tags manually in order to make carousel of images work." Looimaster trunk Defects Awaiting Review, reported against trunk 24347 get_the_post_format_image() should use filtered content for image extraction Post Formats normal defect (bug) new 2013-05-15T19:56:19Z 2013-05-15T21:55:45Z "Any plugin that modifies image paths through the `image_downsize` and `the_content` filters prevents `get_the_post_format_image()` from properly removing the first parsed image from the content later passed to `get_the_remaining_content()`. When `get_the_post_format_image()` parses post content to extract an image, the content is accessed directly from the `$post` global without applying the `the_content` filter. In the case of a user with a CDN plugin such as Jetpack Photon enabled, this causes the string replacement meant to strip out the first image to fail because the image path returned by `wp_get_attachment_image_src()` is modified through the `image_downsize` filter. Since the corresponding filter hooked to `the_content` hasn't modified the content the string replacement is applied to, the parsed image isn't removed from the content." ethitter trunk Defects Awaiting Review, reported against trunk 24317 "Custom Taxonomy Overview page gives wrong ""Filter Posts by Term"" URL parameter" General normal defect (bug) closed 2013-05-11T13:04:45Z 2013-05-11T22:51:59Z "In the admin interface, if we go into Posts > Categories, or Posts > Tags, we see an table showing all our Categories/Tags. The right column of that table shows the number of Posts for each Category/Tag. That number is hyperlinked - when we follow it, we see a listing of all the Posts that have that Category/Tag. For ''Categories'', the link is built like this: - wp-admin/edit.php?category_name=my_category_term For ''Tags'', it looks like this: - /edit.php?tag=my_tag_term Now, let's say we create a ''Custom Taxonomy'', called ""foo"". Automatically, WordPress gives us an overview of that taxonomy, at /edit-tags.php?taxonomy=foo - so far, all is good. '''The issue:''' Let's say we have a taxonomy term named ""bar"". Let's imagine that the term has been applied to 3 Posts. If we click that number/link, we arrive at /edit.php?foo=bar '''Expected result:''' We expect to see a filtered list, showing the Posts that have the ""bar"" term assigned (in our example, 3 Posts). '''Actual result:''' The ?foo=bar parameter has no visible effect: it doesn't isolate the 3 Posts with the ""bar"" term. We see the complete list of Posts, without any filtering - the same as visiting /edit.php '''What works:''' If we ''manually'' change the URL parameter to make it look like this: wp-admin/edit.php?taxonomy=foo&term=bar we do achieve the expected result: we see our list of 3 Posts. Hooray! '''What needs to be done:''' We need to change the function that generates those filtering URL parameters for Custom Taxonomies on the edit-tags.php page." tar.gz trunk Defects Awaiting Review, reported against trunk 24211 WPMU works with example.com but not sub.example.com Multisite normal defect (bug) new 2013-04-28T12:00:24Z 2013-04-28T12:19:00Z "Installtion 1: I created a WPMU installation on http://example.com/ domain with http://example.com/site/ link structure and it works just fine. Users can register new blogs and they can access them using respective links they chose. Installtion 2: I created another WPMU installation on http://test.example.com/ domain with http://test.example.com/site/ link structure and it works just fine. Users can register new blogs and they can access them using respective links they chose. Installation 3: I created yet another WPMU installation on http://test2.example.com/ and it works (I can access main theme, Dashboard etc.) but as soon as user registers new site under http://test2.example.com/site/ - it returns 404 not found in admin panel and when I try to view this website. I copied .htaccess etc. correctly, paths are correct. In case of this installation I also redirected this subdomain to another server. DNS: test2.example.com - record A - 000.000.000.000 (IP of the second server) I bet that it generated invalid .htaccess content but I may be wrong." Looimaster trunk Defects Awaiting Review, reported against trunk 24182 WP_Http_Fsockopen fails when requesting an IP based URL with an explicit Host header HTTP normal defect (bug) new 2013-04-24T22:39:29Z 2013-04-24T22:52:18Z "When requesting a resource with a IP based URL and an explicitly set Host header fsockopen fails. wp_remote_post(): {{{ $url = http://72.233.69.89/1.1/verify-key $args = Array ( [body] => key=xxxxxxxxxxxx&blog=http%3A%2F%2Ffriedcell.si%2Foutbreak [headers] => Array ( [Content-Type] => application/x-www-form-urlencoded; charset=UTF-8 [Host] => rest.akismet.com [User-Agent] => WordPress/3.5.1 | Akismet/2.5.7 ) [httpversion] => 1.0 [timeout] => 15 ) }}} WP_Http_Fsockopen $strHeaders just before [http://core.trac.wordpress.org/browser/trunk/wp-includes/class-http.php#L729 fwrite]: {{{ POST /1.1/verify-key HTTP/1.0 Host: 72.233.69.89 User-agent: WordPress/3.5.1 | Akismet/2.5.7 Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Host: rest.akismet.com Accept-Encoding: deflate;q=1.0, compress;q=0.5 Content-Length: 58 key=xxxxxxxxxxxx&blog=http%3A%2F%2Ffriedcell.si%2Foutbreak }}} The request fails as the first Host header is used. When $arrURL!['host'] is an IP and there is a Host header in $r!