ticket,summary,owner,component,_version,priority,severity,milestone,type,_status,workflow,_created,modified,_description,_reporter 19455,"The ""magic_quotes_sybase"" Problem",夏天,General,3.2.1,normal,normal,Awaiting Review,defect (bug),new,has-patch,2011-12-06T10:13:21Z,2011-12-22T19:47:01Z," Post A Post, titled (in the double quote) : `""Charlie's little cat""` It will become (in the double quote) : `""Charlie''s little cat""` Notice that, single quote become double quotes!! YES , My 'magic_quotes_gpc' and 'magic_quotes_sybase' are enabled! Here is The PHP.NET links: http://php.net/manual/en/security.magicquotes.disabling.php",summerblue 17959,WP-Tab css,WraithKenny,Administration,3.2,normal,minor,Awaiting Review,defect (bug),reopened,has-patch,2011-07-01T17:03:44Z,2013-01-21T23:20:35Z,"The classes wp-tab-panel, wp-tab-bar, and wp-tab-active should adjust to side tabs in the post column (to match the behavior of categories for example) Also, there are several unneeded duplicate css classes that can be cleaned up.",WraithKenny 12756,WPMU does not handle files with two or more dots in the filename,wpmuguru,Upload,2.9.2,normal,minor,Future Release,defect (bug),reopened,has-patch,2010-03-29T07:23:50Z,2012-11-03T22:59:51Z,"* WPMU does download images that have two or more dots in the file name > E.g., One..jpg One...jpg One....jpg rewrites do work (checked) * this is clearly a WP issue: > /wp-content/blogs.php ... $file = BLOGUPLOADDIR . str_replace( '..', '', $_GET[ 'file' ] ); if ( !is_file( $file ) ) { status_header( 404 ); die('404 — File not found.'); } ... > WPMU removes two dots!!! > workaround: $file = BLOGUPLOADDIR . $_GET[ 'file' ]; // name.ly: workaround for files with two or more dots tested and works fine ",Namely 17948,Enhancements to the login and registration forms,wpdavis,Multisite,3.2,normal,normal,Awaiting Review,enhancement,new,,2011-06-30T16:25:01Z,2013-01-14T19:27:28Z,"I would like to propose a significant overhaul of the registration and login forms for 3.2, which I'd be happy to take on. A few things that I think would be helpful: Combine registration processes for multisite and single-user into one form on one page. Allow the registration and login to be templatized — no reason this should be for MS only. Standardize filters, actions and variables between MS and single-user when at all possible. A few related tickets: #17904 #17306 #17085 #16866 #16411 #17630",wpdavis 4010,Add Image Importing to the Blogger Importer,Workshopshed,Import,,normal,normal,WordPress.org,enhancement,reopened,,2007-03-21T20:21:28Z,2013-04-09T15:59:14Z,"The new blogger importer currently does a great job of bringing the blog over to WP, but it leaves the images associated with the blog on blogger.com and/or blogspot.com. This violates blogger's TOS and risks having the user's image links blocked by blogger. This change will move those images (using the WP image upload facility, of course) to the user's blog and fix the links as the import is done.",clwill 14195,$paged is not set when a Static Page is set as the Front Page,wonderboymusic*,Query,3.0,normal,normal,Future Release,defect (bug),accepted,has-patch,2010-07-04T15:12:10Z,2012-10-31T23:38:33Z,"If a static page is set as the front page of your WordPress site, and you request paginated content from the page via its URL (with permalinks enabled or disabled, doesn't matter), the $paged variable is not set. This causes custom pages (those ones displaying posts), to always go to Page 1, even if you click other pages. ( This is happening because $paged is set to null, and if it's set to null, it always goes to page 1). Also, get_query_var('paged'), also returns null, when it should return page 2 (if you clicked on page 2 for example). After inspecting $wp_query, I noticed that the correct paginated value is stored on {{{ $wp_query->query['paged'] }}} So, I have to do the following on all my themes on header.php, so the pagination doesn't break: {{{ global $wp_query, $paged; $paged = $wp_query->query['paged']; }}} This sets $paged again,with the correct value from $wp_query and fixes the bug. Since $paged is null whenever a custom page is selected as your homepage. This fix works with permalinks enabled or disabled.",der 21394,query.php: get_queried_object() result cannot be assumed to be non-NULL,wonderboymusic*,Warnings/Notices,3.3.2,normal,normal,Future Release,defect (bug),accepted,has-patch,2012-07-26T21:37:03Z,2013-05-24T16:13:54Z,"I'm dealing with a WPMUdev plugin called MarketPress. Its /store/products/ page is a special CPT catalog thing that seems to have wp_title() issues, so I dug into it. Turns out that: is_front_page() -> is_page() -> $page_obj = $this->get_queried_object() -> $page_obj == NULL But is_page() (and other is_...()) go harrassing $page_obj assuming there's always something useful there. This creates a flood of ""non-object access"" notices. I would expect something like this to make sense in these is_...() functions: {{{ if (!is_null($page_obj)) return false; }}} Since WP_Query::get_queried_object() first sets its result as null and returning a value is actually conditional, I don't see a way around these checks. Enlighten me please if I'm wrong. I've looked at #19035, #18614, #17662. All of them are situations where there's at least something there in $page_obj. None of them seem to discuss or patch NULL values. I discovered this on 3.3.2, but todays trunk [source:trunk/wp-includes/query.php@21248#L3340] has the same code.",lkraav 11890,allow get_the_content to accept post ID,williamsba1,Template,2.9.1,normal,normal,Future Release,enhancement,new,close,2010-01-13T22:58:06Z,2010-01-14T00:48:23Z,"The function get_the_content currently doesn't accept a post ID as a parameter. I'm suggesting adding this as a fourth parameter allowing this function to work like get_the_title does. I'll supply a patch if this sounds like a good idea",williamsba1 13005,Add plugin hook for ajax-tag-search,westi*,Administration,,normal,normal,Future Release,enhancement,accepted,has-patch,2010-04-14T20:21:50Z,2013-05-10T12:44:02Z,I would like to have a new plugin action hook added in the ajax-tag-search section of wp-admin/admin-ajax.php,jimmcq 4337,Blog by Email: No content is assumed,westi*,Blog by Email,2.2,high,major,Future Release,defect (bug),accepted,,2007-05-25T18:59:09Z,2013-02-05T03:14:40Z,"It seems, the Blog by Email functions is broken in WP 2.2. Mails are recognized, but only the title/subject is assumed - no content. Content is empty :( No matter if text email or html email. {{{ Author = bla@example.org Content-type: text/plain, Content-Transfer-Encoding: 8bit, boundary: Raw content: Author: 1 Posted title: Test Posted content: Mission complete, message 1 deleted. }}} ",jottlieb 5915,Same problem as in #252: apop broken if zero occurs in banner in 2.3.3 class-pop3.php,westi*,Blog by Email,2.3.3,normal,normal,Future Release,defect (bug),accepted,has-patch,2008-02-19T05:21:02Z,2009-10-11T21:08:22Z,"While extracting the banner (function parse_banner) in preparation for apop, the empty method is called on $digit which when zero returns false and hence doesn't get put into the resultant $banner. Example parse_banner reply with <14649.123343777@code-werk.net> but the string was ""+OK ready <14649.1203343777@code-werk.net>"" or another example ""+OK ready <14649.1203343777@code-werk.net>"" and $pop3->parse_banner give back <14419.12334323@code-werk.net> then a md5($AuthString) must fail, because the 0 is significant by apop. I put a workaround at http://www.babsi.de/silentapop/, that does it for me, but this touch also wp-main.php ",ASonno 5252,base64-encoded post-by-email post garbled.,westi*,Blog by Email,2.3,normal,normal,Future Release,defect (bug),accepted,,2007-10-24T08:58:20Z,2009-10-11T21:07:58Z,"When posting-by-email, my cellphone submits code using ""content-transfer-encoding: base64"". The message appears (output from wp-mail.php) like so: Author = [my email]

Content-type: text/plain, Content-Transfer-Encoding: base64, boundary:

Raw content:

SnVzdCB0ZXN0aW5nIHBvc3RpbmcgZnJvbSBteSBjZWxsLiBTdHJ1Y2sgbWUgd2hpbGUgcmVh
ZGluZyAgUmFwaCBLb3N0ZXIncyBwb3N0cyBhYm91dCB0aGUgZmlyZXMgaW4gQ2FsIHRoYXQg
YmVpbmcgYWJsZSB0byBwb3N0IHRvIHlvdXIgYmxvZyBmcm9tIGEgY2VsbHBob25lIGlzIGEg
dXNlZnVsIGZlYXR1cmUuIA==

Author: 1

Posted title: =?utf-8?B?Q2VsbHBob25lIHBvc3RpbmcgaW4gV1A=?=
Posted content:

SnVzdCB0ZXN0aW5nIHBvc3RpbmcgZnJvbSBteSBjZWxsLiBTdHJ1Y2sgbWUgd2hpbGUgcmVh
ZGluZyAgUmFwaCBLb3N0ZXIncyBwb3N0cyBhYm91dCB0aGUgZmlyZXMgaW4gQ2FsIHRoYXQg
YmVpbmcgYWJsZSB0byBwb3N0IHRvIHlvdXIgYmxvZyBmcm9tIGEgY2VsbHBob25lIGlzIGEg
dXNlZnVsIGZlYXR1cmUuIA==

Mission complete, message 1 deleted.

