multiple blogs & sites / merge WPMU

[hakre]

As reported on the devblog, there will be a new feature in 3.0: WPMU codebase is merged with WP codebase which means: multiple blogs / domains / sites however you call it.

[hakre]

on wishlist30 for ​Gaelen, ​DreadKnight, ​andrea_r, ​webord, ​mercime, ​donnacha, ​reconbot, ​akshay_raje, ​arena, ​ryanhellyer, ​RanchNachos, ​mercime, ... (I stopped at the end of page 2)

I did not differ between WPMU import, Code-Merger, Multiple Domains Feature and the like. It might be usefull to create multiple tickets for various feature requests.

[arena]

diff between wp 2.9 and mu 2.8.6 root

[arena]

diff between wp 2.9 and mu 2.8.6 wp-admin

[arena]

diff between wp 2.9 and mu 2.8.6 wp-content

[arena]

diff between wp 2.9 and mu 2.8.6 wp-includes

[arena]

@hackre

there are definitely some questions that must be answered :

• PHP4 support ?
• folder mu-plugins becomes wp-plugins ?
• which repository for WP 3.0 ? mu ? wp ?
• WP 3.0 merge with backpress ?
• deadline for WP 3.0 ?

and may be much more !

[dd32]

All those questions will be answered once the Scope for 3.0 is finalised, That'll happen in the next Weekly Dev meeting on the 7th.

WordPress already supports /wp-content/mu-plugins/ btw, It also already supports a few other MU-ities.

I can tell you though, the MU repo will become stale if it ceases to exist entirely.

As for what features, pretty much all of them, But i can assure you many parts will recieve a rewrite, simply to make it work for the masses or make it more user friendly, It always happens when some code gets a few extra thousand viewers.

[nacin]

Replying to dd32:

WordPress already supports /wp-content/mu-plugins/

Adding to that, [10737], which introduced support for mu-plugins, gave it a new meaning: 'must use' plugins. No reason to rename, especially since wp-plugins will confuse people.

[hakre]

I hope the term 'must use' does not apply to the following two changesets:

1. [12602] Adding multi-site settings code / 01/05/10 20:59:50 (7 hours ago) / wpmuguru
2. [12603] Add mu only (inactive) files / 01/06/10 04:03:10 (less than one hour ago) / wpmuguru

Hopefully those were only done in error get reverted ASAP. Just open a new branch for that wpmu-merger-guru where he can give a heads up into. And at least wait until the first dev meeting could have taken place. My 2 cents.

[dd32]

I hope the term 'must use' does not apply to the following two changesets:

The new term is "MS - Multi Site".

Trunk will be breaking over the merge for sure, No questions about it. Anyone who wants a stable development environment would be advised to use /branches/2.9/

The added files are mearly inactive at present, as they're the "extra" files, when the real changes start thats when things will break. That'll be after the dev meeting i believe (when doncha has more time?)

[nacin]

Replying to dd32:

Replying to hakre:

I hope the term 'must use' does not apply to the following two changesets:

The new term is "MS - Multi Site".

'must use' was only an acronym for mu-plugins. I imagine it was so the constants and directory tree could stay the same when mu-plugins support was brought into core.

"Multi-Site" is interesting and opens up a number of terminology questions I imagine will be answered in the coming weeks. Will core move from "blog" to "site"? What about MU's "sitewide" plugins? And "site" is used to describe an MU install, e.g. get_site_option().

[hakre]

Related: #10890

[ryan]

Introduce is_multisite()

[ryan]

(In [12609]) Introduce is_multisite(). see #11644

[ryan]

is_multisite() is just a simple stub right now to get things going.

[nacin]

Trying something here... Related tickets based on component and keyword:

No results

#11644

multiple blogs & sites / merge WPMU

#11743

recently added files are set as executable

#11745

deprecate validate_email()

#11746

deprecate generate_random_password()

#11747

make install_blog_defaults() use the stuff in the normal WP installer

#11749

recurse_dirsize() leaves directories open

#11755

newly introduced link-import.php file looks a lot like opml import

#11756

r12603 re-introduces unmaintained file edit-form.php

#11762

inconsistent function name conventions in newly introduced files

#11770

inconsistencies in the WPMU menu permissions

#11771

stripslashes_from_options() prevents plugins from storing a site name with a slash?

#11772

ms-admin.php stats should use the available cached data + count functions should exclude partially registered users/blogs from stats

#11778

ms-edit.php updates options without the slightest sanitization or unslashing

#11781

there is potential for odd behavior in two queries in ms-edit.php

#11785

blog prefix isn't necessarily wp_

#11786

improper parameter defaults in ms-sites.php

#11787

search by blog id under ms-sites.php uses the wrong parameter

#11788

barely sanitized strings are put straight in the database in ms-site.php

#11789

links in ms-site.php are still pointing to wpmu-edit.php

#11790

drop use of hard-coded $bgcolor, and use admin class instead

#11792

poorly sanitized attributes all over ms-users.php

#11793

Make delete link work like delete button with transfering users

#11796

Deprecate VHOST in favor of a boolean

#11816

Users should be able to switch from a standard single install to a Multi-Site Install

#11852

Function is_subdomain_install() not found

#11894

multisite permission checks should use caps when available

#11945

no www restriction will interfere with existing sites with www

#11961

site admin plugin menus added using wpmu-admin.php

#11970

Upgrade Site - Malformed

#11975

My Blogs Should Include Core Blog

#11994

Rewrite rules cause some URLs to fail

#11998

switch_to_blog and wp_upload_dir, with wpmu 2.8.4a

#11999

XML-RPC - Unable to connect to blog on initial adding of blog account

#12015

wp_get_attachment_image_src() returns mixed url + serverpath

#12021

Default database create SQL makes invalid assumptions about primary key values

#12023

switch_to_blog does not check if the blog really exists

#12034

Broken link in WPMU->WP core merge

#12044

Wrong path for uploaded files

#12065

Clean up cache re-init code in Multisite

#12069

Siteurl filter for upgrades in multisite mode

#12080

plugins_url() does not correctly detect mu-plugins on Windows

#12083

Merge is_installed() into wp_not_installed() and is_blog_installed()

#12094

Locked out of Network creation if process aborted half way

#12119

Wordpress MU - wpmu-blogs.php protocol is not respected everywhere

#12142

cant access admin in ms install

#12166

activate_header action should be in wp_head

#12229

Allow to customize the update services on multisite

#12255

apache_get_modules() not returning mod_rewrite status

#12352

upgrade claims my DB needs repair

#12386

Clean-up of confirm_delete_users in ms.php

#12457

Using localhost without VHOST should be allowed for MS sites

#12459

dashboard / my sites doesn't handle empty database prefixes properly

#12460

Overhaul of some multisite files

#12463

uninstantiated option in MS functionality

#12488

maybe_add_existing_user_to_blog() dies with a page title indicating an Error on success