['headers'], the Host header should not be added from the URL (http://core.trac.wordpress.org/browser/trunk/wp-includes/class-http.php#L706) so that the explicitly specified Host header is used." friedcell trunk Defects Awaiting Review, reported against trunk 23455 Theme Customizer does not load when static Front Page is moved to Trash Appearance normal defect (bug) new 2013-02-12T12:27:37Z 2013-04-23T22:33:32Z "Steps to reproduce: 1. Go to Pages > Add New, and publish a new page 2. Go to Appearance > Themes > Customize 3. Under Static Front Page, set this new Page as your Front Page. Save changes 4. Go to Pages > All Pages, and trash the page 5. Go back to the customizer * The sidebar loads, but not the preview * I see the following error in the console: http://i.wpne.ws/MpDR When commenting out {{{$this->handle_404();}}} in [http://core.trac.wordpress.org/browser/trunk/wp-includes/class-wp.php#L550 wp-includes/class-wp.php#L550], the Preview appears again, but generates quite a lot of notices. Tested with WordPress Trunk (Version 3.6-alpha-23400)" jeherve trunk needs-patch Defects Awaiting Review, reported against trunk 24139 "Don't show ""Preview"" for locked, non-public post types" Post Types minor defect (bug) new 2013-04-19T17:03:41Z 2013-04-22T12:51:40Z "If a post_type is not public but has {{{show_ui => true}}}, we shouldn't show the preview link on the ""This content is currently locked"" notice." batmoo trunk Defects Awaiting Review, reported against trunk 23980 Title placeholder text disappears when post format is switched Post Formats normal defect (bug) new 2013-04-07T14:22:57Z 2013-04-11T06:34:07Z "Title text box has a place holder text that disappears when you focus on it. If you change the post format to something like quote while still being focused on the title box, you suddenly see several text boxes which are labeled, but the box you are focused on is not labeled and you are not sure what is that box for, is it still the title or something specific for the post format. I suggest to use place holder everywhere. (sorry for the hebrew ui screenshot, but it is clear enough IMO)" mark-k trunk Defects Awaiting Review, reported against trunk 23995 Weird Error After Post Published Successfully General normal defect (bug) new 2013-04-08T20:46:26Z 2013-04-09T23:20:59Z "I didn't get the exact message, but I was stuck on the New Post screen after clicking Publish with something to the effect of: The server connection has been lost. This message will go away once you get reconnected. I ended up clicking on Visit Site and I could see that the post was already published. My server has been acting up a bit today, so I figured this is a good time to test out the new post saving logic. I'm not sure if this was the intended experience though? Tested on 3.6-beta1. Only happened once so far." miqrogroove trunk Defects Awaiting Review, reported against trunk 23826 Funky conditional tags for posts archive Query normal defect (bug) new 2013-03-20T13:51:22Z 2013-04-04T04:14:12Z "If a WordPress install is set to ""Front page displays ... Your latest post"", then some funky conditional tags are set. Of interest here are: {{{ [""is_home""]=> bool(true) }}} Sure, makes sense. {{{ [""is_post_type_archive""]=> bool(false) }}} Erm, what? Isn't this the post type archive for the posts post type? {{{ [""is_archive""]=> bool(false) }}} Isn't this also an archive? This means is_post_type_archive( 'post' ); doesn't work anywhere. I also attempted creating a ""posts page"" for blog posts, and got the same results." ericlewis trunk Defects Awaiting Review, reported against trunk 23886 Use set_url_scheme for draft Preview links in post table Administration normal defect (bug) new 2013-03-29T01:20:52Z 2013-03-29T01:23:03Z "When using FORCE_SSL_ADMIN and this filter to prevent non-SSL preview of posts: {{{ add_filter('secure_logged_in_cookie', '__return_true'); }}} Preview links for unpublished drafts on `wp-admin/edit.php` do not use SSL and will 404. This can be fixed by using `set_url_scheme` for the unpublished preview link. A similar unpublished preview link in `meta-boxes.php` was changed to use `set_url_scheme` in [21664]. For context, see #20759, #13328." reidburke trunk has-patch Defects Awaiting Review, reported against trunk 23685 Explicitly globalize version variables Unit Tests normal defect (bug) new 2013-03-04T11:00:09Z 2013-03-04T17:24:03Z "When WordPress is loaded in a function (e.g. unit tests) the variables initialized at the top level aren't globals, but we expect them to be. For example, if in a unit test there is no way to access `$wp_version`. Neither via `$wp_version` (it's not in the same scope), not via `$GLOBALS['wp_version']` (it's not a global). To fix that we need to explicitly make the version variables global. See #17749." nbachiyski trunk has-patch Defects Awaiting Review, reported against trunk 23506 get_terms() assumes its taxonomies argument is a numeric array with a 0 key Taxonomy normal defect (bug) new 2013-02-18T23:41:42Z 2013-02-19T00:36:21Z "In a few places in `get_terms()` we are using `$taxonomies[0]` after we've established that we have more than one taxonomy. The array isn't always 0-based, though. For example, `get_taxonomies()` returns arrays with the taxonomy name as a key, which breaks this pattern. In the attached patch, the taxonomies are run through `array_values()`, which gives us a 0-based array of the taxonomies." nbachiyski trunk has-patch Defects Awaiting Review, reported against trunk 23492 svn:ignore wp-config.php General minor defect (bug) new 2013-02-17T17:59:42Z 2013-02-17T17:59:42Z `wp-config.php` very often exists in Subversion checkouts, but it should never be committed. Could we add a `svn:ignore` property for it? nbachiyski trunk Defects Awaiting Review, reported against trunk 23383 High archive page numbers cause invalid database queries Database normal defect (bug) new 2013-02-04T20:36:30Z 2013-02-05T13:46:24Z "Visiting `http://www.viper007bond.com/category/videos/page/6805063692754011230` on my site generates the following database query: `SELECT SQL_CALC_FOUND_ROWS wp_posts.ID FROM wp_posts INNER JOIN wp_term_relationships ON (wp_posts.ID = wp_term_relationships.object_id) WHERE 1=1 AND ( wp_term_relationships.term_taxonomy_id IN (21) ) AND wp_posts.post_type = 'post' AND (wp_posts.post_status = 'publish' OR wp_posts.post_status = 'private') GROUP