}}} Sadly I have not yet come up with a solution. PHPs urlencode() does not escape a double dash - which is ok as its usually perfectly valid. Maybe someone with RDF experience has a good idea. bye, -christian- [1] http://en.wikipedia.org/wiki/Internationalized_domain_name#Example_of_IDNA_encoding [2] http://htmlhelp.com/reference/wilbur/misc/comment.html ",lathspell Future Releases,20450,wp_dropdown_categories - inconsistent use of single-quotes causes (javascript) assignment issues,,General,3.3.1,normal,minor,Awaiting Review,defect (bug),new,close,2012-04-15T23:06:37Z,2012-06-18T23:02:05Z,"wp_dropdown_categories outputs double-quote characters for all options (value etc) BUT single-quote characters for main select attributes - which is inconsistent. this causes a problem when assigning output to eg. a javascript string - meaning we must perform a separate 'replace' operation first. similarly, we already have to do a replace of all newline-characters in output for newline-backslash - in order that its multi-line output can be assigned to a javascript variable. please could we have double-quote characters used consistently in output? ideally provision of a javascript friendly output format (ie. backslash-newline) would also be great - though my no means essential. ",rcain Future Releases,20298,Change requires to require_once,,General,3.3.1,normal,normal,Awaiting Review,enhancement,new,close,2012-03-24T22:39:20Z,2012-04-01T17:58:37Z,"Wordpress partially uses ""require"" to include files. I'd prefer to have require_once everywhere where a file really shouldn't be included twice. I'm currently developing an HTTP-Server (https://github.com/pp3345/Pancake) with a function to keep ""static"" codefiles (for example files that only do class-definitions and don't actually really execute any code) in some kind of a cache so that they don't need to be loaded again on every single request in order to improve performance. When I now, for example, load the wp-includes/class-wp-walker.php into the cache at the beginning and then Wordpress tries to require the file again, it fails with an Fatal Error due to trying to define the class again. Using require_once instead of require in Wordpress can be done quickly and would easily fix this. Also, it could improve the codes quality a bit.",pp3345 Future Releases,18489,Create constants in default-constants.php for the uploads folder to allow better custom uploads location,eddiemoya,General,3.2.1,normal,normal,Awaiting Review,enhancement,reopened,close,2011-08-19T20:11:41Z,2013-03-16T04:24:33Z,"There are cases in which a the uploads directory might need to be divorced WP_CONTENT_DIR, currently the only thing we can use is the UPLOADS constant, which works but is relative to ABSPATH and as such limits where the uploads directory can be moved to. In default-constants.php we have constants for the wp-content, and plugins folder - the uploads folder is a natural addition to this. Currently there is only a poorly documented UPLOADS override in wp_uploads_dir, which can be overridden in wp-config.php. I also think there should be a similar constant for the themes folder, but I would that would be a bit more complex of a change. I have create a new function in default-constants.php which introduce WP_UPLOADS_DIR and WP_UPLOADS_URL, which are called after wp_plugins_directory_constants() in wp-settings.php - because that function create WP_CONTENT_URL, which is needed in order to create WP_UPLOADS_URL. It is important to note that I have not changed any of the precedent in terms of what overrides what - the uploads_path option still overrides the default location (or now, the potentially custom location) defined by the new constant, ''the old UPLOADS constant will still override either of them if it is set''. Thats the way it worked before and that behavior has been preserved. Additionally, I have patched /wp-includes/function.php wp_uploads_dir to make use of these new constants as well as a little clean up of some related logic. First patch to core - go easy.",eddiemoya Future Releases,20125,Escape output in settings_errors,,General,3.0,normal,normal,Awaiting Review,enhancement,new,close,2012-02-26T17:26:26Z,2012-02-27T06:37:53Z,"'''The Problem''' The ""settings_errors"" function does not escape data when outputting it from the $settings_errors variable, which either comes from the $wp_settings_errors global variable or the ""settings_errors"" transient. This data is not escaped at any point during retrieval or output. Additionally, the data is not sanitized or validated when adding it via ""add_settings_error"". '''Test Case''' In the validation callback function for a setting, adding a settings error with HTML can badly break output: {{{ add_settings_error( 'zdt-setting', '1023', 'An error occurred' ); }}} '''Solution''' Escape the $type, $code, and $message variables on output. '''Possible Issues''' The $message variable is output wrapped in a 'p' and 'strong' tag. My patch tries to allow common, reasonable tags to be output. I use ""wp_kses_data"", which will only allow tags defined in the $allowedtags variable. Should a plugin or theme author need another element printed out, it will be stripped; however, there still is the potential that it could cause issues for plugins that were previously able to place anything in the $message variable. With that said, most other tags would lead to invalid HTML and probably shouldn't be allowed in this context anyway.",tollmanz Future Releases,19745,Login Form Dropdown,,General,3.3.1,normal,minor,Awaiting Review,enhancement,new,close,2012-01-05T02:35:47Z,2012-01-06T02:38:39Z,It would improve user experience if the login button on the admin bar had a dropdown with a login form. This only applies to websites that show the admin bar to logged out users. ,dancole Future Releases,11438,Make relative links absolute in feed,,General,2.9,normal,major,Future Release,enhancement,new,close,2009-12-14T23:21:21Z,2011-04-06T04:23:47Z,"Relative links should be made absolute for the feed, because {{{/}}} means nothing in a feed reader.",caesarsgrunt Future Releases,22303,"Please parse a ""vendor"" file",,General,,normal,normal,Awaiting Review,enhancement,new,close,2012-10-29T15:31:54Z,2012-10-30T10:06:14Z,"Hi, I'm working on improving Wordpress packaging in fedora. One of our need is to allow the use of system libraries instead of bundled copy (forbidden by Guidelines). I would like to propose, as various projects already, to include a ""vendor"" file. Goals: - without this file: no change - with this file: use constant from it - allow to define patch for each library (rather than a global WPINC) Note: this is not the same as wp-settings, which are user configurable settings, while ""vendor"" are system configuration (not to be altered by users) Work proposal. (probably) in default-constants.php if (file_exists('vendor.php')) include_once('vendor.php'); For PHPMailer (for exemple) if (!defined('WP_PHPMAILER_INC')) define('WP_PHPMAILER_INC', ABSPATH . WPINC); And of course, require_once WP_PHPMAILER_INC . '/class-smtp.php'; Using this, we could package wordpress in a simpler way, without altering provided sources, just adding this vendor file. For example, see what have be done in GLPI https://forge.indepnet.net/projects/glpi/wiki/GlpiPackaging If you accept this feature, I will work on it and submit the patches (probably various, one per library, as I will progress on this work). ",remicollet Future