WordPress.org

Make WordPress Core


Ignore:
Location:
branches/3.1
Files:
19 edited

Legend:

Unmodified
Added
Removed
  • branches/3.1/readme.html

    r18044 r18378  
    99<h1 id="logo">
    1010    <a href="http://wordpress.org/"><img alt="WordPress" src="wp-admin/images/wordpress-logo.png" width="250" height="68" /></a>
    11     <br /> Version 3.1.3
     11    <br /> Version 3.1.4
    1212</h1>
    1313<p style="text-align: center">Semantic Personal Publishing Platform</p>
  • branches/3.1/wp-admin/custom-header.php

    r18044 r18378  
    597597        'post_mime_type' => $type,
    598598        'guid' => $url,
    599         'context' => 'custom-header');
     599        'context' => 'custom-header'
     600        );
    600601
    601602        // Save the data
  • branches/3.1/wp-admin/includes/deprecated.php

    r18044 r18378  
    455455        _deprecated_function( __FUNCTION__, '3.1', 'WP_User_Query' );
    456456
    457         $this->search_term = $search_term;
     457        $this->search_term = stripslashes( $search_term );
    458458        $this->raw_page = ( '' == $page ) ? false : (int) $page;
    459459        $this->page = (int) ( '' == $page ) ? 1 : $page;
     
    486486            $search_sql = 'AND (';
    487487            foreach ( array('user_login', 'user_nicename', 'user_email', 'user_url', 'display_name') as $col )
    488                 $searches[] = $col . " LIKE '%$this->search_term%'";
     488                $searches[] = $wpdb->prepare( $col . ' LIKE %s', '%' . like_escape($this->search_term) . '%' );
    489489            $search_sql .= implode(' OR ', $searches);
    490490            $search_sql .= ')';
  • branches/3.1/wp-admin/includes/media.php

    r18044 r18378  
    229229    ), $post_data );
    230230
     231    // This should never be set as it would then overwrite an existing attachment.
     232    if ( isset( $attachment['ID'] ) )
     233        unset( $attachment['ID'] );
     234
    231235    // Save the data
    232236    $id = wp_insert_attachment($attachment, $file, $post_id);
     
    281285        'post_content' => $content,
    282286    ), $post_data );
     287
     288    // This should never be set as it would then overwrite an existing attachment.
     289    if ( isset( $attachment['ID'] ) )
     290        unset( $attachment['ID'] );
    283291
    284292    // Save the attachment metadata
     
    420428    if ( !empty($_POST['attachments']) ) foreach ( $_POST['attachments'] as $attachment_id => $attachment ) {
    421429        $post = $_post = get_post($attachment_id, ARRAY_A);
     430        $post_type_object = get_post_type_object( $post[ 'post_type' ] );
     431
     432        if ( !current_user_can( $post_type_object->cap->edit_post, $attachment_id ) )
     433            continue;
     434
    422435        if ( isset($attachment['post_content']) )
    423436            $post['post_content'] = $attachment['post_content'];
  • branches/3.1/wp-admin/includes/post.php

    r18044 r18378  
    136136        $post_data = &$_POST;
    137137
     138    // Clear out any data in internal vars.
     139    unset( $post_data['filter'] );
     140
    138141    $post_ID = (int) $post_data['post_ID'];
    139142    $post = get_post( $post_ID );
     
    342345        }
    343346
    344         $tax_names = get_object_taxonomies( get_post($post_ID) );
     347        $post = get_post( $post_ID );
     348        $tax_names = get_object_taxonomies( $post );
    345349        foreach ( $tax_names as $tax_name ) {
    346350            $taxonomy_obj = get_taxonomy($tax_name);
     
    363367            unset( $post_data['tax_input']['category'] );
    364368        }
     369
     370        $post_data['post_mime_type'] = $post->post_mime_type;
     371        $post_data['guid'] = $post->guid;
    365372
    366373        $post_data['ID'] = $post_ID;
     
    535542    $_POST['post_mime_type'] = '';
    536543
     544    // Clear out any data in internal vars.
     545    unset( $_POST['filter'] );
     546
    537547    // Check for autosave collisions
    538548    // Does this need to be updated? ~ Mark
     