#12549

Incorrect file URL for existing uploaded images (3.0-single to multi-site)

#12558

Don't define BLOGUPLOADDIR if UPLOADS is defined

#12572

Change 'Delete blog' to 'Delete site' in the menu

#12589

Disable/Enable Global Terms

#12604

Don't show 'update your .htaccess/web.config' message on options-permalink.php

#12662

Admin notice feeds do not appear on network site dashboards

#12663

Hierarchical taxonomies mixed up, not global when global terms enabled in multisite

#12666

ms-options.php cleanups, and enabling global terms

#12672

Provide Multisite stats to api.wordpress.org

#12679

Let's use the hostname instead of example.com

#12710

Improvment for file upload quota on dashboard

#12711

Author & Users shows all users on multisite

#12735

get_blogaddress_by_* adds path in multisite. breaks get_home_url etc

#12736

my-sites.php uses site url instead of home url in visit links

#12747

Use another register date for the main blog

#12758

Better server checks in network.php

#12820

get_blog_prefix() does not return prefix for current blog when no blog ID is passed

#12823

Blog name is unnecessarily sanitized

#12831

Validate name of dashboard site

#12847

[MS] CSS issues in FF and Chrome for the themes page

#12848

Network instructions need to be more verbose

#12851

Change $from_name when sending out email with MS

#12884

Taxonomy Pages aren't properly redirected on main site when using Multi Site Subdirectories

#12889

Site status can't be changed on edit site

#12912

Admin Notice Feed Message

#12931

Upgrading a Single Site install to MultiSite Install with Subdirs is not safe

#13043

get_site_option should use wpdb->get_row

#13082

Wrong variable for page_links_text in ms-sites and ms-users

#13087

Some improvments for wp-signup.php; wrong title for signup

#13094

Super admins should be able to view spam, archived, deleted, etc. blogs.

#13099

deleting blog on some versions of mysql requires escaping

#13104

Forced /index.php and stripping of www

#13191

admin_url does not respect WP_SITEURL

#13238

Cleanup strings in ms-themes

#13270

Super Admins are unable to edit Post Author

#13304

Disallow the creation of a /blog/ site

#13483

fileupload_url / upload_url_path

#13517

Undefined variable $recurse_start when creating a new menu

#13540

Apache Network Suggested Rewrite Rules

#13594

Moving a site from single site to multi site on WP 3.0 rc1 propose subdirectory, but applies subdomains

#13596

Do not show 'Network Activate' link if update fails

#13622

"www" incorrectly being added to subdomain URLs

#13638

Do not show a 404 title on wp-activate.php

#13706

Multisite language file is interpreted incorrectly

#13707

404 on all admin pages of main blog

#13733

MS Main Site Uploads Inconsistency

#13760

Unused validation in wpmu_activate_signup

#13764

Logic check should be reversed to prevent PHP notice

#13773

Warning and wrong blog prefix in get_most_active_blogs() and get_blog_list()

#13775

Warning and table styling bug on ms themes page

#13844

Consider switching allow_subdirectory_install filter to a constant

#13852

No link to wp-signup.php for "blog" registration option.

#13859

Wrong field name in populate_network()

No results

[nacin]

New report of all tickets with the multisite keyword or in the Multisite component -- {30}

[Denis-de-Bernardy]

sheesh, that's a lot of tickets already...

@nacin: thanks!

[ryan]

(In [12611]) Introduce is_super_admin(). see #11644.

[ryan]

(In [12612]) Return true for all admin user is multisite is not enabled. see #11644

[wpmuguru]

(In [12620]) Change references to wpmu-edit.php - See #11644

[Denis-de-Bernardy]

menu-refs.diff changes more refs

[ryan]

[12622]

[ryan]

(In [12625]) Queue ms.css if multisite. see #11644

[ryan]

(In [12626]) Queue ms.css if multisite. see #11644

[automattor]

(In [12627]) Cleanup titles. see #11644

[ryan]

(In [12628]) Remove raquo. see #11644

[ryan]

(In [12629]) Fix blogs menu item. see #11644

[ryan]

(In [12630]) Remove certain caps for non super admins when running multisite. see #11644

[ryan]

(In [12631]) Minifiy ms.css. see #11644

[ryan]

(In [12632]) Strip trailing whites from ms files. see #11644

[sirzooro]

I think it will be better to add new capability/ies (e.g. manage_sites) and use them instead of is_super_admin(). If this function already exists in WPMU, mark it as deprecated.

[nacin]

After the initial long discussion yesterday on IRC regarding this, there was another one later on (without a core dev, from what I remember) that discussed converting super admin to a role with an extra capability. Not a bad idea, though it would require a lot of refactoring as currently super admins are specified in a text field in ms-options.

[GIGALinux]

I think ryan has made a mistake, because he called the function to check for a super user is_super_admin() and in the phpDoc of is_site_admin() he calls the new function is_keymaster(). Ryan, can you check that?

[nacin]

It should also throw a _deprecated_function notice and probably also point plugin authors to is_multisite().

[nacin]

Deprecate is_site_admin().

[GIGALinux]

Use is_super_admin() instead of is_site_admin()

[GIGALinux]

Frist try for a better super admin user management

[Denis-de-Bernardy]

I like 11644.3.diff.

11644.4.diff needs review and testing. it could use a bit more sanitization, too:

$query = "SELECT * FROM {$wpdb->users} WHERE user_login IN (" . $super_admins . ")";  // unsanitized $user_admins

[Denis-de-Bernardy]

#11803

[ryan]

(In [12645]) Deprecate is_site_admin. Props nacin. see #11644

[ryan]

(In [12646]) User is_super_admin(). Props GIGALinux. see #11644

[GIGALinux]

Killing is_site_admin()

[GIGALinux]

Killing is_site_admin(), second attempt

[wpmuguru]

(In [12661]) Add compatability for MU to is_multisite() - See #11644

[nacin]

Replying to wpmuguru:

(In [12661]) Add compatability for MU to is_multisite() - See #11644

I imagine that should also check for MULTISITE in case it is set to false:

if ( ( defined('MULTISITE') && MULTISITE ) || defined('VHOST) )

[wpmuguru]

(In [12667]) db class compatible with WP, MU & multi site - See #11644

[ryan]

(In [12668]) Use correct var name. see #11644

[wpmuguru]

Replying to nacin:

Replying to wpmuguru:

(In [12661]) Add compatability for MU to is_multisite() - See #11644

I imagine that should also check for MULTISITE in case it is set to false:

if ( ( defined('MULTISITE') && MULTISITE ) || defined('VHOST) )

I added the VHOST check. The MULTISITE is by rboren. If the extra check is added, then the VHOST check should be first. Existing MU installs will not have the MULTISITE constant.