BY wp_posts.ID ORDER BY wp_posts.post_date DESC LIMIT 6.805063692754E+19, 10` Note the scientific notation `LIMIT` value. PHP: 5.3.15-pl0-gentoo[[BR]] MySQL: 5.2.12[[BR]] WordPress: r23386 " Viper007Bond trunk Defects Awaiting Review, reported against no version 20325 Menu item parent classes for page_for_posts (home.php) not properly set on single.php Menus normal defect (bug) new 2012-03-29T12:50:06Z 2013-05-21T14:38:33Z If one has set page_for_posts (Settings => Read), on single.php wp_nav_menu() will set current_page_parent for the accordant menu item, but it will not set any parent or ancestor classes for its parent menu items as expected. [tested with 3.3.1] ptietz needs-patch Defects Awaiting Review, reported against no version 23382 WordPress admin panel lags Editor normal defect (bug) new 2013-02-04T19:02:20Z 2013-05-20T00:01:32Z "I'm using Windows 7, brand-new laptop with i7 processor, 8GB RAM and 1080p resolution. I have created a post with 15 1920x1080 images in it and a lot of content (25000 characters). Results: === CHROME & CHROME CANARY === It's far from being usable at all. It lags that much that cursor doesn't even change from ""default"" to ""pointer"" when I hover over ""Publish"" button. Even switching to WordPress Admin Panel tab takes 5 seconds. Textareas are not resizable because lags prevent my mouse cursor from doing anything. Actually, entire Admin Panel lags, all these Drag&Drop widgets etc. === FIREFOX === A bit better than Chrome, everything lags but at least I can resize textareas and after 10 seconds it becomes usable. Nonetheless, it's not as smooth as other websites. === IE10 === Excellent. Not even a single slowdown! === SAFARI === Very close to IE10. I think that WordPress Admin Panel is stuffed with heavy Javascript. Maybe it's worth taking a look at that. The module that seems to be the heaviest is TinyMCE - when this appears then lags appear as well. Chrome works fine everywhere except WP Admin Panel. Good luck guys and thank you for your hard work during WordPress development :) My complaints are here only to make it better. I can live with these lags (since I can do it in IE10) but those are just my thoughts (many people use Chrome)." Looimaster Defects Awaiting Review, reported against no version 24232 Don't Use the_title Filter in get_adjacent_post_rel_link() Template normal defect (bug) new 2013-04-30T18:24:04Z 2013-05-16T13:04:10Z "The get_adjacent_post_rel_link() function applies the `the_title` filter to the post title before setting it up in the `` tags. It's really common for the `the_title` filter to be used to modify the actual HTML markup of post titles ([https://github.com/easydigitaldownloads/Easy-Digital-Downloads/blob/master/includes/template-functions.php#L493 see this example for adding product micro data]), but this results in improperly formatting `` tags. See [https://github.com/easydigitaldownloads/Easy-Digital-Downloads/issues/1142#issuecomment-17244063 this github] issue for an example of the result. `get_adjacent_post_rel_link()` should be using an equivalent to `the_title_attribute()` instead. Since there is not a `get_the_title_attribute()` function, I propose two options: 1. Introduce a `get_the_title_attribute( $post_id )` function and then use this in `get_adjacent_post_rel_link()` 2. Simply remove `apply_filters()` and add in `esc_attr( strip_tags( $title ) )` instead. My vote would be to introduce a `get_the_title_attribute()` function." mordauk has-patch Defects Awaiting Review, reported against no version 22619 add_rewrite_endpoint generates incorrect attachment rules Rewrite Rules normal defect (bug) new 2012-11-28T08:47:43Z 2013-05-15T17:31:34Z "{{{add_rewrite_endpoint}}} with {{{EP_ALL}}} or {{{EP_ATTACHMENT}}} results in incorrect endpoint matches. The index set for the endpoint value is {{{2}}} which ends up returning the slash as well. The index should actually be {{{3}}} since we only care about the inner match. Example: {{{add_rewrite_endpoint( 'my-endpoint', EP_ALL )}}} Results in rules like (dump from {{{$wp_rewrite->generate_rules}}}: {{{ '.?.+?/([^/]+)/my-endpoint(/(.*))?/?$' => string(35) ""index.php?attachment=$1&my-endpoint=$2"" '.?.+?/attachment/([^/]+)/my-endpoint(/(.*))?/?$' => string(35) ""index.php?attachment=$1&my-endpoint=$2"" }}} Visiting a {{{my-endpoint}}} URL for an attachment like {{{/2012/01/01/post-name/attachment/my-endpoint/foo/}}} will return the value of {{{get_query_var( 'my-endpoint' )}}} as {{{/foo}}} instead of {{{foo}}}." batmoo Defects Awaiting Review, reported against no version 24328 blogname and blogdescription strip content between angle brackets Administration normal defect (bug) new 2013-05-13T09:12:06Z 2013-05-15T13:18:35Z "I was trying to set my Site Title to ''''''. On saving the settings, the field returned empty. The same problem occurred with the Tagline. After looking into `wp-admin/options.php`, I noticed that there was no provision made for escaping the fields." aniketpant has-patch Defects Awaiting Review, reported against no version 24296 Viddler oembed has new endpoint, old one strips maxwidth Embeds normal defect (bug) new 2013-05-09T17:34:41Z 2013-05-09T17:34:41Z "Viddler changed their oembed endpoint: http://developers.viddler.com/documentation/oembed/ Now it's ""http://www.viddler.com/oembed/"" instead of ""http://lab.viddler.com/services/oembed/"". They have the old endpoint redirecting, but unfortunately, the redirection strips off the maxwidth (and possibly other) parameters, which can result in incorrectly sized videos when using oembed with Viddler. Example: http://lab.viddler.com/services/oembed/?url=http://www.viddler.com/v/bdce8c7&format=json&maxwidth=250 Redirects to: http://www.viddler.com/oembed/?url=http://www.viddler.com/v/bdce8c7&format=json We should change the endpoint in class-oembed.php to the new one. If the new endpoint is used directly, with