WordPress.org

Make WordPress Core

Ticket #20007: WPRegisterNotificationsOption.diff

File WPRegisterNotificationsOption.diff, 240.6 KB (added by Veraxus, 2 years ago)

Diff with minor changes to: /wp-admin/options-discussion.php, /wp-admin/options.php, /wp-includes/pluggable.php, and /wp-admin/includes/schema.php

Line 
1diff  includes/schema.php includes/schema.php
21,962c1,963
3< <?php
4< /**
5<  * WordPress Administration Scheme API
6<  *
7<  * Here we keep the DB structure and option values.
8<  *
9<  * @package WordPress
10<  * @subpackage Administration
11<  */
12<
13< // Declare these as global in case schema.php is included from a function.
14< global $wpdb, $wp_queries, $charset_collate;
15<
16< /**
17<  * The database character collate.
18<  * @var string
19<  * @global string
20<  * @name $charset_collate
21<  */
22< $charset_collate = '';
23<
24< if ( ! empty( $wpdb->charset ) )
25<       $charset_collate = "DEFAULT CHARACTER SET $wpdb->charset";
26< if ( ! empty( $wpdb->collate ) )
27<       $charset_collate .= " COLLATE $wpdb->collate";
28<
29< /**
30<  * Retrieve the SQL for creating database tables.
31<  *
32<  * @since 3.3.0
33<  *
34<  * @param string $scope Optional. The tables for which to retrieve SQL. Can be all, global, ms_global, or blog tables. Defaults to all.
35<  * @param int $blog_id Optional. The blog ID for which to retrieve SQL.  Default is the current blog ID.
36<  * @return string The SQL needed to create the requested tables.
37<  */
38< function wp_get_db_schema( $scope = 'all', $blog_id = null ) {
39<       global $wpdb;
40<
41<       $charset_collate = '';
42<
43<       if ( ! empty($wpdb->charset) )
44<               $charset_collate = "DEFAULT CHARACTER SET $wpdb->charset";
45<       if ( ! empty($wpdb->collate) )
46<               $charset_collate .= " COLLATE $wpdb->collate";
47<
48<       if ( $blog_id && $blog_id != $wpdb->blogid )
49<               $old_blog_id = $wpdb->set_blog_id( $blog_id );
50<
51<       // Engage multisite if in the middle of turning it on from network.php.
52<       $is_multisite = is_multisite() || ( defined( 'WP_INSTALLING_NETWORK' ) && WP_INSTALLING_NETWORK );
53<
54<       // Blog specific tables.
55<       $blog_tables = "CREATE TABLE $wpdb->terms (
56<  term_id bigint(20) unsigned NOT NULL auto_increment,
57<  name varchar(200) NOT NULL default '',
58<  slug varchar(200) NOT NULL default '',
59<  term_group bigint(10) NOT NULL default 0,
60<  PRIMARY KEY  (term_id),
61<  UNIQUE KEY slug (slug),
62<  KEY name (name)
63< ) $charset_collate;
64< CREATE TABLE $wpdb->term_taxonomy (
65<  term_taxonomy_id bigint(20) unsigned NOT NULL auto_increment,
66<  term_id bigint(20) unsigned NOT NULL default 0,
67<  taxonomy varchar(32) NOT NULL default '',
68<  description longtext NOT NULL,
69<  parent bigint(20) unsigned NOT NULL default 0,
70<  count bigint(20) NOT NULL default 0,
71<  PRIMARY KEY  (term_taxonomy_id),
72<  UNIQUE KEY term_id_taxonomy (term_id,taxonomy),
73<  KEY taxonomy (taxonomy)
74< ) $charset_collate;
75< CREATE TABLE $wpdb->term_relationships (
76<  object_id bigint(20) unsigned NOT NULL default 0,
77<  term_taxonomy_id bigint(20) unsigned NOT NULL default 0,
78<  term_order int(11) NOT NULL default 0,
79<  PRIMARY KEY  (object_id,term_taxonomy_id),
80<  KEY term_taxonomy_id (term_taxonomy_id)
81< ) $charset_collate;
82< CREATE TABLE $wpdb->commentmeta (
83<   meta_id bigint(20) unsigned NOT NULL auto_increment,
84<   comment_id bigint(20) unsigned NOT NULL default '0',
85<   meta_key varchar(255) default NULL,
86<   meta_value longtext,
87<   PRIMARY KEY  (meta_id),
88<   KEY comment_id (comment_id),
89<   KEY meta_key (meta_key)
90< ) $charset_collate;
91< CREATE TABLE $wpdb->comments (
92<   comment_ID bigint(20) unsigned NOT NULL auto_increment,
93<   comment_post_ID bigint(20) unsigned NOT NULL default '0',
94<   comment_author tinytext NOT NULL,
95<   comment_author_email varchar(100) NOT NULL default '',
96<   comment_author_url varchar(200) NOT NULL default '',
97<   comment_author_IP varchar(100) NOT NULL default '',
98<   comment_date datetime NOT NULL default '0000-00-00 00:00:00',
99<   comment_date_gmt datetime NOT NULL default '0000-00-00 00:00:00',
100<   comment_content text NOT NULL,
101<   comment_karma int(11) NOT NULL default '0',
102<   comment_approved varchar(20) NOT NULL default '1',
103<   comment_agent varchar(255) NOT NULL default '',
104<   comment_type varchar(20) NOT NULL default '',
105<   comment_parent bigint(20) unsigned NOT NULL default '0',
106<   user_id bigint(20) unsigned NOT NULL default '0',
107<   PRIMARY KEY  (comment_ID),
108<   KEY comment_approved (comment_approved),
109<   KEY comment_post_ID (comment_post_ID),
110<   KEY comment_approved_date_gmt (comment_approved,comment_date_gmt),
111<   KEY comment_date_gmt (comment_date_gmt),
112<   KEY comment_parent (comment_parent)
113< ) $charset_collate;
114< CREATE TABLE $wpdb->links (
115<   link_id bigint(20) unsigned NOT NULL auto_increment,
116<   link_url varchar(255) NOT NULL default '',
117<   link_name varchar(255) NOT NULL default '',
118<   link_image varchar(255) NOT NULL default '',
119<   link_target varchar(25) NOT NULL default '',
120<   link_description varchar(255) NOT NULL default '',
121<   link_visible varchar(20) NOT NULL default 'Y',
122<   link_owner bigint(20) unsigned NOT NULL default '1',
123<   link_rating int(11) NOT NULL default '0',
124<   link_updated datetime NOT NULL default '0000-00-00 00:00:00',
125<   link_rel varchar(255) NOT NULL default '',
126<   link_notes mediumtext NOT NULL,
127<   link_rss varchar(255) NOT NULL default '',
128<   PRIMARY KEY  (link_id),
129<   KEY link_visible (link_visible)
130< ) $charset_collate;
131< CREATE TABLE $wpdb->options (
132<   option_id bigint(20) unsigned NOT NULL auto_increment,
133<   blog_id int(11) NOT NULL default '0',
134<   option_name varchar(64) NOT NULL default '',
135<   option_value longtext NOT NULL,
136<   autoload varchar(20) NOT NULL default 'yes',
137<   PRIMARY KEY  (option_id),
138<   UNIQUE KEY option_name (option_name)
139< ) $charset_collate;
140< CREATE TABLE $wpdb->postmeta (
141<   meta_id bigint(20) unsigned NOT NULL auto_increment,
142<   post_id bigint(20) unsigned NOT NULL default '0',
143<   meta_key varchar(255) default NULL,
144<   meta_value longtext,
145<   PRIMARY KEY  (meta_id),
146<   KEY post_id (post_id),
147<   KEY meta_key (meta_key)
148< ) $charset_collate;
149< CREATE TABLE $wpdb->posts (
150<   ID bigint(20) unsigned NOT NULL auto_increment,
151<   post_author bigint(20) unsigned NOT NULL default '0',
152<   post_date datetime NOT NULL default '0000-00-00 00:00:00',
153<   post_date_gmt datetime NOT NULL default '0000-00-00 00:00:00',
154<   post_content longtext NOT NULL,
155<   post_title text NOT NULL,
156<   post_excerpt text NOT NULL,
157<   post_status varchar(20) NOT NULL default 'publish',
158<   comment_status varchar(20) NOT NULL default 'open',
159<   ping_status varchar(20) NOT NULL default 'open',
160<   post_password varchar(20) NOT NULL default '',
161<   post_name varchar(200) NOT NULL default '',
162<   to_ping text NOT NULL,
163<   pinged text NOT NULL,
164<   post_modified datetime NOT NULL default '0000-00-00 00:00:00',
165<   post_modified_gmt datetime NOT NULL default '0000-00-00 00:00:00',
166<   post_content_filtered text NOT NULL,
167<   post_parent bigint(20) unsigned NOT NULL default '0',
168<   guid varchar(255) NOT NULL default '',
169<   menu_order int(11) NOT NULL default '0',
170<   post_type varchar(20) NOT NULL default 'post',
171<   post_mime_type varchar(100) NOT NULL default '',
172<   comment_count bigint(20) NOT NULL default '0',
173<   PRIMARY KEY  (ID),
174<   KEY post_name (post_name),
175<   KEY type_status_date (post_type,post_status,post_date,ID),
176<   KEY post_parent (post_parent),
177<   KEY post_author (post_author)
178< ) $charset_collate;\n";
179<
180<       // Single site users table. The multisite flavor of the users table is handled below.
181<       $users_single_table = "CREATE TABLE $wpdb->users (
182<   ID bigint(20) unsigned NOT NULL auto_increment,
183<   user_login varchar(60) NOT NULL default '',
184<   user_pass varchar(64) NOT NULL default '',
185<   user_nicename varchar(50) NOT NULL default '',
186<   user_email varchar(100) NOT NULL default '',
187<   user_url varchar(100) NOT NULL default '',
188<   user_registered datetime NOT NULL default '0000-00-00 00:00:00',
189<   user_activation_key varchar(60) NOT NULL default '',
190<   user_status int(11) NOT NULL default '0',
191<   display_name varchar(250) NOT NULL default '',
192<   PRIMARY KEY  (ID),
193<   KEY user_login_key (user_login),
194<   KEY user_nicename (user_nicename)
195< ) $charset_collate;\n";
196<
197<       // Multisite users table
198<       $users_multi_table = "CREATE TABLE $wpdb->users (
199<   ID bigint(20) unsigned NOT NULL auto_increment,
200<   user_login varchar(60) NOT NULL default '',
201<   user_pass varchar(64) NOT NULL default '',
202<   user_nicename varchar(50) NOT NULL default '',
203<   user_email varchar(100) NOT NULL default '',
204<   user_url varchar(100) NOT NULL default '',
205<   user_registered datetime NOT NULL default '0000-00-00 00:00:00',
206<   user_activation_key varchar(60) NOT NULL default '',
207<   user_status int(11) NOT NULL default '0',
208<   display_name varchar(250) NOT NULL default '',
209<   spam tinyint(2) NOT NULL default '0',
210<   deleted tinyint(2) NOT NULL default '0',
211<   PRIMARY KEY  (ID),
212<   KEY user_login_key (user_login),
213<   KEY user_nicename (user_nicename)
214< ) $charset_collate;\n";
215<
216<       // usermeta
217<       $usermeta_table = "CREATE TABLE $wpdb->usermeta (
218<   umeta_id bigint(20) unsigned NOT NULL auto_increment,
219<   user_id bigint(20) unsigned NOT NULL default '0',
220<   meta_key varchar(255) default NULL,
221<   meta_value longtext,
222<   PRIMARY KEY  (umeta_id),
223<   KEY user_id (user_id),
224<   KEY meta_key (meta_key)
225< ) $charset_collate;\n";
226<
227<       // Global tables
228<       if ( $is_multisite )
229<               $global_tables = $users_multi_table . $usermeta_table;
230<       else
231<               $global_tables = $users_single_table . $usermeta_table;
232<
233<       // Multisite global tables.
234<       $ms_global_tables = "CREATE TABLE $wpdb->blogs (
235<   blog_id bigint(20) NOT NULL auto_increment,
236<   site_id bigint(20) NOT NULL default '0',
237<   domain varchar(200) NOT NULL default '',
238<   path varchar(100) NOT NULL default '',
239<   registered datetime NOT NULL default '0000-00-00 00:00:00',
240<   last_updated datetime NOT NULL default '0000-00-00 00:00:00',
241<   public tinyint(2) NOT NULL default '1',
242<   archived enum('0','1') NOT NULL default '0',
243<   mature tinyint(2) NOT NULL default '0',
244<   spam tinyint(2) NOT NULL default '0',
245<   deleted tinyint(2) NOT NULL default '0',
246<   lang_id int(11) NOT NULL default '0',
247<   PRIMARY KEY  (blog_id),
248<   KEY domain (domain(50),path(5)),
249<   KEY lang_id (lang_id)
250< ) $charset_collate;
251< CREATE TABLE $wpdb->blog_versions (
252<   blog_id bigint(20) NOT NULL default '0',
253<   db_version varchar(20) NOT NULL default '',
254<   last_updated datetime NOT NULL default '0000-00-00 00:00:00',
255<   PRIMARY KEY  (blog_id),
256<   KEY db_version (db_version)
257< ) $charset_collate;
258< CREATE TABLE $wpdb->registration_log (
259<   ID bigint(20) NOT NULL auto_increment,
260<   email varchar(255) NOT NULL default '',
261<   IP varchar(30) NOT NULL default '',
262<   blog_id bigint(20) NOT NULL default '0',
263<   date_registered datetime NOT NULL default '0000-00-00 00:00:00',
264<   PRIMARY KEY  (ID),
265<   KEY IP (IP)
266< ) $charset_collate;
267< CREATE TABLE $wpdb->site (
268<   id bigint(20) NOT NULL auto_increment,
269<   domain varchar(200) NOT NULL default '',
270<   path varchar(100) NOT NULL default '',
271<   PRIMARY KEY  (id),
272<   KEY domain (domain,path)
273< ) $charset_collate;
274< CREATE TABLE $wpdb->sitemeta (
275<   meta_id bigint(20) NOT NULL auto_increment,
276<   site_id bigint(20) NOT NULL default '0',
277<   meta_key varchar(255) default NULL,
278<   meta_value longtext,
279<   PRIMARY KEY  (meta_id),
280<   KEY meta_key (meta_key),
281<   KEY site_id (site_id)
282< ) $charset_collate;
283< CREATE TABLE $wpdb->signups (
284<   domain varchar(200) NOT NULL default '',
285<   path varchar(100) NOT NULL default '',
286<   title longtext NOT NULL,
287<   user_login varchar(60) NOT NULL default '',
288<   user_email varchar(100) NOT NULL default '',
289<   registered datetime NOT NULL default '0000-00-00 00:00:00',
290<   activated datetime NOT NULL default '0000-00-00 00:00:00',
291<   active tinyint(1) NOT NULL default '0',
292<   activation_key varchar(50) NOT NULL default '',
293<   meta longtext,
294<   KEY activation_key (activation_key),
295<   KEY domain (domain)
296< ) $charset_collate;";
297<
298<       switch ( $scope ) {
299<               case 'blog' :
300<                       $queries = $blog_tables;
301<                       break;
302<               case 'global' :
303<                       $queries = $global_tables;
304<                       if ( $is_multisite )
305<                               $queries .= $ms_global_tables;
306<                       break;
307<               case 'ms_global' :
308<                       $queries = $ms_global_tables;
309<                       break;
310<               default:
311<               case 'all' :
312<                       $queries = $global_tables . $blog_tables;
313<                       if ( $is_multisite )
314<                               $queries .= $ms_global_tables;
315<                       break;
316<       }
317<
318<       if ( isset( $old_blog_id ) )
319<               $wpdb->set_blog_id( $old_blog_id );
320<
321<       return $queries;
322< }
323<
324< // Populate for back compat.
325< $wp_queries = wp_get_db_schema( 'all' );
326<
327< /**
328<  * Create WordPress options and set the default values.
329<  *
330<  * @since 1.5.0
331<  * @uses $wpdb
332<  * @uses $wp_db_version
333<  */
334< function populate_options() {
335<       global $wpdb, $wp_db_version, $current_site, $wp_current_db_version;
336<
337<       $guessurl = wp_guess_url();
338<
339<       do_action('populate_options');
340<
341<       if ( ini_get('safe_mode') ) {
342<               // Safe mode can break mkdir() so use a flat structure by default.
343<               $uploads_use_yearmonth_folders = 0;
344<       } else {
345<               $uploads_use_yearmonth_folders = 1;
346<       }
347<
348<       $template = WP_DEFAULT_THEME;
349<       // If default theme is a child theme, we need to get its template
350<       foreach ( (array) get_themes() as $theme ) {
351<               if ( WP_DEFAULT_THEME == $theme['Stylesheet'] ) {
352<                       $template = $theme['Template'];
353<                       break;
354<               }
355<       }
356<
357<       $options = array(
358<       'siteurl' => $guessurl,
359<       'blogname' => __('My Site'),
360<       /* translators: blog tagline */
361<       'blogdescription' => __('Just another WordPress site'),
362<       'users_can_register' => 0,
363<       'admin_email' => 'you@example.com',
364<       'start_of_week' => 1,
365<       'use_balanceTags' => 0,
366<       'use_smilies' => 1,
367<       'require_name_email' => 1,
368<       'comments_notify' => 1,
369<       'posts_per_rss' => 10,
370<       'rss_use_excerpt' => 0,
371<       'mailserver_url' => 'mail.example.com',
372<       'mailserver_login' => 'login@example.com',
373<       'mailserver_pass' => 'password',
374<       'mailserver_port' => 110,
375<       'default_category' => 1,
376<       'default_comment_status' => 'open',
377<       'default_ping_status' => 'open',
378<       'default_pingback_flag' => 1,
379<       'default_post_edit_rows' => 20,
380<       'posts_per_page' => 10,
381<       /* translators: default date format, see http://php.net/date */
382<       'date_format' => __('F j, Y'),
383<       /* translators: default time format, see http://php.net/date */
384<       'time_format' => __('g:i a'),
385<       /* translators: links last updated date format, see http://php.net/date */
386<       'links_updated_date_format' => __('F j, Y g:i a'),
387<       'links_recently_updated_prepend' => '<em>',
388<       'links_recently_updated_append' => '</em>',
389<       'links_recently_updated_time' => 120,
390<       'comment_moderation' => 0,
391<       'moderation_notify' => 1,
392<       'permalink_structure' => '',
393<       'gzipcompression' => 0,
394<       'hack_file' => 0,
395<       'blog_charset' => 'UTF-8',
396<       'moderation_keys' => '',
397<       'active_plugins' => array(),
398<       'home' => $guessurl,
399<       'category_base' => '',
400<       'ping_sites' => 'http://rpc.pingomatic.com/',
401<       'advanced_edit' => 0,
402<       'comment_max_links' => 2,
403<       'gmt_offset' => date('Z') / 3600,
404<
405<       // 1.5
406<       'default_email_category' => 1,
407<       'recently_edited' => '',
408<       'template' => $template,
409<       'stylesheet' => WP_DEFAULT_THEME,
410<       'comment_whitelist' => 1,
411<       'blacklist_keys' => '',
412<       'comment_registration' => 0,
413<       'rss_language' => 'en',
414<       'html_type' => 'text/html',
415<
416<       // 1.5.1
417<       'use_trackback' => 0,
418<
419<       // 2.0
420<       'default_role' => 'subscriber',
421<       'db_version' => $wp_db_version,
422<
423<       // 2.0.1
424<       'uploads_use_yearmonth_folders' => $uploads_use_yearmonth_folders,
425<       'upload_path' => '',
426<
427<       // 2.1
428<       'blog_public' => '1',
429<       'default_link_category' => 2,
430<       'show_on_front' => 'posts',
431<
432<       // 2.2
433<       'tag_base' => '',
434<
435<       // 2.5
436<       'show_avatars' => '1',
437<       'avatar_rating' => 'G',
438<       'upload_url_path' => '',
439<       'thumbnail_size_w' => 150,
440<       'thumbnail_size_h' => 150,
441<       'thumbnail_crop' => 1,
442<       'medium_size_w' => 300,
443<       'medium_size_h' => 300,
444<
445<       // 2.6
446<       'avatar_default' => 'mystery',
447<       'enable_app' => 0,
448<       'enable_xmlrpc' => 0,
449<
450<       // 2.7
451<       'large_size_w' => 1024,
452<       'large_size_h' => 1024,
453<       'image_default_link_type' => 'file',
454<       'image_default_size' => '',
455<       'image_default_align' => '',
456<       'close_comments_for_old_posts' => 0,
457<       'close_comments_days_old' => 14,
458<       'thread_comments' => 1,
459<       'thread_comments_depth' => 5,
460<       'page_comments' => 0,
461<       'comments_per_page' => 50,
462<       'default_comments_page' => 'newest',
463<       'comment_order' => 'asc',
464<       'sticky_posts' => array(),
465<       'widget_categories' => array(),
466<       'widget_text' => array(),
467<       'widget_rss' => array(),
468<
469<       // 2.8
470<       'timezone_string' => '',
471<
472<       // 2.9
473<       'embed_autourls' => 1,
474<       'embed_size_w' => '',
475<       'embed_size_h' => 600,
476<
477<       // 3.0
478<       'page_for_posts' => 0,
479<       'page_on_front' => 0,
480<
481<       // 3.1
482<       'default_post_format' => 0,
483<       );
484<
485<       // 3.3
486<       if ( ! is_multisite() ) {
487<               $options['initial_db_version'] = ! empty( $wp_current_db_version ) && $wp_current_db_version < $wp_db_version
488<                       ? $wp_current_db_version : $wp_db_version;
489<       }
490<
491<       // 3.0 multisite
492<       if ( is_multisite() ) {
493<               /* translators: blog tagline */
494<               $options[ 'blogdescription' ] = sprintf(__('Just another %s site'), $current_site->site_name );
495<               $options[ 'permalink_structure' ] = '/%year%/%monthnum%/%day%/%postname%/';
496<       }
497<
498<       // Set autoload to no for these options
499<       $fat_options = array( 'moderation_keys', 'recently_edited', 'blacklist_keys' );
500<
501<       $existing_options = $wpdb->get_col("SELECT option_name FROM $wpdb->options");
502<
503<       $insert = '';
504<       foreach ( $options as $option => $value ) {
505<               if ( in_array($option, $existing_options) )
506<                       continue;
507<               if ( in_array($option, $fat_options) )
508<                       $autoload = 'no';
509<               else
510<                       $autoload = 'yes';
511<
512<               $option = $wpdb->escape($option);
513<               if ( is_array($value) )
514<                       $value = serialize($value);
515<               $value = $wpdb->escape($value);
516<               if ( !empty($insert) )
517<                       $insert .= ', ';
518<               $insert .= "('$option', '$value', '$autoload')";
519<       }
520<
521<       if ( !empty($insert) )
522<               $wpdb->query("INSERT INTO $wpdb->options (option_name, option_value, autoload) VALUES " . $insert);
523<
524<       // in case it is set, but blank, update "home"
525<       if ( !__get_option('home') ) update_option('home', $guessurl);
526<
527<       // Delete unused options
528<       $unusedoptions = array ('blodotgsping_url', 'bodyterminator', 'emailtestonly', 'phoneemail_separator', 'smilies_directory', 'subjectprefix', 'use_bbcode', 'use_blodotgsping', 'use_phoneemail', 'use_quicktags', 'use_weblogsping', 'weblogs_cache_file', 'use_preview', 'use_htmltrans', 'smilies_directory', 'fileupload_allowedusers', 'use_phoneemail', 'default_post_status', 'default_post_category', 'archive_mode', 'time_difference', 'links_minadminlevel', 'links_use_adminlevels', 'links_rating_type', 'links_rating_char', 'links_rating_ignore_zero', 'links_rating_single_image', 'links_rating_image0', 'links_rating_image1', 'links_rating_image2', 'links_rating_image3', 'links_rating_image4', 'links_rating_image5', 'links_rating_image6', 'links_rating_image7', 'links_rating_image8', 'links_rating_image9', 'weblogs_cacheminutes', 'comment_allowed_tags', 'search_engine_friendly_urls', 'default_geourl_lat', 'default_geourl_lon', 'use_default_geourl', 'weblogs_xml_url', 'new_users_can_blog', '_wpnonce', '_wp_http_referer', 'Update', 'action', 'rich_editing', 'autosave_interval', 'deactivated_plugins', 'can_compress_scripts', 'page_uris', 'update_core', 'update_plugins', 'update_themes', 'doing_cron', 'random_seed', 'rss_excerpt_length', 'secret', 'use_linksupdate', 'default_comment_status_page', 'wporg_popular_tags', 'what_to_show');
529<       foreach ( $unusedoptions as $option )
530<               delete_option($option);
531<
532<       // delete obsolete magpie stuff
533<       $wpdb->query("DELETE FROM $wpdb->options WHERE option_name REGEXP '^rss_[0-9a-f]{32}(_ts)?$'");
534< }
535<
536< /**
537<  * Execute WordPress role creation for the various WordPress versions.
538<  *
539<  * @since 2.0.0
540<  */
541< function populate_roles() {
542<       populate_roles_160();
543<       populate_roles_210();
544<       populate_roles_230();
545<       populate_roles_250();
546<       populate_roles_260();
547<       populate_roles_270();
548<       populate_roles_280();
549<       populate_roles_300();
550< }
551<
552< /**
553<  * Create the roles for WordPress 2.0
554<  *
555<  * @since 2.0.0
556<  */
557< function populate_roles_160() {
558<       // Add roles
559<
560<       // Dummy gettext calls to get strings in the catalog.
561<       /* translators: user role */
562<       _x('Administrator', 'User role');
563<       /* translators: user role */
564<       _x('Editor', 'User role');
565<       /* translators: user role */
566<       _x('Author', 'User role');
567<       /* translators: user role */
568<       _x('Contributor', 'User role');
569<       /* translators: user role */
570<       _x('Subscriber', 'User role');
571<
572<       add_role('administrator', 'Administrator');
573<       add_role('editor', 'Editor');
574<       add_role('author', 'Author');
575<       add_role('contributor', 'Contributor');
576<       add_role('subscriber', 'Subscriber');
577<
578<       // Add caps for Administrator role
579<       $role =& get_role('administrator');
580<       $role->add_cap('switch_themes');
581<       $role->add_cap('edit_themes');
582<       $role->add_cap('activate_plugins');
583<       $role->add_cap('edit_plugins');
584<       $role->add_cap('edit_users');
585<       $role->add_cap('edit_files');
586<       $role->add_cap('manage_options');
587<       $role->add_cap('moderate_comments');
588<       $role->add_cap('manage_categories');
589<       $role->add_cap('manage_links');
590<       $role->add_cap('upload_files');
591<       $role->add_cap('import');
592<       $role->add_cap('unfiltered_html');
593<       $role->add_cap('edit_posts');
594<       $role->add_cap('edit_others_posts');
595<       $role->add_cap('edit_published_posts');
596<       $role->add_cap('publish_posts');
597<       $role->add_cap('edit_pages');
598<       $role->add_cap('read');
599<       $role->add_cap('level_10');
600<       $role->add_cap('level_9');
601<       $role->add_cap('level_8');
602<       $role->add_cap('level_7');
603<       $role->add_cap('level_6');
604<       $role->add_cap('level_5');
605<       $role->add_cap('level_4');
606<       $role->add_cap('level_3');
607<       $role->add_cap('level_2');
608<       $role->add_cap('level_1');
609<       $role->add_cap('level_0');
610<
611<       // Add caps for Editor role
612<       $role =& get_role('editor');
613<       $role->add_cap('moderate_comments');
614<       $role->add_cap('manage_categories');
615<       $role->add_cap('manage_links');
616<       $role->add_cap('upload_files');
617<       $role->add_cap('unfiltered_html');
618<       $role->add_cap('edit_posts');
619<       $role->add_cap('edit_others_posts');
620<       $role->add_cap('edit_published_posts');
621<       $role->add_cap('publish_posts');
622<       $role->add_cap('edit_pages');
623<       $role->add_cap('read');
624<       $role->add_cap('level_7');
625<       $role->add_cap('level_6');
626<       $role->add_cap('level_5');
627<       $role->add_cap('level_4');
628<       $role->add_cap('level_3');
629<       $role->add_cap('level_2');
630<       $role->add_cap('level_1');
631<       $role->add_cap('level_0');
632<
633<       // Add caps for Author role
634<       $role =& get_role('author');
635<       $role->add_cap('upload_files');
636<       $role->add_cap('edit_posts');
637<       $role->add_cap('edit_published_posts');
638<       $role->add_cap('publish_posts');
639<       $role->add_cap('read');
640<       $role->add_cap('level_2');
641<       $role->add_cap('level_1');
642<       $role->add_cap('level_0');
643<
644<       // Add caps for Contributor role
645<       $role =& get_role('contributor');
646<       $role->add_cap('edit_posts');
647<       $role->add_cap('read');
648<       $role->add_cap('level_1');
649<       $role->add_cap('level_0');
650<
651<       // Add caps for Subscriber role
652<       $role =& get_role('subscriber');
653<       $role->add_cap('read');
654<       $role->add_cap('level_0');
655< }
656<
657< /**
658<  * Create and modify WordPress roles for WordPress 2.1.
659<  *
660<  * @since 2.1.0
661<  */
662< function populate_roles_210() {
663<       $roles = array('administrator', 'editor');
664<       foreach ($roles as $role) {
665<               $role =& get_role($role);
666<               if ( empty($role) )
667<                       continue;
668<
669<               $role->add_cap('edit_others_pages');
670<               $role->add_cap('edit_published_pages');
671<               $role->add_cap('publish_pages');
672<               $role->add_cap('delete_pages');
673<               $role->add_cap('delete_others_pages');
674<               $role->add_cap('delete_published_pages');
675<               $role->add_cap('delete_posts');
676<               $role->add_cap('delete_others_posts');
677<               $role->add_cap('delete_published_posts');
678<               $role->add_cap('delete_private_posts');
679<               $role->add_cap('edit_private_posts');
680<               $role->add_cap('read_private_posts');
681<               $role->add_cap('delete_private_pages');
682<               $role->add_cap('edit_private_pages');
683<               $role->add_cap('read_private_pages');
684<       }
685<
686<       $role =& get_role('administrator');
687<       if ( ! empty($role) ) {
688<               $role->add_cap('delete_users');
689<               $role->add_cap('create_users');
690<       }
691<
692<       $role =& get_role('author');
693<       if ( ! empty($role) ) {
694<               $role->add_cap('delete_posts');
695<               $role->add_cap('delete_published_posts');
696<       }
697<
698<       $role =& get_role('contributor');
699<       if ( ! empty($role) ) {
700<               $role->add_cap('delete_posts');
701<       }
702< }
703<
704< /**
705<  * Create and modify WordPress roles for WordPress 2.3.
706<  *
707<  * @since 2.3.0
708<  */
709< function populate_roles_230() {
710<       $role =& get_role( 'administrator' );
711<
712<       if ( !empty( $role ) ) {
713<               $role->add_cap( 'unfiltered_upload' );
714<       }
715< }
716<
717< /**
718<  * Create and modify WordPress roles for WordPress 2.5.
719<  *
720<  * @since 2.5.0
721<  */
722< function populate_roles_250() {
723<       $role =& get_role( 'administrator' );
724<
725<       if ( !empty( $role ) ) {
726<               $role->add_cap( 'edit_dashboard' );
727<       }
728< }
729<
730< /**
731<  * Create and modify WordPress roles for WordPress 2.6.
732<  *
733<  * @since 2.6.0
734<  */
735< function populate_roles_260() {
736<       $role =& get_role( 'administrator' );
737<
738<       if ( !empty( $role ) ) {
739<               $role->add_cap( 'update_plugins' );
740<               $role->add_cap( 'delete_plugins' );
741<       }
742< }
743<
744< /**
745<  * Create and modify WordPress roles for WordPress 2.7.
746<  *
747<  * @since 2.7.0
748<  */
749< function populate_roles_270() {
750<       $role =& get_role( 'administrator' );
751<
752<       if ( !empty( $role ) ) {
753<               $role->add_cap( 'install_plugins' );
754<               $role->add_cap( 'update_themes' );
755<       }
756< }
757<
758< /**
759<  * Create and modify WordPress roles for WordPress 2.8.
760<  *
761<  * @since 2.8.0
762<  */
763< function populate_roles_280() {
764<       $role =& get_role( 'administrator' );
765<
766<       if ( !empty( $role ) ) {
767<               $role->add_cap( 'install_themes' );
768<       }
769< }
770<
771< /**
772<  * Create and modify WordPress roles for WordPress 3.0.
773<  *
774<  * @since 3.0.0
775<  */
776< function populate_roles_300() {
777<       $role =& get_role( 'administrator' );
778<
779<       if ( !empty( $role ) ) {
780<               $role->add_cap( 'update_core' );
781<               $role->add_cap( 'list_users' );
782<               $role->add_cap( 'remove_users' );
783<               $role->add_cap( 'add_users' );
784<               $role->add_cap( 'promote_users' );
785<               $role->add_cap( 'edit_theme_options' );
786<               $role->add_cap( 'delete_themes' );
787<               $role->add_cap( 'export' );
788<       }
789< }
790<
791< /**
792<  * Install Network.
793<  *
794<  * @since 3.0.0
795<  *
796<  */
797< if ( !function_exists( 'install_network' ) ) :
798< function install_network() {
799<       if ( ! defined( 'WP_INSTALLING_NETWORK' ) )
800<               define( 'WP_INSTALLING_NETWORK', true );
801<
802<       dbDelta( wp_get_db_schema( 'global' ) );
803< }
804< endif;
805<
806< /**
807<  * populate network settings
808<  *
809<  * @since 3.0.0
810<  *
811<  * @param int $network_id id of network to populate
812<  * @return bool|WP_Error True on success, or WP_Error on warning (with the install otherwise successful,
813<  *    so the error code must be checked) or failure.
814<  */
815< function populate_network( $network_id = 1, $domain = '', $email = '', $site_name = '', $path = '/', $subdomain_install = false ) {
816<       global $wpdb, $current_site, $wp_db_version, $wp_rewrite;
817<
818<       $errors = new WP_Error();
819<       if ( '' == $domain )
820<               $errors->add( 'empty_domain', __( 'You must provide a domain name.' ) );
821<       if ( '' == $site_name )
822<               $errors->add( 'empty_sitename', __( 'You must provide a name for your network of sites.' ) );
823<
824<       // check for network collision
825<       if ( $network_id == $wpdb->get_var( $wpdb->prepare( "SELECT id FROM $wpdb->site WHERE id = %d", $network_id ) ) )
826<               $errors->add( 'siteid_exists', __( 'The network already exists.' ) );
827<
828<       $site_user = get_user_by( 'email', $email );
829<       if ( ! is_email( $email ) )
830<               $errors->add( 'invalid_email', __( 'You must provide a valid e-mail address.' ) );
831<
832<       if ( $errors->get_error_code() )
833<               return $errors;
834<
835<       // set up site tables
836<       $template = get_option( 'template' );
837<       $stylesheet = get_option( 'stylesheet' );
838<       $allowed_themes = array( $stylesheet => true );
839<       if ( $template != $stylesheet )
840<               $allowed_themes[ $template ] = true;
841<       if ( WP_DEFAULT_THEME != $stylesheet && WP_DEFAULT_THEME != $template )
842<               $allowed_themes[ WP_DEFAULT_THEME ] = true;
843<
844<       if ( 1 == $network_id ) {
845<               $wpdb->insert( $wpdb->site, array( 'domain' => $domain, 'path' => $path ) );
846<               $network_id = $wpdb->insert_id;
847<       } else {
848<               $wpdb->insert( $wpdb->site, array( 'domain' => $domain, 'path' => $path, 'id' => $network_id ) );
849<       }
850<
851<       if ( !is_multisite() ) {
852<               $site_admins = array( $site_user->user_login );
853<               $users = get_users( array( 'fields' => array( 'ID', 'user_login' ) ) );
854<               if ( $users ) {
855<                       foreach ( $users as $user ) {
856<                               if ( is_super_admin( $user->ID ) && !in_array( $user->user_login, $site_admins ) )
857<                                       $site_admins[] = $user->user_login;
858<                       }
859<               }
860<       } else {
861<               $site_admins = get_site_option( 'site_admins' );
862<       }
863<
864<       $welcome_email = __( 'Dear User,
865<
866< Your new SITE_NAME site has been successfully set up at:
867< BLOG_URL
868<
869< You can log in to the administrator account with the following information:
870< Username: USERNAME
871< Password: PASSWORD
872< Log in here: BLOG_URLwp-login.php
873<
874< We hope you enjoy your new site. Thanks!