The provided patch detects base64-encoded content transfers and base64_decodes them. For some reason (I'm no utf8-expert) the TITLE of the post has ""=?utf-8?B?"" prepended to the actual base64 content (see above), which means a check for this string + a cropping is needed or base64_decode will not decode the post title properly.",kallewoof 10543,Incorrect (non-UTF-8) character handling in tag's name and slug,westi*,Charset,2.8.2,normal,normal,Future Release,defect (bug),accepted,needs-unit-tests,2009-08-04T05:26:11Z,2010-11-13T01:15:40Z,"Incorrect (non-UTF-8) character tag's name and slug are handled in different way: name is truncated on 1st such character, and in slug they are just removed (no truncation). WP should handle both in the same way - drop invalid characters, instead of truncation. I found this issue recently. One of the Polish programs for adding posts to the Wordpresses does not encode tags in UTF-8 - it left them in ISO-8859-2. I notified author of this bug. Unfortunately there are many copies around, so it may take a long time before everyone upgrade.",sirzooro 18792,Wrong FROM email when using wp_mail and built in mail() function,westi*,External Libraries,3.2.1,normal,normal,Awaiting Review,defect (bug),accepted,has-patch,2011-09-27T16:35:28Z,2012-05-04T14:43:56Z,"When using wp_mail in combination with mail() function, then From: envelope passed through -f parameter to sendmail is not set correctly. Here is simple patch, that fixes the problem: {{{ --- pluggable.php 2011-09-26 20:54:02.219330702 +0200 +++ pluggable.fixed.php 2011-09-27 18:19:21.283454810 +0200 @@ -394,8 +394,7 @@ } // Plugin authors can override the potentially troublesome default - $phpmailer->From = apply_filters( 'wp_mail_from' , $from_email ); - $phpmailer->FromName = apply_filters( 'wp_mail_from_name', $from_name ); + $phpmailer->SetFrom(apply_filters('wp_mail_from', $from_email),apply_filters('wp_mail_from_name', $from_name)); // Set destination addresses if ( !is_array( $to ) ) }}} ",pigster 17767,Anonymous comments can break comments RSS feed,westi*,Feeds,3.2,normal,normal,Future Release,defect (bug),accepted,has-patch,2011-06-11T11:30:34Z,2013-05-20T12:00:48Z,"dc:creator and description elements should not be parsed. Author field that can break RSS: {{{ Аз се казвам Веселин Николов, това е едно много дълго име }}} Comment text that can break RSS: {{{ &ndash; }}} (and most of the $allowedentitynames)",dzver 16859,esc_url eats square brackets.,westi*,Formatting,3.1,normal,minor,Awaiting Review,defect (bug),accepted,dev-feedback,2011-03-15T17:28:32Z,2013-06-08T01:50:33Z,"When adding a link to the blogroll (using wp-admin/link-add.php), square brackets in the link are removed, breaking the link. Example: {{{ http://lokale-wochenzeitungen.de/index.php?id=485&tx_ttnews[pointer]=6&tx_ttnews[tt_news]=132583&tx_ttnews[backPid]=741&cHash=ee9c87874b }}} becomes {{{ http://lokale-wochenzeitungen.de/index.php?id=485&tx_ttnewspointer=6&tx_ttnewstt_news=132583&tx_ttnewsbackPid=741&cHash=ee9c87874b }}} Workaround: Use URL-encoded links (%5B and %5D instead of [ and ]). This also affects urls which are made clickable by {{{make_clickable}}",f00f 11465,custom field duplicated,westi*,General,2.8.4,normal,minor,Future Release,defect (bug),accepted,,2009-12-16T21:09:23Z,2012-04-02T21:14:22Z,"When I enter the information for a custom field and click on Preview without first clicking Add Custom Field, the custom field is saved. But then when I click Publish, it is saved again, appearing in the post twice. If I click Add Custom Field before Preview, subsequent Publish does not duplicate the custom field. But it is very convenient and efficient to be able to avoid a separate save of the custom field. ",ericr23 14853,WP_Scripts::do_item filter,westi*,General,3.1,normal,normal,Future Release,enhancement,accepted,has-patch,2010-09-12T04:35:59Z,2011-07-28T12:51:43Z,"There should be actions that fire after a script is printed. This would enabled this best-practices usage scenario (from http://github.com/paulirish/html5-boilerplate/blob/master/index.html ): {{{ }}} The before action isn't covered by that use-case, but if we're going to have an after action, we might as well have a before one. I've attached a patch that would allow for this. Dead simple.",mattwiebe 8877,dotclear import don't set the post category,westi*,Import,,low,normal,WordPress.org,defect (bug),accepted,,2009-01-17T22:05:20Z,2012-05-24T22:32:57Z,"when importing from dotclear, all the posts are set only to the default category. i think the problem is due to the fact that wp_set_post_categories do nothing if we pass it only one category (don't know why...) ( in /wp-admin/import/dotclear.php, line 479 ) {{{ // Make Post-to-Category associations $cats = array(); $category1 = get_category_by_slug($post_cat_name); $category1 = $category1->term_id; }}} should be {{{ // Make Post-to-Category associations $cats = array(get_option('default_category')); $category1 = get_category_by_slug($post_cat_name); $category1 = $category1->term_id; }}} ",olivM 7644,Import Movable Type data using AtomPub.,westi*,Import,,normal,normal,WordPress.org,enhancement,accepted,close,2008-08-29T20:33:52Z,2011-09-15T17:17:13Z,This is a split ticket from #7543. This includes the latest Movable Type portion of the code.,cavemonkey50 7543,Import TypePad data using AtomPub.,westi*,Import,,normal,normal,WordPress.org,enhancement,accepted,needs-review,2008-08-19T02:44:26Z,2011-09-15T17:17:11Z,"First off, I want to mention that TypePad updated their AtomPub server a few days ago, and their server does not seem to be sending comments. With a little luck, my current code should work fine once that server starts functioning again, but for the time being I would highly recommend not committing this into core. Instead, I'm hoping people can look over the code and offer suggestions for improvement, test results, etc. While the Summer of Code is officially over today, I will be working on this until the job is done. Alright, now to what this is. As some of you may know, I've been working on an Atom Publishing Protocol ([http://www.rfc-editor.org/rfc/rfc5023.txt RFC 5023]) based importer this summer for the Google Summer of Code. The diff attached is the latest version of my work. The advantages of using the Atom Publishing Protocol are as follows: * Nothing has to be done in the old blogging software to prepare for import (no export files, etc). Users just enter their blog URL, username, and password and the importer grabs all of the data using AtomPub. * More data is imported compared to the old importers, especially with TypePad. Post slugs, comments, trackbacks, tags, categories, excerpts, etc are all imported. Everything used for posts in MT/TypePad is imported using AtomPub. * The Atom Publishing Protocol is an established standard. With the exceptions of tag additions (which don't necessarily need updates), the importer should not have to be changed and should continue working well into the future. I should mention there is one drawback to using the Atom Publishing Protocol. For the time being, it appears pages can not be retrieved using AtomPub. They were retrievable a few weeks ago, and I'm currently talking with Six Apart to see what happened. I would greatly appreciate any and all feedback. Let me know your suggestions, and I'll be happy to incorporate them.",cavemonkey50 9927,deprecate category_description() in favor of get_category_description(),westi*,Inline Docs,2.8,normal,minor,Future Release,enhancement,accepted,has-patch,2009-05-24T14:30:03Z,2010-10-28T10:35:19Z,,ramiy 14730,ms-files.php required ob_clean() and flush(),westi*,Multisite,,normal,normal,Future Release,defect (bug),accepted,has-patch,2010-08-30T04:53:20Z,2013-02-05T16:17:29Z,"I recently migrated a development wp 3 multisite install to 'live' mode for a site launch. One problem I had is that images served out of /files stopped working. Everything looked fine as far as the response / headers, but the image would open up as corrupted. After quite a bit of troubleshooting, the problem went away when I added ob_clean() and flush() calls to ms-files.php just before the readfile($file) call at the end of the file. Perhaps this is due to a problem elsewhere in my site, but I'm creating this bug so someone can decide if adding the buffer flush would be a reasonable addition to the codebase. It seems like this is the recommended way of doing things according to the sample code here: http://us2.php.net/manual/en/function.readfile.php",pj_mfc 14424,"Eliminate dynamic function definitions, ie create_function",westi*,Optimization,3.0,normal,normal,Future Release,enhancement,accepted,has-patch,2010-07-26T23:05:09Z,2011-09-29T17:20:35Z,"create_function() calls are essentially a form of eval() where the body of the functions is defined at runtime rather than compile time. This patch removes all but one of the calls within the translation code. There are a few reasons for doing this, one is apc can't cache the results of the function definition and secondly HipHop doesn't support complex create_function definitions. Most of the references were array_filter / array_map and replaced with a simple foreach. Others were sorting and a callback function was added.",ScottMac 10249,Page slug in cyrillic = Error 404 - Not Found!,westi*,Permalinks,2.7,normal,major,Future Release,defect (bug),accepted,needs-unit-tests,2009-06-23T19:44:34Z,2012-04-27T19:04:18Z,"When I create a page with page slug for example ""киро"" then when I try to open domain/киро - Error 404 - Not Found The permalinks are %postname% Post slug with this slug is working just fine, the same BUG exists in 2.7, 2.7.1 and 2.8",kalifi 11903,insert_with_markers is not threadsafe,westi*,Permalinks,2.9,normal,major,Future Release,defect (bug),accepted,,2010-01-15T06:27:45Z,2013-02-07T21:53:27Z,"From wp-admin/includes/misc.php the function insert_with_markers may be called multiple times on a busy server and if the htaccess is already in the process of being written it is possible that two PHP threads could attempt to write to it causing corruption such as