    552562            return edit_post();
    553563        }
     564    }
     565
     566    // Edit don't write if we have a post id.
     567    if ( isset( $_POST['ID'] ) ) {
     568        $_POST['post_ID'] = $_POST['ID'];
     569        unset ( $_POST['ID'] );
     570    }
     571    if ( isset( $_POST['post_ID'] ) ) {
     572        return edit_post();
    554573    }
    555574
     
    9981017    $q['post_type'] = 'attachment';
    9991018    $post_type = get_post_type_object( 'attachment' );
    1000     $states = array( 'inherit' );
     1019    $states = 'inherit';
    10011020    if ( current_user_can( $post_type->cap->read_private_posts ) )
    1002         $states[] = 'private';
     1021        $states .= ',private';
    10031022
    10041023    $q['post_status'] = isset( $q['status'] ) && 'trash' == $q['status'] ? 'trash' : $states;
  • branches/3.1/wp-admin/includes/update-core.php

    r18044 r18378  
    295295    $required_php_version = '4.3';
    296296    $required_mysql_version = '4.1.2';
    297     $wp_version = '3.1.3';
     297    $wp_version = '3.1.4';
    298298    $php_compat     = version_compare( $php_version, $required_php_version, '>=' );
    299299    $mysql_compat   = version_compare( $mysql_version, $required_mysql_version, '>=' ) || file_exists( WP_CONTENT_DIR . '/db.php' );
  • branches/3.1/wp-admin/js/user-profile.dev.js

    r18044 r18378  
    3030    }
    3131
    32     $(document).ready( function() {
     32    $(document).ready(function() {
    3333        $('#pass1').val('').keyup( check_pass_strength );
    3434        $('#pass2').val('').keyup( check_pass_strength );
    3535        $('#pass-strength-result').show();
    36         $('.color-palette').click(function(){$(this).siblings('input[name=admin_color]').attr('checked', 'checked')});
    37         $('#nickname').blur(function(){
    38             var str = $(this).val() || $('#user_login').val();
    39             var select = $('#display_name');
    40             var sel = select.children('option:selected').attr('id');
    41             select.children('#display_nickname').remove();
    42             if ( ! select.children('option[value=' + str + ']').length )
    43                 select.append('<option id="display_nickname" value="' + str + '">' + str + '</option>');
    44             $('#'+sel).attr('selected', 'selected');
     36        $('.color-palette').click(function(){$(this).siblings('input[name="admin_color"]').prop('checked', true)});
     37        $('#first_name, #last_name, #nickname').blur(function(){
     38            var select = $('#display_name'), current = select.find('option:selected').attr('id'), dub = [],
     39                inputs = {
     40                    display_nickname : $('#nickname').val(),
     41                    display_username : $('#user_login').val(),
     42                    display_firstname : $('#first_name').val(),
     43                    display_lastname : $('#last_name').val()
     44                };
     45
     46            if ( inputs.display_firstname && inputs.display_lastname ) {
     47                inputs['display_firstlast'] = inputs.display_firstname + ' ' + inputs.display_lastname;
     48                inputs['display_lastfirst'] = inputs.display_lastname + ' ' + inputs.display_firstname;
     49            }
     50
     51            $('option', select).remove();
     52            $.each(inputs, function( id, value ) {
     53                var val = value.replace(/<\/?[a-z][^>]*>/gi, '');
     54
     55                if ( inputs[id].length && $.inArray( val, dub ) == -1 ) {
     56                    dub.push(val);
     57                    $('<option />', {
     58                        'id': id,
     59                        'text': val,
     60                        'selected': (id == current)
     61                    }).appendTo( select );
     62                }
     63            });
    4564        });
    46         $('#first_name, #last_name').blur(function(){
    47             var select = $('#display_name');
    48             var first = $('#first_name').val(), last = $('#last_name').val();
    49             var sel = select.children('option:selected').attr('id');
    50             $('#display_firstname, #display_lastname, #display_firstlast, #display_lastfirst').remove();
    51             if ( first && ! select.children('option[value=' + first + ']').length )
    52                 select.append('<option id="display_firstname" value="' + first + '">' + first + '</option>');
    53             if ( last && ! select.children('option[value=' + last + ']').length )
    54                 select.append('<option id="display_lastname" value="' + last + '">' + last + '</option>');
    55             if ( first && last ) {
    56                 if ( ! select.children('option[value=' + first + ' ' + last + ']').length )
    57                     select.append('<option id="display_firstlast" value="' + first + ' ' + last + '">' + first + ' ' + last + '</option>');
    58                 if ( ! select.children('option[value=' + last + ' ' + first + ']').length )
    59                     select.append('<option id="display_lastfirst" value="' + last + ' ' + first + '">' + last + ' ' + first + '</option>');
    60             }
    61             $('#'+sel).attr('selected', 'selected');
    62         });
    63     });
     65    });
    6466
    6567})(jQuery);
  • branches/3.1/wp-admin/js/user-profile.js

