ticket summary owner component _version priority severity milestone type _status workflow _created modified _description _reporter
19455 "The ""magic_quotes_sybase"" Problem" 夏天 General 3.2.1 normal normal Awaiting Review defect (bug) new has-patch 2011-12-06T10:13:21Z 2011-12-22T19:47:01Z "
Post A Post, titled (in the double quote) : `""Charlie's little cat""`
It will become (in the double quote) : `""Charlie''s little cat""`
Notice that, single quote become double quotes!!
YES , My 'magic_quotes_gpc' and 'magic_quotes_sybase' are enabled!
Here is The PHP.NET links: http://php.net/manual/en/security.magicquotes.disabling.php" summerblue
17959 WP-Tab css WraithKenny Administration 3.2 normal minor Awaiting Review defect (bug) reopened has-patch 2011-07-01T17:03:44Z 2013-01-21T23:20:35Z "The classes wp-tab-panel, wp-tab-bar, and wp-tab-active should adjust to side tabs in the post column (to match the behavior of categories for example)
Also, there are several unneeded duplicate css classes that can be cleaned up." WraithKenny
12756 WPMU does not handle files with two or more dots in the filename wpmuguru Upload 2.9.2 normal minor Future Release defect (bug) reopened has-patch 2010-03-29T07:23:50Z 2012-11-03T22:59:51Z "* WPMU does download images that have two or more dots in the file name
> E.g., One..jpg One...jpg One....jpg
rewrites do work (checked)
* this is clearly a WP issue:
> /wp-content/blogs.php
...
$file = BLOGUPLOADDIR . str_replace( '..', '', $_GET[ 'file' ] );
if ( !is_file( $file ) ) {
status_header( 404 );
die('404 — File not found.');
}
...
> WPMU removes two dots!!!
> workaround:
$file = BLOGUPLOADDIR . $_GET[ 'file' ]; // name.ly: workaround for files with two or more dots
tested and works fine
" Namely
17948 Enhancements to the login and registration forms wpdavis Multisite 3.2 normal normal Awaiting Review enhancement new 2011-06-30T16:25:01Z 2013-01-14T19:27:28Z "I would like to propose a significant overhaul of the registration and login forms for 3.2, which I'd be happy to take on. A few things that I think would be helpful:
Combine registration processes for multisite and single-user into one form on one page.
Allow the registration and login to be templatized — no reason this should be for MS only.
Standardize filters, actions and variables between MS and single-user when at all possible.
A few related tickets:
#17904
#17306
#17085
#16866
#16411
#17630" wpdavis
4010 Add Image Importing to the Blogger Importer Workshopshed Import normal normal WordPress.org enhancement reopened 2007-03-21T20:21:28Z 2013-04-09T15:59:14Z The new blogger importer currently does a great job of bringing the blog over to WP, but it leaves the images associated with the blog on blogger.com and/or blogspot.com. This violates blogger's TOS and risks having the user's image links blocked by blogger. This change will move those images (using the WP image upload facility, of course) to the user's blog and fix the links as the import is done. clwill
14195 $paged is not set when a Static Page is set as the Front Page wonderboymusic* Query 3.0 normal normal Future Release defect (bug) accepted has-patch 2010-07-04T15:12:10Z 2012-10-31T23:38:33Z "If a static page is set as the front page of your WordPress site, and you request paginated content from the page via its URL (with permalinks enabled or disabled, doesn't matter), the $paged variable is not set.
This causes custom pages (those ones displaying posts), to always go to Page 1, even if you click other pages. ( This is happening because $paged is set to null, and if it's set to null, it always goes to page 1).
Also, get_query_var('paged'), also returns null, when it should return page 2 (if you clicked on page 2 for example).
After inspecting $wp_query, I noticed that the correct paginated value is stored on
{{{
$wp_query->query['paged']
}}}
So, I have to do the following on all my themes on header.php, so the pagination doesn't break:
{{{
global $wp_query, $paged;
$paged = $wp_query->query['paged'];
}}}
This sets $paged again,with the correct value from $wp_query and fixes the bug. Since $paged is null whenever a custom page is selected as your homepage.
This fix works with permalinks enabled or disabled." der
19744 Custom post types doesn't receive pingbacks - url_to_postid() doesn't recognize CPT wonderboymusic* Query 3.3.1 normal normal 3.6 defect (bug) accepted has-patch 2012-01-05T00:22:45Z 2013-05-12T02:45:25Z "It seams like custom post type doesn't receive pingbacks. The XML-RPC server doesn't recognize the URL. The url_to_postid() function in rewrite.php finds a match, but the query is all wrong.
Example, if I set up custom post type with no ""rewrite"" in the arguments.
The URL to a custom post type would be: mydomain.com/custom_post_type_name/post-slug/
The function url_to_postid() finds a match on:
{{{
custom_post_type_name/([^/]+)(/[0-9]+)?/?$
}}}
The query is:
{{{
custom_post_type_name=$matches[1]&page=$matches[2]
}}}
But the query string (after WP_MatchesMapRegexp::apply()) looks like this:
{{{
custom_post_type_name=post-slug&page=
}}}
And the array that is sent into WP_Query looks like this:
{{{
Array
(
[tips_and_trix] => finns-sjukt-manga-tips-har
[page] =>
)
}}}
Which makes url_to_postid() return 0; And XML-RCP server returns IXR_Error(33, ...)" feedmeastraycat
23033 Decimal and numeric options in meta_query do not produce correct MYSQL for floating point numbers comparisons wonderboymusic* Query normal normal 3.6 defect (bug) accepted dev-feedback 2012-12-21T05:02:10Z 2013-02-08T17:08:47Z If you have a custom post type (shoes) that has floating point numbers (shoe size) as post meta, querying against this post meta with a specific decimal value ( >10.5 ) does not work properly because of the way the values are cast out of the database, and will produce surprising results. ericlewis
22096 IN meta_query with empty array as meta_value results in invalid database query wonderboymusic* Query 3.1.3 normal normal 3.6 defect (bug) accepted has-patch 2012-10-04T13:56:54Z 2013-04-29T09:06:36Z "If you do an {{{IN}}} meta_query and pass in an empty array to the {{{value}}}, the {{{INNER JOIN}}} clause for the postmeta table isn't added, which results in an invalid query:
{{{
new WP_Query( array(
'meta_query' => array( array( 'key' => 'abc', 'value' => array(), 'compare' => 'IN' ) )
) );
}}}
This results in an error like so:
{{{
WordPress database error: [Unknown column 'wp_postmeta.meta_key' in 'where clause']
SELECT SQL_CALC_FOUND_ROWS wp_posts.ID FROM wp_posts WHERE 1=1 AND wp_posts.post_type = 'post' AND (wp_posts.post_status = 'publish' OR wp_posts.post_status = 'private') AND (wp_postmeta.meta_key = 'abc' ) GROUP BY wp_posts.ID ORDER BY wp_posts.post_date DESC LIMIT 0, 5
}}}" batmoo
21394 query.php: get_queried_object() result cannot be assumed to be non-NULL wonderboymusic* Warnings/Notices 3.3.2 normal normal 3.6 defect (bug) accepted has-patch 2012-07-26T21:37:03Z 2013-01-31T22:41:51Z "I'm dealing with a WPMUdev plugin called MarketPress. Its /store/products/ page is a special CPT catalog thing that seems to have wp_title() issues, so I dug into it.
Turns out that:
is_front_page() -> is_page() -> $page_obj = $this->get_queried_object() -> $page_obj == NULL
But is_page() (and other is_...()) go harrassing $page_obj assuming there's always something useful there. This creates a flood of ""non-object access"" notices.
I would expect something like this to make sense in these is_...() functions:
{{{
if (!is_null($page_obj)) return false;
}}}
Since WP_Query::get_queried_object() first sets its result as null and returning a value is actually conditional, I don't see a way around these checks. Enlighten me please if I'm wrong.
I've looked at #19035, #18614, #17662. All of them are situations where there's at least something there in $page_obj. None of them seem to discuss or patch NULL values.
I discovered this on 3.3.2, but todays trunk [source:trunk/wp-includes/query.php@21248#L3340] has the same code." lkraav
11890 allow get_the_content to accept post ID williamsba1 Template 2.9.1 normal normal Future Release enhancement new close 2010-01-13T22:58:06Z 2010-01-14T00:48:23Z "The function get_the_content currently doesn't accept a post ID as a parameter. I'm suggesting adding this as a fourth parameter allowing this function to work like get_the_title does.
I'll supply a patch if this sounds like a good idea" williamsba1
13005 Add plugin hook for ajax-tag-search westi* Administration normal normal Future Release enhancement accepted has-patch 2010-04-14T20:21:50Z 2013-05-10T12:44:02Z I would like to have a new plugin action hook added in the ajax-tag-search section of wp-admin/admin-ajax.php jimmcq
4337 Blog by Email: No content is assumed westi* Blog by Email 2.2 high major Future Release defect (bug) accepted 2007-05-25T18:59:09Z 2013-02-05T03:14:40Z "It seems, the Blog by Email functions is broken in WP 2.2.
Mails are recognized, but only the title/subject is assumed - no content. Content is empty :(
No matter if text email or html email.
{{{
Author = bla@example.org
Content-type: text/plain, Content-Transfer-Encoding: 8bit, boundary:
Raw content:
Author: 1
Posted title: Test
Posted content:
Mission complete, message 1 deleted.
}}}
" jottlieb
5915 Same problem as in #252: apop broken if zero occurs in banner in 2.3.3 class-pop3.php westi* Blog by Email 2.3.3 normal normal Future Release defect (bug) accepted has-patch 2008-02-19T05:21:02Z 2009-10-11T21:08:22Z "While extracting the banner (function parse_banner) in preparation for apop, the empty method is called on $digit which when zero returns false and hence doesn't get put into the resultant $banner.
Example parse_banner reply with <14649.123343777@code-werk.net> but the string was ""+OK ready <14649.1203343777@code-werk.net>""
or another example
""+OK ready <14649.1203343777@code-werk.net>"" and $pop3->parse_banner give back <14419.12334323@code-werk.net>
then a md5($AuthString) must fail, because the 0 is significant by apop.