the following: {{{ # BEGIN WordPress RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] # END WordPress s }}} Notice the dangling 's' at the last line",strings28 10551,wp_die() triggers block when using ModSecurity Core Rules,westi*,Security,2.8.3,low,normal,Future Release,defect (bug),accepted,dev-feedback,2009-08-05T19:47:28Z,2011-03-22T09:51:47Z,"wp_die() causes ModSecurity (using Core Rules), a commonly used Apache plugin, to throw a 406 error, blocking the message from displaying. This seems to be triggered by the fact that a 500 error is thrown. I went and changed the default status code to 401 (Unauthorized) and it worked like a charm. I just wonder if there is a better fix for this issue... or simply a better status code to use. Perhaps making a group of functions to make the error codes more focused. Example: {{{ wp_die_auth( __('You do not have sufficient permissions to access this page.') ); /** * Exits WordPress with Unauthorized status code. * * @see wp_die() */ function wp_die_auth($message, $title = '') { wp_die( $message, $title, 401 ); } }}}",cstrosser 21737,"Users should have to jump through hoops to set passwords of their choosing, and we should guard better against weak passwords",westi*,Security,,normal,normal,Awaiting Review,feature request,accepted,,2012-08-30T04:07:17Z,2013-04-18T02:44:43Z,"People are terrible at choosing secure, unique, complex, unguessable passwords. Unless someone is using a password storage system, the chances are good that the passwords they're choosing are really weak. We can mitigate this problem. 1. Let's make the default to always be that WordPress picks a password for you. When installing WordPress, or when creating a new user account, or when changing your password on your profile. The default should be that we generate a secure password for the user. They can remember it, write it down (not ideal, but generally more secure than choosing a weak password), or copy and use it once, check the ""remember me"" box, and not worry about it until their cookie expires on that computer. 2. If they do opt to manually create a password, we need to do better than our current password strength meter. And the lowest level should actually nag them with an AYS before they proceed. I suggest the following, to start, which would trigger the lowest level, and cause them to have to dismiss a warning (or check a checkbox... UI TBD) before continuing: * compare the strtolower'd version of their password to strtolower'd versions of all their info (username, first/last name, part of e-mail address before the @, etc). * any password that is shorter than 8 characters * a blacklist of popular passwords (these lists are available... even grabbing the top 100 would give use good coverage) * 3 or more consecutive digits (""123456"" and company are very popular) * anything that looks like a date",markjaquith 20635,_pad_term_count get's stuck if there is a loop in the hierarchy,westi*,Taxonomy,,normal,normal,Future Release,defect (bug),accepted,has-patch,2012-05-08T10:31:37Z,2013-06-09T05:08:34Z,"Ideally it should be impossible for a loop in a taxonomy hierarchy to exist. But sometimes they do. If one does exist then {{{_pad_term_counts()}}} gets stuck :( When one of these does exist the category widget breaks the front page of your site. We currently hook {{{wp_check_term_hierarchy_for_loops}}} on {{{wp_update_term_parent}}} and I wonder if there are other places we should be doing this check too.",westi 5172,Adding classes to wp_generate_tag_cloud,westi*,Template,,normal,normal,Future Release,enhancement,accepted,dev-feedback,2007-10-09T17:09:14Z,2011-04-30T08:50:18Z,"The attached patch changes 2 things on the [source:/trunk/wp-includes/category-template.php#L330 wp_generate_tag_cloud] function. 1) The current code uses single quotes instead of double quotes, I believe the standard is to use double quotes. I've converted single quotes to double quotes. 2) I've rounded the tag size to a whole number (no decimal places). 3) I've added a class ""tag-cloud-item-X"" where X is the number in the list and a second class ""tag-cloud-size-X"" where X is the size of the tag. . This will allow theme designers to apply different styles to tags. For example changing the colour from cold to hot depending on order or size.",chmac 8050,is_child(),westi*,Template,,normal,normal,Future Release,enhancement,accepted,has-patch,2008-11-03T18:58:48Z,2011-10-08T00:11:04Z,"Is there any reason why there is no native is_child(direct,in_tree) function for hierarchical structures in WP (like pages, categories, custom hierarchical taxonomies)? There's a (partly) working plugin available at http://2pt3.com/post/wordpress-plugins/ but I think this amounts to a core functionality, particularly for people using WP as a hierarchical CMS.",youngmicroserf 15086,get_template_part() should let you specify a directory,westi*,Themes,3.0,normal,normal,Future Release,enhancement,accepted,needs-unit-tests,2010-10-10T21:36:45Z,2013-02-07T21:51:35Z,"IT would be nice for `get_template_part()` to allow you to specify a directory to look for a file in. Right now you actually *can* do this, but it requires passing a 'slug' to the function like `directory/slug`. Since everywhere else in the code slugs are sanitized, this seems like an unexpected way to allow this functionality (I didn't realize this worked until @nacin pointed it out). Since this slug isn't actually sanitized at all, you can currently do `get_template_part( '../../../test' );` which seems rather unsafe (`get_template_part` should be able to include from outside the themes directory). I suggest sanitizing $slug and adding a third [optional] parameter that allows you to specify the directory to look in. The directory parameter should be sanitized enough to not allow it to start with a . or a / (although this more likely belongs in `locate_template()` as something done to $template_name inside the foreach). What does everyone think about this approach? How many themes do we think are currently using the $slug parameter to specify a directory? Right now the optional $name parameter is set up as a fall through, so if $slug-$name.php doesn't exist $slug.php is used. Should $directory be set up similarly ($directory/$slug-$name.php -> $directory/$slug.php -> $slug-$name.php -> $slug.php)?",aaroncampbell 13874,"Add package argument to ""_deprecated_function"" function",westi*,Warnings/Notices,,normal,normal,Future Release,enhancement,accepted,has-patch,2010-06-13T23:48:37Z,2013-05-14T13:27:25Z,"Got to thinking it would be nice if plugins could use the _deprecated_ API by passing a ""$package"" argument to separate themselves from WP core, and so this patch was born. ",johnjamesjacoby 17487,Codepage issue with the wp.org Credits API,westi*,WordPress.org site,,normal,normal,WordPress.org,defect (bug),accepted,,2011-05-18T10:28:47Z,2012-11-22T03:34:06Z,"I was playing with my profile page at wp.org and changed the Name field from: {{{demetris}}} to: {{{demetris (Δημήτρης Κίκιζας)}}} What the API returns for that is: {{{demetris (???????? ???????)}}} It seems the API returns its results in ISO 8859-1. Can we change that to UTF-8? ",demetris 17541,Blogger-XMLPRC API does not work with Multisite/SSL/DMZ combination,westi*,XML-RPC,3.2,normal,major,Future Release,defect (bug),accepted,has-patch,2011-05-23T07:26:29Z,2012-12-14T23:12:02Z,"I have the following setup: My WordPress Blogs (multisite) are set up behind a firewall that exposes the public address via SSL. Inside my DMZ I'm only using HTTP, so that's what WordPress sees. When I now try to access the blogger.getUsersBlogs XMLPRC-API, I get an empty result back. I analyzed the WordPress source code and found out that the blogger.getUsersBlogs method in the file wp-includes\class-wp-xmlrpc-server.php uses another XMLRPC call to the wp.getUsersBlogs method in case of the multisite. I further checked and found out that this appears to be the only case in which WordPress executes a remote call itself to sevice the request. I then replaced the logic in _multisite_getUsersBlogs with the multisite part from wp_getUsersBlogs and it worked. I aso found an issue that might be related: http://core.trac.wordpress.org/ticket/16402 But since the source code in the trunk still uses the regular IXR_Client, I'm not sure if this would fix the issue. I attached my fix as a patch, but it's not refactored to remove code duplication since I don't have a dev-environment set up for WordPress. Michael",michael_k 17607,Google blog search API shutdown,westi,Administration,3.2,normal,normal,Future Release,defect (bug),assigned,has-patch,2011-05-29T11:21:19Z,2012-10-11T23:13:54Z,"I have done a search and can't see that this has already been reported. On the wordpresss dashboard the 'incoming link search' uses google blog search API. Google has announced that this api is being shutdown as of effect 26 May 2011 (http://code.google.com/apis/blogsearch/). It will continue to work but with limited functionality (due to their deprecation policy). I therefore suggest that this be removed or use a different API.",jcnetsys 16204,Add hooks to enable access to pages in the admin when the menu layout has been changed by plugin,westi,Administration,3.1,normal,normal,Awaiting Review,enhancement,reviewing,has-patch,2011-01-12T16:31:33Z,2011-01-15T08:54:45Z,"This patch and ticket is a follow on to tickets #16048 and #16050 and indirectly related to this discussion on hackers: http://lists.automattic.com/pipermail/wp-hackers/2011-January/037129.html This patch simply adds the following hooks, all within /wp-admin/includes/plugin.php. - menu_page_url - admin_page_parent - admin_page_title - plugin_page_hookname - user_can_access_admin_page The patch does not attempt to unravel the many early exits of the various functions instead it simply redundantly adds the hooks at each exit point. As such it's backward compatibility can be reviewed simply by viewing the code. The use-case for this patch is when the menus are not exactly in the format expected by WordPress (but instead desired by the client) it can sometimes take