Ticket #11644: 11644.13.diff
| File 11644.13.diff, 14.0 KB (added by , 16 years ago) |
|---|
-
wp-admin/includes/file.php
325 325 // Compute the URL 326 326 $url = $uploads['url'] . "/$filename"; 327 327 328 if ( is_multisite() ) 329 delete_transient( 'dirsize_cache' ); 330 328 331 return apply_filters( 'wp_handle_upload', array( 'file' => $new_file, 'url' => $url, 'type' => $type ) ); 329 332 } 330 333 -
wp-includes/ms-default-filters.php
4 4 add_action ( 'init', 'maybe_add_existing_user_to_blog' ); 5 5 add_action ( 'wpmu_new_user', 'newuser_notify_siteadmin' ); 6 6 add_action ( 'wpmu_activate_user', 'add_new_user_to_blog', 10, 3 ); 7 add_action ( 'sanitize_user', 'strtolower _usernames', 10, 3);7 add_action ( 'sanitize_user', 'strtolower' ); 8 8 9 9 // Blogs 10 10 add_filter ( 'wpmu_validate_blog_signup', 'signup_nonce_check' ); -
wp-includes/ms-functions.php
17 17 18 18 function get_blogaddress_by_id( $blog_id ) { 19 19 $bloginfo = get_blog_details( (int) $blog_id, false ); // only get bare details! 20 return clean_url("http://" . $bloginfo->domain . $bloginfo->path);20 return esc_url( 'http://' . $bloginfo->domain . $bloginfo->path ); 21 21 } 22 22 23 23 function get_blogaddress_by_name( $blogname ) { … … 26 26 if ( is_subdomain_install() ) { 27 27 if ( $blogname == 'main' ) 28 28 $blogname = 'www'; 29 return clean_url( "http://" . $blogname . ".". $current_site->domain . $current_site->path );29 return esc_url( 'http://' . $blogname . '.' . $current_site->domain . $current_site->path ); 30 30 } else { 31 return clean_url( "http://". $current_site->domain . $current_site->path . $blogname . '/' );31 return esc_url( 'http://' . $current_site->domain . $current_site->path . $blogname . '/' ); 32 32 } 33 33 } 34 34 … … 38 38 } else { 39 39 if ( $domain != $_SERVER['HTTP_HOST'] ) { 40 40 $blogname = substr( $domain, 0, strpos( $domain, '.' ) ); 41 if ( $blogname != 'www.' ) { 42 $url = 'http://' . substr( $domain, strpos( $domain, '.' ) + 1 ) . $path . $blogname . '/'; 43 } else { // we're installing the main blog 44 $url = 'http://' . substr( $domain, strpos( $domain, '.' ) + 1 ) . $path; 45 } 41 $url = 'http://' . substr( $domain, strpos( $domain, '.' ) + 1 ) . $path; 42 // we're not installing the main blog 43 if ( $blogname != 'www.' ) 44 $url .= $blogname . '/'; 46 45 } else { // main blog 47 46 $url = 'http://' . $domain . $path; 48 47 } 49 48 } 50 return clean_url($url);49 return esc_url( $url ); 51 50 } 52 51 53 52 function get_sitestats() { … … 55 54 56 55 $stats['blogs'] = get_blog_count(); 57 56 58 $count_ts = get_site_option( "get_user_count_ts");57 $count_ts = get_site_option( 'user_count_ts' ); 59 58 if ( time() - $count_ts > 3600 ) { 60 $count = $wpdb->get_var( "SELECT COUNT(ID) FROM {$wpdb->users}" );61 update_site_option( "user_count", $count );62 update_site_option( "user_count_ts", time() );59 $count = $wpdb->get_var( "SELECT COUNT(ID) FROM $wpdb->users" ); 60 update_site_option( 'user_count', $count ); 61 update_site_option( 'user_count_ts', time() ); 63 62 } else { 64 $count = get_site_option( "user_count");63 $count = get_site_option( 'user_count' ); 65 64 } 66 65 $stats['users'] = $count; 67 66 return $stats; … … 70 69 function get_admin_users_for_domain( $sitedomain = '', $path = '' ) { 71 70 global $wpdb; 72 71 73 if ( $sitedomain == '')72 if ( ! $sitedomain ) 74 73 $site_id = $wpdb->siteid; 75 74 else 76 $site_id = $wpdb->get_var( $wpdb->prepare( "SELECT id FROM $wpdb->site WHERE domain = %s AND path = %s", $sitedomain, $path) );75 $site_id = $wpdb->get_var( $wpdb->prepare( "SELECT