[nacin]

If the extra check is added, then the VHOST check should be first.

There's an

in there -- so multisite would then be enabled if MULTISITE is defined and true, or if VHOST is defined (regardless of value). The order doesn't matter.

Currently, define(MULTISITE, false) would trigger multisite.

[ryan]

(In [12671]) MULTSITE must be true. see #11644

[wpmuguru]

(In [12688]) multi-site startup, See #11644

[ryan]

(In [12698]) Mainstream things that don't need to be multisite only. Formatting cleanups. see #11644

[azaozz]

Replying to wpmuguru:

(In [12688]) multi-site startup, See #11644

Why sorting the MU plugins only for MU? They are supported for non-MU too.

if ( is_dir( WPMU_PLUGIN_DIR ) ) {
...
    if( is_multisite() ) // ?
        sort( $mu_plugins ); 

[wpmuguru]

(In [12712]) merge multisite admin - edit links,tags,cats,options, See #11644

[nacin]

Re: [12712]

The changes to these files need to be reverted. I imagine that is_multisite() should instead be ! is_multisite():

wp-admin/categories.php
wp-admin/edit-category-form.php
wp-admin/edit-link-categories.php

Also, the $post_per_page global found its way back into the admin.php bootstrap and should be removed again. [12551]

[nacin]

Revert/change some things that got in on r12712

[nacin]

Additional r12712 issues:

Property svn:ignore set to .categories.php.swp

And a typo: is_miltisite() instead of is_multisite()

[nacin]

Fixes typo

[wpmuguru]

(In [12714]) add is_main_site() function, See #11644

[ryan]

(In [12718]) Typo fix. Props nacin. see #11644

[ryan]

(In [12720]) Revert line accidentally added during merge. Props nacin. see #11644

[ryan]

[12716] fix multisite logic in changeset 12712

[wpmuguru]

(In [12722]) merge wp-admin user, plugins, themes, upgrade , See #11644

[Denis-de-Bernardy]

r12722 introduces yet more svn:ignore on top of r12712... :-|

trunk/wp-admin 
Property svn:ignore set to 
.themes.php.swp
.user-edit.php.swp
.user-new.php.swp
.users.php.swp

[wpmuguru]

I changed editors yesterday. I'll clear those files out of my svn.

[wpmuguru]

(In [12725]) change ms-blogs.php refs to ms-sites.php, remove extraneous character, See #11644

[wpmuguru]

(In [12726]) merge multisite wp-admin/includes except schema, See #11644

[automattor]

(In [12730]) fix multisite object cache warnings, $table_prefix assignment, See #11644

[dd32]

[12722] introduced this: ​http://core.trac.wordpress.org/browser/trunk/wp-admin/upgrade.php#L82 a few queries which should really be attached to a hook somewhere else. I'll leave it to someone who knows a bit more on the MU/MS stuff

[ryan]

(In [12753]) Use cap checks instead of multisite and super admin checks. Add some new caps. Merge cleanup. see #11644.

[ryan]

Replying to dd32:

[12722] introduced this: ​http://core.trac.wordpress.org/browser/trunk/wp-admin/upgrade.php#L82 a few queries which should really be attached to a hook somewhere else. I'll leave it to someone who knows a bit more on the MU/MS stuff

[12753] moves this into wp_upgrade() inside an is_multisite() check.

[ryan]

(In [12755]) Multisite and formatting cleanups. Introduce get_allowed_themes(). see #11644

[wpmuguru]

(In [12756]) implement multisite schema, upgrade, See #11644

[miqrogroove]

This would be a good opportunity to define the PRIMARY index for the signups table. Are domain and activation_key the only criteria for deleting rows?

[dd32]

[12756] trunk/wp-admin/includes: implement multisite schema, upgrade, See #11644

+<IfModule mod_security.c>
+<Files async-upload.php>
+SecFilterEngine Off
+SecFilterScanPOST Off
+</Files>
+</IfModule>

Didnt we trial this on plain WordPress and end up with headaches?

[nacin]

Didnt we trial this on plain WordPress and end up with headaches?

Yes: Added in [7558], removed a few revisions later. Quoting Matt in [7563]:

In some environments people can override most things but not mod_sec rules, so this breaks their blog and they can't recover unless they manually edit the file. There is no way to detect whether you can overwrite the rules or not.

[dd32]

(In [12758]) Fix is_multisite() typo. See #11644

[miqrogroove]

Replying to wpmuguru:

(In [12726]) merge multisite wp-admin/includes except schema, See #11644

"you should use the ON clause for conditions that specify how to join tables"

[ryan]

Replying to nacin:

Didnt we trial this on plain WordPress and end up with headaches?

Yes: Added in [7558], removed a few revisions later. Quoting Matt in [7563]:

In some environments people can override most things but not mod_sec rules, so this breaks their blog and they can't recover unless they manually edit the file. There is no way to detect whether you can overwrite the rules or not.

Multi-site doesn't try to run in nearly as many environments as single-blog WP. That said, I don't think those lines are particularly needed any more.

[ryan]

The initial merge is pretty much done. Now it's time to cleanup. Some things that need to be done:

• Clean up formatting to meet coding guidelines
• Make sure value=, href=, and other attributes are properly escaped with esc_attr(), esc_url(), etc.
• Make sure nonces are used where they should be.
• Make sure queries are prepare()d.
• Insert and update queries that can use insert() and update() should do so.
• Use API instead of direct queries where possible.
• Make sure all translatable strings are marked with gettext.
• Give lots of UI/UX love to site admin
• Investigate all is_multisite() conditionals and look for integration and streamlining opportunities.
• phpdoc for all functions
• Merge install_blog() and install_blog_defaults() into wp_install() and wp_install_defaults()

[wpmuguru]

(In [12771]) sync single and multisite cookie hash, remove extraneous code, See #11644

[dd32]

(In [12773]) White space clean-up. See #11644

[dd32]

I just saw

maybe_unserialize( get_site_option( 'wpmu_sitewide_plugins' ) );

and similar being used in a few MS files.

Is the potential double unserialization really needed? (get_site_option() already unserializes if need be)

If so, Perhaps it'd be better to simply cycle the options on upgrade and any which are double serialized, update them to single-serialized? Just to get everything in a sanitized order of such..