hours of trial and error to get the permissions to allow users access to the menus they should be allowed access to. For example, if the first submenu page for a menu page is removed from the menu, even when it makes logical sense to the user WordPress currently does not allow that menu option to be viewed. These hooks would give plugin developers the ability to modify the menus and still enable users access to the pages they need access to.",mikeschinkel 15865,Make it easy to disable options / user settings,westi,Administration,,normal,normal,Future Release,enhancement,new,has-patch,2010-12-17T17:52:29Z,2013-01-21T04:12:48Z,"We have a wonderful option white listing system. The one thing it doesn't support is hiding the ui of core options if you don't want them changed. We should have a generic way of doing this.",westi 4965,Blog by Email: any images and attachments in your email are not being posted inline,westi,Blog by Email,2.3,normal,normal,Future Release,defect (bug),new,,2007-09-12T18:15:29Z,2009-10-11T21:07:33Z,"Blog by Email: any images and attachments in your email are not being posted inline Remaining issue from #4829.",foolswisdom 13473,comment_status should be set to default_comment_status when commentstatusdiv is removed,westi,Comments,,normal,normal,Future Release,defect (bug),reopened,,2010-05-20T23:36:24Z,2011-11-24T16:13:29Z,"When the Comment Status box is removed from the Add/Edit Post screens, posts should be created with the comment_status set to the value of the default_comment_status option. ----- I had hidden the Comment Status box via: remove_meta_box('commentstatusdiv','post','normal'); and made sure that default_comment_status was set to open: update_option('default_comment_status', 'open'); After adding a new post it displayed ""Comments Off"" when I was assuming that it should have honored the value of default_comment_status.",jimmcq 13158,Cron : some events may not be scheduled,westi,Cron,3.1,high,major,Future Release,defect (bug),new,,2010-04-27T23:29:46Z,2012-08-03T22:39:04Z,"the problem appears when two different events are scheduled at the same time what happens in code is : 1st event : _get_cron_array(); 2nd event : _get_cron_array(); 1st event : _set_cron_array( $crons ); 2nd event : _set_cron_array( $crons ); 1st event is lost.",arena 12609,Enabling FORCE_SSL_ADMIN breaks wp-cron.php,westi,Cron,,normal,normal,Future Release,defect (bug),new,dev-feedback,2010-03-15T16:02:29Z,2010-11-13T07:50:43Z,"I just completed a server migration and discovered that scheduled posting broke during the process. I tried a few things, including the suggestions from ticket #8923 with no luck. I realized that one change I made, on the new server, was a requirement that the admin uses SSL. After disabling FORCE_SSL_ADMIN I discovered that scheduled posts work again. It seems that I can leave FORCE_SSL_LOGIN turned on and it doesn't cause any problems. This is good enough for our security needs, but I'm sure others might want to have both enabled.",dphiffer 11826,Endless Cron Spawn,westi,Cron,2.9,normal,normal,Future Release,defect (bug),new,,2010-01-08T19:09:02Z,2010-12-14T10:00:23Z,"I somehow get it managed to keep such request in memory while they consume CPU all the time. I noticed that first a week ago or so and now I was able to find out some specifics: {{{ REQUEST_URI /wordpress-trunk/wp-cron.php?doing_wp_cron REQUEST_METHOD post }}} Maybe there is a condition for an endless loop in there?",hakre 11800,doubled execution of cron jobs,westi,Cron,2.9.1,normal,normal,Future Release,defect (bug),new,,2010-01-07T11:17:53Z,2011-06-02T07:18:50Z,"Hi, as I've already mentioned in ticket #11505 , cron-jobs occasionally get executed twice (e.g. daily backup arrives two times). I've changed the code according to the patch attachment:ticket:11505:ticket-11505-stop-gap.patch (which derives from [http://wpengineer.com/ping-problem/]) after my comment:ticket:11505:49 and had no doubles within this time period. This week I've upgraded to WP 2.9.1 and since then backups arrive two, sometimes three times, again. Looking at the changes from 2.9 to 2.9.1, I have no other explanation for this behavior. - Maybe we should consider having a closer look again on this patch attachment:ticket:11505:ticket-11505-stop-gap.patch . Greetz, Berny",neoxx 20903,Exporter gets stuck in a loop a loop/break in the category hierarchy,westi,Export,3.1,normal,normal,Future Release,defect (bug),new,has-patch,2012-06-11T11:26:07Z,2012-06-12T08:13:02Z,"Ideally it should be impossible for a loop/incorrect parentage in a category hierarchy to exist. But sometimes they do. If one does exist then {{{export_wp()}}} gets stuck :( It gets stuck in this code: {{{ // put categories in order with no child going before its parent while ( $cat = array_shift( $categories ) ) { if ( $cat->parent == 0 || isset( $cats[$cat->parent] ) ) $cats[$cat->term_id] = $cat; else $categories[] = $cat; } }}} Similar to #20635 but different.",westi 19719,PHPMailer allows invalid characters in display-name,westi,External Libraries,,normal,normal,Awaiting Review,enhancement,new,has-patch,2012-01-03T16:06:27Z,2012-01-03T16:06:27Z,"[http://tools.ietf.org/html/rfc5322 RFC5322] defines the display name portion of an email address as follows: {{{ display-name => phrase phrase => word / obs-phrase obs-phrase => word / whitespace / dot word => atom / quoted strings atom => whitespace / atext atext => ALPHA / DIGIT / ; Printable US-ASCII ""!"" / ""#"" / ; characters not including ""$"" / ""%"" / ; specials. Used for atoms. ""&"" / ""'"" / ""*"" / ""+"" / ""-"" / ""/"" / ""="" / ""?"" / ""^"" / ""_"" / ""`"" / ""{"" / ""|"" / ""}"" / ""~"" }}} So, the display-name can contain the list of characters defined as atext plus dots plus whitespace plus quoted stringss. Notable exclusions include things like >, <, ( and ). At present, PHPMailer does no validation of the display-name field. The attached patch adds validation that does the following: * Make sure we decode any utf8 characters * Compare the original value against a value with invalid characters stripped out * Fail validation if the original and the stripped version do not match (ie, we stripped something invalid, so the string must have been invalid) The patch does not handle assuring proper pairing of quoted strings (it doesn't validate that quotes nest properly or occur only in pairs). The following code works for testing the patch: {{{ AddAddress( $to_address, $to_name ); $phpmailer->SetFrom( $from_address, $from_name ); $phpmailer->Subject = $subject; $phpmailer->Body = $body; $phpmailer->Send(); } catch ( phpmailerException $e ) { print_r( $e->getMessage() ); } }}} To provoke an error, add a disallowed character such as > or ) to one of the _name variables. The code will bail with an invalid_display_name exception.",dllh 19549,Please remove X-Mailer from class-phpmailer,westi,External Libraries,3.3,normal,minor,Future Release,enhancement,assigned,dev-feedback,2011-12-14T20:37:14Z,2012-06-02T13:32:25Z,"It is nobody's business what software I am using to send mail, or what version number it is. Providing version numbers of server-side packages to strangers is an unnecessary security exposure. With each update to WordPress, I apply this patch. I would appreciate it if you would either include this patch yourselves, or provide a hook where I can do this myself without modifying the source. {{{ --- wp-includes/class-phpmailer.php 5 Jul 2011 20:53:19 -0000 1.3 +++ wp-includes/class-phpmailer.php 14 Dec 2011 19:43:32 -0000 @@ -1129,8 +1129,8 @@ } else { $result .= sprintf(""Message-ID: <%s@%s>%s"", $uniq_id, $this->ServerHostname(), $this->LE); } -// jwz: no. $result .= $this->HeaderLine('X-Priority', $this->Priority); -// jwz: no. $result .= $this->HeaderLine('X-Mailer', 'PHPMailer (phpmailer.sourceforge.net) [version ' . $this->Version . ']'); + $result .= $this->HeaderLine('X-Priority', $this->Priority); + $result .= $this->HeaderLine('X-Mailer', 'PHPMailer '.$this->Version.' (phpmailer.sourceforge.net)'); if($this->ConfirmReadingTo != '') { $result .= $this->HeaderLine('Disposition-Notification-To', '<' . trim($this->ConfirmReadingTo) . '>'); }}}",jwz 18664,Formatting/Cleanup for wp-admin/includes/class-wp-posts-list-table.php,westi,Formatting,,lowest,trivial,Future Release,defect (bug),reviewing,has-patch,2011-09-14T20:57:51Z,2011-10-12T17:13:19Z,"wp-admin/includes/class-wp-posts-list-table.php is extremely hard to read. Created this ticket to move conversation/patches for cleanup out of #17958",DH-Shredder 19487,Remove useless calls to set_time_limit(),westi,General,1.5,normal,normal,Awaiting Review,defect (bug),new,has-patch,2011-12-09T14:53:08Z,2012-11-23T10:13:52Z,"Calls to set_time_limit() were introduced in http://core.trac.wordpress.org/changeset/1812 and have remained in core ever since. The call occurs in code that makes network connections and is designed to allow time for the network calls to complete before the script execution stops. But set_time_limit() won't take network time into account, so it actually will not do what it seems designed to do. From php docs: The set_time_limit() function and the configuration directive max_execution_time only affect the execution time of the script itself. Any time spent on activity that happens outside the execution of the script such as system calls using system(), stream operations, database queries, etc. is not included when determining the maximum time that the script has been running. Further, calls to set_time_limit() can cause unexpected results in code that relies on any functions that call set_time_limit(). For example, if some code (in a cron job, say) sets the time limit to 0 (unlimited) because it knows it needs some time complete, then a subsequent call to a function that resets the time limit will halt the long-running execution once the new limit has been reached. Also from php docs: When called, set_time_limit() restarts the timeout counter from zero. In other words, if the timeout is the default 30 seconds, and 25 seconds into script execution a call such as set_time_limit(20) is made, the script will run for a total of 45 seconds before timing out. Since the call to set_time_limit() does not here do anything useful, it should be removed.",dllh 9930,is_serialized() returns false on serialized doubles,westi,General,,normal,minor,Future Release,defect (bug),reopened,has-patch,2009-05-24T17:23:43Z,2011-05-12T13:32:36Z,"Test case: {{{ }}} Expected: true Got: false serialize(1.2E+150) returns something like 'd:1.200000000000000013344651621705194036153934411236609269391465806550823148718924258603522328009361549E+150;', the plus sign after 'E' is not taken into account by the regexp",vladimir_kolesnikov 12333,"Get ""message"" and ""error"" params in wp-login.php",westi,General,2.9.2,normal,minor,Future Release,enhancement,new,reporter-feedback,2010-02-22T14:48:41Z,2012-01-11T11:24:26Z,"It might be useful a parameter like ""redirect_to"" to set $message and $error of login_headers() from the url of wp-login.php.",FiloSottile 19347,"Ugly alert: false !