Releases,21113,Previous/Next page links maintain all GET variables,,General,3.4,normal,normal,Awaiting Review,enhancement,new,close,2012-06-29T14:57:00Z,2013-04-05T12:49:45Z,"The newer/older entries pagination system takes any query string in a inbound request, and includes it in the links generated for the newer/older entries. This causes problems when you put wordpress behind a cache, because all it takes is some bot trying a joomla hack to mean all visitors suddenly have a version of that page, including the bad query string, very visible. For example: http://kirrus.co.uk/page/6/?test=true Note, in the 'Newer/Older' links at the bottom of the page, that ""test=true"" will be retained. These should only really keep query-strings that wordpress knows it'll need, if you're including them? Else, you can basically poison someone's cache with this. An example of the really bad query string poisoning a cache: /page/2/?option=com_gk3_tabs_manager&controller=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron%0000",kirrus Future Releases,16938,list_files() refactoring,,General,3.1,low,normal,Future Release,enhancement,reviewing,close,2011-03-22T21:08:35Z,2011-03-23T19:34:13Z,I was taking a look into list_files(). I've seen that older code (Related: #16937) that's handling false and then false again and so on which can be just reduced + some clean-ups.,hakre Future Releases,14670,sunrise.php in single site installations,,General,,normal,normal,Future Release,enhancement,reopened,close,2010-08-22T19:17:54Z,2012-02-21T02:18:29Z,Let's make sunrise.php work regardless of is_multisite().,nacin Future Releases,16437,wp_category_checklist should have name parameter,,General,3.0.4,normal,minor,Awaiting Review,enhancement,new,close,2011-02-01T19:48:31Z,2011-12-14T23:12:37Z,"I found [http://core.trac.wordpress.org/browser/trunk/wp-admin/includes/template.php#L64 wp_category_checklist] is useful for creating my plugin/theme settings options. Unfortunately, it's currently don't have name parameter, the name is statically defined as '''post_category''' in the ''Walker_Category_Checklist'' default walker. [[BR]] ''wp_category_checklist( $post_id = 0, $descendants_and_self = 0, $selected_cats = false, $popular_cats = false, $walker = null, $checked_ontop = true )'' [[BR]] where it should be something like[[BR]] ''wp_category_checklist( $post_id = 0, $descendants_and_self = 0, $selected_cats = false, $popular_cats = false, $walker = null, $checked_ontop = true, $name='post_category' )'' So we don't need to create a new walker just to change the name. Thank you.",takien Future Releases,11549,Enable loading of the WordPress environment from external php script,,General,,normal,minor,Future Release,feature request,new,close,2009-12-21T19:54:33Z,2009-12-28T12:26:44Z,"For some integration projects, it is useful to load the WordPress environment from an external php script. This can be done by including wp-load.php Afterwards all the WordPress functions can be used. This is only possible if wp-load.php is included from the global scope. If it is included from inside a function, it will fail. This limitation makes it difficult to integrate WordPress with other projects. wp-load.php fails because of the use of global objects and assign by reference. A simple solution would be to declare $wpdb, $wp_widget_factory, $_wp_deprecated_widgets_callbacks for global in wp-settings.php The creation of WP_Widget_Factory in wp-settings.php needs to be changed from $wp_widget_factory =& new WP_Widget_Factory(); to $wp_widget_factory = new WP_Widget_Factory(); The syntax for creation of WP_Widget_Factory should be conditioned by the PHP version, to maintain backwards compatibility with PHP 4. ",mp2300 Future Releases,21446,plugins using curl with IPV6 enabled servers,,HTTP,3.4.1,normal,normal,Awaiting Review,enhancement,new,close,2012-08-01T21:46:28Z,2012-08-09T10:41:24Z," plugins using curl give problems on servers having both IPV4 and IPV6 network interfaces running. Basically the performance is poor because curl is timing out on the IPv6 address.. The workaround is: add line: curl_setopt( $handle, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4); in ../wp-includes/class-http.php Why not have this set as default? ",mippie32 Future Releases,23687,Filter Contextual Help Label,,Help/About,3.5,normal,normal,Awaiting Review,enhancement,new,close,2013-03-04T11:54:04Z,2013-03-04T17:40:07Z,"The contextual help feature is a great way to add help to themes and Plugins. However, we often find that our theme/Plugin users do not even notice the generic 'Help' button on the top right of the admin screen. It would be useful to be able to customise this label to include the theme/Plugin name so users know this is help specific to that theme/Plugin and not just WordPress generated help. Currently there is no way to filter the help label. It is fixed to 'Help'. I have included a patch that allows you to filter it to display your own custom help label such as 'Plugin Help', 'Theme Help' etc. Usage is then: {{{ function custom_label($label, $screen_id){ global $options_page_id; if ($screen_id == $options_page_id) $label = __( 'Plugin Help' ); return $label; } add_filter('contextual_help_label', 'custom_label', 10, 2); }}} ",dgwyer Future Releases,22557,"""Trash"" should be a name",,I18N,3.4.2,normal,normal,Awaiting Review,enhancement,new,close,2012-11-23T15:56:48Z,2012-12-19T04:39:57Z,"Hi there, Not sure if this happens to other languages than pt_BR, but the string ''trash'' sometimes works bad when not as a name. I would like to suggest to keep the word as a name and avoinding to flex it such ''Trash it, transhing'' etc, there is no need to singular and plural for it, I find silly ""Trashes"" in content tables since there is a counter next to the label. That's all!",Dianakc Future Releases,23758,Add hook after loading WordPress locale object,,I18N,3.5.1,normal,normal,Awaiting Review,enhancement,new,close,2013-03-13T14:58:37Z,2013-04-24T02:39:09Z,"We face some problems when we work on bbPress last month , see :[[BR]] http://bbpress.trac.wordpress.org/ticket/2219 There is no proper hook to add roles ( an example ) in WordPress ,[[BR]] especially when you use a translated display name .. You can also read some lame in bbPress source code [[BR]] ""This is kind of lame, but is all we have for now. "" http://bbpress.trac.wordpress.org/changeset/4773",alex-ye Future Releases,6425,Support for RTL in feeds,nbachiyski,I18N,,normal,normal,Awaiting Review,enhancement,assigned,close,2008-03-27T20:56:51Z,2012-02-08T06:07:07Z,"In the current state of most Feed readers, the only surefire way to make RTL content display properly is to have directionality enforced inside the content - that is, either with {{
}}} tags inside CDATA or with Unicode directionality characters (for e.g., RLE and PDF, or and , or U+202B and U+202C.) for excerpts or titles.
While we currently have pretty good support for RTL languages, there is no support for RTL in feeds - all is left up up to the feed reader.
I suggest adding a mechanism to automatically insert these tags/characters for blogs that have text_direction set to RTL - much in the same way RTL css style sheets are loaded for these blogs.
I have attached a patch that modifies the feed templates to insert these tags/characters. Note that there is no checking of blog directionality here - this is just an example of how to enforce RTL in feeds, not how to enforce it conditionally.
