Ticket #10758: 10758.patch

wp-admin/includes/post.php

@@ -925 +925 @@
  *
  * @since unknown
  *
- * @param unknown_type $id
- * @param unknown_type $title
- * @param unknown_type $name
- * @return unknown
+ * @param int|object $id    Post ID or post object. 
+ * @param string $title (optional) Title 
+ * @param string $name (optional) Name 
+ * @return array With two entries of type string 
  */
 function get_sample_permalink($id, $title = null, $name = null) {
         $post = &get_post($id);
@@ -943 +943 @@
         // drafts, so we will fake, that our post is published
         if (in_array($post->post_status, array('draft', 'pending'))) {
                 $post->post_status = 'publish';
-                $post->post_name = sanitize_title($post->post_name? $post->post_name : $post->post_title, $post->ID);
+                $post->post_name = sanitize_title($post->post_name ? $post->post_name : $post->post_title, $post->ID);
         }
 
         $post->post_name = wp_unique_post_slug($post->post_name, $post->ID, $post->post_status, $post->post_type, $post->post_parent);
@@ -951 +951 @@
         // If the user wants to set a new name -- override the current one
         // Note: if empty name is supplied -- use the title instead, see #6072
         if (!is_null($name)) {
-                $post->post_name = sanitize_title($name? $name : $title, $post->ID);
+                $post->post_name = sanitize_title($name ? $name : $title, $post->ID);
         }
 
         $post->filter = 'sample';
@@ -979 +979 @@
 }
 
 /**
- * {@internal Missing Short Description}}
+ * sample permalink html
  *
+ * intended to be used for the inplace editor of the permalink post slug on in the post (and page?) editor.
+ * 
  * @since unknown
  *
- * @param unknown_type $id
- * @param unknown_type $new_title
- * @param unknown_type $new_slug
- * @return unknown
+ * @param int|object $id Post ID or post object. 
+ * @param string $new_title (optional) New title  
+ * @param string $new_slug (optional) New slug 
+ * @return string intended to be used for the inplace editor of the permalink post slug on in the post (and page?) editor. 
  */
 function get_sample_permalink_html( $id, $new_title = null, $new_slug = null ) {
         $post = &get_post($id);

wp-admin/includes/widgets.php

@@ -180 +180 @@
         </div>
         <input type="hidden" name="widget-id" class="widget-id" value="<?php echo esc_attr($id_format); ?>" />
         <input type="hidden" name="id_base" class="id_base" value="<?php echo esc_attr($id_base); ?>" />
-        <input type="hidden" name="widget-width" class="widget-width" value="<?php echo esc_attr($control['width']); ?>" />
-        <input type="hidden" name="widget-height" class="widget-height" value="<?php echo esc_attr($control['height']); ?>" />
+        <input type="hidden" name="widget-width" class="widget-width" value="<?php if (isset( $control['width'] )) echo esc_attr($control['width']); ?>" />
+        <input type="hidden" name="widget-height" class="widget-height" value="<?php if (isset( $control['height'] )) echo esc_attr($control['height']); ?>" />
         <input type="hidden" name="widget_number" class="widget_number" value="<?php echo esc_attr($widget_number); ?>" />
         <input type="hidden" name="multi_number" class="multi_number" value="<?php echo esc_attr($multi_number); ?>" />
         <input type="hidden" name="add_new" class="add_new" value="<?php echo esc_attr($add_new); ?>" />

wp-admin/admin-footer.php

@@ -29 +29 @@
 <?php
 do_action('admin_footer', '');
 do_action('admin_print_footer_scripts');
-do_action("admin_footer-$hook_suffix");
+if (isset($hook_suffix)) 
+        do_action("admin_footer-$hook_suffix");
 
 // get_site_option() won't exist when auto upgrading from <= 2.7
 if ( function_exists('get_site_option') ) {

wp-admin/upload.php

@@ -308 +308 @@
 
         if ( $month_count && !( 1 == $month_count && 0 == $arc_result[0]->mmonth ) ) : ?>
 <select name='m'>
-<option<?php selected( @$_GET['m'], 0 ); ?> value='0'><?php _e('Show all dates'); ?></option>
+<option<?php selected(isset($_GET['m']) ? $_GET['m'] : null, 0); ?> value='0'><?php _e('Show all dates'); ?></option>
 <?php
 foreach ($arc_result as $arc_row) {
         if ( $arc_row->yyear == 0 )

wp-includes/author-template.php

@@ -22 +22 @@
  */
 function get_the_author($deprecated = '') {
         global $authordata;
-        return apply_filters('the_author', $authordata->display_name);
+        return apply_filters('the_author', is_object($authordata) ? $authordata->display_name : null);
 }
 