875<
876< --The Team @ SITE_NAME' );
877<
878<       $sitemeta = array(
879<               'site_name' => $site_name,
880<               'admin_email' => $site_user->user_email,
881<               'admin_user_id' => $site_user->ID,
882<               'registration' => 'none',
883<               'upload_filetypes' => 'jpg jpeg png gif mp3 mov avi wmv midi mid pdf',
884<               'blog_upload_space' => 10,
885<               'fileupload_maxk' => 1500,
886<               'site_admins' => $site_admins,
887<               'allowedthemes' => $allowed_themes,
888<               'illegal_names' => array( 'www', 'web', 'root', 'admin', 'main', 'invite', 'administrator', 'files' ),
889<               'wpmu_upgrade_site' => $wp_db_version,
890<               'welcome_email' => $welcome_email,
891<               'first_post' => __( 'Welcome to <a href="SITE_URL">SITE_NAME</a>. This is your first post. Edit or delete it, then start blogging!' ),
892<               // @todo - network admins should have a method of editing the network siteurl (used for cookie hash)
893<               'siteurl' => get_option( 'siteurl' ) . '/',
894<               'add_new_users' => '0',
895<               'upload_space_check_disabled' => '0',
896<               'subdomain_install' => intval( $subdomain_install ),
897<               'global_terms_enabled' => global_terms_enabled() ? '1' : '0',
898<               'initial_db_version' => get_option( 'initial_db_version' ),
899<               'active_sitewide_plugins' => array(),
900<       );
901<       if ( ! $subdomain_install )
902<               $sitemeta['illegal_names'][] = 'blog';
903<
904<       $insert = '';
905<       foreach ( $sitemeta as $meta_key => $meta_value ) {
906<               $meta_key = $wpdb->escape( $meta_key );
907<               if ( is_array( $meta_value ) )
908<                       $meta_value = serialize( $meta_value );
909<               $meta_value = $wpdb->escape( $meta_value );
910<               if ( !empty( $insert ) )
911<                       $insert .= ', ';
912<               $insert .= "( $network_id, '$meta_key', '$meta_value')";
913<       }
914<       $wpdb->query( "INSERT INTO $wpdb->sitemeta ( site_id, meta_key, meta_value ) VALUES " . $insert );
915<
916<       $current_site->domain = $domain;
917<       $current_site->path = $path;
918<       $current_site->site_name = ucfirst( $domain );
919<
920<       if ( !is_multisite() ) {
921<               $wpdb->insert( $wpdb->blogs, array( 'site_id' => $network_id, 'domain' => $domain, 'path' => $path, 'registered' => current_time( 'mysql' ) ) );
922<               $blog_id = $wpdb->insert_id;
923<               update_user_meta( $site_user->ID, 'source_domain', $domain );
924<               update_user_meta( $site_user->ID, 'primary_blog', $blog_id );
925<               if ( !$upload_path = get_option( 'upload_path' ) ) {
926<                       $upload_path = substr( WP_CONTENT_DIR, strlen( ABSPATH ) ) . '/uploads';
927<                       update_option( 'upload_path', $upload_path );
928<               }
929<               update_option( 'fileupload_url', get_option( 'siteurl' ) . '/' . $upload_path );
930<       }
931<
932<       if ( $subdomain_install )
933<               update_option( 'permalink_structure', '/%year%/%monthnum%/%day%/%postname%/');
934<       else
935<               update_option( 'permalink_structure', '/blog/%year%/%monthnum%/%day%/%postname%/');
936<
937<       $wp_rewrite->flush_rules();
938<
939<       if ( $subdomain_install ) {
940<               $vhost_ok = false;
941<               $errstr = '';
942<               $hostname = substr( md5( time() ), 0, 6 ) . '.' . $domain; // Very random hostname!
943<               $page = wp_remote_get( 'http://' . $hostname, array( 'timeout' => 5, 'httpversion' => '1.1' ) );
944<               if ( is_wp_error( $page ) )
945<                       $errstr = $page->get_error_message();
946<               elseif ( 200 == wp_remote_retrieve_response_code( $page ) )
947<                               $vhost_ok = true;
948<
949<               if ( ! $vhost_ok ) {
950<                       $msg = '<p><strong>' . __( 'Warning! Wildcard DNS may not be configured correctly!' ) . '</strong></p>';
951<                       $msg .= '<p>' . sprintf( __( 'The installer attempted to contact a random hostname (<code>%1$s</code>) on your domain.' ), $hostname );
952<                       if ( ! empty ( $errstr ) )
953<                               $msg .= ' ' . sprintf( __( 'This resulted in an error message: %s' ), '<code>' . $errstr . '</code>' );
954<                       $msg .= '</p>';
955<                       $msg .= '<p>' . __( 'To use a subdomain configuration, you must have a wildcard entry in your DNS. This usually means adding a <code>*</code> hostname record pointing at your web server in your DNS configuration tool.' ) . '</p>';
956<                       $msg .= '<p>' . __( 'You can still use your site but any subdomain you create may not be accessible. If you know your DNS is correct, ignore this message.' ) . '</p>';
957<                       return new WP_Error( 'no_wildcard_dns', $msg );
958<               }
959<       }
960<
961<       return true;
962< }
963<
964< ?>
965---
966> <?php
967> /**
968>  * WordPress Administration Scheme API
969>  *
970>  * Here we keep the DB structure and option values.
971>  *
972>  * @package WordPress
973>  * @subpackage Administration
974>  */
975>
976> // Declare these as global in case schema.php is included from a function.
977> global $wpdb, $wp_queries, $charset_collate;
978>
979> /**
980>  * The database character collate.
981>  * @var string
982>  * @global string
983>  * @name $charset_collate
984>  */
985> $charset_collate = '';
986>
987> if ( ! empty( $wpdb->charset ) )
988>       $charset_collate = "DEFAULT CHARACTER SET $wpdb->charset";
989> if ( ! empty( $wpdb->collate ) )
990>       $charset_collate .= " COLLATE $wpdb->collate";
991>
992> /**
993>  * Retrieve the SQL for creating database tables.
994>  *
995>  * @since 3.3.0
996>  *
997>  * @param string $scope Optional. The tables for which to retrieve SQL. Can be all, global, ms_global, or blog tables. Defaults to all.
998>  * @param int $blog_id Optional. The blog ID for which to retrieve SQL.  Default is the current blog ID.
999>  * @return string The SQL needed to create the requested tables.
1000>  */
1001> function wp_get_db_schema( $scope = 'all', $blog_id = null ) {
1002>       global $wpdb;
1003>
1004>       $charset_collate = '';
1005>
1006>       if ( ! empty($wpdb->charset) )
1007>               $charset_collate = "DEFAULT CHARACTER SET $wpdb->charset";
1008>       if ( ! empty($wpdb->collate) )
1009>               $charset_collate .= " COLLATE $wpdb->collate";
1010>
1011>       if ( $blog_id && $blog_id != $wpdb->blogid )
1012>               $old_blog_id = $wpdb->set_blog_id( $blog_id );
1013>
1014>       // Engage multisite if in the middle of turning it on from network.php.
1015>       $is_multisite = is_multisite() || ( defined( 'WP_INSTALLING_NETWORK' ) && WP_INSTALLING_NETWORK );
1016>
1017>       // Blog specific tables.
1018>       $blog_tables = "CREATE TABLE $wpdb->terms (
1019>  term_id bigint(20) unsigned NOT NULL auto_increment,
1020>  name varchar(200) NOT NULL default '',
1021>  slug varchar(200) NOT NULL default '',
1022>  term_group bigint(10) NOT NULL default 0,
1023>  PRIMARY KEY  (term_id),
1024>  UNIQUE KEY slug (slug),
1025>  KEY name (name)
1026> ) $charset_collate;
1027> CREATE TABLE $wpdb->term_taxonomy (
1028>  term_taxonomy_id bigint(20) unsigned NOT NULL auto_increment,
1029>  term_id bigint(20) unsigned NOT NULL default 0,
1030>  taxonomy varchar(32) NOT NULL default '',
1031>  description longtext NOT NULL,
1032>  parent bigint(20) unsigned NOT NULL default 0,
1033>  count bigint(20) NOT NULL default 0,
1034>  PRIMARY KEY  (term_taxonomy_id),
1035>  UNIQUE KEY term_id_taxonomy (term_id,taxonomy),
1036>  KEY taxonomy (taxonomy)
1037> ) $charset_collate;
1038> CREATE TABLE $wpdb->term_relationships (
1039>  object_id bigint(20) unsigned NOT NULL default 0,
1040>  term_taxonomy_id bigint(20) unsigned NOT NULL default 0,
1041>  term_order int(11) NOT NULL default 0,
1042>  PRIMARY KEY  (object_id,term_taxonomy_id),
1043>  KEY term_taxonomy_id (term_taxonomy_id)
1044> ) $charset_collate;
1045> CREATE TABLE $wpdb->commentmeta (
1046>   meta_id bigint(20) unsigned NOT NULL auto_increment,
1047>   comment_id bigint(20) unsigned NOT NULL default '0',
1048>   meta_key varchar(255) default NULL,
1049>   meta_value longtext,
1050>   PRIMARY KEY  (meta_id),
1051>   KEY comment_id (comment_id),
1052>   KEY meta_key (meta_key)
1053> ) $charset_collate;
1054> CREATE TABLE $wpdb->comments (
1055>   comment_ID bigint(20) unsigned NOT NULL auto_increment,
1056>   comment_post_ID bigint(20) unsigned NOT NULL default '0',
1057>   comment_author tinytext NOT NULL,
1058>   comment_author_email varchar(100) NOT NULL default '',
1059>   comment_author_url varchar(200) NOT NULL default '',
1060>   comment_author_IP varchar(100) NOT NULL default '',
1061>   comment_date datetime NOT NULL default '0000-00-00 00:00:00',
1062>   comment_date_gmt datetime NOT NULL default '0000-00-00 00:00:00',
1063>   comment_content text NOT NULL,
1064>   comment_karma int(11) NOT NULL default '0',
1065>   comment_approved varchar(20) NOT NULL default '1',
1066>   comment_agent varchar(255) NOT NULL default '',
1067>   comment_type varchar(20) NOT NULL default '',
1068>   comment_parent bigint(20) unsigned NOT NULL default '0',
1069>   user_id bigint(20) unsigned NOT NULL default '0',
1070>   PRIMARY KEY  (comment_ID),
1071>   KEY comment_approved (comment_approved),
1072>   KEY comment_post_ID (comment_post_ID),
1073>   KEY comment_approved_date_gmt (comment_approved,comment_date_gmt),
1074>   KEY comment_date_gmt (comment_date_gmt),
1075>   KEY comment_parent (comment_parent)
1076> ) $charset_collate;
1077> CREATE TABLE $wpdb->links (
1078>   link_id bigint(20) unsigned NOT NULL auto_increment,
1079>   link_url varchar(255) NOT NULL default '',
1080>   link_name varchar(255) NOT NULL default '',
1081>   link_image varchar(255) NOT NULL default '',
1082>   link_target varchar(25) NOT NULL default '',
1083>   link_description varchar(255) NOT NULL default '',
1084>   link_visible varchar(20) NOT NULL default 'Y',
1085>   link_owner bigint(20) unsigned NOT NULL default '1',
1086>   link_rating int(11) NOT NULL default '0',
1087>   link_updated datetime NOT NULL default '0000-00-00 00:00:00',
1088>   link_rel varchar(255) NOT NULL default '',
1089>   link_notes mediumtext NOT NULL,
1090>   link_rss varchar(255) NOT NULL default '',
1091>   PRIMARY KEY  (link_id),
1092>   KEY link_visible (link_visible)
1093> ) $charset_collate;
1094> CREATE TABLE $wpdb->options (
1095>   option_id bigint(20) unsigned NOT NULL auto_increment,
1096>   blog_id int(11) NOT NULL default '0',
1097>   option_name varchar(64) NOT NULL default '',
1098>   option_value longtext NOT NULL,
1099>   autoload varchar(20) NOT NULL default 'yes',
1100>   PRIMARY KEY  (option_id),
1101>   UNIQUE KEY option_name (option_name)
1102> ) $charset_collate;
1103> CREATE TABLE $wpdb->postmeta (
1104>   meta_id bigint(20) unsigned NOT NULL auto_increment,
1105>   post_id bigint(20) unsigned NOT NULL default '0',
1106>   meta_key varchar(255) default NULL,
1107>   meta_value longtext,
1108>   PRIMARY KEY  (meta_id),
1109>   KEY post_id (post_id),
1110>   KEY meta_key (meta_key)
1111> ) $charset_collate;
1112> CREATE TABLE $wpdb->posts (
1113>   ID bigint(20) unsigned NOT NULL auto_increment,
1114>   post_author bigint(20) unsigned NOT NULL default '0',
1115>   post_date datetime NOT NULL default '0000-00-00 00:00:00',
1116>   post_date_gmt datetime NOT NULL default '0000-00-00 00:00:00',
1117>   post_content longtext NOT NULL,
1118>   post_title text NOT NULL,
1119>   post_excerpt text NOT NULL,
1120>   post_status varchar(20) NOT NULL default 'publish',
1121>   comment_status varchar(20) NOT NULL default 'open',
1122>   ping_status varchar(20) NOT NULL default 'open',
1123>   post_password varchar(20) NOT NULL default '',
1124>   post_name varchar(200) NOT NULL default '',
1125>   to_ping text NOT NULL,
1126>   pinged text NOT NULL,
1127>   post_modified datetime NOT NULL default '0000-00-00 00:00:00',
1128>   post_modified_gmt datetime NOT NULL default '0000-00-00 00:00:00',
1129>   post_content_filtered text NOT NULL,
1130>   post_parent bigint(20) unsigned NOT NULL default '0',
1131>   guid varchar(255) NOT NULL default '',
1132>   menu_order int(11) NOT NULL default '0',
1133>   post_type varchar(20) NOT NULL default 'post',
1134>   post_mime_type varchar(100) NOT NULL default '',
1135>   comment_count bigint(20) NOT NULL default '0',
1136>   PRIMARY KEY  (ID),
1137>   KEY post_name (post_name),
1138>   KEY type_status_date (post_type,post_status,post_date,ID),
1139>   KEY post_parent (post_parent),
1140>   KEY post_author (post_author)
1141> ) $charset_collate;\n";
1142>
1143>       // Single site users table. The multisite flavor of the users table is handled below.
1144>       $users_single_table = "CREATE TABLE $wpdb->users (
1145>   ID bigint(20) unsigned NOT NULL auto_increment,
1146>   user_login varchar(60) NOT NULL default '',
1147>   user_pass varchar(64) NOT NULL default '',
1148>   user_nicename varchar(50) NOT NULL default '',
1149>   user_email varchar(100) NOT NULL default '',
1150>   user_url varchar(100) NOT NULL default '',
1151>   user_registered datetime NOT NULL default '0000-00-00 00:00:00',
1152>   user_activation_key varchar(60) NOT NULL default '',
1153>   user_status int(11) NOT NULL default '0',
1154>   display_name varchar(250) NOT NULL default '',
1155>   PRIMARY KEY  (ID),
1156>   KEY user_login_key (user_login),
1157>   KEY user_nicename (user_nicename)
1158> ) $charset_collate;\n";
1159>
1160>       // Multisite users table
1161>       $users_multi_table = "CREATE TABLE $wpdb->users (
1162>   ID bigint(20) unsigned NOT NULL auto_increment,
1163>   user_login varchar(60) NOT NULL default '',
1164>   user_pass varchar(64) NOT NULL default '',
1165>   user_nicename varchar(50) NOT NULL default '',
1166>   user_email varchar(100) NOT NULL default '',
1167>   user_url varchar(100) NOT NULL default '',
1168>   user_registered datetime NOT NULL default '0000-00-00 00:00:00',
1169>   user_activation_key varchar(60) NOT NULL default '',
1170>   user_status int(11) NOT NULL default '0',
1171>   display_name varchar(250) NOT NULL default '',
1172>   spam tinyint(2) NOT NULL default '0',
1173>   deleted tinyint(2) NOT NULL default '0',
1174>   PRIMARY KEY  (ID),
1175>   KEY user_login_key (user_login),
1176>   KEY user_nicename (user_nicename)
1177> ) $charset_collate;\n";
1178>
1179>       // usermeta
1180>       $usermeta_table = "CREATE TABLE $wpdb->usermeta (
1181>   umeta_id bigint(20) unsigned NOT NULL auto_increment,
1182>   user_id bigint(20) unsigned NOT NULL default '0',
1183>   meta_key varchar(255) default NULL,
1184>   meta_value longtext,
1185>   PRIMARY KEY  (umeta_id),
1186>   KEY user_id (user_id),
1187>   KEY meta_key (meta_key)
1188> ) $charset_collate;\n";
1189>
1190>       // Global tables
1191>       if ( $is_multisite )
1192>               $global_tables = $users_multi_table . $usermeta_table;
1193>       else
1194>               $global_tables = $users_single_table . $usermeta_table;
1195>
1196>       // Multisite global tables.
1197>       $ms_global_tables = "CREATE TABLE $wpdb->blogs (
1198>   blog_id bigint(20) NOT NULL auto_increment,
1199>   site_id bigint(20) NOT NULL default '0',
1200>   domain varchar(200) NOT NULL default '',
1201>   path varchar(100) NOT NULL default '',
1202>   registered datetime NOT NULL default '0000-00-00 00:00:00',
1203>   last_updated datetime NOT NULL default '0000-00-00 00:00:00',
1204>   public tinyint(2) NOT NULL default '1',
1205>   archived enum('0','1') NOT NULL default '0',
1206>   mature tinyint(2) NOT NULL default '0',
1207>   spam tinyint(2) NOT NULL default '0',
1208>   deleted tinyint(2) NOT NULL default '0',
1209>   lang_id int(11) NOT NULL default '0',
1210>   PRIMARY KEY  (blog_id),
1211>   KEY domain (domain(50),path(5)),
1212>   KEY lang_id (lang_id)
1213> ) $charset_collate;
1214> CREATE TABLE $wpdb->blog_versions (
1215>   blog_id bigint(20) NOT NULL default '0',
1216>   db_version varchar(20) NOT NULL default '',
1217>   last_updated datetime NOT NULL default '0000-00-00 00:00:00',
1218>   PRIMARY KEY  (blog_id),
1219>   KEY db_version (db_version)
1220> ) $charset_collate;
1221> CREATE TABLE $wpdb->registration_log (
1222>   ID bigint(20) NOT NULL auto_increment,
1223>   email varchar(255) NOT NULL default '',
1224>   IP varchar(30) NOT NULL default '',
1225>   blog_id bigint(20) NOT NULL default '0',
1226>   date_registered datetime NOT NULL default '0000-00-00 00:00:00',
1227>   PRIMARY KEY  (ID),
1228>   KEY IP (IP)
1229> ) $charset_collate;
1230> CREATE TABLE $wpdb->site (
1231>   id bigint(20) NOT NULL auto_increment,
1232>   domain varchar(200) NOT NULL default '',
1233>   path varchar(100) NOT NULL default '',
1234>   PRIMARY KEY  (id),
1235>   KEY domain (domain,path)
1236> ) $charset_collate;
1237> CREATE TABLE $wpdb->sitemeta (
1238>   meta_id bigint(20) NOT NULL auto_increment,
1239>   site_id bigint(20) NOT NULL default '0',
1240>   meta_key varchar(255) default NULL,
1241>   meta_value longtext,
1242>   PRIMARY KEY  (meta_id),
1243>   KEY meta_key (meta_key),
1244>   KEY site_id (site_id)
1245> ) $charset_collate;
1246> CREATE TABLE $wpdb->signups (
1247>   domain varchar(200) NOT NULL default '',
1248>   path varchar(100) NOT NULL default '',
1249>   title longtext NOT NULL,
1250>   user_login varchar(60) NOT NULL default '',
1251>   user_email varchar(100) NOT NULL default '',
1252>   registered datetime NOT NULL default '0000-00-00 00:00:00',
1253>   activated datetime NOT NULL default '0000-00-00 00:00:00',
1254>   active tinyint(1) NOT NULL default '0',
1255>   activation_key varchar(50) NOT NULL default '',
1256>   meta longtext,
1257>   KEY activation_key (activation_key),
1258>   KEY domain (domain)
1259> ) $charset_collate;";
1260>
1261>       switch ( $scope ) {
1262>               case 'blog' :
1263>                       $queries = $blog_tables;
1264>                       break;
1265>               case 'global' :
1266>                       $queries = $global_tables;
1267>                       if ( $is_multisite )
1268>                               $queries .= $ms_global_tables;
1269>                       break;
1270>               case 'ms_global' :
1271>                       $queries = $ms_global_tables;
1272>                       break;
1273>               default:
1274>               case 'all' :
1275>                       $queries = $global_tables . $blog_tables;
1276>                       if ( $is_multisite )
1277>                               $queries .= $ms_global_tables;
1278>                       break;
1279>       }
1280>
1281>       if ( isset( $old_blog_id ) )
1282>               $wpdb->set_blog_id( $old_blog_id );
1283>
1284>       return $queries;
1285> }
1286>
1287> // Populate for back compat.
1288> $wp_queries = wp_get_db_schema( 'all' );
1289>
1290> /**
1291>  * Create WordPress options and set the default values.
1292>  *
1293>  * @since 1.5.0
1294>  * @uses $wpdb
1295>  * @uses $wp_db_version
1296>  */
1297> function populate_options() {
1298>       global $wpdb, $wp_db_version, $current_site, $wp_current_db_version;
1299>
1300>       $guessurl = wp_guess_url();
1301>
1302>       do_action('populate_options');
1303>
1304>       if ( ini_get('safe_mode') ) {
1305>               // Safe mode can break mkdir() so use a flat structure by default.
1306>               $uploads_use_yearmonth_folders = 0;
1307>       } else {
1308>               $uploads_use_yearmonth_folders = 1;
1309>       }
1310>
1311>       $template = WP_DEFAULT_THEME;
1312>       // If default theme is a child theme, we need to get its template
1313>       foreach ( (array) get_themes() as $theme ) {
1314>               if ( WP_DEFAULT_THEME == $theme['Stylesheet'] ) {
1315>                       $template = $theme['Template'];
1316>                       break;
1317>               }
1318>       }
1319>
1320>       $options = array(
1321>       'siteurl' => $guessurl,
1322>       'blogname' => __('My Site'),
1323>       /* translators: blog tagline */
1324>       'blogdescription' => __('Just another WordPress site'),
1325>       'users_can_register' => 0,
1326>       'admin_email' => 'you@example.com',
1327>       'start_of_week' => 1,
1328>       'use_balanceTags' => 0,
1329>       'use_smilies' => 1,
1330>       'require_name_email' => 1,
1331>       'comments_notify' => 1,
1332>       'posts_per_rss' => 10,
1333>       'rss_use_excerpt' => 0,
1334>       'mailserver_url' => 'mail.example.com',
1335>       'mailserver_login' => 'login@example.com',
1336>       'mailserver_pass' => 'password',
1337>       'mailserver_port' => 110,
1338>       'default_category' => 1,
1339>       'default_comment_status' => 'open',
1340>       'default_ping_status' => 'open',
1341>       'default_pingback_flag' => 1,
1342>       'default_post_edit_rows' => 20,
1343>       'posts_per_page' => 10,
1344>       /* translators: default date format, see http://php.net/date */
1345>       'date_format' => __('F j, Y'),
1346>       /* translators: default time format, see http://php.net/date */
1347>       'time_format' => __('g:i a'),
1348>       /* translators: links last updated date format, see http://php.net/date */
1349>       'links_updated_date_format' => __('F j, Y g:i a'),
1350>       'links_recently_updated_prepend' => '<em>',
1351>       'links_recently_updated_append' => '</em>',
1352>       'links_recently_updated_time' => 120,
1353>       'comment_moderation' => 0,
1354>         'registration_notify' => 1,
1355>       'moderation_notify' => 1,
1356>       'permalink_structure' => '',
1357>       'gzipcompression' => 0,
1358>       'hack_file' => 0,
1359>       'blog_charset' => 'UTF-8',
1360>       'moderation_keys' => '',
1361>       'active_plugins' => array(),
1362>       'home' => $guessurl,
1363>       'category_base' => '',
1364>       'ping_sites' => 'http://rpc.pingomatic.com/',
1365>       'advanced_edit' => 0,
1366>       'comment_max_links' => 2,
1367>       'gmt_offset' => date('Z') / 3600,
1368>
1369>       // 1.5
1370>       'default_email_category' => 1,
1371>       'recently_edited' => '',
1372>       'template' => $template,
1373>       'stylesheet' => WP_DEFAULT_THEME,
1374>       'comment_whitelist' => 1,
1375>       'blacklist_keys' => '',
1376>       'comment_registration' => 0,
1377>       'rss_language' => 'en',
1378>       'html_type' => 'text/html',
1379>
1380>       // 1.5.1
1381>       'use_trackback' => 0,
1382>
1383>       // 2.0
1384>       'default_role' => 'subscriber',
1385>       'db_version' => $wp_db_version,
1386>
1387>       // 2.0.1
1388>       'uploads_use_yearmonth_folders' => $uploads_use_yearmonth_folders,
1389>       'upload_path' => '',
1390>
1391>       // 2.1
1392>       'blog_public' => '1',
1393>       'default_link_category' => 2,
1394>       'show_on_front' => 'posts',
1395>
1396>       // 2.2
1397>       'tag_base' => '',
1398>
1399>       // 2.5
1400>       'show_avatars' => '1',
1401>       'avatar_rating' => 'G',
1402>       'upload_url_path' => '',
1403>       'thumbnail_size_w' => 150,
1404>       'thumbnail_size_h' => 150,
1405>       'thumbnail_crop' => 1,
1406>       'medium_size_w' => 300,
1407>       'medium_size_h' => 300,
1408>
1409>       // 2.6
1410>       'avatar_default' => 'mystery',
1411>       'enable_app' => 0,
1412>       'enable_xmlrpc' => 0,
1413>
1414>       // 2.7
1415>       'large_size_w' => 1024,
1416>       'large_size_h' => 1024,
1417>       'image_default_link_type' => 'file',
1418>       'image_default_size' => '',
1419>       'image_default_align' => '',
1420>       'close_comments_for_old_posts' => 0,
1421>       'close_comments_days_old' => 14,
1422>       'thread_comments' => 1,
1423>       'thread_comments_depth' => 5,
1424>       'page_comments' => 0,
1425>       'comments_per_page' => 50,
1426>       'default_comments_page' => 'newest',
1427>       'comment_order' => 'asc',
1428>       'sticky_posts' => array(),
1429>       'widget_categories' => array(),
1430>       'widget_text' => array(),
1431>       'widget_rss' => array(),
1432>
1433>       // 2.8
1434>       'timezone_string' => '',
1435>
1436>       // 2.9
1437>       'embed_autourls' => 1,
1438>       'embed_size_w' => '',
1439>       'embed_size_h' => 600,
1440>
1441>       // 3.0
1442>       'page_for_posts' => 0,
1443>       'page_on_front' => 0,
1444>
1445>       // 3.1
1446>       'default_post_format' => 0,
1447>       );
1448>
1449>       // 3.3
1450>       if ( ! is_multisite() ) {
1451>               $options['initial_db_version'] = ! empty( $wp_current_db_version ) && $wp_current_db_version < $wp_db_version
1452>                       ? $wp_current_db_version : $wp_db_version;
1453>       }
1454>
1455>       // 3.0 multisite
1456>       if ( is_multisite() ) {
1457>               /* translators: blog tagline */
1458>               $options[ 'blogdescription' ] = sprintf(__('Just another %s site'), $current_site->site_name );
1459>               $options[ 'permalink_structure' ] = '/%year%/%monthnum%/%day%/%postname%/';
1460>       }
1461>
1462>       // Set autoload to no for these options
1463>       $fat_options = array( 'moderation_keys', 'recently_edited', 'blacklist_keys' );
1464>
1465>       $existing_options = $wpdb->get_col("SELECT option_name FROM $wpdb->options");
1466>
1467>       $insert = '';
1468>       foreach ( $options as $option => $value ) {
1469>               if ( in_array($option, $existing_options) )
1470>                       continue;
1471>               if ( in_array($option, $fat_options) )
1472>                       $autoload = 'no';
1473>               else
1474>                       $autoload = 'yes';
1475>
1476>               $option = $wpdb->escape($option);
1477>               if ( is_array($value) )
1478>                       $value = serialize($value);
1479>               $value = $wpdb->escape($value);
1480>               if ( !empty($insert) )
1481>                       $insert .= ', ';
1482>               $insert .= "('$option', '$value', '$autoload')";
1483>       }
1484>
1485>       if ( !empty($insert) )
1486>               $wpdb->query("INSERT INTO $wpdb->options (option_name, option_value, autoload) VALUES " . $insert);
1487>
1488>       // in case it is set, but blank, update "home"
1489>       if ( !__get_option('home') ) update_option('home', $guessurl);
1490>
1491>       // Delete unused options
1492>       $unusedoptions = array ('blodotgsping_url', 'bodyterminator', 'emailtestonly', 'phoneemail_separator', 'smilies_directory', 'subjectprefix', 'use_bbcode', 'use_blodotgsping', 'use_phoneemail', 'use_quicktags', 'use_weblogsping', 'weblogs_cache_file', 'use_preview', 'use_htmltrans', 'smilies_directory', 'fileupload_allowedusers', 'use_phoneemail', 'default_post_status', 'default_post_category', 'archive_mode', 'time_difference', 'links_minadminlevel', 'links_use_adminlevels', 'links_rating_type', 'links_rating_char', 'links_rating_ignore_zero', 'links_rating_single_image', 'links_rating_image0', 'links_rating_image1', 'links_rating_image2', 'links_rating_image3', 'links_rating_image4', 'links_rating_image5', 'links_rating_image6', 'links_rating_image7', 'links_rating_image8', 'links_rating_image9', 'weblogs_cacheminutes', 'comment_allowed_tags', 'search_engine_friendly_urls', 'default_geourl_lat', 'default_geourl_lon', 'use_default_geourl', 'weblogs_xml_url', 'new_users_can_blog', '_wpnonce', '_wp_http_referer', 'Update', 'action', 'rich_editing', 'autosave_interval', 'deactivated_plugins', 'can_compress_scripts', 'page_uris', 'update_core', 'update_plugins', 'update_themes', 'doing_cron', 'random_seed', 'rss_excerpt_length', 'secret', 'use_linksupdate', 'default_comment_status_page', 'wporg_popular_tags', 'what_to_show');
1493>       foreach ( $unusedoptions as $option )
1494>               delete_option($option);
1495>
1496>       // delete obsolete magpie stuff
1497>       $wpdb->query("DELETE FROM $wpdb->options WHERE option_name REGEXP '^rss_[0-9a-f]{32}(_ts)?$'");
1498> }
1499>
1500> /**
1501>  * Execute WordPress role creation for the various WordPress versions.
1502>  *
1503>  * @since 2.0.0
1504>  */
1505> function populate_roles() {
1506>       populate_roles_160();
1507>       populate_roles_210();
1508>       populate_roles_230();
1509>       populate_roles_250();
1510>       populate_roles_260();
1511>       populate_roles_270();
1512>       populate_roles_280();
1513>       populate_roles_300();
1514> }
1515>
1516> /**
1517>  * Create the roles for WordPress 2.0
1518>  *
1519>  * @since 2.0.0
1520>  */
1521> function populate_roles_160() {
1522>       // Add roles
1523>
1524>       // Dummy gettext calls to get strings in the catalog.
1525>       /* translators: user role */
1526>       _x('Administrator', 'User role');
1527>       /* translators: user role */
1528>       _x('Editor', 'User role');
1529>       /* translators: user role */
1530>       _x('Author', 'User role');
1531>       /* translators: user role */
1532>       _x('Contributor', 'User role');
1533>       /* translators: user role */
1534>       _x('Subscriber', 'User role');
1535>
1536>       add_role('administrator', 'Administrator');
1537>       add_role('editor', 'Editor');
1538>       add_role('author', 'Author');
1539>       add_role('contributor', 'Contributor');
1540>       add_role('subscriber', 'Subscriber');
1541>
1542>       // Add caps for Administrator role
1543>       $role =& get_role('administrator');
1544>       $role->add_cap('switch_themes');
1545>       $role->add_cap('edit_themes');
1546>       $role->add_cap('activate_plugins');
1547>       $role->add_cap('edit_plugins');
1548>       $role->add_cap('edit_users');
1549>       $role->add_cap('edit_files');
1550>       $role->add_cap('manage_options');
1551>       $role->add_cap('moderate_comments');
1552>       $role->add_cap('manage_categories');
1553>       $role->add_cap('manage_links');
1554>       $role->add_cap('upload_files');
1555>       $role->add_cap('import');
1556>       $role->add_cap('unfiltered_html');
1557>       $role->add_cap('edit_posts');
1558>       $role->add_cap('edit_others_posts');
1559>       $role->add_cap('edit_published_posts');
1560>       $role->add_cap('publish_posts');
1561>       $role->add_cap('edit_pages');
1562>       $role->add_cap('read');
1563>       $role->add_cap('level_10');
1564>       $role->add_cap('level_9');
1565>       $role->add_cap('level_8');
1566>       $role->add_cap('level_7');
1567>       $role->add_cap('level_6');
1568>       $role->add_cap('level_5');
1569>       $role->add_cap('level_4');
1570>       $role->add_cap('level_3');
1571>       $role->add_cap('level_2');
1572>       $role->add_cap('level_1');
1573>       $role->add_cap('level_0');
1574>
1575>       // Add caps for Editor role
1576>       $role =& get_role('editor');
1577>       $role->add_cap('moderate_comments');
1578>       $role->add_cap('manage_categories');
1579>       $role->add_cap('manage_links');
1580>       $role->add_cap('upload_files');
1581>       $role->add_cap('unfiltered_html');
1582>       $role->add_cap('edit_posts');
1583>       $role->add_cap('edit_others_posts');
1584>       $role->add_cap('edit_published_posts');
1585>       $role->add_cap('publish_posts');
1586>       $role->add_cap('edit_pages');
1587>       $role->add_cap('read');
1588>       $role->add_cap('level_7');
1589>       $role->add_cap('level_6');
1590>       $role->add_cap('level_5');
1591>       $role->add_cap('level_4');
1592>       $role->add_cap('level_3');
1593>       $role->add_cap('level_2');
1594>       $role->add_cap('level_1');
1595>       $role->add_cap('level_0');
1596>
1597>       // Add caps for Author role
1598>       $role =& get_role('author');
1599>       $role->add_cap('upload_files');
1600>       $role->add_cap('edit_posts');
1601>       $role->add_cap('edit_published_posts');
1602>       $role->add_cap('publish_posts');
1603>       $role->add_cap('read');
1604>       $role->add_cap('level_2');
1605>       $role->add_cap('level_1');
1606>       $role->add_cap('level_0');
1607>
1608>       // Add caps for Contributor role
1609>       $role =& get_role('contributor');
1610>       $role->add_cap('edit_posts');
1611>       $role->add_cap('read');
1612>       $role->add_cap('level_1');
1613>       $role->add_cap('level_0');
1614>
1615>       // Add caps for Subscriber role
1616>       $role =& get_role('subscriber');
1617>       $role->add_cap('read');
1618>       $role->add_cap('level_0');
1619> }
1620>
1621> /**
1622>  * Create and modify WordPress roles for WordPress 2.1.
1623>  *
1624>  * @since 2.1.0
1625>  */
1626> function populate_roles_210() {
1627>       $roles = array('administrator', 'editor');
1628>       foreach ($roles as $role) {
1629>               $role =& get_role($role);
1630>               if ( empty($role) )
1631>                       continue;
1632>
1633>               $role->add_cap('edit_others_pages');
1634>               $role->add_cap('edit_published_pages');
1635>               $role->add_cap('publish_pages');
1636>               $role->add_cap('delete_pages');
1637>               $role->add_cap('delete_others_pages');
1638>               $role->add_cap('delete_published_pages');
1639>               $role->add_cap('delete_posts');
1640>               $role->add_cap('delete_others_posts');
1641>               $role->add_cap('delete_published_posts');
1642>               $role->add_cap('delete_private_posts');
1643>               $role->add_cap('edit_private_posts');
1644>               $role->add_cap('read_private_posts');
1645>               $role->add_cap('delete_private_pages');
1646>               $role->add_cap('edit_private_pages');
1647>               $role->add_cap('read_private_pages');
1648>       }
1649>
1650>       $role =& get_role('administrator');
1651>       if ( ! empty($role) ) {
1652>               $role->add_cap('delete_users');
1653>               $role->add_cap('create_users');
1654>       }
1655>
1656>       $role =& get_role('author');
1657>       if ( ! empty($role) ) {
1658>               $role->add_cap('delete_posts');
1659>               $role->add_cap('delete_published_posts');
1660>       }
1661>
1662>       $role =& get_role('contributor');
1663>       if ( ! empty($role) ) {
1664>               $role->add_cap('delete_posts');
1665>       }
1666> }
1667>
1668> /**
1669>  * Create and modify WordPress roles for WordPress 2.3.