    r18044 r18378  
    1 (function(a){function b(){var e=a("#pass1").val(),d=a("#user_login").val(),c=a("#pass2").val(),f;a("#pass-strength-result").removeClass("short bad good strong");if(!e){a("#pass-strength-result").html(pwsL10n.empty);return}f=passwordStrength(e,d,c);switch(f){case 2:a("#pass-strength-result").addClass("bad").html(pwsL10n.bad);break;case 3:a("#pass-strength-result").addClass("good").html(pwsL10n.good);break;case 4:a("#pass-strength-result").addClass("strong").html(pwsL10n.strong);break;case 5:a("#pass-strength-result").addClass("short").html(pwsL10n.mismatch);break;default:a("#pass-strength-result").addClass("short").html(pwsL10n["short"])}}a(document).ready(function(){a("#pass1").val("").keyup(b);a("#pass2").val("").keyup(b);a("#pass-strength-result").show();a(".color-palette").click(function(){a(this).siblings("input[name=admin_color]").attr("checked","checked")});a("#nickname").blur(function(){var e=a(this).val()||a("#user_login").val();var c=a("#display_name");var d=c.children("option:selected").attr("id");c.children("#display_nickname").remove();if(!c.children("option[value="+e+"]").length){c.append('<option id="display_nickname" value="'+e+'">'+e+"</option>")}a("#"+d).attr("selected","selected")});a("#first_name, #last_name").blur(function(){var c=a("#display_name");var f=a("#first_name").val(),d=a("#last_name").val();var e=c.children("option:selected").attr("id");a("#display_firstname, #display_lastname, #display_firstlast, #display_lastfirst").remove();if(f&&!c.children("option[value="+f+"]").length){c.append('<option id="display_firstname" value="'+f+'">'+f+"</option>")}if(d&&!c.children("option[value="+d+"]").length){c.append('<option id="display_lastname" value="'+d+'">'+d+"</option>")}if(f&&d){if(!c.children("option[value="+f+" "+d+"]").length){c.append('<option id="display_firstlast" value="'+f+" "+d+'">'+f+" "+d+"</option>")}if(!c.children("option[value="+d+" "+f+"]").length){c.append('<option id="display_lastfirst" value="'+d+" "+f+'">'+d+" "+f+"</option>")}}a("#"+e).attr("selected","selected")})})})(jQuery);
     1(function(a){function b(){var e=a("#pass1").val(),d=a("#user_login").val(),c=a("#pass2").val(),f;a("#pass-strength-result").removeClass("short bad good strong");if(!e){a("#pass-strength-result").html(pwsL10n.empty);return}f=passwordStrength(e,d,c);switch(f){case 2:a("#pass-strength-result").addClass("bad").html(pwsL10n.bad);break;case 3:a("#pass-strength-result").addClass("good").html(pwsL10n.good);break;case 4:a("#pass-strength-result").addClass("strong").html(pwsL10n.strong);break;case 5:a("#pass-strength-result").addClass("short").html(pwsL10n.mismatch);break;default:a("#pass-strength-result").addClass("short").html(pwsL10n["short"])}}a(document).ready(function(){a("#pass1").val("").keyup(b);a("#pass2").val("").keyup(b);a("#pass-strength-result").show();a(".color-palette").click(function(){a(this).siblings('input[name="admin_color"]').prop("checked",true)});a("#first_name, #last_name, #nickname").blur(function(){var c=a("#display_name"),e=c.find("option:selected").attr("id"),f=[],d={display_nickname:a("#nickname").val(),display_username:a("#user_login").val(),display_firstname:a("#first_name").val(),display_lastname:a("#last_name").val()};if(d.display_firstname&&d.display_lastname){d.display_firstlast=d.display_firstname+" "+d.display_lastname;d.display_lastfirst=d.display_lastname+" "+d.display_firstname}a("option",c).remove();a.each(d,function(i,g){var h=g.replace(/<\/?[a-z][^>]*>/gi,"");if(d[i].length&&a.inArray(h,f)==-1){f.push(h);a("<option />",{id:i,text:h,selected:(i==e)}).appendTo(c)}})})})})(jQuery);
  • branches/3.1/wp-admin/options-general.php