no redirect, then it does correctly handle the maxwidth parameter. " Otto42 Defects Awaiting Review, reported against no version 24237 Draft Pages Missing Parent Slug In Permalink Permalinks minor defect (bug) new 2013-05-01T12:13:26Z 2013-05-09T10:37:58Z "Draft pages are missing the direct parent's slug as part of the permalink. When the page is published it does receive the correct full permalink. To reproduce: Create a new page. Select a parent. Save draft ( do not publish yet ). Review the permalink that is displayed. It will be missing the parent slug. Add New Page: [[Image(http://f.cl.ly/items/3P2H022E1z0O0J21111t/Screen%20Shot%202013-05-01%20at%208.08.11%20AM.png)]] After Draft is Saved: [[Image(http://f.cl.ly/items/0x2f060v2H2y0E14023K/Screen%20Shot%202013-05-01%20at%208.08.30%20AM.png)]] The permalink should include ""contact"" at this point. It will not until it is published. " lucasstark Defects Awaiting Review, reported against no version 24283 is_active_widget() incorrect logic Widgets normal defect (bug) new 2013-05-08T07:07:41Z 2013-05-08T08:08:37Z "`is_active_widget()` only returns 'true' only if widget used inside sidebar. But there is a provision to use widget directly using `the_widget()` function. I believe there is a need of alter the logic of just checking inside sidebars." valllabh Defects Awaiting Review, reported against no version 14530 Cheating huh? Role/Capability normal defect (bug) reopened 2010-08-04T13:20:56Z 2013-05-06T15:25:02Z "I've sen this infamous error msg more times than I wanted, in my own site where I'm admin. That happens with more frequency when adding a new comment, but some times also inside admin pages. I understand it's generally capability and permission tests that fail, and that happens in pages that ppl without permission to access them shouldn't see links to them, therefore they probably tried direct access to somewhere they shouldn't be going. But also it happens when session expires or due to some bug. In this cases, the user is effectively not doing anything wrong, it may even be WP fault, and when that's the case the message is rude, even offensive to more emotional ppl. Even worse, it gives no hint on what went wrong, so that user can try to fix it. Then I suggest these messages to be changed, to more meaningful and also polite messages. Real cheaters and hackers will already have any info a message may provide, so a better explanation of what went wrong won't help them succeed in their attempt to hack a site, and will help a lot the victims of these errors." shidouhikari has-patch Defects Awaiting Review, reported against no version 24244 Clean post cache when post was moved to trash Cache normal defect (bug) new 2013-05-02T00:36:22Z 2013-05-02T00:36:22Z Clean post cache when post was moved to trash m_uysl has-patch Defects Awaiting Review, reported against no version 24178 An active plugin which switches to network-only is impossible to deactivate Plugins normal defect (bug) new 2013-04-24T18:31:08Z 2013-04-24T18:31:08Z "This might sound like an edge case, but this issue affects W3 Total Cache (which is highly popular) and will affect any other plugin that switches to being a network-only plugin as part of a plugin update. Steps to reproduce: 1. Write a nice plugin and activate it on one of your sites on Multisite. 2. Decide that your plugin should only be network-activated. Add the `Network: true` header to the plugin. 3. Visit the Plugins screen of the site that your plugin is active on. Note that the plugin is nowhere to be seen, even though the plugin is active. Real-world example: The W3 Total Cache plugin was updated recently (or not so recently) to make it a network-only plugin (by adding the header above). The plugin gets hidden from the list of active Plugins on any site that it was individually activated on. This makes it '''impossible to deactivate'''. Even if you activate it network-wide and then deactivate it, the plugin remains active on the site it was originally active on. Solution: Active plugins should always be shown on the Plugins screen of individual sites if they are active on the site but not active network-wide. Loosely related: #18967" johnbillion Defects Awaiting Review, reported against no version 24173 Unit tests: Support subdirectory multisite installs Unit Tests normal defect (bug) new 2013-04-24T05:57:49Z 2013-04-24T09:06:15Z "I have unit tests set up at: localhost/wordpress-tests/ And have set: `define( 'WP_TESTS_MULTISITE', true );` However, currently, unit testing doesn't support subdirectory multisite installs. It fails when installing multisite. Attached patch addresses this and introduces a new constant called `'WP_TESTS_PATH'`. If this is set in `wp-tests-config.php`, this will make sure that PHPUnit can install WP for subdirectory multisite installs." r-a-y has-patch Defects Awaiting Review, reported against no version 23849 Unexpected results when running WP_User_Query with role and meta_query Query normal defect (bug) new 2013-03-22T19:48:50Z 2013-04-24T00:42:11Z "There appears to be a couple of bugs in WP_User_Query when doing a role query and adding additional meta_query options (especially when relation is set to ""OR""). This code: {{{ $args = array( 'role' => 'Author', 'number' => 100, 'offset' => 0, 'meta_query' => array( 'relation' => 'OR', array( 'key' => '_my_key', 'compare' => 'NOT EXISTS', ), array( 'key' => '_my_key', 'value' => 'off', 'compare' => 'NOT LIKE', ), ), ); $users = new WP_User_Query( $args ); }}} Expected results: Any author where _my_key either does not exist or if it does exists is set to ""off"" Returned results: All authors and/or all users with _my_key set. The above generates this SQL: {{{ SELECT DISTINCT SQL_CALC_FOUND_ROWS wp_users.