{{wp_check_term_hierarchy_for_loops}}} on {{{wp_update_term_parent}}} and I wonder if there are other places we should be doing this check too.",westi
Future Releases,18828,function wp_get_object_terms() passes sql data into `wp_get_object_terms` filter for $taxonomies,,Taxonomy,3.2,normal,normal,Future Release,defect (bug),new,has-patch,2011-09-30T19:07:08Z,2011-11-15T23:55:10Z,"In wp-includes/taxonomy.php, the return data is passed through the `wp_get_object_terms` filter using the sql-ready data for $taxonomies, meaning it is quoted and comma seperated, for example ""'category', 'post_tag', 'post_format'"". Even for one taxonomy, it has quotes added, it seems this would be easier to work with if it matched the data passed into the function more closely.",postpostmodern
Future Releases,17646,wp_get_object_terms should return arrays of integers for IDs and tt_IDs,,Taxonomy,3.2,normal,normal,Future Release,defect (bug),new,has-patch,2011-06-01T18:00:41Z,2013-05-14T11:39:18Z,"Currently when you use ```wp_get_object_terms``` to request an array of IDs or tt_IDs, the array returned contains strings representing the IDs, not integers. This then creates issues if you send the values back into ```wp_set_object_terms``` as it creates terms named as per those strings, rather than associating the term_ids as expected.

Code to prove the issue:

{{{
$term_ids = wp_get_object_terms( get_the_ID(), 'category', array( 'fields' => 'tt_ids' ) );
var_dump( $term_ids );
}}}

Results in:

{{{
array
  0 => string '1' (length=1)
  1 => string '5' (length=1)
}}}

I believe that the array should have all values cast to integers before they are returned. The attached patch does this by mapping a created function to utilise ```(int)``` for the desired result.",simonwheatley
Future Releases,21949,Allow private taxonomies (public = false),,Taxonomy,,normal,normal,Future Release,enhancement,new,commit,2012-09-20T22:22:14Z,2013-05-14T13:33:47Z,"In a discussion with jaredatch & nacin, we discovered that the public arg is not working properly within WordPress query.

So I merged Limiting publicly queried post_types to those that are publicly_queryable with limiting publicly queried taxonomies to those that are public instead of just duplicating the code and making it for taxonomies.",wpsmith
Future Releases,20930,register_taxonomy show_in_menu option,,Taxonomy,,normal,normal,Future Release,enhancement,new,has-patch,2012-06-12T23:07:30Z,2012-11-23T19:55:35Z,"Shouldn't taxonomies have a show_in_menu option for taxonomies as well. Of course, this would be the same as custom post types affecting the registration and the $parent_file.

The original attachment has the parent file logic via the filter, 'parent_file'.",wpsmith
Future Releases,18714,terms_updated_messages filter,nacin*,Taxonomy,,normal,normal,Future Release,enhancement,accepted,has-patch,2011-09-20T07:57:18Z,2011-09-27T05:11:23Z,"In the same vein as #18710 we should add a `terms_updated_messages` filter for the term management screen. Messages are currently hardcoded as 'Item added', 'Items deleted', etc.",johnbillion
Future Releases,15513,Home Page fails to use page template sometimes,filosofo,Template,3.1,normal,normal,Future Release,defect (bug),reopened,has-patch,2010-11-20T01:33:44Z,2010-12-23T17:05:31Z,"If a page is the home page but not also the front page and it has a page template, the page template is ignored.  This behavior is counter-intuitive:

 * When editing the home-page page, either normally or with quick edit, the page template is shown as being the template.
 * When acting as a front page, a page uses its page template if available.",filosofo
Future Releases,17877,Add a new wp_title_array filter to wp_title,,Template,3.1,normal,normal,Future Release,enhancement,new,has-patch,2011-06-23T23:10:00Z,2013-05-14T13:34:04Z,It would be awesome to have a filter in `wp_title()` that would let you filter the array.  Right now if any part of the title contains the title separator you can't tell what is a separator and what isn't using the wp_title filter.  Additionally if we make the array filterable you could add additional parts to it without worrying about rtl vs ltr.,aaroncampbell
Future Releases,10177,get_ version of comments_number(),,Template,2.8,normal,normal,Future Release,enhancement,new,dev-feedback,2009-06-15T16:33:42Z,2010-12-01T17:10:05Z,"Currently: {{{comments_number()}}} accepts several arguments for the comment number labels and outputs them. {{{get_comments_number()}}}, however, returns only the number of comments.

Problem: there isn't a function to mimic the {{{comments_number()}}} functionality, but to return instead of echo.