 /**

wp-includes/capabilities.php

@@ -842 +842 @@
                 $post_author_data = get_userdata( $post->post_author );
                 //echo "current user id : $user_id, post author id: " . $post_author_data->ID . "<br />";
                 // If the user is the author...
-                if ( $user_id == $post_author_data->ID ) {
+                if ( is_object($post_author_data) && $user_id == $post_author_data->ID ) {
                         // If the post is published...
                         if ( 'publish' == $post->post_status ) {
                                 $caps[] = 'edit_published_posts';

wp-includes/comment.php

@@ -1122 +1122 @@
 function wp_new_comment( $commentdata ) {
         $commentdata = apply_filters('preprocess_comment', $commentdata);
 
-        $commentdata['comment_post_ID'] = (int) $commentdata['comment_post_ID'];
-        $commentdata['user_ID']         = (int) $commentdata['user_ID'];
+        $commentdata['comment_post_ID'] = isset($commentdata['comment_post_ID']) ? (int) $commentdata['comment_post_ID'] : null;
+        $commentdata['user_ID']         = isset($commentdata['user_ID'])         ? (int) $commentdata['user_ID']         : null;
 
-        $commentdata['comment_parent'] = absint($commentdata['comment_parent']);
+        $commentdata['comment_parent'] = isset($commentdata['comment_parent']) ? absint($commentdata['comment_parent']) : null;
         $parent_status = ( 0 < $commentdata['comment_parent'] ) ? wp_get_comment_status($commentdata['comment_parent']) : '';
         $commentdata['comment_parent'] = ( 'approved' == $parent_status || 'unapproved' == $parent_status ) ? $commentdata['comment_parent'] : 0;
 

wp-includes/functions.wp-styles.php

@@ -11 +11 @@
  *
  * @since r79
  * @uses do_action() Calls 'wp_print_styles' hook.
- * @global object $wp_styles The WP_Styles object for printing styles.
+ * @global WP_Styles $wp_styles The WP_Styles object for printing styles.
  *
  * @param array $handles (optional) Styles to be printed.  (void) prints queue, (string) prints that style, (array of strings) prints those styles.
  * @return bool True on success, false on failure.
@@ -21 +21 @@
         if ( '' === $handles ) // for wp_head
                 $handles = false;
 
+        /* @var $wp_styles WP_Styles */
         global $wp_styles;
         if ( !is_a($wp_styles, 'WP_Styles') ) {
                 if ( !$handles )
@@ -37 +38 @@
  *
  * @since r79
  * @see WP_Styles::add() For parameter and additional information.
+ * @global WP_Styles $wp_styles
+ * @return void
  */
 function wp_register_style( $handle, $src, $deps = array(), $ver = false, $media = 'all' ) {
+        /* @var $wp_styles WP_Styles */
         global $wp_styles;
         if ( !is_a($wp_styles, 'WP_Styles') )
                 $wp_styles = new WP_Styles();
@@ -51 +55 @@
  *
  * @since r79
  * @see WP_Styles::remove() For parameter and additional information.
+ * @global WP_Styles $wp_styles
  */
 function wp_deregister_style( $handle ) {
+        /* @var $wp_styles WP_Styles */
         global $wp_styles;
         if ( !is_a($wp_styles, 'WP_Styles') )
                 $wp_styles = new WP_Styles();
@@ -65 +71 @@
  *
  * @since r79
  * @see WP_Styles::add(), WP_Styles::enqueue()
+ * @global WP_Styles $wp_styles
  */
 function wp_enqueue_style( $handle, $src = false, $deps = array(), $ver = false, $media = false ) {
+        /* @var $wp_styles WP_Styles */
         global $wp_styles;
         if ( !is_a($wp_styles, 'WP_Styles') )
                 $wp_styles = new WP_Styles();
@@ -89 +97 @@
  * @param string $handle Handle used to add style.
  * @param string $list Optional, defaults to 'queue'. Others values are 'registered', 'queue', 'done', 'to_do'
  * @return bool
+ * @global WP_Styles $wp_styles
  */
 function wp_style_is( $handle, $list = 'queue' ) {
+        /* @var $wp_styles WP_Styles */
         global $wp_styles;
         if ( !is_a($wp_styles, 'WP_Styles') )
                 $wp_styles = new WP_Styles();