id FROM $wpdb->site WHERE domain = %s AND path = %s", $sitedomain, $path ) ); 77 76 78 if ( $site_id != false)79 return $wpdb->get_results( $wpdb->prepare( "SELECT u.ID, u.user_login, u.user_pass FROM $wpdb->users AS u, $wpdb->sitemeta AS sm WHERE sm.meta_key = 'admin_user_id' AND u.ID = sm.meta_value AND sm.site_id = %d", $site_id), ARRAY_A );77 if ( $site_id ) 78 return $wpdb->get_results( $wpdb->prepare( "SELECT u.ID, u.user_login, u.user_pass FROM $wpdb->users AS u, $wpdb->sitemeta AS sm WHERE sm.meta_key = 'admin_user_id' AND u.ID = sm.meta_value AND sm.site_id = %d", $site_id ), ARRAY_A ); 80 79 81 80 return false; 82 81 } … … 119 118 $details = wp_cache_get( $blog_id . $all, 'blog-details' ); 120 119 121 120 if ( $details ) { 122 if ( !is_object($details) && $details == -1 ) 123 return false; 124 elseif ( !is_object($details) ) // Clear old pre-serialized objects. Cache clients do better with that. 125 wp_cache_delete( $blog_id . $all, 'blog-details' ); 126 else 127 return $details; 121 if ( ! is_object( $details ) ) { 122 if ( $details == -1 ) 123 return false; 124 else 125 // Clear old pre-serialized objects. Cache clients do better with that. 126 wp_cache_delete( $blog_id . $all, 'blog-details' ); 127 } 128 return $details; 128 129 } 129 130 130 $details = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM $wpdb->blogs WHERE blog_id = %d /* get_blog_details */", $blog_id) );131 if ( ! $details ) {131 $details = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM $wpdb->blogs WHERE blog_id = %d", $blog_id ) ); 132 if ( ! $details ) { 132 133 wp_cache_set( $blog_id . $all, -1, 'blog-details' ); 133 134 return false; 134 135 } 135 136 136 if ( ! $get_all ) {137 if ( ! $get_all ) { 137 138 wp_cache_set( $blog_id . $all, $details, 'blog-details' ); 138 139 return $details; 139 140 } 140 141 141 $wpdb->suppress_errors(); 142 switch_to_blog( $blog_id ); 143 $details->blogname = get_option( 'blogname' ); 144 $details->siteurl = get_option( 'siteurl' ); 145 $details->post_count = get_option( 'post_count' ); 146 restore_current_blog(); 147 $wpdb->suppress_errors( false ); 142 $details->blogname = get_blog_option( $blog_id, 'blogname' ); 143 $details->siteurl = get_blog_option( $blog_id, 'siteurl' ); 144 $details->post_count = get_blog_option( $blog_id, 'post_count' ); 148 145 149 $details = apply_filters( 'blog_details', $details);146 $details = apply_filters( 'blog_details', $details ); 150 147 151 148 wp_cache_set( $blog_id . $all, $details, 'blog-details' ); 152 149 … … 629 626 if ( is_array( $most_active ) ) { 630 627 reset( $most_active ); 631 628 foreach ( (array) $most_active as $key => $details ) { 632 $url = clean_url("http://" . $details['domain'] . $details['path']);629 $url = esc_url("http://" . $details['domain'] . $details['path']); 633 630 echo "<li>" . $details['postcount'] . " <a href='$url'>$url</a></li>"; 634 631 } 635 632 } … … 1151 1148 else 1152 1149 $activate_url = "http://{$domain}{$path}wp-activate.php?key=$key"; 1153 1150 1154 $activate_url = clean_url($activate_url);1151 $activate_url = esc_url($activate_url); 1155 1152 $admin_email = get_site_option( "admin_email" ); 1156 1153 if ( $admin_email == '' ) 1157 1154 $admin_email = 'support@' . $_SERVER['SERVER_NAME']; 1158 1155 $from_name = get_site_option( "site_name" ) == '' ? 'WordPress' : wp_specialchars( get_site_option( "site_name" ) ); 1159 1156 $message_headers = "MIME-Version: 1.0\n" . "From: \"{$from_name}\" <{$admin_email}>\n" . "Content-Type: text/plain; charset=\"" . get_option('blog_charset') . "\"\n"; 1160 $message = sprintf( apply_filters( 'wpmu_signup_blog_notification_email', __( "To activate your blog, please click the following link:\n\n%s\n\nAfter you activate, you will receive *another email* with your login.