The patch introduces {{{get_comments_number_text()}}}, which inherits the functionality of {{{comments_number()}}}, but returns. {{{comments_number()}}} just calls {{{get_comments_number_text()}}}.",nbachiyski
Future Releases,22602,Additional error handling when installing child and parent theme from WordPress.org,,Themes,,normal,normal,Future Release,enhancement,new,has-patch,2012-11-27T04:35:17Z,2012-11-27T04:35:17Z,See #22515 and ticket:22515#comment:6.,nacin
Future Releases,22810,Support for theme changelogs,,Themes,,normal,normal,Future Release,enhancement,new,,2012-12-07T14:39:22Z,2013-02-20T20:40:06Z,"Plugins' changelogs are shown in the WordPress plugin repository in tabs, eg. http://wordpress.org/extend/plugins/events-manager/changelog/.

Plugins' changelogs are also linked to when viewing available updates in WP-admin, so the siteadmins can know if the update could mess with their customizations.

Theme changelogs are not visible in either place. They should be supported in both places. Also http://codex.wordpress.org/Theme_Review should be updated to reflect that the theme changelogs are much recommended if not mandatory to use and to specify the exact format for them. Currently it uses language that is not clear for those who don't speak English as their first language: ""In lieu of..."" and then ""...Themes are recommended to include a changelog"", which doesn't let the theme author know what format should the changelog be in.

At the moment I've seen changelogs for themes in different formats, but none of them is supported.

Summary of the issues:

1. Add support for theme changelogs on https://wordpress.org/extend/themes/ theme pages in tabs.
2. Add support for theme changelogs in wp-admin theme list views.
3. Clarify Theme Review codex page on the supported format(s) and use more simple English than ""in lieu of"".",Daedalon
Future Releases,14955,Themes should support uninstall.php or uninstall hook,,Themes,3.0.1,normal,normal,Future Release,enhancement,new,has-patch,2010-09-23T22:59:57Z,2012-10-09T16:13:14Z,"Related tickets on extending Themes to have Plugin features: #7795 and #14849 but those deal primarily with activation and deactivation centering around 'switch_themes' action.

From looking at /wp-admin/includes/plugin.php, adding support for uninstall is a separate concern (and it doesn't have the issue blocking activation/deactivation).

Should is_uninstallable_plugin, register_uninstall_hook and uninstall_plugin be extended to check theme directory or should versions (is_uninstallable_theme, register_uninstall_theme_hook and uninstall_theme) be added to theme.php?

Advantage of the first method is that the register_uninstall_hook could be reused for Themes where in the second, a new, less attractive name would be needed (register_uninstall_theme_hook?) Also, there's no theme_basename as it was reverted/removed.",WraithKenny
Future Releases,20816,custom-background $args enhancement,,Themes,3.4,normal,normal,Awaiting Review,enhancement,new,has-patch,2012-06-02T04:56:46Z,2013-03-27T15:04:09Z,"Looking to have added the rest of the arguments to pass through the $args to include the rest of the appearance -> background parameters including but not limited to position(x/y), repeat and attachment.

`add_theme_support('custom-background', $args);`

Example:

{{{
array(
	'default-color' => '000000', 
	'default-image' => get_stylesheet_directory_uri() . '/images/background-wolfbw.jpg',
	'repeat' => 'no-repeat',
	'position-x' => 'center',
	'attachment' => 'fixed'
);
}}}

ie. the repeat position(x/y) and attachment parameters


Main themes even child themes have looks which sometimes need to incorporate fixed or positioning that cannot be set with the current $arguments and it would benefit theme designers to allow those arguments to be passed 


",frumph
Future Releases,15457,Add URI support to add_editor_style(),,TinyMCE,3.0.1,normal,normal,Future Release,enhancement,new,,2010-11-17T22:18:34Z,2010-11-22T16:34:55Z,"Currently add_editor_style() only allows for CSS files to be added that are relative in location to the current theme's stylesheet_directory or template_directory, meaning it can only be used by theme authors. Let's keep that functionality, but add the ability to attach a CSS file via URI. This way, plugin authors can use it to add editor styles.

An example of why this might be necessary is a microformat plugin where the user can style microformats differently by adding certain CSS files by the user's choice. Right now, we can only see a change like that when we click preview.

So it would be nice if plugins could use this function as well as themes.

I've attached a potential patch.",dwieeb
Future Releases,15588,GoogleSpell.php preg_replace eval removed,,TinyMCE,3.0.1,normal,normal,Future Release,enhancement,new,has-patch,2010-11-27T01:27:10Z,2013-01-10T20:33:30Z,"Hello,

I have found and fixed one more of the preg_replace /e eval constructs, that aren't allowed in WordPress according to the coding standards.

-- Frank | [http://underground-stockholm.com/ Underground Stockholm]",underground-stockholm
Future Releases,15729,Better UX after supplying incorrect information to setup-config,kapeels*,Upgrade/Install,,low,normal,Future Release,defect (bug),accepted,has-patch,2010-12-08T07:19:24Z,2010-12-23T02:42:49Z,"In #15682 I added a 'Try Again' button to step 2 of setup-config.php if the credentials were incorrect.

The button is a simple link with a `javascript:history.go(-1)` hack. This should instead be a form with hidden values that submits back to setup-config.php?step=1, and fills out the form so they can try again.