This relate to a previous ticket I submitted (#5517), regarding adding an option to set the feed language - which currently just defaults to EN. Certain feed readers know to display RTL text in proper directionality according to feed language (for e.g., feeds that have their feed language set to HE (Hebrew), will get displayed from Right to Left). While setting feed language is not a comprehensive solution, it is a step in the right direction.",RanYanivHartstein
Future Releases,12322,Blog import fails to generate reduced-size images,,Import,,normal,normal,WordPress.org,defect (bug),new,close,2010-02-21T17:14:59Z,2012-02-14T16:25:41Z,"I just imported from http://daveabrahams.wordpress.com (go ahead, try it yourself if you like) and chose to ""Import Attachments."" The only images from the original site that show up in the result are those that were originally displayed with size-full. The others need to be regenerated by inserting them freshly. ",daveabrahams
Future Releases,5842,LJ import gets time zone wrong,,Import,,normal,normal,WordPress.org,defect (bug),new,close,2008-02-13T18:17:09Z,2011-09-16T03:55:09Z,"LJ's export format has all dates in GMT, but the wordpress LJ importer treats them as local time. ",novalis_dt
Future Releases,7644,Import Movable Type data using AtomPub.,westi*,Import,,normal,normal,WordPress.org,enhancement,accepted,close,2008-08-29T20:33:52Z,2011-09-15T17:17:13Z,This is a split ticket from #7543. This includes the latest Movable Type portion of the code.,cavemonkey50
Future Releases,10587,POP3 class does not differentiate between 0 messages and failure to login,,Mail,2.9,normal,normal,Future Release,defect (bug),new,close,2009-08-11T15:41:20Z,2011-04-07T13:51:40Z,"The login function in wp-includes/class-pop3.php states that it returns false on failure, but it also returns false if there are no messages. These should be 2 different scenarios. I have fixed the problem. Here is an svn diff:
{{{
$ svn diff ../../../wp-includes/class-pop3.php
Index: ../../../wp-includes/class-pop3.php
===================================================================
--- ../../../wp-includes/class-pop3.php (revision 11572)
+++ ../../../wp-includes/class-pop3.php (working copy)
@@ -212,7 +212,8 @@
return false;
} else {
$count = $this->pass($pass);
- if( (!$count) || ($count == -1) ) {
+ if( ($count===false) || ($count == -1) ) {
+ echo ""count=$count\n"";
// Preserve the error generated by last() and pass()
return false;
} else
}}}
",robfelty
Future Releases,16805,default 'from' hostname,,Mail,3.1,normal,normal,Awaiting Review,defect (bug),new,close,2011-03-09T15:11:39Z,2011-06-08T15:27:33Z,"The logic used to create the hostname portion of default e-mail address when calling wp_mail doesn't make sense.
Lines 384-392 of wp-includes/pluggable.php read:
{{{
if ( !isset( $from_email ) ) {
// Get the site domain and get rid of www.
$sitename = strtolower( $_SERVER['SERVER_NAME'] );
if ( substr( $sitename, 0, 4 ) == 'www.' ) {
$sitename = substr( $sitename, 4 );
}
$from_email = 'wordpress@' . $sitename;
}
}}}
We assume that if www. is in the sitename that it is not part of the e-mail address. I reviewed a few RFCs and have not found where 'www.' is prohibited from the hostname portion of an e-mail address. I concede that john.smith@ www.sitename.com is now common, but it is still a legal name.
Additionally, if the $_SERVER[ 'SERVER_NAME' ] is a sub-domain such as blogs.sitename.com the e-mail is going to send from john.smith@ blogs.sitename.com.
For consistency I suggest we either remove all nth level domain names above the first or remove none. This way it will be more obvious when people need to use the wp_mail_from filter and not just appear to be random.",lonnylot
Future Releases,23420,"Lost password, invalid key - noticed something",,Mail,3.5.1,normal,normal,Awaiting Review,enhancement,new,close,2013-02-08T09:26:31Z,2013-02-22T18:22:52Z,"Hi there,
I have noticed something about the lost password/email retrieval that may be a bug or may help out with the number of requests this gets.
The link sent with the key and user name is surrounded with < and >
Some email clients are misinterpreting this link and including the > at the end of the user name which in turn kills the database query because the user name does not match.
I have run a couple of tests changing line 235 of wp-login.php to be:
{{{
$message .= network_site_url(""wp-login.php?action=rp&key=$key&login="" . rawurlencode($user_login), 'login') . ""\r\n"";
}}}
from
{{{
$message .= '<' . network_site_url(""wp-login.php?action=rp&key=$key&login="" . rawurlencode($user_login), 'login') . "">\r\n"";
}}}
This seems to sort the problem out.",demonpengu
Future Releases,23883,Add Media 'Title' box does not update html title attribute,,Media,3.5.1,normal,normal,Awaiting Review,defect (bug),new,close,2013-03-28T19:26:42Z,2013-03-30T01:05:39Z,"This bug is reproduced when going to the edit page / post screen, and clicking the ""Add Media"" button. If a Title is saved for the image, it will not create a title html attribute when navigating to the site.
However, if the 'Edit Image' dialog is opened for the image that was just inserted into the post / page, the Title can be saved from this screen and it will add the title attribute in the html.
",drewshen
Future Releases,22671,"Attachment pages 404 for media attached to an ""Auto Draft""",,Media,3.4.2,normal,normal,Awaiting Review,defect (bug),new,close,2012-12-01T02:50:25Z,2012-12-02T01:17:42Z,"Any image uploaded to a new post through the post editor or QuickPress has a broken View link in the Media Library. To reproduce:
1. Go to Dashboard.
1. Upload an image in QuickPress.
1. Go to Media Library.
1. Click the View link for the image.
Expected result:
I thought it was going to show me the image or the image's attachment page.
Actual result:
""This is somewhat embarrassing, isn't it?"" - 404 message from URL like /?attachment_id=112
This won't happen if the image is uploaded via the Upload New Media page.",miqrogroove
Future Releases,20252,"Default img url when adding media includes ""http://etc"" causing insecure content in https pages",,Media,3.3.1,normal,normal,Awaiting Review,defect (bug),new,close,2012-03-18T04:03:19Z,2012-03-21T04:49:20Z,"New post, insert media, select an image and have a look at the ![]()
Add New, as well as from the editor-based uploader.
The administrator does not have this problem.
Tested on a fresh install of WP 3.3.1 with the Twenty Eleven theme. Problem occurs on other themes, as well.
The solution proposed here for a similar issue does not work: #19814",walkinonwat3r
Future Releases,21091,Unable to upload media with custom permissions,,Media,3.4,normal,normal,Awaiting Review,defect (bug),new,close,2012-06-28T03:13:19Z,2013-03-11T10:31:24Z,"on the current version of wp-admin/media-upload.php there are now several checks to ensure that the user can edit the post using current_user_can( 'edit_post', $_REQUEST['post_id'] ). it appears that there is a typo as the capability as it is written currently is 'edit_post' and it should be 'edit_posts', correct?
