__group__	ticket	summary	reporter	owner	component	_version	priority	severity	milestone	type	_status	workflow	_created	modified	_description	_reporter
Commit Candidates	8592	Private Pages not listed in the Parent dropdown	mtdewvirus	nacin	Administration	2.7	normal	major	Future Release	enhancement	reopened	commit	2008-12-12T16:22:24Z	2013-02-28T12:51:59Z	"Private pages are not available as a choice in the Parent dropdown of the Attributes module.

You should be able to create a hierarchy of private pages if you want to.

Tested with r10194."	mtdewvirus
Commit Candidates	20220	add test to see if sunrise === on in ms-settings	sboisvert		Multisite	3.0	normal	normal	Future Release	enhancement	new	commit	2012-03-12T19:06:56Z	2012-11-02T22:49:31Z	"We needed to disable sunrise for certain requests. 

We thought about declaring sunrise before including wp-load, but setting it to 'off'. Then having a conditial in the wp-config that only defines it to on if it is not defined and then in ms-settings to a additional check to see if sunrise is defined and equal to on. (the patch I am adding does not have the wp-config if !defined() as wp-config doesn't get updated, but if someone feels it is helpful I can add it)

Others could of changed the default defined value of sunrise and this could break bc. I am therefore not sure if the limited use case warrants it. But I thought I would suggest it."	sboisvert
Needs Dev / Bug Wrangler Feedback	12295	More support to customize user profile edit page	pampfelimetten	nacin*	Users	3.0	normal	normal	Future Release	enhancement	accepted	dev-feedback	2010-02-19T21:14:01Z	2013-05-15T12:02:10Z	"Right now I can edit the contact methods via the user_contactmethods filter, but I can not modify or remove the Personal Options or the Name Options.
I want to keep the interface as simple as possible for my users, and I don't think that they need to edit this settings at all.
If wp wants to be a cms, it should give me control over this aspect as well.
At least, give me custom css-ids, so I can remove it via css!"	pampfelimetten
Needs Dev / Bug Wrangler Feedback	19549	Please remove X-Mailer from class-phpmailer	jwz	westi	External Libraries	3.3	normal	minor	Future Release	enhancement	assigned	dev-feedback	2011-12-14T20:37:14Z	2012-06-02T13:32:25Z	"It is nobody's business what software I am using to send mail, or what version number it is. Providing version numbers of server-side packages to strangers is an unnecessary security exposure.  With each update to WordPress, I apply this patch.  I would appreciate it if you would either include this patch yourselves, or provide a hook where I can do this myself without modifying the source.


{{{
--- wp-includes/class-phpmailer.php	5 Jul 2011 20:53:19 -0000	1.3
+++ wp-includes/class-phpmailer.php	14 Dec 2011 19:43:32 -0000
@@ -1129,8 +1129,8 @@
     } else {
       $result .= sprintf(""Message-ID: <%s@%s>%s"", $uniq_id, $this->ServerHostname(), $this->LE);
     }
-// jwz: no.    $result .= $this->HeaderLine('X-Priority', $this->Priority);
-// jwz: no.    $result .= $this->HeaderLine('X-Mailer', 'PHPMailer (phpmailer.sourceforge.net) [version ' . $this->Version . ']');
+    $result .= $this->HeaderLine('X-Priority', $this->Priority);
+    $result .= $this->HeaderLine('X-Mailer', 'PHPMailer '.$this->Version.' (phpmailer.sourceforge.net)');
 
     if($this->ConfirmReadingTo != '') {
       $result .= $this->HeaderLine('Disposition-Notification-To', '<' . trim($this->ConfirmReadingTo) . '>');

}}}"	jwz
Needs Dev / Bug Wrangler Feedback	10249	Page slug in cyrillic = Error 404 - Not Found!	kalifi	westi*	Permalinks	2.7	normal	major	Future Release	defect (bug)	accepted	needs-unit-tests	2009-06-23T19:44:34Z	2012-04-27T19:04:18Z	"When I create a page with page slug for example ""киро""
then when I try to open domain/киро - Error 404 - Not Found

The permalinks are %postname%

Post slug with this slug is working just fine, the same BUG exists in 2.7, 2.7.1 and 2.8"	kalifi
Needs Docs or Unit Tests	16330	media_sideload_image() broken with filenames containing strange characters (e.g., +, %)	Coolkevman		Media	3.1	normal	major	Future Release	defect (bug)	reopened	needs-unit-tests	2011-01-21T13:56:19Z	2013-03-17T10:31:55Z	"I'm using the {{{media_sideload_image()}}} method in the upcoming version of my [http://wordpress.org/extend/plugins/e107-importer/ e107 Importer script] (see: http://github.com/kdeldycke/e107-importer/blob/b7925fdac6aa43db4be5b7925265a83d95fc62ad/e107-importer.php#L277 ) to upload remote images into WordPress.

