WordPress.org

Make WordPress Core


Ignore:
Location:
branches/3.1
Files:
26 edited

Legend:

Unmodified
Added
Removed
  • branches/3.1/readme.html

    r18044 r17716  
    99<h1 id="logo">
    1010    <a href="http://wordpress.org/"><img alt="WordPress" src="wp-admin/images/wordpress-logo.png" width="250" height="68" /></a>
    11     <br /> Version 3.1.3
     11    <br /> Version 3.1.2
    1212</h1>
    1313<p style="text-align: center">Semantic Personal Publishing Platform</p>
  • branches/3.1/wp-admin/admin-ajax.php

    r18044 r17716  
    397397        die('1');
    398398
    399     if ( !current_user_can( 'edit_post', $meta->post_id ) || is_protected_meta( $meta->meta_key ) )
     399    if ( !current_user_can( 'edit_post', $meta->post_id ) )
    400400        die('-1');
    401401    if ( delete_meta( $meta->meta_id ) )
     
    856856        if ( !current_user_can( 'edit_post', $meta->post_id ) )
    857857            die('-1');
    858         if ( is_protected_meta( $meta->meta_key ) )
    859             die('-1');
    860858        if ( $meta->meta_value != stripslashes($value) || $meta->meta_key != stripslashes($key) ) {
    861859            if ( !$u = update_meta( $mid, $key, $value ) )
  • branches/3.1/wp-admin/custom-background.php

    r18044 r17716  
    338338            'post_content' => $url,
    339339            'post_mime_type' => $type,
    340             'guid' => $url,
    341             'context' => 'custom-background'
     340            'guid' => $url
    342341        );
    343342
  • branches/3.1/wp-admin/custom-header.php

    r18044 r17716  
    596596        'post_content' => $url,
    597597        'post_mime_type' => $type,
    598         'guid' => $url,
    599         'context' => 'custom-header');
     598        'guid' => $url);
    600599
    601600        // Save the data
     
    689688            'post_content' => $url,
    690689            'post_mime_type' => 'image/jpeg',
    691             'guid' => $url,
    692             'context' => 'custom-header'
     690            'guid' => $url
    693691        );
    694692
  • branches/3.1/wp-admin/includes/class-wp-plugins-list-table.php

    r18044 r17716  
    196196    }
    197197
     198    function display_tablenav( $which ) {
     199        global $status;
     200
     201        if ( !in_array( $status, array( 'mustuse', 'dropins' ) ) )
     202            parent::display_tablenav( $which );
     203    }
     204
    198205    function get_views() {
    199206        global $totals, $status;
     
    280287        global $status;
    281288
    282         if ( ! in_array($status, array('recently_activated', 'mustuse', 'dropins') ) )
    283             return;
    284 
    285         echo '<div class="alignleft actions">';
    286 
    287         if ( 'recently_activated' == $status )
    288             submit_button( __( 'Clear List' ), 'secondary', 'clear-recent-list', false );
    289         elseif ( 'top' == $which && 'mustuse' == $status )
    290             echo '<p>' . __( 'Files in the <code>/wp-content/mu-plugins</code> directory are executed automatically.' ) . '</p>';
    291         elseif ( 'top' == $which && 'dropins' == $status )
    292             echo '<p>' . __( 'Drop-ins are advanced plugins in the <code>/wp-content</code> directory that replace WordPress functionality when present.' ) . '</p>';
    293 
    294         echo '</div>';
     289        if ( 'recently_activated' == $status ) { ?>
     290            <div class="alignleft actions">
     291                <?php submit_button( __( 'Clear List' ), 'secondary', 'clear-recent-list', false ); ?>
     292            </div>
     293        <?php }
    295294    }
    296295
  • branches/3.1/wp-admin/includes/import.php

    r18044 r17716  
    8181        'post_content' => $url,
    8282        'post_mime_type' => $type,
    83         'guid' => $url,
    84         'context' => 'import',
    85         'post_status' => 'private'
     83        'guid' => $url
    8684    );
    8785
     