\n\nAfter you activate, you can visit your blog here:\n\n%s" ) ), $activate_url, clean_url( "http://{$domain}{$path}" ), $key );1157 $message = sprintf( apply_filters( 'wpmu_signup_blog_notification_email', __( "To activate your blog, please click the following link:\n\n%s\n\nAfter you activate, you will receive *another email* with your login.\n\nAfter you activate, you can visit your blog here:\n\n%s" ) ), $activate_url, esc_url( "http://{$domain}{$path}" ), $key ); 1161 1158 // TODO: Don't hard code activation link. 1162 $subject = sprintf( apply_filters( 'wpmu_signup_blog_notification_subject', __( '[%1s] Activate %2s' ) ), $from_name, clean_url( 'http://' . $domain . $path ) );1159 $subject = sprintf( apply_filters( 'wpmu_signup_blog_notification_subject', __( '[%1s] Activate %2s' ) ), $from_name, esc_url( 'http://' . $domain . $path ) ); 1163 1160 wp_mail($user_email, $subject, $message, $message_headers); 1164 1161 return true; 1165 1162 } … … 1326 1323 if ( is_email($email) == false ) 1327 1324 return false; 1328 1325 1329 $options_site_url = clean_url("http://{$current_site->domain}{$current_site->path}wp-admin/ms-options.php");1326 $options_site_url = esc_url("http://{$current_site->domain}{$current_site->path}wp-admin/ms-options.php"); 1330 1327 1331 1328 switch_to_blog( $blog_id ); 1332 1329 $blogname = get_option( 'blogname' ); … … 1357 1354 1358 1355 $user = new WP_User($user_id); 1359 1356 1360 $options_site_url = clean_url("http://{$current_site->domain}{$current_site->path}wp-admin/ms-options.php");1357 $options_site_url = esc_url("http://{$current_site->domain}{$current_site->path}wp-admin/ms-options.php"); 1361 1358 $msg = sprintf(__("New User: %1s 1362 1359 Remote IP: %2s 1363 1360 … … 1594 1591 return $dirsize[ $directory ][ 'size' ]; 1595 1592 } 1596 1593 1597 function clear_dirsize_cache( $file = true ) {1598 delete_transient( 'dirsize_cache' );1599 return $file;1600 }1601 add_filter( 'wp_handle_upload', 'clear_dirsize_cache' );1602 add_action( 'delete_attachment', 'clear_dirsize_cache' );1603 1604 1594 function recurse_dirsize( $directory ) { 1605 1595 $size = 0; 1606 1596 … … 1835 1825 update_blog_status( $wpdb->blogid, 'public', (int) $value ); 1836 1826 } 1837 1827 add_action('update_option_blog_public', 'update_blog_public', 10, 2); 1838 1839 function strtolower_usernames( $username, $raw, $strict ) { 1840 return strtolower( $username ); 1841 } 1842 1828 1843 1829 /* Redirect all hits to "dashboard" blog to wp-admin/ Dashboard. */ 1844 1830 function redirect_mu_dashboard() { 1845 1831 global $current_site, $current_blog; … … 1854 1840 add_action( 'template_redirect', 'redirect_mu_dashboard' ); 1855 1841 1856 1842 function get_dashboard_blog() { 1857 global $current_site; 1843 if ( $blog = get_site_option( 'dashboard_blog' ) ) 1844 return get_blog_details( $blog ); 1858 1845 1859 if ( get_site_option( 'dashboard_blog' ) == false ) 1860 return get_blog_details( $current_site->blog_id ); 1861 else 1862 return get_blog_details( get_site_option( 'dashboard_blog' ) ); 1846 return get_blog_details( $GLOBALS['current_site']->blog_id ); 1863 1847 } 1864 1848 1865 1849 function is_user_option_local( $key, $user_id = 0, $blog_id = 0 ) { … … 1878 1862 return false; 1879 1863 } 1880 1864 1881 function retrieve_password_sitename( $title ) {1882 global $current_site;1883 return sprintf( __( '[%s] Password