Additional enhancement: If the prefix is malformed (can only contain letters, numbers and underscores), we do a wp_die(). We should again have a form with a 'Try Again' button that returns them.

As an added bonus, incorrect credentials should be filled out (for reference) but marked as incorrect and potentially with the focus set on that field.

Only caveat I can think of: This will require the use of esc_attr(), which we don't have access to yet. Not sure how to solve that without reverting to htmlspecialchars() with some extra work.",nacin
Future Releases,16156,update-core is oblivious to api.wp.org being unreachable,,Upgrade/Install,,normal,normal,Future Release,defect (bug),new,dev-feedback,2011-01-08T09:51:38Z,2011-04-04T07:46:30Z,"A server running 3.0.4 had trouble reaching *.wordpress.org for some unknown reason. (This wasn't during the brief api.wp.org outage, and it worked otherwise.)

Problem is, update-core was completely oblivious to this. It's even worse when running 3.1, because the 'Check Again' button will refresh the page and tell you we last checked for updates *just now*.

Try Again or Check Again should reflect that the API is unreachable when this can be determined. Claiming that we checked for updates is also really lame, so we should see if the transient tells us how long it's been since the last one.

Side note, the plugin install et al. HTTP error messages are rather cryptic, and we should also make those more user friendly.",nacin
Future Releases,24078,Remove 'admin' as default username in install,,Upgrade/Install,3.5,normal,normal,Future Release,enhancement,new,commit,2013-04-13T19:07:29Z,2013-05-05T21:06:45Z,"The installation process populates the username field with 'admin' by default.

Many/most users probably leave it as-is, making them more vulnerable to brute force attacks that look out for ""admin"" usernames.

Seems a pretty easy improvement to specify no default username, and force the user to choose one themselves.

",chrisrudzki
Future Releases,15977,Send the Locale in Plugin/Theme Update Check Requests,nacin*,Upgrade/Install,3.1,normal,normal,Future Release,feature request,accepted,,2010-12-25T20:59:43Z,2013-01-22T00:00:56Z,"Currently, we send locale (and other information about installation) only in wp_version_check and not in wp_update_plugins and wp_update_themes.

Since we still don't know how system for plugins/themes localization will work, I propose that we send this from 3.1.

Why? As said above, there is no definitive agreement on how will localization system work, but it is possible that system wont require changes in core, ie. be same or similar to one I [http://wppolyglots.wordpress.com/2010/12/10/proposal-for-plugins-localization-system/ suggested] over at Polyglots.

In that case localization system will be made independently what means that it'll can start working before 3.2 version. If we don't send locale for plugins/themes, we will need to wait for 3.2 even though that wont be significant change.

In theory, plugin/theme developers could also benefit if alongside locales, we would send all information we send in wp_version_check and later show them as are plugin versions shown now.

I know that is very late for this change but issue with plugin localization tool has been ignored for a very long time as I described in my post mentioned above in more detail.",dimadin
Future Releases,10787,Email administrators that an update is available for core|plugins|themes,dd32,Upgrade/Install,2.9,normal,normal,Future Release,task (blessed),reopened,,2009-09-15T08:44:47Z,2012-12-03T23:50:09Z,"Inspired by the recent 'email notifications for updates' plugins discussion on wp-hackers/other forums, I'd like to propose the functionality actually be included in core.

I'm thinking of a daily email (Or perhaps, even when WordPress does the update checks) that says along the lines of:

{{{
WordPress would like to notify you that you have 3 updates available:
WordPress 2.9.1
Plugin: Super Plugin 4
Theme: My Theme
}}}

Only email when the updates havn't changed since last email.

Core potential? Or leave it for plugin material?",dd32
Future Releases,18200,Language Packs,nacin*,Upgrade/Install,,normal,normal,Future Release,task (blessed),accepted,has-patch,2011-07-21T21:09:28Z,2013-04-04T21:10:54Z,"Implement language packs for core, plugins, and themes.

Inspiration and code can hopefully be derived from the corresponding GSoC project.

This will require quite a bit of work in GlotPress, on api.wordpress.org, and in core. I will take point, but assistance will be needed. A number of decisions will need to be made. I will begin designing a document for what exactly needs to be done over the next week.",nacin
Future Releases,22367,"Usernames with ""@"" char are assumed email addresses, causing incorrect look-up in several places",,Users,,normal,normal,Awaiting Review,defect (bug),new,has-patch,2012-11-06T00:45:19Z,2013-01-10T10:57:23Z,"'''Problem'''

Usernames containing the ""@"" character are mistakenly assumed to be email addresses when:

* wp-login.php - Resetting passwords
* /wp-admin/user-new.php - Adding an existing user to a site, in multisite
* /wp-includes/user.php - Searching for a user

----

'''Duplicate'''

* Create a user with the login ""@testing""
* Verify the account, etc...