== strpos( $which_one_was_needle, $this_one )",westi,General,,normal,normal,Future Release,enhancement,reviewing,has-patch,2011-11-23T22:08:02Z,2012-06-28T16:29:40Z,"In WordPress {{{strpos()}}} is used hundreds of times. Very large percentage of those calls are trying to accomplish one of these 3 goals: * Check if a string starts with another string * Check if a string contains another string * Check if a string ends with another string The code for doing these 3 things is not very readable, ugly, and error-prone: {{{ 0 === strpos( $one_string, $other_string ) false !== strpos( $one_string, $other_string ) strpos( $one_string, $other_string ) == ( strlen( $one_string ) - strlen( $other_string ) }}} I propose we introduce functions to hide the ugliness and the complexity behind these three common operations: * {{{wp_startswith( $haystack, $needle )}}} * {{{wp_in( $needle, $haystack )}}} * {{{wp_endswith( $haystack, $needle )}}} The logic of the arguments order is consistent and easy to remember: ''first argument'' '''verb''' ''second argument''. * everything starts with a beginning translates to {{{wp_startswith( ""everything"", ""a beginning"" )}}} * goat is in distress translates to {{{wp_in( ""goat"", ""distress"" )}}} * movie ends with happy end translates to {{{wp_endswith( ""movie"", ""happy end"" )}}} These three functions are happily used in GlotPress and WordPress.com. The implementations are attached.",nbachiyski 10373,Proper number formatting related to i18n,westi,I18N,2.8.1,normal,normal,Future Release,defect (bug),reopened,reporter-feedback,2009-07-10T08:09:14Z,2012-05-13T08:33:30Z,"Hi there, Technical description of the situation: WordPress function number_format_i18n() uses native PHP function number_format() for formatting numbers. Unfortunately this PHP function is not able to handle separators (both decimal and thousands separators) that fall into one of the following categories: - separator would contain more than one char, e.g. "" ""; in this case only the first char from the supplied string is used, in the example given above it would be ""&"". - separator is ASCII > 128, e.g. ASCII 160; Impact: Although this is not a native bug to WordPress, the problem source is in PHP, the impact is caused also in WordPress. This situation is problematic for users in Eastern Europe (Czech Republic, Russia, etc.) where the standard thousands separator is "" "" (space). The users in these countries usually don't want to use real space (ASCII 32) as thousands separator, as it could be word wrapped and the number would be saparated into two lines. Unfortunatelly supplying both variants of non-breakable space (i.e. "" "" or ASCII 160) fails. Proposed solution: unforunatelly this bug is reported in PHP for years and nothing happens there. Because of this situation I suggest fixing such problem in the next level, i.e. in WordPress. This means to create a custom function for formatting numbers, with identical input params as number_format(), just that this one would be able to handle separator types mentioned above. I have such change already deployed on my WordPress blog for several months, so I am going to attach a diff file for the latest SVN state dealing with this issue. Honza",honza.skypala 15760,"LiveJournal Importer mishandles some and expressions",westi,Import,,normal,normal,WordPress.org,defect (bug),assigned,,2010-12-10T04:45:17Z,2011-02-19T18:52:42Z,"There is a note on plugins.trac ticket 1231 that says this should be handled in core.trac instead, so I'm cross-posting it here. The patch and ticket were originally added by a-bishop: http://plugins.trac.wordpress.org/ticket/1231 Reproduction steps: 1. Create a LiveJournal? entry that has in it. Note that this is XML-ish 2. Try to use the livejournal-importer on this post. Bug The gets ignored because the regular expression is too strict. I've attached a patch that makes LiveJournal? Importer recognize the XML-ish version. Patch:[[BR]] http://plugins.trac.wordpress.org/attachment/ticket/1231/livejournal-importer.patch",designsimply 15381,Rework WP_Scripts to support named groups,westi,JavaScript,,normal,normal,Future Release,enhancement,new,,2010-11-10T21:59:49Z,2011-03-22T09:26:12Z,"Currently WP_Scripts has some ""special"" code for splitting things across header and footer and concatenating core scripts. I would like to change it to support the following: * Named Groups - so we can have header, footer, ... * L10N awareness - so we can auto output the l10n.js file first if we need it - XRef #15124 * Concatenation opt-out * Concatentaion opt-in for plugins. I was working on this for #15124 until it became apparent that it wasn't right to do it for 3.1 - not enough time to fully test.",westi 18493,HTML E-Mails,westi,Mail,3.2,normal,normal,Future Release,enhancement,reviewing,early,2011-08-22T00:29:44Z,2013-04-13T16:33:09Z,"Wojtek worked on the Enhanced E-Mails project for GSoC this summer. It's definitely something that would be nice to have in core. The plugin already exists in the repository - [http://wordpress.org/extend/plugins/enhanced-emails/ Enhanced Emails]. There are still some things that need to be cleaned up in the code, but it works pretty well. I'm hoping we can clean it up, test it, and get it in core. ",aaroncampbell 15706,Allow wildcarded domains in multisite limited email domains,westi,Multisite,,normal,normal,Future Release,enhancement,reviewing,dev-feedback,2010-12-06T18:59:24Z,2012-08-29T16:45:39Z,"Here at blogs.law.harvard.edu, we want to allow all harvard.edu subdomains to create blogs in our multisite install. There are hundreds of domains and it would be difficult to get a complete list because of the complexity of our DNS infrastructure. I propose allowing the inclusion of a single prefix wildcard character in the limited email domains feature. If a limited email domain contains a ""*"", we would create a regex and match that specific entry via a wildcard. So ""*.harvard.edu"" would match ""cyber.law.harvard.edu"", ""fas.harvard.edu"", etc. To match the root TLD, you'd just manually enter ""harvard.edu"". We have a variant of this applied as a core hack to our wordpress install at http://blogs.law.harvard.edu and it's been working fine for years. I will package it up as a patch if there's interest. Thoughts? I don't think it'd make sense to allow embedded wildcards (dom*ain.org).",djcp 12145,Enhance activation process to improve integration with site theme,westi,Multisite,,normal,normal,Future Release,enhancement,new,,2010-02-06T07:10:13Z,2012-01-11T11:21:04Z,"wp-activate.php creates many notices on load due to theme hackery an example to start: {{{ Notice: Trying to get property of non-object in G:\www\ho.st\wp-includes\comment-template.php on line 777 Notice: Trying to get property of non-object in G:\www\ho.st\wp-includes\comment-template.php on line 794 Notice: Trying to get property of non-object in G:\www\ho.st\wp-includes\general-template.php on line 1588 Notice: Trying to get property of non-object in G:\www\ho.st\wp-includes\query.php on line 2600 Notice: Trying to get property of non-object in G:\www\ho.st\wp-includes\query.php on line 2600 Notice: Trying to get property of non-object in G:\www\ho.st\wp-includes\post-template.php on line 431 Notice: Trying to get property of non-object in G:\www\ho.st\wp-includes\query.php on line 2600 Notice: Trying to get property of non-object in G:\www\ho.st\wp-includes\post-template.php on line 1172 class=""page page-id- page-parent logged-in""> }}} the problem is, that wp-activate.php attempts to simulate a normal WordPress page, the problem arrises that when the header is included and/or custom code in the theme runs on the header, that the no-existance of the current post id (NULL) causes most of the WordPress functions to complain, as they're expecting a correct post object to be returned. 