    8987    $id = wp_insert_attachment( $object, $file );
    9088
    91     // schedule a cleanup for one day from now in case of failed import or missing wp_import_cleanup() call
    92     wp_schedule_single_event( time() + 86400, 'importer_scheduled_cleanup', array( $id ) );
    93 
    9489    return array( 'file' => $file, 'id' => $id );
    9590}
  • branches/3.1/wp-admin/includes/media.php

    r18044 r17716  
    11931193    $toggle_off = __( 'Hide' );
    11941194
    1195     $filename = esc_html( basename( $post->guid ) );
     1195    $filename = basename( $post->guid );
    11961196    $title = esc_attr( $post->post_title );
    11971197
  • branches/3.1/wp-admin/includes/post.php

    r18044 r17716  
    139139    $post = get_post( $post_ID );
    140140    $post_data['post_type'] = $post->post_type;
    141     $post_data['post_mime_type'] = $post->post_mime_type;
    142141
    143142    $ptype = get_post_type_object($post_data['post_type']);
     
    201200            if ( $meta->post_id != $post_ID )
    202201                continue;
    203             if ( is_protected_meta( $value['key'] ) )
    204                 continue;
    205202            update_meta( $key, $value['key'], $value['value'] );
    206203        }
     
    212209                continue;
    213210            if ( $meta->post_id != $post_ID )
    214                 continue;
    215             if ( is_protected_meta( $meta->meta_key ) )
    216211                continue;
    217212            delete_meta( $key );
     
    533528    }
    534529
    535     $_POST['post_mime_type'] = '';
    536 
    537530    // Check for autosave collisions
    538531    // Does this need to be updated? ~ Mark
     
    640633    $post_ID = (int) $post_ID;
    641634
     635    $protected = array( '_wp_attached_file', '_wp_attachment_metadata', '_wp_old_slug', '_wp_page_template' );
     636
    642637    $metakeyselect = isset($_POST['metakeyselect']) ? stripslashes( trim( $_POST['metakeyselect'] ) ) : '';
    643638    $metakeyinput = isset($_POST['metakeyinput']) ? stripslashes( trim( $_POST['metakeyinput'] ) ) : '';
     
    656651            $metakey = $metakeyinput; // default
    657652
    658         if ( is_protected_meta( $metakey ) )
     653        if ( in_array($metakey, $protected) )
    659654            return false;
    660655
     
    762757    global $wpdb;
    763758
     759    $protected = array( '_wp_attached_file', '_wp_attachment_metadata', '_wp_old_slug', '_wp_page_template' );
     760
    764761    $meta_key = stripslashes($meta_key);
    765762
    766     if ( is_protected_meta( $meta_key ) )
     763    if ( in_array($meta_key, $protected) )
    767764        return false;
    768765
     
    997994    $q['cat'] = isset( $q['cat'] ) ? (int) $q['cat'] : 0;
    998995    $q['post_type'] = 'attachment';
    999     $post_type = get_post_type_object( 'attachment' );
    1000     $states = array( 'inherit' );
    1001     if ( current_user_can( $post_type->cap->read_private_posts ) )
    1002         $states[] = 'private';
    1003 
    1004     $q['post_status'] = isset( $q['status'] ) && 'trash' == $q['status'] ? 'trash' : $states;
     996    $q['post_status'] = isset( $q['status'] ) && 'trash' == $q['status'] ? 'trash' : 'inherit';
    1005997    $media_per_page = (int) get_user_option( 'upload_per_page' );
    1006998    if ( empty( $media_per_page ) || $media_per_page < 1 )
  • branches/3.1/wp-admin/includes/template.php

    r18044 r17716  
    466466function _list_meta_row( $entry, &$count ) {
    467467    static $update_nonce = false;
    468 
    469     if ( is_protected_meta( $entry['meta_key'] ) )
    470         return;
    471 
    472468    if ( !$update_nonce )
    473469        $update_nonce = wp_create_nonce( 'add-meta' );
  • branches/3.1/wp-admin/includes/update-core.php