* FROM wp_users INNER JOIN wp_usermeta ON wp_users.ID = wp_usermeta.user_id INNER JOIN wp_usermeta AS mt1 ON (wp_users.ID = mt1.user_id) INNER JOIN wp_usermeta AS mt2 ON (wp_users.ID = mt2.user_id) WHERE 1=1 AND (wp_usermeta.meta_key = '_pigeonpack_subscription' OR (mt1.meta_key = '_pigeonpack_subscription' AND CAST(mt1.meta_value AS CHAR) NOT LIKE '%off%') OR (mt2.meta_key = 'wp_capabilities' AND CAST(mt2.meta_value AS CHAR) LIKE '%\""Author\""%') ) ORDER BY user_login ASC LIMIT 100 }}} This seems like a bug to me, the ""Author"" meta should not be modified by the relation => 'OR' argument and thus should not be included in the other meta query statement. Further, the NOT EXISTS isn't a true NOT EXISTS statement. In fact, I'm not even sure why the NOT EXISTS statement looks the way it does. I haven't had too much time to look into this any more in depth. I tested this in WP3.5 and Trunk " layotte dev-feedback Defects Awaiting Review, reported against no version 24171 "Trashing a page selected as ""Page on Front"" produces homepage 404" General minor defect (bug) new 2013-04-23T21:58:26Z 2013-04-23T22:33:28Z "Steps to produce: 1. Create a new page called ""My Home Page"". Add some bacon ipsum. 1. Assign the page as your static home page. 1. Trash the page, but don't delete it. Expected behavior: My homepage reverts to a list of my most recent posts Actual behavior: 404 template is loaded. In r6337, we started listing most recent posts when the page is ''deleted''. However, there's a short circuit (added later) in `wp_delete_post()` to `wp_trash_post()`, which doesn't delete the option. This results in the homepage not being reset until the post is actually deleted. I think the trashing behavior should be consistent with deleting behavior. Related: #16379, #14403" danielbachhuber Defects Awaiting Review, reported against no version 21602 redirect_canonical can lead to infinite loop on index navigation if site url is not all lower case Canonical normal defect (bug) new 2012-08-15T21:31:17Z 2013-04-23T07:53:55Z "The function redirect_canonical in wp-includes/canonical.php (WordPress 3.4.1) on line 406 and 422 makes the following check: {{{ if ( !$redirect_url || $redirect_url == $requested_url ) return false; }}} This ensures that it does not attempt to redirect you to the page you requested in the first place. However this function is not case sensitive so if the redirect URL is in a different case than the requested URL then the user can enter an infinite redirect loop. (For example if the Site Address (URL) of the site is set to be in all upper case.) This function should do a case-insensitive string comparison since domain names are case-insensitive. The issue only appears to happen with certain plugins installed (ShareThis and PilotPress both led to this issue,) I haven't figured out yet why it's only an issue with certain plugins but it should still be fixed in WordPress to make the proper string comparison. " sreedoap needs-unit-tests Defects Awaiting Review, reported against no version 24122 When opening a file in Plugin Editor, show correct plugin in the dropdown selector Plugins minor defect (bug) new 2013-04-18T12:19:55Z 2013-04-23T02:48:31Z "When opening a file in Plugin Editor, the reloaded page shows the first plugin according to alphabetical order in the dropdown next to ""Select plugin to edit:"". It should default to the plugin the loaded file belongs to. Steps to reproduce 1. Open wp-admin/plugin-editor.php 2. Select any plugin from the ""Select plugin to edit:"" dropdown except the alphabetically first one, eg. WordPress Beta Tester, and click Select. 3. The page reloads and WordPress Beta Tester is shown as the default value in the dropdown, as expected. 4. Click any file under Plugin Files, eg. wordpress-beta-tester/readme.txt -> The page reloads and shows the file in editor. However, ""Select plugin to edit:"" doesn't have a value set and shows the first plugin in alphabetical order by default. -> However, if you chose the main plugin file, eg. wordpress-beta-tester/wp-beta-tester.php, ""Select plugin to edit:"" shows the correct plugin as the default value. Any clicked file should lead to its plugin used as the default value for ""Select plugin to edit:""." Daedalon has-patch Defects Awaiting Review, reported against no version 23465 WXR importer does not import posts if a post with the same title is in the trash Import normal defect (bug) new 2013-02-13T07:11:29Z 2013-04-22T03:12:42Z "1. export a WXR file with some/all posts 2. send posts to trash 3. import the file generated at step 1. 4. for each post there is a message that the post already exist If something is in the trash it should be handled as if it doesn't exist. " mark-k Defects Awaiting Review, reported against no version 24107 Plugin/Theme installer asks for connection info when wp-content is writable but wp-admin is not Filesystem normal defect (bug) new 2013-04-16T21:39:34Z 2013-04-17T01:08:42Z "For background, please see [http://www.chrisabernethy.com/why-wordpress-asks-connection-info/] When installing a new plugin or theme, WP first checks to see if it can directly write to the filesystem. If so, it proceeds. If not, it asks the user for FTP connection info. The directory to which it NEEDS access is /wp-content However, the directory it CHECKS is /wp-admin get_filesystem_method() should be changed (or parameterized) to check only /wp-content in cases where /wp-admin access is not needed. This will allow installations to have a higher filesystem-security setting for /wp-admin than for /wp-content, while still utilizing direct filesystem access." peckjon Defects Awaiting Review, reported against no version 23934 Calling sidebar two times, widgets have the same ID Widgets normal defect (bug) new 2013-04-04T14:03:50Z 2013-04-16T00:20:26Z "If we call in the Twenty Thirteen the function of the sidebar {{{ }}} then the widgets ids from each sidebars are the same. " alexvorn2 Defects Awaiting Review, reported against no version 24084 Fix possible