I noticed this on a site I manage where contributors have been given the capability to upload media but are no longer able to unless media-upload.php is edited to match their built-in capability.",havahula
Future Releases,23768,Add option to turn post gallery into a slideshow,,Media,,normal,normal,Awaiting Review,enhancement,new,close,2013-03-14T14:09:34Z,2013-04-04T05:10:18Z,"To build on the improvements to the WordPress Media manager, it would be great to have an option built-in to output a gallery as a slideshow.",ericlewis
Future Releases,23594,"Categorization of files in Media Library (i.e. folders, tags, etc.)",,Media,3.5.1,normal,normal,Awaiting Review,enhancement,reopened,close,2013-02-23T10:16:26Z,2013-03-27T23:39:24Z,"Hi, the new media library is great but if you have a site with a lot of images, it is really hard to find anything.
My suggestion would be to allow admins to create a folder structure for media files, so that content can be grouped accordingly. If folders are not an option, then I would at least like to see tags as a taxonomy for media files. Anybody who has more than 100 files of media in the library can't possibly be happy about how they find their media.
Thanks for considering this. I know it's been a request in the forums for something like 3 years now, and there was a lot of hope in the community that the new media library would accommdate for this.
NextGen Gallery probably comes closest to what I am thinking of, but sometimes you don't want a bloated gallery plugin when all you want to do is categorize your media library files..
",titush
Future Releases,21329,Consolidate filters and functions in wp-admin/includes/media.php,,Media,,normal,normal,Awaiting Review,enhancement,new,close,2012-07-20T20:28:59Z,2013-01-28T23:50:11Z,"in wp-admin/media.php, there are several functions that do similar things and could be combined, simplifying how they get used.",martythornley
Future Releases,13392,Image editor UX could be more straightforward,,Media,3.0,normal,normal,Future Release,enhancement,new,close,2010-05-14T13:54:06Z,2013-02-08T17:15:27Z,"The image editor introduced in v2.9 (?) is pretty handy, but I believe the UI needs to be straightforward. Here's some issues which I see, as a starter for discussion, and hopefully later I'll be able to make some quick wireframes to suggest improvements and so everyone can have something to get hating.
The overarching issue is that the UI seems confused when it comes to committing the action you've just taken, for example:
* To scale an image, you commit the action with a button labelled ""Scale"".
* To commit a crop you have to click the crop icon button, which looks like a tool selection button (ala Photoshop) rather than something which commits the change.
* The Save button is disabled most of the time, for reasons which are unclear, but it's not super obviously styled as disabled.
Separately from the problems of committing actions, the ""Apply changes to"" panel is kind of stuck down to the right and it's not clear at which points it's having an effect.
There are no messages back to the user to confirm whether actions have or haven't been taken.
",simonwheatley
Future Releases,13372,Separate Image sizes for different post types,,Media,,normal,normal,Future Release,enhancement,new,close,2010-05-13T07:59:07Z,2013-01-03T16:14:23Z,"Would be nice, especially moving forward with custom post types to have the ability to set different image sizes using an additional parameter of `add_image_size()` for different post types: Page, Post, and Custom.",brandondove
Future Releases,16382,"Menus adds ""current_page_parent"" class to the blog page when viewing a custom post type entry",,Menus,3.0.5,normal,normal,Future Release,defect (bug),new,close,2011-01-26T22:37:36Z,2013-02-15T17:10:13Z,"Here is an example: http://www.flowermag.com/article/love-rocks/
This entry is in the custom post type ""article"", but the navigation item ""blog"" is getting the class ""current_page_parent"" even though an article is not a blog post.
This is a problem since if you're using ""current_page_parent"" for navigation highlighting, this would render an incorrect display.",tammyhart
Future Releases,24035,"in WP 3.5.1, filter wp_nav_menu_items is never called on empty menus",,Menus,3.5,normal,normal,Awaiting Review,defect (bug),new,close,2013-04-10T18:03:23Z,2013-04-11T17:01:27Z,"We upgraded from 3.4 to 3.5.1 and our main navigation menu vanished.
Our theme uses the ""wp_nav_menu_items"" filter to add menu items to an empty menu, depending on login context & other things.
I have verified that in 3.5.1, this filter is never called on empty menus. wp_nav_menu() called with the proper args to select our menu just returns null. we are specifying theme_location in the call.
A workaround/hack is to add a bogus menu item to the DB, via the admin interface, and then delete that bogus menu item in our filter.
I imagine this crept in with the new 3.5 behavior of not emitting HTML for an empty menu.
The bug is in wp-includes/nav-menu-template.php . The comment at line 174 claims we will fallback on empty menus only if no theme_location is specified, and we do test that on line 177, but on line 181 we test again and fallback on empty menus without checking theme_location.
This line (181) :
{{{ if ( !$menu || is_wp_error( $menu ) || empty( $menu_items ) ) }}}
... should be this line:
{{{ if ( !$menu || is_wp_error( $menu )) }}}
",mykle
Future Releases,24101,Argument for separating wp_nav_menu items,,Menus,trunk,normal,normal,Awaiting Review,enhancement,new,close,2013-04-16T09:50:37Z,2013-04-17T06:59:01Z,"There is no proper way to add separators between menu items without generating custom walkers for menus.
The use of menu elements with separators are great for page styling where one doesn't need a menu container like in common primary navigation areas, but rather just want a quick list for example in a page footer.
I feel having to use a custom walker for this purpose is more work then need be, for a feature that would make sense to include with core, the below patch introduces the `separator` argument to the mix to address this.
{{{wp_nav_menu( array( 'separator' => ' | ' ) );}}}
The above would output a menu as `Menu item | Menu item 2 | Menu item 3`",Clorith
Future Releases,16328,Auto redirect to home when www is in the URL in MU,,Multisite,3.0.4,normal,major,Awaiting Review,defect (bug),new,close,2011-01-21T04:46:08Z,2012-11-02T22:28:36Z,"I have come across a problem on my MU installation where my primary blog will automatically redirect to the home page when www is in the URL and a virtual subfolder is being called.
Ex. http://www.domain.com/virtual_subfolder/ would redirect to http://domain.com/.
This problem does not effect the domains that I added on with MU, only the primary site is effected. ",lelandmcfarland
Future Releases,21691,WPLANG not settable in multisite if there are no language files,,Multisite,,normal,normal,Awaiting Review,defect (bug),new,close,2012-08-26T11:16:24Z,2012-10-12T13:26:56Z,"I got a plugin running on a multisite and there is definitely something up with the translation.
I tracked the problem down to the WPLANG option in `http://localhost//wp-admin/options.php` being empty. I tried to update it, but it keeps reverting to blank. So down the line the issue with get_locale() looking for the WPLANG value in the site_options and then defaulting back to en_US because it's not picking it up from the wp-config.php defined WPLANG.
I'm assuming that the defined WPLANG in the wp-config.php does not apply in multisite instances. The plugin is only enabled on the separate blog instance, and I changed the translation in wp-config.php after the install if that has anything to do with it.