This method work as expected with lots of images from a lot of different sources, but fail on URLs containing spaces.

Let me illustrate this bug with an example.

When trying to upload the image located at
{{{
http://home.nordnet.fr/francois.jankowski/pochette avant thumb.jpg
}}}
the result looks like this on the file system: http://twitpic.com/3s0dk7 . As you can see, image file names are clean. But in the Media Manager, here is what you have: http://twitpic.com/3s0e5d . No thumbnails seems to have been created.

Now, trying to fix this, I modified the original URL before calling {{{media_sideload_image()}}} with the following code:
{{{
  $img_url = str_replace(' ', '%20', html_entity_decode($img_url));
  $new_tag = media_sideload_image($img_url, $post_id);
}}}
With this patch, here is the result on the filesystem: http://twitpic.com/3s0ets . I was surprised by WordPress not sanitizing URLs. Is that normal ?

But the most surprising stuff is in the Media Manager: http://twitpic.com/3s0hup . It looks like thanks to this hack, WordPress somehow succeeded downloading the remote file but messed with filesystem naming. What let me think this ? The Media Manager, get the right image thumbnail dimensions but not the binary payload of the thumbnail (contrary to the case above were no binary nor dimensions are available about the thumbnail).

All of this was tested in WordPress 3.1-RC2.

As for the idea of the patch above, it come from a very old version of my plugin (v0.9) that was based on WordPress 2.3.2. There, I somehow found the root cause of the problem, [http://github.com/kdeldycke/e107-importer/blob/e107-importer-0.9/e107.php#L410 according the comment I wrote 3 years ago]:
{{{
 // The fopen() function in wp_remote_fopen() don't like URLs with space chars not translated to html entities
}}}

I should have posted this bug report sooner, as now I've forgotten everything about this issue... :("	Coolkevman
Needs Docs or Unit Tests	20026	Adding a post_type filter in wp.getComments	nprasath002	westi	XML-RPC		normal	normal	Future Release	enhancement	reviewing	needs-unit-tests	2012-02-12T15:48:53Z	2012-08-05T19:45:16Z	This will be usefull when with the new custom post type support in XMLRPC	nprasath002
Needs Docs or Unit Tests	17450	Almost pretty permalinks with non-ASCII characters do not work in Apache	peaceablewhale	westi	Permalinks	3.1	normal	major	Future Release	defect (bug)	reopened	needs-unit-tests	2011-05-16T05:53:14Z	2012-04-27T19:03:50Z	Almost pretty permalinks (using PATH_INFO) with non-ASCII characters do not work in Apache; a not found error is returned. The same permalink works in IIS when UTF-8 is used for server variables. It also works when mod_rewrite is used.	peaceablewhale
Has Patch / Needs Testing	20904	WP_Query instances getting entangled with $wp_query global	boonebgorges		Query		normal	normal	Future Release	defect (bug)	new	has-patch	2012-06-11T11:55:39Z	2013-05-14T13:25:32Z	"`WP_Query::the_post()` fires `setup_postdata()`, which then uses `get_query_var()`. `get_query_var()`, in turn, calls the `get()` method on the `$wp_query` global object. In this way, WP_Query instances are not truly insulated from each other - they all are tied up with `$wp_query` in a way that seems unnecessary, and causes fatal errors in some cases.

In normal use, you would never really notice the issue, because after the `'init'` action, the following offending line in `setup_postdata()` will return the 'page' query var from `$wp_query`:

{{{
$page = get_query_var('page');
}}}

And, since secondary `WP_Query` instances don't paginate in the same way as the primary query, the 'page' property on those instances doesn't matter much. So, while the value of `$page` is not strictly speaking correct in these cases (it comes from the wrong object), it generally fails silently.

However, if you instantiate a WP_Query object before 'init', you get a fatal error, because `$wp_query->get()` is an undefined method. Here's a simple mu-plugin that will demonstrate the problem:

{{{
function bbg_create_early_wp_query_object() {
	$q = new WP_Query( array(
		'post_type' => 'post'
	) );

	if ( $q->have_posts() ) {
		while ( $q->have_posts() ) {
			$q->the_post();
		}
	}
}
add_action( 'plugins_loaded', 'bbg_create_early_wp_query_object' );
}}}

My suggested solution is to move the `setup_postdata()` logic into a method of the `WP_Query` class, and then use `$this->get( 'page' )` rather than `get_query_var( 'page' )`, to ensure that you're referring to the query vars of the correct query object. The old function `setup_postdata()` then becomes a wrapper for `$wp_query->setup_postdata()`.

