Changes from tags/2.2 at r60068 to tags/2.2.1 at r60068
- Location:
- tags/2.2.1
- Files:
-
- 2 added
- 41 edited
-
wp-admin/admin-db.php (modified) (2 diffs)
-
wp-admin/admin-functions.php (modified) (9 diffs)
-
wp-admin/comment.php (modified) (4 diffs)
-
wp-admin/edit-comments.php (modified) (2 diffs)
-
wp-admin/edit-form-advanced.php (modified) (11 diffs)
-
wp-admin/edit-form-comment.php (modified) (5 diffs)
-
wp-admin/edit-form.php (modified) (4 diffs)
-
wp-admin/edit-page-form.php (modified) (6 diffs)
-
wp-admin/export.php (modified) (1 diff)
-
wp-admin/install.php (modified) (1 diff)
-
wp-admin/user-edit.php (modified) (1 diff)
-
wp-admin/users.php (modified) (1 diff)
-
wp-admin/widgets.css (modified) (2 diffs)
-
wp-admin/widgets.php (modified) (6 diffs)
-
wp-content/themes/default/functions.php (modified) (1 diff)
-
wp-includes/author-template.php (modified) (1 diff)
-
wp-includes/bookmark-template.php (modified) (2 diffs)
-
wp-includes/bookmark.php (modified) (1 diff)
-
wp-includes/category-template.php (modified) (3 diffs)
-
wp-includes/category.php (modified) (1 diff)
-
wp-includes/class-phpmailer.php (modified) (1 diff)
-
wp-includes/classes.php (modified) (2 diffs)
-
wp-includes/comment-template.php (modified) (2 diffs)
-
wp-includes/comment.php (modified) (4 diffs)
-
wp-includes/feed-atom-comments.php (modified) (3 diffs)
-
wp-includes/feed.php (modified) (1 diff)
-
wp-includes/formatting.php (modified) (2 diffs)
-
wp-includes/functions.php (modified) (9 diffs)
-
wp-includes/general-template.php (modified) (8 diffs)
-
wp-includes/js/tinymce/themes/advanced/color_picker.htm (modified) (1 diff)
-
wp-includes/js/tinymce/themes/advanced/css/colorpicker.css (added)
-
wp-includes/js/tinymce/themes/advanced/images/colors.jpg (added)
-
wp-includes/js/wp-ajax.js (modified) (1 diff)
-
wp-includes/link-template.php (modified) (3 diffs)
-
wp-includes/pluggable.php (modified) (3 diffs)
-
wp-includes/post-template.php (modified) (2 diffs)
-
wp-includes/post.php (modified) (5 diffs)
-
wp-includes/registration.php (modified) (1 diff)
-
wp-includes/theme.php (modified) (1 diff)
-
wp-includes/version.php (modified) (1 diff)
-
wp-includes/widgets.php (modified) (9 diffs)
-
wp-settings.php (modified) (1 diff)
-
xmlrpc.php (modified) (16 diffs)
Legend:
- Unmodified
- Added
- Removed
-
tags/2.2.1/wp-admin/admin-db.php
r60068 r60068 83 83 global $wpdb; 84 84 85 extract($catarr );85 extract($catarr, EXTR_SKIP); 86 86 87 87 if( trim( $cat_name ) == '' ) … … 298 298 global $wpdb, $current_user; 299 299 300 extract($linkdata );300 extract($linkdata, EXTR_SKIP); 301 301 302 302 $update = false; -
tags/2.2.1/wp-admin/admin-functions.php
r60068 r60068 348 348 349 349 $post->post_password = format_to_edit( $post->post_password ); 350 351 $post->menu_order = (int) $post->menu_order; 350 352 351 353 if ( $post->post_type == 'page' ) … … 397 399 function get_comment_to_edit( $id ) { 398 400 $comment = get_comment( $id ); 399 400 $comment->comment_content = format_to_edit( $comment->comment_content, user_can_richedit() ); 401 402 $comment->comment_ID = (int) $comment->comment_ID; 403 $comment->comment_post_ID = (int) $comment->comment_post_ID; 404 405 $comment->comment_content = format_to_edit( $comment->comment_content ); 401 406 $comment->comment_content = apply_filters( 'comment_edit_pre', $comment->comment_content); 402 407 403 408 $comment->comment_author = format_to_edit( $comment->comment_author ); 404 409 $comment->comment_author_email = format_to_edit( $comment->comment_author_email ); 410 $comment->comment_author_url = clean_url($comment->comment_author_url); 405 411 $comment->comment_author_url = format_to_edit( $comment->comment_author_url ); 406 412 … … 410 416 function get_category_to_edit( $id ) { 411 417 $category = get_category( $id ); 418 419 $category->term_id = (int) $category->term_id; 420 $category->parent = (int) $category->parent; 412 421 413 422 return $category; … … 936 945 if ( current_user_can('edit_post', $comment->comment_post_ID) ) { 937 946 echo " <a href='comment.php?action=editcomment&c=".$comment->comment_ID."'>" . __('Edit') . '</a>'; 938 echo ' | <a href="' . wp_nonce_url(' ocomment.php?action=deletecomment&p=' . $comment->comment_post_ID . '&c=' . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . '" onclick="return deleteSomething( \'comment\', ' . $comment->comment_ID . ', \'' . js_escape(sprintf(__("You are about to delete this comment by '%s'.\n'Cancel' to stop, 'OK' to delete."), $comment->comment_author)) . "', theCommentList );\">" . __('Delete') . '</a> ';947 echo ' | <a href="' . wp_nonce_url('comment.php?action=deletecomment&p=' . $comment->comment_post_ID . '&c=' . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . '" onclick="return deleteSomething( \'comment\', ' . $comment->comment_ID . ', \'' . js_escape(sprintf(__("You are about to delete this comment by '%s'.\n'Cancel' to stop, 'OK' to delete."), $comment->comment_author)) . "', theCommentList );\">" . __('Delete') . '</a> '; 939 948 if ( ('none' != $comment_status) && ( current_user_can('moderate_comments') ) ) { 940 949 echo '<span class="unapprove"> | <a href="' . wp_nonce_url('comment.php?action=unapprovecomment&p=' . $comment->comment_post_ID . '&c=' . $comment->comment_ID, 'unapprove-comment_' . $comment->comment_ID) . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\', theCommentList );">' . __('Unapprove') . '</a> </span>'; … … 1027 1036 $entry['meta_key'] = attribute_escape($entry['meta_key']); 1028 1037 $entry['meta_value'] = attribute_escape($entry['meta_value']); 1038 $entry['meta_id'] = (int) $entry['meta_id']; 1029 1039 $r .= "\n\t<tr id='meta-{$entry['meta_id']}' class='$style'>"; 1030 1040 $r .= "\n\t\t<td valign='top'><input name='meta[{$entry['meta_id']}][key]' tabindex='6' type='text' size='20' value='{$entry['meta_key']}' /></td>"; … … 1079 1089 1080 1090 foreach ( $keys as $key ) { 1081 $key = attribute_escape( $key );1091 $key = attribute_escape( $key ); 1082 1092 echo "\n\t<option value='$key'>$key</option>"; 1083 1093 } … … 1100 1110 $post_ID = (int) $post_ID; 1101 1111 1112 $protected = array( '_wp_attached_file', '_wp_attachment_metadata', '_wp_old_slug', '_wp_page_template' ); 1113 1102 1114 $metakeyselect = $wpdb->escape( stripslashes( trim( $_POST['metakeyselect'] ) ) ); 1103 1115 $metakeyinput = $wpdb->escape( stripslashes( trim( $_POST['metakeyinput'] ) ) ); … … 1114 1126 if ( $metakeyinput) 1115 1127 $metakey = $metakeyinput; // default 1128 1129 if ( in_array($metakey, $protected) ) 1130 return false; 1116 1131 1117 1132 $result = $wpdb->query( " … … 1134 1149 function update_meta( $mid, $mkey, $mvalue ) { 1135 1150 global $wpdb; 1151 1152 $protected = array( '_wp_attached_file', '_wp_attachment_metadata', '_wp_old_slug', '_wp_page_template' ); 1153 1154 if ( in_array($mkey, $protected) ) 1155 return false; 1156 1136 1157 $mvalue = maybe_serialize( stripslashes( $mvalue )); 1137 1158 $mvalue = $wpdb->escape( $mvalue ); -
tags/2.2.1/wp-admin/comment.php
r60068 r60068 40 40 $nonce_action .= $comment; 41 41 42 if ( ! $comment = get_comment ($comment) )42 if ( ! $comment = get_comment_to_edit($comment) ) 43 43 wp_die(__('Oops, no comment with this ID.').sprintf(' <a href="%s">'.__('Go back').'</a>!', 'edit.php')); 44 44 … … 97 97 <tr> 98 98 <th scope="row" valign="top"><p><?php _e('Comment:'); ?></p></th> 99 <td><?php echo apply_filters( 'comment_text', $comment->comment_content ); ?></td>99 <td><?php echo $comment->comment_content; ?></td> 100 100 </tr> 101 101 </table> … … 156 156 wp_redirect(wp_get_referer()); 157 157 } else { 158 wp_redirect(get_option('siteurl') .'/wp-admin/edit.php?p='. $comment->comment_post_ID.'&c=1#comments');158 wp_redirect(get_option('siteurl') .'/wp-admin/edit.php?p='. (int) $comment->comment_post_ID.'&c=1#comments'); 159 159 } 160 160 exit(); … … 186 186 wp_redirect(wp_get_referer()); 187 187 } else { 188 wp_redirect(get_option('siteurl') .'/wp-admin/edit.php?p='. $comment->comment_post_ID.'&c=1#comments');188 wp_redirect(get_option('siteurl') .'/wp-admin/edit.php?p='. (int) $comment->comment_post_ID.'&c=1#comments'); 189 189 } 190 190 exit(); -