Reset' ), $current_site->site_name );1884 }1885 add_filter( 'retrieve_password_title', 'retrieve_password_sitename' );1886 1887 function reset_password_sitename( $title ) {1888 global $current_site;1889 return sprintf( __( '[%s] Your new password' ), $current_site->site_name );1890 }1891 add_filter( 'password_reset_title', 'reset_password_sitename' );1892 1893 function lowercase_username( $username, $raw_username, $strict ) {1894 return strtolower( $username );1895 }1896 add_filter( 'sanitize_user', 'lowercase_username', 10, 3 );1897 1898 1865 function users_can_register_signup_filter() { 1899 1866 $registration = get_site_option('registration'); 1900 1867 if ( $registration == 'all' || $registration == 'user' ) 1901 1868 return true; 1902 else 1903 1869 1870 return false; 1904 1871 } 1905 1872 add_filter('option_users_can_register', 'users_can_register_signup_filter'); 1906 1873 … … 1949 1916 * 1950 1917 * @since 2.8.5 1951 1918 **/ 1952 function filter_SSL( $url ) {1919 function filter_SSL( $url ) { 1953 1920 if ( !is_string( $url ) ) 1954 1921 return get_bloginfo( 'url' ); //return home blog url with proper scheme 1955 1922 -
wp-includes/post.php
3177 3177 $backup_sizes = get_post_meta( $post->ID, '_wp_attachment_backup_sizes', true ); 3178 3178 $file = get_attached_file( $post_id ); 3179 3179 3180 if ( is_multisite() ) 3181 delete_transient( 'dirsize_cache' ); 3182 3180 3183 do_action('delete_attachment', $post_id); 3181 3184 3182 3185 wp_delete_object_term_relationships($post_id, array('category', 'post_tag')); -
wp-login.php
195 195 else 196 196 $message .= 'http://' . trailingslashit( $current_site->domain . $current_site->path ) . "wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login) . "\r\n"; 197 197 198 // The blogname option is escaped with esc_html on the way into the database in sanitize_option 199 // we want to reverse this for the plain text arena of emails. 200 $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES); 198 if ( is_multisite() ) 199 $blogname = $GLOBALS['current_site']->site_name; 200 else 201 // The blogname option is escaped with esc_html on the way into the database in sanitize_option 202 // we want to reverse this for the plain text arena of emails. 203 $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES); 201 204 202 $title = sprintf( __('[%s] Password Reset'), $blogname);205 $title = sprintf( __('[%s] Password Reset'), $blogname ); 203 206 204 207 $title = apply_filters('retrieve_password_title', $title); 205 208 $message = apply_filters('retrieve_password_message', $message, $key); … … 244 247 $message .= sprintf(__('Password: %s'), $new_pass) . "\r\n"; 245 248 $message .= site_url('wp-login.php', 'login') . "\r\n"; 246 249 247 // The blogname option is escaped with esc_html on the way into the database in sanitize_option 248 // we want to reverse this for the plain text arena of emails. 249 $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES); 250 if ( is_multisite() ) 251 $blogname = $GLOBALS['current_site']->site_name; 252 else 253 // The blogname option is escaped with esc_html on the way into the database in sanitize_option 254 // we want to reverse this for the plain text arena of emails. 255 $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES); 250 256 251 $title = sprintf( __('[%s] Your new password'), $blogname);257 $title = sprintf( __('[%s] Your new password'), $blogname ); 252 258 253 259 $title = apply_filters('password_reset_title', $title); 254 260 $message = apply_filters('password_reset_message', $message, $new_pass);