Simple filter to force the locale in the plugin for the moment:
{{{
function modify_locale(){
return 'de_DE';
}
add_filter('locale','modify_locale');
}}}
I hope someone can reproduce this issue.",foxinni
Future Releases,12043,Infinite redirect if using a port number,,Multisite,,normal,normal,Future Release,enhancement,new,close,2010-01-26T17:28:32Z,2012-02-06T10:53:23Z,"MU Trac Ticket: http://mu.trac.wordpress.org/ticket/189
While setting up my new blog I found that WordPress? MU continuously re-directed me to the same URL (occurs in the if statement on line 9 of wp-signup.php). This was being caused by wpmu-settings.php on line 10. The variable $domain has the port stripped from it, which causes line 84 to return no result when it queries the database.
WP MU is installed at http://some.host.address:8080/blogs on my machine. VHOST is false.
",wpmuguru
Future Releases,11884,mod_rewrite optimization,,Optimization,3.0,normal,normal,Awaiting Review,enhancement,reopened,close,2010-01-13T11:56:10Z,2011-03-21T11:34:41Z,"Slightly edited version of the one suggested in:
http://wordpress.org/extend/ideas/topic.php?id=3524
{{{
# BEGIN WordPress
RewriteEngine on
RewriteBase /
RewriteRule \.(gif|jpe?g|png|css|js|ico)$ - [NC,L]
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule . /index.php [L]
# END wordpress
}}}
",Denis-de-Bernardy
Future Releases,16794,pomo/streams.php str_split() suggestion ?,,Performance,3.1,normal,minor,Awaiting Review,enhancement,new,close,2011-03-07T23:44:02Z,2011-07-16T00:03:24Z,"Hi, just passing along an idea that was suggested to me: we have a log which crashes with this --
''Fatal error: Out of memory (allocated 23855104) (tried to allocate 9 bytes) in /var/www/html/wp-includes/pomo/streams.php on line 86''
If you look at that line:
http://core.trac.wordpress.org/browser/tags/3.1/wp-includes/pomo/streams.php#L86
you will see that it is a simple str_split(). How about if the $string argument is passed by reference ? The problem as it is explained to me is that right now the $string argument is passed by value, e.g. it is copied, so if this is a large string, it is going to take double space when it is used as an argument; instead if it is used as an argument passed by reference it will not take any extra space at all.
What do you think, would this help POMO_Reader::str_split() work with large strings ?",mrasnika
Future Releases,18594,Permalinks should be saved twice on post_type slug change,,Permalinks,3.2.1,normal,normal,Awaiting Review,defect (bug),new,close,2011-09-05T09:46:33Z,2012-02-10T11:40:58Z,"Hello,
In a plugin I allow my users to set the slug of a custom post type from a sttings page. I flush the rules on every load of that settings page (only that page)
When they change the slug, they have to save and then reload the settings page for the permlink to be correctly chnaged.... A single flush_rules call shouldn't be enought?",Gecka
Future Releases,22898,No validation of update_plugins site transient,,Plugins,2.3,normal,normal,Awaiting Review,defect (bug),new,close,2012-12-12T20:50:13Z,2012-12-15T05:55:34Z,"When retreiving available plugin updates, no checks are done on update_plugins site transient. Adding a filter on pre_set_site_transient_update_plugins means any developer can modify the update_plugins transient for a plugin to contain incorrect data.
The attached diff has code which is 'reactive', but performs the minimal checks.
This has been tested on trunk.",warrenholmes
Future Releases,22442,"Allow target=""_blank"" to plugins description from File Header",,Plugins,3.4.2,normal,minor,Awaiting Review,enhancement,new,close,2012-11-14T11:36:42Z,2012-11-15T10:02:30Z,"It is noticed that target=""_blank"" does not work in the plugins description on the Installed Plugins page. If a user clicks on a link then it opens in the same tab.
Attached is the patch which allows to add the target attribute to the a element in plugins description",themedios
Future Releases,18950,get_post_types() does not return post-types registered with verbose alternatives of the $public argument,,Post Types,3.2.1,normal,major,Awaiting Review,defect (bug),new,close,2011-10-14T16:50:26Z,2012-07-18T10:03:52Z,"The $public argument for the '''register_post_type()''' function is supposedly an alternative for setting the arguments for publicly_queriable, show_ui, show_in_nav_menus, and exclude_from_search; It's true that setting the public argument does cause these other values to be set, but if you then use '''get_post_types()''' to query for public post-types, WP does not recognize the equivalence between setting the public option or verbosely setting the others.
== To Reproduce: ==
Enter the following code into a plugin:
{{{
function testing() {
$args => array(
'publicly_queriable' => true,
'show_ui' => true,
'show_in_nav_menus' => true,
'exclude_from_search => false
);
register_post_type('my_custom_post_type', $args);
}
add_action('init', 'testing');
}}}
In a theme file (or somewhere after the init event):
{{{
$pts = get_post_types( array('public'=>true, '_builtin'=>false) );
print_r($pts); // <-- empty!
}}}
== Expected Result ==
I would expect the get_post_types() function to return the '''my_custom_post_type''' post-type because it is using the equivalent of the $public argument.
== Actual Result ==
No post-types are returned.
This represents a problem: other plugins that interact with post-types often rely on the $public argument when using the '''get_post_types()''' function, so any plugin that attempts to verbosely set component attributes will not be recognized. This effectively breaks the API and trainwrecks the interconnectedness of the post-types.
== See Also ==
See forum post: http://wordpress.org/support/topic/public-attribute-for-register_post_type?replies=5#post-2391689
WordPress 3.2.1
PHP 5.3.2",fireproofsocks
Future Releases,19412,Changeset 18995 can lead to Notice: Undefined index: wp_the_query,,Query,3.3,normal,normal,Awaiting Review,defect (bug),reopened,close,2011-12-02T09:53:01Z,2012-10-07T23:58:39Z,"In changeset r18995 there were two changes to query.php
The comment ""new does not require by reference"" applies to the first but not the second change.
Should the assignment by reference in wp_reset_query have been removed?
The reported problem is:
http://wordpress.org/support/topic/plugin-wordpress-seo-by-yoast-notice-undefined-index-wp_the_query?replies=2#post-2477593
I had the same problem and questioned the suggested fix.
What I don't understand is why there is no Notice: message for the original code.
Try running this code.
{{{
'set' );
print_r( $GLOBALS );
unset($GLOBALS['wp_query']);
$GLOBALS['wp_query'] = $GLOBALS['wp_the_query'];
print_r( $GLOBALS );
$GLOBALS['wp_query'] =& $GLOBALS['wp_the_query'];
print_r( $GLOBALS );
}
function good() {
print_r( __FUNCTION__ );
echo ""\n"";
$GLOBALS = array( 'wp_query' => 'set' );
print_r( $GLOBALS );
unset($GLOBALS['wp_query']);
$GLOBALS['wp_query'] =& $GLOBALS['wp_the_query'];
print_r( $GLOBALS );
$GLOBALS['wp_query'] = $GLOBALS['wp_the_query'];
print_r( $GLOBALS );
}
good();
bad();
}}}
",bobbingwide
Future Releases,16025,Page and custom taxonomy query var 404s,,Query,,normal,normal,Future Release,defect (bug),new,close,2010-12-29T16:18:22Z,2011-03-03T02:17:24Z,"Reported in IRC. Visit a page and append ""customtax=foo"", where customtax is some registered taxonomy.