PHP notices after a user is deleted Administration normal defect (bug) new 2013-04-14T22:24:48Z 2013-04-15T23:09:34Z "`get_comment_author()` doesn't check if a user that has commented still exists and may throw a notice. Also can return the user_login where a user name is expected. Same in `edit-form-advanced.php` in the code block that outputs ""Last edited by ..."" under the editor." azaozz Defects Awaiting Review, reported against no version 22519 iPad toolbar location Toolbar normal defect (bug) new 2012-11-20T17:45:44Z 2013-04-15T15:34:13Z "The toolbar moves after using quick edit on a post or page. Also the customizer button look strange on iPad. Steps to reproduce 1: Click quick edit on a post 2: Click ""Allow Pings"" 3: Now the admin toolbar should be be lower on page. (I was able to reproduce 4/5 tries)" MikeHansenMe Defects Awaiting Review, reported against no version 20861 switch_to_blog() breaks custom post type permalinks Multisite normal defect (bug) reopened 2012-06-06T22:30:53Z 2013-04-15T12:18:49Z "When using switch_to_blog() and custom post types, there are very strange results when calling the_permalink() or get_permalink(). For reference, we'll say the root site is blog1 and the second site containing the posts is blog2. Using this code inside the loop: {{{ switch_to_blog( $post->blog_id ); get_permalink(); }}} If the post type is not registered on the current blog, the permalink given will be sitename.com/blog2/slug - when clicking it as href, it brings you the first instance of that slug in the database. If the post type is registered on the current blog, the permalink given will be sitename.com/blog2/blog1/post-type/slug - this link will 404. Related issue: #14992" sickhippie Defects Awaiting Review, reported against no version 23923 wp_get_post_revisions returns incorrect order Revisions minor defect (bug) new 2013-04-03T12:07:19Z 2013-04-08T00:27:47Z "When a post has multiple revisions and each revision has the exact same timestamp, `wp_get_post_revisions` returns revisions in reversed order, causing `wp_save_post_revision` to [http://core.trac.wordpress.org/browser/trunk/wp-includes/revision.php#L116 make a bad choice] for `$last_revision` (which is actually the first revision) and produce an extra revision, even if it has not been changed. In a normal environment this doesn't happen, unless you run `wp_update_post` several times in a row in under one second, so this is an edge case. This edge case causes our [http://core.trac.wordpress.org/browser/tests/trunk/tests/post/revisions.php#L55 revisions.php tests] to fail randomly, depending on whether the updates happened with the same timestamp or not. To reproduce, try running the revisions unit tests several times in a row." kovshenin needs-patch Defects Awaiting Review, reported against no version 23836 add_submenu_page() duplicate menus Administration major defect (bug) new 2013-03-21T16:43:24Z 2013-04-04T03:22:08Z "Creating two sub-menus with the same ""menu slug"" using add_submenu_page() should create only the last sub-menu. But it creates two sub-menus with the same ""menu slug"". Based on documentation ""menu slug"" should be unique for each sub-menu." king_of_the_ring Defects Awaiting Review, reported against no version 23922 make_clickable() breaks when colon in hash Formatting minor defect (bug) new 2013-04-03T00:41:39Z 2013-04-03T19:31:00Z "`make_clickable()` doesn't like this string: {{{ http://en.wikipedia.org/wiki/URI_scheme#tel: }}} It results in this HTML: {{{ http://en.wikipedia.org/wiki/URI_scheme#tel: }}} Specifically it's the colon that is causing the issue. It can be a part of the URL too, it doesn't have to be a part of an anchor." Viper007Bond needs-unit-tests Defects Awaiting Review, reported against no version 23931 wp_insert_comment should require comment_post_ID Comments normal defect (bug) new 2013-04-03T18:41:58Z 2013-04-03T19:06:08Z "At this moment there is no check for example comment_post_ID. Not sure if there are more checks needed. Reason I asked are a few notices on the unit tests caused by WP_UnitTest_Factory_For_Comment. Those comments don't add a post ID what should change. Currently, if a null comment_post_ID is passed, the comment isn't connected to a post. This can create confusion. Also Unit tests should run with WP_Debug on." markoheijnen needs-patch Defects Awaiting Review, reported against no version 23904 CSS glitch when the browser window width isn't right Administration normal defect (bug) new 2013-03-29T21:20:47Z 2013-03-29T22:29:53Z "The post editor's layout now switches when the width of the window is narrow enough. But there's an intermediary zone, at least on Webkit/Safari where it's too narrow for the conditional CSS to kick in, yet too wide for the browser to deal with it. I presume, based on what I was working on a few minutes ago, that it's related to paddings. Screenshot attached." Denis-de-Bernardy Defects Awaiting Review, reported against no version 23805 wp_ajax_add_menu_item() closed to user-created menu item types Menus normal defect (bug) new 2013-03-18T01:41:52Z 2013-03-19T11:53:02Z "I'm building a new Menus meta box, that can add a new type of menu item, lets call it 'foobar'. The conditional inside `wp_ajax_add_menu_item()` is slightly off. It checks that the menu item type is not 'custom', then proceeds to assume that it's either post-type or taxonomy so it can do some DB look-ups and create an `$_object` variable which is then used. This means it's closed to other types of menu items. I've chosen 'foobar', so I can distinguish those items later on when walking through the front-end output." GaryJ has-patch Defects Awaiting Review, reported against no version 17609 'View post' link shown even when post type can't be viewed on the front-end nacin Post Types normal defect (bug) reopened 2011-05-29T23:43:18Z 2013-03-18T21:45:41Z "I have registered a CPT that's not meant to be displayed on the front-end: {{{ 'public' => false, 'show_ui' => true, }}} If I create such a post in the admin area, I still see the 'View post' link after saving and the 'Preview changes' button. Both send me to the same URL, which gives a 404: {{{?post_type_name=single-post-slug}}} Related: #17040" scribu has-patch Defects Awaiting Review, reported against no version 23755 Old /files/ support in new installs Multisite minor defect (bug) new 2013-03-13T13:54:10Z 2013-03-15T13:35:17Z "I moved a blog to a new network that using new upload folder system. Problem is: old /files/ links that using ms-files.php are not working. My temporary fix: Added in .htaccess: {{{ # uploaded files RewriteRule ^files/(.