WordPress.org

Make WordPress Core

Ticket #3155: 3155-part1.diff

File 3155-part1.diff, 10.9 KB (added by Nazgul, 6 years ago)

First batch

  • wp-content/themes/default/comments.php

     
    11<?php // Do not delete these lines 
    2         if ('comments.php' == basename($_SERVER['SCRIPT_FILENAME'])) 
     2        if (!empty($_SERVER['SCRIPT_FILENAME']) && 'comments.php' == basename($_SERVER['SCRIPT_FILENAME'])) 
    33                die ('Please do not load this page directly. Thanks!'); 
    44 
    55        if (!empty($post->post_password)) { // if there's a password 
  • wp-content/themes/default/header.php

     
    1414 
    1515<?php 
    1616// Checks to see whether it needs a sidebar or not 
    17 if ( !$withcomments && !is_single() ) { 
     17if ( !empty($withcomments) && !is_single() ) { 
    1818?> 
    1919        #page { background: url("<?php bloginfo('stylesheet_directory'); ?>/images/kubrickbg-<?php bloginfo('text_direction'); ?>.jpg") repeat-y top; border: none; } 
    2020<?php } else { // No sidebar ?> 
  • wp-includes/cache.php

     
    353353                        $data = ''; 
    354354 
    355355                $this->cache[$group][$id] = $data; 
    356                 unset ($this->non_existant_objects[$group][$id]); 
    357356 
     357                if(isset($this->non_existant_objects[$group][$id])) 
     358                        unset ($this->non_existant_objects[$group][$id]); 
     359 
    358360                return true; 
    359361        } 
    360362 
  • wp-includes/classes.php

     
    185185                        @header('Content-Type: ' . get_option('html_type') . '; charset=' . get_option('blog_charset')); 
    186186                } else { 
    187187                        // We're showing a feed, so WP is indeed the only thing that last changed 
    188                         if ( $this->query_vars['withcomments'] 
    189                                 || ( !$this->query_vars['withoutcomments'] 
    190                                         && ( $this->query_vars['p'] 
    191                                                 || $this->query_vars['name'] 
    192                                                 || $this->query_vars['page_id'] 
    193                                                 || $this->query_vars['pagename'] 
    194                                                 || $this->query_vars['attachment'] 
    195                                                 || $this->query_vars['attachment_id'] 
     188                        if ( !empty($this->query_vars['withcomments']) 
     189                                || ( empty($this->query_vars['withoutcomments']) 
     190                                        && ( !empty($this->query_vars['p']) 
     191                                                || !empty($this->query_vars['name']) 
     192                                                || !empty($this->query_vars['page_id']) 
     193                                                || !empty($this->query_vars['pagename']) 
     194                                                || !empty($this->query_vars['attachment']) 
     195                                                || !empty($this->query_vars['attachment_id']) 
    196196                                        ) 
    197197                                ) 
    198198                        ) 
     
    208208                                $client_etag = stripslashes(stripslashes($_SERVER['HTTP_IF_NONE_MATCH'])); 
    209209                        else $client_etag = false; 
    210210 
    211                         $client_last_modified = trim( $_SERVER['HTTP_IF_MODIFIED_SINCE']); 
     211                        $client_last_modified = empty($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? '' : trim($_SERVER['HTTP_IF_MODIFIED_SINCE']); 
    212212                        // If string is empty, return 0. If not, attempt to parse into a timestamp 
    213213                        $client_modified_timestamp = $client_last_modified ? strtotime($client_last_modified) : 0; 
    214214 
  • wp-includes/comment-template.php

     
    729729        } 
    730730 
    731731        if ( !empty($post->post_password) ) { // if there's a password 
    732                 if ( $_COOKIE['wp-postpass_' . COOKIEHASH] != $post->post_password ) {  // and it doesn't match the cookie 
     732                if ( !isset($_COOKIE['wp-postpass_' . COOKIEHASH]) || $_COOKIE['wp-postpass_' . COOKIEHASH] != $post->post_password ) {  // and it doesn't match the cookie 
    733733                        echo __('Enter your password to view comments'); 
    734734                        return; 
    735735                } 
  • wp-includes/feed.php