wp-includes/pluggable.php

@@ -35 +35 @@
  * actions on users who aren't signed in.
  *
  * @since 2.0.3
- * @global object $current_user The current user object which holds the user data.
+ * @global WP_User $current_user User-object of request aka The current user object which holds the user data.
  * @uses do_action() Calls 'set_current_user' hook after setting the current user.
  *
  * @param int $id User ID
@@ -43 +43 @@
  * @return WP_User Current user User object
  */
 function wp_set_current_user($id, $name = '') {
+        /* @var $current_user WP_User */
         global $current_user;
 
         if ( isset($current_user) && ($id == $current_user->ID) )
@@ -63 +64 @@
  * Retrieve the current user object.
  *
  * @since 2.0.3
+ * @global WP_User $current_user User-object of request aka The current user object which holds the user data.
  *
  * @return WP_User Current user WP_User object
  */
 function wp_get_current_user() {
+        /* @var $current_user WP_User */
         global $current_user;
 
         get_currentuserinfo();
@@ -84 +87 @@
  * set the current user to 0, which is invalid and won't have any permissions.
  *
  * @since 0.71
- * @uses $current_user Checks if the current user is set
+ * @global WP_User $current_user User-object of request aka The current user object which holds the user data.
  * @uses wp_validate_auth_cookie() Retrieves current logged in user.
  *
- * @return bool|null False on XMLRPC Request and invalid auth cookie. Null when current user set
+ * @return bool|null False on XMLRPC Request and invalid auth cookie. Null when current user set or it was not empty
  */
 function get_currentuserinfo() {
+        /* @var $current_user WP_User */
         global $current_user;
 
         if ( defined('XMLRPC_REQUEST') && XMLRPC_REQUEST )
                 return false;
 
         if ( ! empty($current_user) )
-                return;
+                return null;
 
         if ( ! $user = wp_validate_auth_cookie() ) {
                  if ( empty($_COOKIE[LOGGED_IN_COOKIE]) || !$user = wp_validate_auth_cookie($_COOKIE[LOGGED_IN_COOKIE], 'logged_in') ) {
@@ -106 +110 @@
         }
 
         wp_set_current_user($user);
+
+        return null;
 }
 endif;
 
@@ -1223 +1229 @@
  * @return string The one use form token
  */
 function wp_create_nonce($action = -1) {
+        /* @var $user WP_User */
         $user = wp_get_current_user();
-        $uid = (int) $user->id;
 
+        if ( is_object($user) ) 
+                $uid = (int) $user->id;
+        else
+                $uid = 0;
+
         $i = wp_nonce_tick();
 
         return substr(wp_hash($i . $action . $uid, 'nonce'), -12, 10);

wp-includes/post.php

@@ -1811 +1811 @@
 /**
  * Given the desired slug and some post details computes a unique slug for the post.
  *
+ * @global wpdb $wpdb 
+ * @global WP_Rewrite $wp_rewrite 
  * @param string $slug the desired slug (post_name)
  * @param integer $post_ID
  * @param string $post_status no uniqueness checks are made if the post is still draft or pending
@@ -1822 +1824 @@
         if ( in_array( $post_status, array( 'draft', 'pending' ) ) )
                 return $slug;
 
+        /* @var $wp_rewrite WP_Rewrite
+         * @var $wpdb wpdb */
         global $wpdb, $wp_rewrite;
+        
         $hierarchical_post_types = apply_filters('hierarchical_post_types', array('page'));
         if ( 'attachment' == $post_type ) {
                 // Attachment slugs must be unique across all types.
                 $check_sql = "SELECT post_name FROM $wpdb->posts WHERE post_name = %s AND ID != %d LIMIT 1";
                 $post_name_check = $wpdb->get_var($wpdb->prepare($check_sql, $slug, $post_ID));
 