tags/2.2.1/wp-admin/edit-comments.php
r60068 r60068 80 80 else 81 81 $page = 1; 82 82 83 $start = $offset = ( $page - 1 ) * 20; 83 84 … … 88 89 89 90 $page_links = paginate_links( array( 90 'base' => 'edit-comments.php?%_%',91 'format' => ' apage=%#%',91 'base' => add_query_arg( 'apage', '%#%' ), 92 'format' => '', 92 93 'total' => ceil($total / 20), 93 94 'current' => $page -
tags/2.2.1/wp-admin/edit-form-advanced.php
r60068 r60068 1 1 <?php 2 if ( isset($_GET['message']) ) 3 $_GET['message'] = (int) $_GET['message']; 2 4 $messages[1] = __('Post updated'); 3 5 $messages[2] = __('Custom field updated'); … … 5 7 ?> 6 8 <?php if (isset($_GET['message'])) : ?> 7 <div id="message" class="updated fade"><p><?php echo $messages[$_GET['message']]; ?></p></div>9 <div id="message" class="updated fade"><p><?php echo wp_specialchars($messages[$_GET['message']]); ?></p></div> 8 10 <?php endif; ?> 9 11 … … 22 24 wp_nonce_field('add-post'); 23 25 } else { 26 $post_ID = (int) $post_ID; 24 27 $form_action = 'editpost'; 25 28 $form_extra = "<input type='hidden' id='post_ID' name='post_ID' value='$post_ID' />"; … … 27 30 } 28 31 29 $form_pingback = '<input type="hidden" name="post_pingback" value="' . get_option('default_pingback_flag') . '" id="post_pingback" />';30 31 $form_prevstatus = '<input type="hidden" name="prev_status" value="' . $post->post_status. '" />';32 33 $form_trackback = '<input type="text" name="trackback_url" style="width: 415px" id="trackback" tabindex="7" value="'. str_replace("\n", ' ', $post->to_ping) .'" />';32 $form_pingback = '<input type="hidden" name="post_pingback" value="' . (int) get_option('default_pingback_flag') . '" id="post_pingback" />'; 33 34 $form_prevstatus = '<input type="hidden" name="prev_status" value="' . attribute_escape( $post->post_status ) . '" />'; 35 36 $form_trackback = '<input type="text" name="trackback_url" style="width: 415px" id="trackback" tabindex="7" value="'. attribute_escape( str_replace("\n", ' ', $post->to_ping) ) .'" />'; 34 37 35 38 if ('' != $post->pinged) { … … 42 45 } 43 46 44 $saveasdraft = '<input name="save" type="submit" id="save" tabindex="3" value="' . __('Save and Continue Editing') . '" />';47 $saveasdraft = '<input name="save" type="submit" id="save" tabindex="3" value="' . attribute_escape( __('Save and Continue Editing') ) . '" />'; 45 48 46 49 if (empty($post->post_status)) $post->post_status = 'draft'; … … 48 51 ?> 49 52 50 <input type="hidden" name="user_ID" value="<?php echo $user_ID ?>" />53 <input type="hidden" name="user_ID" value="<?php echo (int) $user_ID ?>" /> 51 54 <input type="hidden" id="hiddenaction" name="action" value="<?php echo $form_action ?>" /> 52 55 <input type="hidden" id="originalaction" name="originalaction" value="<?php echo $form_action ?>" /> 53 <input type="hidden" name="post_author" value="<?php echo $post->post_author?>" />56 <input type="hidden" name="post_author" value="<?php echo attribute_escape( $post->post_author ); ?>" /> 54 57 <input type="hidden" id="post_type" name="post_type" value="post" /> 55 58 … … 89 92 <fieldset id="passworddiv" class="dbx-box"> 90 93 <h3 class="dbx-handle"><?php _e('Post Password') ?></h3> 91 <div class="dbx-content"><input name="post_password" type="text" size="13" id="post_password" value="<?php echo $post->post_password?>" /></div>94 <div class="dbx-content"><input name="post_password" type="text" size="13" id="post_password" value="<?php echo attribute_escape( $post->post_password ); ?>" /></div> 92 95 </fieldset> 93 96 94 97 <fieldset id="slugdiv" class="dbx-box"> 95 98 <h3 class="dbx-handle"><?php _e('Post Slug') ?></h3> 96 <div class="dbx-content"><input name="post_name" type="text" size="13" id="post_name" value="<?php echo $post->post_name?>" /></div>99 <div class="dbx-content"><input name="post_name" type="text" size="13" id="post_name" value="<?php echo attribute_escape( $post->post_name ); ?>" /></div> 97 100 </fieldset> 98 101 … … 126 129 if ( $post->post_author == $o->ID || ( empty($post_ID) && $user_ID == $o->ID ) ) $selected = 'selected="selected"'; 127 130 else $selected = ''; 128 echo "<option value=' $o->ID' $selected>$o->display_name</option>";131 echo "<option value='" . (int) $o->ID . "' $selected>" . wp_specialchars( $o->display_name ) . "</option>"; 129 132 endforeach; 130 133 ?> … … 141 144 <fieldset id="titlediv"> 142 145 <legend><?php _e('Title') ?></legend> 143 <div><input type="text" name="post_title" size="30" tabindex="1" value="<?php echo $post->post_title; ?>" id="title" /></div>146 <div><input type="text" name="post_title" size="30" tabindex="1" value="<?php echo attribute_escape($post->post_title); ?>" id="title" /></div> 144 147 </fieldset> 145 148 … … 169 172 ?> 170 173 <?php if ( current_user_can('publish_posts') ) : ?> 171 <input name="publish" type="submit" id="publish" tabindex="5" accesskey="p" value="<?php _e('Publish') ?>" />174 <input name="publish" type="submit" id="publish" tabindex="5" accesskey="p" value="<?php _e('Publish'); ?>" /> 172 175 <?php endif; ?> 173 176 <?php … … 187 190 <?php 188 191 if (current_user_can('upload_files')) { 189 $uploading_iframe_ID = ( 0 == $post_ID ? $temp_ID : $post_ID);192 $uploading_iframe_ID = (int) (0 == $post_ID ? $temp_ID : $post_ID); 190 193 $uploading_iframe_src = wp_nonce_url("upload.php?style=inline&tab=upload&post_id=$uploading_iframe_ID", 'inlineuploading'); 191 194 $uploading_iframe_src = apply_filters('uploading_iframe_src', $uploading_iframe_src); -
tags/2.2.1/wp-admin/edit-form-comment.php
r60068 r60068 3 3 $toprow_title = sprintf(__('Editing Comment # %s'), $comment->comment_ID); 4 4 $form_action = 'editedcomment'; 5 $form_extra = "' />\n<input type='hidden' name='comment_ID' value='" . $comment->comment_ID . "' />\n<input type='hidden' name='comment_post_ID' value='" .$comment->comment_post_ID;5 $form_extra = "' />\n<input type='hidden' name='comment_ID' value='" . $comment->comment_ID . "' />\n<input type='hidden' name='comment_post_ID' value='" . $comment->comment_post_ID; 6 6 ?> 7 7 … … 9 9 <?php wp_nonce_field('update-comment_' . $comment->comment_ID) ?> 10 10 <div class="wrap"> 11 <input type="hidden" name="user_ID" value="<?php echo $user_ID ?>" />11 <input type="hidden" name="user_ID" value="<?php echo (int) $user_ID ?>" /> 12 12 <input type="hidden" name="action" value='<?php echo $form_action . $form_extra ?>' /> 13 13 … … 21 21 <legend><label for="name"><?php _e('Name:') ?></label></legend> 22 22 <div> 23 <input type="text" name="newcomment_author" size="25" value="<?php echo $comment->comment_author?>" tabindex="1" id="name" />23 <input type="text" name="newcomment_author" size="25" value="<?php echo attribute_escape( $comment->comment_author ); ?>" tabindex="1" id="name" /> 24 24 </div> 25 25 </fieldset> … … 27 27 <legend><label for="email"><?php _e('E-mail:') ?></label></legend> 28 28 <div> 29 <input type="text" name="newcomment_author_email" size="20" value="<?php echo $comment->comment_author_email?>" tabindex="2" id="email" />29 <input type="text" name="newcomment_author_email" size="20" value="<?php echo attribute_escape( $comment->comment_author_email ); ?>" tabindex="2" id="email" /> 30 30 </div> 31 31 </fieldset> … … 33 33 <legend><label for="newcomment_author_url"><?php _e('URL:') ?></label></legend> 34 34 <div> 35 <input type="text" id="newcomment_author_url" name="newcomment_author_url" size="35" value="<?php echo $comment->comment_author_url?>" tabindex="3" />35 <input type="text" id="newcomment_author_url" name="newcomment_author_url" size="35" value="<?php echo attribute_escape( $comment->comment_author_url ); ?>" tabindex="3" /> 36 36 </div> 37 37 </fieldset> -