I put a workaround at http://www.babsi.de/silentapop/, that does it for me, but this touch also wp-main.php
" ASonno
5252 base64-encoded post-by-email post garbled. westi* Blog by Email 2.3 normal normal Future Release defect (bug) accepted 2007-10-24T08:58:20Z 2009-10-11T21:07:58Z "When posting-by-email, my cellphone submits code using ""content-transfer-encoding: base64"". The message appears (output from wp-mail.php) like so:
Author = [my email]
The provided patch detects base64-encoded content transfers and base64_decodes them. For some reason (I'm no utf8-expert) the TITLE of the post has ""=?utf-8?B?"" prepended to the actual base64 content (see above), which means a check for this string + a cropping is needed or base64_decode will not decode the post title properly." kallewoof
10543 Incorrect (non-UTF-8) character handling in tag's name and slug westi* Charset 2.8.2 normal normal Future Release defect (bug) accepted needs-unit-tests 2009-08-04T05:26:11Z 2010-11-13T01:15:40Z "Incorrect (non-UTF-8) character tag's name and slug are handled in different way: name is truncated on 1st such character, and in slug they are just removed (no truncation). WP should handle both in the same way - drop invalid characters, instead of truncation.
I found this issue recently. One of the Polish programs for adding posts to the Wordpresses does not encode tags in UTF-8 - it left them in ISO-8859-2. I notified author of this bug. Unfortunately there are many copies around, so it may take a long time before everyone upgrade." sirzooro
18792 Wrong FROM email when using wp_mail and built in mail() function westi* External Libraries 3.2.1 normal normal Awaiting Review defect (bug) accepted has-patch 2011-09-27T16:35:28Z 2012-05-04T14:43:56Z "When using wp_mail in combination with mail() function, then From: envelope passed through -f parameter to sendmail is not set correctly.
Here is simple patch, that fixes the problem:
{{{
--- pluggable.php 2011-09-26 20:54:02.219330702 +0200
+++ pluggable.fixed.php 2011-09-27 18:19:21.283454810 +0200
@@ -394,8 +394,7 @@
}
// Plugin authors can override the potentially troublesome default
- $phpmailer->From = apply_filters( 'wp_mail_from' , $from_email );
- $phpmailer->FromName = apply_filters( 'wp_mail_from_name', $from_name );
+ $phpmailer->SetFrom(apply_filters('wp_mail_from', $from_email),apply_filters('wp_mail_from_name', $from_name));
// Set destination addresses
if ( !is_array( $to ) )
}}}
" pigster
17767 Anonymous comments can break comments RSS feed westi* Feeds 3.2 normal normal 3.6 defect (bug) accepted has-patch 2011-06-11T11:30:34Z 2013-01-13T23:54:50Z "dc:creator and description elements should not be parsed.
Author field that can break RSS:
{{{
Аз се казвам Веселин Николов, това е едно много дълго име
}}}
Comment text that can break RSS:
{{{
–
}}}
(and most of the $allowedentitynames)" dzver
16859 esc_url eats square brackets. westi* Formatting 3.1 normal minor Awaiting Review defect (bug) accepted dev-feedback 2011-03-15T17:28:32Z 2013-02-19T12:30:30Z "When adding a link to the blogroll (using wp-admin/link-add.php), square brackets in the link are removed, breaking the link.
Example:
{{{
http://lokale-wochenzeitungen.de/index.php?id=485&tx_ttnews[pointer]=6&tx_ttnews[tt_news]=132583&tx_ttnews[backPid]=741&cHash=ee9c87874b
}}}
becomes
{{{
http://lokale-wochenzeitungen.de/index.php?id=485&tx_ttnewspointer=6&tx_ttnewstt_news=132583&tx_ttnewsbackPid=741&cHash=ee9c87874b
}}}
Workaround: Use URL-encoded links (%5B and %5D instead of [ and ]).
This also affects urls which are made clickable by {{{make_clickable}}" f00f
11465 custom field duplicated westi* General 2.8.4 normal minor Future Release defect (bug) accepted 2009-12-16T21:09:23Z 2012-04-02T21:14:22Z "When I enter the information for a custom field and click on Preview without first clicking Add Custom Field, the custom field is saved. But then when I click Publish, it is saved again, appearing in the post twice.
If I click Add Custom Field before Preview, subsequent Publish does not duplicate the custom field. But it is very convenient and efficient to be able to avoid a separate save of the custom field.
" ericr23
14853 WP_Scripts::do_item filter westi* General 3.1 normal normal Future Release enhancement accepted has-patch 2010-09-12T04:35:59Z 2011-07-28T12:51:43Z "There should be actions that fire after a script is printed. This would enabled this best-practices usage scenario (from http://github.com/paulirish/html5-boilerplate/blob/master/index.html ):
{{{
}}}
The before action isn't covered by that use-case, but if we're going to have an after action, we might as well have a before one.
I've attached a patch that would allow for this. Dead simple." mattwiebe
8877 dotclear import don't set the post category westi* Import low normal WordPress.org defect (bug) accepted 2009-01-17T22:05:20Z 2012-05-24T22:32:57Z "when importing from dotclear, all the posts are set only to the default category.
i think the problem is due to the fact that wp_set_post_categories do nothing if we pass it only one category (don't know why...)
( in /wp-admin/import/dotclear.php, line 479 )
{{{
// Make Post-to-Category associations
$cats = array();
$category1 = get_category_by_slug($post_cat_name);
$category1 = $category1->term_id;
}}}
should be
{{{
// Make Post-to-Category associations
$cats = array(get_option('default_category'));
$category1 = get_category_by_slug($post_cat_name);
$category1 = $category1->term_id;
}}}
" olivM
7644 Import Movable Type data using AtomPub. westi* Import normal normal WordPress.org enhancement accepted close 2008-08-29T20:33:52Z 2011-09-15T17:17:13Z This is a split ticket from #7543. This includes the latest Movable Type portion of the code. cavemonkey50
7543 Import TypePad data using AtomPub. westi* Import normal normal WordPress.org enhancement accepted needs-review 2008-08-19T02:44:26Z 2011-09-15T17:17:11Z "First off, I want to mention that TypePad updated their AtomPub server a few days ago, and their server does not seem to be sending comments. With a little luck, my current code should work fine once that server starts functioning again, but for the time being I would highly recommend not committing this into core.
Instead, I'm hoping people can look over the code and offer suggestions for improvement, test results, etc. While the Summer of Code is officially over today, I will be working on this until the job is done.
Alright, now to what this is. As some of you may know, I've been working on an Atom Publishing Protocol ([http://www.rfc-editor.org/rfc/rfc5023.txt RFC 5023]) based importer this summer for the Google Summer of Code. The diff attached is the latest version of my work.
The advantages of using the Atom Publishing Protocol are as follows:
* Nothing has to be done in the old blogging software to prepare for import (no export files, etc). Users just enter their blog URL, username, and password and the importer grabs all of the data using AtomPub.
* More data is imported compared to the old importers, especially with TypePad. Post slugs, comments, trackbacks, tags, categories, excerpts, etc are all imported. Everything used for posts in MT/TypePad is imported using AtomPub.
* The Atom Publishing Protocol is an established standard. With the exceptions of tag additions (which don't necessarily need updates), the importer should not have to be changed and should continue working well into the future.
I should mention there is one drawback to using the Atom Publishing Protocol. For the time being, it appears pages can not be retrieved using AtomPub. They were retrievable a few weeks ago, and I'm currently talking with Six Apart to see what happened.
I would greatly appreciate any and all feedback. Let me know your suggestions, and I'll be happy to incorporate them." cavemonkey50
9927 deprecate category_description() in favor of get_category_description() westi* Inline Docs 2.8 normal minor Future Release enhancement accepted has-patch 2009-05-24T14:30:03Z 2010-10-28T10:35:19Z ramiy
14730 ms-files.php required ob_clean() and flush() westi* Multisite normal normal Future Release defect (bug) accepted has-patch 2010-08-30T04:53:20Z 2013-02-05T16:17:29Z "I recently migrated a development wp 3 multisite install to 'live' mode for a site launch. One problem I had is that images served out of /files stopped working. Everything looked fine as far as the response / headers, but the image would open up as corrupted.
After quite a bit of troubleshooting, the problem went away when I added ob_clean() and flush() calls to ms-files.php just before the readfile($file) call at the end of the file. Perhaps this is due to a problem elsewhere in my site, but I'm creating this bug so someone can decide if adding the buffer flush would be a reasonable addition to the codebase. It seems like this is the recommended way of doing things according to the sample code here:
http://us2.php.net/manual/en/function.readfile.php" pj_mfc
14424 Eliminate dynamic function definitions, ie create_function westi* Optimization 3.0 normal normal Future Release enhancement accepted has-patch 2010-07-26T23:05:09Z 2011-09-29T17:20:35Z "create_function() calls are essentially a form of eval() where the body of the functions is defined at runtime rather than compile time. This patch removes all but one of the calls within the translation code.
There are a few reasons for doing this, one is apc can't cache the results of the function definition and secondly HipHop doesn't support complex create_function definitions.
Most of the references were array_filter / array_map and replaced with a simple foreach.
Others were sorting and a callback function was added." ScottMac
10249 Page slug in cyrillic = Error 404 - Not Found! westi* Permalinks 2.7 normal major Future Release defect (bug) accepted needs-unit-tests 2009-06-23T19:44:34Z 2012-04-27T19:04:18Z "When I create a page with page slug for example ""киро""
then when I try to open domain/киро - Error 404 - Not Found
The permalinks are %postname%
Post slug with this slug is working just fine, the same BUG exists in 2.7, 2.7.1 and 2.8" kalifi
11903 insert_with_markers is not threadsafe westi* Permalinks 2.9 normal major Future Release defect (bug) accepted 2010-01-15T06:27:45Z 2013-02-07T21:53:27Z "From wp-admin/includes/misc.php the function insert_with_markers may be called multiple times on a busy server and if the htaccess is already in the process of being written it is possible that two PHP threads could attempt to write to it causing corruption such as the following:
{{{
# BEGIN WordPress
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# END WordPress
s
}}}
Notice the dangling 's' at the last line" strings28
10551 wp_die() triggers block when using ModSecurity Core Rules westi* Security 2.8.3 low normal Future Release defect (bug) accepted dev-feedback 2009-08-05T19:47:28Z 2011-03-22T09:51:47Z "wp_die() causes ModSecurity (using Core Rules), a commonly used Apache plugin, to throw a 406 error, blocking the message from displaying.