In addition, I modified the way that the `$more` global is set, so that it references the current object as well. This prevents `_doing_it_wrong()` errors when firing up a `WP_Query` instance before `'init'`."	boonebgorges
Has Patch / Needs Testing	16854	wp_query does not handle multiple exclude author properly	commentluv		Query	3.1	normal	normal	Future Release	enhancement	new	has-patch	2011-03-14T11:35:11Z	2013-04-25T17:07:03Z	"when making a query with $args containing 

{{{
'author' => '-2,-3,-4'
}}}

line 2008 of wp-includes/query.php only uses 1 element of the array that is created from the 
{{{
$q['author'] string
}}}

{{{
 $q['author'] = explode('-', $q['author']);
 $q['author'] = (string)absint($q['author'][1]);
}}}

I have attached a patch that works with 1 or more excluded authors

essentially it, implodes the array back into a string of author ID's rather than selecting only element [1] of the exploded array

{{{
$q['author'] = explode('-', $q['author']);
$q['author'] = implode('',$q['author']);
}}}
"	commentluv
Has Patch / Needs Testing	10823	Bad handling of ampersand in post titles	Commeuneimage		Formatting	2.8.4	normal	minor	Future Release	defect (bug)	new	has-patch	2009-09-21T10:59:50Z	2013-01-23T22:12:06Z	"Titles with ampersand (&amp;) are not correctly handled:[[BR]]

1/ the_title_attribute() doesn't transform & to &amp; causing XHTML validation errors[[BR]]

2/ titles with & followed by ; generate truncated post name (slug)
e.g. ""Test this & believe ; what ?"" => ""test-this-what"""	Commeuneimage
Has Patch / Needs Testing	19949	Make update_post_thumbnail_cache() work for any instance	scribu		Performance		normal	normal	Future Release	enhancement	new	has-patch	2012-02-02T22:40:03Z	2012-11-27T00:32:47Z	It would be useful if update_post_thumbnail_cache() [17883] would accept an optional $wp_query parameter, so that users aren't forced to use query_posts() in order to benefit from it.	scribu
Has Patch / Needs Testing	20569	We need addslashes_deep()	alexkingorg		General	3.4	normal	major	Future Release	defect (bug)	new	has-patch	2012-04-29T08:08:28Z	2012-09-02T03:15:55Z	"
I don't imagine anyone still feels that having `update_metadata()` call `stripslashes_deep()` is still the Right Thing to do, but I understand why removing it is basically impossible for backward compatibility reasons.

That said, !WordPress as a platform does not currently provide a way for this data to be stored accurately as a meta value:

{{{
$data = array(
	'Check me out, I have backslashes \\'
);
update_post_meta($post->ID, 'my_key', $data);
}}}

I'm not saying that this is a great deal better from a code purity standpoint:

{{{
$data = array(
	'Check me out, I have backslashes \\'
);
update_post_meta($post->ID, 'my_key', addslashes_deep($data));
}}}

but it's at least explainable.

Telling people they have to do something like this:

{{{
$data = array(
	'Check me out, I have backslashes \\'
);
$slashed_data = array();
foreach ($data as $item) {
	$slashed_data[] = addslashes($item);
}
update_post_meta($post->ID, 'my_key', $slashed_data);
}}}

or this:

{{{
if (!function_exists('addslashes_deep')) {
/**
 * Navigates through an array and adds slashes to the values.
 *
 * If an array is passed, the array_map() function causes a callback to pass the
 * value back to the function. Slashes will be added to this value.
 *
 * @since 3.4.0? (oh please, oh please, oh please)
 *
 * @param array|string $value The array or string to be slashed.
 * @return array|string Slashed array (or string in the callback).
 */
function addslashes_deep($value) {
	if ( is_array($value) ) {
		$value = array_map('addslashes_deep', $value);
	} elseif ( is_object($value) ) {
		$vars = get_object_vars( $value );
		foreach ($vars as $key=>$data) {
			$value->{$key} = addslashes_deep( $data );
		}
	} else {
		$value = addslashes($value);
	}

	return $value;
}
}

$data = array(
	'Check me out, I have backslashes \\'
);
update_post_meta($post->ID, 'my_key', addslashes_deep($data));
}}}

is just indefensible.