tags/2.2.1/wp-admin/edit-form.php
r60068 r60068 7 7 <input type="hidden" name="mode" value="bookmarklet" /> 8 8 <?php endif; ?> 9 <input type="hidden" name="user_ID" value="<?php echo $user_ID ?>" />9 <input type="hidden" name="user_ID" value="<?php echo (int) $user_ID ?>" /> 10 10 <input type="hidden" name="action" value='post' /> 11 11 … … 22 22 <fieldset id="titlediv"> 23 23 <legend><a href="http://wordpress.org/docs/reference/post/#title" title="<?php _e('Help on titles') ?>"><?php _e('Title') ?></a></legend> 24 <div><input type="text" name="post_title" size="30" tabindex="1" value="<?php echo $post->post_title; ?>" id="title" /></div>24 <div><input type="text" name="post_title" size="30" tabindex="1" value="<?php echo attribute_escape( $post->post_title ); ?>" id="title" /></div> 25 25 </fieldset> 26 26 … … 50 50 </script> 51 51 52 <input type="hidden" name="post_pingback" value="<?php echo get_option('default_pingback_flag') ?>" id="post_pingback" />52 <input type="hidden" name="post_pingback" value="<?php echo (int) get_option('default_pingback_flag') ?>" id="post_pingback" /> 53 53 54 54 <p><label for="trackback"> <?php printf(__('<a href="%s" title="Help on trackbacks"><strong>TrackBack</strong> a <abbr title="Universal Resource Locator">URL</abbr></a>:</label> (Separate multiple <abbr title="Universal Resource Locator">URL</abbr>s with spaces.)'), 'http://wordpress.org/docs/reference/post/#trackback'); echo '<br />'; ?> … … 65 65 echo '<input name="advanced" type="submit" id="advancededit" tabindex="7" value="' . __('Advanced Editing »') . '" />'; 66 66 } ?> 67 <input name="referredby" type="hidden" id="referredby" value="<?php if ( wp_get_referer() ) echo urlencode(wp_get_referer()); ?>" />67 <input name="referredby" type="hidden" id="referredby" value="<?php if ( $refby = wp_get_referer() ) echo urlencode($refby); ?>" /> 68 68 </p> 69 69 -
tags/2.2.1/wp-admin/edit-page-form.php
r60068 r60068 3 3 <h2 id="write-post"><?php _e('Write Page'); ?></h2> 4 4 <?php 5 5 6 if (0 == $post_ID) { 6 7 $form_action = 'post'; … … 9 10 $form_extra = "<input type='hidden' id='post_ID' name='temp_ID' value='$temp_ID' />"; 10 11 } else { 12 $post_ID = (int) $post_ID; 11 13 $form_action = 'editpost'; 12 14 $nonce_action = 'update-page_' . $post_ID; 13 15 $form_extra = "<input type='hidden' id='post_ID' name='post_ID' value='$post_ID' />"; 14 16 } 17 18 $temp_ID = (int) $temp_ID; 19 $user_ID = (int) $user_ID; 15 20 16 21 $sendto = clean_url(stripslashes(wp_get_referer())); … … 69 74 <fieldset id="passworddiv" class="dbx-box"> 70 75 <h3 class="dbx-handle"><?php _e('Page Password') ?></h3> 71 <div class="dbx-content"><input name="post_password" type="text" size="13" id="post_password" value="<?php echo $post->post_password?>" /></div>76 <div class="dbx-content"><input name="post_password" type="text" size="13" id="post_password" value="<?php echo attribute_escape( $post->post_password ); ?>" /></div> 72 77 </fieldset> 73 78 … … 94 99 <fieldset id="slugdiv" class="dbx-box"> 95 100 <h3 class="dbx-handle"><?php _e('Page Slug') ?></h3> 96 <div class="dbx-content"><input name="post_name" type="text" size="13" id="post_name" value="<?php echo $post->post_name?>" /></div>101 <div class="dbx-content"><input name="post_name" type="text" size="13" id="post_name" value="<?php echo attribute_escape( $post->post_name ); ?>" /></div> 97 102 </fieldset> 98 103 … … 107 112 if ( $post->post_author == $o->ID || ( empty($post_ID) && $user_ID == $o->ID ) ) $selected = 'selected="selected"'; 108 113 else $selected = ''; 114 $o->ID = (int) $o->ID; 115 $o->display_name = wp_specialchars( $o->display_name ); 109 116 echo "<option value='$o->ID' $selected>$o->display_name</option>"; 110 117 endforeach; … … 127 134 <fieldset id="titlediv"> 128 135 <legend><?php _e('Page Title') ?></legend> 129 <div><input type="text" name="post_title" size="30" tabindex="1" value="<?php echo $post->post_title; ?>" id="title" /></div>136 <div><input type="text" name="post_title" size="30" tabindex="1" value="<?php echo attribute_escape( $post->post_title ); ?>" id="title" /></div> 130 137 </fieldset> 131 138 -
tags/2.2.1/wp-admin/export.php
r60068 r60068 148 148 --> 149 149 150 <!-- generator="wordpress/<?php bloginfo_rss('version') ?>" created="<?php echo date('Y-m-d H: m'); ?>"-->150 <!-- generator="wordpress/<?php bloginfo_rss('version') ?>" created="<?php echo date('Y-m-d H:i'); ?>"--> 151 151 <rss version="2.0" 152 152 xmlns:content="http://purl.org/rss/1.0/modules/content/" -
tags/2.2.1/wp-admin/install.php
r60068 r60068 83 83 <?php 84 84 $result = wp_install($weblog_title, 'admin', $admin_email, $public); 85 extract($result );85 extract($result, EXTR_SKIP); 86 86 ?> 87 87 -
tags/2.2.1/wp-admin/user-edit.php
r60068 r60068 77 77 <?php wp_nonce_field('update-user_' . $user_id) ?> 78 78 <?php if ( $wp_http_referer ) : ?> 79 <input type="hidden" name="wp_http_referer" value="<?php echo wp_specialchars($wp_http_referer); ?>" />79 <input type="hidden" name="wp_http_referer" value="<?php echo clean_url($wp_http_referer); ?>" /> 80 80 <?php endif; ?> 81 81 <p> -
tags/2.2.1/wp-admin/users.php
r60068 r60068 382 382 <th colspan="7"><h3><?php echo $wp_roles->role_names[$role]; ?></h3></th> 383 383 <?php else : ?> 384 <th colspan="7"><h3><em><?php _e('No role for this blog'); ?></ h3></th>384 <th colspan="7"><h3><em><?php _e('No role for this blog'); ?></em></h3></th> 385 385 <?php endif; ?> 386 386 </tr> -
tags/2.2.1/wp-admin/widgets.css
r60068 r60068 85 85 86 86 .placematt { 87 position: absolute;88 87 cursor: default; 89 88 margin: 10px 0 0; 90 89 padding: 0; 91 90 width: 238px; 91 float:left; 92 92 background-color: #ffe; 93 93 } … … 107 107 } 108 108 109 109 110 #palettediv { 110 111 border: 1px solid #bbb; 111 112 background-color: #f0f8ff; 112 height: 180px;113 height:auto; 113 114 margin-top: 10px; 114 115 } -
tags/2.2.1/wp-admin/widgets.php
r60068 r60068 3 3 require_once 'admin.php'; 4 4 5 if ( ! current_user_can(' edit_themes') )5 if ( ! current_user_can('switch_themes') ) 6 6 wp_die( __( 'Cheatin’ uh?' )); 7 7 … … 16 16 ?> 17 17 <link rel="stylesheet" href="widgets.css?version=<?php bloginfo('version'); ?>" type="text/css" /> 18 <!--[if IE 7]> 19 <style type="text/css"> 20 #palette {float:left;} 21 </style> 22 <![endif]--> 18 23 <style type="text/css"> 19 24 .dropzone ul { height: <?php echo constant( 'WP_WIDGETS_HEIGHT' ); ?>px; } … … 62 67 widgets.map(function(o) {o='widgetprefix-'+o; Position.absolutize(o); Position.relativize(o);} ); 63 68 $A(Draggables.drags).map(function(o) {o.startDrag(null); o.finishDrag(null);}); 64 for ( var n in Draggables.drags ) { 65 if ( Draggables.drags[n].element.id == 'lastmodule' ) { 66 Draggables.drags[n].destroy(); 67 break; 69 //for ( var n in Draggables.drags ) { 70 for ( n=0; n<=Draggables.drags.length; n++ ) { 71 if ( parseInt( n ) ) { 72 if ( Draggables.drags[n].element.id == 'lastmodule' ) { 73 Draggables.drags[n].destroy(); 74 break; 75 } 68 76 } 69 77 } … … 146 154 if ( $(o).childNodes.length == 0 ) { 147 155 pm.style.display = 'block'; 148 Position.absolutize(o+'placematt');156 //Position.absolutize(o+'placematt'); 149 157 } else { 150 158 pm.style.display = 'none'; … … 294 302 295 303 <form id="sbadmin" method="post" onsubmit="serializeAll();"> 304 <p class="submit"> 305 <input type="submit" value="<?php _e( 'Save Changes »' ); ?>" /> 306 </p> 296 307 <div id="zones"> 297 308 <?php … … 303 314 <h3><?php echo $sidebar['name']; ?></h3> 304 315 305 <div id="<?php echo $index; ?>placematt" class="module placemat t">316 <div id="<?php echo $index; ?>placematt" class="module placemat"> 306 317 <span class="handle"> 307 318 <h4><?php _e( 'Default Sidebar' ); ?></h4> -