This seems to be triggered by the fact that a 500 error is thrown. I went and changed the default status code to 401 (Unauthorized) and it worked like a charm. I just wonder if there is a better fix for this issue... or simply a better status code to use.
Perhaps making a group of functions to make the error codes more focused.
Example:
{{{
wp_die_auth( __('You do not have sufficient permissions to access this page.') );
/**
* Exits WordPress with Unauthorized status code.
*
* @see wp_die()
*/
function wp_die_auth($message, $title = '') {
wp_die( $message, $title, 401 );
}
}}}" cstrosser
21737 Users should have to jump through hoops to set passwords of their choosing, and we should guard better against weak passwords westi* Security normal normal Awaiting Review feature request accepted 2012-08-30T04:07:17Z 2013-04-18T02:44:43Z "People are terrible at choosing secure, unique, complex, unguessable passwords. Unless someone is using a password storage system, the chances are good that the passwords they're choosing are really weak.
We can mitigate this problem.
1. Let's make the default to always be that WordPress picks a password for you. When installing WordPress, or when creating a new user account, or when changing your password on your profile. The default should be that we generate a secure password for the user. They can remember it, write it down (not ideal, but generally more secure than choosing a weak password), or copy and use it once, check the ""remember me"" box, and not worry about it until their cookie expires on that computer.
2. If they do opt to manually create a password, we need to do better than our current password strength meter. And the lowest level should actually nag them with an AYS before they proceed. I suggest the following, to start, which would trigger the lowest level, and cause them to have to dismiss a warning (or check a checkbox... UI TBD) before continuing:
* compare the strtolower'd version of their password to strtolower'd versions of all their info (username, first/last name, part of e-mail address before the @, etc).
* any password that is shorter than 8 characters
* a blacklist of popular passwords (these lists are available... even grabbing the top 100 would give use good coverage)
* 3 or more consecutive digits (""123456"" and company are very popular)
* anything that looks like a date" markjaquith
20635 _pad_term_count get's stuck if there is a loop in the hierarchy westi* Taxonomy normal normal Future Release defect (bug) accepted has-patch 2012-05-08T10:31:37Z 2012-12-06T22:51:42Z "Ideally it should be impossible for a loop in a taxonomy hierarchy to exist.
But sometimes they do.
If one does exist then {{{_pad_term_counts()}}} gets stuck :(
When one of these does exist the category widget breaks the front page of your site.
We currently hook {{{wp_check_term_hierarchy_for_loops}}} on {{{wp_update_term_parent}}} and I wonder if there are other places we should be doing this check too." westi
5172 Adding classes to wp_generate_tag_cloud westi* Template normal normal Future Release enhancement accepted dev-feedback 2007-10-09T17:09:14Z 2011-04-30T08:50:18Z "The attached patch changes 2 things on the [source:/trunk/wp-includes/category-template.php#L330 wp_generate_tag_cloud] function.
1) The current code uses single quotes instead of double quotes, I believe the standard is to use double quotes. I've converted single quotes to double quotes.
2) I've rounded the tag size to a whole number (no decimal places).
3) I've added a class ""tag-cloud-item-X"" where X is the number in the list and a second class ""tag-cloud-size-X"" where X is the size of the tag. . This will allow theme designers to apply different styles to tags. For example changing the colour from cold to hot depending on order or size." chmac
8050 is_child() westi* Template normal normal Future Release enhancement accepted has-patch 2008-11-03T18:58:48Z 2011-10-08T00:11:04Z "Is there any reason why there is no native is_child(direct,in_tree) function for hierarchical structures in WP (like pages, categories, custom hierarchical taxonomies)? There's a (partly) working plugin available at
http://2pt3.com/post/wordpress-plugins/
but I think this amounts to a core functionality, particularly for people using WP as a hierarchical CMS." youngmicroserf
15086 get_template_part() should let you specify a directory westi* Themes 3.0 normal normal Future Release enhancement accepted needs-unit-tests 2010-10-10T21:36:45Z 2013-02-07T21:51:35Z "IT would be nice for `get_template_part()` to allow you to specify a directory to look for a file in. Right now you actually *can* do this, but it requires passing a 'slug' to the function like `directory/slug`. Since everywhere else in the code slugs are sanitized, this seems like an unexpected way to allow this functionality (I didn't realize this worked until @nacin pointed it out). Since this slug isn't actually sanitized at all, you can currently do `get_template_part( '../../../test' );` which seems rather unsafe (`get_template_part` should be able to include from outside the themes directory).
I suggest sanitizing $slug and adding a third [optional] parameter that allows you to specify the directory to look in. The directory parameter should be sanitized enough to not allow it to start with a . or a / (although this more likely belongs in `locate_template()` as something done to $template_name inside the foreach).
What does everyone think about this approach?
How many themes do we think are currently using the $slug parameter to specify a directory?
Right now the optional $name parameter is set up as a fall through, so if $slug-$name.php doesn't exist $slug.php is used. Should $directory be set up similarly ($directory/$slug-$name.php -> $directory/$slug.php -> $slug-$name.php -> $slug.php)?" aaroncampbell
13874 "Add package argument to ""_deprecated_function"" function" westi* Warnings/Notices normal normal Future Release enhancement accepted has-patch 2010-06-13T23:48:37Z 2013-05-14T13:27:25Z "Got to thinking it would be nice if plugins could use the _deprecated_ API by passing a ""$package"" argument to separate themselves from WP core, and so this patch was born.
" johnjamesjacoby
17487 Codepage issue with the wp.org Credits API westi* WordPress.org site normal normal WordPress.org defect (bug) accepted 2011-05-18T10:28:47Z 2012-11-22T03:34:06Z "I was playing with my profile page at wp.org and changed the Name field from:
{{{demetris}}}
to:
{{{demetris (Δημήτρης Κίκιζας)}}}
What the API returns for that is:
{{{demetris (???????? ???????)}}}
It seems the API returns its results in ISO 8859-1. Can we change that to UTF-8?
" demetris
17541 Blogger-XMLPRC API does not work with Multisite/SSL/DMZ combination westi* XML-RPC 3.2 normal major Future Release defect (bug) accepted has-patch 2011-05-23T07:26:29Z 2012-12-14T23:12:02Z "I have the following setup:
My WordPress Blogs (multisite) are set up behind a firewall that exposes the public address via SSL. Inside my DMZ I'm only using HTTP, so that's what WordPress sees. When I now try to access the blogger.getUsersBlogs XMLPRC-API, I get an empty result back.
I analyzed the WordPress source code and found out that the blogger.getUsersBlogs method in the file wp-includes\class-wp-xmlrpc-server.php uses another XMLRPC call to the wp.getUsersBlogs method in case of the multisite. I further checked and found out that this appears to be the only case in which WordPress executes a remote call itself to sevice the request. I then replaced the logic in _multisite_getUsersBlogs with the multisite part from wp_getUsersBlogs and it worked.
I aso found an issue that might be related: http://core.trac.wordpress.org/ticket/16402
But since the source code in the trunk still uses the regular IXR_Client, I'm not sure if this would fix the issue.
I attached my fix as a patch, but it's not refactored to remove code duplication since I don't have a dev-environment set up for WordPress.
Michael" michael_k
17607 Google blog search API shutdown westi Administration 3.2 normal normal Future Release defect (bug) assigned has-patch 2011-05-29T11:21:19Z 2012-10-11T23:13:54Z "I have done a search and can't see that this has already been reported.
On the wordpresss dashboard the 'incoming link search' uses google blog search API. Google has announced that this api is being shutdown as of effect 26 May 2011 (http://code.google.com/apis/blogsearch/). It will continue to work but with limited functionality (due to their deprecation policy). I therefore suggest that this be removed or use a different API." jcnetsys
16204 Add hooks to enable access to pages in the admin when the menu layout has been changed by plugin westi Administration 3.1 normal normal Awaiting Review enhancement reviewing has-patch 2011-01-12T16:31:33Z 2011-01-15T08:54:45Z "This patch and ticket is a follow on to tickets #16048 and #16050 and indirectly related to this discussion on hackers: http://lists.automattic.com/pipermail/wp-hackers/2011-January/037129.html
This patch simply adds the following hooks, all within /wp-admin/includes/plugin.php.
- menu_page_url
- admin_page_parent
- admin_page_title
- plugin_page_hookname
- user_can_access_admin_page
The patch does not attempt to unravel the many early exits of the various functions instead it simply redundantly adds the hooks at each exit point. As such it's backward compatibility can be reviewed simply by viewing the code.
The use-case for this patch is when the menus are not exactly in the format expected by WordPress (but instead desired by the client) it can sometimes take hours of trial and error to get the permissions to allow users access to the menus they should be allowed access to.
For example, if the first submenu page for a menu page is removed from the menu, even when it makes logical sense to the user WordPress currently does not allow that menu option to be viewed. These hooks would give plugin developers the ability to modify the menus and still enable users access to the pages they need access to." mikeschinkel
15865 Make it easy to disable options / user settings westi Administration normal normal Future Release enhancement new has-patch 2010-12-17T17:52:29Z 2013-01-21T04:12:48Z "We have a wonderful option white listing system.
The one thing it doesn't support is hiding the ui of core options if you don't want them changed.
We should have a generic way of doing this." westi
7392 Don't create new autosave revision if nothing has changed yet westi Autosave 2.6 normal minor 3.6 defect (bug) reopened has-patch 2008-07-23T22:03:39Z 2013-05-09T15:22:06Z "I noticed that simply loading and saving a post creates a new revision. This seems rather dumb to me. Could we not load the post up, compare it with the revision, and not create a whole new revision if nothing changed (ignoring post save time, of course)?
Discuss." Otto42
4965 Blog by Email: any images and attachments in your email are not being posted inline westi Blog by Email 2.3 normal normal Future Release defect (bug) new 2007-09-12T18:15:29Z 2009-10-11T21:07:33Z "Blog by Email: any images and attachments in your email are not being posted inline
Remaining issue from #4829." foolswisdom
13473 comment_status should be set to default_comment_status when commentstatusdiv is removed westi Comments normal normal Future Release defect (bug) reopened 2010-05-20T23:36:24Z 2011-11-24T16:13:29Z "When the Comment Status box is removed from the Add/Edit Post screens, posts should be created with the comment_status set to the value of the default_comment_status option.