    r18044 r17716  
    295295    $required_php_version = '4.3';
    296296    $required_mysql_version = '4.1.2';
    297     $wp_version = '3.1.3';
     297    $wp_version = '3.1.2';
    298298    $php_compat     = version_compare( $php_version, $required_php_version, '>=' );
    299299    $mysql_compat   = version_compare( $mysql_version, $required_mysql_version, '>=' ) || file_exists( WP_CONTENT_DIR . '/db.php' );
  • branches/3.1/wp-admin/ms-delete-site.php

    r18044 r17716  
    3535
    3636if ( isset( $_POST['action'] ) && $_POST['action'] == 'deleteblog' && isset( $_POST['confirmdelete'] ) && $_POST['confirmdelete'] == '1' ) {
    37     check_admin_referer( 'delete-blog' );
    38 
    3937    $hash = wp_generate_password( 20, false );
    4038    update_option( 'delete_blog_hash', $hash );
     
    7169
    7270    <form method="post" name="deletedirect">
    73         <?php wp_nonce_field( 'delete-blog' ) ?>
    7471        <input type="hidden" name="action" value="deleteblog" />
    7572        <p><input id="confirmdelete" type="checkbox" name="confirmdelete" value="1" /> <label for="confirmdelete"><strong><?php printf( __( "I'm sure I want to permanently disable my site, and I am aware I can never get it back or use %s again." ), is_subdomain_install() ? $current_blog->domain : $current_blog->domain . $current_blog->path ); ?></strong></label></p>
    7673        <?php submit_button( __( 'Delete My Site Permanently' ) ); ?>
    7774    </form>
    78     <?php
     75    <?php
    7976}
    8077echo '</div>';
  • branches/3.1/wp-admin/plugins.php

    r18044 r17716  
    408408<input type="hidden" name="paged" value="<?php echo esc_attr($page) ?>" />
    409409
     410<?php
     411if ( 'mustuse' == $status )
     412    echo '<br class="clear" /><p>' . __( 'Files in the <code>/wp-content/mu-plugins</code> directory are executed automatically.' ) . '</p>';
     413elseif ( 'dropins' == $status )
     414    echo '<br class="clear" /><p>' . __( 'Drop-ins are advanced plugins in the <code>/wp-content</code> directory that replace WordPress functionality when present.' ) . '</p>';
     415?>
     416
    410417<?php $wp_list_table->display(); ?>
    411418</form>
  • branches/3.1/wp-admin/press-this.php

    r18044 r17716  
    226226                    else
    227227                        $src = 'http://'.str_replace('//','/', $host['host'].'/'.dirname($host['path']).'/'.$src);
    228                 $sources[] = esc_url($src);
     228                $sources[] = esc_attr($src);
    229229            }
    230230            return "'" . implode("','", $sources) . "'";
  • branches/3.1/wp-app.php

    r18044 r17716  
    608608        $slug = '';
    609609        if ( isset( $_SERVER['HTTP_SLUG'] ) )
    610             $slug = $_SERVER['HTTP_SLUG'];
     610            $slug = sanitize_file_name( $_SERVER['HTTP_SLUG'] );
    611611        elseif ( isset( $_SERVER['HTTP_TITLE'] ) )
    612             $slug = $_SERVER['HTTP_TITLE'];
     612            $slug = sanitize_file_name( $_SERVER['HTTP_TITLE'] );
    613613        elseif ( empty( $slug ) ) // just make a random name
    614614            $slug = substr( md5( uniqid( microtime() ) ), 0, 7);
    615615        $ext = preg_replace( '|.*/([a-z0-9]+)|', '$1', $_SERVER['CONTENT_TYPE'] );
    616         $slug = sanitize_file_name( "$slug.$ext" );
     616        $slug = "$slug.$ext";
    617617        $file = wp_upload_bits( $slug, NULL, $bits);
    618618
  • branches/3.1/wp-includes/canonical.php