tags/2.2.1/wp-content/themes/default/functions.php
r60068 r60068 385 385 </div> 386 386 <div id="jsForm"> 387 <form style="display:inline;" method="post" name="hicolor" id="hicolor" action="<?php echo $_SERVER['REQUEST_URI']; ?>">387 <form style="display:inline;" method="post" name="hicolor" id="hicolor" action="<?php echo attribute_escape($_SERVER['REQUEST_URI']); ?>"> 388 388 <?php wp_nonce_field('kubrick-header'); ?> 389 389 <input type="button" onclick="tgt=document.getElementById('fontcolor');colorSelect(tgt,'pick1');return false;" name="pick1" id="pick1" value="<?php echo attribute_escape(__('Font Color')); ?>"></input> -
tags/2.2.1/wp-includes/author-template.php
r60068 r60068 184 184 'feed' => '', 'feed_image' => ''); 185 185 $r = array_merge($defaults, $r); 186 extract($r );186 extract($r, EXTR_SKIP); 187 187 188 188 // TODO: Move select to get_authors(). -
tags/2.2.1/wp-includes/bookmark-template.php
r60068 r60068 254 254 'after' => '</li>', 'between' => "\n"); 255 255 $r = array_merge($defaults, $r); 256 extract($r );256 extract($r, EXTR_SKIP); 257 257 258 258 foreach ( (array) $bookmarks as $bookmark ) { … … 332 332 'category_before' => '<li id="%id" class="%class">', 'category_after' => '</li>'); 333 333 $r = array_merge($defaults, $r); 334 extract($r );334 extract($r, EXTR_SKIP); 335 335 336 336 $output = ''; -
tags/2.2.1/wp-includes/bookmark.php
r60068 r60068 35 35 'category_name' => '', 'hide_invisible' => 1, 'show_updated' => 0, 'include' => '', 'exclude' => ''); 36 36 $r = array_merge($defaults, $r); 37 extract($r );37 extract($r, EXTR_SKIP); 38 38 39 39 $key = md5( serialize( $r ) ); -
tags/2.2.1/wp-includes/category-template.php
r60068 r60068 82 82 function _get_the_category_usort($a, $b) { 83 83 return strcmp($a->category_name, $b->category_name); 84 } 85 86 function _get_the_category_usort_by_ID($a, $b) { 87 if ( $a->cat_ID > $b->cat_ID ) 88 return 1; 89 elseif ( $a->cat_ID < $b->cat_ID ) 90 return -1; 91 else 92 return 0; 84 93 } 85 94 … … 183 192 $r = array_merge($defaults, $r); 184 193 $r['include_last_update_time'] = $r['show_last_update']; 185 extract($r );194 extract($r, EXTR_SKIP); 186 195 187 196 $categories = get_categories($r); … … 234 243 if ( isset($r['show_date']) ) 235 244 $r['include_last_update_time'] = $r['show_date']; 236 extract($r );245 extract($r, EXTR_SKIP); 237 246 238 247 $categories = get_categories($r); -
tags/2.2.1/wp-includes/category.php
r60068 r60068 29 29 $r['orderby'] = "cat_" . $r['orderby']; // restricts order by to cat_ID and cat_name fields 30 30 $r['number'] = (int) $r['number']; 31 extract($r );31 extract($r, EXTR_SKIP); 32 32 33 33 $key = md5( serialize( $r ) ); -
tags/2.2.1/wp-includes/class-phpmailer.php
r60068 r60068 391 391 function SendmailSend($header, $body) { 392 392 if ($this->Sender != "") 393 $sendmail = sprintf("%s -oi -f %s -t", $this->Sendmail, $this->Sender);393 $sendmail = sprintf("%s -oi -f %s -t", $this->Sendmail, escapeshellarg($this->Sender)); 394 394 else 395 395 $sendmail = sprintf("%s -oi -t", $this->Sendmail); -
tags/2.2.1/wp-includes/classes.php
r60068 r60068 507 507 if ( $depth ) 508 508 $indent = str_repeat("\t", $depth); 509 extract($args );509 extract($args, EXTR_SKIP); 510 510 $css_class = 'page_item'; 511 511 $_current_page = get_page( $current_page ); … … 697 697 698 698 $r = array_merge($defaults, $r); 699 extract($r );699 extract($r, EXTR_SKIP); 700 700 701 701 if ( is_wp_error($id) ) { -
tags/2.2.1/wp-includes/comment-template.php
r60068 r60068 240 240 function trackback_rdf($timezone = 0) { 241 241 global $id; 242 if (str pos($_SERVER['HTTP_USER_AGENT'], 'W3C_Validator') !== false) {242 if (stripos($_SERVER['HTTP_USER_AGENT'], 'W3C_Validator') === false) { 243 243 echo '<rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" 244 244 xmlns:dc="http://purl.org/dc/elements/1.1/" … … 286 286 $req = get_option('require_name_email'); 287 287 $commenter = wp_get_current_commenter(); 288 extract($commenter );288 extract($commenter, EXTR_SKIP); 289 289 290 290 // TODO: Use API instead of SELECTs. -
tags/2.2.1/wp-includes/comment.php
r60068 r60068 179 179 function wp_allow_comment($commentdata) { 180 180 global $wpdb; 181 extract($commentdata );181 extract($commentdata, EXTR_SKIP); 182 182 183 183 // Simple duplicate check … … 326 326 function wp_insert_comment($commentdata) { 327 327 global $wpdb; 328 extract($commentdata );328 extract($commentdata, EXTR_SKIP); 329 329 330 330 if ( ! isset($comment_author_IP) ) … … 458 458 459 459 // Now extract the merged array. 460 extract($commentarr );460 extract($commentarr, EXTR_SKIP); 461 461 462 462 $comment_content = apply_filters('comment_save_pre', $comment_content); … … 518 518 $pingback_href_original_pos = 27; 519 519 520 extract(parse_url($url) );520 extract(parse_url($url), EXTR_SKIP); 521 521 522 522 if ( !isset($host) ) // Not an URL. This should never happen. -
tags/2.2.1/wp-includes/feed-atom-comments.php
r60068 r60068 21 21 <generator uri="http://wordpress.org/" version="<?php bloginfo('version'); ?>">WordPress</generator> 22 22 23 <link rel="alternate" type="<?php bloginfo_rss('html_type'); ?>" content="<?php bloginfo_rss('home'); ?>" />23 <link rel="alternate" type="<?php bloginfo_rss('html_type'); ?>" href="<?php bloginfo_rss('home'); ?>" /> 24 24 <link rel="self" type="application/atom+xml" href="<?php bloginfo_rss('comments_atom_url'); ?>" /> 25 25 <id><?php bloginfo_rss('comments_atom_url'); ?></id> … … 41 41 } 42 42 ?></title> 43 <link rel="alternate" href="<?php comment_link(); ?>" type="<?php bloginfo_rss(' content_type'); ?>" />43 <link rel="alternate" href="<?php comment_link(); ?>" type="<?php bloginfo_rss('html_type'); ?>" /> 44 44 45 45 <author> … … 50 50 51 51 <id><?php comment_link(); ?></id> 52 <updated><?php echo mysql2date(' D, d M Y H:i:s +0000', get_comment_time('Y-m-d H:i:s', true), false); ?></updated>53 <published><?php echo mysql2date(' D, d M Y H:i:s +0000', get_comment_time('Y-m-d H:i:s', true), false); ?></published>52 <updated><?php echo mysql2date('Y-m-d\TH:i:s\Z', get_comment_time('Y-m-d H:i:s', true), false); ?></updated> 53 <published><?php echo mysql2date('Y-m-d\TH:i:s\Z', get_comment_time('Y-m-d H:i:s', true), false); ?></published> 54 54 <?php if (!empty($comment_post->post_password) && $_COOKIE['wp-postpass'] != $comment_post->post_password) : ?> 55 55 <content type="html" xml:base="<?php comment_link(); ?>"><![CDATA[<?php echo get_the_password_form(); ?>]]></content> -
tags/2.2.1/wp-includes/feed.php
r60068 r60068 152 152 $the_list = ''; 153 153 foreach ( (array) $categories as $category ) { 154 $cat egory->cat_name = convert_chars($category->cat_name);154 $cat_name = convert_chars($category->cat_name); 155 155 if ( 'rdf' == $type ) 156 $the_list .= "\n\t\t<dc:subject><![CDATA[$cat egory->cat_name]]></dc:subject>\n";156 $the_list .= "\n\t\t<dc:subject><![CDATA[$cat_name]]></dc:subject>\n"; 157 157 if ( 'atom' == $type ) 158 $the_list .= "<category scheme='$home' term='$category->cat_name' />";158 $the_list .= sprintf( '<category scheme="%1$s" term="%2$s" />', attribute_escape( apply_filters( 'get_bloginfo_rss', get_bloginfo( 'url' ) ) ), attribute_escape( $category->cat_name ) ); 159 159 else 160 $the_list .= "\n\t\t<category><![CDATA[$cat egory->cat_name]]></category>\n";160 $the_list .= "\n\t\t<category><![CDATA[$cat_name]]></category>\n"; 161 161 } 162 162 return apply_filters('the_category_rss', $the_list, $type); -