'''Bug in Search'''

* Visit: wp-admin/network/users.php - attempt to search for: ""@testing""
* Result: no users found
* What should happen: find the user

'''Bug in Add New'''

* Visit: wp-admin/wp-admin/user-new.php - attempt to add: ""@testing""
* Result: no users found
* What should happen: add the user

'''Bug in Reset Password'''

* Visit: wp-login.php - attempt to reset password for: ""@testing""
* Result: retrieve_password() accidentally succeeds, because strpos() check returns 0, which is the correct position of the ""@"" character. If the username was ""testing@"" this test would fail

----

'''Solution'''

The attached patch fixes these bugs by using is_email() instead of an strpos() for an @ character.",johnjamesjacoby
Future Releases,12295,More support to customize user profile edit page,nacin*,Users,3.0,normal,normal,Future Release,enhancement,accepted,dev-feedback,2010-02-19T21:14:01Z,2013-05-15T12:02:10Z,"Right now I can edit the contact methods via the user_contactmethods filter, but I can not modify or remove the Personal Options or the Name Options.
I want to keep the interface as simple as possible for my users, and I don't think that they need to edit this settings at all.
If wp wants to be a cms, it should give me control over this aspect as well.
At least, give me custom css-ids, so I can remove it via css!",pampfelimetten
Future Releases,16318,The reset password process could be clarified,,Users,3.1,normal,normal,Future Release,enhancement,assigned,,2011-01-20T16:27:57Z,2013-01-22T16:51:08Z,"I find the process of resetting a user password confusing, and sI guess I am not the only one.

Here is why:

The fist screen in this process is almost ok:

[http://snapplr.com/mbtp]

only the text on the button is confusing as users won’t “get a new password” but are going to input a new password (I guess this is an heritage of the past procedure).

The second screen is where most users get lost:

[http://snapplr.com/811w]

I think that the login form should not be visible here as it gets the user’s focus, so they do not see the text above telling them to check their mailbox and do not know what to type here.

I know that changes are planned in the reset password process, but these two relatively small changes could make the process a lot easier to follow for users.",paolal
Future Releases,19291,Widgets move to Inactive after clearing all widgets from sidebars,,Warnings/Notices,3.3,normal,normal,Future Release,enhancement,new,,2011-11-18T15:49:18Z,2011-11-23T22:44:56Z,"Jane reported in IRC that a theme switch dropped her widgets to Inactive.

> Jane: test site had 2010 as theme, with some widgets. activated 2011 on themes.php. Refreshed itself to themes.php?activated=true and showed alert message "" New theme activated. This theme supports widgets, please visit the widgets settings screen to configure them."" Go to widgets screen, widgets in primary sidebar in 2010 are not in sidebar, no widgets live anymore
> Jane: switch back to 2010, same message appears on themes.php?activated=true and 2010 sidebar comes back

[http://core.trac.wordpress.org/ticket/19091#comment:11 Reproduced by ocean90].

I was able to repeat the reported issue one only one specific case.

This only happens if you remove *all* widgets from all sidebars. Then add widgets back to sidebar(s). Then, switch back to a previously activated theme.

- It doesn't happen if you leave at least one widget in place in a sidebar
- It doesn't happen if you switch to a new theme (not previously activated)

Looks like we can solve it by the ""lost"" widget check just puts any old widgets into Inactive. We should orphan those, too.

To fix: If widgets registered but not in the new theme's sidebar, orphan it.

See #17979, #19091, #19092.",lancewillett
Future Releases,12722,Concurrent editing of widgets,azaozz,Widgets,,normal,normal,Future Release,defect (bug),new,has-patch,2010-03-26T18:07:46Z,2013-04-25T05:39:22Z,When two admin users edit widgets at the same time which ever one saves last wins.  I think we'd need something like the post edit lock to be able warn users when someone else is already editing widgets.,josephscott
Future Releases,21292,XML-RPC: wp_upload_bits should act like wp_handle_upload,westi,XML-RPC,3.0,normal,normal,Future Release,defect (bug),assigned,has-patch,2012-07-17T07:01:23Z,2013-05-07T11:37:28Z,"At this moment there isn't a check for file size when uploading an image through the XML-RPC. The reason is that the method wp_upload_bits is used. This only checks it does is if the file size is to big for a network installation.

The function check_upload_size() is something what you want except that it will use wp_die() if there is an error like this. The function is used as a filter: wp_handle_upload_prefilter. Which only get applied in the function wp_handle_upload. 

We should probably change check_upload_size() a bit so it doesn't use wp_die() but does it somewhere else.

related: #6559 and #21085",markoheijnen
Future Releases,17604,wp.uploadFile overwrite doesn't work,,XML-RPC,3.2,normal,normal,Future Release,defect (bug),new,has-patch,2011-05-29T10:27:21Z,2012-11-08T01:52:09Z,"Removing the following lines from the function ''mw_newMediaObject'' file ''class-wp-xmlrpc-server.php'' solves the problem:

{{{
$filename = preg_replace('/^wpid\d+-/', '', $name);
$name = ""wpid{$old_file->ID}-{$filename}"";
}}}

Why are these lines there anyway? overwrite is overwrite.