1670>  *
1671>  * @since 2.3.0
1672>  */
1673> function populate_roles_230() {
1674>       $role =& get_role( 'administrator' );
1675>
1676>       if ( !empty( $role ) ) {
1677>               $role->add_cap( 'unfiltered_upload' );
1678>       }
1679> }
1680>
1681> /**
1682>  * Create and modify WordPress roles for WordPress 2.5.
1683>  *
1684>  * @since 2.5.0
1685>  */
1686> function populate_roles_250() {
1687>       $role =& get_role( 'administrator' );
1688>
1689>       if ( !empty( $role ) ) {
1690>               $role->add_cap( 'edit_dashboard' );
1691>       }
1692> }
1693>
1694> /**
1695>  * Create and modify WordPress roles for WordPress 2.6.
1696>  *
1697>  * @since 2.6.0
1698>  */
1699> function populate_roles_260() {
1700>       $role =& get_role( 'administrator' );
1701>
1702>       if ( !empty( $role ) ) {
1703>               $role->add_cap( 'update_plugins' );
1704>               $role->add_cap( 'delete_plugins' );
1705>       }
1706> }
1707>
1708> /**
1709>  * Create and modify WordPress roles for WordPress 2.7.
1710>  *
1711>  * @since 2.7.0
1712>  */
1713> function populate_roles_270() {
1714>       $role =& get_role( 'administrator' );
1715>
1716>       if ( !empty( $role ) ) {
1717>               $role->add_cap( 'install_plugins' );
1718>               $role->add_cap( 'update_themes' );
1719>       }
1720> }
1721>
1722> /**
1723>  * Create and modify WordPress roles for WordPress 2.8.
1724>  *
1725>  * @since 2.8.0
1726>  */
1727> function populate_roles_280() {
1728>       $role =& get_role( 'administrator' );
1729>
1730>       if ( !empty( $role ) ) {
1731>               $role->add_cap( 'install_themes' );
1732>       }
1733> }
1734>
1735> /**
1736>  * Create and modify WordPress roles for WordPress 3.0.
1737>  *
1738>  * @since 3.0.0
1739>  */
1740> function populate_roles_300() {
1741>       $role =& get_role( 'administrator' );
1742>
1743>       if ( !empty( $role ) ) {
1744>               $role->add_cap( 'update_core' );
1745>               $role->add_cap( 'list_users' );
1746>               $role->add_cap( 'remove_users' );
1747>               $role->add_cap( 'add_users' );
1748>               $role->add_cap( 'promote_users' );
1749>               $role->add_cap( 'edit_theme_options' );
1750>               $role->add_cap( 'delete_themes' );
1751>               $role->add_cap( 'export' );
1752>       }
1753> }
1754>
1755> /**
1756>  * Install Network.
1757>  *
1758>  * @since 3.0.0
1759>  *
1760>  */
1761> if ( !function_exists( 'install_network' ) ) :
1762> function install_network() {
1763>       if ( ! defined( 'WP_INSTALLING_NETWORK' ) )
1764>               define( 'WP_INSTALLING_NETWORK', true );
1765>
1766>       dbDelta( wp_get_db_schema( 'global' ) );
1767> }
1768> endif;
1769>
1770> /**
1771>  * populate network settings
1772>  *
1773>  * @since 3.0.0
1774>  *
1775>  * @param int $network_id id of network to populate
1776>  * @return bool|WP_Error True on success, or WP_Error on warning (with the install otherwise successful,
1777>  *    so the error code must be checked) or failure.
1778>  */
1779> function populate_network( $network_id = 1, $domain = '', $email = '', $site_name = '', $path = '/', $subdomain_install = false ) {
1780>       global $wpdb, $current_site, $wp_db_version, $wp_rewrite;
1781>
1782>       $errors = new WP_Error();
1783>       if ( '' == $domain )
1784>               $errors->add( 'empty_domain', __( 'You must provide a domain name.' ) );
1785>       if ( '' == $site_name )
1786>               $errors->add( 'empty_sitename', __( 'You must provide a name for your network of sites.' ) );
1787>
1788>       // check for network collision
1789>       if ( $network_id == $wpdb->get_var( $wpdb->prepare( "SELECT id FROM $wpdb->site WHERE id = %d", $network_id ) ) )
1790>               $errors->add( 'siteid_exists', __( 'The network already exists.' ) );
1791>
1792>       $site_user = get_user_by( 'email', $email );
1793>       if ( ! is_email( $email ) )
1794>               $errors->add( 'invalid_email', __( 'You must provide a valid e-mail address.' ) );
1795>
1796>       if ( $errors->get_error_code() )
1797>               return $errors;
1798>
1799>       // set up site tables
1800>       $template = get_option( 'template' );
1801>       $stylesheet = get_option( 'stylesheet' );
1802>       $allowed_themes = array( $stylesheet => true );
1803>       if ( $template != $stylesheet )
1804>               $allowed_themes[ $template ] = true;
1805>       if ( WP_DEFAULT_THEME != $stylesheet && WP_DEFAULT_THEME != $template )
1806>               $allowed_themes[ WP_DEFAULT_THEME ] = true;
1807>
1808>       if ( 1 == $network_id ) {
1809>               $wpdb->insert( $wpdb->site, array( 'domain' => $domain, 'path' => $path ) );
1810>               $network_id = $wpdb->insert_id;
1811>       } else {
1812>               $wpdb->insert( $wpdb->site, array( 'domain' => $domain, 'path' => $path, 'id' => $network_id ) );
1813>       }
1814>
1815>       if ( !is_multisite() ) {
1816>               $site_admins = array( $site_user->user_login );
1817>               $users = get_users( array( 'fields' => array( 'ID', 'user_login' ) ) );
1818>               if ( $users ) {
1819>                       foreach ( $users as $user ) {
1820>                               if ( is_super_admin( $user->ID ) && !in_array( $user->user_login, $site_admins ) )
1821>                                       $site_admins[] = $user->user_login;
1822>                       }
1823>               }
1824>       } else {
1825>               $site_admins = get_site_option( 'site_admins' );
1826>       }
1827>
1828>       $welcome_email = __( 'Dear User,
1829>
1830> Your new SITE_NAME site has been successfully set up at:
1831> BLOG_URL
1832>
1833> You can log in to the administrator account with the following information:
1834> Username: USERNAME
1835> Password: PASSWORD
1836> Log in here: BLOG_URLwp-login.php
1837>
1838> We hope you enjoy your new site. Thanks!
1839>
1840> --The Team @ SITE_NAME' );
1841>
1842>       $sitemeta = array(
1843>               'site_name' => $site_name,
1844>               'admin_email' => $site_user->user_email,
1845>               'admin_user_id' => $site_user->ID,
1846>               'registration' => 'none',
1847>               'upload_filetypes' => 'jpg jpeg png gif mp3 mov avi wmv midi mid pdf',
1848>               'blog_upload_space' => 10,
1849>               'fileupload_maxk' => 1500,
1850>               'site_admins' => $site_admins,
1851>               'allowedthemes' => $allowed_themes,
1852>               'illegal_names' => array( 'www', 'web', 'root', 'admin', 'main', 'invite', 'administrator', 'files' ),
1853>               'wpmu_upgrade_site' => $wp_db_version,
1854>               'welcome_email' => $welcome_email,
1855>               'first_post' => __( 'Welcome to <a href="SITE_URL">SITE_NAME</a>. This is your first post. Edit or delete it, then start blogging!' ),
1856>               // @todo - network admins should have a method of editing the network siteurl (used for cookie hash)
1857>               'siteurl' => get_option( 'siteurl' ) . '/',
1858>               'add_new_users' => '0',
1859>               'upload_space_check_disabled' => '0',
1860>               'subdomain_install' => intval( $subdomain_install ),
1861>               'global_terms_enabled' => global_terms_enabled() ? '1' : '0',
1862>               'initial_db_version' => get_option( 'initial_db_version' ),
1863>               'active_sitewide_plugins' => array(),
1864>       );
1865>       if ( ! $subdomain_install )
1866>               $sitemeta['illegal_names'][] = 'blog';
1867>
1868>       $insert = '';
1869>       foreach ( $sitemeta as $meta_key => $meta_value ) {
1870>               $meta_key = $wpdb->escape( $meta_key );
1871>               if ( is_array( $meta_value ) )
1872>                       $meta_value = serialize( $meta_value );
1873>               $meta_value = $wpdb->escape( $meta_value );
1874>               if ( !empty( $insert ) )
1875>                       $insert .= ', ';
1876>               $insert .= "( $network_id, '$meta_key', '$meta_value')";
1877>       }
1878>       $wpdb->query( "INSERT INTO $wpdb->sitemeta ( site_id, meta_key, meta_value ) VALUES " . $insert );
1879>
1880>       $current_site->domain = $domain;
1881>       $current_site->path = $path;
1882>       $current_site->site_name = ucfirst( $domain );
1883>
1884>       if ( !is_multisite() ) {
1885>               $wpdb->insert( $wpdb->blogs, array( 'site_id' => $network_id, 'domain' => $domain, 'path' => $path, 'registered' => current_time( 'mysql' ) ) );
1886>               $blog_id = $wpdb->insert_id;
1887>               update_user_meta( $site_user->ID, 'source_domain', $domain );
1888>               update_user_meta( $site_user->ID, 'primary_blog', $blog_id );
1889>               if ( !$upload_path = get_option( 'upload_path' ) ) {
1890>                       $upload_path = substr( WP_CONTENT_DIR, strlen( ABSPATH ) ) . '/uploads';
1891>                       update_option( 'upload_path', $upload_path );
1892>               }
1893>               update_option( 'fileupload_url', get_option( 'siteurl' ) . '/' . $upload_path );
1894>       }
1895>
1896>       if ( $subdomain_install )
1897>               update_option( 'permalink_structure', '/%year%/%monthnum%/%day%/%postname%/');
1898>       else
1899>               update_option( 'permalink_structure', '/blog/%year%/%monthnum%/%day%/%postname%/');
1900>
1901>       $wp_rewrite->flush_rules();
1902>
1903>       if ( $subdomain_install ) {
1904>               $vhost_ok = false;
1905>               $errstr = '';
1906>               $hostname = substr( md5( time() ), 0, 6 ) . '.' . $domain; // Very random hostname!
1907>               $page = wp_remote_get( 'http://' . $hostname, array( 'timeout' => 5, 'httpversion' => '1.1' ) );
1908>               if ( is_wp_error( $page ) )
1909>                       $errstr = $page->get_error_message();
1910>               elseif ( 200 == wp_remote_retrieve_response_code( $page ) )
1911>                               $vhost_ok = true;
1912>
1913>               if ( ! $vhost_ok ) {
1914>                       $msg = '<p><strong>' . __( 'Warning! Wildcard DNS may not be configured correctly!' ) . '</strong></p>';
1915>                       $msg .= '<p>' . sprintf( __( 'The installer attempted to contact a random hostname (<code>%1$s</code>) on your domain.' ), $hostname );
1916>                       if ( ! empty ( $errstr ) )
1917>                               $msg .= ' ' . sprintf( __( 'This resulted in an error message: %s' ), '<code>' . $errstr . '</code>' );
1918>                       $msg .= '</p>';
1919>                       $msg .= '<p>' . __( 'To use a subdomain configuration, you must have a wildcard entry in your DNS. This usually means adding a <code>*</code> hostname record pointing at your web server in your DNS configuration tool.' ) . '</p>';
1920>                       $msg .= '<p>' . __( 'You can still use your site but any subdomain you create may not be accessible. If you know your DNS is correct, ignore this message.' ) . '</p>';
1921>                       return new WP_Error( 'no_wildcard_dns', $msg );
1922>               }
1923>       }
1924>
1925>       return true;
1926> }
1927>
1928> ?>
1929diff  options-discussion.php options-discussion.php
19301,253c1,257
1931< <?php
1932< /**
1933<  * Discussion settings administration panel.
1934<  *
1935<  * @package WordPress
1936<  * @subpackage Administration
1937<  */
1938<
1939< /** WordPress Administration Bootstrap */
1940< require_once('./admin.php');
1941<
1942< if ( ! current_user_can( 'manage_options' ) )
1943<       wp_die( __( 'You do not have sufficient permissions to manage options for this site.' ) );
1944<
1945< $title = __('Discussion Settings');
1946< $parent_file = 'options-general.php';
1947<
1948< get_current_screen()->add_help_tab( array(
1949<       'id'      => 'overview',
1950<       'title'   => __('Overview'),
1951<       'content' => '<p>' . __('This screen provides many options for controlling the management and display of comments and links to your posts/pages. So many, in fact, they won&#8217;t all fit here! :) Use the documentation links to get information on what each discussion setting does.') . '</p>' .
1952<               '<p>' . __('You must click the Save Changes button at the bottom of the screen for new settings to take effect.') . '</p>',
1953< ) );
1954<
1955< get_current_screen()->set_help_sidebar(
1956<       '<p><strong>' . __('For more information:') . '</strong></p>' .
1957<       '<p>' . __('<a href="http://codex.wordpress.org/Settings_Discussion_Screen" target="_blank">Documentation on Discussion Settings</a>') . '</p>' .
1958<       '<p>' . __('<a href="http://wordpress.org/support/" target="_blank">Support Forums</a>') . '</p>'
1959< );
1960<
1961< include('./admin-header.php');
1962< ?>
1963<
1964< <div class="wrap">
1965< <?php screen_icon(); ?>
1966< <h2><?php echo esc_html( $title ); ?></h2>
1967<
1968< <form method="post" action="options.php">
1969< <?php settings_fields('discussion'); ?>
1970<
1971< <table class="form-table">
1972< <tr valign="top">
1973< <th scope="row"><?php _e('Default article settings'); ?></th>
1974< <td><fieldset><legend class="screen-reader-text"><span><?php _e('Default article settings'); ?></span></legend>
1975< <label for="default_pingback_flag">
1976< <input name="default_pingback_flag" type="checkbox" id="default_pingback_flag" value="1" <?php checked('1', get_option('default_pingback_flag')); ?> />
1977< <?php _e('Attempt to notify any blogs linked to from the article'); ?></label>
1978< <br />
1979< <label for="default_ping_status">
1980< <input name="default_ping_status" type="checkbox" id="default_ping_status" value="open" <?php checked('open', get_option('default_ping_status')); ?> />
1981< <?php _e('Allow link notifications from other blogs (pingbacks and trackbacks)'); ?></label>
1982< <br />
1983< <label for="default_comment_status">
1984< <input name="default_comment_status" type="checkbox" id="default_comment_status" value="open" <?php checked('open', get_option('default_comment_status')); ?> />
1985< <?php _e('Allow people to post comments on new articles'); ?></label>
1986< <br />
1987< <small><em><?php echo '(' . __('These settings may be overridden for individual articles.') . ')'; ?></em></small>
1988< </fieldset></td>
1989< </tr>
1990< <tr valign="top">
1991< <th scope="row"><?php _e('Other comment settings'); ?></th>
1992< <td><fieldset><legend class="screen-reader-text"><span><?php _e('Other comment settings'); ?></span></legend>
1993< <label for="require_name_email"><input type="checkbox" name="require_name_email" id="require_name_email" value="1" <?php checked('1', get_option('require_name_email')); ?> /> <?php _e('Comment author must fill out name and e-mail'); ?></label>
1994< <br />
1995< <label for="comment_registration">
1996< <input name="comment_registration" type="checkbox" id="comment_registration" value="1" <?php checked('1', get_option('comment_registration')); ?> />
1997< <?php _e('Users must be registered and logged in to comment'); ?>
1998< <?php if ( !get_option( 'users_can_register' ) && is_multisite() ) echo ' ' . __( '(Signup has been disabled. Only members of this site can comment.)' ); ?>
1999< </label>
2000< <br />
2001<
2002< <label for="close_comments_for_old_posts">
2003< <input name="close_comments_for_old_posts" type="checkbox" id="close_comments_for_old_posts" value="1" <?php checked('1', get_option('close_comments_for_old_posts')); ?> />
2004< <?php printf( __('Automatically close comments on articles older than %s days'), '</label><input name="close_comments_days_old" type="text" id="close_comments_days_old" value="' . esc_attr(get_option('close_comments_days_old')) . '" class="small-text" />'); ?>
2005< <br />
2006< <label for="thread_comments">
2007< <input name="thread_comments" type="checkbox" id="thread_comments" value="1" <?php checked('1', get_option('thread_comments')); ?> />
2008< <?php
2009<
2010< $maxdeep = (int) apply_filters( 'thread_comments_depth_max', 10 );
2011<
2012< $thread_comments_depth = '</label><select name="thread_comments_depth" id="thread_comments_depth">';
2013< for ( $i = 2; $i <= $maxdeep; $i++ ) {
2014<       $thread_comments_depth .= "<option value='" . esc_attr($i) . "'";
2015<       if ( get_option('thread_comments_depth') == $i ) $thread_comments_depth .= " selected='selected'";
2016<       $thread_comments_depth .= ">$i</option>";
2017< }
2018< $thread_comments_depth .= '</select>';
2019<
2020< printf( __('Enable threaded (nested) comments %s levels deep'), $thread_comments_depth );
2021<
2022< ?><br />
2023< <label for="page_comments">
2024< <input name="page_comments" type="checkbox" id="page_comments" value="1" <?php checked('1', get_option('page_comments')); ?> />
2025< <?php
2026<
2027< $default_comments_page = '</label><label for="default_comments_page"><select name="default_comments_page" id="default_comments_page"><option value="newest"';
2028< if ( 'newest' == get_option('default_comments_page') ) $default_comments_page .= ' selected="selected"';
2029< $default_comments_page .= '>' . __('last') . '</option><option value="oldest"';
2030< if ( 'oldest' == get_option('default_comments_page') ) $default_comments_page .= ' selected="selected"';
2031< $default_comments_page .= '>' . __('first') . '</option></select>';
2032<
2033< printf( __('Break comments into pages with %1$s top level comments per page and the %2$s page displayed by default'), '</label><label for="comments_per_page"><input name="comments_per_page" type="text" id="comments_per_page" value="' . esc_attr(get_option('comments_per_page')) . '" class="small-text" />', $default_comments_page );
2034<
2035< ?></label>
2036< <br />
2037< <label for="comment_order"><?php
2038<
2039< $comment_order = '<select name="comment_order" id="comment_order"><option value="asc"';
2040< if ( 'asc' == get_option('comment_order') ) $comment_order .= ' selected="selected"';
2041< $comment_order .= '>' . __('older') . '</option><option value="desc"';
2042< if ( 'desc' == get_option('comment_order') ) $comment_order .= ' selected="selected"';
2043< $comment_order .= '>' . __('newer') . '</option></select>';
2044<
2045< printf( __('Comments should be displayed with the %s comments at the top of each page'), $comment_order );
2046<
2047< ?></label>
2048< </fieldset></td>
2049< </tr>
2050< <tr valign="top">
2051< <th scope="row"><?php _e('E-mail me whenever'); ?></th>
2052< <td><fieldset><legend class="screen-reader-text"><span><?php _e('E-mail me whenever'); ?></span></legend>
2053< <label for="comments_notify">
2054< <input name="comments_notify" type="checkbox" id="comments_notify" value="1" <?php checked('1', get_option('comments_notify')); ?> />
2055< <?php _e('Anyone posts a comment'); ?> </label>
2056< <br />
2057< <label for="moderation_notify">
2058< <input name="moderation_notify" type="checkbox" id="moderation_notify" value="1" <?php checked('1', get_option('moderation_notify')); ?> />
2059< <?php _e('A comment is held for moderation'); ?> </label>
2060< </fieldset></td>
2061< </tr>
2062< <tr valign="top">
2063< <th scope="row"><?php _e('Before a comment appears'); ?></th>
2064< <td><fieldset><legend class="screen-reader-text"><span><?php _e('Before a comment appears'); ?></span></legend>
2065< <label for="comment_moderation">
2066< <input name="comment_moderation" type="checkbox" id="comment_moderation" value="1" <?php checked('1', get_option('comment_moderation')); ?> />
2067< <?php _e('An administrator must always approve the comment'); ?> </label>
2068< <br />
2069< <label for="comment_whitelist"><input type="checkbox" name="comment_whitelist" id="comment_whitelist" value="1" <?php checked('1', get_option('comment_whitelist')); ?> /> <?php _e('Comment author must have a previously approved comment'); ?></label>
2070< </fieldset></td>
2071< </tr>
2072< <tr valign="top">
2073< <th scope="row"><?php _e('Comment Moderation'); ?></th>
2074< <td><fieldset><legend class="screen-reader-text"><span><?php _e('Comment Moderation'); ?></span></legend>
2075< <p><label for="comment_max_links"><?php printf(__('Hold a comment in the queue if it contains %s or more links. (A common characteristic of comment spam is a large number of hyperlinks.)'), '<input name="comment_max_links" type="text" id="comment_max_links" value="' . esc_attr(get_option('comment_max_links')) . '" class="small-text" />' ); ?></label></p>
2076<
2077< <p><label for="moderation_keys"><?php _e('When a comment contains any of these words in its content, name, URL, e-mail, or IP, it will be held in the <a href="edit-comments.php?comment_status=moderated">moderation queue</a>. One word or IP per line. It will match inside words, so &#8220;press&#8221; will match &#8220;WordPress&#8221;.'); ?></label></p>
2078< <p>
2079< <textarea name="moderation_keys" rows="10" cols="50" id="moderation_keys" class="large-text code"><?php echo esc_textarea( get_option( 'moderation_keys' ) ); ?></textarea>
2080< </p>
2081< </fieldset></td>
2082< </tr>
2083< <tr valign="top">
2084< <th scope="row"><?php _e('Comment Blacklist'); ?></th>
2085< <td><fieldset><legend class="screen-reader-text"><span><?php _e('Comment Blacklist'); ?></span></legend>
2086< <p><label for="blacklist_keys"><?php _e('When a comment contains any of these words in its content, name, URL, e-mail, or IP, it will be marked as spam. One word or IP per line. It will match inside words, so &#8220;press&#8221; will match &#8220;WordPress&#8221;.'); ?></label></p>
2087< <p>
2088< <textarea name="blacklist_keys" rows="10" cols="50" id="blacklist_keys" class="large-text code"><?php echo esc_textarea( get_option( 'blacklist_keys' ) ); ?></textarea>
2089< </p>
2090< </fieldset></td>
2091< </tr>
2092< <?php do_settings_fields('discussion', 'default'); ?>
2093< </table>
2094<
2095< <h3><?php _e('Avatars'); ?></h3>
2096<
2097< <p><?php _e('An avatar is an image that follows you from weblog to weblog appearing beside your name when you comment on avatar enabled sites.  Here you can enable the display of avatars for people who comment on your site.'); ?></p>
2098<
2099< <?php // the above would be a good place to link to codex documentation on the gravatar functions, for putting it in themes. anything like that? ?>
2100<
2101< <table class="form-table">
2102< <tr valign="top">
2103< <th scope="row"><?php _e('Avatar Display'); ?></th>
2104< <td><fieldset><legend class="screen-reader-text"><span><?php _e('Avatar Display'); ?></span></legend>
2105< <?php
2106<       $yesorno = array( 0 => __( 'Don&#8217;t show Avatars' ), 1 => __( 'Show Avatars' ) );
2107<       foreach ( $yesorno as $key => $value) {
2108<               $selected = (get_option('show_avatars') == $key) ? 'checked="checked"' : '';
2109<               echo "\n\t<label><input type='radio' name='show_avatars' value='" . esc_attr($key) . "' $selected/> $value</label><br />";
2110<       }
2111< ?>
2112< </fieldset></td>
2113< </tr>
2114< <tr valign="top">
2115< <th scope="row"><?php _e('Maximum Rating'); ?></th>
2116< <td><fieldset><legend class="screen-reader-text"><span><?php _e('Maximum Rating'); ?></span></legend>
2117<
2118< <?php
2119< $ratings = array(
2120<       /* translators: Content suitability rating: http://bit.ly/89QxZA */
2121<       'G' => __('G &#8212; Suitable for all audiences'),
2122<       /* translators: Content suitability rating: http://bit.ly/89QxZA */
2123<       'PG' => __('PG &#8212; Possibly offensive, usually for audiences 13 and above'),
2124<       /* translators: Content suitability rating: http://bit.ly/89QxZA */
2125<       'R' => __('R &#8212; Intended for adult audiences above 17'),
2126<       /* translators: Content suitability rating: http://bit.ly/89QxZA */
2127<       'X' => __('X &#8212; Even more mature than above')
2128< );
2129< foreach ($ratings as $key => $rating) :
2130<       $selected = (get_option('avatar_rating') == $key) ? 'checked="checked"' : '';
2131<       echo "\n\t<label><input type='radio' name='avatar_rating' value='" . esc_attr($key) . "' $selected/> $rating</label><br />";
2132< endforeach;
2133< ?>
2134<
2135< </fieldset></td>
2136< </tr>
2137< <tr valign="top">
2138< <th scope="row"><?php _e('Default Avatar'); ?></th>
2139< <td class="defaultavatarpicker"><fieldset><legend class="screen-reader-text"><span><?php _e('Default Avatar'); ?></span></legend>
2140<
2141< <?php _e('For users without a custom avatar of their own, you can either display a generic logo or a generated one based on their e-mail address.'); ?><br />
2142<
2143< <?php
2144< $avatar_defaults = array(
2145<       'mystery' => __('Mystery Man'),
2146<       'blank' => __('Blank'),
2147<       'gravatar_default' => __('Gravatar Logo'),
2148<       'identicon' => __('Identicon (Generated)'),
2149<       'wavatar' => __('Wavatar (Generated)'),
2150<       'monsterid' => __('MonsterID (Generated)'),
2151<       'retro' => __('Retro (Generated)')
2152< );
2153< $avatar_defaults = apply_filters('avatar_defaults', $avatar_defaults);
2154< $default = get_option('avatar_default');
2155< if ( empty($default) )
2156<       $default = 'mystery';
2157< $size = 32;
2158< $avatar_list = '';
2159< foreach ( $avatar_defaults as $default_key => $default_name ) {
2160<       $selected = ($default == $default_key) ? 'checked="checked" ' : '';
2161<       $avatar_list .= "\n\t<label><input type='radio' name='avatar_default' id='avatar_{$default_key}' value='" . esc_attr($default_key)  . "' {$selected}/> ";
2162<
2163<       $avatar = get_avatar( $user_email, $size, $default_key );
2164<       $avatar_list .= preg_replace("/src='(.+?)'/", "src='\$1&amp;forcedefault=1'", $avatar);
2165<
2166<       $avatar_list .= ' ' . $default_name . '</label>';
2167<       $avatar_list .= '<br />';
2168< }
2169< echo apply_filters('default_avatar_select', $avatar_list);
2170< ?>
2171<
2172< </fieldset></td>
2173< </tr>
2174< <?php do_settings_fields('discussion', 'avatars'); ?>
2175< </table>
2176<
2177< <?php do_settings_sections('discussion'); ?>
2178<
2179< <?php submit_button(); ?>
2180< </form>
2181< </div>
2182<
2183< <?php include('./admin-footer.php'); ?>
2184---
2185> <?php
2186> /**
2187>  * Discussion settings administration panel.
2188>  *
2189>  * @package WordPress
2190>  * @subpackage Administration
2191>  */
2192>
2193> /** WordPress Administration Bootstrap */
2194> require_once('./admin.php');
2195>
2196> if ( ! current_user_can( 'manage_options' ) )
2197>       wp_die( __( 'You do not have sufficient permissions to manage options for this site.' ) );
2198>
2199> $title = __('Discussion Settings');
2200> $parent_file = 'options-general.php';
2201>
2202> get_current_screen()->add_help_tab( array(
2203>       'id'      => 'overview',
2204>       'title'   => __('Overview'),
2205>       'content' => '<p>' . __('This screen provides many options for controlling the management and display of comments and links to your posts/pages. So many, in fact, they won&#8217;t all fit here! :) Use the documentation links to get information on what each discussion setting does.') . '</p>' .
2206>               '<p>' . __('You must click the Save Changes button at the bottom of the screen for new settings to take effect.') . '</p>',
2207> ) );
2208>
2209> get_current_screen()->set_help_sidebar(
2210>       '<p><strong>' . __('For more information:') . '</strong></p>' .
2211>       '<p>' . __('<a href="http://codex.wordpress.org/Settings_Discussion_Screen" target="_blank">Documentation on Discussion Settings</a>') . '</p>' .
2212>       '<p>' . __('<a href="http://wordpress.org/support/" target="_blank">Support Forums</a>') . '</p>'
2213> );
2214>
2215> include('./admin-header.php');
2216> ?>
2217>
2218> <div class="wrap">
2219> <?php screen_icon(); ?>
2220> <h2><?php echo esc_html( $title ); ?></h2>
2221>
2222> <form method="post" action="options.php">
2223> <?php settings_fields('discussion'); ?>
2224>
2225> <table class="form-table">
2226> <tr valign="top">
2227> <th scope="row"><?php _e('Default article settings'); ?></th>
2228> <td><fieldset><legend class="screen-reader-text"><span><?php _e('Default article settings'); ?></span></legend>
2229> <label for="default_pingback_flag">
2230> <input name="default_pingback_flag" type="checkbox" id="default_pingback_flag" value="1" <?php checked('1', get_option('default_pingback_flag')); ?> />
2231> <?php _e('Attempt to notify any blogs linked to from the article'); ?></label>
2232> <br />
2233> <label for="default_ping_status">
2234> <input name="default_ping_status" type="checkbox" id="default_ping_status" value="open" <?php checked('open', get_option('default_ping_status')); ?> />
2235> <?php _e('Allow link notifications from other blogs (pingbacks and trackbacks)'); ?></label>
2236> <br />
2237> <label for="default_comment_status">
2238> <input name="default_comment_status" type="checkbox" id="default_comment_status" value="open" <?php checked('open', get_option('default_comment_status')); ?> />
2239> <?php _e('Allow people to post comments on new articles'); ?></label>
2240> <br />
2241> <small><em><?php echo '(' . __('These settings may be overridden for individual articles.') . ')'; ?></em></small>
2242> </fieldset></td>
2243> </tr>
2244> <tr valign="top">
2245> <th scope="row"><?php _e('Other comment settings'); ?></th>
2246> <td><fieldset><legend class="screen-reader-text"><span><?php _e('Other comment settings'); ?></span></legend>
2247> <label for="require_name_email"><input type="checkbox" name="require_name_email" id="require_name_email" value="1" <?php checked('1', get_option('require_name_email')); ?> /> <?php _e('Comment author must fill out name and e-mail'); ?></label>
2248> <br />
2249> <label for="comment_registration">
2250> <input name="comment_registration" type="checkbox" id="comment_registration" value="1" <?php checked('1', get_option('comment_registration')); ?> />
2251> <?php _e('Users must be registered and logged in to comment'); ?>
2252> <?php if ( !get_option( 'users_can_register' ) && is_multisite() ) echo ' ' . __( '(Signup has been disabled. Only members of this site can comment.)' ); ?>
2253> </label>
2254> <br />
2255>
2256> <label for="close_comments_for_old_posts">
2257> <input name="close_comments_for_old_posts" type="checkbox" id="close_comments_for_old_posts" value="1" <?php checked('1', get_option('close_comments_for_old_posts')); ?> />
2258> <?php printf( __('Automatically close comments on articles older than %s days'), '</label><input name="close_comments_days_old" type="text" id="close_comments_days_old" value="' . esc_attr(get_option('close_comments_days_old')) . '" class="small-text" />'); ?>
2259> <br />
2260> <label for="thread_comments">
2261> <input name="thread_comments" type="checkbox" id="thread_comments" value="1" <?php checked('1', get_option('thread_comments')); ?> />
2262> <?php
2263>
2264> $maxdeep = (int) apply_filters( 'thread_comments_depth_max', 10 );
2265>
2266> $thread_comments_depth = '</label><select name="thread_comments_depth" id="thread_comments_depth">';
2267> for ( $i = 2; $i <= $maxdeep; $i++ ) {
2268>       $thread_comments_depth .= "<option value='" . esc_attr($i) . "'";
2269>       if ( get_option('thread_comments_depth') == $i ) $thread_comments_depth .= " selected='selected'";
2270>       $thread_comments_depth .= ">$i</option>";
2271> }
2272> $thread_comments_depth .= '</select>';
2273>
2274> printf( __('Enable threaded (nested) comments %s levels deep'), $thread_comments_depth );
2275>
2276> ?><br />
2277> <label for="page_comments">
2278> <input name="page_comments" type="checkbox" id="page_comments" value="1" <?php checked('1', get_option('page_comments')); ?> />
2279> <?php
2280>
2281> $default_comments_page = '</label><label for="default_comments_page"><select name="default_comments_page" id="default_comments_page"><option value="newest"';
2282> if ( 'newest' == get_option('default_comments_page') ) $default_comments_page .= ' selected="selected"';
2283> $default_comments_page .= '>' . __('last') . '</option><option value="oldest"';
2284> if ( 'oldest' == get_option('default_comments_page') ) $default_comments_page .= ' selected="selected"';
2285> $default_comments_page .= '>' . __('first') . '</option></select>';
2286>
2287> printf( __('Break comments into pages with %1$s top level comments per page and the %2$s page displayed by default'), '</label><label for="comments_per_page"><input name="comments_per_page" type="text" id="comments_per_page" value="' . esc_attr(get_option('comments_per_page')) . '" class="small-text" />', $default_comments_page );
2288>
2289> ?></label>
2290> <br />
2291> <label for="comment_order"><?php
2292>
2293> $comment_order = '<select name="comment_order" id="comment_order"><option value="asc"';
2294> if ( 'asc' == get_option('comment_order') ) $comment_order .= ' selected="selected"';
2295> $comment_order .= '>' . __('older') . '</option><option value="desc"';
2296> if ( 'desc' == get_option('comment_order') ) $comment_order .= ' selected="selected"';
2297> $comment_order .= '>' . __('newer') . '</option></select>';
2298>
2299> printf( __('Comments should be displayed with the %s comments at the top of each page'), $comment_order );
2300>
2301> ?></label>
2302> </fieldset></td>
2303> </tr>
2304> <tr valign="top">
2305> <th scope="row"><?php _e('E-mail me whenever'); ?></th>
2306> <td><fieldset><legend class="screen-reader-text"><span><?php _e('E-mail me whenever'); ?></span></legend>
2307> <label for="registration_notify">
2308> <input name="registration_notify" type="checkbox" id="registration_notify" value="1" <?php checked('1', get_option('registration_notify')); ?> />
2309> <?php _e('Someone registers'); ?> </label>
2310> <br />
2311> <label for="comments_notify">
2312> <input name="comments_notify" type="checkbox" id="comments_notify" value="1" <?php checked('1', get_option('comments_notify')); ?> />
2313> <?php _e('Anyone posts a comment'); ?> </label>
2314> <br />
2315> <label for="moderation_notify">
2316> <input name="moderation_notify" type="checkbox" id="moderation_notify" value="1" <?php checked('1', get_option('moderation_notify')); ?> />
2317> <?php _e('A comment is held for moderation'); ?> </label>
2318> </fieldset></td>
2319> </tr>
2320> <tr valign="top">
2321> <th scope="row"><?php _e('Before a comment appears'); ?></th>
2322> <td><fieldset><legend class="screen-reader-text"><span><?php _e('Before a comment appears'); ?></span></legend>
2323> <label for="comment_moderation">
2324> <input name="comment_moderation" type="checkbox" id="comment_moderation" value="1" <?php checked('1', get_option('comment_moderation')); ?> />
2325> <?php _e('An administrator must always approve the comment'); ?> </label>
2326> <br />
2327> <label for="comment_whitelist"><input type="checkbox" name="comment_whitelist" id="comment_whitelist" value="1" <?php checked('1', get_option('comment_whitelist')); ?> /> <?php _e('Comment author must have a previously approved comment'); ?></label>
2328> </fieldset></td>
2329> </tr>
2330> <tr valign="top">
2331> <th scope="row"><?php _e('Comment Moderation'); ?></th>
2332> <td><fieldset><legend class="screen-reader-text"><span><?php _e('Comment Moderation'); ?></span></legend>
2333> <p><label for="comment_max_links"><?php printf(__('Hold a comment in the queue if it contains %s or more links. (A common characteristic of comment spam is a large number of hyperlinks.)'), '<input name="comment_max_links" type="text" id="comment_max_links" value="' . esc_attr(get_option('comment_max_links')) . '" class="small-text" />' ); ?></label></p>
2334>
2335> <p><label for="moderation_keys"><?php _e('When a comment contains any of these words in its content, name, URL, e-mail, or IP, it will be held in the <a href="edit-comments.php?comment_status=moderated">moderation queue</a>. One word or IP per line. It will match inside words, so &#8220;press&#8221; will match &#8220;WordPress&#8221;.'); ?></label></p>
2336> <p>
2337> <textarea name="moderation_keys" rows="10" cols="50" id="moderation_keys" class="large-text code"><?php echo esc_textarea( get_option( 'moderation_keys' ) ); ?></textarea>
2338> </p>
2339> </fieldset></td>
2340> </tr>
2341> <tr valign="top">
2342> <th scope="row"><?php _e('Comment Blacklist'); ?></th>
2343> <td><fieldset><legend class="screen-reader-text"><span><?php _e('Comment Blacklist'); ?></span></legend>
2344> <p><label for="blacklist_keys"><?php _e('When a comment contains any of these words in its content, name, URL, e-mail, or IP, it will be marked as spam. One word or IP per line. It will match inside words, so &#8220;press&#8221; will match &#8220;WordPress&#8221;.'); ?></label></p>
2345> <p>
2346> <textarea name="blacklist_keys" rows="10" cols="50" id="blacklist_keys" class="large-text code"><?php echo esc_textarea( get_option( 'blacklist_keys' ) ); ?></textarea>
2347> </p>
2348> </fieldset></td>
2349> </tr>
2350> <?php do_settings_fields('discussion', 'default'); ?>
2351> </table>
2352>
2353> <h3><?php _e('Avatars'); ?></h3>
2354>
2355> <p><?php _e('An avatar is an image that follows you from weblog to weblog appearing beside your name when you comment on avatar enabled sites.  Here you can enable the display of avatars for people who comment on your site.'); ?></p>
2356>
2357> <?php // the above would be a good place to link to codex documentation on the gravatar functions, for putting it in themes. anything like that? ?>
2358>
2359> <table class="form-table">
2360> <tr valign="top">
2361> <th scope="row"><?php _e('Avatar Display'); ?></th>
2362> <td><fieldset><legend class="screen-reader-text"><span><?php _e('Avatar Display'); ?></span></legend>
2363> <?php
2364>       $yesorno = array( 0 => __( 'Don&#8217;t show Avatars' ), 1 => __( 'Show Avatars' ) );
2365>       foreach ( $yesorno as $key => $value) {
2366>               $selected = (get_option('show_avatars') == $key) ? 'checked="checked"' : '';
2367>               echo "\n\t<label><input type='radio' name='show_avatars' value='" . esc_attr($key) . "' $selected/> $value</label><br />";
2368>       }
2369> ?>
2370> </fieldset></td>
2371> </tr>
2372> <tr valign="top">
2373> <th scope="row"><?php _e('Maximum Rating'); ?></th>
2374> <td><fieldset><legend class="screen-reader-text"><span><?php _e('Maximum Rating'); ?></span></legend>
2375>
2376> <?php
2377> $ratings = array(
2378>       /* translators: Content suitability rating: http://bit.ly/89QxZA */
2379>       'G' => __('G &#8212; Suitable for all audiences'),
2380>       /* translators: Content suitability rating: http://bit.ly/89QxZA */
2381>       'PG' => __('PG &#8212; Possibly offensive, usually for audiences 13 and above'),
2382>       /* translators: Content suitability rating: http://bit.ly/89QxZA */
2383>       'R' => __('R &#8212; Intended for adult audiences above 17'),
2384>       /* translators: Content suitability rating: http://bit.ly/89QxZA */
2385>       'X' => __('X &#8212; Even more mature than above')
2386> );
2387> foreach ($ratings as $key => $rating) :
2388>       $selected = (get_option('avatar_rating') == $key) ? 'checked="checked"' : '';
2389>       echo "\n\t<label><input type='radio' name='avatar_rating' value='" . esc_attr($key) . "' $selected/> $rating</label><br />";
2390> endforeach;
2391> ?>
2392>
2393> </fieldset></td>
2394> </tr>
2395> <tr valign="top">
2396> <th scope="row"><?php _e('Default Avatar'); ?></th>
2397> <td class="defaultavatarpicker"><fieldset><legend class="screen-reader-text"><span><?php _e('Default Avatar'); ?></span></legend>
2398>
2399> <?php _e('For users without a custom avatar of their own, you can either display a generic logo or a generated one based on their e-mail address.'); ?><br />
2400>
2401> <?php
2402> $avatar_defaults = array(
2403>       'mystery' => __('Mystery Man'),
2404>       'blank' => __('Blank'),
2405>       'gravatar_default' => __('Gravatar Logo'),
2406>       'identicon' => __('Identicon (Generated)'),
2407>       'wavatar' => __('Wavatar (Generated)'),
2408>       'monsterid' => __('MonsterID (Generated)'),
2409>       'retro' => __('Retro (Generated)')
2410> );
2411> $avatar_defaults = apply_filters('avatar_defaults', $avatar_defaults);
2412> $default = get_option('avatar_default');
2413> if ( empty($default) )
2414>       $default = 'mystery';
2415> $size = 32;
2416> $avatar_list = '';
2417> foreach ( $avatar_defaults as $default_key => $default_name ) {
2418>       $selected = ($default == $default_key) ? 'checked="checked" ' : '';
2419>       $avatar_list .= "\n\t<label><input type='radio' name='avatar_default' id='avatar_{$default_key}' value='" . esc_attr($default_key)  . "' {$selected}/> ";
2420>
2421>       $avatar = get_avatar( $user_email, $size, $default_key );
2422>       $avatar_list .= preg_replace("/src='(.+?)'/", "src='\$1&amp;forcedefault=1'", $avatar);
2423>
2424>       $avatar_list .= ' ' . $default_name . '</label>';
2425>       $avatar_list .= '<br />';
2426> }
2427> echo apply_filters('default_avatar_select', $avatar_list);
2428> ?>
2429>
2430> </fieldset></td>
2431> </tr>
2432> <?php do_settings_fields('discussion', 'avatars'); ?>
2433> </table>
2434>
2435> <?php do_settings_sections('discussion'); ?>
2436>
2437> <?php submit_button(); ?>
2438> </form>
2439> </div>
2440>
2441> <?php include('./admin-footer.php'); ?>
2442diff  options.php options.php
24431,227c1,227
2444< <?php
2445< /**
2446<  * Options Management Administration Screen.