    r18044 r18378  
    128128if ( $new_admin_email && $new_admin_email != get_option('admin_email') ) : ?>
    129129<div class="updated inline">
    130 <p><?php printf( __('There is a pending change of the admin e-mail to <code>%1$s</code>. <a href="%2$s">Cancel</a>'), $new_admin_email, esc_url( admin_url( 'options.php?dismiss=new_admin_email' ) ) ); ?></p>
     130<p><?php printf( __('There is a pending change of the admin e-mail to <code>%1$s</code>. <a href="%2$s">Cancel</a>'), esc_html( $new_admin_email ), esc_url( admin_url( 'options.php?dismiss=new_admin_email' ) ) ); ?></p>
    131131</div>
    132132<?php endif; ?>
  • branches/3.1/wp-content/themes/twentyten/languages/twentyten.pot

    r18044 r18378  
    55"Project-Id-Version: Twenty Ten 1.2\n"
    66"Report-Msgid-Bugs-To: http://wordpress.org/tag/twentyten\n"
    7 "POT-Creation-Date: 2011-02-22 08:27:35+00:00\n"
     7"POT-Creation-Date: 2011-06-13 13:27:47+00:00\n"
    88"MIME-Version: 1.0\n"
    99"Content-Type: text/plain; charset=UTF-8\n"
     
    1717msgstr ""
    1818
     19#. translators: %s - title of parent post
    1920#: loop-attachment.php:23
    2021msgid "<span class=\"meta-nav\">&larr;</span> %s"
     
    187188msgstr ""
    188189
     190#. translators: header image description
    189191#: functions.php:140
    190192msgid "Berries"
    191193msgstr ""
    192194
     195#. translators: header image description
    193196#: functions.php:146
    194197msgid "Cherry Blossoms"
    195198msgstr ""
    196199
     200#. translators: header image description
    197201#: functions.php:152
    198202msgid "Concave"
    199203msgstr ""
    200204
     205#. translators: header image description
    201206#: functions.php:158
    202207msgid "Fern"
    203208msgstr ""
    204209
     210#. translators: header image description
    205211#: functions.php:164
    206212msgid "Forest Floor"
    207213msgstr ""
    208214
     215#. translators: header image description
    209216#: functions.php:170
    210217msgid "Inkwell"
    211218msgstr ""
    212219
     220#. translators: header image description
    213221#: functions.php:176
    214222msgid "Path"
    215223msgstr ""
    216224
     225#. translators: header image description
    217226#: functions.php:182
    218227msgid "Sunset"
     
    227236msgstr ""
    228237
     238#. translators: 1: date, 2: time
    229239#: functions.php:340
    230240msgid "%1$s at %2$s"
  • branches/3.1/wp-includes/bookmark.php

    r18044 r18378  
    214214    $orderby = strtolower($orderby);
    215215    $length = '';
    216     switch ($orderby) {
     216    switch ( $orderby ) {
    217217        case 'length':
    218218            $length = ", CHAR_LENGTH(link_name) AS length";
     