-----
I had hidden the Comment Status box via:
remove_meta_box('commentstatusdiv','post','normal');
and made sure that default_comment_status was set to open:
update_option('default_comment_status', 'open');
After adding a new post it displayed ""Comments Off"" when I was assuming that it should have honored the value of default_comment_status." jimmcq
13158 Cron : some events may not be scheduled westi Cron 3.1 high major Future Release defect (bug) new 2010-04-27T23:29:46Z 2012-08-03T22:39:04Z "the problem appears when two different events are scheduled at the same time
what happens in code is :
1st event : _get_cron_array();
2nd event : _get_cron_array();
1st event : _set_cron_array( $crons );
2nd event : _set_cron_array( $crons );
1st event is lost." arena
12609 Enabling FORCE_SSL_ADMIN breaks wp-cron.php westi Cron normal normal Future Release defect (bug) new dev-feedback 2010-03-15T16:02:29Z 2010-11-13T07:50:43Z I just completed a server migration and discovered that scheduled posting broke during the process. I tried a few things, including the suggestions from ticket #8923 with no luck. I realized that one change I made, on the new server, was a requirement that the admin uses SSL. After disabling FORCE_SSL_ADMIN I discovered that scheduled posts work again. It seems that I can leave FORCE_SSL_LOGIN turned on and it doesn't cause any problems. This is good enough for our security needs, but I'm sure others might want to have both enabled. dphiffer
11826 Endless Cron Spawn westi Cron 2.9 normal normal Future Release defect (bug) new 2010-01-08T19:09:02Z 2010-12-14T10:00:23Z "I somehow get it managed to keep such request in memory while they consume CPU all the time. I noticed that first a week ago or so and now I was able to find out some specifics:
{{{
REQUEST_URI /wordpress-trunk/wp-cron.php?doing_wp_cron
REQUEST_METHOD post
}}}
Maybe there is a condition for an endless loop in there?" hakre
11800 doubled execution of cron jobs westi Cron 2.9.1 normal normal Future Release defect (bug) new 2010-01-07T11:17:53Z 2011-06-02T07:18:50Z "Hi,
as I've already mentioned in ticket #11505 , cron-jobs occasionally get executed twice (e.g. daily backup arrives two times).
I've changed the code according to the patch attachment:ticket:11505:ticket-11505-stop-gap.patch (which derives from [http://wpengineer.com/ping-problem/]) after my comment:ticket:11505:49 and had no doubles within this time period. This week I've upgraded to WP 2.9.1 and since then backups arrive two, sometimes three times, again.
Looking at the changes from 2.9 to 2.9.1, I have no other explanation for this behavior. - Maybe we should consider having a closer look again on this patch attachment:ticket:11505:ticket-11505-stop-gap.patch .
Greetz,
Berny" neoxx
20903 Exporter gets stuck in a loop a loop/break in the category hierarchy westi Export 3.1 normal normal Future Release defect (bug) new has-patch 2012-06-11T11:26:07Z 2012-06-12T08:13:02Z "Ideally it should be impossible for a loop/incorrect parentage in a category hierarchy to exist.
But sometimes they do.
If one does exist then {{{export_wp()}}} gets stuck :(
It gets stuck in this code:
{{{
// put categories in order with no child going before its parent
while ( $cat = array_shift( $categories ) ) {
if ( $cat->parent == 0 || isset( $cats[$cat->parent] ) )
$cats[$cat->term_id] = $cat;
else
$categories[] = $cat;
}
}}}
Similar to #20635 but different." westi
19719 PHPMailer allows invalid characters in display-name westi External Libraries normal normal Awaiting Review enhancement new has-patch 2012-01-03T16:06:27Z 2012-01-03T16:06:27Z "[http://tools.ietf.org/html/rfc5322 RFC5322] defines the display name portion of an email address as follows:
{{{
display-name => phrase
phrase => word / obs-phrase
obs-phrase => word / whitespace / dot
word => atom / quoted strings
atom => whitespace / atext
atext =>
ALPHA / DIGIT / ; Printable US-ASCII
""!"" / ""#"" / ; characters not including
""$"" / ""%"" / ; specials. Used for atoms.
""&"" / ""'"" /
""*"" / ""+"" /
""-"" / ""/"" /
""="" / ""?"" /
""^"" / ""_"" /
""`"" / ""{"" /
""|"" / ""}"" /
""~""
}}}
So, the display-name can contain the list of characters defined as atext plus dots plus whitespace plus quoted stringss.
Notable exclusions include things like >, <, ( and ). At present, PHPMailer does no validation of the display-name field. The attached patch adds validation that does the following:
* Make sure we decode any utf8 characters
* Compare the original value against a value with invalid characters stripped out
* Fail validation if the original and the stripped version do not match (ie, we stripped something invalid, so the string must have been invalid)
The patch does not handle assuring proper pairing of quoted strings (it doesn't validate that quotes nest properly or occur only in pairs).
The following code works for testing the patch:
{{{
AddAddress( $to_address, $to_name );
$phpmailer->SetFrom( $from_address, $from_name );
$phpmailer->Subject = $subject;
$phpmailer->Body = $body;
$phpmailer->Send();
} catch ( phpmailerException $e ) {
print_r( $e->getMessage() );
}
}}}
To provoke an error, add a disallowed character such as > or ) to one of the _name variables. The code will bail with an invalid_display_name exception." dllh
19549 Please remove X-Mailer from class-phpmailer westi External Libraries 3.3 normal minor Future Release enhancement assigned dev-feedback 2011-12-14T20:37:14Z 2012-06-02T13:32:25Z "It is nobody's business what software I am using to send mail, or what version number it is. Providing version numbers of server-side packages to strangers is an unnecessary security exposure. With each update to WordPress, I apply this patch. I would appreciate it if you would either include this patch yourselves, or provide a hook where I can do this myself without modifying the source.
{{{
--- wp-includes/class-phpmailer.php 5 Jul 2011 20:53:19 -0000 1.3
+++ wp-includes/class-phpmailer.php 14 Dec 2011 19:43:32 -0000
@@ -1129,8 +1129,8 @@
} else {
$result .= sprintf(""Message-ID: <%s@%s>%s"", $uniq_id, $this->ServerHostname(), $this->LE);
}
-// jwz: no. $result .= $this->HeaderLine('X-Priority', $this->Priority);
-// jwz: no. $result .= $this->HeaderLine('X-Mailer', 'PHPMailer (phpmailer.sourceforge.net) [version ' . $this->Version . ']');
+ $result .= $this->HeaderLine('X-Priority', $this->Priority);
+ $result .= $this->HeaderLine('X-Mailer', 'PHPMailer '.$this->Version.' (phpmailer.sourceforge.net)');
if($this->ConfirmReadingTo != '') {
$result .= $this->HeaderLine('Disposition-Notification-To', '<' . trim($this->ConfirmReadingTo) . '>');
}}}" jwz
18664 Formatting/Cleanup for wp-admin/includes/class-wp-posts-list-table.php westi Formatting lowest trivial Future Release defect (bug) reviewing has-patch 2011-09-14T20:57:51Z 2011-10-12T17:13:19Z "wp-admin/includes/class-wp-posts-list-table.php is extremely hard to read.
Created this ticket to move conversation/patches for cleanup out of #17958" DH-Shredder
23688 esc_textarea, wp_richedit_pre and wp_htmledit_pre eat post content under PHP 5.4 westi Formatting trunk high blocker 3.6 defect (bug) reopened 2013-03-04T17:27:22Z 2013-04-25T09:51:24Z "Because of a change in default behaviour in {{{htmlspecialchars}}} in PHP5.4 it is possible for these three functions to eat perfectly valid post content and make it impossible to edit existing posts.
Scenario:
* blog_charset is ISO-8859-1
* Post contains some 8bit characters
You try and edit the post and instead of the post content you are presented with a blank editor :(
On the front end the posts display fine.
The underlying cause it this change in {{{htmlspecialchars}}}
""5.4.0 The default value for the encoding parameter was changed to UTF-8.""
Because the string is not a valid UTF-8 sequence an empty string is returned :(
Related to #20368" westi
19487 Remove useless calls to set_time_limit() westi General 1.5 normal normal Awaiting Review defect (bug) new has-patch 2011-12-09T14:53:08Z 2012-11-23T10:13:52Z "Calls to set_time_limit() were introduced in http://core.trac.wordpress.org/changeset/1812 and have remained in core ever since. The call occurs in code that makes network connections and is designed to allow time for the network calls to complete before the script execution stops.
But set_time_limit() won't take network time into account, so it actually will not do what it seems designed to do. From php docs:
The set_time_limit() function and the configuration directive max_execution_time only affect the execution time of the script itself. Any time spent on activity that happens outside the execution of the script such as system calls using system(), stream operations, database queries, etc. is not included when determining the maximum time that the script has been running.
Further, calls to set_time_limit() can cause unexpected results in code that relies on any functions that call set_time_limit(). For example, if some code (in a cron job, say) sets the time limit to 0 (unlimited) because it knows it needs some time complete, then a subsequent call to a function that resets the time limit will halt the long-running execution once the new limit has been reached. Also from php docs:
When called, set_time_limit() restarts the timeout counter from zero. In other words, if the timeout is the default 30 seconds, and 25 seconds into script execution a call such as set_time_limit(20) is made, the script will run for a total of 45 seconds before timing out.