This, presumably, bug exists in WP 3.1 too.",M66B
Future Releases,20026,Adding a post_type filter in wp.getComments,westi,XML-RPC,,normal,normal,Future Release,enhancement,reviewing,needs-unit-tests,2012-02-12T15:48:53Z,2012-08-05T19:45:16Z,This will be usefull when with the new custom post type support in XMLRPC,nprasath002
Future Releases,23099,Add JSON-RPC support using existing XML-RPC methods,,XML-RPC,3.5,normal,normal,Future Release,feature request,new,needs-unit-tests,2013-01-02T01:22:37Z,2013-04-22T21:18:54Z,"Many people have expressed interest in a JSON API for WordPress core. Until a full REST API can be implemented, the existing XML-RPC method implementations can be re-used by wrapping them in JSON-RPC serialization/de-serialization logic.",maxcutler
Next Release,14578,"Default User Role isn't checked against defined roles, causing unexpected resets to Administrator",garyc40,Role/Capability,3.0.1,normal,major,3.6,defect (bug),assigned,has-patch,2010-08-10T10:00:29Z,2013-01-13T23:00:20Z,"Take these steps:

1. Activate a plugin that creates role on activation. For example, it calls ""add_role( 'photo_uploader', 'Photo Uploader', array( 'read') );""[[BR]]
2. In General Settings, set the Default User Role to this new role, 'Photo Uploader'.[[BR]]
3. Deactivate the plugin, removing the roles: ""remove_role( 'photo_uploader');""[[BR]]
4. In General Settings, the Default User Role now displays 'Administrator'. (In the database, it still says 'photo_uploader'.)[[BR]]
5. When creating a new user (as admin), the role dropdown-box now displays 'Administrator' as role for this new user. This new user _will_ have role 'Administrator' if an unsuspecting admin does not explicitly alter the role in the dropdown-box.[[BR]]

This way, an unsuspecting adminstrator might accidentally create new admins for his blog.

I have also tested this for new users registering themselves. Fortunately, they are assigned the role 'None', not 'Administrator'.

Greetings,

Ivo van der Linden[[BR]]
(employee of LaQuSo @ Eindhoven University of Technology)",Ivolution
Next Release,15264,Deleting a term shared across taxonomies deletes all associated nav menus.,garyc40,Taxonomy,3.0.1,normal,major,3.6,defect (bug),assigned,has-patch,2010-10-31T08:01:32Z,2013-01-12T05:44:21Z,"Using other taxonomies since WP 2.3 in [http://wordpress.org/extend/plugins/xili-dictionary/ plugin xili-dictionary] , I just discover that now (since WP. 3.0) when deleting a term of his taxonomy, ''a menu item can disappear''.

'''In which conditions ?''' 

When the term (i.e. news) is shared by taxonomy category and the plugin taxonomy named dictionary ?

After deep tests (thanks to the night when time changes from summer to winter time), I can also reproduce it in current conditions : when a term is shared between taxonomies category and post_tag : If you delete the tag (i.e my test), if a category 'my test' exists and was active inside a navigation menu : the nav menu item disappear (unpleasant).

The cause of this unexpected erasing, was the action hook ''delete_term'' at end of '''wp_delete_term''' function and precisely the default filter ''_wp_delete_tax_menu_item''.
The add_action in default-filter.php (line 233) don't pass the 3 parameters and the function (menu-nav.php line 700) don't verify if it is possible to delete the menu item (as well done for term in other taxonomies in wp_delete_term itself) by testing the params and the taxonomy of the menu item content.

Today workaround in plugins using new taxonomies : remove filter before deleting a term on concerned taxonomies and add it after. 
Hope that explanations were explicit.

Best regards
",michelwppi
Future Releases,9296,Settings API & Permalink Settings Page Bug,jfarthing84,Administration,2.7.1,normal,major,Future Release,defect (bug),reopened,has-patch,2009-03-07T05:33:55Z,2013-04-22T20:58:19Z,"Although there is a hook in the options-permalink.php to insert custom settings, it does not actually save any custom setting which is added to that page.  Instead of posting to options.php like all the other options pages, it posts to itself and only handles the form data which is built into the wordpress core.  It should be implemented on that page to also store custom settings that may be hooked onto that page.",jfarthing84
Future Releases,8592,Private Pages not listed in the Parent dropdown,nacin,Administration,2.7,normal,major,Future Release,enhancement,reopened,commit,2008-12-12T16:22:24Z,2013-02-28T12:51:59Z,"Private pages are not available as a choice in the Parent dropdown of the Attributes module.

You should be able to create a hierarchy of private pages if you want to.

Tested with r10194.",mtdewvirus
Future Releases,15918,wpautop() breaks inline tags on the same line as block tags,dunno,Formatting,3.0.3,normal,major,Future Release,defect (bug),new,,2010-12-20T16:01:31Z,2012-04-11T15:22:31Z,"Hi guys! I've got latest WP installation (3.0.3) and found strange bug in posts parser.