tags/2.2.1/wp-includes/formatting.php
r60068 r60068 1104 1104 function js_escape($text) { 1105 1105 $safe_text = wp_specialchars($text, 'double'); 1106 $safe_text = str_replace(''', "'", $safe_text);1106 $safe_text = preg_replace('/&#(x)?0*(?(1)27|39);?/i', "'", stripslashes($safe_text)); 1107 1107 $safe_text = preg_replace("/\r?\n/", "\\n", addslashes($safe_text)); 1108 1108 return apply_filters('js_escape', $safe_text, $text); … … 1119 1119 } 1120 1120 1121 function wp_parse_str( $string, &$array ) { 1122 parse_str( $string, $array ); 1123 if ( get_magic_quotes_gpc() ) 1124 $array = stripslashes_deep( $array ); // parse_str() adds slashes if magicquotes is on. See: http://php.net/parse_str 1125 $array = apply_filters( 'wp_parse_str', $array ); 1126 } 1127 1121 1128 ?> -
tags/2.2.1/wp-includes/functions.php
r60068 r60068 323 323 324 324 $notoptions = wp_cache_get('notoptions', 'options'); 325 if ( is set($notoptions[$option_name]) ) {325 if ( is_array($notoptions) && isset($notoptions[$option_name]) ) { 326 326 unset($notoptions[$option_name]); 327 327 wp_cache_set('notoptions', $notoptions, 'options'); … … 357 357 // Make sure the option doesn't already exist we can check the cache before we ask for a db query 358 358 $notoptions = wp_cache_get('notoptions', 'options'); 359 if ( is set($notoptions[$name]) ) {359 if ( is_array($notoptions) && isset($notoptions[$name]) ) { 360 360 unset($notoptions[$name]); 361 361 wp_cache_set('notoptions', $notoptions, 'options'); … … 762 762 $ret = ''; 763 763 if ( is_array(func_get_arg(0)) ) { 764 if ( @func_num_args() < 2 || ''== @func_get_arg(1) )764 if ( @func_num_args() < 2 || false === @func_get_arg(1) ) 765 765 $uri = $_SERVER['REQUEST_URI']; 766 766 else 767 767 $uri = @func_get_arg(1); 768 768 } else { 769 if ( @func_num_args() < 3 || ''== @func_get_arg(2) )769 if ( @func_num_args() < 3 || false === @func_get_arg(2) ) 770 770 $uri = $_SERVER['REQUEST_URI']; 771 771 else … … 802 802 } 803 803 804 parse_str($query, $qs); 805 if ( get_magic_quotes_gpc() ) 806 $qs = stripslashes_deep($qs); // parse_str() adds slashes if magicquotes is on. See: http://php.net/parse_str 804 wp_parse_str($query, $qs); 807 805 $qs = urlencode_deep($qs); 808 806 if ( is_array(func_get_arg(0)) ) { … … 825 823 $ret = trim($ret, '?'); 826 824 $ret = $protocol . $base . $ret . $frag; 827 $ret = trim($ret, '?');825 $ret = rtrim($ret, '?'); 828 826 return $ret; 829 827 } … … 839 837 */ 840 838 841 function remove_query_arg($key, $query= '') {839 function remove_query_arg($key, $query=FALSE) { 842 840 if ( is_array($key) ) { // removing multiple keys 843 841 foreach ( (array) $key as $k ) … … 1318 1316 global $wp_locale; 1319 1317 1320 if ( is_wp_error( $message ) ) {1318 if ( function_exists( 'is_wp_error' ) && is_wp_error( $message ) ) { 1321 1319 if ( empty($title) ) { 1322 1320 $error_data = $message->get_error_data(); … … 1482 1480 1483 1481 function wp_parse_args( $args, $defaults = '' ) { 1484 if ( is_array( $args) ) :1482 if ( is_array( $args ) ) 1485 1483 $r =& $args; 1486 else : 1487 parse_str( $args, $r ); 1488 if ( get_magic_quotes_gpc() ) 1489 $r = stripslashes_deep( $r ); 1490 endif; 1491 1492 if ( is_array($defaults) ) : 1493 extract($defaults); 1494 extract($r); 1495 return compact(array_keys($defaults)); // only those options defined in $defaults 1496 else : 1484 else 1485 wp_parse_str( $args, $r ); 1486 1487 if ( is_array( $defaults ) ) 1488 return array_merge( $defaults, $r ); 1489 else 1497 1490 return $r; 1498 endif;1499 1491 } 1500 1492 … … 1508 1500 function wp_widgets_add_menu() { 1509 1501 global $submenu; 1510 $submenu['themes.php'][7] = array( __( 'Widgets' ), ' edit_themes', 'widgets.php' );1502 $submenu['themes.php'][7] = array( __( 'Widgets' ), 'switch_themes', 'widgets.php' ); 1511 1503 ksort($submenu['themes.php'], SORT_NUMERIC); 1512 1504 } -
tags/2.2.1/wp-includes/general-template.php
r60068 r60068 64 64 65 65 // Don't filter URL's. 66 if (strpos($show, 'url') === false ||67 strpos($show, 'directory') === false ||66 if (strpos($show, 'url') === false && 67 strpos($show, 'directory') === false && 68 68 strpos($show, 'home') === false) { 69 69 $info = apply_filters('bloginfo', $info, $show); … … 110 110 case 'comments_atom_url': 111 111 $output = get_feed_link('comments_atom'); 112 break; 112 113 case 'comments_rss2_url': 113 114 $output = get_feed_link('comments_rss2'); … … 218 219 if ( is_single() || is_page() ) { 219 220 $post = $wp_query->get_queried_object(); 220 $title = apply_filters('single_post_title', $title); 221 $title = strip_tags($post->post_title); 221 $title = strip_tags( apply_filters( 'single_post_title', $post->post_title ) ); 222 222 } 223 223 … … 323 323 $defaults = array('type' => 'monthly', 'limit' => '', 'format' => 'html', 'before' => '', 'after' => '', 'show_post_count' => false); 324 324 $r = array_merge($defaults, $r); 325 extract($r );325 extract($r, EXTR_SKIP); 326 326 327 327 if ( '' == $type ) … … 900 900 edCanvas = document.getElementById('<?php echo $id; ?>'); 901 901 <?php if ( $prev_id && user_can_richedit() ) : ?> 902 // If tinyMCE is defined. 903 if ( typeof tinyMCE != 'undefined' ) { 902 904 // This code is meant to allow tabbing from Title to Post (TinyMCE). 903 if ( tinyMCE.isMSIE ) 904 document.getElementById('<?php echo $prev_id; ?>').onkeydown = function (e) 905 { 905 if ( tinyMCE.isMSIE ) { 906 document.getElementById('<?php echo $prev_id; ?>').onkeydown = function (e) { 906 907 e = e ? e : window.event; 907 908 if (e.keyCode == 9 && !e.shiftKey && !e.controlKey && !e.altKey) { … … 916 917 } 917 918 } 918 else 919 document.getElementById('<?php echo $prev_id; ?>').onkeypress = function (e) 920 { 919 } else { 920 document.getElementById('<?php echo $prev_id; ?>').onkeypress = function (e) { 921 921 e = e ? e : window.event; 922 922 if (e.keyCode == 9 && !e.shiftKey && !e.controlKey && !e.altKey) { … … 931 931 } 932 932 } 933 } 934 } 933 935 <?php endif; ?> 934 936 //--> … … 956 958 } 957 959 958 function paginate_links( $arg = '' ) { 959 if ( is_array($arg) ) 960 $a = &$arg; 961 else 962 parse_str($arg, $a); 963 964 // Defaults 965 $base = '%_%'; // http://example.com/all_posts.php%_% : %_% is replaced by format (below) 966 $format = '?page=%#%'; // ?page=%#% : %#% is replaced by the page number 967 $total = 1; 968 $current = 0; 969 $show_all = false; 970 $prev_next = true; 971 $prev_text = __('« Previous'); 972 $next_text = __('Next »'); 973 $end_size = 1; // How many numbers on either end including the end 974 $mid_size = 2; // How many numbers to either side of current not including current 975 $type = 'plain'; 976 $add_args = false; // array of query args to aadd 977 978 extract($a); 960 function paginate_links( $args = '' ) { 961 $defaults = array( 962 'base' => '%_%', // http://example.com/all_posts.php%_% : %_% is replaced by format (below) 963 'format' => '?page=%#%', // ?page=%#% : %#% is replaced by the page number 964 'total' => 1, 965 'current' => 0, 966 'show_all' => false, 967 'prev_next' => true, 968 'prev_text' => __('« Previous'), 969 'next_text' => __('Next »'), 970 'end_size' => 1, // How many numbers on either end including the end 971 'mid_size' => 2, // How many numbers to either side of current not including current 972 'type' => 'plain', 973 'add_args' => false // array of query args to aadd 974 ); 975 976 $args = wp_parse_args( $args, $defaults ); 977 extract($args, EXTR_SKIP); 979 978 980 979 // Who knows what else people pass in $args -