2447<  *
2448<  * If accessed directly in a browser this page shows a list of all saved options
2449<  * along with editable fields for their values. Serialized data is not supported
2450<  * and there is no way to remove options via this page. It is not linked to from
2451<  * anywhere else in the admin.
2452<  *
2453<  * This file is also the target of the forms in core and custom options pages
2454<  * that use the Settings API. In this case it saves the new option values
2455<  * and returns the user to their page of origin.
2456<  *
2457<  * @package WordPress
2458<  * @subpackage Administration
2459<  */
2460<
2461< /** WordPress Administration Bootstrap */
2462< require_once('./admin.php');
2463<
2464< $title = __('Settings');
2465< $this_file = 'options.php';
2466< $parent_file = 'options-general.php';
2467<
2468< wp_reset_vars(array('action', 'option_page'));
2469<
2470< $capability = 'manage_options';
2471<
2472< if ( empty($option_page) ) // This is for back compat and will eventually be removed.
2473<       $option_page = 'options';
2474< else
2475<       $capability = apply_filters( "option_page_capability_{$option_page}", $capability );
2476<
2477< if ( !current_user_can( $capability ) )
2478<       wp_die(__('Cheatin&#8217; uh?'));
2479<
2480< // Handle admin email change requests
2481< if ( is_multisite() ) {
2482<       if ( ! empty($_GET[ 'adminhash' ] ) ) {
2483<               $new_admin_details = get_option( 'adminhash' );
2484<               $redirect = 'options-general.php?updated=false';
2485<               if ( is_array( $new_admin_details ) && $new_admin_details[ 'hash' ] == $_GET[ 'adminhash' ] && !empty($new_admin_details[ 'newemail' ]) ) {
2486<                       update_option( 'admin_email', $new_admin_details[ 'newemail' ] );
2487<                       delete_option( 'adminhash' );
2488<                       delete_option( 'new_admin_email' );
2489<                       $redirect = 'options-general.php?updated=true';
2490<               }
2491<               wp_redirect( admin_url( $redirect ) );
2492<               exit;
2493<       } elseif ( ! empty( $_GET['dismiss'] ) && 'new_admin_email' == $_GET['dismiss'] ) {
2494<               delete_option( 'adminhash' );
2495<               delete_option( 'new_admin_email' );
2496<               wp_redirect( admin_url( 'options-general.php?updated=true' ) );
2497<               exit;
2498<       }
2499< }
2500<
2501< if ( is_multisite() && !is_super_admin() && 'update' != $action )
2502<       wp_die(__('Cheatin&#8217; uh?'));
2503<
2504< $whitelist_options = array(
2505<       'general' => array( 'blogname', 'blogdescription', 'gmt_offset', 'date_format', 'time_format', 'start_of_week', 'timezone_string' ),
2506<       'discussion' => array( 'default_pingback_flag', 'default_ping_status', 'default_comment_status', 'comments_notify', 'moderation_notify', 'comment_moderation', 'require_name_email', 'comment_whitelist', 'comment_max_links', 'moderation_keys', 'blacklist_keys', 'show_avatars', 'avatar_rating', 'avatar_default', 'close_comments_for_old_posts', 'close_comments_days_old', 'thread_comments', 'thread_comments_depth', 'page_comments', 'comments_per_page', 'default_comments_page', 'comment_order', 'comment_registration' ),
2507<       'media' => array( 'thumbnail_size_w', 'thumbnail_size_h', 'thumbnail_crop', 'medium_size_w', 'medium_size_h', 'large_size_w', 'large_size_h', 'image_default_size', 'image_default_align', 'image_default_link_type', 'embed_autourls', 'embed_size_w', 'embed_size_h' ),
2508<       'privacy' => array( 'blog_public' ),
2509<       'reading' => array( 'posts_per_page', 'posts_per_rss', 'rss_use_excerpt', 'blog_charset', 'show_on_front', 'page_on_front', 'page_for_posts' ),
2510<       'writing' => array( 'default_post_edit_rows', 'use_smilies', 'default_category', 'default_email_category', 'use_balanceTags', 'default_link_category', 'default_post_format', 'enable_app', 'enable_xmlrpc' ),
2511<       'options' => array( '' ) );
2512<
2513< $mail_options = array('mailserver_url', 'mailserver_port', 'mailserver_login', 'mailserver_pass');
2514< $uploads_options = array('uploads_use_yearmonth_folders', 'upload_path', 'upload_url_path');
2515<
2516< if ( !is_multisite() ) {
2517<       if ( !defined( 'WP_SITEURL' ) )
2518<               $whitelist_options['general'][] = 'siteurl';
2519<       if ( !defined( 'WP_HOME' ) )
2520<               $whitelist_options['general'][] = 'home';
2521<
2522<       $whitelist_options['general'][] = 'admin_email';
2523<       $whitelist_options['general'][] = 'users_can_register';
2524<       $whitelist_options['general'][] = 'default_role';
2525<
2526<       $whitelist_options['writing'] = array_merge($whitelist_options['writing'], $mail_options);
2527<       $whitelist_options['writing'][] = 'ping_sites';
2528<
2529<       $whitelist_options['media'] = array_merge($whitelist_options['media'], $uploads_options);
2530< } else {
2531<       $whitelist_options['general'][] = 'new_admin_email';
2532<       $whitelist_options['general'][] = 'WPLANG';
2533<       $whitelist_options['general'][] = 'language';
2534<
2535<       if ( apply_filters( 'enable_post_by_email_configuration', true ) )
2536<               $whitelist_options['writing'] = array_merge($whitelist_options['writing'], $mail_options);
2537<
2538<       $whitelist_options[ 'misc' ] = array();
2539< }
2540<
2541< $whitelist_options = apply_filters( 'whitelist_options', $whitelist_options );
2542<
2543< /*
2544<  * If $_GET['action'] == 'update' we are saving settings sent from a settings page
2545<  */
2546< if ( 'update' == $action ) {
2547<       if ( 'options' == $option_page && !isset( $_POST['option_page'] ) ) { // This is for back compat and will eventually be removed.
2548<               $unregistered = true;
2549<               check_admin_referer( 'update-options' );
2550<       } else {
2551<               $unregistered = false;
2552<               check_admin_referer( $option_page . '-options' );
2553<       }
2554<
2555<       if ( !isset( $whitelist_options[ $option_page ] ) )
2556<               wp_die( __( '<strong>ERROR</strong>: options page not found.' ) );
2557<
2558<       if ( 'options' == $option_page ) {
2559<               if ( is_multisite() && ! is_super_admin() )
2560<                       wp_die( __( 'You do not have sufficient permissions to modify unregistered settings for this site.' ) );
2561<               $options = explode( ',', stripslashes( $_POST[ 'page_options' ] ) );
2562<       } else {
2563<               $options = $whitelist_options[ $option_page ];
2564<       }
2565<
2566<       // Handle custom date/time formats
2567<       if ( 'general' == $option_page ) {
2568<               if ( !empty($_POST['date_format']) && isset($_POST['date_format_custom']) && '\c\u\s\t\o\m' == stripslashes( $_POST['date_format'] ) )
2569<                       $_POST['date_format'] = $_POST['date_format_custom'];
2570<               if ( !empty($_POST['time_format']) && isset($_POST['time_format_custom']) && '\c\u\s\t\o\m' == stripslashes( $_POST['time_format'] ) )
2571<                       $_POST['time_format'] = $_POST['time_format_custom'];
2572<               // Map UTC+- timezones to gmt_offsets and set timezone_string to empty.
2573<               if ( !empty($_POST['timezone_string']) && preg_match('/^UTC[+-]/', $_POST['timezone_string']) ) {
2574<                       $_POST['gmt_offset'] = $_POST['timezone_string'];
2575<                       $_POST['gmt_offset'] = preg_replace('/UTC\+?/', '', $_POST['gmt_offset']);
2576<                       $_POST['timezone_string'] = '';
2577<               }
2578<       }
2579<
2580<       if ( $options ) {
2581<               foreach ( $options as $option ) {
2582<                       if ( $unregistered )
2583<                               _deprecated_argument( 'options.php', '2.7', sprintf( __( 'The <code>%1$s</code> setting is unregistered. Unregistered settings are deprecated. See http://codex.wordpress.org/Settings_API' ), $option, $option_page ) );
2584<
2585<                       $option = trim($option);
2586<                       $value = null;
2587<                       if ( isset($_POST[$option]) )
2588<                               $value = $_POST[$option];
2589<                       if ( !is_array($value) )
2590<                               $value = trim($value);
2591<                       $value = stripslashes_deep($value);
2592<                       update_option($option, $value);
2593<               }
2594<       }
2595<
2596<       /**
2597<        *  Handle settings errors and return to options page
2598<        */
2599<       // If no settings errors were registered add a general 'updated' message.
2600<       if ( !count( get_settings_errors() ) )
2601<               add_settings_error('general', 'settings_updated', __('Settings saved.'), 'updated');
2602<       set_transient('settings_errors', get_settings_errors(), 30);
2603<
2604<       /**
2605<        * Redirect back to the settings page that was submitted
2606<        */
2607<       $goback = add_query_arg( 'settings-updated', 'true',  wp_get_referer() );
2608<       wp_redirect( $goback );
2609<       exit;
2610< }
2611<
2612< include('./admin-header.php'); ?>
2613<
2614< <div class="wrap">
2615< <?php screen_icon(); ?>
2616<   <h2><?php esc_html_e('All Settings'); ?></h2>
2617<   <form name="form" action="options.php" method="post" id="all-options">
2618<   <?php wp_nonce_field('options-options') ?>
2619<   <input type="hidden" name="action" value="update" />
2620<   <input type='hidden' name='option_page' value='options' />
2621<   <table class="form-table">
2622< <?php
2623< $options = $wpdb->get_results( "SELECT * FROM $wpdb->options ORDER BY option_name" );
2624<
2625< foreach ( (array) $options as $option ) :
2626<       $disabled = false;
2627<       if ( $option->option_name == '' )
2628<               continue;
2629<       if ( is_serialized( $option->option_value ) ) {
2630<               if ( is_serialized_string( $option->option_value ) ) {
2631<                       // this is a serialized string, so we should display it
2632<                       $value = maybe_unserialize( $option->option_value );
2633<                       $options_to_update[] = $option->option_name;
2634<                       $class = 'all-options';
2635<               } else {
2636<                       $value = 'SERIALIZED DATA';
2637<                       $disabled = true;
2638<                       $class = 'all-options disabled';
2639<               }
2640<       } else {
2641<               $value = $option->option_value;
2642<               $options_to_update[] = $option->option_name;
2643<               $class = 'all-options';
2644<       }
2645<       $name = esc_attr( $option->option_name );
2646<       echo "
2647< <tr>
2648<       <th scope='row'><label for='$name'>" . esc_html( $option->option_name ) . "</label></th>
2649< <td>";
2650<       if ( strpos( $value, "\n" ) !== false )
2651<               echo "<textarea class='$class' name='$name' id='$name' cols='30' rows='5'>" . esc_textarea( $value ) . "</textarea>";
2652<       else
2653<               echo "<input class='regular-text $class' type='text' name='$name' id='$name' value='" . esc_attr( $value ) . "'" . disabled( $disabled, true, false ) . " />";
2654<       echo "</td>
2655< </tr>";
2656< endforeach;
2657< ?>
2658<   </table>
2659<
2660< <input type="hidden" name="page_options" value="<?php echo esc_attr( implode( ',', $options_to_update ) ); ?>" />
2661<
2662< <?php submit_button( __( 'Save Changes' ), 'primary', 'Update' ); ?>
2663<
2664<   </form>
2665< </div>
2666<
2667<
2668< <?php
2669< include('./admin-footer.php');
2670< ?>
2671---
2672> <?php
2673> /**
2674>  * Options Management Administration Screen.
2675>  *
2676>  * If accessed directly in a browser this page shows a list of all saved options
2677>  * along with editable fields for their values. Serialized data is not supported
2678>  * and there is no way to remove options via this page. It is not linked to from
2679>  * anywhere else in the admin.
2680>  *
2681>  * This file is also the target of the forms in core and custom options pages
2682>  * that use the Settings API. In this case it saves the new option values
2683>  * and returns the user to their page of origin.
2684>  *
2685>  * @package WordPress
2686>  * @subpackage Administration
2687>  */
2688>
2689> /** WordPress Administration Bootstrap */
2690> require_once('./admin.php');
2691>
2692> $title = __('Settings');
2693> $this_file = 'options.php';
2694> $parent_file = 'options-general.php';
2695>
2696> wp_reset_vars(array('action', 'option_page'));
2697>
2698> $capability = 'manage_options';
2699>
2700> if ( empty($option_page) ) // This is for back compat and will eventually be removed.
2701>       $option_page = 'options';
2702> else
2703>       $capability = apply_filters( "option_page_capability_{$option_page}", $capability );
2704>
2705> if ( !current_user_can( $capability ) )
2706>       wp_die(__('Cheatin&#8217; uh?'));
2707>
2708> // Handle admin email change requests
2709> if ( is_multisite() ) {
2710>       if ( ! empty($_GET[ 'adminhash' ] ) ) {
2711>               $new_admin_details = get_option( 'adminhash' );
2712>               $redirect = 'options-general.php?updated=false';
2713>               if ( is_array( $new_admin_details ) && $new_admin_details[ 'hash' ] == $_GET[ 'adminhash' ] && !empty($new_admin_details[ 'newemail' ]) ) {
2714>                       update_option( 'admin_email', $new_admin_details[ 'newemail' ] );
2715>                       delete_option( 'adminhash' );
2716>                       delete_option( 'new_admin_email' );
2717>                       $redirect = 'options-general.php?updated=true';
2718>               }
2719>               wp_redirect( admin_url( $redirect ) );
2720>               exit;
2721>       } elseif ( ! empty( $_GET['dismiss'] ) && 'new_admin_email' == $_GET['dismiss'] ) {
2722>               delete_option( 'adminhash' );
2723>               delete_option( 'new_admin_email' );
2724>               wp_redirect( admin_url( 'options-general.php?updated=true' ) );
2725>               exit;
2726>       }
2727> }
2728>
2729> if ( is_multisite() && !is_super_admin() && 'update' != $action )
2730>       wp_die(__('Cheatin&#8217; uh?'));
2731>
2732> $whitelist_options = array(
2733>       'general' => array( 'blogname', 'blogdescription', 'gmt_offset', 'date_format', 'time_format', 'start_of_week', 'timezone_string' ),
2734>       'discussion' => array( 'default_pingback_flag', 'default_ping_status', 'default_comment_status', 'registration_notify','comments_notify', 'moderation_notify', 'comment_moderation', 'require_name_email', 'comment_whitelist', 'comment_max_links', 'moderation_keys', 'blacklist_keys', 'show_avatars', 'avatar_rating', 'avatar_default', 'close_comments_for_old_posts', 'close_comments_days_old', 'thread_comments', 'thread_comments_depth', 'page_comments', 'comments_per_page', 'default_comments_page', 'comment_order', 'comment_registration' ),
2735>       'media' => array( 'thumbnail_size_w', 'thumbnail_size_h', 'thumbnail_crop', 'medium_size_w', 'medium_size_h', 'large_size_w', 'large_size_h', 'image_default_size', 'image_default_align', 'image_default_link_type', 'embed_autourls', 'embed_size_w', 'embed_size_h' ),
2736>       'privacy' => array( 'blog_public' ),
2737>       'reading' => array( 'posts_per_page', 'posts_per_rss', 'rss_use_excerpt', 'blog_charset', 'show_on_front', 'page_on_front', 'page_for_posts' ),
2738>       'writing' => array( 'default_post_edit_rows', 'use_smilies', 'default_category', 'default_email_category', 'use_balanceTags', 'default_link_category', 'default_post_format', 'enable_app', 'enable_xmlrpc' ),
2739>       'options' => array( '' ) );
2740>
2741> $mail_options = array('mailserver_url', 'mailserver_port', 'mailserver_login', 'mailserver_pass');
2742> $uploads_options = array('uploads_use_yearmonth_folders', 'upload_path', 'upload_url_path');
2743>
2744> if ( !is_multisite() ) {
2745>       if ( !defined( 'WP_SITEURL' ) )
2746>               $whitelist_options['general'][] = 'siteurl';
2747>       if ( !defined( 'WP_HOME' ) )
2748>               $whitelist_options['general'][] = 'home';
2749>
2750>       $whitelist_options['general'][] = 'admin_email';
2751>       $whitelist_options['general'][] = 'users_can_register';
2752>       $whitelist_options['general'][] = 'default_role';
2753>
2754>       $whitelist_options['writing'] = array_merge($whitelist_options['writing'], $mail_options);
2755>       $whitelist_options['writing'][] = 'ping_sites';
2756>
2757>       $whitelist_options['media'] = array_merge($whitelist_options['media'], $uploads_options);
2758> } else {
2759>       $whitelist_options['general'][] = 'new_admin_email';
2760>       $whitelist_options['general'][] = 'WPLANG';
2761>       $whitelist_options['general'][] = 'language';
2762>
2763>       if ( apply_filters( 'enable_post_by_email_configuration', true ) )
2764>               $whitelist_options['writing'] = array_merge($whitelist_options['writing'], $mail_options);
2765>
2766>       $whitelist_options[ 'misc' ] = array();
2767> }
2768>
2769> $whitelist_options = apply_filters( 'whitelist_options', $whitelist_options );
2770>
2771> /*
2772>  * If $_GET['action'] == 'update' we are saving settings sent from a settings page
2773>  */
2774> if ( 'update' == $action ) {
2775>       if ( 'options' == $option_page && !isset( $_POST['option_page'] ) ) { // This is for back compat and will eventually be removed.
2776>               $unregistered = true;
2777>               check_admin_referer( 'update-options' );
2778>       } else {
2779>               $unregistered = false;
2780>               check_admin_referer( $option_page . '-options' );
2781>       }
2782>
2783>       if ( !isset( $whitelist_options[ $option_page ] ) )
2784>               wp_die( __( '<strong>ERROR</strong>: options page not found.' ) );
2785>
2786>       if ( 'options' == $option_page ) {
2787>               if ( is_multisite() && ! is_super_admin() )
2788>                       wp_die( __( 'You do not have sufficient permissions to modify unregistered settings for this site.' ) );
2789>               $options = explode( ',', stripslashes( $_POST[ 'page_options' ] ) );
2790>       } else {
2791>               $options = $whitelist_options[ $option_page ];
2792>       }
2793>
2794>       // Handle custom date/time formats
2795>       if ( 'general' == $option_page ) {
2796>               if ( !empty($_POST['date_format']) && isset($_POST['date_format_custom']) && '\c\u\s\t\o\m' == stripslashes( $_POST['date_format'] ) )
2797>                       $_POST['date_format'] = $_POST['date_format_custom'];
2798>               if ( !empty($_POST['time_format']) && isset($_POST['time_format_custom']) && '\c\u\s\t\o\m' == stripslashes( $_POST['time_format'] ) )
2799>                       $_POST['time_format'] = $_POST['time_format_custom'];
2800>               // Map UTC+- timezones to gmt_offsets and set timezone_string to empty.
2801>               if ( !empty($_POST['timezone_string']) && preg_match('/^UTC[+-]/', $_POST['timezone_string']) ) {
2802>                       $_POST['gmt_offset'] = $_POST['timezone_string'];
2803>                       $_POST['gmt_offset'] = preg_replace('/UTC\+?/', '', $_POST['gmt_offset']);
2804>                       $_POST['timezone_string'] = '';
2805>               }
2806>       }
2807>
2808>       if ( $options ) {
2809>               foreach ( $options as $option ) {
2810>                       if ( $unregistered )
2811>                               _deprecated_argument( 'options.php', '2.7', sprintf( __( 'The <code>%1$s</code> setting is unregistered. Unregistered settings are deprecated. See http://codex.wordpress.org/Settings_API' ), $option, $option_page ) );
2812>
2813>                       $option = trim($option);
2814>                       $value = null;
2815>                       if ( isset($_POST[$option]) )
2816>                               $value = $_POST[$option];
2817>                       if ( !is_array($value) )
2818>                               $value = trim($value);
2819>                       $value = stripslashes_deep($value);
2820>                       update_option($option, $value);
2821>               }
2822>       }
2823>
2824>       /**
2825>        *  Handle settings errors and return to options page
2826>        */
2827>       // If no settings errors were registered add a general 'updated' message.
2828>       if ( !count( get_settings_errors() ) )
2829>               add_settings_error('general', 'settings_updated', __('Settings saved.'), 'updated');
2830>       set_transient('settings_errors', get_settings_errors(), 30);
2831>
2832>       /**
2833>        * Redirect back to the settings page that was submitted
2834>        */
2835>       $goback = add_query_arg( 'settings-updated', 'true',  wp_get_referer() );
2836>       wp_redirect( $goback );
2837>       exit;
2838> }
2839>
2840> include('./admin-header.php'); ?>
2841>
2842> <div class="wrap">
2843> <?php screen_icon(); ?>
2844>   <h2><?php esc_html_e('All Settings'); ?></h2>
2845>   <form name="form" action="options.php" method="post" id="all-options">
2846>   <?php wp_nonce_field('options-options') ?>
2847>   <input type="hidden" name="action" value="update" />
2848>   <input type='hidden' name='option_page' value='options' />
2849>   <table class="form-table">
2850> <?php
2851> $options = $wpdb->get_results( "SELECT * FROM $wpdb->options ORDER BY option_name" );
2852>
2853> foreach ( (array) $options as $option ) :
2854>       $disabled = false;
2855>       if ( $option->option_name == '' )
2856>               continue;
2857>       if ( is_serialized( $option->option_value ) ) {
2858>               if ( is_serialized_string( $option->option_value ) ) {
2859>                       // this is a serialized string, so we should display it
2860>                       $value = maybe_unserialize( $option->option_value );
2861>                       $options_to_update[] = $option->option_name;
2862>                       $class = 'all-options';
2863>               } else {
2864>                       $value = 'SERIALIZED DATA';
2865>                       $disabled = true;
2866>                       $class = 'all-options disabled';
2867>               }
2868>       } else {
2869>               $value = $option->option_value;
2870>               $options_to_update[] = $option->option_name;
2871>               $class = 'all-options';
2872>       }
2873>       $name = esc_attr( $option->option_name );
2874>       echo "
2875> <tr>
2876>       <th scope='row'><label for='$name'>" . esc_html( $option->option_name ) . "</label></th>
2877> <td>";
2878>       if ( strpos( $value, "\n" ) !== false )
2879>               echo "<textarea class='$class' name='$name' id='$name' cols='30' rows='5'>" . esc_textarea( $value ) . "</textarea>";
2880>       else
2881>               echo "<input class='regular-text $class' type='text' name='$name' id='$name' value='" . esc_attr( $value ) . "'" . disabled( $disabled, true, false ) . " />";
2882>       echo "</td>
2883> </tr>";
2884> endforeach;
2885> ?>
2886>   </table>
2887>
2888> <input type="hidden" name="page_options" value="<?php echo esc_attr( implode( ',', $options_to_update ) ); ?>" />
2889>
2890> <?php submit_button( __( 'Save Changes' ), 'primary', 'Update' ); ?>
2891>
2892>   </form>
2893> </div>
2894>
2895>
2896> <?php
2897> include('./admin-footer.php');
2898> ?>
2899diff  pluggable.php pluggable.php
29001,1743c1,1745
2901< <?php
2902< /**
2903<  * These functions can be replaced via plugins. If plugins do not redefine these
2904<  * functions, then these will be used instead.
2905<  *
2906<  * @package WordPress
2907<  */
2908<
2909< if ( !function_exists('wp_set_current_user') ) :
2910< /**
2911<  * Changes the current user by ID or name.
2912<  *
2913<  * Set $id to null and specify a name if you do not know a user's ID.
2914<  *
2915<  * Some WordPress functionality is based on the current user and not based on
2916<  * the signed in user. Therefore, it opens the ability to edit and perform
2917<  * actions on users who aren't signed in.
2918<  *
2919<  * @since 2.0.3
2920<  * @global object $current_user The current user object which holds the user data.
2921<  * @uses do_action() Calls 'set_current_user' hook after setting the current user.
2922<  *
2923<  * @param int $id User ID
2924<  * @param string $name User's username
2925<  * @return WP_User Current user User object
2926<  */
2927< function wp_set_current_user($id, $name = '') {
2928<       global $current_user;
2929<
2930<       if ( isset($current_user) && ($id == $current_user->ID) )
2931<               return $current_user;
2932<
2933<       $current_user = new WP_User($id, $name);
2934<
2935<       setup_userdata($current_user->ID);
2936<
2937<       do_action('set_current_user');
2938<
2939<       return $current_user;
2940< }
2941< endif;
2942<
2943< if ( !function_exists('wp_get_current_user') ) :
2944< /**
2945<  * Retrieve the current user object.
2946<  *
2947<  * @since 2.0.3
2948<  *
2949<  * @return WP_User Current user WP_User object
2950<  */
2951< function wp_get_current_user() {
2952<       global $current_user;
2953<
2954<       get_currentuserinfo();
2955<
2956<       return $current_user;
2957< }
2958< endif;
2959<
2960< if ( !function_exists('get_currentuserinfo') ) :
2961< /**
2962<  * Populate global variables with information about the currently logged in user.
2963<  *
2964<  * Will set the current user, if the current user is not set. The current user
2965<  * will be set to the logged in person. If no user is logged in, then it will
2966<  * set the current user to 0, which is invalid and won't have any permissions.
2967<  *
2968<  * @since 0.71
2969<  * @uses $current_user Checks if the current user is set
2970<  * @uses wp_validate_auth_cookie() Retrieves current logged in user.
2971<  *
2972<  * @return bool|null False on XMLRPC Request and invalid auth cookie. Null when current user set
2973<  */
2974< function get_currentuserinfo() {
2975<       global $current_user;
2976<
2977<       if ( defined('XMLRPC_REQUEST') && XMLRPC_REQUEST )
2978<               return false;
2979<
2980<       if ( ! empty($current_user) )
2981<               return;
2982<
2983<       if ( ! $user = wp_validate_auth_cookie() ) {
2984<                if ( is_blog_admin() || is_network_admin() || empty($_COOKIE[LOGGED_IN_COOKIE]) || !$user = wp_validate_auth_cookie($_COOKIE[LOGGED_IN_COOKIE], 'logged_in') ) {
2985<                       wp_set_current_user(0);
2986<                       return false;
2987<                }
2988<       }
2989<
2990<       wp_set_current_user($user);
2991< }
2992< endif;
2993<
2994< if ( !function_exists('get_userdata') ) :
2995< /**
2996<  * Retrieve user info by user ID.
2997<  *
2998<  * @since 0.71
2999<  *
3000<  * @param int $user_id User ID
3001<  * @return bool|object False on failure, WP_User object on success
3002<  */
3003< function get_userdata( $user_id ) {
3004<       return get_user_by( 'id', $user_id );
3005< }
3006< endif;
3007<
3008< if ( !function_exists('get_user_by') ) :
3009< /**
3010<  * Retrieve user info by a given field
3011<  *
3012<  * @since 2.8.0
3013<  *
3014<  * @param string $field The field to retrieve the user with.  id | slug | email | login
3015<  * @param int|string $value A value for $field.  A user ID, slug, email address, or login name.
3016<  * @return bool|object False on failure, WP_User object on success
3017<  */
3018< function get_user_by( $field, $value ) {
3019<       $userdata = WP_User::get_data_by( $field, $value );
3020<
3021<       if ( !$userdata )
3022<               return false;
3023<
3024<       $user = new WP_User;
3025<       $user->init( $userdata );
3026<
3027<       return $user;
3028< }
3029< endif;
3030<
3031< if ( !function_exists('cache_users') ) :
3032< /**
3033<  * Retrieve info for user lists to prevent multiple queries by get_userdata()
3034<  *
3035<  * @since 3.0.0
3036<  *
3037<  * @param array $user_ids User ID numbers list
3038<  */
3039< function cache_users( $user_ids ) {
3040<       global $wpdb;
3041<
3042<       $clean = array();
3043<       foreach ( $user_ids as $id ) {
3044<               $id = (int) $id;
3045<               if ( !wp_cache_get( $id, 'users' ) ) {
3046<                       $clean[] = $id;
3047<               }
3048<       }
3049<
3050<       if ( empty( $clean ) )
3051<               return;
3052<
3053<       $list = implode( ',', $clean );
3054<
3055<       $users = $wpdb->get_results( "SELECT * FROM $wpdb->users WHERE ID IN ($list)" );
3056<
3057<       $ids = array();
3058<       foreach ( $users as $user ) {
3059<               update_user_caches( $user );
3060<               $ids[] = $user->ID;
3061<       }
3062<       update_meta_cache( 'user', $ids );
3063< }
3064< endif;
3065<
3066< if ( !function_exists( 'wp_mail' ) ) :
3067< /**
3068<  * Send mail, similar to PHP's mail
3069<  *
3070<  * A true return value does not automatically mean that the user received the
3071<  * email successfully. It just only means that the method used was able to
3072<  * process the request without any errors.
3073<  *
3074<  * Using the two 'wp_mail_from' and 'wp_mail_from_name' hooks allow from
3075<  * creating a from address like 'Name <email@address.com>' when both are set. If
3076<  * just 'wp_mail_from' is set, then just the email address will be used with no
3077<  * name.
3078<  *
3079<  * The default content type is 'text/plain' which does not allow using HTML.