Create article with following HTML:

{{{
<div class=""wassup""><a href=""#"">WP IZ ASSUM</a></div>
}}}

Browser will get: 

{{{
<div class=""wassup""><a href=""#"">WP IZ ASSUM</a></div>
}}}

All seems to be fine! Now get rid of unnecessary div.

Create article with following HTML:

{{{
<a href=""#"">WP IZ ASSUM</a>
}}}

Browser will get: 

{{{
<p><a href=""#"">WP IZ ASSUM</a></p>
}}}

Dunno why there is extra <p> but who cares. All seems to be OK.

Create article with following HTML:

{{{
<figure><a href=""#"">WP IZ ASSUM</a>
</figure>
}}}

Browser will get:

{{{
<figure><a href=""#"">WP IZ ASSUM</a><br />
</figure>
}}}

Now isn't that cool? But check what is even cooler!

Create article with following HTML:

{{{
<figure><a href=""#"">WP IZ ASSUM</a>
<figcaption>NO IT'S BUGGY AS HELL</figcaption>
</figure>
}}}

Browser will get:
{{{
<figure><a href=""#"">WP IZ ASSUM</a></p>
<figcaption>NO IT’S BUGGY AS HELL</figcaption>
</figure>
}}}

Wow! Say hello to invalid markup and rendering problems! Auto-closing of tags turned off. No matter of the settings I still get this nice messed up html. WYSIWYG turned off also.",retrib
Future Releases,20569,We need addslashes_deep(),,General,3.4,normal,major,Future Release,defect (bug),new,has-patch,2012-04-29T08:08:28Z,2012-09-02T03:15:55Z,"
I don't imagine anyone still feels that having `update_metadata()` call `stripslashes_deep()` is still the Right Thing to do, but I understand why removing it is basically impossible for backward compatibility reasons.

That said, !WordPress as a platform does not currently provide a way for this data to be stored accurately as a meta value:

{{{
$data = array(
	'Check me out, I have backslashes \\'
);
update_post_meta($post->ID, 'my_key', $data);
}}}

I'm not saying that this is a great deal better from a code purity standpoint:

{{{
$data = array(
	'Check me out, I have backslashes \\'
);
update_post_meta($post->ID, 'my_key', addslashes_deep($data));
}}}

but it's at least explainable.

Telling people they have to do something like this:

{{{
$data = array(
	'Check me out, I have backslashes \\'
);
$slashed_data = array();
foreach ($data as $item) {
	$slashed_data[] = addslashes($item);
}
update_post_meta($post->ID, 'my_key', $slashed_data);
}}}

or this:

{{{
if (!function_exists('addslashes_deep')) {
/**
 * Navigates through an array and adds slashes to the values.
 *
 * If an array is passed, the array_map() function causes a callback to pass the
 * value back to the function. Slashes will be added to this value.
 *
 * @since 3.4.0? (oh please, oh please, oh please)
 *
 * @param array|string $value The array or string to be slashed.
 * @return array|string Slashed array (or string in the callback).
 */
function addslashes_deep($value) {
	if ( is_array($value) ) {
		$value = array_map('addslashes_deep', $value);
	} elseif ( is_object($value) ) {
		$vars = get_object_vars( $value );
		foreach ($vars as $key=>$data) {
			$value->{$key} = addslashes_deep( $data );
		}
	} else {
		$value = addslashes($value);
	}

	return $value;
}
}

$data = array(
	'Check me out, I have backslashes \\'
);
update_post_meta($post->ID, 'my_key', addslashes_deep($data));
}}}

is just indefensible.

FWIW, @rboren created this function as [http://core.trac.wordpress.org/attachment/ticket/12402/12402.2.diff part of a patch] a couple of years back (#12402), but it hasn't landed yet. Pretty please can we get just this bit in for 3.4?",alexkingorg
Future Releases,16606,WP_Http_Streams::test doesn't check enough to confirm if it can do HTTPS,,HTTP,3.0.5,high,major,Future Release,defect (bug),new,has-patch,2011-02-21T08:16:44Z,2013-01-20T20:44:55Z,"The WP_Http_Streams doesn't check for all it's prerequisites before saying it can process HTTPS request.

It seems to be common for the openssl extension to no be loaded.

Example Warnings:

{{{
[21-Feb-2011 08:06:48] PHP Warning:  fopen() [<a href='function.fopen'>function.fopen</a>]: Unable to find the wrapper &quot;https&quot; - did you forget to enable it when you configured PHP? in .../wp-includes/class-http.php on line 1063
[21-Feb-2011 08:06:48] PHP Warning:  fopen(https://example.com/feed/) [<a href='function.fopen'>function.fopen</a>]: failed to open stream: No such file or directory in .../wp-includes/class-http.php on line 1063
}}}

We need to at least check: {{{extension_loaded( 'openssl' )}}}
",westi
Future Releases,13651,Problem with plural form in comments_number,nbachiyski,I18N,3.0,high,major,Future Release,defect (bug),new,has-patch,2010-05-31T07:55:14Z,2013-04-10T16:06:03Z,"Hi, there is problem with comments_number in WordPress (and also Twentyten theme). There is possibility to use 0, 1 or more comments. But for Czech there are also two plural forms: 0 (žádný komentář), 1 (1 komentář), 2-4 (komentáře) and 5 and more (komentářů).