FWIW, @rboren created this function as [http://core.trac.wordpress.org/attachment/ticket/12402/12402.2.diff part of a patch] a couple of years back (#12402), but it hasn't landed yet. Pretty please can we get just this bit in for 3.4?"	alexkingorg
Has Patch / Needs Testing	19347	Ugly alert: false !== strpos( $which_one_was_needle, $this_one )	nbachiyski	westi	General		normal	normal	Future Release	enhancement	reviewing	has-patch	2011-11-23T22:08:02Z	2012-06-28T16:29:40Z	"In WordPress {{{strpos()}}} is used hundreds of times. Very large percentage of those calls are trying to accomplish one of these 3 goals:

 * Check if a string starts with another string
 * Check if a string contains another string
 * Check if a string ends with another string

The code for doing these 3 things is not very readable, ugly, and error-prone:

{{{
0 === strpos( $one_string, $other_string )
false !== strpos( $one_string, $other_string )
strpos( $one_string, $other_string ) == ( strlen( $one_string ) - strlen( $other_string )
}}}

I propose we introduce functions to hide the ugliness and the complexity behind these three common operations:

 * {{{wp_startswith( $haystack, $needle )}}}
 * {{{wp_in( $needle, $haystack )}}}
 * {{{wp_endswith( $haystack, $needle )}}}

The logic of the arguments order is consistent and easy to remember:

''first argument'' '''verb''' ''second argument''.

 * everything starts with a beginning translates to {{{wp_startswith( ""everything"", ""a beginning"" )}}}
 * goat is in  distress translates to {{{wp_in( ""goat"", ""distress"" )}}}
 * movie ends with happy end translates to {{{wp_endswith( ""movie"", ""happy end"" )}}}

These three functions are happily used in GlotPress and WordPress.com.

The implementations are attached."	nbachiyski
Has Patch / Needs Testing	20779	Recommend a user updates keys/salts in maint/repair.php	nacin		Security		normal	normal	Future Release	enhancement	new	has-patch	2012-05-29T18:03:19Z	2012-06-27T20:29:33Z	"In maint/repair.php, we tell a user they need to add WP_ALLOW_REPAIR.

Since they are already going into wp-config.php, we should also encourage them to update their unique phrases for keys and salts, assuming they do not have a complete set of 8 unique ones already."	nacin
Has Patch / Needs Testing	20903	Exporter gets stuck in a loop a loop/break in the category hierarchy	westi	westi	Export	3.1	normal	normal	Future Release	defect (bug)	new	has-patch	2012-06-11T11:26:07Z	2012-06-12T08:13:02Z	"Ideally it should be impossible for a loop/incorrect parentage in a category hierarchy to exist.

But sometimes they do.

If one does exist then {{{export_wp()}}} gets stuck :(

It gets stuck in this code:

{{{
		// put categories in order with no child going before its parent
		while ( $cat = array_shift( $categories ) ) {
			if ( $cat->parent == 0 || isset( $cats[$cat->parent] ) )
				$cats[$cat->term_id] = $cat;
			else
				$categories[] = $cat;
		}
}}}

Similar to #20635 but different."	westi
Has Patch / Needs Testing	13820	AJAX update the comment bubbles on edit-comments.php	matt		Comments	3.0	normal	normal	Future Release	task (blessed)	assigned	has-patch	2010-06-10T13:45:27Z	2012-03-08T01:58:35Z	"We update the bubble in the Comments admin menu item. We should also update the counts in the ""In Response To"" bubbles, as well as the bubble color."	matt
Needs Patch	20729	Improve Admin Colors CSS enqueuing	westi		Appearance	3.1	normal	normal	Future Release	defect (bug)	new	needs-patch	2012-05-22T17:19:58Z	2012-05-22T17:20:17Z	"The hacky way in which we enqueue the admin colors css means that you get different ordering of the CSS between the development version of the scripts and the script-loader sourced version of the scripts.

This can cause CSS bugs which don't show when developing but do when running with the script loader - e.g. #16827

It also makes it harder to implement a custom css concatenator.

We should do something like - http://core.trac.wordpress.org/attachment/ticket/16827/colors-hacked-fixed.diff

To make this properly enqueue the styles.

We should also make this kind of call fire a {{{_doing_it_wrong()}}} as {{{true}}} is not a url :)

{{{
$styles->add( 'colors', true, array('wp-admin') );
}}}

This code harks back from [7976]"	westi