+) wp-includes/ms-files.php?file=$1 [L] }}} Added ms-files.php: {{{ define( 'BLOGUPLOADDIR', WP_CONTENT_DIR . ""/uploads/sites/{$current_blog->blog_id}/"" ); }}} above of: {{{ $file = rtrim( BLOGUPLOADDIR, '/' ) . '/' . str_replace( '..', '', $_GET[ 'file' ] ); }}} Solution is working but I am not happy because it needs to edit core files. Is this working as intended? If it is, what is proper way to define BLOGUPLOADDIR for ms-files.php without breaking anything or editing ms-files.php" unsalkorkmaz Defects Awaiting Review, reported against no version 23377 map_meta_cap() throws error from has_cap() from current_user_can() Role/Capability normal defect (bug) new 2013-02-04T02:49:22Z 2013-03-07T05:57:10Z "Based on the [http://codex.wordpress.org/Function_Reference/current_user_can current documentation], current_user_can() only requires one argument, a capability. However, if I call it from the `save_post` hook with WP_DEBUG turned on, I will receive the following errors: {{{ Notice: Undefined offset: 0 in /var/www/XXXX/htdocs/wp-includes/capabilities.php on line 1067 Notice: Undefined offset: 0 in /var/www/XXXX/htdocs/wp-includes/capabilities.php on line 1067 Notice: Undefined offset: 0 in /var/www/XXXX/htdocs/wp-includes/capabilities.php on line 1067 Warning: Cannot modify header information - headers already sent by (output started at /var/www/XXXX/htdocs/wp-includes/capabilities.php:1067) in /var/www/XXXX/htdocs/wp-includes/pluggable.php on line 876 }}} As a result, the admin save post will die. Basic Sample Code: {{{ if ( ( 'page' == $post->post_type && ! current_user_can( 'edit_page' ) ) || ! current_user_can( 'edit_post' ) ) return; }}} As a result, in my opinion `map_meta_cap()` should ensure that `$args[0]` exists." wpsmith dev-feedback Defects Awaiting Review, reported against no version 21894 tag does nothing in secondary loops when is_single because of $more global Template normal defect (bug) new 2012-09-14T20:11:48Z 2013-03-07T01:19:02Z "In the sidebar of single posts I have a listing of short posts from a particular category. We recently started using the {{{}}} system to define teasers because in this case excerpts are overkill. The ""more"" system works for archive views but does nothing in the sidebar of single posts. The reason is the overly global nature of the {{{global $more}}} variable. It gets defined in {{{setup_postdata()}}} like this: {{{ if ( is_single() || is_page() || is_feed() ) $more = 1; }}} Then in {{{get_the_content()}}} global $more is checked to determine whether to apply the effect of the {{{}}} tag or not: {{{ if ( $more ) { // show full content with span ID } else { // show intro text and more link } }}} This means that any time {{{is_single()}}} is true all posts shown during the pageload ignore {{{}}}, even those who's {{{is_single}}} view we are not on. This seems like an understandable result of the unpopularity of the more tag (and rareness of showing ""full"" posts in secondary loops), but also something that should be fixed. Only the post who's single view we are looking at should have the more tag disabled based on the {{{is_single()}}} check. '''SOLUTION''' As far as I can tell what's needed is to modify {{{get_the_content()}}} and in addition to using {{{global $more}}}, also check if the post being shown is the same as {{{get_queried_object()}}}. My first instinct was to just add the check in the {{{if}}} statement above: {{{ if ( $more AND ( $post-ID == get_the_queried_object_id() ) ) { // show full content with span ID } else { // show intro text and more link } }}} Unfortunately that will screw with the {{{is_feed()}}}-related checks for {{{global $more}}}. Overall my investigation of {{{$more}}} is making me think it should be removed entirely, as it's only used a few times and in all cases its meaning is vague. Either way I think the simplest way to handle the issue in {{{get_the_content()}}} without completely stripping out {{{$more}}} is to use {{{$more}}} as the base for a {{{$show_full_content}}} variable, then set that to false if {{{$post->ID}}} doesn't match {{{get_queried_object_id()}}}: {{{ $show_full_content = $more; if ( is_single() OR is_page() ) { if ($post->ID != get_queried_object_id()) $show_full_content = false; } }}} The new variable gives a better sense of what it will do inside this function, and lets us change the value without stomping the {{{global $more}}}. The attached patch fixes {{{get_the_content()}}} as described above. If core devs are willing to I think the best solution would be to remove all uses of {{{$more}}} and simply replace them with the appropriate logic for the given situation like I've done above for {{{get_the_content()}}}. " jeremyclarke has-patch Defects Awaiting Review, reported against no version 23691 Visiting post-new.php using the back button overwrites an existing post Autosave normal defect (bug) new 2013-03-04T18:54:46Z 2013-03-04T18:54:46Z "1) visit post-new.php 2) write a post 3) publish it 4) click back in your browser 5) write a new post 6) if you save it as draft or publish it, it will overwrite the old post Reproducable in Firefox, Chrome and Safari." jkudish needs-patch