tags/2.2.1/wp-includes/js/tinymce/themes/advanced/color_picker.htm
r60068 r60068 3 3 <title>{$lang_theme_colorpicker_title}</title> 4 4 <script language="javascript" type="text/javascript" src="../../tiny_mce_popup.js"></script> 5 <script language="javascript" type="text/javascript" src="../../utils/mctabs.js"></script> 5 6 <script language="javascript" type="text/javascript" src="jscripts/color_picker.js"></script> 7 <link href="css/colorpicker.css" rel="stylesheet" type="text/css" /> 6 8 <base target="_self" /> 7 9 </head> 8 <body onload="tinyMCEPopup.executeOnLoad('init();');" style="margin: 3px; display: none"> 9 <div align="center"> 10 <script language="javascript" type="text/javascript">renderColorMap();</script> 10 <body onload="tinyMCEPopup.executeOnLoad('init();');" style="display: none"> 11 <div class="tabs"> 12 <ul> 13 <li id="picker_tab" class="current"><span><a href="javascript:mcTabs.displayTab('picker_tab','picker_panel');" onmousedown="return false;">{$lang_color_picker_tab}</a></span></li> 14 <li id="rgb_tab"><span><a href="#" onclick="generateWebColors();mcTabs.displayTab('rgb_tab','rgb_panel');" onmousedown="return false;">{$lang_web_colors_tab}</a></span></li> 15 <li id="named_tab"><span><a href="#" onclick="generateNamedColors();javascript:mcTabs.displayTab('named_tab','named_panel');" onmousedown="return false;">{$lang_named_colors_tab}</a></span></li> 16 </ul> 17 </div> 18 19 <div class="panel_wrapper"> 20 <div id="picker_panel" class="panel current"> 21 <fieldset> 22 <legend>{$lang_color_picker}</legend> 23 <div id="picker"> 24 <img id="colorpicker" src="images/colors.jpg" onclick="computeColor(event)" onmousedown="isMouseDown = true;return false;" onmouseup="isMouseDown = false;" onmousemove="if (isMouseDown && isMouseOver) computeColor(event); return false;" onmouseover="isMouseOver=true;" onmouseout="isMouseOver=false;" /> 25 26 <div id="light"> 27 <!-- Will be filled with divs --> 28 </div> 29 30 <br style="clear: both" /> 31 </div> 32 </fieldset> 33 </div> 34 35 <div id="rgb_panel" class="panel"> 36 <fieldset> 37 <legend>{$lang_web_colors}</legend> 38 <div id="webcolors"> 39 <!-- Gets filled with web safe colors--> 40 </div> 41 42 <br style="clear: both" /> 43 </fieldset> 44 </div> 45 46 <div id="named_panel" class="panel"> 47 <fieldset> 48 <legend>{$lang_named_colors}</legend> 49 <div id="namedcolors"> 50 <!-- Gets filled with named colors--> 51 </div> 52 53 <br style="clear: both" /> 54 55 <div id="colornamecontainer"> 56 {$lang_color_name} <span id="colorname"></span> 57 </div> 58 </fieldset> 59 </div> 60 </div> 61 62 <div class="mceActionPanel"> 63 <div style="float: left"> 64 <input type="button" id="insert" name="insert" value="{$lang_theme_colorpicker_apply}" onclick="insertAction();" /> 65 </div> 66 67 <div id="preview"></div> 68 69 <div id="previewblock"> 70 <label for="color">{$lang_color}</label> <input id="color" type="text" size="8" maxlength="8" class="text" /> 71 </div> 11 72 </div> 12 73 </body> -
tags/2.2.1/wp-includes/js/wp-ajax.js
r60068 r60068 28 28 }, 29 29 addArg: function(key, value) { 30 var a = [];30 var a = $H(); 31 31 a[encodeURIComponent(key)] = encodeURIComponent(value); 32 this.options.parameters = $H(this.options.parameters).merge( $H(a));32 this.options.parameters = $H(this.options.parameters).merge(a); 33 33 }, 34 34 getResponseElement: function(r) { -
tags/2.2.1/wp-includes/link-template.php
r60068 r60068 78 78 if (strpos($permalink, '%category%') !== false) { 79 79 $cats = get_the_category($post->ID); 80 if ( $cats ) 81 usort($cats, '_get_the_category_usort_by_ID'); // order by ID 80 82 $category = $cats[0]->category_nicename; 81 83 if ( $parent=$cats[0]->category_parent ) … … 481 483 if ( $permalink ) 482 484 $qstr = user_trailingslashit($qstr, 'paged'); 483 $qstr = preg_replace('/&([^#])(?![a-z]{1,8};)/', '&$1', trailingslashit( get_option('home') ) . $qstr );484 485 485 486 // showing /page/1/ or ?paged=1 is redundant … … 489 490 $qstr = remove_query_arg('paged', $qstr); // for query style 490 491 } 492 493 $qstr = preg_replace('/&([^#])(?![a-z]{1,8};)/', '&$1', trailingslashit( get_option('home') ) . $qstr ); 494 491 495 return $qstr; 492 496 } -
tags/2.2.1/wp-includes/pluggable.php
r60068 r60068 157 157 endif; 158 158 159 if ( !function_exists( 'wp_mail') ) :159 if ( !function_exists( 'wp_mail' ) ) : 160 160 function wp_mail($to, $subject, $message, $headers = '') { 161 161 global $phpmailer; … … 169 169 $mail = compact('to', 'subject', 'message', 'headers'); 170 170 $mail = apply_filters('wp_mail', $mail); 171 extract($mail );171 extract($mail, EXTR_SKIP); 172 172 173 173 if ( $headers == '' ) { … … 224 224 function wp_login($username, $password, $already_md5 = false) { 225 225 global $wpdb, $error; 226 227 $username = sanitize_user($username); 226 228 227 229 if ( '' == $username ) -
tags/2.2.1/wp-includes/post-template.php
r60068 r60068 142 142 'previouspagelink' => __('Previous page'), 'pagelink' => '%', 'more_file' => '', 'echo' => 1); 143 143 $r = array_merge($defaults, $r); 144 extract($r );144 extract($r, EXTR_SKIP); 145 145 146 146 global $id, $page, $numpages, $multipage, $more, $pagenow; … … 256 256 'name' => 'page_id', 'show_option_none' => ''); 257 257 $r = array_merge($defaults, $r); 258 extract($r );258 extract($r, EXTR_SKIP); 259 259 260 260 $pages = get_pages($r); -
tags/2.2.1/wp-includes/post.php
r60068 r60068 183 183 'meta_key' => '', 'meta_value' =>'', 'post_type' => 'post', 'post_status' => 'publish', 'post_parent' => 0); 184 184 $r = array_merge($defaults, $r); 185 extract($r );185 extract($r, EXTR_SKIP); 186 186 $numberposts = (int) $numberposts; 187 187 $offset = (int) $offset; … … 491 491 492 492 // export array as variables 493 extract($postarr );493 extract($postarr, EXTR_SKIP); 494 494 495 495 // Are we updating or creating? … … 882 882 883 883 // import postdata as variables 884 extract($postdata );884 extract($postdata, EXTR_SKIP); 885 885 886 886 // form an excerpt … … 1068 1068 'hierarchical' => 1, 'exclude' => '', 'include' => '', 'meta_key' => '', 'meta_value' => '', 'authors' => ''); 1069 1069 $r = array_merge($defaults, $r); 1070 extract($r );1070 extract($r, EXTR_SKIP); 1071 1071 1072 1072 $key = md5( serialize( $r ) ); … … 1222 1222 1223 1223 // Export array as variables 1224 extract($object );1224 extract($object, EXTR_SKIP); 1225 1225 1226 1226 // Get the basics. -
tags/2.2.1/wp-includes/registration.php
r60068 r60068 33 33 global $wpdb; 34 34 35 extract($userdata );35 extract($userdata, EXTR_SKIP); 36 36 37 37 // Are we updating or creating? -
tags/2.2.1/wp-includes/theme.php
r60068 r60068 87 87 } 88 88 89 return array( 'Name' => $name, 'Title' => $theme, 'URI' => $theme_uri, 'Description' => $description, 'Author' => $author, 'Version' => $version, 'Template' => $template [1], 'Status' => $status );89 return array( 'Name' => $name, 'Title' => $theme, 'URI' => $theme_uri, 'Description' => $description, 'Author' => $author, 'Version' => $version, 'Template' => $template, 'Status' => $status ); 90 90 } 91 91 -
tags/2.2.1/wp-includes/version.php
r60068 r60068 3 3 // This holds the version number in a separate file so we can bump it without cluttering the SVN 4 4 5 $wp_version = '2.2 ';5 $wp_version = '2.2.1'; 6 6 $wp_db_version = 5183; 7 7 -
tags/2.2.1/wp-includes/widgets.php