2 options 1. Update all API function to move to {{{ if ( ! $_post = get_post(..) ) return false; - This should probably be done anyway 2. Improve the hackery to allow displaying custom pages such as wp-activate.php more transparently. Furthur to #2, this might involve creating a page in the database which the API functions can access directly, the activate site page would then become a real page in the eyes of WordPress.",dd32 10852,improve get_page_children,westi,Optimization,2.9,normal,normal,Future Release,enhancement,reviewing,dev-feedback,2009-09-25T22:30:34Z,2013-02-18T19:10:53Z,"In #5303, mihai pointed out that get_page_children is very slow with 7000 pages. It's indeed slow, since the algorithm has O^2 complexity. We should improve it to O(N) complexity. ",hailin 17450,Almost pretty permalinks with non-ASCII characters do not work in Apache,westi,Permalinks,3.1,normal,major,Future Release,defect (bug),reopened,needs-unit-tests,2011-05-16T05:53:14Z,2012-04-27T19:03:50Z,Almost pretty permalinks (using PATH_INFO) with non-ASCII characters do not work in Apache; a not found error is returned. The same permalink works in IIS when UTF-8 is used for server variables. It also works when mod_rewrite is used.,peaceablewhale 10384,Make IIS Permalink support enabled based on capability not on version number,westi,Permalinks,2.8,normal,normal,Future Release,enhancement,new,commit,2009-07-11T08:37:44Z,2011-04-12T00:19:13Z,"At the moment we enable the IIS permalink support based on checks for IIS7 and then some capabilities. We should remove the version checking and work solely on capabilities so that we don't have to revisit when IIS8 is released.",westi 13266,Admin page hooks change when plugin is translated (tied to $menu_title),westi,Plugins,3.0,normal,major,Future Release,defect (bug),new,has-patch,2010-05-05T21:07:11Z,2010-11-02T06:27:09Z,"WP3 is using the title of the parent menu item in a menu block to fire the load-hooks for the lesser menu items? Lost me? Ok an example - Plugin Membership has this menu structure (simplified) Membership – main heading Membership – Top inner Edit Member – inner Edit Levels – inner Edit Subs – inner etc… The page load hooks for the non-translated plugin are as follows: Membership – load-toplevel_page_membership Membership – load-toplevel_page_membership Edit Member – load-membership_page_members Edit Levels – load-membership_page_membershiplevels Edit Subs – load-membership_page_membershipsubs etc… Now, if I use a language translation on the plugin, which for the sake of clarity here, translates the word Membership to Aaargh the page load hooks become. Membership – load-toplevel_page_membership Membership – load-toplevel_page_membership Edit Member – load-aaargh_page_members Edit Levels – load-aaargh_page_membershiplevels Edit Subs – load-aaargh_page_membershipsubs etc… Thus any actions you are running on the inner pages aren’t called.",uglyrobot 17615,WP_List_Table::get_columns does not work for plugins,westi,Plugins,3.1.3,normal,normal,Future Release,defect (bug),assigned,,2011-05-30T11:20:56Z,2011-06-11T09:36:27Z,"see Ticket #15386 - the ticket is closed, however I have the very same problem with 3.1.3 version and the solution example provided do not work for me. Wordpress claims that there is no function as get_list_table , I have changed it to _get_list_table, after that change it does launch but returns a null object.",cyplo 4893,Audit of all filter and action names.,westi,Plugins,,normal,normal,Future Release,enhancement,new,,2007-09-02T20:22:27Z,2010-03-18T21:09:32Z,"I think for 2.4 we should do an early audit of all the filters and actions in the core and ensure that they follow the following set of rules: 1. All names should be unique 1. All names should be relevant to the calling context 1. All filters should pass in relevant context information This should then ensure plugins can easily filter just the things they want to. This is to avoid messes like {{{the_title}}} {{{ ./wp-includes/post-template.php: return apply_filters( 'the_title', $title ); ./wp-includes/comment.php: $post_title = apply_filters('the_title', $post->post_title); ./wp-includes/classes.php: $output .= $indent . '
  • ID) . '"" title=""' . att ribute_escape(apply_filters('the_title', $page->post_title)) . '"">' . apply_filters('the_title', $page->post_title) . ''; ./wp-includes/deprecated.php: $string .= apply_filters('the_title', $post->post_title, $post); ./wp-includes/deprecated.php: $string .= apply_filters('the_title', $post->post_title, $nextpost); ./wp-includes/link-template.php: $title = apply_filters('the_title', $post->post_title, $post); ./wp-includes/link-template.php: $title = apply_filters('the_title', $post->post_title, $post); ./wp-includes/general-template.php: $text = strip_tags(apply_filters('the_title', $arc_title)); }}}",westi 13347,Mobile user agent detection for vars.php,westi,Plugins,,lowest,minor,Future Release,enhancement,new,,2010-05-11T16:21:58Z,2011-07-06T16:11:21Z,"We've added some user agent detection for mobile clients in the vars.php file, thought it would be good to have in core for plugins and themes to use. Attaching patched vars.php.",mrroundhill 13548,Settings API to include user options,westi,Plugins,2.7,normal,normal,Future Release,enhancement,new,,2010-05-26T07:42:52Z,2013-01-03T19:25:19Z,"Hi, I've reworked all of my plugins to build upon the [http://codex.wordpress.org/Settings_API new Settings API]. The handling and security are great. As far as I understand, the Settings API can't be used for user options. - What do you think about an extension of {{{ register_setting }}} & Co. to reflect user options? Greetz, Berny",neoxx 11210,Split wp_new_user_notification() into two functions,westi,Plugins,2.9,normal,normal,Future Release,enhancement,new,,2009-11-20T22:05:31Z,2010-09-07T19:02:37Z,"`wp_new_user_notification()` sends emails to newly registered user and to admin. One of my plugins ([http://wordpress.org/extend/plugins/wypiekacz/ WyPiekacz]) redefines it in order to to disable emails sent to admin. Now I want to extend my other plugin ([http://wordpress.org/extend/plugins/user-locker/ User Locker]) so newly registered users will have to activate theirs accounts by clicking on link sent in email. In order to do this, I have to redefine the same function. I how to do this so both plugins could work at the same time - this is not a problem for me. However it will be better to allow to redefine only part of `wp_new_user_notification()` function - either one which sends email to new user, or to admin. Therefore I ask to split this function into two new ones. Attached patch does this.",sirzooro 12582,user_registered action suggestion,westi,Plugins,2.9.2,normal,normal,Future Release,enhancement,new,,2010-03-11T11:10:48Z,2010-06-23T17:26:12Z,"I am developing theme that should include user login / registration (so we dont have to see wp-login.php ever again). Now for login it was easy - with the help wp_login_url user is redirected back to whatever page we need after login. To achieve same thing for registration i added new action in wp-login.php {{{ $errors = register_new_user($user_login, $user_email); do_action('user_registered', array($user_login, $user_email, $errors)); }}} using this action now i can make wp-login.php redirect user to main page and display errors there. Maybe this could be included in wordpress? Or maybe wp_login_url type function that can redirect user wherever needed? I would personally go with action as it gives much more freedom.",roxaz 16176,save_{$post_type},westi,Post Types,3.0.4,low,normal,Future Release,enhancement,assigned,has-patch,2011-01-10T11:46:22Z,2013-05-16T19:52:35Z,a `save_{$post_type}` hook would be convenient.,bmb 16303,Improve documentation and usability of WP_Rewrite Endpoint support,westi,Rewrite Rules,3.1,lowest,normal,Future Release,defect (bug),new,needs-docs,2011-01-19T16:25:01Z,2013-04-05T00:28:06Z,"When you know how it works the WP_Rewrite Endpoint support is really simple and cool. When you don't it looks really difficult to use. We should document it better and add an endpoint mask for Custom Post Types.",westi 8119,Attempts to edit deleted categories are not properly handled,westi,Taxonomy,2.7,normal,minor,Future Release,defect (bug),new,has-patch,2008-11-08T21:32:21Z,2011-11-19T06:07:37Z,"Fairly obscure. If one user has the edit cats view open, then another user deletes one of those categories, and the first user then attempts to edit the deleted category, they get - not unreasonably - an empty view on the edit screen. (As the data has been correctly deleted.) Ok. Not too much we can do about that. However, after that, it falls down. It seems that if you replace the various data and then press ""edit category"" it can go one of two ways - 1. The user recieves the message Your attempt to edit this category: """" has failed. 2. The user recieves the message Fatal error: Cannot use object of type WP_Error as array in /home/www/misthaveneu/htdocs/svn/trunk/wp-includes/functions.php on line 1238 Scenerio 2 seems to be vaguely related to using the word ""Error"" in the description, but that could just be conincidence. In any event, the handling of this situation is broken. The fact that a category has been deleted since in-between the user viewing the edit category screen and choosing one to edit needs to be recognised. (Even if it's the same sort of nasty wp_die message you get when a post has been deleted.)",mrmist 17302,"Add get_previous_post_link(), get_next_post_link(), and get_adjacent_post_link()",westi,Template,3.2,normal,normal,Future Release,enhancement,reviewing,has-patch,2011-05-02T07:36:12Z,2013-02-19T12:26:13Z,"Unlike many other template tags, he functions adjacent_post_link(), next_post_link(), and previous_post_link() are missing their get_ counterparts. Included patch adds those.",yoavf 18302,Improve child theme file inheritance by introducing `theme_url()` to locate a file URI,westi,Template,,normal,normal,Future Release,enhancement,reviewing,needs-unit-tests,2011-07-31T01:19:02Z,2013-04-22T19:02:43Z,"Child theme file inheritance isn't quite as slick as it could be. A child theme should be able to selectively override any of its parent theme's files (ie. CSS & JS), not just template files. For example, there's no easy way for a parent theme to enqueue a JavaScript file that can be easily overridden by a child theme. This is because there's no URI version of `locate_template()` for themes to use. Example: A parent theme includes a JavaScript file like so: {{{ wp_enqueue_script( 'foo', get_template_directory_uri() . '/foo.js' ); }}} A child theme couldn't simply include a `foo.js` file to override its parent's as the file is always loaded from the template directory, not the stylesheet directory. If the parent theme used `get_stylesheet_directory_uri()` instead, then the child theme could override it '''but''' it would '''have''' to override it, otherwise we'd end up with a file not found. The answer is to introduce a function that does the same as `locate_template()` but returns a URI instead of a path. Example usage: {{{ wp_enqueue_script( 'foo', locate_theme_file( 'foo.js' ) ); }}} This would load `foo.js` from the child theme if it existed, and the parent theme if not. The function could also be used for CSS files: {{{ wp_enqueue_style( 'bar', locate_theme_file( 'bar.css' ) ); }}} And for images too: {{{ "" /> }}} Stand by for a patch.",johnbillion 11282,Bizarre Behavior When wp-content Missing,westi,Themes,2.8.4,normal,normal,Awaiting Review,defect (bug),reopened,has-patch,2009-11-29T02:19:13Z,2012-10-23T00:15:18Z,"Steps to reproduce: 1. Begin and complete a normal installation, but skip or remove the wp-content directory. 