3.0.3 => displays the page
3.1 => 404, since obviously no pages matched in the custom taxonomy
Here is associated code reporter used to register the custom taxonomy: http://pastebin.com/eqQbXVvh and they were visiting http://example/products/?surface=stone where products is a regular page (I ''assume'' from this they may be hoping to display only products with stone taxonomy, maybe with custom handling in a template to get it to work... again this is a guess.)
Seems like this is probably expected to me, but it is a change.",duck_
Future Releases,24142,Zero value for posts_per_page value in wp_query custom instance and for 'Blog pages show at most' option,,Query,,normal,normal,Awaiting Review,defect (bug),new,needs-docs,2013-04-20T09:04:16Z,2013-04-20T12:55:34Z,"To show no posts if the posts_per_page value is 0.
Currently for custom instances of wp_query, if the value is 0 then this is changed with the value from posts_per_page option from the database. ""get_options( 'posts_per_page' )""
For home page if we set value 0 on the settings page, in wp-admin/options-reading.php, after the saves are changed, this value is changed to 1.
I think for both cases if the posts per page value is 0 then no posts should not display.
",alexvorn2
Future Releases,16240,hide_empty doesn't work in get_terms() when hierarchical isn't set to false,markjaquith,Taxonomy,,high,major,Future Release,defect (bug),assigned,close,2011-01-15T06:06:05Z,2012-09-13T06:34:17Z,"I end up with some 0-count categories when calling {{{get_terms( 'category', array( 'hide_empty' => true ) )}}}
I think it has to do with the child count logic.",markjaquith
Future Releases,23966,Allow to use order_by in addition to orderby,,Taxonomy,3.5,normal,minor,Awaiting Review,enhancement,new,close,2013-04-06T19:36:45Z,2013-04-09T18:44:56Z,"http://codex.wordpress.org/Function_Reference/get_categories
The above link and the same for wp_list_categories suggests that you can order categories by count. In practice it seems to ignore the parameter. It doesn't seem to work with a few other parameters either -- the only things that seem to work are ID, name, and slug, but these might merely be incidental to the fact that I created my test categories in alphabetical order.",Denis-de-Bernardy
Future Releases,21078,"Image Captions are inserted without caption=""..."" inside the caption tag",,Template,3.4,normal,normal,Awaiting Review,defect (bug),new,close,2012-06-26T08:17:49Z,2012-06-27T01:38:46Z,"Since WordPress 3.4 captions are inserted this way:
{{{
[caption id=""attachment_123"" align=""aligncenter"" width=""550""]
![]()
My Caption[/caption]
}}}
This means themes cannot display them properly. Previous versions inserted the caption like this:
{{{
[caption id=""attachment_123"" align=""aligncenter"" width=""550"" caption=""My Caption""]
![]()
[/caption]
}}}
Here's a forum thread discussing the issue: http://wordpress.org/support/topic/caption-broken-in-new-34-posts",versluis
Future Releases,22992,get_the_author() not working outside the post query,,Template,3.5,normal,normal,Awaiting Review,defect (bug),new,close,2012-12-18T16:16:04Z,2012-12-18T19:55:33Z,"get_the_author() function return empty value if is used outside the :
have_posts() ( the_post() .. function...
the function should return the author name on the author page even if the function is not called inside the query...
",alexvorn2
Future Releases,22918,Allow to include ajax url javascript argument in the template header,,Template,3.5,normal,normal,Awaiting Review,enhancement,new,close,2012-12-13T15:04:36Z,2012-12-19T02:52:58Z,"in the admin-header.php we have a hardcoded javascript code for showing the ajax url in the header. I think this should be included in a function and enqueue when needed, allowing to include it in the template header too using only: wp_enqueue_script('load-ajax-url');
",alexvorn2
Future Releases,21891,Need ability to filter page templates,,Template,3.4.2,normal,normal,Awaiting Review,enhancement,new,close,2012-09-14T17:38:50Z,2013-01-13T18:33:14Z,"The old way of removing a parent theme's templates (as documented [http://wordpress.org/support/topic/removing-page-template-from-child-theme?replies=3 here], [http://wordpress.stackexchange.com/questions/54054/how-to-remove-a-parent-theme-template-from-quick-edit here], and [http://stackoverflow.com/questions/9411612/wordpress-hiding-or-removing-parent-themes-templates here]) broke with the big theme-handling rewrite in 3.4.
The primary use case of a new filter would be to allow a child theme to remove or rename a parent theme page template in the Dashboard. It's possible that part of the `get_page_templates()` function might have to be tweaked to allow for the scenario where one or more pages is using a template that no longer ""exists,"" but I'm not sure.
Hopefully this is as simple as adding `apply_filters( 'page_templates', $page_templates );` somewhere in [http://core.trac.wordpress.org/browser/trunk/wp-includes/class-wp-theme.php#L920 class-wp-theme.php].",mrwweb
Future Releases,21676,Pass a variable to get_template_part(),,Template,3.4.1,normal,normal,Awaiting Review,enhancement,new,close,2012-08-23T20:15:37Z,2013-04-03T13:05:31Z,"Having the ability to pass a variable into get_template_part would be invaluable, it would really clean up the issues with using globals and to further cement it's use rather than the alternative of a normal PHP include/require.
It would be the third variable passed into get_template_part, which I could pass it a string, array, object, or whatever I want really. Here's an example of passing all the current scope's variables:
{{{
}}}
and then catching them in my feed-twitter.php file:
{{{
if ( !empty( $_data ) && is_array( $_data ) )
extract( $_data, EXTR_SKIP );
}}}
I can pass other things in, but that's a really valuable example in my uses for this new variable.",sc0ttkclark
Future Releases,11890,allow get_the_content to accept post ID,williamsba1,Template,2.9.1,normal,normal,Future Release,enhancement,new,close,2010-01-13T22:58:06Z,2010-01-14T00:48:23Z,"The function get_the_content currently doesn't accept a post ID as a parameter. I'm suggesting adding this as a fourth parameter allowing this function to work like get_the_title does.
I'll supply a patch if this sounds like a good idea",williamsba1
Future Releases,12615,"Add ""first"" and ""last"" CSS-class-names to each Widget in sidebars (Frontend)",,Themes,,normal,normal,Future Release,defect (bug),assigned,close,2010-03-16T18:12:11Z,2011-07-04T10:23:10Z,"It would be nice if the first widget and the last widget in each sidebar would have a css-class that would make them identifyable as the first and the last widget.
Maybe something that is nice to have for 2010 as well. So I leave this open for others to decide on which version to put it.",hakre
Future Releases,19115,Attempting to upload a too-large theme gives a confusing error message,,Themes,3.2.1,normal,minor,Awaiting Review,defect (bug),new,close,2011-11-02T14:24:33Z,2011-12-13T15:30:07Z,"When uploading a theme through the theme uploader, if the theme is larger than the PHP file/memory limit, the Admin panel gives the message below (or some variant):
{{{
The uploaded file could not be moved to /public_html/wp-content/uploads/2011/11
}}}
Users will assume that this is a permissions problem, trying to CHMOD folders to fix it unsuccesfully, weakening security, when it is actually a file-size problem.