[ryan]

See #11769 for maybe_unserialize. Looks like an old hack that is hopefully not needed anymore.

[ryan]

(In [12774]) Use update. see #11644

[wpmuguru]

(In [12775]) set default empty message, See #11644

[ryan]

(In [12776]) Deprecate wp_install_blog_defaults(). Use wp_install_defaults() instead. fixes #11747 see #11644

[ryan]

(In [12778]) Add email and login dupe checking down into wp_insert_user(). Tidy up user-new.php. see #11644

[ryan]

(In [12779]) Start adding gettext to options-network. see #11644

[ryan]

(In [12780]) Print footer instead of dying immediately. see #11644

[jamescollins]

Replying to ryan:

(In [12774]) Use update. see #11644

I realise that this changeset has simplified the code, but is it considered a security risk that a site admin could update other fields in the wp_blogs table by adding them to the form before submitting it?

ie there is nothing stopping a site admin from adding a lang_id or site_id hidden field, then submitting the form. Alternatively I could add any other hidden field that doesn't exist in the wp_blogs table, and it would cause a SQL error.

Prior to [12774] these extra fields would have been ignored.

[ryan]

(In [12781]) Screen icons for site admin pages. Using temp icon until new ones are done. see #11644

[miqrogroove]

Replying to ryan:

(In [12778]) Add email and login dupe checking down into wp_insert_user(). Tidy up user-new.php. see #11644

Those functions aren't checking for value truncation. I'll make a separate ticket.

[ryan]

(In [12782]) Clear some warnings. see #11644

[ryan]

Replying to jamescollins:

Replying to ryan:

(In [12774]) Use update. see #11644

I realise that this changeset has simplified the code, but is it considered a security risk that a site admin could update other fields in the wp_blogs table by adding them to the form before submitting it?

ie there is nothing stopping a site admin from adding a lang_id or site_id hidden field, then submitting the form. Alternatively I could add any other hidden field that doesn't exist in the wp_blogs table, and it would cause a SQL error.

Prior to [12774] these extra fields would have been ignored.

That change is a first step. It helps security by actually escaping the data properly, but the extra fields are an issue. I just haven't gotten to rewriting it the rest of the way. Patches appreciated. There are dozens of places in the ms- files that need to use prepare(), insert(), or update() rather than stuffing POST and GET values directly into a query.

[ryan]

That change is a first step. It helps security by actually escaping the data properly, but the extra fields are an issue. I just haven't gotten to rewriting it the rest of the way. Patches appreciated. There are dozens of places in the ms- files that need to use prepare(), insert(), or update() rather than stuffing POST and GET values directly into a query.

In thise case, we should introduce a new API function called update_blog_details() that takes care of validating the fields, doing the update(), and doing update_blog_status() and update_option() on blog_public.

[ryan]

(In [12802]) Fix warnings. see #11644

[ryan]

(In [12803]) Remove raquo. see #11644

[ryan]

(In [12805]) Fix warnings. see #11644

[ryan]

(In [12806]) Introduce update_blog_details(). Add some phpdoc. Fix some warnings. see #11644

[nacin]

In [12786] add real parent file for wpmu-admin.php, fixes #11961

In [12787] allow www installs to enable multisite, see #11945

In [12793] Remove svn:ignore properties which were accidentally added in the merge. Props jamescollins. Fixes #11960

In [12795] Delete the useremail cache when user updated. MU signup for old email fails until cache invalidated otherwise.

In [12796] Introduce WP_User::for_blog() and current_user_can_for_blog() to avoid calls to WP_User::_init_caps(). fixes #11781

In [12800] [12801] Fix warnings

In [12807] Change get_blogs_of_user to include 3.0 main site, Fixes #11975

In [12808] Fix table prefix on upgrade for 3.0 main site, Fixes #11970

[nacin]

First pass on strings in options-network.php. Probably missed something (well, I would tend to guess a few somethings). Output sanitization should be good but I doubt I caught everything. 11644.7.diff​

[nacin]

First pass on strings in options-network.php

[ryan]

(In [12813]) gettext for options-network. Props nacin. see #11644

[ryan]

(In [12825]) Deprecate mu_options. Integrate directly into options.php. see #11644

[ryan]

(In [12826]) phpdoc and cleanup. see #11644

[ryan]

(In [12827]) Deprecate graceful_fail(). see #11644

[ryan]

(In [12828]) Move blog deletion to ms-delete-site.php. see #11644

[ryan]

(In [12838]) Deprecate get_current_user_id(). see #11644

[ryan]

(In [12842]) Move update_signup_email_from_profile() logic into user-edit.php. see #11644

[ryan]

(In [12843]) Fix warning. see #11644

[ryan]

(In [12844]) Unset menu_perms once we're done with it. see #11644

[automattor]

(In [12849]) Remove rss_gc(). see #11644

[ryan]

(In [12851]) Integrate fix_upload_details() into wp_upload_dir(). see #11644

[ryan]

(In [12852]) Integrate wpmu_blogger_getUsersBlogs() directly into xmlrpc.php. see #11644

[ryan]

(In [12853]) Integrate login_spam_check() into wp_authenticate_username_password(). see #11644

[ryan]

(In [12854]) Remove first page and first comment filters. They're no longer needed. see #11644

[ryan]

(In [12855]) Integrate maybe_cancel_post_by_email() into wp-mail.php. see #11644

[wpmuguru]

(In [12856]) Redirect wp-signup.php to register when not multisite, See #11644

[wpmuguru]

(In [12857]) Redirect wp-activate.php to register when not multisite, See #11644

[ryan]

(In [12858]) Deprecate is_main_blog() for is_main_site(). see #11644

[wpmuguru]

(In [12860]) Change options-permalinks to use is_main_site(), fix /blog offset display, See #11644

[wpmuguru]

(In [12861]) Add beginning of string to regex in [12860], See #11644

[ryan]

(In [12879]) Integrate wordpressmu_authenticate_siteadmin() into wp_authenticate_username_password(). see #11644

[nacin]

Clean up of ms-settings.php, removes some redundant code.

[nacin]

11644.8.diff​ cleans up ms-settings.php and removes some redundant code.

The $PHP_SELF chunk is odd logic that had existed in MU:

( empty($PHP_SELF) || ( empty($PHP_SELF) && !is_subdomain_install() && $current_blog->path != '/' ) )

The corresponding WordPress code (see wp_fix_server_vars() in load.php) simply checks for empty($PHP_SELF). Since $PHP_SELF is checked in MU/MS on both sides of this OR, it doesn't do anything. (I checked, and it was originally committed to MU this way.)

Likewise, there's an empty if statement for 0 == $current_blog->public, also committed that way to MU years ago.