-                if ( $post_name_check || in_array($slug, $wp_rewrite->feeds) ) {
+                $feeds = $wp_rewrite->feeds;
+                if ( is_null($feeds) )
+                        $feeds = array();
+                
+                if ( $post_name_check || in_array($slug, $feeds) ) {
                         $suffix = 2;
                         do {
                                 $alt_post_name = substr($slug, 0, 200-(strlen($suffix)+1)). "-$suffix";
@@ -1843 +1852 @@
                 // separate namespace than posts so page slugs are allowed to overlap post slugs.
                 $check_sql = "SELECT post_name FROM $wpdb->posts WHERE post_name = %s AND post_type IN ( '" . implode("', '", esc_sql($hierarchical_post_types)) . "' ) AND ID != %d AND post_parent = %d LIMIT 1";
                 $post_name_check = $wpdb->get_var($wpdb->prepare($check_sql, $slug, $post_ID, $post_parent));
+                
+                $feeds = $wp_rewrite->feeds;
+                if ( is_null($feeds) )
+                        $feeds = array();
 
-                if ( $post_name_check || in_array($slug, $wp_rewrite->feeds) ) {
+                if ( $post_name_check || in_array($slug, $feeds) ) {
                         $suffix = 2;
                         do {
                                 $alt_post_name = substr($slug, 0, 200-(strlen($suffix)+1)). "-$suffix";

wp-includes/vars.php

@@ -37 +37 @@
 // Simple browser detection
 $is_lynx = $is_gecko = $is_winIE = $is_macIE = $is_opera = $is_NS4 = $is_safari = $is_chrome = $is_iphone = false;
 
+if ( !isset($_SERVER['HTTP_USER_AGENT']) )
+        $_SERVER['HTTP_USER_AGENT'] = '';
+
 if (strpos($_SERVER['HTTP_USER_AGENT'], 'Lynx') !== false) {
         $is_lynx = true;
 } elseif ( strpos(strtolower($_SERVER['HTTP_USER_AGENT']), 'chrome') !== false ) {

wp-comments-post.php

@@ -17 +17 @@
 
 nocache_headers();
 
-$comment_post_ID = (int) $_POST['comment_post_ID'];
+$comment_post_ID = isset ($_POST['comment_post_ID']) ? (int) $_POST['comment_post_ID'] : null;
 
 $status = $wpdb->get_row( $wpdb->prepare("SELECT post_status, comment_status FROM $wpdb->posts WHERE ID = %d", $comment_post_ID) );
 

wp-trackback.php

@@ -36 +36 @@
 // trackback is done by a POST
 $request_array = 'HTTP_POST_VARS';
 
-if ( !$_GET['tb_id'] ) {
+if ( !isset($_GET['tb_id']) || !$_GET['tb_id'] ) {
         $tb_id = explode('/', $_SERVER['REQUEST_URI']);
         $tb_id = intval( $tb_id[ count($tb_id) - 1 ] );
 }
 
-$tb_url  = $_POST['url'];
-$charset = $_POST['charset'];
+$tb_url  = isset($_POST['url'])     ? $_POST['url']     : '';
+$charset = isset($_POST['charset']) ? $_POST['charset'] : '';
 
 // These three are stripslashed here so that they can be properly escaped after mb_convert_encoding()
-$title     = stripslashes($_POST['title']);
-$excerpt   = stripslashes($_POST['excerpt']);
-$blog_name = stripslashes($_POST['blog_name']);
+$title     = isset($_POST['title'])     ? stripslashes($_POST['title'])      : '';
+$excerpt   = isset($_POST['excerpt'])   ? stripslashes($_POST['excerpt'])    : '';
+$blog_name = isset($_POST['blog_name']) ? stripslashes($_POST['blog_name'])  : '';
 
 if ($charset)
         $charset = strtoupper( trim($charset) );
@@ -72 +72 @@
 if ( is_single() || is_page() )
         $tb_id = $posts[0]->ID;
 
-if ( !intval( $tb_id ) )
+if ( !isset($tb_id) || !intval( $tb_id ) )
         trackback_response(1, 'I really need an ID for this to work.');
 
 if (empty($title) && empty($tb_url) && empty($blog_name)) {