     
    145145 
    146146function rss_enclosure() { 
    147147        global $post; 
    148         if ( !empty($post->post_password) && ($_COOKIE['wp-postpass_'.COOKIEHASH] != $post->post_password) ) 
     148        if ( !empty($post->post_password) && (!isset($_COOKIE['wp-postpass_'.COOKIEHASH]) || $_COOKIE['wp-postpass_'.COOKIEHASH] != $post->post_password) ) 
    149149                return; 
    150150 
    151151        foreach (get_post_custom() as $key => $val) { 
  • wp-includes/link-template.php

     
    524524        $current_post_date = $post->post_date; 
    525525 
    526526        $join = ''; 
     527        $posts_in_ex_cats_sql = ''; 
    527528        if ( $in_same_cat || !empty($excluded_categories) ) { 
    528529                $join = " INNER JOIN $wpdb->term_relationships AS tr ON p.ID = tr.object_id INNER JOIN $wpdb->term_taxonomy tt ON tr.term_taxonomy_id = tt.term_taxonomy_id"; 
    529530 
     
    615616                $qs_regex = '|\?.*?$|'; 
    616617                preg_match( $qs_regex, $request, $qs_match ); 
    617618 
    618                 if ( $qs_match[0] ) { 
     619                if ( !empty( $qs_match[0] ) ) { 
    619620                        $query_string = $qs_match[0]; 
    620621                        $request = preg_replace( $qs_regex, '', $request ); 
    621622                } else { 
  • wp-includes/pluggable.php

     
    775775        $lp  = parse_url($location); 
    776776        $wpp = parse_url(get_option('home')); 
    777777 
    778         $allowed_hosts = (array) apply_filters('allowed_redirect_hosts', array($wpp['host']), $lp['host']); 
     778        $allowed_hosts = (array) apply_filters('allowed_redirect_hosts', array($wpp['host']), isset($lp['host']) ? $lp['host'] : ''); 
    779779 
    780780        if ( isset($lp['host']) && ( !in_array($lp['host'], $allowed_hosts) && $lp['host'] != strtolower($wpp['host'])) ) 
    781781                $location = get_option('siteurl') . '/wp-admin/'; 
  • wp-includes/post-template.php

     
    8686        $output = ''; 
    8787 
    8888        if ( !empty($post->post_password) ) { // if there's a password 
    89                 if ( stripslashes($_COOKIE['wp-postpass_'.COOKIEHASH]) != $post->post_password ) {      // and it doesn't match the cookie 
     89                if ( !isset($_COOKIE['wp-postpass_'.COOKIEHASH]) || stripslashes($_COOKIE['wp-postpass_'.COOKIEHASH]) != $post->post_password ) {       // and it doesn't match the cookie 
    9090                        $output = get_the_password_form(); 
    9191                        return $output; 
    9292                } 
     
    141141        $output = ''; 
    142142        $output = $post->post_excerpt; 
    143143        if ( !empty($post->post_password) ) { // if there's a password 
    144                 if ( $_COOKIE['wp-postpass_'.COOKIEHASH] != $post->post_password ) {  // and it doesn't match the cookie 
     144                if ( !isset($_COOKIE['wp-postpass_'.COOKIEHASH]) || $_COOKIE['wp-postpass_'.COOKIEHASH] != $post->post_password ) {  // and it doesn't match the cookie 
    145145                        $output = __('There is no excerpt because this is a protected post.'); 
    146146                        return $output; 
    147147                } 
  • wp-includes/user.php

