Make WordPress Core


Ignore:
Location:
branches/2.8
Files:
8 edited

Legend:

Unmodified
Added
Removed
  • branches/2.8/readme.html

    r11700 r11729  
    99<h1 id="logo" style="text-align: center">
    1010    <img alt="WordPress" src="wp-admin/images/wordpress-logo.png" />
    11     <br /> Version 2.8.1
     11    <br /> Version 2.8.2
    1212</h1>
    1313<p style="text-align: center">Semantic Personal Publishing Platform</p>
     
    3030<h1>Upgrading</h1>
    3131<p>Before you upgrade anything, make sure you have backup copies of any files you may have modified such as <code>index.php</code>.</p>
    32 <h2>Upgrading from any previous WordPress to 2.8.1:</h2>
     32<h2>Upgrading from any previous WordPress to 2.8.2:</h2>
    3333<ol>
    3434    <li>Delete your old WP files, saving ones you've modified.</li>
  • branches/2.8/wp-admin/comment.php

    r11700 r11729  
    2323 * @param string $msg Error Message. Assumed to contain HTML and be sanitized.
    2424 */
    25 function comment_footer_die( $msg ) {  //
     25function comment_footer_die( $msg ) {
    2626    echo "<div class='wrap'><p>$msg</p></div>";
    2727    include('admin-footer.php');
     
    120120<tr>
    121121<th scope="row"><?php _e('URL'); ?></th>
    122 <td><a href='<?php echo $comment->comment_author_url; ?>'><?php echo $comment->comment_author_url; ?></a></td>
     122<td><a href="<?php echo $comment->comment_author_url; ?>"><?php echo $comment->comment_author_url; ?></a></td>
    123123</tr>
    124124<?php } ?>
  • branches/2.8/wp-admin/edit-form-comment.php

    r11700 r11729  
    1414$form_action = 'editedcomment';
    1515$form_extra = "' />\n<input type='hidden' name='comment_ID' value='" . esc_attr($comment->comment_ID) . "' />\n<input type='hidden' name='comment_post_ID' value='" . esc_attr($comment->comment_post_ID);
     16$comment->comment_author_email = esc_attr($comment->comment_author_email);
    1617?>
    1718
     
    2526<input type="hidden" name="user_ID" value="<?php echo (int) $user_ID ?>" />
    2627<input type="hidden" name="action" value='<?php echo $form_action . $form_extra ?>' />
    27 <?php
    28 
    29 $email = esc_attr( $comment->comment_author_email );
    30 $url = esc_attr( $comment->comment_author_url );
    31 // add_meta_box('submitdiv', __('Save'), 'comment_submit_meta_box', 'comment', 'side', 'core');
    32 ?>
    3328
    3429<div id="side-info-column" class="inner-sidebar">
     
    9691    <td class="first">
    9792    <?php
    98         if ( $email ) {
     93        if ( $comment->comment_author_email ) {
    9994            printf( __( 'E-mail (%s):' ), get_comment_author_email_link( __( 'send e-mail' ), '', '' ) );
    10095        } else {
     
    10297        }
    10398?></td>
    104     <td><input type="text" name="newcomment_author_email" size="30" value="<?php echo esc_attr($email); ?>" tabindex="2" id="email" /></td>
     99    <td><input type="text" name="newcomment_author_email" size="30" value="<?php echo $comment->comment_author_email; ?>" tabindex="2" id="email" /></td>
    105100</tr>
    106101<tr valign="top">
    107102    <td class="first">
    108103    <?php
    109         $url = get_comment_author_url();
    110         if ( ! empty( $url ) && 'http://' != $url ) {
    111             $link = "<a href='$url' rel='external nofollow' target='_blank'>" . __('visit site') . "</a>";
     104        if ( ! empty( $comment->comment_author_url ) && 'http://' != $comment->comment_author_url ) {
     105            $link = '<a href="' . $comment->comment_author_url . '" rel="external nofollow" target="_blank">' . __('visit site') . '</a>';
    112106            printf( __( 'URL (%s):' ), apply_filters('get_comment_author_link', $link ) );
    113107        } else {
  • branches/2.8/wp-admin/includes/comment.php

    r11700 r11729  
    9090    $comment->comment_author = format_to_edit( $comment->comment_author );
    9191    $comment->comment_author_email = format_to_edit( $comment->comment_author_email );
     92    $comment->comment_author_url = format_to_edit( $comment->comment_author_url );
    9293    $comment->comment_author_url = esc_url($comment->comment_author_url);
    93     $comment->comment_author_url = format_to_edit( $comment->comment_author_url );
    9494
    9595    return $comment;
  • branches/2.8/wp-admin/includes/template.php

    r11700 r11729  
    20862086    if ( 'http://' == $author_url )
    20872087        $author_url = '';
    2088     $author_url_display = $author_url;
    2089     $author_url_display = str_replace('http://www.', '', $author_url_display);
    2090     $author_url_display = str_replace('http://', '', $author_url_display);
     2088    $author_url_display = preg_replace('|http://(www\.)?|i', '', $author_url);
    20912089    if ( strlen($author_url_display) > 50 )
    20922090        $author_url_display = substr($author_url_display, 0, 49) . '...';
  • branches/2.8/wp-includes/comment-template.php

    r11700 r11729  
    195195    global $comment;
    196196    $url = ('http://' == $comment->comment_author_url) ? '' : $comment->comment_author_url;
     197    $url = esc_url( $url, array('http', 'https') );
    197198    return apply_filters('get_comment_author_url', $url);
    198199}
     
    818819
    819820    $req = get_option('require_name_email');
     821
     822    /**
     823     * Comment author information fetched from the comment cookies.
     824     *
     825     * @uses wp_get_current_commenter()
     826     */
    820827    $commenter = wp_get_current_commenter();
    821     extract($commenter, EXTR_SKIP);
     828
     829    /**
     830     * The name of the current comment author escaped for use in attributes.
     831     */
     832    $comment_author = $commenter['comment_author']; // Escaped by sanitize_comment_cookies()
     833
     834    /**
     835     * The email address of the current comment author escaped for use in attributes.
     836     */
     837    $comment_author_email = $commenter['comment_author_email'];  // Escaped by sanitize_comment_cookies()
     838
     839    /**
     840     * The url of the current comment author escaped for use in attributes.
     841     */
     842    $comment_author_url = esc_url($commenter['comment_author_url']);
    822843
    823844    /** @todo Use API instead of SELECTs. */
  • branches/2.8/wp-includes/default-widgets.php

    r11700 r11729  
    713713            $desc = esc_attr(strip_tags(@html_entity_decode($rss->get_description(), ENT_QUOTES, get_option('blog_charset'))));
    714714            if ( empty($title) )
    715                 $title = htmlentities(strip_tags($rss->get_title()));
     715                $title = esc_html(strip_tags($rss->get_title()));
    716716            $link = esc_url(strip_tags($rss->get_permalink()));
    717717            while ( stristr($link, 'http') != $link )
  • branches/2.8/wp-includes/version.php

    r11700 r11729  
    99 * @global string $wp_version
    1010 */
    11 $wp_version = '2.8.1';
     11$wp_version = '2.8.2';
    1212
    1313/**
Note: See TracChangeset for help on using the changeset viewer.