3080<  * However, you can set the content type of the email by using the
3081<  * 'wp_mail_content_type' filter.
3082<  *
3083<  * The default charset is based on the charset used on the blog. The charset can
3084<  * be set using the 'wp_mail_charset' filter.
3085<  *
3086<  * @since 1.2.1
3087<  * @uses apply_filters() Calls 'wp_mail' hook on an array of all of the parameters.
3088<  * @uses apply_filters() Calls 'wp_mail_from' hook to get the from email address.
3089<  * @uses apply_filters() Calls 'wp_mail_from_name' hook to get the from address name.
3090<  * @uses apply_filters() Calls 'wp_mail_content_type' hook to get the email content type.
3091<  * @uses apply_filters() Calls 'wp_mail_charset' hook to get the email charset
3092<  * @uses do_action_ref_array() Calls 'phpmailer_init' hook on the reference to
3093<  *            phpmailer object.
3094<  * @uses PHPMailer
3095<  *
3096<  * @param string|array $to Array or comma-separated list of email addresses to send message.
3097<  * @param string $subject Email subject
3098<  * @param string $message Message contents
3099<  * @param string|array $headers Optional. Additional headers.
3100<  * @param string|array $attachments Optional. Files to attach.
3101<  * @return bool Whether the email contents were sent successfully.
3102<  */
3103< function wp_mail( $to, $subject, $message, $headers = '', $attachments = array() ) {
3104<       // Compact the input, apply the filters, and extract them back out
3105<       extract( apply_filters( 'wp_mail', compact( 'to', 'subject', 'message', 'headers', 'attachments' ) ) );
3106<
3107<       if ( !is_array($attachments) )
3108<               $attachments = explode( "\n", str_replace( "\r\n", "\n", $attachments ) );
3109<
3110<       global $phpmailer;
3111<
3112<       // (Re)create it, if it's gone missing
3113<       if ( !is_object( $phpmailer ) || !is_a( $phpmailer, 'PHPMailer' ) ) {
3114<               require_once ABSPATH . WPINC . '/class-phpmailer.php';
3115<               require_once ABSPATH . WPINC . '/class-smtp.php';
3116<               $phpmailer = new PHPMailer( true );
3117<       }
3118<
3119<       // Headers
3120<       if ( empty( $headers ) ) {
3121<               $headers = array();
3122<       } else {
3123<               if ( !is_array( $headers ) ) {
3124<                       // Explode the headers out, so this function can take both
3125<                       // string headers and an array of headers.
3126<                       $tempheaders = explode( "\n", str_replace( "\r\n", "\n", $headers ) );
3127<               } else {
3128<                       $tempheaders = $headers;
3129<               }
3130<               $headers = array();
3131<               $cc = array();
3132<               $bcc = array();
3133<
3134<               // If it's actually got contents
3135<               if ( !empty( $tempheaders ) ) {
3136<                       // Iterate through the raw headers
3137<                       foreach ( (array) $tempheaders as $header ) {
3138<                               if ( strpos($header, ':') === false ) {
3139<                                       if ( false !== stripos( $header, 'boundary=' ) ) {
3140<                                               $parts = preg_split('/boundary=/i', trim( $header ) );
3141<                                               $boundary = trim( str_replace( array( "'", '"' ), '', $parts[1] ) );
3142<                                       }
3143<                                       continue;
3144<                               }
3145<                               // Explode them out
3146<                               list( $name, $content ) = explode( ':', trim( $header ), 2 );
3147<
3148<                               // Cleanup crew
3149<                               $name    = trim( $name    );
3150<                               $content = trim( $content );
3151<
3152<                               switch ( strtolower( $name ) ) {
3153<                                       // Mainly for legacy -- process a From: header if it's there
3154<                                       case 'from':
3155<                                               if ( strpos($content, '<' ) !== false ) {
3156<                                                       // So... making my life hard again?
3157<                                                       $from_name = substr( $content, 0, strpos( $content, '<' ) - 1 );
3158<                                                       $from_name = str_replace( '"', '', $from_name );
3159<                                                       $from_name = trim( $from_name );
3160<
3161<                                                       $from_email = substr( $content, strpos( $content, '<' ) + 1 );
3162<                                                       $from_email = str_replace( '>', '', $from_email );
3163<                                                       $from_email = trim( $from_email );
3164<                                               } else {
3165<                                                       $from_email = trim( $content );
3166<                                               }
3167<                                               break;
3168<                                       case 'content-type':
3169<                                               if ( strpos( $content, ';' ) !== false ) {
3170<                                                       list( $type, $charset ) = explode( ';', $content );
3171<                                                       $content_type = trim( $type );
3172<                                                       if ( false !== stripos( $charset, 'charset=' ) ) {
3173<                                                               $charset = trim( str_replace( array( 'charset=', '"' ), '', $charset ) );
3174<                                                       } elseif ( false !== stripos( $charset, 'boundary=' ) ) {
3175<                                                               $boundary = trim( str_replace( array( 'BOUNDARY=', 'boundary=', '"' ), '', $charset ) );
3176<                                                               $charset = '';
3177<                                                       }
3178<                                               } else {
3179<                                                       $content_type = trim( $content );
3180<                                               }
3181<                                               break;
3182<                                       case 'cc':
3183<                                               $cc = array_merge( (array) $cc, explode( ',', $content ) );
3184<                                               break;
3185<                                       case 'bcc':
3186<                                               $bcc = array_merge( (array) $bcc, explode( ',', $content ) );
3187<                                               break;
3188<                                       default:
3189<                                               // Add it to our grand headers array
3190<                                               $headers[trim( $name )] = trim( $content );
3191<                                               break;
3192<                               }
3193<                       }
3194<               }
3195<       }
3196<
3197<       // Empty out the values that may be set
3198<       $phpmailer->ClearAddresses();
3199<       $phpmailer->ClearAllRecipients();
3200<       $phpmailer->ClearAttachments();
3201<       $phpmailer->ClearBCCs();
3202<       $phpmailer->ClearCCs();
3203<       $phpmailer->ClearCustomHeaders();
3204<       $phpmailer->ClearReplyTos();
3205<
3206<       // From email and name
3207<       // If we don't have a name from the input headers
3208<       if ( !isset( $from_name ) )
3209<               $from_name = 'WordPress';
3210<
3211<       /* If we don't have an email from the input headers default to wordpress@$sitename
3212<        * Some hosts will block outgoing mail from this address if it doesn't exist but
3213<        * there's no easy alternative. Defaulting to admin_email might appear to be another
3214<        * option but some hosts may refuse to relay mail from an unknown domain. See
3215<        * http://trac.wordpress.org/ticket/5007.
3216<        */
3217<
3218<       if ( !isset( $from_email ) ) {
3219<               // Get the site domain and get rid of www.
3220<               $sitename = strtolower( $_SERVER['SERVER_NAME'] );
3221<               if ( substr( $sitename, 0, 4 ) == 'www.' ) {
3222<                       $sitename = substr( $sitename, 4 );
3223<               }
3224<
3225<               $from_email = 'wordpress@' . $sitename;
3226<       }
3227<
3228<       // Plugin authors can override the potentially troublesome default
3229<       $phpmailer->From     = apply_filters( 'wp_mail_from'     , $from_email );
3230<       $phpmailer->FromName = apply_filters( 'wp_mail_from_name', $from_name  );
3231<
3232<       // Set destination addresses
3233<       if ( !is_array( $to ) )
3234<               $to = explode( ',', $to );
3235<
3236<       foreach ( (array) $to as $recipient ) {
3237<               try {
3238<                       // Break $recipient into name and address parts if in the format "Foo <bar@baz.com>"
3239<                       $recipient_name = '';
3240<                       if( preg_match( '/(.*)<(.+)>/', $recipient, $matches ) ) {
3241<                               if ( count( $matches ) == 3 ) {
3242<                                       $recipient_name = $matches[1];
3243<                                       $recipient = $matches[2];
3244<                               }
3245<                       }
3246<                       $phpmailer->AddAddress( $recipient, $recipient_name);
3247<               } catch ( phpmailerException $e ) {
3248<                       continue;
3249<               }
3250<       }
3251<
3252<       // Set mail's subject and body
3253<       $phpmailer->Subject = $subject;
3254<       $phpmailer->Body    = $message;
3255<
3256<       // Add any CC and BCC recipients
3257<       if ( !empty( $cc ) ) {
3258<               foreach ( (array) $cc as $recipient ) {
3259<                       try {
3260<                               // Break $recipient into name and address parts if in the format "Foo <bar@baz.com>"
3261<                               $recipient_name = '';
3262<                               if( preg_match( '/(.*)<(.+)>/', $recipient, $matches ) ) {
3263<                                       if ( count( $matches ) == 3 ) {
3264<                                               $recipient_name = $matches[1];
3265<                                               $recipient = $matches[2];
3266<                                       }
3267<                               }
3268<                               $phpmailer->AddCc( $recipient, $recipient_name );
3269<                       } catch ( phpmailerException $e ) {
3270<                               continue;
3271<                       }
3272<               }
3273<       }
3274<
3275<       if ( !empty( $bcc ) ) {
3276<               foreach ( (array) $bcc as $recipient) {
3277<                       try {
3278<                               // Break $recipient into name and address parts if in the format "Foo <bar@baz.com>"
3279<                               $recipient_name = '';
3280<                               if( preg_match( '/(.*)<(.+)>/', $recipient, $matches ) ) {
3281<                                       if ( count( $matches ) == 3 ) {
3282<                                               $recipient_name = $matches[1];
3283<                                               $recipient = $matches[2];
3284<                                       }
3285<                               }
3286<                               $phpmailer->AddBcc( $recipient, $recipient_name );
3287<                       } catch ( phpmailerException $e ) {
3288<                               continue;
3289<                       }
3290<               }
3291<       }
3292<
3293<       // Set to use PHP's mail()
3294<       $phpmailer->IsMail();
3295<
3296<       // Set Content-Type and charset
3297<       // If we don't have a content-type from the input headers
3298<       if ( !isset( $content_type ) )
3299<               $content_type = 'text/plain';
3300<
3301<       $content_type = apply_filters( 'wp_mail_content_type', $content_type );
3302<
3303<       $phpmailer->ContentType = $content_type;
3304<
3305<       // Set whether it's plaintext, depending on $content_type
3306<       if ( 'text/html' == $content_type )
3307<               $phpmailer->IsHTML( true );
3308<
3309<       // If we don't have a charset from the input headers
3310<       if ( !isset( $charset ) )
3311<               $charset = get_bloginfo( 'charset' );
3312<
3313<       // Set the content-type and charset
3314<       $phpmailer->CharSet = apply_filters( 'wp_mail_charset', $charset );
3315<
3316<       // Set custom headers
3317<       if ( !empty( $headers ) ) {
3318<               foreach( (array) $headers as $name => $content ) {
3319<                       $phpmailer->AddCustomHeader( sprintf( '%1$s: %2$s', $name, $content ) );
3320<               }
3321<
3322<               if ( false !== stripos( $content_type, 'multipart' ) && ! empty($boundary) )
3323<                       $phpmailer->AddCustomHeader( sprintf( "Content-Type: %s;\n\t boundary=\"%s\"", $content_type, $boundary ) );
3324<       }
3325<
3326<       if ( !empty( $attachments ) ) {
3327<               foreach ( $attachments as $attachment ) {
3328<                       try {
3329<                               $phpmailer->AddAttachment($attachment);
3330<                       } catch ( phpmailerException $e ) {
3331<                               continue;
3332<                       }
3333<               }
3334<       }
3335<
3336<       do_action_ref_array( 'phpmailer_init', array( &$phpmailer ) );
3337<
3338<       // Send!
3339<       try {
3340<               $phpmailer->Send();
3341<       } catch ( phpmailerException $e ) {
3342<               return false;
3343<       }
3344<
3345<       return true;
3346< }
3347< endif;
3348<
3349< if ( !function_exists('wp_authenticate') ) :
3350< /**
3351<  * Checks a user's login information and logs them in if it checks out.
3352<  *
3353<  * @since 2.5.0
3354<  *
3355<  * @param string $username User's username
3356<  * @param string $password User's password
3357<  * @return WP_Error|WP_User WP_User object if login successful, otherwise WP_Error object.
3358<  */
3359< function wp_authenticate($username, $password) {
3360<       $username = sanitize_user($username);
3361<       $password = trim($password);
3362<
3363<       $user = apply_filters('authenticate', null, $username, $password);
3364<
3365<       if ( $user == null ) {
3366<               // TODO what should the error message be? (Or would these even happen?)
3367<               // Only needed if all authentication handlers fail to return anything.
3368<               $user = new WP_Error('authentication_failed', __('<strong>ERROR</strong>: Invalid username or incorrect password.'));
3369<       }
3370<
3371<       $ignore_codes = array('empty_username', 'empty_password');
3372<
3373<       if (is_wp_error($user) && !in_array($user->get_error_code(), $ignore_codes) ) {
3374<               do_action('wp_login_failed', $username);
3375<       }
3376<
3377<       return $user;
3378< }
3379< endif;
3380<
3381< if ( !function_exists('wp_logout') ) :
3382< /**
3383<  * Log the current user out.
3384<  *
3385<  * @since 2.5.0
3386<  */
3387< function wp_logout() {
3388<       wp_clear_auth_cookie();
3389<       do_action('wp_logout');
3390< }
3391< endif;
3392<
3393< if ( !function_exists('wp_validate_auth_cookie') ) :
3394< /**
3395<  * Validates authentication cookie.
3396<  *
3397<  * The checks include making sure that the authentication cookie is set and
3398<  * pulling in the contents (if $cookie is not used).
3399<  *
3400<  * Makes sure the cookie is not expired. Verifies the hash in cookie is what is
3401<  * should be and compares the two.
3402<  *
3403<  * @since 2.5
3404<  *
3405<  * @param string $cookie Optional. If used, will validate contents instead of cookie's
3406<  * @param string $scheme Optional. The cookie scheme to use: auth, secure_auth, or logged_in
3407<  * @return bool|int False if invalid cookie, User ID if valid.
3408<  */
3409< function wp_validate_auth_cookie($cookie = '', $scheme = '') {
3410<       if ( ! $cookie_elements = wp_parse_auth_cookie($cookie, $scheme) ) {
3411<               do_action('auth_cookie_malformed', $cookie, $scheme);
3412<               return false;
3413<       }
3414<
3415<       extract($cookie_elements, EXTR_OVERWRITE);
3416<
3417<       $expired = $expiration;
3418<
3419<       // Allow a grace period for POST and AJAX requests
3420<       if ( defined('DOING_AJAX') || 'POST' == $_SERVER['REQUEST_METHOD'] )
3421<               $expired += 3600;
3422<
3423<       // Quick check to see if an honest cookie has expired
3424<       if ( $expired < time() ) {
3425<               do_action('auth_cookie_expired', $cookie_elements);
3426<               return false;
3427<       }
3428<
3429<       $user = get_user_by('login', $username);
3430<       if ( ! $user ) {
3431<               do_action('auth_cookie_bad_username', $cookie_elements);
3432<               return false;
3433<       }
3434<
3435<       $pass_frag = substr($user->user_pass, 8, 4);
3436<
3437<       $key = wp_hash($username . $pass_frag . '|' . $expiration, $scheme);
3438<       $hash = hash_hmac('md5', $username . '|' . $expiration, $key);
3439<
3440<       if ( $hmac != $hash ) {
3441<               do_action('auth_cookie_bad_hash', $cookie_elements);
3442<               return false;
3443<       }
3444<
3445<       if ( $expiration < time() ) // AJAX/POST grace period set above
3446<               $GLOBALS['login_grace_period'] = 1;
3447<
3448<       do_action('auth_cookie_valid', $cookie_elements, $user);
3449<
3450<       return $user->ID;
3451< }
3452< endif;
3453<
3454< if ( !function_exists('wp_generate_auth_cookie') ) :
3455< /**
3456<  * Generate authentication cookie contents.
3457<  *
3458<  * @since 2.5
3459<  * @uses apply_filters() Calls 'auth_cookie' hook on $cookie contents, User ID
3460<  *            and expiration of cookie.
3461<  *
3462<  * @param int $user_id User ID
3463<  * @param int $expiration Cookie expiration in seconds
3464<  * @param string $scheme Optional. The cookie scheme to use: auth, secure_auth, or logged_in
3465<  * @return string Authentication cookie contents
3466<  */
3467< function wp_generate_auth_cookie($user_id, $expiration, $scheme = 'auth') {
3468<       $user = get_userdata($user_id);
3469<
3470<       $pass_frag = substr($user->user_pass, 8, 4);
3471<
3472<       $key = wp_hash($user->user_login . $pass_frag . '|' . $expiration, $scheme);
3473<       $hash = hash_hmac('md5', $user->user_login . '|' . $expiration, $key);
3474<
3475<       $cookie = $user->user_login . '|' . $expiration . '|' . $hash;
3476<
3477<       return apply_filters('auth_cookie', $cookie, $user_id, $expiration, $scheme);
3478< }
3479< endif;
3480<
3481< if ( !function_exists('wp_parse_auth_cookie') ) :
3482< /**
3483<  * Parse a cookie into its components
3484<  *
3485<  * @since 2.7
3486<  *
3487<  * @param string $cookie
3488<  * @param string $scheme Optional. The cookie scheme to use: auth, secure_auth, or logged_in
3489<  * @return array Authentication cookie components
3490<  */
3491< function wp_parse_auth_cookie($cookie = '', $scheme = '') {
3492<       if ( empty($cookie) ) {
3493<               switch ($scheme){
3494<                       case 'auth':
3495<                               $cookie_name = AUTH_COOKIE;
3496<                               break;
3497<                       case 'secure_auth':
3498<                               $cookie_name = SECURE_AUTH_COOKIE;
3499<                               break;
3500<                       case "logged_in":
3501<                               $cookie_name = LOGGED_IN_COOKIE;
3502<                               break;
3503<                       default:
3504<                               if ( is_ssl() ) {
3505<                                       $cookie_name = SECURE_AUTH_COOKIE;
3506<                                       $scheme = 'secure_auth';
3507<                               } else {
3508<                                       $cookie_name = AUTH_COOKIE;
3509<                                       $scheme = 'auth';
3510<                               }
3511<           }
3512<
3513<               if ( empty($_COOKIE[$cookie_name]) )
3514<                       return false;
3515<               $cookie = $_COOKIE[$cookie_name];
3516<       }
3517<
3518<       $cookie_elements = explode('|', $cookie);
3519<       if ( count($cookie_elements) != 3 )
3520<               return false;
3521<
3522<       list($username, $expiration, $hmac) = $cookie_elements;
3523<
3524<       return compact('username', 'expiration', 'hmac', 'scheme');
3525< }
3526< endif;
3527<
3528< if ( !function_exists('wp_set_auth_cookie') ) :
3529< /**
3530<  * Sets the authentication cookies based User ID.
3531<  *
3532<  * The $remember parameter increases the time that the cookie will be kept. The
3533<  * default the cookie is kept without remembering is two days. When $remember is
3534<  * set, the cookies will be kept for 14 days or two weeks.
3535<  *
3536<  * @since 2.5
3537<  *
3538<  * @param int $user_id User ID
3539<  * @param bool $remember Whether to remember the user
3540<  */
3541< function wp_set_auth_cookie($user_id, $remember = false, $secure = '') {
3542<       if ( $remember ) {
3543<               $expiration = $expire = time() + apply_filters('auth_cookie_expiration', 1209600, $user_id, $remember);
3544<       } else {
3545<               $expiration = time() + apply_filters('auth_cookie_expiration', 172800, $user_id, $remember);
3546<               $expire = 0;
3547<       }
3548<
3549<       if ( '' === $secure )
3550<               $secure = is_ssl();
3551<
3552<       $secure = apply_filters('secure_auth_cookie', $secure, $user_id);
3553<       $secure_logged_in_cookie = apply_filters('secure_logged_in_cookie', false, $user_id, $secure);
3554<
3555<       if ( $secure ) {
3556<               $auth_cookie_name = SECURE_AUTH_COOKIE;
3557<               $scheme = 'secure_auth';
3558<       } else {
3559<               $auth_cookie_name = AUTH_COOKIE;
3560<               $scheme = 'auth';
3561<       }
3562<
3563<       $auth_cookie = wp_generate_auth_cookie($user_id, $expiration, $scheme);
3564<       $logged_in_cookie = wp_generate_auth_cookie($user_id, $expiration, 'logged_in');
3565<
3566<       do_action('set_auth_cookie', $auth_cookie, $expire, $expiration, $user_id, $scheme);
3567<       do_action('set_logged_in_cookie', $logged_in_cookie, $expire, $expiration, $user_id, 'logged_in');
3568<
3569<       setcookie($auth_cookie_name, $auth_cookie, $expire, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN, $secure, true);
3570<       setcookie($auth_cookie_name, $auth_cookie, $expire, ADMIN_COOKIE_PATH, COOKIE_DOMAIN, $secure, true);
3571<       setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, COOKIEPATH, COOKIE_DOMAIN, $secure_logged_in_cookie, true);
3572<       if ( COOKIEPATH != SITECOOKIEPATH )
3573<               setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, SITECOOKIEPATH, COOKIE_DOMAIN, $secure_logged_in_cookie, true);
3574< }
3575< endif;
3576<
3577< if ( !function_exists('wp_clear_auth_cookie') ) :
3578< /**
3579<  * Removes all of the cookies associated with authentication.
3580<  *
3581<  * @since 2.5
3582<  */
3583< function wp_clear_auth_cookie() {
3584<       do_action('clear_auth_cookie');
3585<
3586<       setcookie(AUTH_COOKIE, ' ', time() - 31536000, ADMIN_COOKIE_PATH, COOKIE_DOMAIN);
3587<       setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, ADMIN_COOKIE_PATH, COOKIE_DOMAIN);
3588<       setcookie(AUTH_COOKIE, ' ', time() - 31536000, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN);
3589<       setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN);
3590<       setcookie(LOGGED_IN_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
3591<       setcookie(LOGGED_IN_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
3592<
3593<       // Old cookies
3594<       setcookie(AUTH_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
3595<       setcookie(AUTH_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
3596<       setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
3597<       setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
3598<
3599<       // Even older cookies
3600<       setcookie(USER_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
3601<       setcookie(PASS_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
3602<       setcookie(USER_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
3603<       setcookie(PASS_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
3604< }
3605< endif;
3606<
3607< if ( !function_exists('is_user_logged_in') ) :
3608< /**
3609<  * Checks if the current visitor is a logged in user.
3610<  *
3611<  * @since 2.0.0
3612<  *
3613<  * @return bool True if user is logged in, false if not logged in.
3614<  */
3615< function is_user_logged_in() {
3616<       $user = wp_get_current_user();
3617<
3618<       if ( empty( $user->ID ) )
3619<               return false;
3620<
3621<       return true;
3622< }
3623< endif;
3624<
3625< if ( !function_exists('auth_redirect') ) :
3626< /**
3627<  * Checks if a user is logged in, if not it redirects them to the login page.
3628<  *
3629<  * @since 1.5
3630<  */
3631< function auth_redirect() {
3632<       // Checks if a user is logged in, if not redirects them to the login page
3633<
3634<       $secure = ( is_ssl() || force_ssl_admin() );
3635<
3636<       $secure = apply_filters('secure_auth_redirect', $secure);
3637<
3638<       // If https is required and request is http, redirect
3639<       if ( $secure && !is_ssl() && false !== strpos($_SERVER['REQUEST_URI'], 'wp-admin') ) {
3640<               if ( 0 === strpos($_SERVER['REQUEST_URI'], 'http') ) {
3641<                       wp_redirect(preg_replace('|^http://|', 'https://', $_SERVER['REQUEST_URI']));
3642<                       exit();
3643<               } else {
3644<                       wp_redirect('https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
3645<                       exit();
3646<               }
3647<       }
3648<
3649<       if ( is_user_admin() )
3650<               $scheme = 'logged_in';
3651<       else
3652<               $scheme = apply_filters( 'auth_redirect_scheme', '' );
3653<
3654<       if ( $user_id = wp_validate_auth_cookie( '',  $scheme) ) {
3655<               do_action('auth_redirect', $user_id);
3656<
3657<               // If the user wants ssl but the session is not ssl, redirect.
3658<               if ( !$secure && get_user_option('use_ssl', $user_id) && false !== strpos($_SERVER['REQUEST_URI'], 'wp-admin') ) {
3659<                       if ( 0 === strpos($_SERVER['REQUEST_URI'], 'http') ) {
3660<                               wp_redirect(preg_replace('|^http://|', 'https://', $_SERVER['REQUEST_URI']));
3661<                               exit();
3662<                       } else {
3663<                               wp_redirect('https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
3664<                               exit();
3665<                       }
3666<               }
3667<
3668<               return;  // The cookie is good so we're done
3669<       }
3670<
3671<       // The cookie is no good so force login
3672<       nocache_headers();
3673<
3674<       if ( is_ssl() )
3675<               $proto = 'https://';
3676<       else
3677<               $proto = 'http://';
3678<
3679<       $redirect = ( strpos($_SERVER['REQUEST_URI'], '/options.php') && wp_get_referer() ) ? wp_get_referer() : $proto . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
3680<
3681<       $login_url = wp_login_url($redirect, true);
3682<
3683<       wp_redirect($login_url);
3684<       exit();
3685< }
3686< endif;
3687<
3688< if ( !function_exists('check_admin_referer') ) :
3689< /**
3690<  * Makes sure that a user was referred from another admin page.
3691<  *
3692<  * To avoid security exploits.
3693<  *
3694<  * @since 1.2.0
3695<  * @uses do_action() Calls 'check_admin_referer' on $action.
3696<  *
3697<  * @param string $action Action nonce
3698<  * @param string $query_arg where to look for nonce in $_REQUEST (since 2.5)
3699<  */
3700< function check_admin_referer($action = -1, $query_arg = '_wpnonce') {
3701<       if ( -1 == $action )
3702<               _doing_it_wrong( __FUNCTION__, __( 'You should specify a nonce action to be verified by using the first parameter.' ), '3.2' );
3703<
3704<       $adminurl = strtolower(admin_url());
3705<       $referer = strtolower(wp_get_referer());
3706<       $result = isset($_REQUEST[$query_arg]) ? wp_verify_nonce($_REQUEST[$query_arg], $action) : false;
3707<       if ( !$result && !(-1 == $action && strpos($referer, $adminurl) === 0) ) {
3708<               wp_nonce_ays($action);
3709<               die();
3710<       }
3711<       do_action('check_admin_referer', $action, $result);
3712<       return $result;
3713< }endif;
3714<
3715< if ( !function_exists('check_ajax_referer') ) :
3716< /**
3717<  * Verifies the AJAX request to prevent processing requests external of the blog.
3718<  *
3719<  * @since 2.0.3
3720<  *
3721<  * @param string $action Action nonce
3722<  * @param string $query_arg where to look for nonce in $_REQUEST (since 2.5)
3723<  */
3724< function check_ajax_referer( $action = -1, $query_arg = false, $die = true ) {
3725<       if ( $query_arg )
3726<               $nonce = $_REQUEST[$query_arg];
3727<       else
3728<               $nonce = isset($_REQUEST['_ajax_nonce']) ? $_REQUEST['_ajax_nonce'] : $_REQUEST['_wpnonce'];
3729<
3730<       $result = wp_verify_nonce( $nonce, $action );
3731<
3732<       if ( $die && false == $result )
3733<               die('-1');
3734<
3735<       do_action('check_ajax_referer', $action, $result);
3736<
3737<       return $result;
3738< }
3739< endif;
3740<
3741< if ( !function_exists('wp_redirect') ) :
3742< /**
3743<  * Redirects to another page.
3744<  *
3745<  * @since 1.5.1
3746<  * @uses apply_filters() Calls 'wp_redirect' hook on $location and $status.
3747<  *
3748<  * @param string $location The path to redirect to
3749<  * @param int $status Status code to use
3750<  * @return bool False if $location is not set
3751<  */
3752< function wp_redirect($location, $status = 302) {
3753<       global $is_IIS;
3754<
3755<       $location = apply_filters('wp_redirect', $location, $status);
3756<       $status = apply_filters('wp_redirect_status', $status, $location);
3757<
3758<       if ( !$location ) // allows the wp_redirect filter to cancel a redirect
3759<               return false;
3760<
3761<       $location = wp_sanitize_redirect($location);
3762<
3763<       if ( !$is_IIS && php_sapi_name() != 'cgi-fcgi' )
3764<               status_header($status); // This causes problems on IIS and some FastCGI setups
3765<
3766<       header("Location: $location", true, $status);
3767< }
3768< endif;
3769<
3770< if ( !function_exists('wp_sanitize_redirect') ) :
3771< /**
3772<  * Sanitizes a URL for use in a redirect.
3773<  *
3774<  * @since 2.3
3775<  *
3776<  * @return string redirect-sanitized URL
3777<  **/
3778< function wp_sanitize_redirect($location) {
3779<       $location = preg_replace('|[^a-z0-9-~+_.?#=&;,/:%!]|i', '', $location);
3780<       $location = wp_kses_no_null($location);
3781<
3782<       // remove %0d and %0a from location
3783<       $strip = array('%0d', '%0a', '%0D', '%0A');
3784<       $location = _deep_replace($strip, $location);
3785<       return $location;
3786< }
3787< endif;
3788<
3789< if ( !function_exists('wp_safe_redirect') ) :
3790< /**
3791<  * Performs a safe (local) redirect, using wp_redirect().
3792<  *
3793<  * Checks whether the $location is using an allowed host, if it has an absolute
3794<  * path. A plugin can therefore set or remove allowed host(s) to or from the
3795<  * list.
3796<  *
3797<  * If the host is not allowed, then the redirect is to wp-admin on the siteurl
3798<  * instead. This prevents malicious redirects which redirect to another host,
3799<  * but only used in a few places.
3800<  *
3801<  * @since 2.3
3802<  * @uses wp_validate_redirect() To validate the redirect is to an allowed host.
3803<  *
3804<  * @return void Does not return anything
3805<  **/
3806< function wp_safe_redirect($location, $status = 302) {
3807<
3808<       // Need to look at the URL the way it will end up in wp_redirect()
3809<       $location = wp_sanitize_redirect($location);
3810<
3811<       $location = wp_validate_redirect($location, admin_url());
3812<
3813<       wp_redirect($location, $status);
3814< }
3815< endif;
3816<
3817< if ( !function_exists('wp_validate_redirect') ) :
3818< /**
3819<  * Validates a URL for use in a redirect.
3820<  *
3821<  * Checks whether the $location is using an allowed host, if it has an absolute
3822<  * path. A plugin can therefore set or remove allowed host(s) to or from the
3823<  * list.
3824<  *
3825<  * If the host is not allowed, then the redirect is to $default supplied
3826<  *
3827<  * @since 2.8.1
3828<  * @uses apply_filters() Calls 'allowed_redirect_hosts' on an array containing
3829<  *            WordPress host string and $location host string.
3830<  *
3831<  * @param string $location The redirect to validate
3832<  * @param string $default The value to return is $location is not allowed
3833<  * @return string redirect-sanitized URL
3834<  **/
3835< function wp_validate_redirect($location, $default = '') {
3836<       // browsers will assume 'http' is your protocol, and will obey a redirect to a URL starting with '//'
3837<       if ( substr($location, 0, 2) == '//' )
3838<               $location = 'http:' . $location;
3839<
3840<       // In php 5 parse_url may fail if the URL query part contains http://, bug #38143
3841<       $test = ( $cut = strpos($location, '?') ) ? substr( $location, 0, $cut ) : $location;
3842<
3843<       $lp  = parse_url($test);
3844<
3845<       // Give up if malformed URL
3846<       if ( false === $lp )
3847<               return $default;
3848<
3849<       // Allow only http and https schemes. No data:, etc.
3850<       if ( isset($lp['scheme']) && !('http' == $lp['scheme'] || 'https' == $lp['scheme']) )
3851<               return $default;
3852<
3853<       // Reject if scheme is set but host is not. This catches urls like https:host.com for which parse_url does not set the host field.
3854<       if ( isset($lp['scheme'])  && !isset($lp['host']) )
3855<               return $default;
3856<
3857<       $wpp = parse_url(home_url());
3858<
3859<       $allowed_hosts = (array) apply_filters('allowed_redirect_hosts', array($wpp['host']), isset($lp['host']) ? $lp['host'] : '');
3860<
3861<       if ( isset($lp['host']) && ( !in_array($lp['host'], $allowed_hosts) && $lp['host'] != strtolower($wpp['host'])) )
3862<               $location = $default;
3863<
3864<       return $location;
3865< }
3866< endif;
3867<
3868< if ( ! function_exists('wp_notify_postauthor') ) :
3869< /**
3870<  * Notify an author of a comment/trackback/pingback to one of their posts.
3871<  *
3872<  * @since 1.0.0
3873<  *
3874<  * @param int $comment_id Comment ID
3875<  * @param string $comment_type Optional. The comment type either 'comment' (default), 'trackback', or 'pingback'
3876<  * @return bool False if user email does not exist. True on completion.
3877<  */
3878< function wp_notify_postauthor( $comment_id, $comment_type = '' ) {
3879<       $comment = get_comment( $comment_id );
3880<       $post    = get_post( $comment->comment_post_ID );
3881<       $author  = get_userdata( $post->post_author );
3882<
3883<       // The comment was left by the author
3884<       if ( $comment->user_id == $post->post_author )
3885<               return false;
3886<
3887<       // The author moderated a comment on his own post
3888<       if ( $post->post_author == get_current_user_id() )
3889<               return false;
3890<
3891<       // If there's no email to send the comment to
3892<       if ( '' == $author->user_email )
3893<               return false;
3894<
3895<       $comment_author_domain = @gethostbyaddr($comment->comment_author_IP);
3896<
3897<       // The blogname option is escaped with esc_html on the way into the database in sanitize_option
3898<       // we want to reverse this for the plain text arena of emails.
3899<       $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
3900<
3901<       if ( empty( $comment_type ) ) $comment_type = 'comment';
3902<
3903<       if ('comment' == $comment_type) {
3904<               $notify_message  = sprintf( __( 'New comment on your post "%s"' ), $post->post_title ) . "\r\n";
3905<               /* translators: 1: comment author, 2: author IP, 3: author domain */
3906<               $notify_message .= sprintf( __('Author : %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain ) . "\r\n";
3907<               $notify_message .= sprintf( __('E-mail : %s'), $comment->comment_author_email ) . "\r\n";
3908<               $notify_message .= sprintf( __('URL    : %s'), $comment->comment_author_url ) . "\r\n";
3909<               $notify_message .= sprintf( __('Whois  : http://whois.arin.net/rest/ip/%s'), $comment->comment_author_IP ) . "\r\n";
3910<               $notify_message .= __('Comment: ') . "\r\n" . $comment->comment_content . "\r\n\r\n";
3911<               $notify_message .= __('You can see all comments on this post here: ') . "\r\n";
3912<               /* translators: 1: blog name, 2: post title */
3913<               $subject = sprintf( __('[%1$s] Comment: "%2$s"'), $blogname, $post->post_title );
3914<       } elseif ('trackback' == $comment_type) {
3915<               $notify_message  = sprintf( __( 'New trackback on your post "%s"' ), $post->post_title ) . "\r\n";
3916<               /* translators: 1: website name, 2: author IP, 3: author domain */
3917<               $notify_message .= sprintf( __('Website: %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain ) . "\r\n";
3918<               $notify_message .= sprintf( __('URL    : %s'), $comment->comment_author_url ) . "\r\n";
3919<               $notify_message .= __('Excerpt: ') . "\r\n" . $comment->comment_content . "\r\n\r\n";
3920<               $notify_message .= __('You can see all trackbacks on this post here: ') . "\r\n";
3921<               /* translators: 1: blog name, 2: post title */
3922<               $subject = sprintf( __('[%1$s] Trackback: "%2$s"'), $blogname, $post->post_title );
3923<       } elseif ('pingback' == $comment_type) {
3924<               $notify_message  = sprintf( __( 'New pingback on your post "%s"' ), $post->post_title ) . "\r\n";
3925<               /* translators: 1: comment author, 2: author IP, 3: author domain */
3926<               $notify_message .= sprintf( __('Website: %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain ) . "\r\n";
3927<               $notify_message .= sprintf( __('URL    : %s'), $comment->comment_author_url ) . "\r\n";
3928<               $notify_message .= __('Excerpt: ') . "\r\n" . sprintf('[...] %s [...]', $comment->comment_content ) . "\r\n\r\n";
3929<               $notify_message .= __('You can see all pingbacks on this post here: ') . "\r\n";
3930<               /* translators: 1: blog name, 2: post title */
3931<               $subject = sprintf( __('[%1$s] Pingback: "%2$s"'), $blogname, $post->post_title );
3932<       }
3933<       $notify_message .= get_permalink($comment->comment_post_ID) . "#comments\r\n\r\n";
3934<       $notify_message .= sprintf( __('Permalink: %s'), get_permalink( $comment->comment_post_ID ) . '#comment-' . $comment_id ) . "\r\n";
3935<       if ( EMPTY_TRASH_DAYS )
3936<               $notify_message .= sprintf( __('Trash it: %s'), admin_url("comment.php?action=trash&c=$comment_id") ) . "\r\n";
3937<       else
3938<               $notify_message .= sprintf( __('Delete it: %s'), admin_url("comment.php?action=delete&c=$comment_id") ) . "\r\n";
3939<       $notify_message .= sprintf( __('Spam it: %s'), admin_url("comment.php?action=spam&c=$comment_id") ) . "\r\n";
3940<
3941<       $wp_email = 'wordpress@' . preg_replace('#^www\.#', '', strtolower($_SERVER['SERVER_NAME']));
3942<
3943<       if ( '' == $comment->comment_author ) {
3944<               $from = "From: \"$blogname\" <$wp_email>";
3945<               if ( '' != $comment->comment_author_email )
3946<                       $reply_to = "Reply-To: $comment->comment_author_email";
3947<       } else {
3948<               $from = "From: \"$comment->comment_author\" <$wp_email>";
3949<               if ( '' != $comment->comment_author_email )
3950<                       $reply_to = "Reply-To: \"$comment->comment_author_email\" <$comment->comment_author_email>";
3951<       }
3952<
3953<       $message_headers = "$from\n"
3954<               . "Content-Type: text/plain; charset=\"" . get_option('blog_charset') . "\"\n";
3955<
3956<       if ( isset($reply_to) )
3957<               $message_headers .= $reply_to . "\n";
3958<
3959<       $notify_message = apply_filters('comment_notification_text', $notify_message, $comment_id);
3960<       $subject = apply_filters('comment_notification_subject', $subject, $comment_id);
3961<       $message_headers = apply_filters('comment_notification_headers', $message_headers, $comment_id);
3962<
3963<       @wp_mail( $author->user_email, $subject, $notify_message, $message_headers );
3964<
3965<       return true;
3966< }
3967< endif;
3968<
3969< if ( !function_exists('wp_notify_moderator') ) :
3970< /**
3971<  * Notifies the moderator of the blog about a new comment that is awaiting approval.