Function comments_number does not support it, also in Twentyten it is not possible...",pavelevap
Future Releases,16330,"media_sideload_image() broken with filenames containing strange characters (e.g., +, %)",,Media,3.1,normal,major,Future Release,defect (bug),reopened,needs-unit-tests,2011-01-21T13:56:19Z,2013-03-17T10:31:55Z,"I'm using the {{{media_sideload_image()}}} method in the upcoming version of my [http://wordpress.org/extend/plugins/e107-importer/ e107 Importer script] (see: http://github.com/kdeldycke/e107-importer/blob/b7925fdac6aa43db4be5b7925265a83d95fc62ad/e107-importer.php#L277 ) to upload remote images into WordPress.

This method work as expected with lots of images from a lot of different sources, but fail on URLs containing spaces.

Let me illustrate this bug with an example.

When trying to upload the image located at
{{{
http://home.nordnet.fr/francois.jankowski/pochette avant thumb.jpg
}}}
the result looks like this on the file system: http://twitpic.com/3s0dk7 . As you can see, image file names are clean. But in the Media Manager, here is what you have: http://twitpic.com/3s0e5d . No thumbnails seems to have been created.

Now, trying to fix this, I modified the original URL before calling {{{media_sideload_image()}}} with the following code:
{{{
  $img_url = str_replace(' ', '%20', html_entity_decode($img_url));
  $new_tag = media_sideload_image($img_url, $post_id);
}}}
With this patch, here is the result on the filesystem: http://twitpic.com/3s0ets . I was surprised by WordPress not sanitizing URLs. Is that normal ?

But the most surprising stuff is in the Media Manager: http://twitpic.com/3s0hup . It looks like thanks to this hack, WordPress somehow succeeded downloading the remote file but messed with filesystem naming. What let me think this ? The Media Manager, get the right image thumbnail dimensions but not the binary payload of the thumbnail (contrary to the case above were no binary nor dimensions are available about the thumbnail).

All of this was tested in WordPress 3.1-RC2.

As for the idea of the patch above, it come from a very old version of my plugin (v0.9) that was based on WordPress 2.3.2. There, I somehow found the root cause of the problem, [http://github.com/kdeldycke/e107-importer/blob/e107-importer-0.9/e107.php#L410 according the comment I wrote 3 years ago]:
{{{
 // The fopen() function in wp_remote_fopen() don't like URLs with space chars not translated to html entities
}}}

I should have posted this bug report sooner, as now I've forgotten everything about this issue... :(",Coolkevman
Future Releases,17450,Almost pretty permalinks with non-ASCII characters do not work in Apache,westi,Permalinks,3.1,normal,major,Future Release,defect (bug),reopened,needs-unit-tests,2011-05-16T05:53:14Z,2012-04-27T19:03:50Z,Almost pretty permalinks (using PATH_INFO) with non-ASCII characters do not work in Apache; a not found error is returned. The same permalink works in IIS when UTF-8 is used for server variables. It also works when mod_rewrite is used.,peaceablewhale
Future Releases,10249,Page slug in cyrillic = Error 404 - Not Found!,westi*,Permalinks,2.7,normal,major,Future Release,defect (bug),accepted,needs-unit-tests,2009-06-23T19:44:34Z,2012-04-27T19:04:18Z,"When I create a page with page slug for example ""киро""
then when I try to open domain/киро - Error 404 - Not Found

The permalinks are %postname%

Post slug with this slug is working just fine, the same BUG exists in 2.7, 2.7.1 and 2.8",kalifi
Future Releases,21169,remove_action on a tag within do_action for that tag can cause actions to be missed,,Plugins,,normal,major,Future Release,defect (bug),new,has-patch,2012-07-05T21:08:22Z,2012-11-07T15:35:21Z,"'''Problem:'''

If an action (or filter) in a given priority for a given tag removes itself as part of its execution, and it was the only action/filter at that priority for that tag (or only one remaining), the next priority level is skipped.

'''Reproduction:'''

See the attached unit test.

'''Analysis:'''

This appears to possibly be a bug (or at least an undocumented feature) of PHP (tested up to 5.4.3), where next() falls over if the current array element is unset (but each() has no problem even if the /next/ array element is unset).  Example non-WP code demonstrating this is included.

'''Proposed solution / workaround:'''

Switch all uses of next() in plugin.php to use each() instead; I've included a proposed patch.

Props to smathiascrowdfavorite for bringing this bug to my attention.",devesine
Future Releases,5809,Updating a term in one taxonomy affects the term in every taxonomy,garyc40,Taxonomy,2.3,high,major,Future Release,defect (bug),reopened,has-patch,2008-02-10T02:21:01Z,2013-05-15T08:13:16Z,"As reported by klawd on #wordpress and reproduced by me, editing a category will affect a tag with the same name.