     
    216216 
    217217        $userdata = $user->data; 
    218218        $user_login     = $user->user_login; 
    219         $user_level     = (int) $user->user_level; 
     219        $user_level     = (int) isset($user->user_level) ? $user->user_level : 0; 
    220220        $user_ID        = (int) $user->ID; 
    221221        $user_email     = $user->user_email; 
    222222        $user_url       = $user->user_url; 
  • wp-includes/wp-db.php

     
    339339                        $this->query($query); 
    340340 
    341341                // Extract var out of cached results based x,y vals 
    342                 if ( $this->last_result[$y] ) { 
     342                if ( !empty( $this->last_result[$y] ) ) { 
    343343                        $values = array_values(get_object_vars($this->last_result[$y])); 
    344344                } 
    345345 
  • wp-login.php

     
    174174// Main 
    175175// 
    176176 
    177 $action = $_REQUEST['action']; 
     177$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : ''; 
    178178$errors = new WP_Error(); 
    179179 
    180180if ( isset($_GET['key']) ) 
     
    351351                $errors->add('test_cookie', __("<strong>ERROR</strong>: Cookies are blocked or not supported by your browser. You must <a href='http://www.google.com/cookies.html'>enable cookies</a> to use WordPress.")); 
    352352 
    353353        // Some parts of this script use the main login form to display a message 
    354         if              ( TRUE == $_GET['loggedout'] )                  $errors->add('loggedout', __('You are now logged out.')); 
    355         elseif  ( 'disabled' == $_GET['registration'] ) $errors->add('registerdiabled', __('User registration is currently not allowed.')); 
    356         elseif  ( 'confirm' == $_GET['checkemail'] )    $errors->add('confirm', __('Check your e-mail for the confirmation link.')); 
    357         elseif  ( 'newpass' == $_GET['checkemail'] )    $errors->add('newpass', __('Check your e-mail for your new password.')); 
    358         elseif  ( 'registered' == $_GET['checkemail'] ) $errors->add('registered', __('Registration complete. Please check your e-mail.')); 
     354        if              ( isset($_GET['loggedout']) && TRUE == $_GET['loggedout'] )                     $errors->add('loggedout', __('You are now logged out.')); 
     355        elseif  ( isset($_GET['registration']) && 'disabled' == $_GET['registration'] ) $errors->add('registerdiabled', __('User registration is currently not allowed.')); 
     356        elseif  ( isset($_GET['checkemail']) && 'confirm' == $_GET['checkemail'] )      $errors->add('confirm', __('Check your e-mail for the confirmation link.')); 
     357        elseif  ( isset($_GET['checkemail']) && 'newpass' == $_GET['checkemail'] )      $errors->add('newpass', __('Check your e-mail for your new password.')); 
     358        elseif  ( isset($_GET['checkemail']) && 'registered' == $_GET['checkemail'] )   $errors->add('registered', __('Registration complete. Please check your e-mail.')); 
    359359 
    360360        login_header(__('Login'), '', $errors); 
    361361?> 
    362362 
    363363<form name="loginform" id="loginform" action="wp-login.php" method="post"> 
    364 <?php if ( !in_array( $_GET['checkemail'], array('confirm', 'newpass') ) ) : ?> 
     364<?php if ( !isset($_GET['checkemail']) || !in_array( $_GET['checkemail'], array('confirm', 'newpass') ) ) : ?> 
    365365        <p> 
    366366                <label><?php _e('Username') ?><br /> 
    367367                <input type="text" name="log" id="user_login" class="input" value="<?php echo attribute_escape(stripslashes($user_login)); ?>" size="20" tabindex="10" /></label> 
     
    384384</form> 
    385385 
    386386<p id="nav"> 
    387 <?php if ( in_array( $_GET['checkemail'], array('confirm', 'newpass') ) ) : ?> 
     387<?php if ( isset($_GET['checkemail']) && in_array( $_GET['checkemail'], array('confirm', 'newpass') ) ) : ?> 
    388388<?php elseif (get_option('users_can_register')) : ?> 
    389389<a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=register"><?php _e('Register') ?></a> | 
    390390<a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=lostpassword" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a>