Finally, there's an if statement that goes like this:

if ( something )
   $blog_id = 1;
else
   $blog_id = 1;

I've cleaned up some other bits as well.

[ryan]

(In [12897]) ms-sites cleanup. Add escaping. Use API instead of direct queries. Add blog status label to row title. see #11644

[ryan]

The bulk actions UI in ms-sites.php and ms-users.php need a cleanup. Instead of separate Delete, Mark as Spam[mers], and Not Spam buttons, there should be a bulk actions dropdown and an apply button as is done on all other screens.

[ryan]

(In [12900]) Integrate mu_locale() into get_locale(). see #11644

[ryan]

(In [12901]) Remove db error show/hide, suppress/unsuppress in ms bootstrap. see #11644

[ryan]

(In [12902]) Remove remove_edit_plugin_link(). Rely on cap checks. see #11644

[nacin]

More multisite initialization cleanup

[nacin]

11644.9.diff​ removes ms_network_settings(), as all it set was the current site's name. This was already being done near the end of ms-settings.php using nearly the same code.

The patch moves down a call to get_current_site_name() in ms-settings.php by a few lines. That was because I had hoped to use the API in get_current_site_name(), but since the plugin API isn't loaded yet, we can't call get_site_option() (which needs $wpdb->siteid to be set, hence the move). It doesn't need to be moved.

That said, now that I think about it this would affect any filters being applied when get_site_option() is called in ms_network_settings(). So maybe we should keep it and somehow clean up the code duplication.

Patch also adds inline docs, plus gettext to is_installed(), and some other cleanups.

[nacin]

Patch 9 with some improvements plus some huge hacks at wpmu_current_site() (will need logic double-checked)

[nacin]

I had said:

That said, now that I think about it this would affect any filters being applied when get_site_option() is called in ms_network_settings(). So maybe we should keep it and somehow clean up the code duplication.

Since ms_network_settings() checks if $current_site->site_name is set first, and we already set that in ms-settings.php, then removing it won't affect plugins. It looks like we're just yanking duplicate code that was a byproduct of the merge.

11644.10.diff​ has a few more improvements over patch 9. It also takes some huge hacks away at wpmu_current_site(), though logic will need to be double-checked. (I'm also not sure why we might be returning an empty $current_site if WP_INSTALLING, as we don't properly handle a potentially empty return value in ms-settings.)

[ryan]

(In [12904]) Move 'My Blogs' into its own file. see #11644

[dd32]

(In [12908]) Hide Users -> Add New on MultiSite unless admin has enabled access to the page. See #11644

[dd32]

Just spotted this code: ​http://core.trac.wordpress.org/browser/trunk/wp-admin/user-new.php#L71

$newuser_key = substr( md5( $user_id ), 0, 5 );
add_option( 'new_user_' . $newuser_key, array( 

That key isnt exactly a highly unique ID, 'new_user_' . $user_id would be just the same.. with a slightly less random looking URL.

That generation code should probably be changed over to use the random password generator or similar..

[dd32]

(In [12909]) Bring Server Name field into style lines with rest of page. See #11644

[dd32]

(In [12911]) Fix PHP Notices: Use checked() template function & initialise variables. s/WP/WordPress/ & some code formatting. See #11644

[nacin]

Reverting wp_redirect()

[nacin]

We'll need to revert references to wp_redirect() from ms-settings.php, as that's not defined until pluggable.php. Probably mixed it up with wp_die(). Patch: 11644.11.diff​

[wpmuguru]

(In [12919]) minor fixes/improvements to populate_network(), see #11644

[wpmuguru]

(In [12920]) minor fixes to populate_options(), UI tweaks, see #11644

[wpmuguru]

(In [12921]) reorganize code on ms startup. props nacin, see #11644

[ryan]

(In [12928]) Integrate update_profile_email() into user-edit.php. see #11644

[nacin]

Merges loading of sitewide/network plugins and validation of them into WP core. Removes ms_network_plugins() and only removes invalid plugins from the stored option when in wp-admin.

[ryan]

wpmu_sitewide_plugins.diff plus integration of mu_filter_plugins_list() into wp_load_plugins()

[ryan]

(In [12930]) Cleanup network plugin loading. Props nacin. see #11644

[ryan]

(In [12930]) Cleanup network plugin loading. Props nacin. see #11644

[ryan]

(In [12931]) Give network level upgrades separate API that is run when upgrading the main blog. see #11644

[ryan]

(In [12932]) phpdoc for global_terms(). see #11644

[ryan]

Cleanup installation of default terms.

[wpmuguru]

(In [12933]) fix potential global terms inconsistency, props rboren, see #11644

[nacin]

Removes active_plugins filter from core (added only for MU in r11966) and updates a few places that relied on the filter to be exposed to sitewide plugins. Also adds missing global to upgrade_network() and unless I'm missing something the old options should be deleted, not emptied.

[nacin]

wpmu_sitewide_plugins.2.diff​ cleans up the first patch and commit.

Additional note not explained in the attachment summary: Patch makes sure that my-hacks.php is included first again, though catering to my-hacks.php seems odd, so I've added a _deprecated_file() call there.

[nacin]

Suggestions for some more ms-functions.php pruning, including removal of strtolower_usernames() and lowercase_username() which were both simply strtolower()

[nacin]

11644.13.diff​ is a feeble attempt at cleaning up bits of ms-functions.php. Removes two functions that were both aliases of strtolower() and were both attached to the same filter, also fixes get_sitestats() which never used the cache it generated for a user count due to a typo. Merges a few other MS hooks into core with is_multisite() checks.

[ryan]

(In [12934]) Use Network and Site for labels. see #11644

[nacin]

Fixes typo in wpmu_sitewide_plugins.2.diff​

[ryan]

(In [12945]) Fix warnings. see #11644

[ryan]

(In [12947]) Sitewide plugins cleanup. Props nacin. see #11644

[ryan]

(In [12948]) ms-functions pruning and cleanup. Props nacin. see #11644

[ryan]

(In [12954]) Integrate remove_tinymce_media_button() into wp_tiny_mce(). see #11644

[ryan]

(In [12955]) Merge mu_media_buttons() into media_buttons(). see #11644

[ryan]

(In [12956]) Move Network menu to the top. see #11644

[dd32]

(In [12984]) Enable Plugin/Theme editor menu item for Super Admins. See #11644

[ryan]

(In [13069]) Add can_compress_scripts to core site options. Add phpdoc for wp_load_core_site_options(). see #11644

[wpmuguru]

(In [13070]) add WP_FALLBACK_THEME to allowed_themes in populate_network, See #11644

[dd32]