    r18044 r17716  
    142142        } elseif ( is_author() && !empty($_GET['author']) && preg_match( '|^[0-9]+$|', $_GET['author'] ) ) {
    143143            $author = get_userdata(get_query_var('author'));
    144             if ( ( false !== $author ) && $wpdb->get_var( $wpdb->prepare( "SELECT ID FROM $wpdb->posts WHERE $wpdb->posts.post_author = %d AND $wpdb->posts.post_status = 'publish' LIMIT 1", $author->ID ) ) ) {
    145                 if ( $redirect_url = get_author_posts_url($author->ID, $author->user_nicename) )
    146                     $redirect['query'] = remove_query_arg('author', $redirect['query']);
    147             }
     144            if ( false !== $author && $redirect_url = get_author_posts_url($author->ID, $author->user_nicename) )
     145                $redirect['query'] = remove_query_arg('author', $redirect['query']);
    148146        } elseif ( is_category() || is_tag() || is_tax() ) { // Terms (Tags/categories)
    149147
  • branches/3.1/wp-includes/class-oembed.php

    r18044 r17716  
    166166        $args = wp_parse_args( $args, wp_embed_defaults() );
    167167
    168         $provider = add_query_arg( 'maxwidth', (int) $args['width'], $provider );
    169         $provider = add_query_arg( 'maxheight', (int) $args['height'], $provider );
     168        $provider = add_query_arg( 'maxwidth', $args['width'], $provider );
     169        $provider = add_query_arg( 'maxheight', $args['height'], $provider );
    170170        $provider = add_query_arg( 'url', urlencode($url), $provider );
    171171
  • branches/3.1/wp-includes/default-filters.php

    r18044 r17716  
    5959// Save URL
    6060foreach ( array( 'pre_comment_author_url', 'pre_user_url', 'pre_link_url', 'pre_link_image',
    61     'pre_link_rss', 'pre_post_guid' ) as $filter ) {
     61    'pre_link_rss' ) as $filter ) {
    6262    add_filter( $filter, 'wp_strip_all_tags' );
    6363    add_filter( $filter, 'esc_url_raw'       );
     
    6666
    6767// Display URL
    68 foreach ( array( 'user_url', 'link_url', 'link_image', 'link_rss', 'comment_url', 'post_guid' ) as $filter ) {
     68foreach ( array( 'user_url', 'link_url', 'link_image', 'link_rss', 'comment_url' ) as $filter ) {
    6969    if ( is_admin() )
    7070        add_filter( $filter, 'wp_strip_all_tags' );
     
    8686    add_filter( $filter, 'sanitize_key' );
    8787}
    88 
    89 // Mime types
    90 add_filter( 'pre_post_mime_type', 'sanitize_mime_type' );
    91 add_filter( 'post_mime_type', 'sanitize_mime_type' );
    9288
    9389// Places to balance tags on input
     
    223219add_action( 'login_head',          'wp_print_head_scripts',         9     );
    224220add_action( 'login_footer',        'wp_print_footer_scripts'              );
    225 add_action( 'login_init',          'send_frame_options_header',     10, 0 );
    226221
    227222// Feed Generator Tags
     
    255250add_action( 'comment_form', 'wp_comment_form_unfiltered_html_nonce'        );
    256251add_action( 'wp_scheduled_delete',        'wp_scheduled_delete'            );
    257 add_action( 'admin_init',                 'send_frame_options_header', 10, 0 );
    258 add_action( 'importer_scheduled_cleanup', 'wp_delete_attachment'           );
    259252
    260253// Navigation menu actions
  • branches/3.1/wp-includes/formatting.php

    r18044 r17716  
    719719            $allowed = false;
    720720            foreach ( $mimes as $ext_preg => $mime_match ) {
    721                 $ext_preg = '!^(' . $ext_preg . ')$!i';
     721                $ext_preg = '!(^' . $ext_preg . ')$!i';
    722722                if ( preg_match( $ext_preg, $part ) ) {
    723723                    $allowed = true;
     