2. Try to view the Dashboard and the Visit Site link. Expected Result: WP did not install, wp-content is missing. Actual Result: Dashboard is visible, site's front page is not. In /wp-admin/error_log PHP Warning: array_keys() [function.array-keys]: The first argument should be an array in /wp-includes/theme.php on line 481",miqrogroove 11215,Improve naming of child/parent theme functions,westi,Themes,2.9,normal,normal,Future Release,enhancement,new,,2009-11-21T09:51:10Z,2012-02-17T15:41:13Z,"We have confusing naming for child/parent theme functions. We have references to stylesheet/template instead of child/parent which makes it unclear which function should be being used. In #11033 we introduced a function for loading the child themes textdomain with a clear name. We should look at deprecating the stylesheet/template nomenclature and use child/parent instead.",westi 10457,Parse shortcodes in text widgets by default,westi,Widgets,2.8,normal,normal,Future Release,enhancement,reopened,,2009-07-21T11:27:06Z,2012-03-28T20:10:31Z,"Currently, shortcodes are only parsed within post content. It would, to my mind, be a nice enhancement to allow them to be parsed from within text widgets as well. The implementation is trivial, so the only real question is what problems this might throw up.",ionfish 21292,XML-RPC: wp_upload_bits should act like wp_handle_upload,westi,XML-RPC,3.0,normal,normal,Future Release,defect (bug),assigned,has-patch,2012-07-17T07:01:23Z,2013-05-07T11:37:28Z,"At this moment there isn't a check for file size when uploading an image through the XML-RPC. The reason is that the method wp_upload_bits is used. This only checks it does is if the file size is to big for a network installation. The function check_upload_size() is something what you want except that it will use wp_die() if there is an error like this. The function is used as a filter: wp_handle_upload_prefilter. Which only get applied in the function wp_handle_upload. We should probably change check_upload_size() a bit so it doesn't use wp_die() but does it somewhere else. related: #6559 and #21085",markoheijnen 20026,Adding a post_type filter in wp.getComments,westi,XML-RPC,,normal,normal,Future Release,enhancement,reviewing,needs-unit-tests,2012-02-12T15:48:53Z,2012-08-05T19:45:16Z,This will be usefull when with the new custom post type support in XMLRPC,nprasath002 11303,XMLRPC (and APP) APIs should expose all Post/Page/Comment management functionality,westi,XML-RPC,2.9,normal,normal,Future Release,task (blessed),assigned,close,2009-12-01T22:26:01Z,2010-09-23T20:34:55Z,"In #11243 we hid the trash status from {{{wp.getPages()}}} we also hide it for pages (and comments I guess). Really these apis should be fully featured to allow clients to support the new things the api does. We should revert the change made for trash for 2.9 and promote the fact that clients should be graceful when using these apis so as to cope when we introduce new features. We also need to review the need for extra apis to allow trashing/untrashing of posts/pages/comments etc.",westi 23012,Refresh the code for the default widgets,Viper007Bond*,Widgets,3.5,low,minor,Future Release,enhancement,accepted,,2012-12-20T01:49:37Z,2012-12-21T21:28:45Z,"The default widgets serve as examples for many people to make new widgets. We should make sure they're up to date in terms of coding standards and best practices. There's many places where this is not the case. A few examples: * `$instance['text'] = stripslashes( wp_filter_post_kses( addslashes($new_instance['text']) ) );` * `$text = esc_textarea($instance['text']);` rather than at output Also tons and tons of formatting issues. I'll volunteer to take this on.",Viper007Bond 17210,Massive duplication of oEmbed postmeta,Viper007Bond,Embeds,3.1,normal,normal,Future Release,defect (bug),reopened,dev-feedback,2011-04-21T23:38:35Z,2013-02-15T19:56:22Z,"Hey guys, Ever since my blog grew to a considerable size (a few million PVs a month) and started slowing down and exploding my server, I've been looking and implementing various optimizations. During one such passes through the data, I noticed this really weird oEmbed related behavior, which I've been observing for a number of WP version upgrades. I use [embed] shortcodes a lot, and every new post after a few minutes ends up with a ton of oembed caches that don't belong to it at all - they're all from other posts. Posts that don't even have [embed]s at all still have over 100 oembed entries in wp_postmeta. Here's an example of just a small subset of data residing in the table: [[Image(http://farm6.static.flickr.com/5230/5641419581_0610c9e267_b.jpg)]] There are now about 150,000 entries in the wp_postmeta table due to this, half of which are duplicated _oembed entries, which I think has heavy impact on server load. Not only that but I'm sure WP is filling the table up with values by redoing oEmbed queries, which may explain that load shoots up very high at times when publishing. {{{ mysql> select count(*) from wp_postmeta where meta_key like '_oembed%'; +----------+ | count(*) | +----------+ | 81499 | +----------+ 1 row in set mysql> select count(*) from wp_postmeta; +----------+ | count(*) | +----------+ | 148451 | +----------+ 1 row in set }}} Just look at how many times this random video embed value shows up in the table. I'm sure it was used in only one actual post: {{{ mysql> select count(*) from wp_postmeta where meta_value like '%p2oWELcd-lI%'; +----------+ | count(*) | +----------+ | 815 | +----------+ 1 row in set }}} Just to clarify - I don't have 815 updates to a single post that may have explained this - these are completely unrelated, separate, published posts. To put things in perspective, here are the top 20 offenders: {{{ mysql> select distinct meta_key, count(*) as cnt from wp_postmeta where meta_key like '_oembed%' group by meta_key order by cnt desc limit 20; +------------------------------------------+-----+ | meta_key | cnt | +------------------------------------------+-----+ | _oembed_5607e41abb700707540a854ae76182cf | 864 | | _oembed_984bc07d3bc0f61b6b35230cd2fa7ced | 859 | | _oembed_da8ae36275b4576cfcd92c0ed455be96 | 859 | | _oembed_71dd4068a9a6911f50dbe57b3ff477c5 | 858 | | _oembed_9f817e820c23ccbfac9b22b3474e5dd3 | 858 | | _oembed_f3c1c03a81bc301b5f1a063f65119328 | 857 | | _oembed_31bf10d95cb7c8e9f646d9d6e5728da0 | 857 | | _oembed_25d0ebf59c994050cb604900cf04f53f | 856 | | _oembed_6265dae657e38579c0a8ddb66132d526 | 852 | | _oembed_562dd8c13888905cbd15dbd74e8699cc | 849 | | _oembed_30ea17d1cc73acd925a74373d2be32ec | 848 | | _oembed_87f16916b4da6571f454266bfbfaebe0 | 847 | | _oembed_9f1f038d43e973bd60929201eee24f57 | 843 | | _oembed_d46317d44fe11c0d90ef2cc3b45bce57 | 843 | | _oembed_b1f8685ba405feee46baf9408eb632f7 | 841 | | _oembed_1b56f492eba4c4ea698d816d0ecf2d51 | 840 | | _oembed_fe597714de4081e6e7e78a88256c7db4 | 840 | | _oembed_fb843e7b604cbc4e1ffa144d4eb300c8 | 839 | | _oembed_97b12f2f1e59ee6eff95c61095aa5bef | 838 | | _oembed_2b94d9f7c28ee37bfbead0a622c8be85 | 838 | +------------------------------------------+-----+ 20 rows in set }}} I'm quite at a loss here and would appreciate the next debugging steps. I haven't been able to determine where things are going wrong on my own. Thank you. P.S. The site in question is AndroidPolice.com",archon810 21540,Add support for responsive video embeds,Viper007Bond,Embeds,,normal,normal,Awaiting Review,enhancement,assigned,,2012-08-10T17:15:50Z,2013-01-17T17:27:31Z,"By wrapping the html content of a video embed with a container (incl. class name), we could provide a simplified way for Theme authors to make video embeds truly responsive, through basic CSS. See #21480",obenland 18694,Improved date arguments for WP_Query,viper007bond,General,3.3,normal,normal,Awaiting Review,enhancement,new,has-patch,2011-09-17T22:00:00Z,2013-02-28T14:40:09Z,"Currently there is no way to get a set of posts that fall within a date range, are older/newer than a certain date, etc. A new set of arguments should be created for `WP_Query` that work similarly to the relatively new meta and taxonomy arguments. Argument structure suggestions welcome.",Viper007Bond 8833,extract pluggable.php function logic into separate functions,Viper007Bond,Plugins,2.8,normal,normal,Future Release,enhancement,new,dev-feedback,2009-01-09T21:24:15Z,2012-08-31T18:23:53Z,"Currently, when a plugin overrides one of the pluggable.php functions with a custom implementation, there is no way to fall back to the standard version of the function. Instead, plugin authors have to copy and paste all of the logic from pluggable.php into their custom function. I'd love to see the actual logic separated out into ""private"" functions that are simply called the public ones. For example: {{{ if (!function_exists('wp_get_current_user')) { function wp_get_current_user() { return _wp_get_current_user(); } } function _wp_get_current_user() { /* normal logic for getting the current user */ } }}} This would allow me to override the function, but still fallback to the standard implementation if I need to... {{{ if (!function_exists('wp_get_current_user')) { function wp_get_current_user() { if ( /* some condition */ ) { /* my own custom get current user logic */ } else { return _wp_get_current_user(); } } } }}} This wouldn't actually take that much work, and I'm happy to do it. Not sure if it would be best to keep it all in pluggable.php, or if the standard implementations should be moved to pluggable.standard.php or something similar. ?? Original wp-hackers thread: http://groups.google.com/group/wp-hackers/browse_thread/thread/31295f83a13dc025",wnorris 11946,Ensure image MIME type matches extension,Viper007Bond,Upload,3.0,normal,minor,Future Release,defect (bug),reopened,needs-refresh,2010-01-19T08:02:17Z,2012-07-26T22:55:00Z,"Take