3972<  *
3973<  * @since 1.0
3974<  * @uses $wpdb
3975<  *
3976<  * @param int $comment_id Comment ID
3977<  * @return bool Always returns true
3978<  */
3979< function wp_notify_moderator($comment_id) {
3980<       global $wpdb;
3981<
3982<       if ( 0 == get_option( 'moderation_notify' ) )
3983<               return true;
3984<
3985<       $comment = get_comment($comment_id);
3986<       $post = get_post($comment->comment_post_ID);
3987<       $user = get_userdata( $post->post_author );
3988<       // Send to the administration and to the post author if the author can modify the comment.
3989<       $email_to = array( get_option('admin_email') );
3990<       if ( user_can($user->ID, 'edit_comment', $comment_id) && !empty($user->user_email) && ( get_option('admin_email') != $user->user_email) )
3991<               $email_to[] = $user->user_email;
3992<
3993<       $comment_author_domain = @gethostbyaddr($comment->comment_author_IP);
3994<       $comments_waiting = $wpdb->get_var("SELECT count(comment_ID) FROM $wpdb->comments WHERE comment_approved = '0'");
3995<
3996<       // The blogname option is escaped with esc_html on the way into the database in sanitize_option
3997<       // we want to reverse this for the plain text arena of emails.
3998<       $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
3999<
4000<       switch ($comment->comment_type)
4001<       {
4002<               case 'trackback':
4003<                       $notify_message  = sprintf( __('A new trackback on the post "%s" is waiting for your approval'), $post->post_title ) . "\r\n";
4004<                       $notify_message .= get_permalink($comment->comment_post_ID) . "\r\n\r\n";
4005<                       $notify_message .= sprintf( __('Website : %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain ) . "\r\n";
4006<                       $notify_message .= sprintf( __('URL    : %s'), $comment->comment_author_url ) . "\r\n";
4007<                       $notify_message .= __('Trackback excerpt: ') . "\r\n" . $comment->comment_content . "\r\n\r\n";
4008<                       break;
4009<               case 'pingback':
4010<                       $notify_message  = sprintf( __('A new pingback on the post "%s" is waiting for your approval'), $post->post_title ) . "\r\n";
4011<                       $notify_message .= get_permalink($comment->comment_post_ID) . "\r\n\r\n";
4012<                       $notify_message .= sprintf( __('Website : %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain ) . "\r\n";
4013<                       $notify_message .= sprintf( __('URL    : %s'), $comment->comment_author_url ) . "\r\n";
4014<                       $notify_message .= __('Pingback excerpt: ') . "\r\n" . $comment->comment_content . "\r\n\r\n";
4015<                       break;
4016<               default: //Comments
4017<                       $notify_message  = sprintf( __('A new comment on the post "%s" is waiting for your approval'), $post->post_title ) . "\r\n";
4018<                       $notify_message .= get_permalink($comment->comment_post_ID) . "\r\n\r\n";
4019<                       $notify_message .= sprintf( __('Author : %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain ) . "\r\n";
4020<                       $notify_message .= sprintf( __('E-mail : %s'), $comment->comment_author_email ) . "\r\n";
4021<                       $notify_message .= sprintf( __('URL    : %s'), $comment->comment_author_url ) . "\r\n";
4022<                       $notify_message .= sprintf( __('Whois  : http://whois.arin.net/rest/ip/%s'), $comment->comment_author_IP ) . "\r\n";
4023<                       $notify_message .= __('Comment: ') . "\r\n" . $comment->comment_content . "\r\n\r\n";
4024<                       break;
4025<       }
4026<
4027<       $notify_message .= sprintf( __('Approve it: %s'),  admin_url("comment.php?action=approve&c=$comment_id") ) . "\r\n";
4028<       if ( EMPTY_TRASH_DAYS )
4029<               $notify_message .= sprintf( __('Trash it: %s'), admin_url("comment.php?action=trash&c=$comment_id") ) . "\r\n";
4030<       else
4031<               $notify_message .= sprintf( __('Delete it: %s'), admin_url("comment.php?action=delete&c=$comment_id") ) . "\r\n";
4032<       $notify_message .= sprintf( __('Spam it: %s'), admin_url("comment.php?action=spam&c=$comment_id") ) . "\r\n";
4033<
4034<       $notify_message .= sprintf( _n('Currently %s comment is waiting for approval. Please visit the moderation panel:',
4035<               'Currently %s comments are waiting for approval. Please visit the moderation panel:', $comments_waiting), number_format_i18n($comments_waiting) ) . "\r\n";
4036<       $notify_message .= admin_url("edit-comments.php?comment_status=moderated") . "\r\n";
4037<
4038<       $subject = sprintf( __('[%1$s] Please moderate: "%2$s"'), $blogname, $post->post_title );
4039<       $message_headers = '';
4040<
4041<       $notify_message = apply_filters('comment_moderation_text', $notify_message, $comment_id);
4042<       $subject = apply_filters('comment_moderation_subject', $subject, $comment_id);
4043<       $message_headers = apply_filters('comment_moderation_headers', $message_headers);
4044<
4045<       foreach ( $email_to as $email )
4046<               @wp_mail($email, $subject, $notify_message, $message_headers);
4047<
4048<       return true;
4049< }
4050< endif;
4051<
4052< if ( !function_exists('wp_password_change_notification') ) :
4053< /**
4054<  * Notify the blog admin of a user changing password, normally via email.
4055<  *
4056<  * @since 2.7
4057<  *
4058<  * @param object $user User Object
4059<  */
4060< function wp_password_change_notification(&$user) {
4061<       // send a copy of password change notification to the admin
4062<       // but check to see if it's the admin whose password we're changing, and skip this
4063<       if ( $user->user_email != get_option('admin_email') ) {
4064<               $message = sprintf(__('Password Lost and Changed for user: %s'), $user->user_login) . "\r\n";
4065<               // The blogname option is escaped with esc_html on the way into the database in sanitize_option
4066<               // we want to reverse this for the plain text arena of emails.
4067<               $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
4068<               wp_mail(get_option('admin_email'), sprintf(__('[%s] Password Lost/Changed'), $blogname), $message);
4069<       }
4070< }
4071< endif;
4072<
4073< if ( !function_exists('wp_new_user_notification') ) :
4074< /**
4075<  * Notify the blog admin of a new user, normally via email.
4076<  *
4077<  * @since 2.0
4078<  *
4079<  * @param int $user_id User ID
4080<  * @param string $plaintext_pass Optional. The user's plaintext password
4081<  */
4082< function wp_new_user_notification($user_id, $plaintext_pass = '') {
4083<       $user = new WP_User($user_id);
4084<
4085<       $user_login = stripslashes($user->user_login);
4086<       $user_email = stripslashes($user->user_email);
4087<
4088<       // The blogname option is escaped with esc_html on the way into the database in sanitize_option
4089<       // we want to reverse this for the plain text arena of emails.
4090<       $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
4091<
4092<       $message  = sprintf(__('New user registration on your site %s:'), $blogname) . "\r\n\r\n";
4093<       $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
4094<       $message .= sprintf(__('E-mail: %s'), $user_email) . "\r\n";
4095<
4096<       @wp_mail(get_option('admin_email'), sprintf(__('[%s] New User Registration'), $blogname), $message);
4097<
4098<       if ( empty($plaintext_pass) )
4099<               return;
4100<
4101<       $message  = sprintf(__('Username: %s'), $user_login) . "\r\n";
4102<       $message .= sprintf(__('Password: %s'), $plaintext_pass) . "\r\n";
4103<       $message .= wp_login_url() . "\r\n";
4104<
4105<       wp_mail($user_email, sprintf(__('[%s] Your username and password'), $blogname), $message);
4106<
4107< }
4108< endif;
4109<
4110< if ( !function_exists('wp_nonce_tick') ) :
4111< /**
4112<  * Get the time-dependent variable for nonce creation.
4113<  *
4114<  * A nonce has a lifespan of two ticks. Nonces in their second tick may be
4115<  * updated, e.g. by autosave.
4116<  *
4117<  * @since 2.5
4118<  *
4119<  * @return int
4120<  */
4121< function wp_nonce_tick() {
4122<       $nonce_life = apply_filters('nonce_life', 86400);
4123<
4124<       return ceil(time() / ( $nonce_life / 2 ));
4125< }
4126< endif;
4127<
4128< if ( !function_exists('wp_verify_nonce') ) :
4129< /**
4130<  * Verify that correct nonce was used with time limit.
4131<  *
4132<  * The user is given an amount of time to use the token, so therefore, since the
4133<  * UID and $action remain the same, the independent variable is the time.
4134<  *
4135<  * @since 2.0.3
4136<  *
4137<  * @param string $nonce Nonce that was used in the form to verify
4138<  * @param string|int $action Should give context to what is taking place and be the same when nonce was created.
4139<  * @return bool Whether the nonce check passed or failed.
4140<  */
4141< function wp_verify_nonce($nonce, $action = -1) {
4142<       $user = wp_get_current_user();
4143<       $uid = (int) $user->ID;
4144<
4145<       $i = wp_nonce_tick();
4146<
4147<       // Nonce generated 0-12 hours ago
4148<       if ( substr(wp_hash($i . $action . $uid, 'nonce'), -12, 10) == $nonce )
4149<               return 1;
4150<       // Nonce generated 12-24 hours ago
4151<       if ( substr(wp_hash(($i - 1) . $action . $uid, 'nonce'), -12, 10) == $nonce )
4152<               return 2;
4153<       // Invalid nonce
4154<       return false;
4155< }
4156< endif;
4157<
4158< if ( !function_exists('wp_create_nonce') ) :
4159< /**
4160<  * Creates a random, one time use token.
4161<  *
4162<  * @since 2.0.3
4163<  *
4164<  * @param string|int $action Scalar value to add context to the nonce.
4165<  * @return string The one use form token
4166<  */
4167< function wp_create_nonce($action = -1) {
4168<       $user = wp_get_current_user();
4169<       $uid = (int) $user->ID;
4170<
4171<       $i = wp_nonce_tick();
4172<
4173<       return substr(wp_hash($i . $action . $uid, 'nonce'), -12, 10);
4174< }
4175< endif;
4176<
4177< if ( !function_exists('wp_salt') ) :
4178< /**
4179<  * Get salt to add to hashes to help prevent attacks.
4180<  *
4181<  * The secret key is located in two places: the database in case the secret key
4182<  * isn't defined in the second place, which is in the wp-config.php file. If you
4183<  * are going to set the secret key, then you must do so in the wp-config.php
4184<  * file.
4185<  *
4186<  * The secret key in the database is randomly generated and will be appended to
4187<  * the secret key that is in wp-config.php file in some instances. It is
4188<  * important to have the secret key defined or changed in wp-config.php.
4189<  *
4190<  * If you have installed WordPress 2.5 or later, then you will have the
4191<  * SECRET_KEY defined in the wp-config.php already. You will want to change the
4192<  * value in it because hackers will know what it is. If you have upgraded to
4193<  * WordPress 2.5 or later version from a version before WordPress 2.5, then you
4194<  * should add the constant to your wp-config.php file.
4195<  *
4196<  * Below is an example of how the SECRET_KEY constant is defined with a value.
4197<  * You must not copy the below example and paste into your wp-config.php. If you
4198<  * need an example, then you can have a
4199<  * {@link https://api.wordpress.org/secret-key/1.1/ secret key created} for you.
4200<  *
4201<  * <code>
4202<  * define('SECRET_KEY', 'mAry1HadA15|\/|b17w55w1t3asSn09w');
4203<  * </code>
4204<  *
4205<  * Salting passwords helps against tools which has stored hashed values of
4206<  * common dictionary strings. The added values makes it harder to crack if given
4207<  * salt string is not weak.
4208<  *
4209<  * @since 2.5
4210<  * @link https://api.wordpress.org/secret-key/1.1/ Create a Secret Key for wp-config.php
4211<  *
4212<  * @param string $scheme Authentication scheme
4213<  * @return string Salt value
4214<  */
4215< function wp_salt($scheme = 'auth') {
4216<       global $wp_default_secret_key;
4217<       $secret_key = '';
4218<       if ( defined('SECRET_KEY') && ('' != SECRET_KEY) && ( $wp_default_secret_key != SECRET_KEY) )
4219<               $secret_key = SECRET_KEY;
4220<
4221<       if ( 'auth' == $scheme ) {
4222<               if ( defined('AUTH_KEY') && ('' != AUTH_KEY) && ( $wp_default_secret_key != AUTH_KEY) )
4223<                       $secret_key = AUTH_KEY;
4224<
4225<               if ( defined('AUTH_SALT') && ('' != AUTH_SALT) && ( $wp_default_secret_key != AUTH_SALT) ) {
4226<                       $salt = AUTH_SALT;
4227<               } elseif ( defined('SECRET_SALT') && ('' != SECRET_SALT) && ( $wp_default_secret_key != SECRET_SALT) ) {
4228<                       $salt = SECRET_SALT;
4229<               } else {
4230<                       $salt = get_site_option('auth_salt');
4231<                       if ( empty($salt) ) {
4232<                               $salt = wp_generate_password( 64, true, true );
4233<                               update_site_option('auth_salt', $salt);
4234<                       }
4235<               }
4236<       } elseif ( 'secure_auth' == $scheme ) {
4237<               if ( defined('SECURE_AUTH_KEY') && ('' != SECURE_AUTH_KEY) && ( $wp_default_secret_key != SECURE_AUTH_KEY) )
4238<                       $secret_key = SECURE_AUTH_KEY;
4239<
4240<               if ( defined('SECURE_AUTH_SALT') && ('' != SECURE_AUTH_SALT) && ( $wp_default_secret_key != SECURE_AUTH_SALT) ) {
4241<                       $salt = SECURE_AUTH_SALT;
4242<               } else {
4243<                       $salt = get_site_option('secure_auth_salt');
4244<                       if ( empty($salt) ) {
4245<                               $salt = wp_generate_password( 64, true, true );
4246<                               update_site_option('secure_auth_salt', $salt);
4247<                       }
4248<               }
4249<       } elseif ( 'logged_in' == $scheme ) {
4250<               if ( defined('LOGGED_IN_KEY') && ('' != LOGGED_IN_KEY) && ( $wp_default_secret_key != LOGGED_IN_KEY) )
4251<                       $secret_key = LOGGED_IN_KEY;
4252<
4253<               if ( defined('LOGGED_IN_SALT') && ('' != LOGGED_IN_SALT) && ( $wp_default_secret_key != LOGGED_IN_SALT) ) {
4254<                       $salt = LOGGED_IN_SALT;
4255<               } else {
4256<                       $salt = get_site_option('logged_in_salt');
4257<                       if ( empty($salt) ) {
4258<                               $salt = wp_generate_password( 64, true, true );
4259<                               update_site_option('logged_in_salt', $salt);
4260<                       }
4261<               }
4262<       } elseif ( 'nonce' == $scheme ) {
4263<               if ( defined('NONCE_KEY') && ('' != NONCE_KEY) && ( $wp_default_secret_key != NONCE_KEY) )
4264<                       $secret_key = NONCE_KEY;
4265<
4266<               if ( defined('NONCE_SALT') && ('' != NONCE_SALT) && ( $wp_default_secret_key != NONCE_SALT) ) {
4267<                       $salt = NONCE_SALT;
4268<               } else {
4269<                       $salt = get_site_option('nonce_salt');
4270<                       if ( empty($salt) ) {
4271<                               $salt = wp_generate_password( 64, true, true );
4272<                               update_site_option('nonce_salt', $salt);
4273<                       }
4274<               }
4275<       } else {
4276<               // ensure each auth scheme has its own unique salt
4277<               $salt = hash_hmac('md5', $scheme, $secret_key);
4278<       }
4279<
4280<       return apply_filters('salt', $secret_key . $salt, $scheme);
4281< }
4282< endif;
4283<
4284< if ( !function_exists('wp_hash') ) :
4285< /**
4286<  * Get hash of given string.
4287<  *
4288<  * @since 2.0.3
4289<  * @uses wp_salt() Get WordPress salt
4290<  *
4291<  * @param string $data Plain text to hash
4292<  * @return string Hash of $data
4293<  */
4294< function wp_hash($data, $scheme = 'auth') {
4295<       $salt = wp_salt($scheme);
4296<
4297<       return hash_hmac('md5', $data, $salt);
4298< }
4299< endif;
4300<
4301< if ( !function_exists('wp_hash_password') ) :
4302< /**
4303<  * Create a hash (encrypt) of a plain text password.
4304<  *
4305<  * For integration with other applications, this function can be overwritten to
4306<  * instead use the other package password checking algorithm.
4307<  *
4308<  * @since 2.5
4309<  * @global object $wp_hasher PHPass object
4310<  * @uses PasswordHash::HashPassword
4311<  *
4312<  * @param string $password Plain text user password to hash
4313<  * @return string The hash string of the password
4314<  */
4315< function wp_hash_password($password) {
4316<       global $wp_hasher;
4317<
4318<       if ( empty($wp_hasher) ) {
4319<               require_once( ABSPATH . 'wp-includes/class-phpass.php');
4320<               // By default, use the portable hash from phpass
4321<               $wp_hasher = new PasswordHash(8, TRUE);
4322<       }
4323<
4324<       return $wp_hasher->HashPassword($password);
4325< }
4326< endif;
4327<
4328< if ( !function_exists('wp_check_password') ) :
4329< /**
4330<  * Checks the plaintext password against the encrypted Password.
4331<  *
4332<  * Maintains compatibility between old version and the new cookie authentication
4333<  * protocol using PHPass library. The $hash parameter is the encrypted password
4334<  * and the function compares the plain text password when encrypted similarly
4335<  * against the already encrypted password to see if they match.
4336<  *
4337<  * For integration with other applications, this function can be overwritten to
4338<  * instead use the other package password checking algorithm.
4339<  *
4340<  * @since 2.5
4341<  * @global object $wp_hasher PHPass object used for checking the password
4342<  *    against the $hash + $password
4343<  * @uses PasswordHash::CheckPassword
4344<  *
4345<  * @param string $password Plaintext user's password
4346<  * @param string $hash Hash of the user's password to check against.
4347<  * @return bool False, if the $password does not match the hashed password
4348<  */
4349< function wp_check_password($password, $hash, $user_id = '') {
4350<       global $wp_hasher;
4351<
4352<       // If the hash is still md5...
4353<       if ( strlen($hash) <= 32 ) {
4354<               $check = ( $hash == md5($password) );
4355<               if ( $check && $user_id ) {
4356<                       // Rehash using new hash.
4357<                       wp_set_password($password, $user_id);
4358<                       $hash = wp_hash_password($password);
4359<               }
4360<
4361<               return apply_filters('check_password', $check, $password, $hash, $user_id);
4362<       }
4363<
4364<       // If the stored hash is longer than an MD5, presume the
4365<       // new style phpass portable hash.
4366<       if ( empty($wp_hasher) ) {
4367<               require_once( ABSPATH . 'wp-includes/class-phpass.php');
4368<               // By default, use the portable hash from phpass
4369<               $wp_hasher = new PasswordHash(8, TRUE);
4370<       }
4371<
4372<       $check = $wp_hasher->CheckPassword($password, $hash);
4373<
4374<       return apply_filters('check_password', $check, $password, $hash, $user_id);
4375< }
4376< endif;
4377<
4378< if ( !function_exists('wp_generate_password') ) :
4379< /**
4380<  * Generates a random password drawn from the defined set of characters.
4381<  *
4382<  * @since 2.5
4383<  *
4384<  * @param int $length The length of password to generate
4385<  * @param bool $special_chars Whether to include standard special characters. Default true.
4386<  * @param bool $extra_special_chars Whether to include other special characters. Used when
4387<  *   generating secret keys and salts. Default false.
4388<  * @return string The random password
4389<  **/
4390< function wp_generate_password( $length = 12, $special_chars = true, $extra_special_chars = false ) {
4391<       $chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
4392<       if ( $special_chars )
4393<               $chars .= '!@#$%^&*()';
4394<       if ( $extra_special_chars )
4395<               $chars .= '-_ []{}<>~`+=,.;:/?|';
4396<
4397<       $password = '';
4398<       for ( $i = 0; $i < $length; $i++ ) {
4399<               $password .= substr($chars, wp_rand(0, strlen($chars) - 1), 1);
4400<       }
4401<
4402<       // random_password filter was previously in random_password function which was deprecated
4403<       return apply_filters('random_password', $password);
4404< }
4405< endif;
4406<
4407< if ( !function_exists('wp_rand') ) :
4408<  /**
4409<  * Generates a random number
4410<  *
4411<  * @since 2.6.2
4412<  *
4413<  * @param int $min Lower limit for the generated number (optional, default is 0)
4414<  * @param int $max Upper limit for the generated number (optional, default is 4294967295)
4415<  * @return int A random number between min and max
4416<  */
4417< function wp_rand( $min = 0, $max = 0 ) {
4418<       global $rnd_value;
4419<
4420<       // Reset $rnd_value after 14 uses
4421<       // 32(md5) + 40(sha1) + 40(sha1) / 8 = 14 random numbers from $rnd_value
4422<       if ( strlen($rnd_value) < 8 ) {
4423<               if ( defined( 'WP_SETUP_CONFIG' ) )
4424<                       static $seed = '';
4425<               else
4426<                       $seed = get_transient('random_seed');
4427<               $rnd_value = md5( uniqid(microtime() . mt_rand(), true ) . $seed );
4428<               $rnd_value .= sha1($rnd_value);
4429<               $rnd_value .= sha1($rnd_value . $seed);
4430<               $seed = md5($seed . $rnd_value);
4431<               if ( ! defined( 'WP_SETUP_CONFIG' ) )
4432<                       set_transient('random_seed', $seed);
4433<       }
4434<
4435<       // Take the first 8 digits for our value
4436<       $value = substr($rnd_value, 0, 8);
4437<
4438<       // Strip the first eight, leaving the remainder for the next call to wp_rand().
4439<       $rnd_value = substr($rnd_value, 8);
4440<
4441<       $value = abs(hexdec($value));
4442<
4443<       // Reduce the value to be within the min - max range
4444<       // 4294967295 = 0xffffffff = max random number
4445<       if ( $max != 0 )
4446<               $value = $min + (($max - $min + 1) * ($value / (4294967295 + 1)));
4447<
4448<       return abs(intval($value));
4449< }
4450< endif;
4451<
4452< if ( !function_exists('wp_set_password') ) :
4453< /**
4454<  * Updates the user's password with a new encrypted one.
4455<  *
4456<  * For integration with other applications, this function can be overwritten to
4457<  * instead use the other package password checking algorithm.
4458<  *
4459<  * @since 2.5
4460<  * @uses $wpdb WordPress database object for queries
4461<  * @uses wp_hash_password() Used to encrypt the user's password before passing to the database
4462<  *
4463<  * @param string $password The plaintext new user password
4464<  * @param int $user_id User ID
4465<  */
4466< function wp_set_password( $password, $user_id ) {
4467<       global $wpdb;
4468<
4469<       $hash = wp_hash_password($password);
4470<       $wpdb->update($wpdb->users, array('user_pass' => $hash, 'user_activation_key' => ''), array('ID' => $user_id) );
4471<
4472<       wp_cache_delete($user_id, 'users');
4473< }
4474< endif;
4475<
4476< if ( !function_exists( 'get_avatar' ) ) :
4477< /**
4478<  * Retrieve the avatar for a user who provided a user ID or email address.
4479<  *
4480<  * @since 2.5
4481<  * @param int|string|object $id_or_email A user ID,  email address, or comment object
4482<  * @param int $size Size of the avatar image
4483<  * @param string $default URL to a default image to use if no avatar is available
4484<  * @param string $alt Alternate text to use in image tag. Defaults to blank
4485<  * @return string <img> tag for the user's avatar
4486< */
4487< function get_avatar( $id_or_email, $size = '96', $default = '', $alt = false ) {
4488<       if ( ! get_option('show_avatars') )
4489<               return false;
4490<
4491<       if ( false === $alt)
4492<               $safe_alt = '';
4493<       else
4494<               $safe_alt = esc_attr( $alt );
4495<
4496<       if ( !is_numeric($size) )
4497<               $size = '96';
4498<
4499<       $email = '';
4500<       if ( is_numeric($id_or_email) ) {
4501<               $id = (int) $id_or_email;
4502<               $user = get_userdata($id);
4503<               if ( $user )
4504<                       $email = $user->user_email;
4505<       } elseif ( is_object($id_or_email) ) {
4506<               // No avatar for pingbacks or trackbacks
4507<               $allowed_comment_types = apply_filters( 'get_avatar_comment_types', array( 'comment' ) );
4508<               if ( ! empty( $id_or_email->comment_type ) && ! in_array( $id_or_email->comment_type, (array) $allowed_comment_types ) )
4509<                       return false;
4510<
4511<               if ( !empty($id_or_email->user_id) ) {
4512<                       $id = (int) $id_or_email->user_id;
4513<                       $user = get_userdata($id);
4514<                       if ( $user)
4515<                               $email = $user->user_email;
4516<               } elseif ( !empty($id_or_email->comment_author_email) ) {
4517<                       $email = $id_or_email->comment_author_email;
4518<               }
4519<       } else {
4520<               $email = $id_or_email;
4521<       }
4522<
4523<       if ( empty($default) ) {
4524<               $avatar_default = get_option('avatar_default');
4525<               if ( empty($avatar_default) )
4526<                       $default = 'mystery';
4527<               else
4528<                       $default = $avatar_default;
4529<       }
4530<
4531<       if ( !empty($email) )
4532<               $email_hash = md5( strtolower( $email ) );
4533<
4534<       if ( is_ssl() ) {
4535<               $host = 'https://secure.gravatar.com';
4536<       } else {
4537<               if ( !empty($email) )
4538<                       $host = sprintf( "http://%d.gravatar.com", ( hexdec( $email_hash[0] ) % 2 ) );
4539<               else
4540<                       $host = 'http://0.gravatar.com';
4541<       }
4542<
4543<       if ( 'mystery' == $default )
4544<               $default = "$host/avatar/ad516503a11cd5ca435acc9bb6523536?s={$size}"; // ad516503a11cd5ca435acc9bb6523536 == md5('unknown@gravatar.com')
4545<       elseif ( 'blank' == $default )
4546<               $default = includes_url('images/blank.gif');
4547<       elseif ( !empty($email) && 'gravatar_default' == $default )
4548<               $default = '';
4549<       elseif ( 'gravatar_default' == $default )
4550<               $default = "$host/avatar/s={$size}";
4551<       elseif ( empty($email) )
4552<               $default = "$host/avatar/?d=$default&amp;s={$size}";
4553<       elseif ( strpos($default, 'http://') === 0 )
4554<               $default = add_query_arg( 's', $size, $default );
4555<
4556<       if ( !empty($email) ) {
4557<               $out = "$host/avatar/";
4558<               $out .= $email_hash;
4559<               $out .= '?s='.$size;
4560<               $out .= '&amp;d=' . urlencode( $default );
4561<
4562<               $rating = get_option('avatar_rating');
4563<               if ( !empty( $rating ) )
4564<                       $out .= "&amp;r={$rating}";
4565<
4566<               $avatar = "<img alt='{$safe_alt}' src='{$out}' class='avatar avatar-{$size} photo' height='{$size}' width='{$size}' />";
4567<       } else {
4568<               $avatar = "<img alt='{$safe_alt}' src='{$default}' class='avatar avatar-{$size} photo avatar-default' height='{$size}' width='{$size}' />";
4569<       }
4570<
4571<       return apply_filters('get_avatar', $avatar, $id_or_email, $size, $default, $alt);
4572< }
4573< endif;
4574<
4575< if ( !function_exists( 'wp_text_diff' ) ) :
4576< /**
4577<  * Displays a human readable HTML representation of the difference between two strings.
4578<  *
4579<  * The Diff is available for getting the changes between versions. The output is
4580<  * HTML, so the primary use is for displaying the changes. If the two strings
4581<  * are equivalent, then an empty string will be returned.
4582<  *
4583<  * The arguments supported and can be changed are listed below.
4584<  *
4585<  * 'title' : Default is an empty string. Titles the diff in a manner compatible
4586<  *            with the output.
4587<  * 'title_left' : Default is an empty string. Change the HTML to the left of the
4588<  *            title.
4589<  * 'title_right' : Default is an empty string. Change the HTML to the right of
4590<  *            the title.
4591<  *
4592<  * @since 2.6
4593<  * @see wp_parse_args() Used to change defaults to user defined settings.
4594<  * @uses Text_Diff
4595<  * @uses WP_Text_Diff_Renderer_Table
4596<  *
4597<  * @param string $left_string "old" (left) version of string
4598<  * @param string $right_string "new" (right) version of string
4599<  * @param string|array $args Optional. Change 'title', 'title_left', and 'title_right' defaults.
4600<  * @return string Empty string if strings are equivalent or HTML with differences.
4601<  */
4602< function wp_text_diff( $left_string, $right_string, $args = null ) {
4603<       $defaults = array( 'title' => '', 'title_left' => '', 'title_right' => '' );
4604<       $args = wp_parse_args( $args, $defaults );
4605<
4606<       if ( !class_exists( 'WP_Text_Diff_Renderer_Table' ) )
4607<               require( ABSPATH . WPINC . '/wp-diff.php' );
4608<
4609<       $left_string  = normalize_whitespace($left_string);
4610<       $right_string = normalize_whitespace($right_string);
4611<
4612<       $left_lines  = split("\n", $left_string);
4613<       $right_lines = split("\n", $right_string);
4614<
4615<       $text_diff = new Text_Diff($left_lines, $right_lines);
4616<       $renderer  = new WP_Text_Diff_Renderer_Table();
4617<       $diff = $renderer->render($text_diff);
4618<
4619<       if ( !$diff )
4620<               return '';
4621<
4622<       $r  = "<table class='diff'>\n";
4623<       $r .= "<col class='ltype' /><col class='content' /><col class='ltype' /><col class='content' />";
4624<
4625<       if ( $args['title'] || $args['title_left'] || $args['title_right'] )
4626<               $r .= "<thead>";
4627<       if ( $args['title'] )
4628<               $r .= "<tr class='diff-title'><th colspan='4'>$args[title]</th></tr>\n";
4629<       if ( $args['title_left'] || $args['title_right'] ) {
4630<               $r .= "<tr class='diff-sub-title'>\n";
4631<               $r .= "\t<td></td><th>$args[title_left]</th>\n";
4632<               $r .= "\t<td></td><th>$args[title_right]</th>\n";
4633<               $r .= "</tr>\n";
4634<       }
4635<       if ( $args['title'] || $args['title_left'] || $args['title_right'] )
4636<               $r .= "</thead>\n";
4637<
4638<       $r .= "<tbody>\n$diff\n</tbody>\n";
4639<       $r .= "</table>";
4640<
4641<       return $r;
4642< }
4643< endif;
4644---
4645> <?php
4646> /**
4647>  * These functions can be replaced via plugins. If plugins do not redefine these
4648>  * functions, then these will be used instead.
4649>  *
4650>  * @package WordPress
4651>  */
4652>
4653> if ( !function_exists('wp_set_current_user') ) :
4654> /**
4655>  * Changes the current user by ID or name.
4656>  *
4657>  * Set $id to null and specify a name if you do not know a user's ID.
4658>  *
4659>  * Some WordPress functionality is based on the current user and not based on
4660>  * the signed in user. Therefore, it opens the ability to edit and perform
4661>  * actions on users who aren't signed in.
4662>  *
4663>  * @since 2.0.3
4664>  * @global object $current_user The current user object which holds the user data.
4665>  * @uses do_action() Calls 'set_current_user' hook after setting the current user.
4666>  *
4667>  * @param int $id User ID
4668>  * @param string $name User's username
4669>  * @return WP_User Current user User object
4670>  */
4671> function wp_set_current_user($id, $name = '') {
4672>       global $current_user;
4673>
4674>       if ( isset($current_user) && ($id == $current_user->ID) )
4675>               return $current_user;
4676>
4677>       $current_user = new WP_User($id, $name);
4678>
4679>       setup_userdata($current_user->ID);
4680>
4681>       do_action('set_current_user');
4682>
4683>       return $current_user;
4684> }
4685> endif;
4686>
4687> if ( !function_exists('wp_get_current_user') ) :
4688> /**
4689>  * Retrieve the current user object.
4690>  *
4691>  * @since 2.0.3
4692>  *
4693>  * @return WP_User Current user WP_User object
4694>  */
4695> function wp_get_current_user() {
4696>       global $current_user;
4697>
4698>       get_currentuserinfo();
4699>
4700>       return $current_user;
4701> }
4702> endif;
4703>
4704> if ( !function_exists('get_currentuserinfo') ) :
4705> /**
4706>  * Populate global variables with information about the currently logged in user.
4707>  *
4708>  * Will set the current user, if the current user is not set. The current user
4709>  * will be set to the logged in person. If no user is logged in, then it will
4710>  * set the current user to 0, which is invalid and won't have any permissions.
4711>  *
4712>  * @since 0.71
4713>  * @uses $current_user Checks if the current user is set
4714>  * @uses wp_validate_auth_cookie() Retrieves current logged in user.
4715>  *
4716>  * @return bool|null False on XMLRPC Request and invalid auth cookie. Null when current user set
4717>  */
4718> function get_currentuserinfo() {
4719>       global $current_user;
4720>
4721>       if ( defined('XMLRPC_REQUEST') && XMLRPC_REQUEST )
4722>               return false;
4723>
4724>       if ( ! empty($current_user) )
4725>               return;
4726>
4727>       if ( ! $user = wp_validate_auth_cookie() ) {
4728>                if ( is_blog_admin() || is_network_admin() || empty($_COOKIE[LOGGED_IN_COOKIE]) || !$user = wp_validate_auth_cookie($_COOKIE[LOGGED_IN_COOKIE], 'logged_in') ) {
4729>                       wp_set_current_user(0);
4730>                       return false;
4731>                }
4732>       }
4733>
4734>       wp_set_current_user($user);
4735> }
4736> endif;
4737>
4738> if ( !function_exists('get_userdata') ) :
4739> /**
4740>  * Retrieve user info by user ID.