    29042904}
    29052905
    2906 /**
    2907  * Sanitize a mime type
    2908  *
    2909  * @since 3.1.3
    2910  *
    2911  * @param string $mime_type Mime type
    2912  * @return string Sanitized mime type
    2913  */
    2914 function sanitize_mime_type( $mime_type ) {
    2915     $sani_mime_type = preg_replace( '/[^-*.a-zA-Z0-9\/]/', '', $mime_type );
    2916     return apply_filters( 'sanitize_mime_type', $sani_mime_type, $mime_type );
    2917 }
    2918 
    29192906?>
  • branches/3.1/wp-includes/functions.php

    r18044 r17716  
    44834483}
    44844484
    4485 /**
    4486  * Send a HTTP header to limit rendering of pages to same origin iframes.
    4487  *
    4488  * @link https://developer.mozilla.org/en/the_x-frame-options_response_header
    4489  *
    4490  * @since 3.1.3
    4491  * @return none
    4492  */
    4493 function send_frame_options_header() {
    4494     @header( 'X-Frame-Options: SAMEORIGIN' );
    4495 }
    4496 
    44974485?>
  • branches/3.1/wp-includes/meta.php

    r18044 r17716  
    4646    $meta_key = stripslashes($meta_key);
    4747    $meta_value = stripslashes_deep($meta_value);
    48     $meta_value = sanitize_meta( $meta_key, $meta_value, $meta_type );
    4948
    5049    $check = apply_filters( "add_{$meta_type}_metadata", null, $object_id, $meta_key, $meta_value, $unique );
     
    115114    $meta_key = stripslashes($meta_key);
    116115    $meta_value = stripslashes_deep($meta_value);
    117     $meta_value = sanitize_meta( $meta_key, $meta_value, $meta_type );
    118116
    119117    $check = apply_filters( "update_{$meta_type}_metadata", null, $object_id, $meta_key, $meta_value, $prev_value );
     
    491489    return $wpdb->$table_name;
    492490}
    493 
    494 /**
    495  * Determine whether a meta key is protected
    496  *
    497  * @since 3.1.3
    498  *
    499  * @param string $meta_key Meta key
    500  * @return bool True if the key is protected, false otherwise.
    501  */
    502 function is_protected_meta( $meta_key, $meta_type = null ) {
    503     $protected = (  '_' == $meta_key[0] );
    504 
    505     return apply_filters( 'is_protected_meta', $protected, $meta_key, $meta_type );
    506 }
    507 
    508 /**
    509  * Sanitize meta value
    510  *
    511  * @since 3.1.3
    512  *
    513  * @param string $meta_key Meta key
    514  * @param mixed $meta_value Meta value to sanitize
    515  * @param string $meta_type Type of meta
    516  * @return mixed Sanitized $meta_value
    517  */
    518 function sanitize_meta( $meta_key, $meta_value, $meta_type = null ) {
    519     return apply_filters( 'sanitize_meta', $meta_value, $meta_key, $meta_type );
    520 }
    521 
    522491?>
  • branches/3.1/wp-includes/post.php

    r18044 r17716  
    558558        return false;
    559559
    560     if ( 'attachment' == $post->post_type ) {
    561         if ( 'private' == $post->post_status )
    562             return 'private';
    563 
    564         // Unattached attachments are assumed to be published
    565         if ( ( 'inherit' == $post->post_status ) && ( 0 == $post->post_parent) )
    566             return 'publish';
    567 
    568         // Inherit status from the parent
    569         if ( $post->post_parent && ( $post->ID != $post->post_parent ) )
    570             return get_post_status($post->post_parent);
    571     }
     560    // Unattached attachments are assumed to be published.
     561    if ( ('attachment' == $post->post_type) && ('inherit' == $post->post_status) && ( 0 == $post->post_parent) )
     562        return 'publish';
     563
     564    if ( ('attachment' == $post->post_type) && $post->post_parent && ($post->ID != $post->post_parent) )
     565        return get_post_status($post->post_parent);
    572566
    573567    return $post->post_status;
     