r60068 r60068 76 76 $id = sanitize_title($name); 77 77 $options = array(); 78 if ( !empty($classname) )78 if ( !empty($classname) && is_string($classname) ) 79 79 $options['classname'] = $classname; 80 $params = array_slice(func_get_args(), 3);80 $params = array_slice(func_get_args(), 2); 81 81 $args = array($id, $name, $output_callback, $options); 82 82 if ( !empty($params) ) … … 327 327 /* Default Widgets */ 328 328 329 function wp_widget_pages($args) { 330 extract($args); 331 $options = get_option('widget_pages'); 332 $title = empty($options['title']) ? __('Pages') : $options['title']; 333 echo $before_widget . $before_title . $title . $after_title . "<ul>\n"; 334 wp_list_pages("title_li="); 335 echo "</ul>\n" . $after_widget; 329 function wp_widget_pages( $args ) { 330 extract( $args ); 331 $options = get_option( 'widget_pages' ); 332 333 $title = empty( $options['title'] ) ? __( 'Pages' ) : $options['title']; 334 $sortby = empty( $options['sortby'] ) ? 'menu_order' : $options['sortby']; 335 $exclude = empty( $options['exclude'] ) ? '' : '&exclude=' . $options['exclude']; 336 337 if ( $sortby == 'menu_order' ) { 338 $sortby = 'menu_order, post_title'; 339 } 340 341 $out = wp_list_pages( 'title_li=&echo=0&sort_column=' . $sortby . $exclude ); 342 343 if ( !empty( $out ) ) { 344 ?> 345 <?php echo $before_widget; ?> 346 <?php echo $before_title . $title . $after_title; ?> 347 <ul> 348 <?php echo $out; ?> 349 </ul> 350 <?php echo $after_widget; ?> 351 <?php 352 } 336 353 } 337 354 338 355 function wp_widget_pages_control() { 339 356 $options = $newoptions = get_option('widget_pages'); 340 if ( $_POST["pages-submit"] ) { 341 $newoptions['title'] = strip_tags(stripslashes($_POST["pages-title"])); 357 if ( $_POST['pages-submit'] ) { 358 $newoptions['title'] = strip_tags(stripslashes($_POST['pages-title'])); 359 360 $sortby = stripslashes( $_POST['pages-sortby'] ); 361 362 if ( in_array( $sortby, array( 'post_title', 'menu_order', 'ID' ) ) ) { 363 $newoptions['sortby'] = $sortby; 364 } else { 365 $newoptions['sortby'] = 'menu_order'; 366 } 367 368 $newoptions['exclude'] = strip_tags( stripslashes( $_POST['pages-exclude'] ) ); 342 369 } 343 370 if ( $options != $newoptions ) { … … 346 373 } 347 374 $title = attribute_escape($options['title']); 375 $exclude = attribute_escape( $options['exclude'] ); 348 376 ?> 349 377 <p><label for="pages-title"><?php _e('Title:'); ?> <input style="width: 250px;" id="pages-title" name="pages-title" type="text" value="<?php echo $title; ?>" /></label></p> 378 <p><label for="pages-sortby"><?php _e( 'Sort by:' ); ?> 379 <select name="pages-sortby" id="pages-sortby"> 380 <option value="post_title"<?php selected( $options['sortby'], 'post_title' ); ?>><?php _e('Page title'); ?></option> 381 <option value="menu_order"<?php selected( $options['sortby'], 'menu_order' ); ?>><?php _e('Page order'); ?></option> 382 <option value="ID"<?php selected( $options['sortby'], 'ID' ); ?>><?php _e( 'Page ID' ); ?></option> 383 </select></label></p> 384 <p><label for="pages-exclude"><?php _e( 'Exclude:' ); ?> <input type="text" value="<?php echo $exclude; ?>" name="pages-exclude" id="pages-exclude" style="width: 180px;" /></label><br /> 385 <small><?php _e( 'Page IDs, separated by commas.' ); ?></small></p> 350 386 <input type="hidden" id="pages-submit" name="pages-submit" value="1" /> 351 387 <?php … … 354 390 function wp_widget_links($args) { 355 391 global $wp_db_version; 356 extract($args );392 extract($args, EXTR_SKIP); 357 393 if ( $wp_db_version < 3582 ) { 358 394 // This ONLY works with li/h2 sidebars. … … 494 530 $options = get_option('widget_text'); 495 531 $title = $options[$number]['title']; 496 if ( empty($title) ) 497 $title = ' '; 498 $text = $options[$number]['text']; 532 $text = apply_filters( 'widget_text', $options[$number]['text'] ); 499 533 ?> 500 534 <?php echo $before_widget; ?> 501 <?php $title ? print($before_title . $title . $after_title) : null;?>535 <?php if ( !empty( $title ) ) { echo $before_title . $title . $after_title; } ?> 502 536 <div class="textwidget"><?php echo $text; ?></div> 503 537 <?php echo $after_widget; ?> … … 520 554 } 521 555 $title = attribute_escape($options[$number]['title']); 522 $text = attribute_escape($options[$number]['text']);523 ?> 524 <input style="width: 450px;" id="text-title-<?php echo "$number"; ?>" name="text-title-<?php echo "$number"; ?>" type="text" value="<?php echo $title; ?>" />525 <textarea style="width: 450px; height: 280px;" id="text-text-<?php echo "$number"; ?>" name="text-text-<?php echo "$number"; ?>"><?php echo $text; ?></textarea>556 $text = format_to_edit($options[$number]['text']); 557 ?> 558 <input style="width: 450px;" id="text-title-<?php echo $number; ?>" name="text-title-<?php echo $number; ?>" type="text" value="<?php echo $title; ?>" /> 559 <textarea style="width: 450px; height: 280px;" id="text-text-<?php echo $number; ?>" name="text-text-<?php echo $number; ?>"><?php echo $text; ?></textarea> 526 560 <input type="hidden" id="text-submit-<?php echo "$number"; ?>" name="text-submit-<?php echo "$number"; ?>" value="1" /> 527 561 <?php … … 772 806 function wp_widget_rss($args, $number = 1) { 773 807 require_once(ABSPATH . WPINC . '/rss.php'); 774 extract($args );808 extract($args, EXTR_SKIP); 775 809 $options = get_option('widget_rss'); 776 810 if ( isset($options['error']) && $options['error'] ) … … 827 861 } 828 862 } else { 829 echo __('<li>An error has occured; the feed is probably down. Try again later.</li>');863 echo '<li>' . __( 'An error has occurred; the feed is probably down. Try again later.' ) . '</li>'; 830 864 } 831 865 ?> … … 929 963 $class = array('classname' => 'widget_pages'); 930 964 wp_register_sidebar_widget('pages', __('Pages'), 'wp_widget_pages', $class); 931 wp_register_widget_control('pages', __('Pages'), 'wp_widget_pages_control', $dims 90);965 wp_register_widget_control('pages', __('Pages'), 'wp_widget_pages_control', $dims150); 932 966 $class['classname'] = 'widget_calendar'; 933 967 wp_register_sidebar_widget('calendar', __('Calendar'), 'wp_widget_calendar', $class); -
tags/2.2.1/wp-settings.php
r60068 r60068 82 82 // For an advanced caching plugin to use, static because you would only want one 83 83 if ( defined('WP_CACHE') ) 84 require (ABSPATH . 'wp-content/advanced-cache.php');84 @include ABSPATH . 'wp-content/advanced-cache.php'; 85 85 86 86 define('WPINC', 'wp-includes'); -
tags/2.2.1/xmlrpc.php
r60068 r60068 29 29 <homePageLink><?php bloginfo_rss('url') ?></homePageLink> 30 30 <apis> 31 <api name="WordPress" blogID="1" preferred="false" apiLink="<?php bloginfo_rss(' url') ?>/xmlrpc.php" />32 <api name="Movable Type" blogID="1" preferred="true" apiLink="<?php bloginfo_rss(' url') ?>/xmlrpc.php" />33 <api name="MetaWeblog" blogID="1" preferred="false" apiLink="<?php bloginfo_rss(' url') ?>/xmlrpc.php" />34 <api name="Blogger" blogID="1" preferred="false" apiLink="<?php bloginfo_rss(' url') ?>/xmlrpc.php" />31 <api name="WordPress" blogID="1" preferred="false" apiLink="<?php bloginfo_rss('wpurl') ?>/xmlrpc.php" /> 32 <api name="Movable Type" blogID="1" preferred="true" apiLink="<?php bloginfo_rss('wpurl') ?>/xmlrpc.php" /> 33 <api name="MetaWeblog" blogID="1" preferred="false" apiLink="<?php bloginfo_rss('wpurl') ?>/xmlrpc.php" /> 34 <api name="Blogger" blogID="1" preferred="false" apiLink="<?php bloginfo_rss('wpurl') ?