(In [13095]) Correctly save checkbox-style MS options and display "No" checked value correctly. See #11644

[sivel]

use get_option when $blog_id matches the current blog id since we should already have caches

[wpmuguru]

(In [13116]) use object cache on get_blog_option on current blog, props sivel, See #11644

[sivel]

same as above but adds 'noop' as default for get_option

[sivel]

same as above but adds 'noop' as default for get_option

[nacin]

(In [13121]) Add is_multisite() check to wpdb::get_blog_prefix() to fix get_blog_prefix($blog_id) call on a non-MS install. See #11644

[ryan]

(In [13125]) Move blogs table related functions to blogs.php. Include it before ms-settings.php so that caching API can be used instead of direct queries. see #11644

[automattor]

(In [13126]) Add ability to query by domain and/or path to get_blog_details(). Improve blog details caching. Use get_blog_details() in ms-settings.php so queries are cached. see #11644

[nacin]

(In [13154]) Fix notice in ms-options.php. See #11644

[nacin]

(In [13155]) Add "Network Activate" option to Bulk Actions menu on plugins.php. See #11644, #12139

[nacin]

(In [13159]) Rename wp-includes/blogs.php to ms-blogs.php. See #11644

[wpmuguru]

(In [13196]) revert [13036], change not consistent with MU, See #11644

[automattor]

(In [13209]) Assume WP_DEBUG is defined in wpdb. Remove unnecessary constant() calls. Ensure DB_COLLATE defined as empty string doesn't override default Multisite collation. fixes #12041, see #11644

[hakre]

With the last patch I merged in some of the code improvements from #11799 as well as I updated my (local) wpdb class from the current trunk wpdb. This should not only improve the current trunk work but should make it easier to integrate some of the benefits that are related to #11799.

But since the patch there is stale and not supporting multisite right now, I thought it's better to have a part of it in here.

[nacin]

11644.code_cleanup_wpdb.patch​ looks good. Not sure we need the big block explaining a destructor. I'll give it another look later and check it in.

[nacin]

(In [13234]) Fix notice in populate_network(). See #11644

[nacin]

(In [13235]) Full Multisite support for dropins/mu-plugins in admin area. Ensure that network, drop-ins and mu-plugins are only shown and counted to super admins. See #11644, #11861

[nacin]

(In [13237]) Add ms.css to script-loader.php. See #11644

[automattor]

(In [13254]) Minor MS startup cleanups. See #11644

[ocean90]

On permalink settings I think the .htaccess box should be remove for the site administrator too. The rules makes no sense for MS.

Or it should display the same rules like step2_htaccess() on network settings.

[hakre]

Updated my code cleanup patch: Remove the big comment on wpdb::__destruct() as pointed out by nacin three days ago. Removed code changes in that function as well.

In my opinion the implementation still is faulty but it can be taken care of that in some other iteration. This problem is already document elsewhere and not multisite specific (#11799, #3354).

[hakre]

Updated the patch against the current version of wpdb.php. Should now apply clean.

[hakre]

For the note:

	/**
	 * List of deprecated WordPress tables
	 * 
	 * - categories, post2cat and link2cat are deprecated 
	 *   since 2.3.0 / db version >= 5539.
	 *
	 * @since 2.9.0
	 * @access private
	 * @see wpdb::tables()
	 * @var array
	 */
	var $old_tables = array( 'categories', 'post2cat', 'link2cat' );

Can be patched in later. Documents version numbers since when those old_tables are deprecated.

[hakre]

Updated the patch with feedback in IRC:

1. call to __construct() needed more spaces in function wpdb::wpdb()
2. enable wpdb::table() to return multiple scopes merged (first parameter as array)
3. marked deprecated table names as such. added version information to add_tables.

I will shoot another update in a min that will take some benefits from the new table() implementation in this patch.

[hakre]

Done. Should draw the picture of wpdb::table() variant; some public members related to deprecated tables can be removed.

[hakre]

Errata: I write wpdb::table() all the time but I naturally mean wpdb::tables().

[wpmuguru]

(In [13301]) multisite UX, see #11644, add manage_ caps for super_admin, fixes #11803

[ryan]

Saw these while doing a network upgrade:

[Mon Feb 22 14:36:17 2010] [error] [client 127.0.0.1] PHP Notice:  Trying to get property of non-object in /Applications/XAMPP/xamppfiles/htdocs/trunk/wp-includes/ms-settings.php on line 100
[Mon Feb 22 14:36:17 2010] [error] [client 127.0.0.1] PHP Notice:  Trying to get property of non-object in /Applications/XAMPP/xamppfiles/htdocs/trunk/wp-includes/ms-settings.php on line 101
[Mon Feb 22 14:36:17 2010] [error] [client 127.0.0.1] PHP Notice:  Undefined property: stdClass::$deleted in /Applications/XAMPP/xamppfiles/htdocs/trunk/wp-includes/ms-load.php on line 41
[Mon Feb 22 14:36:17 2010] [error] [client 127.0.0.1] PHP Notice:  Undefined property: stdClass::$deleted in /Applications/XAMPP/xamppfiles/htdocs/trunk/wp-includes/ms-load.php on line 50
[Mon Feb 22 14:36:17 2010] [error] [client 127.0.0.1] PHP Notice:  Undefined property: stdClass::$archived in /Applications/XAMPP/xamppfiles/htdocs/trunk/wp-includes/ms-load.php on line 57
[Mon Feb 22 14:36:17 2010] [error] [client 127.0.0.1] PHP Notice:  Undefined property: stdClass::$spam in /Applications/XAMPP/xamppfiles/htdocs/trunk/wp-includes/ms-load.php on line 57

[hakre]

Another update, found a line of code that never got executed (and removed it), some indentation was wrong.

tables() with older inconsistency again (but commented FIXME), deprectated table vars out (as nacin suggested) (but commented next to $old_tables when they deprecate).

Leftover in that patch:

1. The problem in tables() - a multisize will return different of global + blog then all (which is global + blog)

[hakre]

Replying to ryan:

Saw these while doing a network upgrade:

reviewed them all:

PHP Notice:  Trying to get property of non-object in /wp-includes/ms-settings.php on line 100
PHP Notice:  Trying to get property of non-object in /wp-includes/ms-settings.php on line 101
PHP Notice:  Undefined property: stdClass::$deleted in /wp-includes/ms-load.php on line 41
PHP Notice:  Undefined property: stdClass::$deleted in /wp-includes/ms-load.php on line 50
PHP Notice:  Undefined property: stdClass::$archived in /wp-includes/ms-load.php on line 57
PHP Notice:  Undefined property: stdClass::$spam in /wp-includes/ms-load.php on line 57

all $current_blog related, the variable is not set.