Defects Awaiting Review, reported against no version 20368 htmlspecialchars() returns empty string for non-UTF-8 input in PHP 5.4 General major defect (bug) new 2012-04-05T12:43:23Z 2013-03-04T18:04:55Z "The default value of the input `$encoding` parameter for `htmlspecialchars()` changed to UTF-8 in PHP 5.4. The prior default was ISO-8859-1. The function's UTF-8 handler checks the input, returning an empty string if the input isn't valid UTF-8. WordPress will see the UTF-8 validator kicking because most of the `htmlspecialchars()` calls don't use the `$encoding` parameter. This will cause major problems for sites that have a `DB_CHARSET` other than `utf8`. [http://article.gmane.org/gmane.comp.php.devel/71783 Posting 58859 to php-internals] by Rasmus gives a clear example of the problem. Here is a link to [http://thread.gmane.org/gmane.comp.php.devel/71777 view the whole thread], starting with posting 58853). Creating two centralized functions is an approach for resolving this problem. This route is simpler and easier to maintain than adding the parameters to each `htmlspecialchars()` call throughout the code base. 1. `wp_hsc_db()` for safely displaying database results. Uses `DB_CHARSET` to calculate the appropriate `$encoding` parameter. MySQL's character set names are not equivalent to the values PHP is looking for in the `$encoding` parameter. Please see the `hsc_db()` method in the [http://plugins.svn.wordpress.org/login-security-solution/trunk/login-security-solution.php Login Security Solution plugin] for a mapping of the valid options. 2. `wp_hsc_utf8()` for safely displaying strings known to be saved as UTF-8, such as error messages written in core. Uses `UTF-8` as the `$encoding` parameter. Some calls in core use the `$flags` parameter, so these new functions will need the parameter too. The default should be `ENT_COMPAT`, which works under PHP 5.2, 5.3 and 5.4. It may be suggested that WP use `htmlspecialchar()`'s auto-detection option (by passing an empty string to the `$encoding` parameter). This is not advisable because it can produce inconsistent behavior. Even the PHP manual says this route is not recommended." convissor Defects Awaiting Review, reported against no version 21421 Sanitize/remove admin page slug from admin menu CSS classes Administration normal defect (bug) new 2012-07-30T11:26:15Z 2013-03-02T21:00:41Z "As I discovered when testing #21307, browsers won't parse a CSS class name with both underscores and hyphens. Instead, they handle it ''really'' badly. For example: `.toplevel_page_link-manager` will affect `body` in both Firefox and Chrome. Plugin page menu items have both an ID and class generated as such, which seems rather redundant. I propose either dropping the redundant and only partly functional CSS class or standardising the menu slug to produce a valid class name." kawauso Defects Awaiting Review, reported against no version 23605 esc_url() strips spaces instead of encoding them Formatting normal defect (bug) new 2013-02-25T17:41:21Z 2013-02-27T23:56:38Z "If I pass a URL into `esc_url()` that contains a space, the space is stripped instead of encoded. To reproduce: {{{ $url = 'http://example.com/foo bar/'; echo '
'; var_dump( $url ); var_dump( esc_url( $url ) ); echo ''; }}} The resulting URL ends up as `http://example.com/foobar/` instead of the expected `http://example.com/foo%20bar/`" johnbillion Defects Awaiting Review, reported against no version 23603 Custom post password form label Post Types normal defect (bug) new 2013-02-25T08:46:38Z 2013-02-26T05:42:45Z "[http://core.trac.wordpress.org/browser/trunk/wp-includes/post-template.php?rev=23416#L1214 get_the_password_form()] hardcodes the password protected message. {{{#!php __(""This post is password protected. To view it please enter your password below:"") }}} This results in misbehavior, wherein all post types (including Pages) do not make a distinction between what is password protected. Considering the difficulty of chunking up that string to be dynamic and more importantly easily localizable, I attach a draft patch which makes that message a label instead." soulseekah has-patch Defects Awaiting Review, reported against no version 22558 Attachment term counts feels/are inaccurate Media normal defect (bug) new 2012-11-23T16:21:26Z 2013-02-21T14:31:24Z "For posts: * Assign a term to a post, save as draft. Term count returns 0. * Publish the post. Term count returns 1. * Change post status back to draft. Term count returns 0. For attachments: * Upload an image, assign a term. Term count returns 0. * Create a new post and insert the image in a published post. Term count returns 0. * Create a new post, use the insert media modal and upload an image. Then go the the media edit screen and assign a term to the image. Term count returns 1. * Change the post status back to draft. Term count returns 1. * Upload an image, assign a term, attach the attachment to a published post. Term count returns 0. The default term update callback is `_update_post_term_count`. The function includes a special case for attachments, that's the reason why we have the 1 in step 3. IMO the term count for attachments shouldn't rely on the parent post status. We should just force `_update_generic_term_count`. Also noted here: comment:ticket:21391:41" ocean90 dev-feedback Defects Awaiting Review, reported against no version 23569 Network Admin Email description falsely claims e-mails will be sent from it Text Changes minor defect (bug) new 2013-02-21T01:27:05Z 2013-02-21T01:37:36Z "The description for the Network Admin Email option on wp-admin/network/settings.php says, ""Registration and support emails will come from this address. An address such as support@local.nordstrom.audrey.mpangodev.com is recommended.""; but that's not true. If the From name/address isn't set in wp_mail()'s $header argument, it gets set to ""WordPress