Since the call to set_time_limit() does not here do anything useful, it should be removed." dllh
9930 is_serialized() returns false on serialized doubles westi General normal minor Future Release defect (bug) reopened has-patch 2009-05-24T17:23:43Z 2011-05-12T13:32:36Z "Test case:
{{{
}}}
Expected: true
Got: false
serialize(1.2E+150) returns something like 'd:1.200000000000000013344651621705194036153934411236609269391465806550823148718924258603522328009361549E+150;', the plus sign after 'E' is not taken into account by the regexp" vladimir_kolesnikov
12333 "Get ""message"" and ""error"" params in wp-login.php" westi General 2.9.2 normal minor Future Release enhancement new reporter-feedback 2010-02-22T14:48:41Z 2012-01-11T11:24:26Z "It might be useful a parameter like ""redirect_to"" to set $message and $error of login_headers() from the url of wp-login.php." FiloSottile
19347 Ugly alert: false !== strpos( $which_one_was_needle, $this_one ) westi General normal normal Future Release enhancement reviewing has-patch 2011-11-23T22:08:02Z 2012-06-28T16:29:40Z "In WordPress {{{strpos()}}} is used hundreds of times. Very large percentage of those calls are trying to accomplish one of these 3 goals:
* Check if a string starts with another string
* Check if a string contains another string
* Check if a string ends with another string
The code for doing these 3 things is not very readable, ugly, and error-prone:
{{{
0 === strpos( $one_string, $other_string )
false !== strpos( $one_string, $other_string )
strpos( $one_string, $other_string ) == ( strlen( $one_string ) - strlen( $other_string )
}}}
I propose we introduce functions to hide the ugliness and the complexity behind these three common operations:
* {{{wp_startswith( $haystack, $needle )}}}
* {{{wp_in( $needle, $haystack )}}}
* {{{wp_endswith( $haystack, $needle )}}}
The logic of the arguments order is consistent and easy to remember:
''first argument'' '''verb''' ''second argument''.
* everything starts with a beginning translates to {{{wp_startswith( ""everything"", ""a beginning"" )}}}
* goat is in distress translates to {{{wp_in( ""goat"", ""distress"" )}}}
* movie ends with happy end translates to {{{wp_endswith( ""movie"", ""happy end"" )}}}
These three functions are happily used in GlotPress and WordPress.com.
The implementations are attached." nbachiyski
10373 Proper number formatting related to i18n westi I18N 2.8.1 normal normal Future Release defect (bug) reopened reporter-feedback 2009-07-10T08:09:14Z 2012-05-13T08:33:30Z "Hi there,
Technical description of the situation: WordPress function number_format_i18n() uses native PHP function number_format() for formatting numbers. Unfortunately this PHP function is not able to handle separators (both decimal and thousands separators) that fall into one of the following categories:
- separator would contain more than one char, e.g. "" ""; in this case only the first char from the supplied string is used, in the example given above it would be ""&"".
- separator is ASCII > 128, e.g. ASCII 160;
Impact: Although this is not a native bug to WordPress, the problem source is in PHP, the impact is caused also in WordPress. This situation is problematic for users in Eastern Europe (Czech Republic, Russia, etc.) where the standard thousands separator is "" "" (space). The users in these countries usually don't want to use real space (ASCII 32) as thousands separator, as it could be word wrapped and the number would be saparated into two lines. Unfortunatelly supplying both variants of non-breakable space (i.e. "" "" or ASCII 160) fails.
Proposed solution: unforunatelly this bug is reported in PHP for years and nothing happens there. Because of this situation I suggest fixing such problem in the next level, i.e. in WordPress. This means to create a custom function for formatting numbers, with identical input params as number_format(), just that this one would be able to handle separator types mentioned above.
I have such change already deployed on my WordPress blog for several months, so I am going to attach a diff file for the latest SVN state dealing with this issue.
Honza" honza.skypala
15760 "LiveJournal Importer mishandles some and expressions" westi Import normal normal WordPress.org defect (bug) assigned 2010-12-10T04:45:17Z 2011-02-19T18:52:42Z "There is a note on plugins.trac ticket 1231 that says this should be handled in core.trac instead, so I'm cross-posting it here. The patch and ticket were originally added by a-bishop:
http://plugins.trac.wordpress.org/ticket/1231
Reproduction steps: 1. Create a LiveJournal? entry that has in it. Note that this is XML-ish 2. Try to use the livejournal-importer on this post.
Bug The gets ignored because the regular expression is too strict.
I've attached a patch that makes LiveJournal? Importer recognize the XML-ish version.
Patch:[[BR]]
http://plugins.trac.wordpress.org/attachment/ticket/1231/livejournal-importer.patch" designsimply
15381 Rework WP_Scripts to support named groups westi JavaScript normal normal Future Release enhancement new 2010-11-10T21:59:49Z 2011-03-22T09:26:12Z "Currently WP_Scripts has some ""special"" code for splitting things across header and footer and concatenating core scripts.
I would like to change it to support the following:
* Named Groups - so we can have header, footer, ...
* L10N awareness - so we can auto output the l10n.js file first if we need it - XRef #15124
* Concatenation opt-out
* Concatentaion opt-in for plugins.
I was working on this for #15124 until it became apparent that it wasn't right to do it for 3.1 - not enough time to fully test." westi
18493 HTML E-Mails westi Mail 3.2 normal normal Future Release enhancement reviewing early 2011-08-22T00:29:44Z 2013-04-13T16:33:09Z "Wojtek worked on the Enhanced E-Mails project for GSoC this summer. It's definitely something that would be nice to have in core. The plugin already exists in the repository - [http://wordpress.org/extend/plugins/enhanced-emails/ Enhanced Emails]. There are still some things that need to be cleaned up in the code, but it works pretty well.
I'm hoping we can clean it up, test it, and get it in core. " aaroncampbell
15706 Allow wildcarded domains in multisite limited email domains westi Multisite normal normal Future Release enhancement reviewing dev-feedback 2010-12-06T18:59:24Z 2012-08-29T16:45:39Z "Here at blogs.law.harvard.edu, we want to allow all harvard.edu subdomains to create blogs in our multisite install. There are hundreds of domains and it would be difficult to get a complete list because of the complexity of our DNS infrastructure.
I propose allowing the inclusion of a single prefix wildcard character in the limited email domains feature. If a limited email domain contains a ""*"", we would create a regex and match that specific entry via a wildcard. So ""*.harvard.edu"" would match ""cyber.law.harvard.edu"", ""fas.harvard.edu"", etc. To match the root TLD, you'd just manually enter ""harvard.edu"".
We have a variant of this applied as a core hack to our wordpress install at http://blogs.law.harvard.edu and it's been working fine for years. I will package it up as a patch if there's interest. Thoughts?
I don't think it'd make sense to allow embedded wildcards (dom*ain.org)." djcp
12145 Enhance activation process to improve integration with site theme westi Multisite normal normal Future Release enhancement new 2010-02-06T07:10:13Z 2012-01-11T11:21:04Z "wp-activate.php creates many notices on load due to theme hackery
an example to start:
{{{
Notice: Trying to get property of non-object in G:\www\ho.st\wp-includes\comment-template.php on line 777
Notice: Trying to get property of non-object in G:\www\ho.st\wp-includes\comment-template.php on line 794
Notice: Trying to get property of non-object in G:\www\ho.st\wp-includes\general-template.php on line 1588
Notice: Trying to get property of non-object in G:\www\ho.st\wp-includes\query.php on line 2600
Notice: Trying to get property of non-object in G:\www\ho.st\wp-includes\query.php on line 2600
Notice: Trying to get property of non-object in G:\www\ho.st\wp-includes\post-template.php on line 431
Notice: Trying to get property of non-object in G:\www\ho.st\wp-includes\query.php on line 2600
Notice: Trying to get property of non-object in G:\www\ho.st\wp-includes\post-template.php on line 1172
class=""page page-id- page-parent logged-in"">
}}}
the problem is, that wp-activate.php attempts to simulate a normal WordPress page, the problem arrises that when the header is included and/or custom code in the theme runs on the header, that the no-existance of the current post id (NULL) causes most of the WordPress functions to complain, as they're expecting a correct post object to be returned.
2 options
1. Update all API function to move to {{{ if ( ! $_post = get_post(..) ) return false; - This should probably be done anyway
2. Improve the hackery to allow displaying custom pages such as wp-activate.php more transparently.
Furthur to #2, this might involve creating a page in the database which the API functions can access directly, the activate site page would then become a real page in the eyes of WordPress." dd32
10852 improve get_page_children westi Optimization 2.9 normal normal Future Release enhancement reviewing dev-feedback 2009-09-25T22:30:34Z 2013-02-18T19:10:53Z "In #5303, mihai pointed out that get_page_children is very slow with 7000 pages. It's indeed slow, since the algorithm has O^2 complexity.
We should improve it to O(N) complexity. " hailin
17450 Almost pretty permalinks with non-ASCII characters do not work in Apache westi Permalinks 3.1 normal major Future Release defect (bug) reopened needs-unit-tests 2011-05-16T05:53:14Z 2012-04-27T19:03:50Z Almost pretty permalinks (using PATH_INFO) with non-ASCII characters do not work in Apache; a not found error is returned. The same permalink works in IIS when UTF-8 is used for server variables. It also works when mod_rewrite is used. peaceablewhale
10384 Make IIS Permalink support enabled based on capability not on version number westi Permalinks 2.8 normal normal Future Release enhancement new commit 2009-07-11T08:37:44Z 2011-04-12T00:19:13Z "At the moment we enable the IIS permalink support based on checks for IIS7 and then some capabilities.
We should remove the version checking and work solely on capabilities so that we don't have to revisit when IIS8 is released." westi
13266 Admin page hooks change when plugin is translated (tied to $menu_title) westi Plugins 3.0 normal major Future Release defect (bug) new has-patch 2010-05-05T21:07:11Z 2010-11-02T06:27:09Z "WP3 is using the title of the parent menu item in a menu block to fire the load-hooks for the lesser menu items? Lost me? Ok an example -
Plugin Membership has this menu structure (simplified)
Membership – main heading
Membership – Top inner
Edit Member – inner
Edit Levels – inner
Edit Subs – inner
etc…
The page load hooks for the non-translated plugin are as follows:
Membership – load-toplevel_page_membership
Membership – load-toplevel_page_membership
Edit Member – load-membership_page_members
Edit Levels – load-membership_page_membershiplevels
Edit Subs – load-membership_page_membershipsubs
etc…
Now, if I use a language translation on the plugin, which for the sake of clarity here, translates the word Membership to Aaargh the page load hooks become.