>/xmlrpc.php" /> 35 35 </apis> 36 36 </service> … … 209 209 210 210 // Format page date. 211 $page_date = mysql2date("Ymd\TH:i:s ", $page->post_date_gmt);211 $page_date = mysql2date("Ymd\TH:i:s\Z", $page->post_date_gmt); 212 212 213 213 // Pull the categories info together. … … 439 439 $num_pages = count($page_list); 440 440 for($i = 0; $i < $num_pages; $i++) { 441 $post_date = mysql2date("Ymd\TH:i:s ", $page_list[$i]->post_date_gmt);441 $post_date = mysql2date("Ymd\TH:i:s\Z", $page_list[$i]->post_date_gmt); 442 442 $page_list[$i]->dateCreated = new IXR_Date($post_date); 443 443 … … 539 539 $password = $args[2]; 540 540 $category = $args[3]; 541 $max_results = $args[4];541 $max_results = (int) $args[4]; 542 542 543 543 if(!$this->login_pass_ok($username, $password)) { … … 850 850 return new IXR_Error(401, __('Sorry, you do not have the right to edit this post.')); 851 851 852 extract($actual_post );852 extract($actual_post, EXTR_SKIP); 853 853 854 854 if ( ('publish' == $post_status) && !current_user_can('publish_posts') ) … … 930 930 } 931 931 932 $cap = ($publish) ? 'publish_posts' : 'edit_posts'; 932 933 $user = set_current_user(0, $user_login); 933 if ( !current_user_can( 'publish_posts') )934 if ( !current_user_can($cap) ) 934 935 return new IXR_Error(401, __('Sorry, you can not post on this weblog or category.')); 935 936 … … 1000 1001 1001 1002 if(isset($content_struct["mt_allow_comments"])) { 1002 switch((int) $content_struct["mt_allow_comments"]) { 1003 case 0: 1004 $comment_status = "closed"; 1005 break; 1006 case 1: 1007 $comment_status = "open"; 1008 break; 1009 default: 1010 $comment_status = get_option("default_comment_status"); 1011 break; 1003 if(!is_numeric($content_struct["mt_allow_comments"])) { 1004 switch($content_struct["mt_allow_comments"]) { 1005 case "closed": 1006 $comment_status = "closed"; 1007 break; 1008 case "open": 1009 $comment_status = "open"; 1010 break; 1011 default: 1012 $comment_status = get_option("default_comment_status"); 1013 break; 1014 } 1012 1015 } 1016 else { 1017 switch((int) $content_struct["mt_allow_comments"]) { 1018 case 0: 1019 $comment_status = "closed"; 1020 break; 1021 case 1: 1022 $comment_status = "open"; 1023 break; 1024 default: 1025 $comment_status = get_option("default_comment_status"); 1026 break; 1027 } 1028 } 1029 } 1030 else { 1031 $comment_status = get_option("default_comment_status"); 1013 1032 } 1014 1033 1015 1034 if(isset($content_struct["mt_allow_pings"])) { 1016 switch((int) $content_struct["mt_allow_pings"]) { 1017 case 0: 1018 $ping_status = "closed"; 1019 break; 1020 case 1: 1021 $ping_status = "open"; 1022 break; 1023 default: 1024 $ping_status = get_option("default_ping_status"); 1025 break; 1035 if(!is_numeric($content_struct["mt_allow_pings"])) { 1036 switch($content["mt_allow_pings"]) { 1037 case "closed": 1038 $ping_status = "closed"; 1039 break; 1040 case "open": 1041 $ping_status = "open"; 1042 break; 1043 default: 1044 $ping_status = get_option("default_ping_status"); 1045 break; 1046 } 1026 1047 } 1048 else { 1049 switch((int) $content_struct["mt_allow_pings"]) { 1050 case 0: 1051 $ping_status = "closed"; 1052 break; 1053 case 1: 1054 $ping_status = "open"; 1055 break; 1056 default: 1057 $ping_status = get_option("default_ping_status"); 1058 break; 1059 } 1060 } 1061 } 1062 else { 1063 $ping_status = get_option("default_ping_status"); 1027 1064 } 1028 1065 … … 1127 1164 } 1128 1165 1129 extract($postdata);1130 1166 $this->escape($postdata); 1167 extract($postdata, EXTR_SKIP); 1131 1168 1132 1169 // Let WordPress manage slug if none was provided. … … 1151 1188 } 1152 1189 1153 $post_author = $ user->ID;1190 $post_author = $postdata["post_author"]; 1154 1191 1155 1192 // Only set the post_author if one is set. … … 1178 1215 } 1179 1216 1180 // Only set ping_status if it was provided. 1217 if(isset($content_struct["mt_allow_comments"])) { 1218 if(!is_numeric($content_struct["mt_allow_comments"])) { 1219 switch($content_struct["mt_allow_comments"]) { 1220 case "closed": 1221 $comment_status = "closed"; 1222 break; 1223 case "open": 1224 $comment_status = "open"; 1225 break; 1226 default: 1227 $comment_status = get_option("default_comment_status"); 1228 break; 1229 } 1230 } 1231 else { 1232 switch((int) $content_struct["mt_allow_comments"]) { 1233 case 0: 1234 $comment_status = "closed"; 1235 break; 1236 case 1: 1237 $comment_status = "open"; 1238 break; 1239 default: 1240 $comment_status = get_option("default_comment_status"); 1241 break; 1242 } 1243 } 1244 } 1245 1181 1246 if(isset($content_struct["mt_allow_pings"])) { 1182 switch((int) $content_struct["mt_allow_pings"]) { 1183 case 0: 1184 $ping_status = "closed"; 1185 break; 1186 case 1: 1187 $ping_status = "open"; 1188 break; 1247 if(!is_numeric($content_struct["mt_allow_pings"])) { 1248 switch($content["mt_allow_pings"]) { 1249 case "closed": 1250 $ping_status = "closed"; 1251 break; 1252 case "open": 1253 $ping_status = "open"; 1254 break; 1255 default: 1256 $ping_status = get_option("default_ping_status"); 1257 break; 1258 } 1259 } 1260 else { 1261 switch((int) $content_struct["mt_allow_pings"]) { 1262 case 0: 1263 $ping_status = "closed"; 1264 break; 1265 case 1: 1266 $ping_status = "open"; 1267 break; 1268 default: 1269 $ping_status = get_option("default_ping_status"); 1270 break; 1271 } 1189 1272 } 1190 1273 } … … 1221 1304 $to_ping = implode(' ', $to_ping); 1222 1305 1223 if(isset($content_struct["mt_allow_comments"])) {1224 $comment_status = (int) $content_struct["mt_allow_comments"];1225 }1226 1227 1306 // Do some timestamp voodoo 1228 1307 $dateCreatedd = $content_struct['dateCreated']; … … 1270 1349 if ($postdata['post_date'] != '') { 1271 1350 1272 $post_date = mysql2date('Ymd\TH:i:s ', $postdata['post_date_gmt']);1351 $post_date = mysql2date('Ymd\TH:i:s\Z', $postdata['post_date_gmt']); 1273 1352 1274 1353 $categories = array(); … … 1338 1417 foreach ($posts_list as $entry) { 1339 1418 1340 $post_date = mysql2date('Ymd\TH:i:s ', $entry['post_date_gmt']);1419 $post_date = mysql2date('Ymd\TH:i:s\Z', $entry['post_date_gmt']); 1341 1420 $categories = array(); 1342 1421 $catids = wp_get_post_categories($entry['ID']); … … 1437 1516 $bits = $data['bits']; 1438 1517 1518 logIO('O', '(MW) Received '.strlen($bits).' bytes'); 1519 1520 if ( !$this->login_pass_ok($user_login, $user_pass) ) 1521 return $this->error; 1522 1523 set_current_user(0, $user_login); 1524 if ( !current_user_can('upload_files') ) { 1525 logIO('O', '(MW) User does not have upload_files capability'); 1526 $this->error = new IXR_Error(401, __('You are not allowed to upload files to this site.')); 1527 return $this->error; 1528 } 1529 1530 if ( $upload_err = apply_filters( "pre_upload_error", false ) ) 1531 return new IXR_Error(500, $upload_err); 1532 1439 1533 if(!empty($data["overwrite"]) && ($data["overwrite"] == true)) { 1440 1534 // Get postmeta info on the object. … … 1454 1548 $name = "wpid{$old_file->ID}-{$filename}"; 1455 1549 } 1456 1457 logIO('O', '(MW) Received '.strlen($bits).' bytes');1458 1459 if ( !$this->login_pass_ok($user_login, $user_pass) )1460 return $this->error;1461 1462 set_current_user(0, $user_login);1463 if ( !current_user_can('upload_files') ) {1464 logIO('O', '(MW) User does not have upload_files capability');1465 $this->error = new IXR_Error(401, __('You are not allowed to upload files to this site.'));1466 return $this->error;1467 }1468 1469 if ( $upload_err = apply_filters( "pre_upload_error", false ) )1470 return new IXR_Error(500, $upload_err);1471 1550 1472 1551 $upload = wp_upload_bits($name, $type, $bits, $overwrite); … … 1523 1602 foreach ($posts_list as $entry) { 1524 1603 1525 $post_date = mysql2date('Ymd\TH:i:s ', $entry['post_date_gmt']);1604 $post_date = mysql2date('Ymd\TH:i:s\Z', $entry['post_date_gmt']); 1526 1605 1527 1606 $struct[] = array(
Note: See TracChangeset
for help on using the changeset viewer.