    35393533    global $wpdb, $user_ID;
    35403534
    3541     $defaults = array('post_status' => 'inherit', 'post_type' => 'post', 'post_author' => $user_ID,
     3535    $defaults = array('post_status' => 'draft', 'post_type' => 'post', 'post_author' => $user_ID,
    35423536        'ping_status' => get_option('default_ping_status'), 'post_parent' => 0,
    35433537        'menu_order' => 0, 'to_ping' =>  '', 'pinged' => '', 'post_password' => '',
    3544         'guid' => '', 'post_content_filtered' => '', 'post_excerpt' => '', 'import_id' => 0, 'context' => '');
     3538        'guid' => '', 'post_content_filtered' => '', 'post_excerpt' => '', 'import_id' => 0);
    35453539
    35463540    $object = wp_parse_args($object, $defaults);
     
    35573551
    35583552    $post_type = 'attachment';
    3559 
    3560     if ( ! in_array( $post_status, array( 'inherit', 'private' ) ) )
    3561         $post_status = 'inherit';
     3553    $post_status = 'inherit';
    35623554
    35633555    // Make sure we set a valid category.
     
    36613653    if ( isset($post_parent) && $post_parent < 0 )
    36623654        add_post_meta($post_ID, '_wp_attachment_temp_parent', $post_parent, true);
    3663 
    3664     if ( ! empty( $context ) )
    3665         add_post_meta( $post_ID, '_wp_attachment_context', $context, true );
    36663655
    36673656    if ( $update) {
  • branches/3.1/wp-includes/query.php

    r18044 r17716  
    22322232        }
    22332233
     2234        if ( !empty( $this->tax_query->queries ) || !empty( $q['meta_key'] ) ) {
     2235            $groupby = "{$wpdb->posts}.ID";
     2236        }
     2237
    22342238        // Author/user stuff
    22352239
     
    24752479            $join .= $clauses['join'];
    24762480            $where .= $clauses['where'];
    2477         }
    2478 
    2479         if ( ! empty( $this->tax_query->queries ) || ! empty( $q['meta_query'] ) ) {
    2480             $groupby = "{$wpdb->posts}.ID";
    24812481        }
    24822482
  • branches/3.1/wp-includes/taxonomy.php

    r18044 r17716  
    12561256    }
    12571257
    1258     if ( !empty($name__like) ) {
    1259         $name__like = like_escape( $name__like );
    1260         $where .= $wpdb->prepare( " AND t.name LIKE %s", $name__like . '%' );
    1261     }
     1258    if ( !empty($name__like) )
     1259        $where .= " AND t.name LIKE '" . like_escape( $name__like ) . "%'";
    12621260
    12631261    if ( '' !== $parent ) {
     
    12811279    if ( !empty($search) ) {
    12821280        $search = like_escape($search);
    1283         $where .= $wpdb->prepare( " AND (t.name LIKE %s)", '%' . $search . '%');
     1281        $where .= " AND (t.name LIKE '%$search%')";
    12841282    }
    12851283
  • branches/3.1/wp-includes/theme.php

    r18044 r17716  
    14361436        $url = str_replace( 'https://', 'http://', $url );
    14371437
    1438     return esc_url_raw( $url );
     1438    return $url;
    14391439}
    14401440
  • branches/3.1/wp-includes/version.php

    r18044 r17716  
    2323 * @global string $wp_version
    2424 */
    25 $wp_version = '3.1.3';
     25$wp_version = '3.1.2';
    2626
    2727/**
  • branches/3.1/wp-login.php

    r18044 r17716  
    369369
    370370// allow plugins to override the default actions, and to add extra actions if they want
    371 do_action( 'login_init' );
    372 do_action( 'login_form_' . $action );
     371do_action('login_form_' . $action);
    373372
    374373$http_post = ('POST' == $_SERVER['REQUEST_METHOD']);
Note: See TracChangeset for help on using the changeset viewer.