The correct error message should be:
{{{
""This file is too big. The maximum upload size for your server is xM.""
}}}
I have been able to replicate. ",ariehkovler
Future Releases,12563,New action on body open,joostdevalk,Themes,3.1,normal,normal,Future Release,enhancement,new,close,2010-03-09T08:33:46Z,2012-08-30T12:27:15Z,"More and more asynchronous javascripts need a part of their javascript printed right after the opening tag, the Google Analytics asynchronous tracking being my most obvious example. To allow for this themes should come with a new function in the same fashion as wp_head and wp_footer, to be called 'body_open'.",joostdevalk
Future Releases,22929,"The text for themes under ""Available Themes"" could use some structure",,Themes,3.5,normal,minor,Awaiting Review,enhancement,new,close,2012-12-14T00:09:18Z,2012-12-30T21:32:51Z,"The text for each theme under Available Themes seems to be just floating in space, adding a border around it might look cleaner.",wycks
Future Releases,19296,add/apend templates 'transparently' via plugin to currently active theme or child theme.,,Themes,,normal,normal,Awaiting Review,enhancement,new,close,2011-11-19T02:00:27Z,2013-01-13T17:35:39Z,"In building a custom 'theme plugin' for bbpress I was just made aware that it is impossible for a plugin to 'transparently' add/append template files to the currently active theme or child theme.
I'd like to request the enhancement where when a theme is looking for a custom template such as single-forum.php to search a plugin folder if it is not found in the child theme or parent theme.
I'm thinking of some type of action where my plugin can say 'add me' to the list of places you are looking for templates.
If my understanding is correct, when WordPress is looking for a template it starts in the child, then the parent theme but ends there.
Why?
If I have a user manually add all of the custom templates needed to their current theme, and they update their theme, they will loose all the templates they manually added.
This means I have no way of giving a user custom theme templates that won't be lost when upgrading, thus requiring them to manually add the templates back in every time they upgrade their theme.
What it really means for me is that there is no real path for me to create custom bbpress templates for users where I don't have to worry about them loosing them.
I can go the route that bbpress currently uses in this situation which is that bbpress uses the themes page.php template and replaces the_content(). The problem is I am stuck with whatever is included in the active themes page.php file.
*for instance twentyten has the title hardcoded in and the call to the sidebar, which I can't remove
I can't go the child theme route, because I have to assume that they are already using a child theme.
Another dev told me today that this issue came up about 2 years ago. I am praying that there was proof of concept code somewhere that I can try to utilize. Does anyone happen to know if concept code exists anywhere?",anointed
Future Releases,20076,add_editor_style() should support plugins as well,,TinyMCE,,normal,normal,Awaiting Review,enhancement,reopened,close,2012-02-19T15:16:34Z,2012-06-17T16:24:46Z,"Although plugins can use the ""mce_css"" filter to add stylesheets for TinyMCE, from an API standpoint this function is a bit misleading / counterintuitive. Why shouldn't plugins be allowed to use one and the same function call to load stylesheets? I know this was probably implemented for use in twentyten, but maybe it's time to expand it.",ericlewis
Future Releases,23343,tinymce supports sevaral spellchecker but there is no option to configure it in wordpress,,TinyMCE,,normal,normal,Awaiting Review,enhancement,new,close,2013-01-31T14:15:25Z,2013-02-01T11:38:45Z,"tinymce configuration is in wp-includes\js\tinymce\plugins\spellchecker\config.php, at seems to support pspell, pspellshell, google spellchecker and rpc.
Will be nice if it will be possible to configure it. A use case is create a network installation for a company which want to have its own vocabulary shared among all its writers.",mark-k
Future Releases,20069,Wordpress upgrade process removed executable bits on .php files and so broke Wordpress,,Upgrade/Install,3.3.1,normal,major,Awaiting Review,defect (bug),new,close,2012-02-18T12:55:48Z,2012-02-20T13:05:11Z,"I just upgraded from 3.2 to 3.3.1 on my shared hosting box (hosted by http://www.mythic-beasts.com). This uses suexec, and so .php scripts need to have executable permissions otherwise it won't execute them. I am told that many secure multi-user setups work like this.
My original install had the PHP scripts set as executable, but I did the upgrade (via the web GUI) and suddenly I got 500 Server Errors everywhere. I had to chmod all .php files back to executable before my blog would work again.
Wordpress should check the permissions on .php files before upgrading and preserve them across the upgrade.
Gerv",gerv
Future Releases,22311,"Cannot login when my loginname contains an ""|"" character",,Users,,normal,normal,Awaiting Review,defect (bug),new,close,2012-10-30T13:06:13Z,2012-10-31T01:09:24Z,"Hello,
Cannot login when my loginname contains an ""|"" character, for example:
Sent|el
or
P|ng|n
Can you fix his ? Other systems like phpBB3 have no problems with such usernames !
",radek2212
Future Releases,18771,Reset Password link generation,,Users,3.2.1,normal,normal,Awaiting Review,defect (bug),new,close,2011-09-25T16:30:42Z,2011-10-02T16:20:23Z,"I have been having problems with the login following a reset password.
A user click the ""forgotten password"" link and then after receiving the email clicks the link in the email to reset their password submits their new password gets a message that says ""You have successfully reset your passoword. Log in"" The link for login is not being generated correctly which is causing them to get a ""Invalid Key"" error.
Here is what I have dont to temporarily resolve the issue:
in wp-login.php I modified the following lines of code:
changed Line 207:
{{{
if ( empty($key) ) {
}}}
to this:
{{{
if ( empty($key) || preg_match('/[^a-z0-9]/i',$key) != 0) {
}}}
Removing special characters from the key that gets emailed to the users when they click the ""forgotten password"" link on the login page.