    221221            $orderby = 'rand()';
    222222            break;
     223        case 'link_id':
     224            $orderby = "$wpdb->links.link_id";
     225            break;
    223226        default:
    224227            $orderparams = array();
    225             foreach ( explode(',', $orderby) as $ordparam )
    226                 $orderparams[] = 'link_' . trim($ordparam);
     228            foreach ( explode(',', $orderby) as $ordparam ) {
     229                $ordparam = trim($ordparam);
     230                if ( in_array( $ordparam, array( 'name', 'url', 'visible', 'rating', 'owner', 'updated' ) ) )
     231                    $orderparams[] = 'link_' . $ordparam;
     232            }
    227233            $orderby = implode(',', $orderparams);
    228234    }
    229235
    230     if ( 'link_id' == $orderby )
    231         $orderby = "$wpdb->links.link_id";
     236    if ( empty( $orderby ) )
     237        $orderby = 'link_name';
     238
     239    $order = strtoupper( $order );
     240    if ( '' !== $order && !in_array( $order, array( 'ASC', 'DESC' ) ) )
     241        $order = 'ASC';
    232242
    233243    $visible = '';
  • branches/3.1/wp-includes/formatting.php

    r18044 r18378  
    24412441            }
    24422442            break;
    2443 
     2443        case 'new_admin_email':
     2444            $value = sanitize_email($value);
     2445            if ( !is_email($value) ) {
     2446                $value = get_option( $option ); // Resets option to stored value in the case of failed sanitization
     2447                if ( function_exists('add_settings_error') )
     2448                    add_settings_error('new_admin_email', 'invalid_admin_email', __('The email address entered did not appear to be a valid email address. Please enter a valid email address.'));
     2449            }
     2450            break;
    24442451        case 'thumbnail_size_w':
    24452452        case 'thumbnail_size_h':
     
    25352542            }
    25362543            break;
     2544        case 'WPLANG':
     2545            $allowed = get_available_languages();
     2546            if ( ! in_array( $value, $allowed ) && ! empty( $value ) )
     2547                $value = get_option( $option );
     2548            break;
    25372549
    25382550        default :
     
    29132925 */
    29142926function sanitize_mime_type( $mime_type ) {
    2915     $sani_mime_type = preg_replace( '/[^-*.a-zA-Z0-9\/]/', '', $mime_type );
     2927    $sani_mime_type = preg_replace( '/[^-+*.a-zA-Z0-9\/]/', '', $mime_type );
    29162928    return apply_filters( 'sanitize_mime_type', $sani_mime_type, $mime_type );
    29172929}
  • branches/3.1/wp-includes/post.php

    r18044 r18378  
    24112411
    24122412    $postarr = wp_parse_args($postarr, $defaults);
     2413
     2414    unset( $postarr[ 'filter' ] );
     2415
    24132416    $postarr = sanitize_post($postarr, 'db');
    24142417
     
    34223425    $where_post_type = $wpdb->prepare( "post_type = '%s' AND post_status = '%s'", $post_type, $post_status );
    34233426
     3427    $orderby_array = array();
     3428    $allowed_keys = array('author', 'post_author', 'date', 'post_date', 'title', 'post_title', 'modified',
     3429                          'post_modified', 'modified_gmt', 'post_modified_gmt', 'menu_order', 'parent', 'post_parent',
     3430                          'ID', 'rand', 'comment_count');
     3431    foreach ( explode( ',', $sort_column ) as $orderby ) {
     3432        $orderby = trim( $orderby );
     3433        if ( !in_array( $orderby, $allowed_keys ) )
     3434            continue;
     3435
     3436        switch ( $orderby ) {
     3437            case 'menu_order':
     3438                break;
     3439            case 'ID':
     3440                $orderby = "$wpdb->posts.ID";
     3441                break;
     3442            case 'rand':
     3443                $orderby = 'RAND()';
     3444                break;
     3445            case 'comment_count':
     3446                $orderby = "$wpdb->posts.comment_count";
     3447                break;
     3448            default:
     3449                if ( 0 === strpos( $orderby, 'post_' ) )
     3450                    $orderby = "$wpdb->posts." . $orderby;
     3451                else
     3452                    $orderby = "$wpdb->posts.post_" . $orderby;
     3453        }
     3454
     3455        $orderby_array[] = $orderby;
     3456
     3457    }
     3458    $sort_column = ! empty( $orderby_array ) ? implode( ',', $orderby_array ) : "$wpdb->posts.post_title";
     3459
     3460    $sort_order = strtoupper( $sort_order );
     3461    if ( '' !== $sort_order && !in_array( $sort_order, array( 'ASC', 'DESC' ) ) )
     3462        $sort_order = 'ASC';
     3463
    34243464    $query = "SELECT * FROM $wpdb->posts $join WHERE ($where_post_type) $where ";
    34253465    $query .= $author_query;
     