a bitmap (BMP) and rename it to `.png`. WordPress will say it's an `image/png` everywhere you look. This can cause issues if you're trying to manipulate it (thumbnail it, etc.). We should either fix the extension or reject it.",Viper007Bond 10303,Provide better user feedback when content is changed by filters.,tott*,Formatting,,normal,normal,Future Release,enhancement,accepted,has-patch,2009-06-30T10:37:01Z,2013-01-22T01:03:33Z,"When filtering content via kses, adjusting bad nested xhtml or similar no feedback is given to the user. The content is just stripped and the user is not informed about the changes made and why they happened. Presenting a diff in the admin message should increase the UX. ",tott 8470,Large exports break frequently,tott,Export,,normal,normal,Future Release,defect (bug),new,reporter-feedback,2008-12-03T13:51:37Z,2009-11-18T21:21:54Z,"For large wordpress exports frequently the download stops at some point. This effect seems to be due to bad memory utilization on slow downloads where the content cannot be flushed fast enough to the browser. Attached patch includes various improvements in content flushing, and for cleaning of variables in order to save some memory.",tott 7813,export function does not preserve encoding,tott,Export,2.7,normal,minor,Future Release,defect (bug),new,,2008-09-30T20:07:25Z,2009-11-24T15:54:10Z,"when exporting strings are always converted to utf-8 while header and encoding is set to encoding used in blog. this causes trouble when importing later.",tott 8455,Enhance usability in Wordpress Import - preselecting matching authors,tott,Import,,normal,normal,WordPress.org,enhancement,new,,2008-12-02T09:27:03Z,2012-09-10T10:21:11Z,"To increase usability in wordpress imports, especially for imports with many users or imports that are rerun a preselection of authors would increase usability.",tott 12981,odd behavior of exclude_tree parameter in wp_list_categories(),tott,Taxonomy,3.0,normal,normal,Future Release,defect (bug),assigned,dev-feedback,2010-04-12T20:10:50Z,2010-11-13T01:26:38Z,"When running a query such as {{{ }}} the exclude_tree parameter is not obeyed as [10276] introduced a change that would overwrite it with the exclude parameter. ",tott 16990,WP Multisite doesn't use custom db-error.php,tmuka,Multisite,3.1,normal,minor,Awaiting Review,enhancement,new,,2011-03-28T19:19:46Z,2011-07-18T01:23:14Z,"I suppose this is a feature request. I don't see a way to configure a Multisite install to use the same wp-content/db-error.php file as a single wp site install uses. Instead where the db is down the page dies on ""Error establishing database connection"" wrapped in an

    . It could be a complication of using the HyperDB plugin, but it appears that on line 104 of wp-includes/ms-settings.php when the db is down get_blog_details() obviously fails and wp-includes/ms-load.php:ms_not_installed() is called. Unfortunately ms_not_installed() does not redirect to db-error.php, and instead dies, returning $title = /*WP_I18N_FATAL_ERROR*/'Error establishing database connection'/*/WP_I18N_FATAL_ERROR*/; Obviously i could hack in a call to wp-includes/functions.php: dead_db() in ms-load.php, but i try to avoid any core hacking to make upgrades easier. Does anyone have a suggestion for overriding this behavior cleanly? perhaps something in wp-WP_CONTENT_DIR/sunrise.php ? I suppose if somebody else is interested in the simple fix, here it is. In ""function ms_not_installed"" on line 224 of wp-includes/ms-load.php, insert dead_db(); like this... {{{ function ms_not_installed() { dead_db(); //hacked this in so we can get use our custom db-error.php }}} The bottom line is that now the visitor will potentially see a more friendly error message when the db or db table is unavailable.",tmuka 20140,Ask old password to change user password,tman4506*,Security,,normal,normal,Awaiting Review,feature request,accepted,dev-feedback,2012-02-29T12:55:38Z,2012-08-26T16:14:53Z,"I have experienced this in various sites and i think it adds extra security. We must ask for the old password when the user tries to change the password",nprasath002 18999,Quotes in emails,titi,General,3.2.1,normal,major,Awaiting Review,defect (bug),new,reporter-feedback,2011-10-19T10:39:28Z,2011-12-19T01:57:53Z,"Quotes are displayed in plain HTML CODE {{{ ’ }}} instead of the a real quote. This bug is in any email reply notifications containing quote in the post. Using BBPress 2.0 with Wordpress. French language.",thibotus01 6969,Don't apply wptexturize() to the insides of shortcode tags,tellyworth,Formatting,2.5.1,normal,normal,Future Release,enhancement,new,needs-unit-tests,2008-05-14T11:47:58Z,2011-05-31T08:45:13Z,"I have this for my post contents: {{{ [code lang=""php""]$foo = 'bar';[/code] }}} The problem is my shortcode function gets this passed to it for the content string: {{{ $foo = ‘bar’; }}} `wptexturize()` should be smart enough to not format the contents of registered shortcodes. If plugins want their contents formatted, they can pass the contents to the `wptexturize()` function itself.",Viper007Bond 6819,EXIF data extracted from uploaded images stored incorrectly,tellyworth,Media,2.5,normal,normal,Future Release,defect (bug),new,,2008-04-23T01:13:19Z,2009-11-23T15:25:26Z,"Currently extracted EXIF data is stored as a single custom field with a serialized array containing all the data - it should be stored with one-custom-field per data entry, probably with the exif_ prefix.",matt 5953,Absolute upload_path fails,tellyworth,Upload,,normal,normal,Future Release,defect (bug),reopened,,2008-02-22T05:39:43Z,2009-11-20T20:03:34Z,"1. On Options/Misc, enter ""/tmp/foo/bar"" as a value for the upload path setting. 2. Write a new post and attach an image. Expected: the image file should be stored as /tmp/foo/bar/2008/02/file.jpg or similar. Actual: a 'tmp/foo/bar' subdirectory is created within ABSPATH (if that's possible) and the file is stored there. Both the filesystem path and URL path just append '/tmp/foo/bar', so you get 'ABSPATH//tmp/foo/bar/2008/02/file.jpg' and 'http://example.com//tmp/foo/bar/2008/02/file.jpg' An absolute upload_path should probably be rejected unless you also specify an upload_url_path, because there's no way to know what URL corresponds to an arbitrary filesystem path. ",tellyworth 12945,Constrain wp_page_menu(),technosailor*,General,,normal,normal,Future Release,defect (bug),accepted,,2010-04-09T19:39:51Z,2010-05-02T18:49:39Z,"The wp_page_menu() function is the default callback for wp_nav_menu(). IOW, when a user is not using the new menu system, it defaults to this function. While that is good, any number of pages over, say 10, will make a theme puke in many cases. As a workaround, I suggest we make a default of wp_page_menu() to exclude all pages() except home. It's a stupid idea, I think, but something needs to be done to make this manageable so I'm looking for feedback. The Pro of taking this approach is that it encourages customization of menus via the WP menu system. It also does not lock theme devs into a particular approach because this stuff can be overidden via arguments and filters. The con is that the default callback becomes pretty benign and useless. Almost pointless. Ideas?",technosailor 8994,Incorporate MediaRSS Plugin into core,technosailor,Feeds,,normal,normal,Future Release,feature request,new,,2009-01-29T18:00:20Z,2013-01-05T09:05:59Z,"Per conversation on the hackers list, this ticket is a working area for incorporation of the MediaRSS plugin (http://wordpress.org/extend/plugins/mrss) into core for WP 2.8.",technosailor 8298,wp_page_menu needs to override wp_list_pages include argument to be functional,technosailor,Template,3.0,normal,normal,Future Release,defect (bug),assigned,has-patch,2008-11-20T19:43:12Z,2010-10-26T13:08:12Z,"In exploring the new wp_page_menu() function, I realized that there is a byproduct of wp_list_pages that is unintuitive and possibly problematic for people wanting to output a menu. The 'include' argument overrides the use of child_of, parent, meta_key and meta_values parameters. Menu creation assumes that only some top level pages will need to be used, thus the need for 'include', but wp_list_pages assumes that if you're including only a subset of pages, you're not including the subpages as well. Makes sense on both accounts. For menu authors, I think expected behavior is that a top level menu would include subpages as well (e.g. a rollover horizontal nav). I'm submitting a patch that delivers that expected behavior to only the new wp_page_menu() template tag. It reverse engineers the include by using the 'exclude' argument to exclude all pages except the ones passed with the wp_page_menu 'include' argument.",technosailor 9153,wp_list_pages cannot handle multiple exclude_tree arguments,tbrams,Template,3.0,normal,normal,Future Release,defect (bug),reopened,has-patch,2009-02-17T15:32:48Z,2013-05-07T19:41:48Z,"When trying to set up a menu based on wp_list_pages and a long list of chapters I did not want on the front page, I learned that wp_list_pages ignored all exclude_tree arguments - except for the first one. For example, using: {{{ wp_list_pages('exclude_tree=132,502,715,852,109,153,149&title_li=&sort_column=menu_order' ); }}} to generate the menu at http://ttu.no was a no go, because it returned far to many sections in the menubar (despite my efforts to explicitly exclude a lot of these) Although it is certainly not a show stopper, it is really annoying when you need a drop down menu on your website and know exactly how it should work in theory, so I have found a solution for this already and am just trying to figure out how I can convey my suggested fix to the official Open Source Repository.",tbrams 18801,Accessibility Enhancements to Settings API,taupecat*,Accessibility,3.2.1,normal,normal,Awaiting Review,enhancement,accepted,has-patch,2011-09-28T14:59:44Z,2013-01-03T19:25:35Z,"I've only started working with the Settings API, but right off the bat I noticed two fairly major, but should be not too difficult to fix, accessibility issues. 1) The label/input field pairs are missing the HTML