Membership – load-toplevel_page_membership
Membership – load-toplevel_page_membership
Edit Member – load-aaargh_page_members
Edit Levels – load-aaargh_page_membershiplevels
Edit Subs – load-aaargh_page_membershipsubs
etc…
Thus any actions you are running on the inner pages aren’t called." uglyrobot
17615 WP_List_Table::get_columns does not work for plugins westi Plugins 3.1.3 normal normal Future Release defect (bug) assigned 2011-05-30T11:20:56Z 2011-06-11T09:36:27Z "see Ticket #15386 - the ticket is closed, however I have the very same problem with 3.1.3 version and the solution example provided do not work for me.
Wordpress claims that there is no function as get_list_table , I have changed it to _get_list_table, after that change it does launch but returns a null object." cyplo
4893 Audit of all filter and action names. westi Plugins normal normal Future Release enhancement new 2007-09-02T20:22:27Z 2010-03-18T21:09:32Z "I think for 2.4 we should do an early audit of all the filters and actions in the core and ensure that they follow the following set of rules:
1. All names should be unique
1. All names should be relevant to the calling context
1. All filters should pass in relevant context information
This should then ensure plugins can easily filter just the things they want to.
This is to avoid messes like {{{the_title}}}
{{{
./wp-includes/post-template.php: return apply_filters( 'the_title', $title );
./wp-includes/comment.php: $post_title = apply_filters('the_title', $post->post_title);
./wp-includes/classes.php: $output .= $indent . '
ID) . '"" title=""' . att
ribute_escape(apply_filters('the_title', $page->post_title)) . '"">' . apply_filters('the_title', $page->post_title) . '';
./wp-includes/deprecated.php: $string .= apply_filters('the_title', $post->post_title, $post);
./wp-includes/deprecated.php: $string .= apply_filters('the_title', $post->post_title, $nextpost);
./wp-includes/link-template.php: $title = apply_filters('the_title', $post->post_title, $post);
./wp-includes/link-template.php: $title = apply_filters('the_title', $post->post_title, $post);
./wp-includes/general-template.php: $text = strip_tags(apply_filters('the_title', $arc_title));
}}}" westi
13347 Mobile user agent detection for vars.php westi Plugins lowest minor Future Release enhancement new 2010-05-11T16:21:58Z 2011-07-06T16:11:21Z We've added some user agent detection for mobile clients in the vars.php file, thought it would be good to have in core for plugins and themes to use. Attaching patched vars.php. mrroundhill
13548 Settings API to include user options westi Plugins 2.7 normal normal Future Release enhancement new 2010-05-26T07:42:52Z 2013-01-03T19:25:19Z "Hi,
I've reworked all of my plugins to build upon the [http://codex.wordpress.org/Settings_API new Settings API]. The handling and security are great.
As far as I understand, the Settings API can't be used for user options. - What do you think about an extension of {{{ register_setting }}} & Co. to reflect user options?
Greetz,
Berny" neoxx
11210 Split wp_new_user_notification() into two functions westi Plugins 2.9 normal normal Future Release enhancement new 2009-11-20T22:05:31Z 2010-09-07T19:02:37Z "`wp_new_user_notification()` sends emails to newly registered user and to admin. One of my plugins ([http://wordpress.org/extend/plugins/wypiekacz/ WyPiekacz]) redefines it in order to to disable emails sent to admin. Now I want to extend my other plugin ([http://wordpress.org/extend/plugins/user-locker/ User Locker]) so newly registered users will have to activate theirs accounts by clicking on link sent in email. In order to do this, I have to redefine the same function. I how to do this so both plugins could work at the same time - this is not a problem for me.
However it will be better to allow to redefine only part of `wp_new_user_notification()` function - either one which sends email to new user, or to admin. Therefore I ask to split this function into two new ones. Attached patch does this." sirzooro
12582 user_registered action suggestion westi Plugins 2.9.2 normal normal Future Release enhancement new 2010-03-11T11:10:48Z 2010-06-23T17:26:12Z "I am developing theme that should include user login / registration (so we dont have to see wp-login.php ever again).
Now for login it was easy - with the help wp_login_url user is redirected back to whatever page we need after login.
To achieve same thing for registration i added new action in wp-login.php
{{{
$errors = register_new_user($user_login, $user_email);
do_action('user_registered', array($user_login, $user_email, $errors));
}}}
using this action now i can make wp-login.php redirect user to main page and display errors there.
Maybe this could be included in wordpress? Or maybe wp_login_url type function that can redirect user wherever needed? I would personally go with action as it gives much more freedom." roxaz
16176 save_{$post_type} westi Post Types 3.0.4 low normal Future Release enhancement assigned has-patch 2011-01-10T11:46:22Z 2013-05-16T19:52:35Z a `save_{$post_type}` hook would be convenient. bmb
16215 Post Revision history displays the incorrect author westi Revisions 2.6 normal normal 3.6 defect (bug) reopened has-patch 2011-01-13T06:52:06Z 2013-05-09T10:14:13Z "Steps to reproduce:
1. Create and Publish a new post as user admin.
2. Edit that post and Update as user mdawaffe.
3. View revision history for that post. Note that the revisions are attributed to the wrong authors.
The revision's post_author is currently being set to whoever edited the post away from the state represented by that revision row. It should be set to the person who edited the post *to* the state represented by that row.
This bug has been around since the introduction of post revisions.
To fix for future posts, I can think of two options.
1. We should be able to pull the correct author for a new revision row from the _edit_lock/_edit_last post meta of the post (as long as we grab that before we update the post row).
2. Currently, when a post is updated, revisions first grabs a copy of the current state of the post, stores it as a revision, then updates the post row. To fix this bug, we could instead update the post row first then store a copy of that new state as a revision. That would mean the most recent revision for all posts would be a duplicate of the actual post.
Option 2 would be cleaner code, option 1 would be cleaner data.
To fix for existing posts, we need to go through each post and fix each revision. That's incredibly expensive to do on upgrade, so I suggest doing it per post on the fly when the post edit screen or post revisions screen is loaded.
If we fix on the fly, we have to be able to keep track of which posts/revisions have been fixed and which haven't. We could track that with:
1. An option that is set on upgrade with a timestamp. Compare post_modified to that timestamp. This seems fragile to me since I bet there are plugins that override post_modifed.
2. Post meta. Easy, but adds one post meta per post just to fix a lame bug.
3. Bump the menu_order of each fixed revision row from 0 -> 1. (A version number for the revisioning system :)). Hacky.
I like 3: menu_order.
We could also leave everything as is, allow the data to be wrong, and ""fix"" it on display or even in get_post().
Aside: While we're in there, we may want to ""fix"" revisions' post_modified columns. Currently, post_modified is identical to post_date, which is the time the post was put into the state represented by the revision. We could make post_modified the time the post was edited away from the state represented by the revision." mdawaffe
16303 Improve documentation and usability of WP_Rewrite Endpoint support westi Rewrite Rules 3.1 lowest normal Future Release defect (bug) new needs-docs 2011-01-19T16:25:01Z 2013-04-05T00:28:06Z "When you know how it works the WP_Rewrite Endpoint support is really simple and cool.
When you don't it looks really difficult to use.
We should document it better and add an endpoint mask for Custom Post Types." westi
8119 Attempts to edit deleted categories are not properly handled westi Taxonomy 2.7 normal minor Future Release defect (bug) new has-patch 2008-11-08T21:32:21Z 2011-11-19T06:07:37Z "Fairly obscure.
If one user has the edit cats view open, then another user deletes one of those categories, and the first user then attempts to edit the deleted category, they get - not unreasonably - an empty view on the edit screen. (As the data has been correctly deleted.) Ok. Not too much we can do about that. However, after that, it falls down.
It seems that if you replace the various data and then press ""edit category"" it can go one of two ways -
1. The user recieves the message
Your attempt to edit this category: """" has failed.
2. The user recieves the message
Fatal error: Cannot use object of type WP_Error as array in /home/www/misthaveneu/htdocs/svn/trunk/wp-includes/functions.php on line 1238
Scenerio 2 seems to be vaguely related to using the word ""Error"" in the description, but that could just be conincidence.
In any event, the handling of this situation is broken. The fact that a category has been deleted since in-between the user viewing the edit category screen and choosing one to edit needs to be recognised. (Even if it's the same sort of nasty wp_die message you get when a post has been deleted.)" mrmist
17302 Add get_previous_post_link(), get_next_post_link(), and get_adjacent_post_link() westi Template 3.2 normal normal Future Release enhancement reviewing has-patch 2011-05-02T07:36:12Z 2013-02-19T12:26:13Z "Unlike many other template tags, he functions adjacent_post_link(), next_post_link(), and previous_post_link() are missing their get_ counterparts.
Included patch adds those." yoavf
18302 Improve child theme file inheritance by introducing `theme_url()` to locate a file URI westi Template normal normal Future Release enhancement reviewing needs-unit-tests 2011-07-31T01:19:02Z 2013-04-22T19:02:43Z "Child theme file inheritance isn't quite as slick as it could be. A child theme should be able to selectively override any of its parent theme's files (ie. CSS & JS), not just template files.
For example, there's no easy way for a parent theme to enqueue a JavaScript file that can be easily overridden by a child theme. This is because there's no URI version of `locate_template()` for themes to use.
Example: A parent theme includes a JavaScript file like so:
{{{
wp_enqueue_script( 'foo', get_template_directory_uri() . '/foo.js' );
}}}
A child theme couldn't simply include a `foo.js` file to override its parent's as the file is always loaded from the template directory, not the stylesheet directory. If the parent theme used `get_stylesheet_directory_uri()` instead, then the child theme could override it '''but''' it would '''have''' to override it, otherwise we'd end up with a file not found.
The answer is to introduce a function that does the same as `locate_template()` but returns a URI instead of a path.
Example usage:
{{{
wp_enqueue_script( 'foo', locate_theme_file( 'foo.js' ) );
}}}
This would load `foo.js` from the child theme if it existed, and the parent theme if not.
The function could also be used for CSS files:
{{{
wp_enqueue_style( 'bar', locate_theme_file( 'bar.css' ) );
}}}
And for images too:
{{{
"" />
}}}
Stand by for a patch." johnbillion
11282 Bizarre Behavior When wp-content Missing westi Themes 2.8.4 normal normal Awaiting Review defect (bug) reopened has-patch 2009-11-29T02:19:13Z 2012-10-23T00:15:18Z "Steps to reproduce:
1. Begin and complete a normal installation, but skip or remove the wp-content directory.
2. Try to view the Dashboard and the Visit Site link.
Expected Result: WP did not install, wp-content is missing.