{{{
Steps to reproduce:
1. Create a category called Testing
2. Create a tag called Testing
3. Rename the Testing category to Another Test
4. Check the name of the tag
}}}",rmccue
Future Releases,19373,wp_insert_post() should not contain current_user_can() checks,,Taxonomy,3.0,normal,major,Future Release,enhancement,new,has-patch,2011-11-27T17:02:31Z,2013-05-16T11:57:33Z,"wp_insert_post() is a utility function, it should not have a reliance on user capabilities. There are only two places in this function where there is a current_user_can() check - for updating custom taxonomies and for setting post slugs. All other checks (can user publish posts, etc.) are properly handled outside of the utility function.

wp_insert_post() should be safe to use in code that is run without a user context, for example via CRON. With the current code, this is the case *except* for the custom taxonomy feature. This inconsistency can cause a BrilliantDeveloperTM to lose a good deal of time debugging why the same data being passed in is coming back with different results.

For 3.4 (please!), perhaps we can figure out a way to move the checks for user capabilities on taxonomies out of the utility function and into the controller/procedural code. I'm happy to author and submit a patch once an approach has been determined.

For other developers who run into this and need to work around it, either of these 2 options work:

1. call wp_set_post_terms() to add your taxonomies after calling wp_insert_post()
2. set up a ""current user"" in your script before calling wp_insert_post()",alexkingorg
Future Releases,16001,Invited Users Can Disappear in MS,,Users,3.0,normal,major,Future Release,defect (bug),new,has-patch,2010-12-27T22:37:15Z,2013-04-22T21:56:32Z,"Steps to reproduce:

 * In ''Site Admin'', go to Users > Add New
 * Add a new user
 * You get a message to the effect of, said user needs to respond to an invitation.

Now the user has disappeared.  There's no way for a super admin or anybody to search for that user and add her directly, or delete her, or anything like that.  If the user doesn't get the email, she's out of luck: that username and email are now reserved for ""a couple of days.""",filosofo
Future Releases,9568,Allow users to log in using their email address,,Users,2.8,high,major,Future Release,feature request,assigned,has-patch,2009-04-17T17:11:28Z,2013-04-11T03:50:35Z,"I've been looking into a few tickets and adding patches to things that were potentially problematic when implementing a membership plugin (#1626, #4170, #9563, #9564). The general idea being twofold: to avoid duplicate users at all costs -- because it's a bloody mess to merge users in a billing system.

I'm about to embark on a mid-sized patch that renders the WP username field optional. This is a natural next step from #9563 and #9564.

Users could then be allowed to specify an email only, when registering. And they could use their email to login -- in addition to their username if they specified one.",Denis-de-Bernardy
Future Releases,17541,Blogger-XMLPRC API does not work with Multisite/SSL/DMZ combination,westi*,XML-RPC,3.2,normal,major,Future Release,defect (bug),accepted,has-patch,2011-05-23T07:26:29Z,2012-12-14T23:12:02Z,"I have the following setup:
My WordPress Blogs (multisite) are set up behind a firewall that exposes the public address via SSL. Inside my DMZ I'm only using HTTP, so that's what WordPress sees. When I now try to access the blogger.getUsersBlogs XMLPRC-API, I get an empty result back.

I analyzed the WordPress source code and found out that the blogger.getUsersBlogs method in the file wp-includes\class-wp-xmlrpc-server.php uses another XMLRPC call to the wp.getUsersBlogs method in case of the multisite. I further checked and found out that this appears to be the only case in which WordPress executes a remote call itself to sevice the request. I then replaced the logic in _multisite_getUsersBlogs with the multisite part from wp_getUsersBlogs and it worked.

I aso found an issue that might be related: http://core.trac.wordpress.org/ticket/16402
But since the source code in the trunk still uses the regular IXR_Client, I'm not sure if this would fix the issue.

I attached my fix as a patch, but it's not refactored to remove code duplication since I don't have a dev-environment set up for WordPress.

Michael",michael_k
Future Releases,12257,wpdb Scales Badly Due to Unnecessary Copies of All Query Results,ryan,Database,,normal,critical,Future Release,defect (bug),reopened,,2010-02-17T03:08:06Z,2013-03-19T05:19:44Z,"While working on #11726, I encountered a reproducible crash in wpdb::query()

The following code causes memory exhaustion on large result sets:

{{{
while ( $row = @mysql_fetch_object($this->result) ) {
	$this->last_result[$num_rows] = $row;
	$num_rows++;
}
}}}

The memory exhaustion message is error-controlled, causing a white screen of death even in debug mode.

I searched wp-db.php for references to $this->last_result, and I found no justification for these object reference copies.  $this->last_result '''should''' be maintained as a MySQL resource and properly optimized using the MySQL client layer instead of this PHP nonsense.

Tagging for dev-feedback to discuss which Milestone is appropriate.",miqrogroove