4741>  *
4742>  * @since 0.71
4743>  *
4744>  * @param int $user_id User ID
4745>  * @return bool|object False on failure, WP_User object on success
4746>  */
4747> function get_userdata( $user_id ) {
4748>       return get_user_by( 'id', $user_id );
4749> }
4750> endif;
4751>
4752> if ( !function_exists('get_user_by') ) :
4753> /**
4754>  * Retrieve user info by a given field
4755>  *
4756>  * @since 2.8.0
4757>  *
4758>  * @param string $field The field to retrieve the user with.  id | slug | email | login
4759>  * @param int|string $value A value for $field.  A user ID, slug, email address, or login name.
4760>  * @return bool|object False on failure, WP_User object on success
4761>  */
4762> function get_user_by( $field, $value ) {
4763>       $userdata = WP_User::get_data_by( $field, $value );
4764>
4765>       if ( !$userdata )
4766>               return false;
4767>
4768>       $user = new WP_User;
4769>       $user->init( $userdata );
4770>
4771>       return $user;
4772> }
4773> endif;
4774>
4775> if ( !function_exists('cache_users') ) :
4776> /**
4777>  * Retrieve info for user lists to prevent multiple queries by get_userdata()
4778>  *
4779>  * @since 3.0.0
4780>  *
4781>  * @param array $user_ids User ID numbers list
4782>  */
4783> function cache_users( $user_ids ) {
4784>       global $wpdb;
4785>
4786>       $clean = array();
4787>       foreach ( $user_ids as $id ) {
4788>               $id = (int) $id;
4789>               if ( !wp_cache_get( $id, 'users' ) ) {
4790>                       $clean[] = $id;
4791>               }
4792>       }
4793>
4794>       if ( empty( $clean ) )
4795>               return;
4796>
4797>       $list = implode( ',', $clean );
4798>
4799>       $users = $wpdb->get_results( "SELECT * FROM $wpdb->users WHERE ID IN ($list)" );
4800>
4801>       $ids = array();
4802>       foreach ( $users as $user ) {
4803>               update_user_caches( $user );
4804>               $ids[] = $user->ID;
4805>       }
4806>       update_meta_cache( 'user', $ids );
4807> }
4808> endif;
4809>
4810> if ( !function_exists( 'wp_mail' ) ) :
4811> /**
4812>  * Send mail, similar to PHP's mail
4813>  *
4814>  * A true return value does not automatically mean that the user received the
4815>  * email successfully. It just only means that the method used was able to
4816>  * process the request without any errors.
4817>  *
4818>  * Using the two 'wp_mail_from' and 'wp_mail_from_name' hooks allow from
4819>  * creating a from address like 'Name <email@address.com>' when both are set. If
4820>  * just 'wp_mail_from' is set, then just the email address will be used with no
4821>  * name.
4822>  *
4823>  * The default content type is 'text/plain' which does not allow using HTML.
4824>  * However, you can set the content type of the email by using the
4825>  * 'wp_mail_content_type' filter.
4826>  *
4827>  * The default charset is based on the charset used on the blog. The charset can
4828>  * be set using the 'wp_mail_charset' filter.
4829>  *
4830>  * @since 1.2.1
4831>  * @uses apply_filters() Calls 'wp_mail' hook on an array of all of the parameters.
4832>  * @uses apply_filters() Calls 'wp_mail_from' hook to get the from email address.
4833>  * @uses apply_filters() Calls 'wp_mail_from_name' hook to get the from address name.
4834>  * @uses apply_filters() Calls 'wp_mail_content_type' hook to get the email content type.
4835>  * @uses apply_filters() Calls 'wp_mail_charset' hook to get the email charset
4836>  * @uses do_action_ref_array() Calls 'phpmailer_init' hook on the reference to
4837>  *            phpmailer object.
4838>  * @uses PHPMailer
4839>  *
4840>  * @param string|array $to Array or comma-separated list of email addresses to send message.
4841>  * @param string $subject Email subject
4842>  * @param string $message Message contents
4843>  * @param string|array $headers Optional. Additional headers.
4844>  * @param string|array $attachments Optional. Files to attach.
4845>  * @return bool Whether the email contents were sent successfully.
4846>  */
4847> function wp_mail( $to, $subject, $message, $headers = '', $attachments = array() ) {
4848>       // Compact the input, apply the filters, and extract them back out
4849>       extract( apply_filters( 'wp_mail', compact( 'to', 'subject', 'message', 'headers', 'attachments' ) ) );
4850>
4851>       if ( !is_array($attachments) )
4852>               $attachments = explode( "\n", str_replace( "\r\n", "\n", $attachments ) );
4853>
4854>       global $phpmailer;
4855>
4856>       // (Re)create it, if it's gone missing
4857>       if ( !is_object( $phpmailer ) || !is_a( $phpmailer, 'PHPMailer' ) ) {
4858>               require_once ABSPATH . WPINC . '/class-phpmailer.php';
4859>               require_once ABSPATH . WPINC . '/class-smtp.php';
4860>               $phpmailer = new PHPMailer( true );
4861>       }
4862>
4863>       // Headers
4864>       if ( empty( $headers ) ) {
4865>               $headers = array();
4866>       } else {
4867>               if ( !is_array( $headers ) ) {
4868>                       // Explode the headers out, so this function can take both
4869>                       // string headers and an array of headers.
4870>                       $tempheaders = explode( "\n", str_replace( "\r\n", "\n", $headers ) );
4871>               } else {
4872>                       $tempheaders = $headers;
4873>               }
4874>               $headers = array();
4875>               $cc = array();
4876>               $bcc = array();
4877>
4878>               // If it's actually got contents
4879>               if ( !empty( $tempheaders ) ) {
4880>                       // Iterate through the raw headers
4881>                       foreach ( (array) $tempheaders as $header ) {
4882>                               if ( strpos($header, ':') === false ) {
4883>                                       if ( false !== stripos( $header, 'boundary=' ) ) {
4884>                                               $parts = preg_split('/boundary=/i', trim( $header ) );
4885>                                               $boundary = trim( str_replace( array( "'", '"' ), '', $parts[1] ) );
4886>                                       }
4887>                                       continue;
4888>                               }
4889>                               // Explode them out
4890>                               list( $name, $content ) = explode( ':', trim( $header ), 2 );
4891>
4892>                               // Cleanup crew
4893>                               $name    = trim( $name    );
4894>                               $content = trim( $content );
4895>
4896>                               switch ( strtolower( $name ) ) {
4897>                                       // Mainly for legacy -- process a From: header if it's there
4898>                                       case 'from':
4899>                                               if ( strpos($content, '<' ) !== false ) {
4900>                                                       // So... making my life hard again?
4901>                                                       $from_name = substr( $content, 0, strpos( $content, '<' ) - 1 );
4902>                                                       $from_name = str_replace( '"', '', $from_name );
4903>                                                       $from_name = trim( $from_name );
4904>
4905>                                                       $from_email = substr( $content, strpos( $content, '<' ) + 1 );
4906>                                                       $from_email = str_replace( '>', '', $from_email );
4907>                                                       $from_email = trim( $from_email );
4908>                                               } else {
4909>                                                       $from_email = trim( $content );
4910>                                               }
4911>                                               break;
4912>                                       case 'content-type':
4913>                                               if ( strpos( $content, ';' ) !== false ) {
4914>                                                       list( $type, $charset ) = explode( ';', $content );
4915>                                                       $content_type = trim( $type );
4916>                                                       if ( false !== stripos( $charset, 'charset=' ) ) {
4917>                                                               $charset = trim( str_replace( array( 'charset=', '"' ), '', $charset ) );
4918>                                                       } elseif ( false !== stripos( $charset, 'boundary=' ) ) {
4919>                                                               $boundary = trim( str_replace( array( 'BOUNDARY=', 'boundary=', '"' ), '', $charset ) );
4920>                                                               $charset = '';
4921>                                                       }
4922>                                               } else {
4923>                                                       $content_type = trim( $content );
4924>                                               }
4925>                                               break;
4926>                                       case 'cc':
4927>                                               $cc = array_merge( (array) $cc, explode( ',', $content ) );
4928>                                               break;
4929>                                       case 'bcc':
4930>                                               $bcc = array_merge( (array) $bcc, explode( ',', $content ) );
4931>                                               break;
4932>                                       default:
4933>                                               // Add it to our grand headers array
4934>                                               $headers[trim( $name )] = trim( $content );
4935>                                               break;
4936>                               }
4937>                       }
4938>               }
4939>       }
4940>
4941>       // Empty out the values that may be set
4942>       $phpmailer->ClearAddresses();
4943>       $phpmailer->ClearAllRecipients();
4944>       $phpmailer->ClearAttachments();
4945>       $phpmailer->ClearBCCs();
4946>       $phpmailer->ClearCCs();
4947>       $phpmailer->ClearCustomHeaders();
4948>       $phpmailer->ClearReplyTos();
4949>
4950>       // From email and name
4951>       // If we don't have a name from the input headers
4952>       if ( !isset( $from_name ) )
4953>               $from_name = 'WordPress';
4954>
4955>       /* If we don't have an email from the input headers default to wordpress@$sitename
4956>        * Some hosts will block outgoing mail from this address if it doesn't exist but
4957>        * there's no easy alternative. Defaulting to admin_email might appear to be another
4958>        * option but some hosts may refuse to relay mail from an unknown domain. See
4959>        * http://trac.wordpress.org/ticket/5007.
4960>        */
4961>
4962>       if ( !isset( $from_email ) ) {
4963>               // Get the site domain and get rid of www.
4964>               $sitename = strtolower( $_SERVER['SERVER_NAME'] );
4965>               if ( substr( $sitename, 0, 4 ) == 'www.' ) {
4966>                       $sitename = substr( $sitename, 4 );
4967>               }
4968>
4969>               $from_email = 'wordpress@' . $sitename;
4970>       }
4971>
4972>       // Plugin authors can override the potentially troublesome default
4973>       $phpmailer->From     = apply_filters( 'wp_mail_from'     , $from_email );
4974>       $phpmailer->FromName = apply_filters( 'wp_mail_from_name', $from_name  );
4975>
4976>       // Set destination addresses
4977>       if ( !is_array( $to ) )
4978>               $to = explode( ',', $to );
4979>
4980>       foreach ( (array) $to as $recipient ) {
4981>               try {
4982>                       // Break $recipient into name and address parts if in the format "Foo <bar@baz.com>"
4983>                       $recipient_name = '';
4984>                       if( preg_match( '/(.*)<(.+)>/', $recipient, $matches ) ) {
4985>                               if ( count( $matches ) == 3 ) {
4986>                                       $recipient_name = $matches[1];
4987>                                       $recipient = $matches[2];
4988>                               }
4989>                       }
4990>                       $phpmailer->AddAddress( $recipient, $recipient_name);
4991>               } catch ( phpmailerException $e ) {
4992>                       continue;
4993>               }
4994>       }
4995>
4996>       // Set mail's subject and body
4997>       $phpmailer->Subject = $subject;
4998>       $phpmailer->Body    = $message;
4999>
5000>       // Add any CC and BCC recipients
5001>       if ( !empty( $cc ) ) {
5002>               foreach ( (array) $cc as $recipient ) {
5003>                       try {
5004>                               // Break $recipient into name and address parts if in the format "Foo <bar@baz.com>"
5005>                               $recipient_name = '';
5006>                               if( preg_match( '/(.*)<(.+)>/', $recipient, $matches ) ) {
5007>                                       if ( count( $matches ) == 3 ) {
5008>                                               $recipient_name = $matches[1];
5009>                                               $recipient = $matches[2];
5010>                                       }
5011>                               }
5012>                               $phpmailer->AddCc( $recipient, $recipient_name );
5013>                       } catch ( phpmailerException $e ) {
5014>                               continue;
5015>                       }
5016>               }
5017>       }
5018>
5019>       if ( !empty( $bcc ) ) {
5020>               foreach ( (array) $bcc as $recipient) {
5021>                       try {
5022>                               // Break $recipient into name and address parts if in the format "Foo <bar@baz.com>"
5023>                               $recipient_name = '';
5024>                               if( preg_match( '/(.*)<(.+)>/', $recipient, $matches ) ) {
5025>                                       if ( count( $matches ) == 3 ) {
5026>                                               $recipient_name = $matches[1];
5027>                                               $recipient = $matches[2];
5028>                                       }
5029>                               }
5030>                               $phpmailer->AddBcc( $recipient, $recipient_name );
5031>                       } catch ( phpmailerException $e ) {
5032>                               continue;
5033>                       }
5034>               }
5035>       }
5036>
5037>       // Set to use PHP's mail()
5038>       $phpmailer->IsMail();
5039>
5040>       // Set Content-Type and charset
5041>       // If we don't have a content-type from the input headers
5042>       if ( !isset( $content_type ) )
5043>               $content_type = 'text/plain';
5044>
5045>       $content_type = apply_filters( 'wp_mail_content_type', $content_type );
5046>
5047>       $phpmailer->ContentType = $content_type;
5048>
5049>       // Set whether it's plaintext, depending on $content_type
5050>       if ( 'text/html' == $content_type )
5051>               $phpmailer->IsHTML( true );
5052>
5053>       // If we don't have a charset from the input headers
5054>       if ( !isset( $charset ) )
5055>               $charset = get_bloginfo( 'charset' );
5056>
5057>       // Set the content-type and charset
5058>       $phpmailer->CharSet = apply_filters( 'wp_mail_charset', $charset );
5059>
5060>       // Set custom headers
5061>       if ( !empty( $headers ) ) {
5062>               foreach( (array) $headers as $name => $content ) {
5063>                       $phpmailer->AddCustomHeader( sprintf( '%1$s: %2$s', $name, $content ) );
5064>               }
5065>
5066>               if ( false !== stripos( $content_type, 'multipart' ) && ! empty($boundary) )
5067>                       $phpmailer->AddCustomHeader( sprintf( "Content-Type: %s;\n\t boundary=\"%s\"", $content_type, $boundary ) );
5068>       }
5069>
5070>       if ( !empty( $attachments ) ) {
5071>               foreach ( $attachments as $attachment ) {
5072>                       try {
5073>                               $phpmailer->AddAttachment($attachment);
5074>                       } catch ( phpmailerException $e ) {
5075>                               continue;
5076>                       }
5077>               }
5078>       }
5079>
5080>       do_action_ref_array( 'phpmailer_init', array( &$phpmailer ) );
5081>
5082>       // Send!
5083>       try {
5084>               $phpmailer->Send();
5085>       } catch ( phpmailerException $e ) {
5086>               return false;
5087>       }
5088>
5089>       return true;
5090> }
5091> endif;
5092>
5093> if ( !function_exists('wp_authenticate') ) :
5094> /**
5095>  * Checks a user's login information and logs them in if it checks out.
5096>  *
5097>  * @since 2.5.0
5098>  *
5099>  * @param string $username User's username
5100>  * @param string $password User's password
5101>  * @return WP_Error|WP_User WP_User object if login successful, otherwise WP_Error object.
5102>  */
5103> function wp_authenticate($username, $password) {
5104>       $username = sanitize_user($username);
5105>       $password = trim($password);
5106>
5107>       $user = apply_filters('authenticate', null, $username, $password);
5108>
5109>       if ( $user == null ) {
5110>               // TODO what should the error message be? (Or would these even happen?)
5111>               // Only needed if all authentication handlers fail to return anything.
5112>               $user = new WP_Error('authentication_failed', __('<strong>ERROR</strong>: Invalid username or incorrect password.'));
5113>       }
5114>
5115>       $ignore_codes = array('empty_username', 'empty_password');
5116>
5117>       if (is_wp_error($user) && !in_array($user->get_error_code(), $ignore_codes) ) {
5118>               do_action('wp_login_failed', $username);
5119>       }
5120>
5121>       return $user;
5122> }
5123> endif;
5124>
5125> if ( !function_exists('wp_logout') ) :
5126> /**
5127>  * Log the current user out.
5128>  *
5129>  * @since 2.5.0
5130>  */
5131> function wp_logout() {
5132>       wp_clear_auth_cookie();
5133>       do_action('wp_logout');
5134> }
5135> endif;
5136>
5137> if ( !function_exists('wp_validate_auth_cookie') ) :
5138> /**
5139>  * Validates authentication cookie.
5140>  *
5141>  * The checks include making sure that the authentication cookie is set and
5142>  * pulling in the contents (if $cookie is not used).
5143>  *
5144>  * Makes sure the cookie is not expired. Verifies the hash in cookie is what is
5145>  * should be and compares the two.
5146>  *
5147>  * @since 2.5
5148>  *
5149>  * @param string $cookie Optional. If used, will validate contents instead of cookie's
5150>  * @param string $scheme Optional. The cookie scheme to use: auth, secure_auth, or logged_in
5151>  * @return bool|int False if invalid cookie, User ID if valid.
5152>  */
5153> function wp_validate_auth_cookie($cookie = '', $scheme = '') {
5154>       if ( ! $cookie_elements = wp_parse_auth_cookie($cookie, $scheme) ) {
5155>               do_action('auth_cookie_malformed', $cookie, $scheme);
5156>               return false;
5157>       }
5158>
5159>       extract($cookie_elements, EXTR_OVERWRITE);
5160>
5161>       $expired = $expiration;
5162>
5163>       // Allow a grace period for POST and AJAX requests
5164>       if ( defined('DOING_AJAX') || 'POST' == $_SERVER['REQUEST_METHOD'] )
5165>               $expired += 3600;
5166>
5167>       // Quick check to see if an honest cookie has expired
5168>       if ( $expired < time() ) {
5169>               do_action('auth_cookie_expired', $cookie_elements);
5170>               return false;
5171>       }
5172>
5173>       $user = get_user_by('login', $username);
5174>       if ( ! $user ) {
5175>               do_action('auth_cookie_bad_username', $cookie_elements);
5176>               return false;
5177>       }
5178>
5179>       $pass_frag = substr($user->user_pass, 8, 4);
5180>
5181>       $key = wp_hash($username . $pass_frag . '|' . $expiration, $scheme);
5182>       $hash = hash_hmac('md5', $username . '|' . $expiration, $key);
5183>
5184>       if ( $hmac != $hash ) {
5185>               do_action('auth_cookie_bad_hash', $cookie_elements);
5186>               return false;
5187>       }
5188>
5189>       if ( $expiration < time() ) // AJAX/POST grace period set above
5190>               $GLOBALS['login_grace_period'] = 1;
5191>
5192>       do_action('auth_cookie_valid', $cookie_elements, $user);
5193>
5194>       return $user->ID;
5195> }
5196> endif;
5197>
5198> if ( !function_exists('wp_generate_auth_cookie') ) :
5199> /**
5200>  * Generate authentication cookie contents.
5201>  *
5202>  * @since 2.5
5203>  * @uses apply_filters() Calls 'auth_cookie' hook on $cookie contents, User ID
5204>  *            and expiration of cookie.
5205>  *
5206>  * @param int $user_id User ID
5207>  * @param int $expiration Cookie expiration in seconds
5208>  * @param string $scheme Optional. The cookie scheme to use: auth, secure_auth, or logged_in
5209>  * @return string Authentication cookie contents
5210>  */
5211> function wp_generate_auth_cookie($user_id, $expiration, $scheme = 'auth') {
5212>       $user = get_userdata($user_id);
5213>
5214>       $pass_frag = substr($user->user_pass, 8, 4);
5215>
5216>       $key = wp_hash($user->user_login . $pass_frag . '|' . $expiration, $scheme);
5217>       $hash = hash_hmac('md5', $user->user_login . '|' . $expiration, $key);
5218>
5219>       $cookie = $user->user_login . '|' . $expiration . '|' . $hash;
5220>
5221>       return apply_filters('auth_cookie', $cookie, $user_id, $expiration, $scheme);
5222> }
5223> endif;
5224>
5225> if ( !function_exists('wp_parse_auth_cookie') ) :
5226> /**
5227>  * Parse a cookie into its components
5228>  *
5229>  * @since 2.7
5230>  *
5231>  * @param string $cookie
5232>  * @param string $scheme Optional. The cookie scheme to use: auth, secure_auth, or logged_in
5233>  * @return array Authentication cookie components
5234>  */
5235> function wp_parse_auth_cookie($cookie = '', $scheme = '') {
5236>       if ( empty($cookie) ) {
5237>               switch ($scheme){
5238>                       case 'auth':
5239>                               $cookie_name = AUTH_COOKIE;
5240>                               break;
5241>                       case 'secure_auth':
5242>                               $cookie_name = SECURE_AUTH_COOKIE;
5243>                               break;
5244>                       case "logged_in":
5245>                               $cookie_name = LOGGED_IN_COOKIE;
5246>                               break;
5247>                       default:
5248>                               if ( is_ssl() ) {
5249>                                       $cookie_name = SECURE_AUTH_COOKIE;
5250>                                       $scheme = 'secure_auth';
5251>                               } else {
5252>                                       $cookie_name = AUTH_COOKIE;
5253>                                       $scheme = 'auth';
5254>                               }
5255>           }
5256>
5257>               if ( empty($_COOKIE[$cookie_name]) )
5258>                       return false;
5259>               $cookie = $_COOKIE[$cookie_name];
5260>       }
5261>
5262>       $cookie_elements = explode('|', $cookie);
5263>       if ( count($cookie_elements) != 3 )
5264>               return false;
5265>
5266>       list($username, $expiration, $hmac) = $cookie_elements;
5267>
5268>       return compact('username', 'expiration', 'hmac', 'scheme');
5269> }
5270> endif;
5271>
5272> if ( !function_exists('wp_set_auth_cookie') ) :
5273> /**
5274>  * Sets the authentication cookies based User ID.
5275>  *
5276>  * The $remember parameter increases the time that the cookie will be kept. The
5277>  * default the cookie is kept without remembering is two days. When $remember is
5278>  * set, the cookies will be kept for 14 days or two weeks.
5279>  *
5280>  * @since 2.5
5281>  *
5282>  * @param int $user_id User ID
5283>  * @param bool $remember Whether to remember the user
5284>  */
5285> function wp_set_auth_cookie($user_id, $remember = false, $secure = '') {
5286>       if ( $remember ) {
5287>               $expiration = $expire = time() + apply_filters('auth_cookie_expiration', 1209600, $user_id, $remember);
5288>       } else {
5289>               $expiration = time() + apply_filters('auth_cookie_expiration', 172800, $user_id, $remember);
5290>               $expire = 0;
5291>       }
5292>
5293>       if ( '' === $secure )
5294>               $secure = is_ssl();
5295>
5296>       $secure = apply_filters('secure_auth_cookie', $secure, $user_id);
5297>       $secure_logged_in_cookie = apply_filters('secure_logged_in_cookie', false, $user_id, $secure);
5298>
5299>       if ( $secure ) {
5300>               $auth_cookie_name = SECURE_AUTH_COOKIE;
5301>               $scheme = 'secure_auth';
5302>       } else {
5303>               $auth_cookie_name = AUTH_COOKIE;
5304>               $scheme = 'auth';
5305>       }
5306>
5307>       $auth_cookie = wp_generate_auth_cookie($user_id, $expiration, $scheme);
5308>       $logged_in_cookie = wp_generate_auth_cookie($user_id, $expiration, 'logged_in');
5309>
5310>       do_action('set_auth_cookie', $auth_cookie, $expire, $expiration, $user_id, $scheme);
5311>       do_action('set_logged_in_cookie', $logged_in_cookie, $expire, $expiration, $user_id, 'logged_in');
5312>
5313>       setcookie($auth_cookie_name, $auth_cookie, $expire, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN, $secure, true);
5314>       setcookie($auth_cookie_name, $auth_cookie, $expire, ADMIN_COOKIE_PATH, COOKIE_DOMAIN, $secure, true);
5315>       setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, COOKIEPATH, COOKIE_DOMAIN, $secure_logged_in_cookie, true);
5316>       if ( COOKIEPATH != SITECOOKIEPATH )
5317>               setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, SITECOOKIEPATH, COOKIE_DOMAIN, $secure_logged_in_cookie, true);
5318> }
5319> endif;
5320>
5321> if ( !function_exists('wp_clear_auth_cookie') ) :
5322> /**
5323>  * Removes all of the cookies associated with authentication.
5324>  *
5325>  * @since 2.5
5326>  */
5327> function wp_clear_auth_cookie() {
5328>       do_action('clear_auth_cookie');
5329>
5330>       setcookie(AUTH_COOKIE, ' ', time() - 31536000, ADMIN_COOKIE_PATH, COOKIE_DOMAIN);
5331>       setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, ADMIN_COOKIE_PATH, COOKIE_DOMAIN);
5332>       setcookie(AUTH_COOKIE, ' ', time() - 31536000, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN);
5333>       setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN);
5334>       setcookie(LOGGED_IN_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
5335>       setcookie(LOGGED_IN_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
5336>
5337>       // Old cookies
5338>       setcookie(AUTH_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
5339>       setcookie(AUTH_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
5340>       setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
5341>       setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
5342>
5343>       // Even older cookies
5344>       setcookie(USER_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
5345>       setcookie(PASS_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
5346>       setcookie(USER_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
5347>       setcookie(PASS_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
5348> }
5349> endif;
5350>
5351> if ( !function_exists('is_user_logged_in') ) :
5352> /**
5353>  * Checks if the current visitor is a logged in user.
5354>  *
5355>  * @since 2.0.0
5356>  *
5357>  * @return bool True if user is logged in, false if not logged in.
5358>  */
5359> function is_user_logged_in() {
5360>       $user = wp_get_current_user();
5361>
5362>       if ( empty( $user->ID ) )
5363>               return false;
5364>
5365>       return true;
5366> }
5367> endif;
5368>
5369> if ( !function_exists('auth_redirect') ) :
5370> /**
5371>  * Checks if a user is logged in, if not it redirects them to the login page.
5372>  *
5373>  * @since 1.5
5374>  */
5375> function auth_redirect() {
5376>       // Checks if a user is logged in, if not redirects them to the login page
5377>
5378>       $secure = ( is_ssl() || force_ssl_admin() );
5379>
5380>       $secure = apply_filters('secure_auth_redirect', $secure);
5381>
5382>       // If https is required and request is http, redirect
5383>       if ( $secure && !is_ssl() && false !== strpos($_SERVER['REQUEST_URI'], 'wp-admin') ) {
5384>               if ( 0 === strpos($_SERVER['REQUEST_URI'], 'http') ) {
5385>                       wp_redirect(preg_replace('|^http://|', 'https://', $_SERVER['REQUEST_URI']));
5386>                       exit();
5387>               } else {
5388>                       wp_redirect('https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
5389>                       exit();
5390>               }
5391>       }
5392>
5393>       if ( is_user_admin() )
5394>               $scheme = 'logged_in';
5395>       else
5396>               $scheme = apply_filters( 'auth_redirect_scheme', '' );
5397>
5398>       if ( $user_id = wp_validate_auth_cookie( '',  $scheme) ) {
5399>               do_action('auth_redirect', $user_id);
5400>
5401>               // If the user wants ssl but the session is not ssl, redirect.
5402>               if ( !$secure && get_user_option('use_ssl', $user_id) && false !== strpos($_SERVER['REQUEST_URI'], 'wp-admin') ) {
5403>                       if ( 0 === strpos($_SERVER['REQUEST_URI'], 'http') ) {
5404>                               wp_redirect(preg_replace('|^http://|', 'https://', $_SERVER['REQUEST_URI']));
5405>                               exit();
5406>                       } else {
5407>                               wp_redirect('https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
5408>                               exit();
5409>                       }
5410>               }
5411>
5412>               return;  // The cookie is good so we're done
5413>       }
5414>
5415>       // The cookie is no good so force login
5416>       nocache_headers();
5417>
5418>       if ( is_ssl() )
5419>               $proto = 'https://';
5420>       else
5421>               $proto = 'http://';
5422>
5423>       $redirect = ( strpos($_SERVER['REQUEST_URI'], '/options.php') && wp_get_referer() ) ? wp_get_referer() : $proto . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
5424>
5425>       $login_url = wp_login_url($redirect, true);
5426>
5427>       wp_redirect($login_url);
5428>       exit();
5429> }
5430> endif;
5431>
5432> if ( !function_exists('check_admin_referer') ) :
5433> /**
5434>  * Makes sure that a user was referred from another admin page.
5435>  *
5436>  * To avoid security exploits.
5437>  *
5438>  * @since 1.2.0
5439>  * @uses do_action() Calls 'check_admin_referer' on $action.
5440>  *
5441>  * @param string $action Action nonce
5442>  * @param string $query_arg where to look for nonce in $_REQUEST (since 2.5)
5443>  */
5444> function check_admin_referer($action = -1, $query_arg = '_wpnonce') {
5445>       if ( -1 == $action )
5446>               _doing_it_wrong( __FUNCTION__, __( 'You should specify a nonce action to be verified by using the first parameter.' ), '3.2' );
5447>
5448>       $adminurl = strtolower(admin_url());
5449>       $referer = strtolower(wp_get_referer());
5450>       $result = isset($_REQUEST[$query_arg]) ? wp_verify_nonce($_REQUEST[$query_arg], $action) : false;
5451>       if ( !$result && !(-1 == $action && strpos($referer, $adminurl) === 0) ) {
5452>               wp_nonce_ays($action);
5453>               die();
5454>       }
5455>       do_action('check_admin_referer', $action, $result);
5456>       return $result;
5457> }endif;
5458>
5459> if ( !function_exists('check_ajax_referer') ) :
5460> /**
5461>  * Verifies the AJAX request to prevent processing requests external of the blog.
5462>  *
5463>  * @since 2.0.3
5464>  *
5465>  * @param string $action Action nonce
5466>  * @param string $query_arg where to look for nonce in $_REQUEST (since 2.5)
5467>  */
5468> function check_ajax_referer( $action = -1, $query_arg = false, $die = true ) {
5469>       if ( $query_arg )
5470>               $nonce = $_REQUEST[$query_arg];
5471>       else
5472>               $nonce = isset($_REQUEST['_ajax_nonce']) ? $_REQUEST['_ajax_nonce'] : $_REQUEST['_wpnonce'];
5473>
5474>       $result = wp_verify_nonce( $nonce, $action );
5475>
5476>       if ( $die && false == $result )
5477>               die('-1');
5478>
5479>       do_action('check_ajax_referer', $action, $result);
5480>
5481>       return $result;
5482> }
5483> endif;
5484>
5485> if ( !function_exists('wp_redirect') ) :
5486> /**
5487>  * Redirects to another page.
5488>  *
5489>  * @since 1.5.1
5490>  * @uses apply_filters() Calls 'wp_redirect' hook on $location and $status.
5491>  *
5492>  * @param string $location The path to redirect to
5493>  * @param int $status Status code to use
5494>  * @return bool False if $location is not set
5495>  */
5496> function wp_redirect($location, $status = 302) {
5497>       global $is_IIS;
5498>
5499>       $location = apply_filters('wp_redirect', $location, $status);
5500>       $status = apply_filters('wp_redirect_status', $status, $location);
5501>
5502>       if ( !$location ) // allows the wp_redirect filter to cancel a redirect
5503>               return false;
5504>
5505>       $location = wp_sanitize_redirect($location);
5506>
5507>       if ( !$is_IIS && php_sapi_name() != 'cgi-fcgi' )
5508>               status_header($status); // This causes problems on IIS and some FastCGI setups
5509>
5510>       header("Location: $location", true, $status);
5511> }
5512> endif;
5513>
5514> if ( !function_exists('wp_sanitize_redirect') ) :
5515> /**
5516>  * Sanitizes a URL for use in a redirect.
5517>  *
5518>  * @since 2.3
5519>  *
5520>  * @return string redirect-sanitized URL
5521>  **/
5522> function wp_sanitize_redirect($location) {
5523>       $location = preg_replace('|[^a-z0-9-~+_.?#=&;,/:%!]|i', '', $location);
5524>       $location = wp_kses_no_null($location);
5525>
5526>       // remove %0d and %0a from location
5527>       $strip = array('%0d', '%0a', '%0D', '%0A');
5528>       $location = _deep_replace($strip, $location);
5529>       return $location;
5530> }
5531> endif;
5532>
5533> if ( !function_exists('wp_safe_redirect') ) :
5534> /**
5535>  * Performs a safe (local) redirect, using wp_redirect().
5536>  *
5537>  * Checks whether the $location is using an allowed host, if it has an absolute
5538>  * path. A plugin can therefore set or remove allowed host(s) to or from the
5539>  * list.
5540>  *
5541>  * If the host is not allowed, then the redirect is to wp-admin on the siteurl
5542>  * instead. This prevents malicious redirects which redirect to another host,
5543>  * but only used in a few places.
5544>  *
5545>  * @since 2.3
5546>  * @uses wp_validate_redirect() To validate the redirect is to an allowed host.
5547>  *
5548>  * @return void Does not return anything
5549>  **/
5550> function wp_safe_redirect($location, $status = 302) {
5551>
5552>       // Need to look at the URL the way it will end up in wp_redirect()
5553>       $location = wp_sanitize_redirect($location);
5554>
5555>       $location = wp_validate_redirect($location, admin_url());
5556>
5557>       wp_redirect($location, $status);
5558> }
5559> endif;
5560>
5561> if ( !function_exists('wp_validate_redirect') ) :
5562> /**
5563>  * Validates a URL for use in a redirect.
5564>  *
5565>  * Checks whether the $location is using an allowed host, if it has an absolute
5566>  * path. A plugin can therefore set or remove allowed host(s) to or from the
5567>  * list.
5568>  *
5569>  * If the host is not allowed, then the redirect is to $default supplied
5570>  *
5571>  * @since 2.8.1
5572>  * @uses apply_filters() Calls 'allowed_redirect_hosts' on an array containing
5573>  *            WordPress host string and $location host string.
5574>  *
5575>  * @param string $location The redirect to validate
5576>  * @param string $default The value to return is $location is not allowed
5577>  * @return string redirect-sanitized URL
5578>  **/
5579> function wp_validate_redirect($location, $default = '') {
5580>       // browsers will assume 'http' is your protocol, and will obey a redirect to a URL starting with '//'
5581>       if ( substr($location, 0, 2) == '//' )
5582>               $location = 'http:' . $location;
5583>
5584>       // In php 5 parse_url may fail if the URL query part contains http://, bug #38143
5585>       $test = ( $cut = strpos($location, '?') ) ? substr( $location, 0, $cut ) : $location;
5586>
5587>       $lp  = parse_url($test);
5588>
5589>       // Give up if malformed URL
5590>       if ( false === $lp )
5591>               return $default;
5592>
5593>       // Allow only http and https schemes. No data:, etc.
5594>       if ( isset($lp['scheme']) && !('http' == $lp['scheme'] || 'https' == $lp['scheme']) )
5595>               return $default;
5596>
5597>       // Reject if scheme is set but host is not. This catches urls like https:host.com for which parse_url does not set the host field.
5598>       if ( isset($lp['scheme'])  && !isset($lp['host']) )
5599>               return $default;
5600>
5601>       $wpp = parse_url(home_url());
5602>
5603>       $allowed_hosts = (array) apply_filters('allowed_redirect_hosts', array($wpp['host']), isset($lp['host']) ? $lp['host'] : '');
5604>
5605>       if ( isset($lp['host']) && ( !in_array($lp['host'], $allowed_hosts) && $lp['host'] != strtolower($wpp['host'])) )
5606>               $location = $default;
5607>
5608>       return $location;
5609> }
5610> endif;
5611>
5612> if ( ! function_exists('wp_notify_postauthor') ) :
5613> /**
5614>  * Notify an author of a comment/trackback/pingback to one of their posts.
5615>  *
5616>  * @since 1.0.0
5617>  *
5618>  * @param int $comment_id Comment ID
5619>  * @param string $comment_type Optional. The comment type either 'comment' (default), 'trackback', or 'pingback'
5620>  * @return bool False if user email does not exist. True on completion.
5621>  */
5622> function wp_notify_postauthor( $comment_id, $comment_type = '' ) {
5623>       $comment = get_comment( $comment_id );
5624>       $post    = get_post( $comment->comment_post_ID );
5625>       $author  = get_userdata( $post->post_author );
5626>
5627>       // The comment was left by the author
5628>       if ( $comment->user_id == $post->post_author )
5629>               return false;
5630>
5631>       // The author moderated a comment on his own post
5632>       if ( $post->post_author == get_current_user_id() )
5633>               return false;
5634>
5635>       // If there's no email to send the comment to
5636>       if ( '' == $author->user_email )
5637>               return false;
5638>
5639>       $comment_author_domain = @gethostbyaddr($comment->comment_author_IP);
5640>
5641>       // The blogname option is escaped with esc_html on the way into the database in sanitize_option
5642>       // we want to reverse this for the plain text arena of emails.