[nacin]

(In [13314]) Docs and code convention cleanups. see #11644 props hakre

[nacin]

(In [13324]) Improvements and fixes to wpdb::tables(). See #12083 see #11644

[nacin]

(In [13327]) Use sprintf() in hard-coded string. Use same comment and error code as other identical message. See #11644 props hakre

[hakre]

In for the next iteration

[hakre]

Next iteration, Issues I see so far:

1. UNFIXED __destruct() breaks with PHP5 defition of the return value (should be void, is true)
2. UNFIXED $blog_id sometimes is int, then it's string
3. UNFIXED: Some functions have parameters documented which are not implemented $dbh_or_table. Comments should be removed.
4. wpdb::old_tables is not deprecated
5. comment parameter variable names do not end with a . (* @param int $blog_id. Optional.)
6. Diverse whitespace (as always).
7. Variables start with a $ even if they are class members - even in documentation (@uses wpdb::tables -> @uses wpdb::$tables)
8. In wpdb::tables(): function parameter $prefix should not be overwritten with blog-prefix.
9. In wpdb::tables(): to replace an entry, first unset then set - not the other way round (unset( $tables[ $k ] );)
10. In wpdb::tables(): added 'blog+old' scope
11. In wpdb::tables(): scope values inside docblock and not inside the parameter description.
12. In wpdb::tables(): first parameter can be overloaded with array
13. Additional code exmaple in wpdb::prepare() that demonstrates %% usage. (Related: #11318)
14. Reduced code complexity in wpdb::print_error()
15. die() replaced with wp_die in wpdb::print_error() (Related: #11892)
16. Some inline comments which were obviously not necressary (reading the code says more than reading the comment) were removed.
17. Additional code example in wpdb::insert() and wpdb::update() docblock
18. Streamlined optional parameter comments. Change made from (optional) to Optional.
19. Uppercase of contants (NULL, FALSE) in certain docblocks.
20. Refactoring of wpdb::get_caller(): Reduced complexity.

Further suggestions:

14. OPEN: Sort all the table variable names alphabetically and put them after each other in code. Put all three tables array variables next to each other as well.
15. OPEN: Research of version numbers for certain members

Regarding 12.): If that (array overloading) is of no use for plugins and scope 'blog+old' get's in, I suggest to drop that idea.

Regarding further suggestions: I collected some stuff that might make sense to fix when the more current issues are committed / dropped to further reduce code-fuzz. 13.) will just take some time, but it's on my list.

[nacin]

(In [13337]) Ensure we have MS global tables defined during network install. See #11644

[automattor]

(In [13341]) Fall back to $wpdb::blogid, not main blog id, in wpdb->tables(). See #11644

[nacin]

(In [13343]) More wpdb cleanups, docs. see #11644 props hakre

[nacin]

Running down hakre's list, as handled in [13343]:

2-8, 11, 13-18, 20 handled. 1, 9, 10, 12, 19 not. Additional notes:

Had to modify the logic for error_log.

13 and 17 were handled, but with examples that doesn't assume %d, as that only works when you're dealing with a core table that is set up in wpdb::$field_types. Additional comments added to make note of that.

Further suggestion 1 was handled.

[hakre]

In for the next iteration.

[hakre]

Replying to nacin:

Running down hakre's list, as handled in [13343]: ...

Thanks for the feedback. For the version number lookup, that's a job I'll do, no need for you to care. I thought for the same for sorting it, I just wanted to tell you about the Idea. But that's fine anyway now, so I do not need to do it.

Here is a new numbered list, some older unfixed are still on it, just ignore if you do not want to care, I keep them for reference. There are three or four more major points left over, for other just give me a hint what you prefer, sometimes I asked questions, would be great if you can answer them so I know better for upcomming patches we do together.

1. UNFIXED __destruct() breaks with PHP5 defition of the return value (should be void, is true)
2. UNFIXED: in the variable definitions, the meta tables sometimes precede their main table. Also tables are not sorted by their names. Let me know if you would like to see that fixed.
3. UNFIXED: I'm not sure wether unsetting members of an array while iterating it is save with all the PHP version we aim to unset( $tables[ $k ] );.
4. QUERSTION: you've set access to wpdb::$blogid to public. why? should other parts of the program overwrite the blogid for a certain functionality? Same for wpdb::$siteid. A public setter for both is wpdb::set_blog_id(). Maybe a get_blog_id() function with an optional parameter so that it's a getter for siteid as well?
5. QUESTION: you skip the note about the problem of registering the wpdb instance with the register shutdown function call prevents it from unloading as expected. What's the problem with leaving a note there? Same for the hints given in wpdb::desctruct(). I found those thoughtfull so we at least have the discrepancies documented.
6. QUESTION: What's the problem with the scope 'now+old'? I mean there are at least two points in wpdb that will benefit from it.
7. QEUSTION: What's the problem with listing the scope values inside the docblock. I think that's easier to read than inside the @param description. And easier to maintain.
8. wpdb::tables() did not return an array as specified for certain scope values (the undefined ones were forgotten). Patched, will prevent notices/warnings inside the function as well.
9. There is no need to cast an array as array. wpdb::tables() always returns an array, you know that - well okay, not it is.
10. Since you did not want to have the merge inside wpdb::tables() (for a reason I do not understand), array_merge still actually works. I prefer to encapsulate that inside tables(), really.
11. All parameters in tables() are optional. @param should reflect that.
12. Scopes can be sorted by alphabet in the switch construct in wpdb::table()
13. ​@uses does not fit here, please use @see as already suggested in wpdb::_weak_escape().
14. INFO: for the same class you do not need to prefix wpdb:: for @see and @uses. Additionally PHP function names can be used with @see as well.
15. QUESTION: Sometimes @-tags are aligning their values, sometimes not. Any Idea? Normally alignment is missing in core code, so with these iteration I removed those where I saw them.
16. MINOR: If in for single quotes on 'foo', should be in for single quotes on 'SELECT... as well, right?
17. There is a problem with the preg_replace call in wpdb::prepare() reported on another ticket. I suggest to keep the old behaviour.
18. QUESTION: Since when is $this always a reference? Since the beginning or has that changed later?
19. SKIPPED: I did not care about error_log now. I'll do that later. I saw you changed something there, my Idea was to check against the base reference. I suggest to keep that the old code until we have fully clarified that to not break behaviour.
20. It's toally clear that some queries are made prior to load the plugin API. No need to comment, right? Or if so, why not comment the other parts I find totally clear as well (e.g. preventing the unload)
21. INFO: wpdb::insert( 'table', array( 'column' => 'foo', 'field' => 1337 ) ) was the original example. I just added one, I just saw no need to edit it (FYI).
22. INFO: I still think that constants are normally written uppercase, but I dropped that for this patch to reduce the FUZZ. This needs to be clarified elsewere anyway I assume.
23. There still was a parameter documented that does not exists in wpdb::has_cap(), you've forgotten a line to remove or was that by intention?
24. You made a mistake in changes applied to wpdb::get_caller(), $caller is not filled with values any longer. A line was missing. You can expand it if you like using a temporary variable like $function, but I just patched it.
25. Additionally I moved the join next to return (as always suggested) in wpdb::get_caller().
26. Another parameter that does not exists documented in wpdb::db_version() (see 23.)
27. QUESTION: Include files to not need control characters after the closing ?> at the end, right?