Actual Result: Dashboard is visible, site's front page is not. In /wp-admin/error_log
PHP Warning: array_keys() [function.array-keys]: The first argument should be an array in /wp-includes/theme.php on line 481" miqrogroove
11215 Improve naming of child/parent theme functions westi Themes 2.9 normal normal Future Release enhancement new 2009-11-21T09:51:10Z 2012-02-17T15:41:13Z "We have confusing naming for child/parent theme functions.
We have references to stylesheet/template instead of child/parent which makes it unclear which function should be being used.
In #11033 we introduced a function for loading the child themes textdomain with a clear name.
We should look at deprecating the stylesheet/template nomenclature and use child/parent instead." westi
10457 Parse shortcodes in text widgets by default westi Widgets 2.8 normal normal Future Release enhancement reopened 2009-07-21T11:27:06Z 2012-03-28T20:10:31Z Currently, shortcodes are only parsed within post content. It would, to my mind, be a nice enhancement to allow them to be parsed from within text widgets as well. The implementation is trivial, so the only real question is what problems this might throw up. ionfish
21292 XML-RPC: wp_upload_bits should act like wp_handle_upload westi XML-RPC 3.0 normal normal Future Release defect (bug) assigned has-patch 2012-07-17T07:01:23Z 2013-05-07T11:37:28Z "At this moment there isn't a check for file size when uploading an image through the XML-RPC. The reason is that the method wp_upload_bits is used. This only checks it does is if the file size is to big for a network installation.
The function check_upload_size() is something what you want except that it will use wp_die() if there is an error like this. The function is used as a filter: wp_handle_upload_prefilter. Which only get applied in the function wp_handle_upload.
We should probably change check_upload_size() a bit so it doesn't use wp_die() but does it somewhere else.
related: #6559 and #21085" markoheijnen
20201 wp.Options lies about the updatability of options. westi XML-RPC 3.4 low normal 3.6 defect (bug) new dev-feedback 2012-03-08T12:04:08Z 2013-05-07T12:44:07Z "When an XMLRPC client calls this API we give it a `readonly` status for each of the options returned which lets it know whether or not the options are writable or not.
This status is hardcoded in the code and not capability aware so a user with only subscriber level access is given the impression that they can update options they can't." westi
20026 Adding a post_type filter in wp.getComments westi XML-RPC normal normal Future Release enhancement reviewing needs-unit-tests 2012-02-12T15:48:53Z 2012-08-05T19:45:16Z This will be usefull when with the new custom post type support in XMLRPC nprasath002
11303 XMLRPC (and APP) APIs should expose all Post/Page/Comment management functionality westi XML-RPC 2.9 normal normal Future Release task (blessed) assigned close 2009-12-01T22:26:01Z 2010-09-23T20:34:55Z "In #11243 we hid the trash status from {{{wp.getPages()}}} we also hide it for pages (and comments I guess).
Really these apis should be fully featured to allow clients to support the new things the api does.
We should revert the change made for trash for 2.9 and promote the fact that clients should be graceful when using these apis so as to cope when we introduce new features.
We also need to review the need for extra apis to allow trashing/untrashing of posts/pages/comments etc." westi
23012 Refresh the code for the default widgets Viper007Bond* Widgets 3.5 low minor Future Release enhancement accepted 2012-12-20T01:49:37Z 2012-12-21T21:28:45Z "The default widgets serve as examples for many people to make new widgets. We should make sure they're up to date in terms of coding standards and best practices. There's many places where this is not the case.
A few examples:
* `$instance['text'] = stripslashes( wp_filter_post_kses( addslashes($new_instance['text']) ) );`
* `$text = esc_textarea($instance['text']);` rather than at output
Also tons and tons of formatting issues.
I'll volunteer to take this on." Viper007Bond
9272 Expand human_time_diff()'s abilities Viper007Bond Date/Time 2.8 normal normal Future Release enhancement new has-patch 2009-03-04T10:42:21Z 2013-03-08T17:21:44Z "This is partially related to #7250.
Currently `human_time_diff()` can only do days, hours, and minutes. I propose we expand it a bit, to at least weeks and possibly even months and years (although that can be tricky unless PHP has a shortcut).
It should also support the ability to trim to a certain accuracy, i.e. for a 2 year 1 month old post, minutes don't matter.
In short, I propose we integrate Time Since's functionality into the core by expanding the current `human_time_diff()`." Viper007Bond
17210 Massive duplication of oEmbed postmeta Viper007Bond Embeds 3.1 normal normal Future Release defect (bug) reopened dev-feedback 2011-04-21T23:38:35Z 2013-02-15T19:56:22Z "Hey guys,
Ever since my blog grew to a considerable size (a few million PVs a month) and started slowing down and exploding my server, I've been looking and implementing various optimizations. During one such passes through the data, I noticed this really weird oEmbed related behavior, which I've been observing for a number of WP version upgrades.
I use [embed] shortcodes a lot, and every new post after a few minutes ends up with a ton of oembed caches that don't belong to it at all - they're all from other posts. Posts that don't even have [embed]s at all still have over 100 oembed entries in wp_postmeta.
Here's an example of just a small subset of data residing in the table:
[[Image(http://farm6.static.flickr.com/5230/5641419581_0610c9e267_b.jpg)]]
There are now about 150,000 entries in the wp_postmeta table due to this, half of which are duplicated _oembed entries, which I think has heavy impact on server load. Not only that but I'm sure WP is filling the table up with values by redoing oEmbed queries, which may explain that load shoots up very high at times when publishing.
{{{
mysql> select count(*) from wp_postmeta where meta_key like '_oembed%';
+----------+
| count(*) |
+----------+
| 81499 |
+----------+
1 row in set
mysql> select count(*) from wp_postmeta;
+----------+
| count(*) |
+----------+
| 148451 |
+----------+
1 row in set
}}}
Just look at how many times this random video embed value shows up in the table. I'm sure it was used in only one actual post:
{{{
mysql> select count(*) from wp_postmeta where meta_value like '%p2oWELcd-lI%';
+----------+
| count(*) |
+----------+
| 815 |
+----------+
1 row in set
}}}
Just to clarify - I don't have 815 updates to a single post that may have explained this - these are completely unrelated, separate, published posts.
To put things in perspective, here are the top 20 offenders:
{{{
mysql> select distinct meta_key, count(*) as cnt from wp_postmeta where meta_key like '_oembed%' group by meta_key order by cnt desc limit 20;
+------------------------------------------+-----+
| meta_key | cnt |
+------------------------------------------+-----+
| _oembed_5607e41abb700707540a854ae76182cf | 864 |
| _oembed_984bc07d3bc0f61b6b35230cd2fa7ced | 859 |
| _oembed_da8ae36275b4576cfcd92c0ed455be96 | 859 |
| _oembed_71dd4068a9a6911f50dbe57b3ff477c5 | 858 |
| _oembed_9f817e820c23ccbfac9b22b3474e5dd3 | 858 |
| _oembed_f3c1c03a81bc301b5f1a063f65119328 | 857 |
| _oembed_31bf10d95cb7c8e9f646d9d6e5728da0 | 857 |
| _oembed_25d0ebf59c994050cb604900cf04f53f | 856 |
| _oembed_6265dae657e38579c0a8ddb66132d526 | 852 |
| _oembed_562dd8c13888905cbd15dbd74e8699cc | 849 |
| _oembed_30ea17d1cc73acd925a74373d2be32ec | 848 |
| _oembed_87f16916b4da6571f454266bfbfaebe0 | 847 |
| _oembed_9f1f038d43e973bd60929201eee24f57 | 843 |
| _oembed_d46317d44fe11c0d90ef2cc3b45bce57 | 843 |
| _oembed_b1f8685ba405feee46baf9408eb632f7 | 841 |
| _oembed_1b56f492eba4c4ea698d816d0ecf2d51 | 840 |
| _oembed_fe597714de4081e6e7e78a88256c7db4 | 840 |
| _oembed_fb843e7b604cbc4e1ffa144d4eb300c8 | 839 |
| _oembed_97b12f2f1e59ee6eff95c61095aa5bef | 838 |
| _oembed_2b94d9f7c28ee37bfbead0a622c8be85 | 838 |
+------------------------------------------+-----+
20 rows in set
}}}
I'm quite at a loss here and would appreciate the next debugging steps. I haven't been able to determine where things are going wrong on my own.
Thank you.
P.S. The site in question is AndroidPolice.com" archon810
21540 Add support for responsive video embeds Viper007Bond Embeds normal normal Awaiting Review enhancement assigned 2012-08-10T17:15:50Z 2013-01-17T17:27:31Z "By wrapping the html content of a video embed with a container (incl. class name), we could provide a simplified way for Theme authors to make video embeds truly responsive, through basic CSS.
See #21480" obenland
18694 Improved date arguments for WP_Query viper007bond General 3.3 normal normal Awaiting Review enhancement new has-patch 2011-09-17T22:00:00Z 2013-02-28T14:40:09Z "Currently there is no way to get a set of posts that fall within a date range, are older/newer than a certain date, etc.
A new set of arguments should be created for `WP_Query` that work similarly to the relatively new meta and taxonomy arguments.
Argument structure suggestions welcome." Viper007Bond
8833 extract pluggable.php function logic into separate functions Viper007Bond Plugins 2.8 normal normal Future Release enhancement new dev-feedback 2009-01-09T21:24:15Z 2012-08-31T18:23:53Z "Currently, when a plugin overrides one of the pluggable.php functions with a custom implementation, there is no way to fall back to the standard version of the function. Instead, plugin authors have to copy and paste all of the logic from pluggable.php into their custom function. I'd love to see the actual logic separated out into ""private"" functions that are simply called the public ones. For example:
{{{
if (!function_exists('wp_get_current_user')) {
function wp_get_current_user() {
return _wp_get_current_user();
}
}
function _wp_get_current_user() {
/* normal logic for getting the current user */
}
}}}
This would allow me to override the function, but still fallback to the standard implementation if I need to...