Commented out Line 444:
{{{
login_header(__('Password Reset'), '
' . __('Your password has been reset.') . ' ' . __('Log in') . '
'); }}} then slightly modified it removing the login link from the message {{{ login_header(__('Password Reset'), '' . __('Your password has been reset.') . '
'); }}} This change forces the user to return to the homepage before logging in again and then they dont get the ""invalid key"" error. It would be nice if there were a more permenant fix for this issue that wouldn't get lost when we update the next time.",binaryweb Future Releases,9170,"""jQuerify"" adding a new user...",,Users,,normal,normal,Future Release,enhancement,new,close,2009-02-18T23:11:58Z,2011-02-12T04:43:57Z,"After adding a new user it's confusing that only that user is displayed in the table. It always takes me a couple seconds before I realize that it's just showing the new user. It seems it would be more efficient to show all of the users and just have the new row highlighted with jQuery. (I can code this if needed.)",aaron_guitar Future Releases,24193,Anti brute force protection,,Users,3.5.1,normal,normal,Awaiting Review,enhancement,new,close,2013-04-25T18:07:41Z,2013-04-25T21:46:00Z,"To protect against hacking should be added to the login form protection from brute force. Now the password can enter an unlimited number of times. It is necessary to limit the number of login attempts. For example, some variants: 1) Captcha after three unsuccessful attempts 2) Temporary inability to login after three unsuccessful attempts 3) something else ",MAzZY Future Releases,18399,Password Strength Meter should usually mark passwords that contain password as weak,,Users,,normal,normal,Awaiting Review,enhancement,new,close,2011-08-13T23:41:11Z,2012-08-15T23:22:51Z,"Password (in human and l337 form) is a horrible password. Unless a password is really long, we should mark passwords that contain 'password' as weak. Test Case : password123 returns Strong",jorbin Future Releases,22114,Propagating password on change,,Users,3.4.2,normal,normal,Awaiting Review,feature request,new,close,2012-10-06T08:30:47Z,2012-10-08T04:54:45Z,"After creating an account or changing profile information, it is possible to intercept the changed data in a hook. However, this is not possible for the cleartext psasword, and this is a useful feature especially when propagating a password change over different accounts spanning across different systems (in contexts such as updating the password for phpBB, Prestashop, or any PAM thingie when the WordPress password is changed). Since this feature is by no means possible to implement without core hacks, I am submitting a patch to include this feature in the WP core. This patch proves useful if we are to integrate other software bricks without having to implement SSO using WordPress' architecture. In my context, I need to be able to log-in through WordPress or directly through the business specific back-end. Proposed patch is attached.",ChloeD Future Releases,13919,$pagenow / vars.php refactoring / Move $pagenow generation into it's own function,,Warnings/Notices,3.0,normal,normal,Future Release,defect (bug),new,close,2010-06-16T14:03:48Z,2011-03-23T19:35:07Z,"In {{{wp-include/vars.php}}} an unset variable is passed by referecence to {{{preg_match()}}} in mutliple places. The same code-fragment where that problem is located does poisen the globale variable table with temporary variables as well. To prevent these problems, the variable needs to be set prior to be passed to preg_match and the code fragment needs to be refactored in it's own function. This might be helpful a bit as well when we start to free the codebase from hardencoded {{{/wp-admin/}}} admin directory definitions.",hakre Future Releases,19706,NOTICE: wp-admin/includes/post.php:834 - Illegal member variable name,,Warnings/Notices,3.3,low,normal,Awaiting Review,defect (bug),new,close,2012-01-01T00:30:43Z,2012-04-30T15:32:28Z,"Received this notice: {{{NOTICE: wp-admin/includes/post.php:834 - Illegal member variable name}}} Traced it to this in {{{wp_count_posts()}}}: {{{ $count = $wpdb->get_results( $wpdb->prepare( $query, $type ), ARRAY_A ); $stats = array(); foreach ( get_post_stati() as $state ) $stats[$state] = 0; foreach ( (array) $count as $row ) $stats[$row['post_status']] = $row['num_posts']; $stats = (object) $stats; }}} Apparently I have a post with a post status of a blank string. So that gets set to an array key, and then is cast to an object. WP doesn't like that. Proposed: {{{ foreach ( (array) $count as $row ) { if ( !empty( $row['post_status'] ) ) $stats[$row['post_status']] = $row['num_posts']; } }}} Just discard empty post_status rows.",markjaquith Future Releases,23767,remove_menu_page: Check for existing menu items,,Warnings/Notices,3.5,normal,normal,Awaiting Review,enhancement,new,close,2013-03-14T13:32:47Z,2013-03-16T17:56:37Z,"This error appears in my error log: ''PHP Warning: Invalid argument supplied for foreach() in /www/htdocs/wp-admin/includes/plugin.php on line 1290'' The if-empty patch is attached. ",sergej.mueller Future Releases,10699,Password Expose Bug in XML-RPC Debugging,ryan,XML-RPC,,normal,normal,Future Release,defect (bug),new,close,2009-08-29T01:46:43Z,2012-09-17T06:20:27Z,"Though this may not effect many users, I was testing something through xmlrpc with logging enabled and came across something that might create a security problem. If xmlrpc logging is enabled WP logs the password from the request struct in an unencrypted format. Now I understand that not many will open up xmlrpc logging on production blogs, could it be possible that WP just strikes out the password before logging it to the file as it is always the third param so easy to do that, this is because people who might have xmlrpc logging enabled may not change the default log filename and location so anyone can simply run a robot to check for http://blogurl.com/xmlrpc.log and farm passwords (now this may not affect blogs that have WP installed in root since it writes to ../xmlrpc.log, so essentially outside the www access dir, but blogs with WP installed in sub directories will be affected). Don't know how critical this is as users have to manually edit the file to enable xmlrpc logging so it might be a non critical bug.",keithdsouza Future Releases,3052,pingback_ping() function displays wrong content in pingback-display in some occurances,josephscott,XML-RPC,2.0.4,normal,normal,Future Release,defect (bug),reviewing,close,2006-08-19T13:41:52Z,2010-04-30T02:29:11Z,"If the blog uses a template where the post-meta-data like the trackback-link and such is wrapped in a ""div"" tag but not in a ""p"" tag, the pingback will incorrectly display the content surrounding the meta-data-links, not the content of the pinging post. if there is a ""related posts"" navigation on the page (possible with the [http://www.neato.co.nz/ultimate-tag-warrior/ ultimate-tag-warrior] plugin), or any other links inside the page that link to other posts from the same blog (even the ''next post'', ''previous post'' links), pingbacks will display the content around the first of these links, not the contents around the ""pinging"" link inside the post. '''Possible fix:''' on line 1192 in xmlrpc.php: {{{$linea = preg_replace( “/ < (h1|h2|h3|h4|h5|h6|p|th|td|li|dt|dd|pre|caption|input|textarea|button|body)[^>]*>/”, “\n\n”, $linea );}}} the ""div"" tag is not recognized. changing that to: {{{$linea = preg_replace( “/ < (h1|h2|h3|h4|h5|h6|p|th|td|li|dt|dd|pre|caption|input|textarea|button|body|div)[^>]*>/”, “\n\n”, $linea );}}} fixed the problems for my blog. Frankly I'm not that ""deep"" into regular expressions to fully understand what's going on inside the pingback_ping() function - but after inserting ""div"" to the line above my pingbacks display the correct excerpt of the pinging post, which they failed to do before. ",webrocker Future Releases,11303,XMLRPC (and APP) APIs should expose all Post/Page/Comment management functionality,westi,XML-RPC,2.9,normal,normal,Future Release,task (blessed),assigned,close,2009-12-01T22:26:01Z,2010-09-23T20:34:55Z,"In #11243 we hid the trash status from {{{wp.getPages()}}} we also hide it for pages (and comments I guess). Really these apis should be fully featured to allow clients to support the new things the api does. We should revert the change made for trash for 2.9 and promote the fact that clients should be graceful when using these apis so as to cope when we introduce new features. We also need to review the need for extra apis to allow trashing/untrashing of posts/pages/comments etc.",westi