[nacin]

Can you open a ticket for all of this? I hate that we're clogging the merge ticket and I'm more than happy to continue to work through this.

[hakre]

Good idea, this page takes now quite long to load, please use that from now on: Ticket #12362. I hope you're ok with the title.

[wpmuguru]

(In [13384]) more multisite UX rebranding, See #11644

[hakre]

Quote: "wp_specialchars is deprecated since version 2.8! Use esc_html() instead." Patch replaces as commanded.

[wpmuguru]

(In [13419]) move super admin list maintenance from ms-options to ms-users, See #11644

[ocean90]

@wpmuguru
on hakre's patch I see the wpmu_create_user function. Do you will change the functions like this (wpmu_*)? For example change it to ms_create_user or use wp_create_user direct?
(Yes I know, no discussion here, but I dont know where to post it.)

[wpmuguru]

(In [13431]) prevent admins from removing themselves and main super admin from super admin list, See #11644

[wpmuguru]

(In [13435]) more multisite UI rebranding, See #11644

[wpmuguru]

(In [13440]) remove WP rewrite rules from multisite options-permalink, props ocean90, See #11644

[wpmuguru]

(In [13442]) switch super admin to network admin in multisite UI, See #11644

[wpmuguru]

(In [13443]) add second set of Network admin buttons, See #11644

[ocean90]

Miscellaneous page is empty, I think we can hide it on multisite.
menu.php line 163:

if ( !is_multisite() )
    $submenu['options-general.php'][45] = array(__('Miscellaneous'), 'manage_options', 'options-misc.php');

[nacin]

Replying to ocean90:

Miscellaneous page is empty, I think we can hide it on multisite.

We can't really hide it on multisite in case a plugin hooks into those sections.

I kind of want to come up with a way to remove options-misc.php all together, though: #11687, and maybe keep it if any misc settings fields are being hooked.

[wpmuguru]

Replying to ocean90:

@wpmuguru
on hakre's patch I see the wpmu_create_user function. Do you will change the functions like this (wpmu_*)? For example change it to ms_create_user or use wp_create_user direct?
(Yes I know, no discussion here, but I dont know where to post it.)

No, we won't be renaming those functions in 3.0.

[wpmuguru]

Among the multisite 'cleanup' patches, There were a number of calls to ( before ( is defined. Those need to be removed before we can proceed with a test/alpha version.

[nacin]

See #12357 for the blockers.

[wpmuguru]

(In [13575]) remove ( calls from ms startup, see #11644

[ryan]

(In [13585]) Rename Network menu to Super Admin. Avoids the Network/Site confusion and makes it clear that these menus require and exercise super admin capabilities. Opportunity for a caped icon. see #11644

[ryan]

(In [13586]) Remove site admin logged in notice. The new Super Admin menu makes that obvious enough. see #11644

[ryan]

(In [13587]) Show the network enable menu only if config flag is set. Per wordpress-dev meetup. see #11644

[hakre]

Refering to hakre:

Quote: "wp_specialchars is deprecated since version 2.8! Use esc_html() instead." Patch replaces as commanded.

#12490 (wp_specialchars() is deprecated. use esc_html())

[wpmuguru]

(In [13596]) update iis rewrite rules for MS, see #11644

[nacin]

(In [13634]) Rename WP_ENABLE_MULTISITE to WP_ALLOW_MULTISITE to minimize confusion. Prevent direct access to network.php without the constant unless the install process was already started. see #11816 for network.php. see #11644

[nacin]

(In [13637]) Check and error out on port numbers in Tools > Network, which aren't allowed in multisite. see #11816, see #11644

[nacin]

(In [13639]) Bringing some order to the ms-options dumping ground. see #11644

[wpmuguru]

(In [13645]) Delete blog to Delete site, props markmcwilliams, see #12572, code cleanup, see #11644

[wpmuguru]

(In [13708]) move allow registration setting to registration settings in ms options, see #11644

[wpmuguru]

(In [13709]) block unregistered settings in multisite, see #11644, related #11730

[wpmuguru]

(In [13711]) more descriptive message on blocking unregistered setting, see #11644, related #11730

[nacin]

Closing this as fixed. Please open new tickets in the Multisite component or with the multisite keyword.

You can view multisite tickets in {30} (all) and {31} (next major release).

[PeteMall]

Replace all 'blog' with 'site' in wp_die() strings.

[nacin]

(In [14313]) s/blog/site/ in more places. props PeteMall, see #11644.

[PeteMall]

Replace 'blog' with 'site' in () and _e() strings.

[nacin]

(In [14315]) s/blog/site/ in even more places. props PeteMall, see #11644.

[dimadin]

I searched ( ​http://translate.wordpress.org/projects/wp/dev/sr/default?filters[term]=blog&filters[user_login]=&filters[translated]=either&filters[status]=current_or_waiting_or_fuzzy&sort[by]=original_date_added&sort[how]=desc&sorts=Sort ) to see in what current strings term "blog" still appears, and there are several that need to be checked: for some I'm not sure if they need to be replaced while some definitely need.

Not all occurences of "blog" should be replaced, especially in import functions, for example blogs on Blogger etc.

This is probably the easiest way to search for this so someone could revied those strings.

[dimadin]

Adding patch with left "blog" mentions replaced with "site". Not sure about this string:

An avatar is an image that follows you from weblog to weblog appearing beside your name when you comment on avatar enabled sites. Here you can enable the display of avatars for people who comment on your site.

And there is no more mentions that need to be replaced.

[jorbin]

In 57625:

Multisite: Escape urls and html elements in wp-activate.php

When WPMU was merged in [12603], the intent was to go back and make sure everything was escaped. This completes that intent.

Props rafiq91, rajinsharwar, costdev, oglekler, nicolefurlan, ryan, peterwilsoncc.
Fixes #57336.
See #11644.