    35473587    if ( !empty($parent) )
    35483588        $object['post_parent'] = $parent;
     3589
     3590    unset( $object[ 'filter' ] );
    35493591
    35503592    $object = sanitize_post($object, 'db');
  • branches/3.1/wp-includes/query.php

    r18044 r18378  
    16261626        }
    16271627
    1628         if ( !empty($qv['post_status']) )
    1629             $qv['post_status'] = preg_replace('|[^a-z0-9_,-]|', '', $qv['post_status']);
     1628        if ( ! empty( $qv['post_status'] ) ) {
     1629            if ( is_array( $qv['post_status'] ) )
     1630                $qv['post_status'] = array_map('sanitize_key', $qv['post_status']);
     1631            else
     1632                $qv['post_status'] = preg_replace('|[^a-z0-9_,-]|', '', $qv['post_status']);
     1633        }
    16301634
    16311635        if ( $this->is_posts_page && ( ! isset($qv['withcomments']) || ! $qv['withcomments'] ) )
     
    23862390        }
    23872391
    2388         if ( isset($q['post_status']) && '' != $q['post_status'] ) {
     2392        if ( ! empty( $q['post_status'] ) ) {
    23892393            $statuswheres = array();
    2390             $q_status = explode(',', $q['post_status']);
     2394            $q_status = $q['post_status'];
     2395            if ( ! is_array( $q_status ) )
     2396                $q_status = explode(',', $q_status);
    23912397            $r_status = array();
    23922398            $p_status = array();
    23932399            $e_status = array();
    2394             if ( $q['post_status'] == 'any' ) {
     2400            if ( in_array('any', $q_status) ) {
    23952401                foreach ( get_post_stati( array('exclude_from_search' => true) ) as $status )
    23962402                    $e_status[] = "$wpdb->posts.post_status <> '$status'";
  • branches/3.1/wp-includes/script-loader.php

    r18044 r18378  
    260260    ) );
    261261
    262     $scripts->add( 'user-profile', "/wp-admin/js/user-profile$suffix.js", array( 'jquery', 'password-strength-meter' ), '20110113' );
     262    $scripts->add( 'user-profile', "/wp-admin/js/user-profile$suffix.js", array( 'jquery', 'password-strength-meter' ), '20110628' );
    263263    $scripts->add_data( 'user-profile', 'group', 1 );
    264264
  • branches/3.1/wp-includes/taxonomy.php

    r18044 r18378  
    11951195    elseif ( empty($_orderby) || 'id' == $_orderby )
    11961196        $orderby = 't.term_id';
     1197    else
     1198        $orderby = 't.name';
    11971199
    11981200    $orderby = apply_filters( 'get_terms_orderby', $orderby, $args );
     
    12021204    else
    12031205        $order = '';
     1206
     1207    $order = strtoupper( $order );
     1208    if ( '' !== $order && !in_array( $order, array( 'ASC', 'DESC' ) ) )
     1209        $order = 'ASC';
    12041210
    12051211    $where = "tt.taxonomy IN ('" . implode("', '", $taxonomies) . "')";
  • branches/3.1/wp-includes/version.php

    r18044 r18378  
    2323 * @global string $wp_version
    2424 */
    25 $wp_version = '3.1.3';
     25$wp_version = '3.1.4';
    2626
    2727/**
  • branches/3.1/wp-includes/wp-db.php

    r18044 r18378  
    645645            if ( null === $blog_id )
    646646                $blog_id = $this->blogid;
     647            $blog_id = (int) $blog_id;
    647648            if ( defined( 'MULTISITE' ) && ( 0 == $blog_id || 1 == $blog_id ) )
    648649                return $this->base_prefix;
  • branches/3.1/wp-settings.php

    r18044 r18378  
    259259$locale = get_locale();
    260260$locale_file = WP_LANG_DIR . "/$locale.php";
    261 if ( is_readable( $locale_file ) )
     261if ( ( 0 === validate_file( $locale ) ) && is_readable( $locale_file ) )
    262262    require( $locale_file );
    263263unset($locale_file);
Note: See TracChangeset for help on using the changeset viewer.