5643>       $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
5644>
5645>       if ( empty( $comment_type ) ) $comment_type = 'comment';
5646>
5647>       if ('comment' == $comment_type) {
5648>               $notify_message  = sprintf( __( 'New comment on your post "%s"' ), $post->post_title ) . "\r\n";
5649>               /* translators: 1: comment author, 2: author IP, 3: author domain */
5650>               $notify_message .= sprintf( __('Author : %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain ) . "\r\n";
5651>               $notify_message .= sprintf( __('E-mail : %s'), $comment->comment_author_email ) . "\r\n";
5652>               $notify_message .= sprintf( __('URL    : %s'), $comment->comment_author_url ) . "\r\n";
5653>               $notify_message .= sprintf( __('Whois  : http://whois.arin.net/rest/ip/%s'), $comment->comment_author_IP ) . "\r\n";
5654>               $notify_message .= __('Comment: ') . "\r\n" . $comment->comment_content . "\r\n\r\n";
5655>               $notify_message .= __('You can see all comments on this post here: ') . "\r\n";
5656>               /* translators: 1: blog name, 2: post title */
5657>               $subject = sprintf( __('[%1$s] Comment: "%2$s"'), $blogname, $post->post_title );
5658>       } elseif ('trackback' == $comment_type) {
5659>               $notify_message  = sprintf( __( 'New trackback on your post "%s"' ), $post->post_title ) . "\r\n";
5660>               /* translators: 1: website name, 2: author IP, 3: author domain */
5661>               $notify_message .= sprintf( __('Website: %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain ) . "\r\n";
5662>               $notify_message .= sprintf( __('URL    : %s'), $comment->comment_author_url ) . "\r\n";
5663>               $notify_message .= __('Excerpt: ') . "\r\n" . $comment->comment_content . "\r\n\r\n";
5664>               $notify_message .= __('You can see all trackbacks on this post here: ') . "\r\n";
5665>               /* translators: 1: blog name, 2: post title */
5666>               $subject = sprintf( __('[%1$s] Trackback: "%2$s"'), $blogname, $post->post_title );
5667>       } elseif ('pingback' == $comment_type) {
5668>               $notify_message  = sprintf( __( 'New pingback on your post "%s"' ), $post->post_title ) . "\r\n";
5669>               /* translators: 1: comment author, 2: author IP, 3: author domain */
5670>               $notify_message .= sprintf( __('Website: %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain ) . "\r\n";
5671>               $notify_message .= sprintf( __('URL    : %s'), $comment->comment_author_url ) . "\r\n";
5672>               $notify_message .= __('Excerpt: ') . "\r\n" . sprintf('[...] %s [...]', $comment->comment_content ) . "\r\n\r\n";
5673>               $notify_message .= __('You can see all pingbacks on this post here: ') . "\r\n";
5674>               /* translators: 1: blog name, 2: post title */
5675>               $subject = sprintf( __('[%1$s] Pingback: "%2$s"'), $blogname, $post->post_title );
5676>       }
5677>       $notify_message .= get_permalink($comment->comment_post_ID) . "#comments\r\n\r\n";
5678>       $notify_message .= sprintf( __('Permalink: %s'), get_permalink( $comment->comment_post_ID ) . '#comment-' . $comment_id ) . "\r\n";
5679>       if ( EMPTY_TRASH_DAYS )
5680>               $notify_message .= sprintf( __('Trash it: %s'), admin_url("comment.php?action=trash&c=$comment_id") ) . "\r\n";
5681>       else
5682>               $notify_message .= sprintf( __('Delete it: %s'), admin_url("comment.php?action=delete&c=$comment_id") ) . "\r\n";
5683>       $notify_message .= sprintf( __('Spam it: %s'), admin_url("comment.php?action=spam&c=$comment_id") ) . "\r\n";
5684>
5685>       $wp_email = 'wordpress@' . preg_replace('#^www\.#', '', strtolower($_SERVER['SERVER_NAME']));
5686>
5687>       if ( '' == $comment->comment_author ) {
5688>               $from = "From: \"$blogname\" <$wp_email>";
5689>               if ( '' != $comment->comment_author_email )
5690>                       $reply_to = "Reply-To: $comment->comment_author_email";
5691>       } else {
5692>               $from = "From: \"$comment->comment_author\" <$wp_email>";
5693>               if ( '' != $comment->comment_author_email )
5694>                       $reply_to = "Reply-To: \"$comment->comment_author_email\" <$comment->comment_author_email>";
5695>       }
5696>
5697>       $message_headers = "$from\n"
5698>               . "Content-Type: text/plain; charset=\"" . get_option('blog_charset') . "\"\n";
5699>
5700>       if ( isset($reply_to) )
5701>               $message_headers .= $reply_to . "\n";
5702>
5703>       $notify_message = apply_filters('comment_notification_text', $notify_message, $comment_id);
5704>       $subject = apply_filters('comment_notification_subject', $subject, $comment_id);
5705>       $message_headers = apply_filters('comment_notification_headers', $message_headers, $comment_id);
5706>
5707>       @wp_mail( $author->user_email, $subject, $notify_message, $message_headers );
5708>
5709>       return true;
5710> }
5711> endif;
5712>
5713> if ( !function_exists('wp_notify_moderator') ) :
5714> /**
5715>  * Notifies the moderator of the blog about a new comment that is awaiting approval.
5716>  *
5717>  * @since 1.0
5718>  * @uses $wpdb
5719>  *
5720>  * @param int $comment_id Comment ID
5721>  * @return bool Always returns true
5722>  */
5723> function wp_notify_moderator($comment_id) {
5724>       global $wpdb;
5725>
5726>       if ( 0 == get_option( 'moderation_notify' ) )
5727>               return true;
5728>
5729>       $comment = get_comment($comment_id);
5730>       $post = get_post($comment->comment_post_ID);
5731>       $user = get_userdata( $post->post_author );
5732>       // Send to the administration and to the post author if the author can modify the comment.
5733>       $email_to = array( get_option('admin_email') );
5734>       if ( user_can($user->ID, 'edit_comment', $comment_id) && !empty($user->user_email) && ( get_option('admin_email') != $user->user_email) )
5735>               $email_to[] = $user->user_email;
5736>
5737>       $comment_author_domain = @gethostbyaddr($comment->comment_author_IP);
5738>       $comments_waiting = $wpdb->get_var("SELECT count(comment_ID) FROM $wpdb->comments WHERE comment_approved = '0'");
5739>
5740>       // The blogname option is escaped with esc_html on the way into the database in sanitize_option
5741>       // we want to reverse this for the plain text arena of emails.
5742>       $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
5743>
5744>       switch ($comment->comment_type)
5745>       {
5746>               case 'trackback':
5747>                       $notify_message  = sprintf( __('A new trackback on the post "%s" is waiting for your approval'), $post->post_title ) . "\r\n";
5748>                       $notify_message .= get_permalink($comment->comment_post_ID) . "\r\n\r\n";
5749>                       $notify_message .= sprintf( __('Website : %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain ) . "\r\n";
5750>                       $notify_message .= sprintf( __('URL    : %s'), $comment->comment_author_url ) . "\r\n";
5751>                       $notify_message .= __('Trackback excerpt: ') . "\r\n" . $comment->comment_content . "\r\n\r\n";
5752>                       break;
5753>               case 'pingback':
5754>                       $notify_message  = sprintf( __('A new pingback on the post "%s" is waiting for your approval'), $post->post_title ) . "\r\n";
5755>                       $notify_message .= get_permalink($comment->comment_post_ID) . "\r\n\r\n";
5756>                       $notify_message .= sprintf( __('Website : %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain ) . "\r\n";
5757>                       $notify_message .= sprintf( __('URL    : %s'), $comment->comment_author_url ) . "\r\n";
5758>                       $notify_message .= __('Pingback excerpt: ') . "\r\n" . $comment->comment_content . "\r\n\r\n";
5759>                       break;
5760>               default: //Comments
5761>                       $notify_message  = sprintf( __('A new comment on the post "%s" is waiting for your approval'), $post->post_title ) . "\r\n";
5762>                       $notify_message .= get_permalink($comment->comment_post_ID) . "\r\n\r\n";
5763>                       $notify_message .= sprintf( __('Author : %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain ) . "\r\n";
5764>                       $notify_message .= sprintf( __('E-mail : %s'), $comment->comment_author_email ) . "\r\n";
5765>                       $notify_message .= sprintf( __('URL    : %s'), $comment->comment_author_url ) . "\r\n";
5766>                       $notify_message .= sprintf( __('Whois  : http://whois.arin.net/rest/ip/%s'), $comment->comment_author_IP ) . "\r\n";
5767>                       $notify_message .= __('Comment: ') . "\r\n" . $comment->comment_content . "\r\n\r\n";
5768>                       break;
5769>       }
5770>
5771>       $notify_message .= sprintf( __('Approve it: %s'),  admin_url("comment.php?action=approve&c=$comment_id") ) . "\r\n";
5772>       if ( EMPTY_TRASH_DAYS )
5773>               $notify_message .= sprintf( __('Trash it: %s'), admin_url("comment.php?action=trash&c=$comment_id") ) . "\r\n";
5774>       else
5775>               $notify_message .= sprintf( __('Delete it: %s'), admin_url("comment.php?action=delete&c=$comment_id") ) . "\r\n";
5776>       $notify_message .= sprintf( __('Spam it: %s'), admin_url("comment.php?action=spam&c=$comment_id") ) . "\r\n";
5777>
5778>       $notify_message .= sprintf( _n('Currently %s comment is waiting for approval. Please visit the moderation panel:',
5779>               'Currently %s comments are waiting for approval. Please visit the moderation panel:', $comments_waiting), number_format_i18n($comments_waiting) ) . "\r\n";
5780>       $notify_message .= admin_url("edit-comments.php?comment_status=moderated") . "\r\n";
5781>
5782>       $subject = sprintf( __('[%1$s] Please moderate: "%2$s"'), $blogname, $post->post_title );
5783>       $message_headers = '';
5784>
5785>       $notify_message = apply_filters('comment_moderation_text', $notify_message, $comment_id);
5786>       $subject = apply_filters('comment_moderation_subject', $subject, $comment_id);
5787>       $message_headers = apply_filters('comment_moderation_headers', $message_headers);
5788>
5789>       foreach ( $email_to as $email )
5790>               @wp_mail($email, $subject, $notify_message, $message_headers);
5791>
5792>       return true;
5793> }
5794> endif;
5795>
5796> if ( !function_exists('wp_password_change_notification') ) :
5797> /**
5798>  * Notify the blog admin of a user changing password, normally via email.
5799>  *
5800>  * @since 2.7
5801>  *
5802>  * @param object $user User Object
5803>  */
5804> function wp_password_change_notification(&$user) {
5805>       // send a copy of password change notification to the admin
5806>       // but check to see if it's the admin whose password we're changing, and skip this
5807>       if ( $user->user_email != get_option('admin_email') ) {
5808>               $message = sprintf(__('Password Lost and Changed for user: %s'), $user->user_login) . "\r\n";
5809>               // The blogname option is escaped with esc_html on the way into the database in sanitize_option
5810>               // we want to reverse this for the plain text arena of emails.
5811>               $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
5812>               wp_mail(get_option('admin_email'), sprintf(__('[%s] Password Lost/Changed'), $blogname), $message);
5813>       }
5814> }
5815> endif;
5816>
5817> if ( !function_exists('wp_new_user_notification') ) :
5818> /**
5819>  * Notify the blog admin of a new user, normally via email.
5820>  *
5821>  * @since 2.0
5822>  *
5823>  * @param int $user_id User ID
5824>  * @param string $plaintext_pass Optional. The user's plaintext password
5825>  */
5826> function wp_new_user_notification($user_id, $plaintext_pass = '') {
5827>       $user = new WP_User($user_id);
5828>
5829>       $user_login = stripslashes($user->user_login);
5830>       $user_email = stripslashes($user->user_email);
5831>
5832>       // The blogname option is escaped with esc_html on the way into the database in sanitize_option
5833>       // we want to reverse this for the plain text arena of emails.
5834>       $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
5835>
5836>       $message  = sprintf(__('New user registration on your site %s:'), $blogname) . "\r\n\r\n";
5837>       $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
5838>       $message .= sprintf(__('E-mail: %s'), $user_email) . "\r\n";
5839>
5840>       if ( 1 == get_option( 'registration_notify' ) ) {
5841>             @wp_mail(get_option('admin_email'), sprintf(__('[%s] New User Registration'), $blogname), $message);
5842>         }
5843>
5844>       if ( empty($plaintext_pass) )
5845>               return;
5846>
5847>       $message  = sprintf(__('Username: %s'), $user_login) . "\r\n";
5848>       $message .= sprintf(__('Password: %s'), $plaintext_pass) . "\r\n";
5849>       $message .= wp_login_url() . "\r\n";
5850>
5851>       wp_mail($user_email, sprintf(__('[%s] Your username and password'), $blogname), $message);
5852>
5853> }
5854> endif;
5855>
5856> if ( !function_exists('wp_nonce_tick') ) :
5857> /**
5858>  * Get the time-dependent variable for nonce creation.
5859>  *
5860>  * A nonce has a lifespan of two ticks. Nonces in their second tick may be
5861>  * updated, e.g. by autosave.
5862>  *
5863>  * @since 2.5
5864>  *
5865>  * @return int
5866>  */
5867> function wp_nonce_tick() {
5868>       $nonce_life = apply_filters('nonce_life', 86400);
5869>
5870>       return ceil(time() / ( $nonce_life / 2 ));
5871> }
5872> endif;
5873>
5874> if ( !function_exists('wp_verify_nonce') ) :
5875> /**
5876>  * Verify that correct nonce was used with time limit.
5877>  *
5878>  * The user is given an amount of time to use the token, so therefore, since the
5879>  * UID and $action remain the same, the independent variable is the time.
5880>  *
5881>  * @since 2.0.3
5882>  *
5883>  * @param string $nonce Nonce that was used in the form to verify
5884>  * @param string|int $action Should give context to what is taking place and be the same when nonce was created.
5885>  * @return bool Whether the nonce check passed or failed.
5886>  */
5887> function wp_verify_nonce($nonce, $action = -1) {
5888>       $user = wp_get_current_user();
5889>       $uid = (int) $user->ID;
5890>
5891>       $i = wp_nonce_tick();
5892>
5893>       // Nonce generated 0-12 hours ago
5894>       if ( substr(wp_hash($i . $action . $uid, 'nonce'), -12, 10) == $nonce )
5895>               return 1;
5896>       // Nonce generated 12-24 hours ago
5897>       if ( substr(wp_hash(($i - 1) . $action . $uid, 'nonce'), -12, 10) == $nonce )
5898>               return 2;
5899>       // Invalid nonce
5900>       return false;
5901> }
5902> endif;
5903>
5904> if ( !function_exists('wp_create_nonce') ) :
5905> /**
5906>  * Creates a random, one time use token.
5907>  *
5908>  * @since 2.0.3
5909>  *
5910>  * @param string|int $action Scalar value to add context to the nonce.
5911>  * @return string The one use form token
5912>  */
5913> function wp_create_nonce($action = -1) {
5914>       $user = wp_get_current_user();
5915>       $uid = (int) $user->ID;
5916>
5917>       $i = wp_nonce_tick();
5918>
5919>       return substr(wp_hash($i . $action . $uid, 'nonce'), -12, 10);
5920> }
5921> endif;
5922>
5923> if ( !function_exists('wp_salt') ) :
5924> /**
5925>  * Get salt to add to hashes to help prevent attacks.
5926>  *
5927>  * The secret key is located in two places: the database in case the secret key
5928>  * isn't defined in the second place, which is in the wp-config.php file. If you
5929>  * are going to set the secret key, then you must do so in the wp-config.php
5930>  * file.
5931>  *
5932>  * The secret key in the database is randomly generated and will be appended to
5933>  * the secret key that is in wp-config.php file in some instances. It is
5934>  * important to have the secret key defined or changed in wp-config.php.
5935>  *
5936>  * If you have installed WordPress 2.5 or later, then you will have the
5937>  * SECRET_KEY defined in the wp-config.php already. You will want to change the
5938>  * value in it because hackers will know what it is. If you have upgraded to
5939>  * WordPress 2.5 or later version from a version before WordPress 2.5, then you
5940>  * should add the constant to your wp-config.php file.
5941>  *
5942>  * Below is an example of how the SECRET_KEY constant is defined with a value.
5943>  * You must not copy the below example and paste into your wp-config.php. If you
5944>  * need an example, then you can have a
5945>  * {@link https://api.wordpress.org/secret-key/1.1/ secret key created} for you.
5946>  *
5947>  * <code>
5948>  * define('SECRET_KEY', 'mAry1HadA15|\/|b17w55w1t3asSn09w');
5949>  * </code>
5950>  *
5951>  * Salting passwords helps against tools which has stored hashed values of
5952>  * common dictionary strings. The added values makes it harder to crack if given
5953>  * salt string is not weak.
5954>  *
5955>  * @since 2.5
5956>  * @link https://api.wordpress.org/secret-key/1.1/ Create a Secret Key for wp-config.php
5957>  *
5958>  * @param string $scheme Authentication scheme
5959>  * @return string Salt value
5960>  */
5961> function wp_salt($scheme = 'auth') {
5962>       global $wp_default_secret_key;
5963>       $secret_key = '';
5964>       if ( defined('SECRET_KEY') && ('' != SECRET_KEY) && ( $wp_default_secret_key != SECRET_KEY) )
5965>               $secret_key = SECRET_KEY;
5966>
5967>       if ( 'auth' == $scheme ) {
5968>               if ( defined('AUTH_KEY') && ('' != AUTH_KEY) && ( $wp_default_secret_key != AUTH_KEY) )
5969>                       $secret_key = AUTH_KEY;
5970>
5971>               if ( defined('AUTH_SALT') && ('' != AUTH_SALT) && ( $wp_default_secret_key != AUTH_SALT) ) {
5972>                       $salt = AUTH_SALT;
5973>               } elseif ( defined('SECRET_SALT') && ('' != SECRET_SALT) && ( $wp_default_secret_key != SECRET_SALT) ) {
5974>                       $salt = SECRET_SALT;
5975>               } else {
5976>                       $salt = get_site_option('auth_salt');
5977>                       if ( empty($salt) ) {
5978>                               $salt = wp_generate_password( 64, true, true );
5979>                               update_site_option('auth_salt', $salt);
5980>                       }
5981>               }
5982>       } elseif ( 'secure_auth' == $scheme ) {
5983>               if ( defined('SECURE_AUTH_KEY') && ('' != SECURE_AUTH_KEY) && ( $wp_default_secret_key != SECURE_AUTH_KEY) )
5984>                       $secret_key = SECURE_AUTH_KEY;
5985>
5986>               if ( defined('SECURE_AUTH_SALT') && ('' != SECURE_AUTH_SALT) && ( $wp_default_secret_key != SECURE_AUTH_SALT) ) {
5987>                       $salt = SECURE_AUTH_SALT;
5988>               } else {
5989>                       $salt = get_site_option('secure_auth_salt');
5990>                       if ( empty($salt) ) {
5991>                               $salt = wp_generate_password( 64, true, true );
5992>                               update_site_option('secure_auth_salt', $salt);
5993>                       }
5994>               }
5995>       } elseif ( 'logged_in' == $scheme ) {
5996>               if ( defined('LOGGED_IN_KEY') && ('' != LOGGED_IN_KEY) && ( $wp_default_secret_key != LOGGED_IN_KEY) )
5997>                       $secret_key = LOGGED_IN_KEY;
5998>
5999>               if ( defined('LOGGED_IN_SALT') && ('' != LOGGED_IN_SALT) && ( $wp_default_secret_key != LOGGED_IN_SALT) ) {
6000>                       $salt = LOGGED_IN_SALT;
6001>               } else {
6002>                       $salt = get_site_option('logged_in_salt');
6003>                       if ( empty($salt) ) {
6004>                               $salt = wp_generate_password( 64, true, true );
6005>                               update_site_option('logged_in_salt', $salt);
6006>                       }
6007>               }
6008>       } elseif ( 'nonce' == $scheme ) {
6009>               if ( defined('NONCE_KEY') && ('' != NONCE_KEY) && ( $wp_default_secret_key != NONCE_KEY) )
6010>                       $secret_key = NONCE_KEY;
6011>
6012>               if ( defined('NONCE_SALT') && ('' != NONCE_SALT) && ( $wp_default_secret_key != NONCE_SALT) ) {
6013>                       $salt = NONCE_SALT;
6014>               } else {
6015>                       $salt = get_site_option('nonce_salt');
6016>                       if ( empty($salt) ) {
6017>                               $salt = wp_generate_password( 64, true, true );
6018>                               update_site_option('nonce_salt', $salt);
6019>                       }
6020>               }
6021>       } else {
6022>               // ensure each auth scheme has its own unique salt
6023>               $salt = hash_hmac('md5', $scheme, $secret_key);
6024>       }
6025>
6026>       return apply_filters('salt', $secret_key . $salt, $scheme);
6027> }
6028> endif;
6029>
6030> if ( !function_exists('wp_hash') ) :
6031> /**
6032>  * Get hash of given string.
6033>  *
6034>  * @since 2.0.3
6035>  * @uses wp_salt() Get WordPress salt
6036>  *
6037>  * @param string $data Plain text to hash
6038>  * @return string Hash of $data
6039>  */
6040> function wp_hash($data, $scheme = 'auth') {
6041>       $salt = wp_salt($scheme);
6042>
6043>       return hash_hmac('md5', $data, $salt);
6044> }
6045> endif;
6046>
6047> if ( !function_exists('wp_hash_password') ) :
6048> /**
6049>  * Create a hash (encrypt) of a plain text password.
6050>  *
6051>  * For integration with other applications, this function can be overwritten to
6052>  * instead use the other package password checking algorithm.
6053>  *
6054>  * @since 2.5
6055>  * @global object $wp_hasher PHPass object
6056>  * @uses PasswordHash::HashPassword
6057>  *
6058>  * @param string $password Plain text user password to hash
6059>  * @return string The hash string of the password
6060>  */
6061> function wp_hash_password($password) {
6062>       global $wp_hasher;
6063>
6064>       if ( empty($wp_hasher) ) {
6065>               require_once( ABSPATH . 'wp-includes/class-phpass.php');
6066>               // By default, use the portable hash from phpass
6067>               $wp_hasher = new PasswordHash(8, TRUE);
6068>       }
6069>
6070>       return $wp_hasher->HashPassword($password);
6071> }
6072> endif;
6073>
6074> if ( !function_exists('wp_check_password') ) :
6075> /**
6076>  * Checks the plaintext password against the encrypted Password.
6077>  *
6078>  * Maintains compatibility between old version and the new cookie authentication
6079>  * protocol using PHPass library. The $hash parameter is the encrypted password
6080>  * and the function compares the plain text password when encrypted similarly
6081>  * against the already encrypted password to see if they match.
6082>  *
6083>  * For integration with other applications, this function can be overwritten to
6084>  * instead use the other package password checking algorithm.
6085>  *
6086>  * @since 2.5
6087>  * @global object $wp_hasher PHPass object used for checking the password
6088>  *    against the $hash + $password
6089>  * @uses PasswordHash::CheckPassword
6090>  *
6091>  * @param string $password Plaintext user's password
6092>  * @param string $hash Hash of the user's password to check against.
6093>  * @return bool False, if the $password does not match the hashed password
6094>  */
6095> function wp_check_password($password, $hash, $user_id = '') {
6096>       global $wp_hasher;
6097>
6098>       // If the hash is still md5...
6099>       if ( strlen($hash) <= 32 ) {
6100>               $check = ( $hash == md5($password) );
6101>               if ( $check && $user_id ) {
6102>                       // Rehash using new hash.
6103>                       wp_set_password($password, $user_id);
6104>                       $hash = wp_hash_password($password);
6105>               }
6106>
6107>               return apply_filters('check_password', $check, $password, $hash, $user_id);
6108>       }
6109>
6110>       // If the stored hash is longer than an MD5, presume the
6111>       // new style phpass portable hash.
6112>       if ( empty($wp_hasher) ) {
6113>               require_once( ABSPATH . 'wp-includes/class-phpass.php');
6114>               // By default, use the portable hash from phpass
6115>               $wp_hasher = new PasswordHash(8, TRUE);
6116>       }
6117>
6118>       $check = $wp_hasher->CheckPassword($password, $hash);
6119>
6120>       return apply_filters('check_password', $check, $password, $hash, $user_id);
6121> }
6122> endif;
6123>
6124> if ( !function_exists('wp_generate_password') ) :
6125> /**
6126>  * Generates a random password drawn from the defined set of characters.
6127>  *
6128>  * @since 2.5
6129>  *
6130>  * @param int $length The length of password to generate
6131>  * @param bool $special_chars Whether to include standard special characters. Default true.
6132>  * @param bool $extra_special_chars Whether to include other special characters. Used when
6133>  *   generating secret keys and salts. Default false.
6134>  * @return string The random password
6135>  **/
6136> function wp_generate_password( $length = 12, $special_chars = true, $extra_special_chars = false ) {
6137>       $chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
6138>       if ( $special_chars )
6139>               $chars .= '!@#$%^&*()';
6140>       if ( $extra_special_chars )
6141>               $chars .= '-_ []{}<>~`+=,.;:/?|';
6142>
6143>       $password = '';
6144>       for ( $i = 0; $i < $length; $i++ ) {
6145>               $password .= substr($chars, wp_rand(0, strlen($chars) - 1), 1);
6146>       }
6147>
6148>       // random_password filter was previously in random_password function which was deprecated
6149>       return apply_filters('random_password', $password);
6150> }
6151> endif;
6152>
6153> if ( !function_exists('wp_rand') ) :
6154>  /**
6155>  * Generates a random number
6156>  *
6157>  * @since 2.6.2
6158>  *
6159>  * @param int $min Lower limit for the generated number (optional, default is 0)
6160>  * @param int $max Upper limit for the generated number (optional, default is 4294967295)
6161>  * @return int A random number between min and max
6162>  */
6163> function wp_rand( $min = 0, $max = 0 ) {
6164>       global $rnd_value;
6165>
6166>       // Reset $rnd_value after 14 uses
6167>       // 32(md5) + 40(sha1) + 40(sha1) / 8 = 14 random numbers from $rnd_value
6168>       if ( strlen($rnd_value) < 8 ) {
6169>               if ( defined( 'WP_SETUP_CONFIG' ) )
6170>                       static $seed = '';
6171>               else
6172>                       $seed = get_transient('random_seed');
6173>               $rnd_value = md5( uniqid(microtime() . mt_rand(), true ) . $seed );
6174>               $rnd_value .= sha1($rnd_value);
6175>               $rnd_value .= sha1($rnd_value . $seed);
6176>               $seed = md5($seed . $rnd_value);
6177>               if ( ! defined( 'WP_SETUP_CONFIG' ) )
6178>                       set_transient('random_seed', $seed);
6179>       }
6180>
6181>       // Take the first 8 digits for our value
6182>       $value = substr($rnd_value, 0, 8);
6183>
6184>       // Strip the first eight, leaving the remainder for the next call to wp_rand().
6185>       $rnd_value = substr($rnd_value, 8);
6186>
6187>       $value = abs(hexdec($value));
6188>
6189>       // Reduce the value to be within the min - max range
6190>       // 4294967295 = 0xffffffff = max random number
6191>       if ( $max != 0 )
6192>               $value = $min + (($max - $min + 1) * ($value / (4294967295 + 1)));
6193>
6194>       return abs(intval($value));
6195> }
6196> endif;
6197>
6198> if ( !function_exists('wp_set_password') ) :
6199> /**
6200>  * Updates the user's password with a new encrypted one.
6201>  *
6202>  * For integration with other applications, this function can be overwritten to
6203>  * instead use the other package password checking algorithm.
6204>  *
6205>  * @since 2.5
6206>  * @uses $wpdb WordPress database object for queries
6207>  * @uses wp_hash_password() Used to encrypt the user's password before passing to the database
6208>  *
6209>  * @param string $password The plaintext new user password
6210>  * @param int $user_id User ID
6211>  */
6212> function wp_set_password( $password, $user_id ) {
6213>       global $wpdb;
6214>
6215>       $hash = wp_hash_password($password);
6216>       $wpdb->update($wpdb->users, array('user_pass' => $hash, 'user_activation_key' => ''), array('ID' => $user_id) );
6217>
6218>       wp_cache_delete($user_id, 'users');
6219> }
6220> endif;
6221>
6222> if ( !function_exists( 'get_avatar' ) ) :
6223> /**
6224>  * Retrieve the avatar for a user who provided a user ID or email address.
6225>  *
6226>  * @since 2.5
6227>  * @param int|string|object $id_or_email A user ID,  email address, or comment object
6228>  * @param int $size Size of the avatar image
6229>  * @param string $default URL to a default image to use if no avatar is available
6230>  * @param string $alt Alternate text to use in image tag. Defaults to blank
6231>  * @return string <img> tag for the user's avatar
6232> */
6233> function get_avatar( $id_or_email, $size = '96', $default = '', $alt = false ) {
6234>       if ( ! get_option('show_avatars') )
6235>               return false;
6236>
6237>       if ( false === $alt)
6238>               $safe_alt = '';
6239>       else
6240>               $safe_alt = esc_attr( $alt );
6241>
6242>       if ( !is_numeric($size) )
6243>               $size = '96';
6244>
6245>       $email = '';
6246>       if ( is_numeric($id_or_email) ) {
6247>               $id = (int) $id_or_email;
6248>               $user = get_userdata($id);
6249>               if ( $user )
6250>                       $email = $user->user_email;
6251>       } elseif ( is_object($id_or_email) ) {
6252>               // No avatar for pingbacks or trackbacks
6253>               $allowed_comment_types = apply_filters( 'get_avatar_comment_types', array( 'comment' ) );
6254>               if ( ! empty( $id_or_email->comment_type ) && ! in_array( $id_or_email->comment_type, (array) $allowed_comment_types ) )
6255>                       return false;
6256>
6257>               if ( !empty($id_or_email->user_id) ) {
6258>                       $id = (int) $id_or_email->user_id;
6259>                       $user = get_userdata($id);
6260>                       if ( $user)
6261>                               $email = $user->user_email;
6262>               } elseif ( !empty($id_or_email->comment_author_email) ) {
6263>                       $email = $id_or_email->comment_author_email;
6264>               }
6265>       } else {
6266>               $email = $id_or_email;
6267>       }
6268>
6269>       if ( empty($default) ) {
6270>               $avatar_default = get_option('avatar_default');
6271>               if ( empty($avatar_default) )
6272>                       $default = 'mystery';
6273>               else
6274>                       $default = $avatar_default;
6275>       }
6276>
6277>       if ( !empty($email) )
6278>               $email_hash = md5( strtolower( $email ) );
6279>
6280>       if ( is_ssl() ) {
6281>               $host = 'https://secure.gravatar.com';
6282>       } else {
6283>               if ( !empty($email) )
6284>                       $host = sprintf( "http://%d.gravatar.com", ( hexdec( $email_hash[0] ) % 2 ) );
6285>               else
6286>                       $host = 'http://0.gravatar.com';
6287>       }
6288>
6289>       if ( 'mystery' == $default )
6290>               $default = "$host/avatar/ad516503a11cd5ca435acc9bb6523536?s={$size}"; // ad516503a11cd5ca435acc9bb6523536 == md5('unknown@gravatar.com')
6291>       elseif ( 'blank' == $default )
6292>               $default = includes_url('images/blank.gif');
6293>       elseif ( !empty($email) && 'gravatar_default' == $default )
6294>               $default = '';
6295>       elseif ( 'gravatar_default' == $default )
6296>               $default = "$host/avatar/s={$size}";
6297>       elseif ( empty($email) )
6298>               $default = "$host/avatar/?d=$default&amp;s={$size}";
6299>       elseif ( strpos($default, 'http://') === 0 )
6300>               $default = add_query_arg( 's', $size, $default );
6301>
6302>       if ( !empty($email) ) {
6303>               $out = "$host/avatar/";
6304>               $out .= $email_hash;
6305>               $out .= '?s='.$size;
6306>               $out .= '&amp;d=' . urlencode( $default );
6307>
6308>               $rating = get_option('avatar_rating');
6309>               if ( !empty( $rating ) )
6310>                       $out .= "&amp;r={$rating}";
6311>
6312>               $avatar = "<img alt='{$safe_alt}' src='{$out}' class='avatar avatar-{$size} photo' height='{$size}' width='{$size}' />";
6313>       } else {
6314>               $avatar = "<img alt='{$safe_alt}' src='{$default}' class='avatar avatar-{$size} photo avatar-default' height='{$size}' width='{$size}' />";
6315>       }
6316>
6317>       return apply_filters('get_avatar', $avatar, $id_or_email, $size, $default, $alt);
6318> }
6319> endif;
6320>
6321> if ( !function_exists( 'wp_text_diff' ) ) :
6322> /**
6323>  * Displays a human readable HTML representation of the difference between two strings.
6324>  *
6325>  * The Diff is available for getting the changes between versions. The output is
6326>  * HTML, so the primary use is for displaying the changes. If the two strings
6327>  * are equivalent, then an empty string will be returned.
6328>  *
6329>  * The arguments supported and can be changed are listed below.
6330>  *
6331>  * 'title' : Default is an empty string. Titles the diff in a manner compatible
6332>  *            with the output.
6333>  * 'title_left' : Default is an empty string. Change the HTML to the left of the
6334>  *            title.
6335>  * 'title_right' : Default is an empty string. Change the HTML to the right of
6336>  *            the title.
6337>  *
6338>  * @since 2.6
6339>  * @see wp_parse_args() Used to change defaults to user defined settings.
6340>  * @uses Text_Diff
6341>  * @uses WP_Text_Diff_Renderer_Table
6342>  *
6343>  * @param string $left_string "old" (left) version of string
6344>  * @param string $right_string "new" (right) version of string
6345>  * @param string|array $args Optional. Change 'title', 'title_left', and 'title_right' defaults.
6346>  * @return string Empty string if strings are equivalent or HTML with differences.
6347>  */
6348> function wp_text_diff( $left_string, $right_string, $args = null ) {
6349>       $defaults = array( 'title' => '', 'title_left' => '', 'title_right' => '' );
6350>       $args = wp_parse_args( $args, $defaults );
6351>
6352>       if ( !class_exists( 'WP_Text_Diff_Renderer_Table' ) )
6353>               require( ABSPATH . WPINC . '/wp-diff.php' );
6354>
6355>       $left_string  = normalize_whitespace($left_string);
6356>       $right_string = normalize_whitespace($right_string);
6357>
6358>       $left_lines  = split("\n", $left_string);
6359>       $right_lines = split("\n", $right_string);
6360>
6361>       $text_diff = new Text_Diff($left_lines, $right_lines);
6362>       $renderer  = new WP_Text_Diff_Renderer_Table();
6363>       $diff = $renderer->render($text_diff);
6364>
6365>       if ( !$diff )
6366>               return '';
6367>
6368>       $r  = "<table class='diff'>\n";
6369>       $r .= "<col class='ltype' /><col class='content' /><col class='ltype' /><col class='content' />";
6370>
6371>       if ( $args['title'] || $args['title_left'] || $args['title_right'] )
6372>               $r .= "<thead>";
6373>       if ( $args['title'] )
6374>               $r .= "<tr class='diff-title'><th colspan='4'>$args[title]</th></tr>\n";
6375>       if ( $args['title_left'] || $args['title_right'] ) {
6376>               $r .= "<tr class='diff-sub-title'>\n";
6377>               $r .= "\t<td></td><th>$args[title_left]</th>\n";
6378>               $r .= "\t<td></td><th>$args[title_right]</th>\n";
6379>               $r .= "</tr>\n";
6380>       }
6381>       if ( $args['title'] || $args['title_left'] || $args['title_right'] )
6382>               $r .= "</thead>\n";
6383>
6384>       $r .= "<tbody>\n$diff\n</tbody>\n";
6385>       $r .= "</table>";
6386>
6387>       return $r;
6388> }
6389> endif;