{{{
if (!function_exists('wp_get_current_user')) {
function wp_get_current_user() {
if ( /* some condition */ ) {
/* my own custom get current user logic */
} else {
return _wp_get_current_user();
}
}
}
}}}
This wouldn't actually take that much work, and I'm happy to do it. Not sure if it would be best to keep it all in pluggable.php, or if the standard implementations should be moved to pluggable.standard.php or something similar. ??
Original wp-hackers thread: http://groups.google.com/group/wp-hackers/browse_thread/thread/31295f83a13dc025" wnorris
11946 Ensure image MIME type matches extension Viper007Bond Upload 3.0 normal minor Future Release defect (bug) reopened needs-refresh 2010-01-19T08:02:17Z 2012-07-26T22:55:00Z "Take a bitmap (BMP) and rename it to `.png`. WordPress will say it's an `image/png` everywhere you look. This can cause issues if you're trying to manipulate it (thumbnail it, etc.).
We should either fix the extension or reject it." Viper007Bond
10303 Provide better user feedback when content is changed by filters. tott* Formatting normal normal Future Release enhancement accepted has-patch 2009-06-30T10:37:01Z 2013-01-22T01:03:33Z "When filtering content via kses, adjusting bad nested xhtml or similar no feedback is given to the user. The content is just stripped and the user is not informed about the changes made and why they happened.
Presenting a diff in the admin message should increase the UX. " tott
8470 Large exports break frequently tott Export normal normal Future Release defect (bug) new reporter-feedback 2008-12-03T13:51:37Z 2009-11-18T21:21:54Z "For large wordpress exports frequently the download stops at some point.
This effect seems to be due to bad memory utilization on slow downloads where the content cannot be flushed fast enough to the browser.
Attached patch includes various improvements in content flushing, and for cleaning of variables in order to save some memory." tott
7813 export function does not preserve encoding tott Export 2.7 normal minor Future Release defect (bug) new 2008-09-30T20:07:25Z 2009-11-24T15:54:10Z "when exporting strings are always converted to utf-8 while header and encoding is set to encoding used in blog.
this causes trouble when importing later." tott
8455 Enhance usability in Wordpress Import - preselecting matching authors tott Import normal normal WordPress.org enhancement new 2008-12-02T09:27:03Z 2012-09-10T10:21:11Z To increase usability in wordpress imports, especially for imports with many users or imports that are rerun a preselection of authors would increase usability. tott
12981 odd behavior of exclude_tree parameter in wp_list_categories() tott Taxonomy 3.0 normal normal Future Release defect (bug) assigned dev-feedback 2010-04-12T20:10:50Z 2010-11-13T01:26:38Z "When running a query such as
{{{
}}}
the exclude_tree parameter is not obeyed as [10276] introduced a change that would overwrite it with the exclude parameter.
" tott
16990 WP Multisite doesn't use custom db-error.php tmuka Multisite 3.1 normal minor Awaiting Review enhancement new 2011-03-28T19:19:46Z 2011-07-18T01:23:14Z "I suppose this is a feature request. I don't see a way to configure a Multisite install to use the same wp-content/db-error.php file as a single wp site install uses. Instead where the db is down the page dies on ""Error establishing database connection"" wrapped in an
.
It could be a complication of using the HyperDB plugin, but it appears that on line 104 of wp-includes/ms-settings.php when the db is down get_blog_details() obviously fails and wp-includes/ms-load.php:ms_not_installed() is called. Unfortunately ms_not_installed() does not redirect to db-error.php, and instead dies, returning
$title = /*WP_I18N_FATAL_ERROR*/'Error establishing database connection'/*/WP_I18N_FATAL_ERROR*/;
Obviously i could hack in a call to wp-includes/functions.php: dead_db() in ms-load.php, but i try to avoid any core hacking to make upgrades easier.
Does anyone have a suggestion for overriding this behavior cleanly? perhaps something in wp-WP_CONTENT_DIR/sunrise.php ?
I suppose if somebody else is interested in the simple fix, here it is. In ""function ms_not_installed"" on line 224 of wp-includes/ms-load.php, insert dead_db();
like this...
{{{
function ms_not_installed() {
dead_db(); //hacked this in so we can get use our custom db-error.php
}}}
The bottom line is that now the visitor will potentially see a more friendly error message when the db or db table is unavailable." tmuka
20140 Ask old password to change user password tman4506* Security normal normal Awaiting Review feature request accepted dev-feedback 2012-02-29T12:55:38Z 2012-08-26T16:14:53Z "I have experienced this in various sites and i think
it adds extra security.
We must ask for the old password when the user tries to change the password" nprasath002
18999 Quotes in emails titi General 3.2.1 normal major Awaiting Review defect (bug) new reporter-feedback 2011-10-19T10:39:28Z 2011-12-19T01:57:53Z "Quotes are displayed in plain HTML CODE
{{{
’
}}}
instead of the a real quote.
This bug is in any email reply notifications containing quote in the post.
Using BBPress 2.0 with Wordpress. French language." thibotus01
6969 Don't apply wptexturize() to the insides of shortcode tags tellyworth Formatting 2.5.1 normal normal Future Release enhancement new needs-unit-tests 2008-05-14T11:47:58Z 2011-05-31T08:45:13Z "I have this for my post contents:
{{{
[code lang=""php""]$foo = 'bar';[/code]
}}}
The problem is my shortcode function gets this passed to it for the content string:
{{{
$foo = ‘bar’;
}}}
`wptexturize()` should be smart enough to not format the contents of registered shortcodes. If plugins want their contents formatted, they can pass the contents to the `wptexturize()` function itself." Viper007Bond
6819 EXIF data extracted from uploaded images stored incorrectly tellyworth Media 2.5 normal normal Future Release defect (bug) new 2008-04-23T01:13:19Z 2009-11-23T15:25:26Z Currently extracted EXIF data is stored as a single custom field with a serialized array containing all the data - it should be stored with one-custom-field per data entry, probably with the exif_ prefix. matt
5953 Absolute upload_path fails tellyworth Upload normal normal Future Release defect (bug) reopened 2008-02-22T05:39:43Z 2009-11-20T20:03:34Z "1. On Options/Misc, enter ""/tmp/foo/bar"" as a value for the upload path setting.
2. Write a new post and attach an image.
Expected: the image file should be stored as /tmp/foo/bar/2008/02/file.jpg or similar.
Actual: a 'tmp/foo/bar' subdirectory is created within ABSPATH (if that's possible) and the file is stored there. Both the filesystem path and URL path just append '/tmp/foo/bar', so you get 'ABSPATH//tmp/foo/bar/2008/02/file.jpg' and 'http://example.com//tmp/foo/bar/2008/02/file.jpg'
An absolute upload_path should probably be rejected unless you also specify an upload_url_path, because there's no way to know what URL corresponds to an arbitrary filesystem path.
" tellyworth
12945 Constrain wp_page_menu() technosailor* General normal normal Future Release defect (bug) accepted 2010-04-09T19:39:51Z 2010-05-02T18:49:39Z "The wp_page_menu() function is the default callback for wp_nav_menu(). IOW, when a user is not using the new menu system, it defaults to this function. While that is good, any number of pages over, say 10, will make a theme puke in many cases.
As a workaround, I suggest we make a default of wp_page_menu() to exclude all pages() except home. It's a stupid idea, I think, but something needs to be done to make this manageable so I'm looking for feedback.
The Pro of taking this approach is that it encourages customization of menus via the WP menu system. It also does not lock theme devs into a particular approach because this stuff can be overidden via arguments and filters.
The con is that the default callback becomes pretty benign and useless. Almost pointless.
Ideas?" technosailor
8994 Incorporate MediaRSS Plugin into core technosailor Feeds normal normal Future Release feature request new 2009-01-29T18:00:20Z 2013-01-05T09:05:59Z Per conversation on the hackers list, this ticket is a working area for incorporation of the MediaRSS plugin (http://wordpress.org/extend/plugins/mrss) into core for WP 2.8. technosailor
8298 wp_page_menu needs to override wp_list_pages include argument to be functional technosailor Template 3.0 normal normal Future Release defect (bug) assigned has-patch 2008-11-20T19:43:12Z 2010-10-26T13:08:12Z "In exploring the new wp_page_menu() function, I realized that there is a byproduct of wp_list_pages that is unintuitive and possibly problematic for people wanting to output a menu. The 'include' argument overrides the use of child_of, parent, meta_key and meta_values parameters.
Menu creation assumes that only some top level pages will need to be used, thus the need for 'include', but wp_list_pages assumes that if you're including only a subset of pages, you're not including the subpages as well. Makes sense on both accounts.
For menu authors, I think expected behavior is that a top level menu would include subpages as well (e.g. a rollover horizontal nav).
I'm submitting a patch that delivers that expected behavior to only the new wp_page_menu() template tag. It reverse engineers the include by using the 'exclude' argument to exclude all pages except the ones passed with the wp_page_menu 'include' argument." technosailor
9153 wp_list_pages cannot handle multiple exclude_tree arguments tbrams Template 3.0 normal normal Future Release defect (bug) reopened has-patch 2009-02-17T15:32:48Z 2013-05-07T19:41:48Z "When trying to set up a menu based on wp_list_pages and a long list of chapters I did not want on the front page, I learned that wp_list_pages ignored all exclude_tree arguments - except for the first one.
For example, using:
{{{
wp_list_pages('exclude_tree=132,502,715,852,109,153,149&title_li=&sort_column=menu_order' );
}}}
to generate the menu at http://ttu.no was a no go, because it returned far to many sections in the menubar (despite my efforts to explicitly exclude a lot of these)
Although it is certainly not a show stopper, it is really annoying when you need a drop down menu on your website and know exactly how it should work in theory, so I have found a solution for this already and am just trying to figure out how I can convey my suggested fix to the official Open Source Repository." tbrams
18801 Accessibility Enhancements to Settings API taupecat* Accessibility 3.2.1 normal normal Awaiting Review enhancement accepted has-patch 2011-09-28T14:59:44Z 2013-01-03T19:25:35Z "I've only started working with the Settings API, but right off the bat I noticed two fairly major, but should be not too difficult to fix, accessibility issues.
1) The label/input field pairs are missing the HTML