diff options
| author | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2006-02-16 12:55:46 +0000 |
|---|---|---|
| committer | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2006-02-16 12:55:46 +0000 |
| commit | 2ab4faee68383698b06cc23eef6ce8f41612f58d (patch) | |
| tree | 5324a28a65ef148d30befb8d3ab38290d0118e8a | |
| parent | 3274315bf43466070cd481ee2d08cf8114d3c8f7 (diff) | |
| download | wordpress-mu-2ab4faee68383698b06cc23eef6ce8f41612f58d.tar.gz wordpress-mu-2ab4faee68383698b06cc23eef6ce8f41612f58d.tar.xz wordpress-mu-2ab4faee68383698b06cc23eef6ce8f41612f58d.zip | |
WP updates
git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@528 7be80a69-a1ef-0310-a953-fb0f7c49ff36
26 files changed, 402 insertions, 124 deletions
diff --git a/wp-inst/wp-admin/admin-db.php b/wp-inst/wp-admin/admin-db.php index 2a4a83a..32b79f4 100644 --- a/wp-inst/wp-admin/admin-db.php +++ b/wp-inst/wp-admin/admin-db.php @@ -112,7 +112,7 @@ function wp_insert_category($catarr) { } else { $wpdb->query ("UPDATE $wpdb->categories SET cat_name = '$cat_name', category_nicename = '$category_nicename', category_description = '$category_description', category_parent = '$category_parent' WHERE cat_ID = '$cat_ID'"); } - + if ( $category_nicename == '' ) { $category_nicename = sanitize_title($cat_name, $cat_ID ); $wpdb->query( "UPDATE $wpdb->categories SET category_nicename = '$category_nicename' WHERE cat_ID = '$cat_ID'" ); @@ -129,6 +129,8 @@ function wp_insert_category($catarr) { } $cat_ID = apply_filters( "cat_id_filter", $cat_ID ); + update_option( 'categories_last_updated', time() ); + return $cat_ID; } @@ -173,6 +175,7 @@ function wp_delete_category($cat_ID) { wp_cache_delete($cat_ID, 'category'); wp_cache_delete('all_category_ids', 'category'); + update_option( 'categories_last_updated', time() ); do_action('delete_category', $cat_ID); diff --git a/wp-inst/wp-admin/edit-comments.php b/wp-inst/wp-admin/edit-comments.php index 32ec092..1a5acdd 100644 --- a/wp-inst/wp-admin/edit-comments.php +++ b/wp-inst/wp-admin/edit-comments.php @@ -43,13 +43,21 @@ if ( !empty( $_POST['delete_comments'] ) ) : foreach ($_POST['delete_comments'] as $comment) : // Check the permissions on each $comment = (int) $comment; $post_id = $wpdb->get_var("SELECT comment_post_ID FROM $wpdb->comments WHERE comment_ID = $comment"); - $authordata = get_userdata( $wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = $post_id") ); - if ( current_user_can('edit_post', $post_id) ) : - wp_set_comment_status($comment, "delete"); + // $authordata = get_userdata( $wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = $post_id") ); + if ( current_user_can('edit_post', $post_id) ) { + if ( !empty( $_POST['spam_button'] ) ) + wp_set_comment_status($comment, 'spam'); + else + wp_set_comment_status($comment, 'delete'); ++$i; - endif; + } endforeach; - echo "<div class='wrap'><p>" . sprintf(__('%s comments deleted.'), $i) . "</p></div>"; + echo '<div style="background-color: rgb(207, 235, 247);" id="message" class="updated fade"><p>'; + if ( !empty( $_POST['spam_button'] ) ) + printf(__('%s comments marked as spam.'), $i); + else + printf(__('%s comments deleted.'), $i); + echo '</p></div>'; endif; if (isset($_GET['s'])) { @@ -96,13 +104,14 @@ if ('view' == $mode) { <p><?php _e('Posted'); echo ' '; comment_date('M j, g:i A'); if ( current_user_can('edit_post', $comment->comment_post_ID) ) { echo " | <a href=\"post.php?action=editcomment&comment=".$comment->comment_ID."\">" . __('Edit Comment') . "</a>"; - echo " | <a href=\"post.php?action=deletecomment&p=".$comment->comment_post_ID."&comment=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . sprintf(__("You are about to delete this comment by "%s".\\n"Cancel" to stop, "OK" to delete."), wp_specialchars( $comment->comment_author, 1 )) . "' );\">" . __('Delete Comment') . "</a> — "; + echo " | <a href=\"post.php?action=deletecomment&p=".$comment->comment_post_ID."&comment=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . sprintf(__("You are about to delete this comment by "%s".\\n"Cancel" to stop, "OK" to delete."), wp_specialchars( $comment->comment_author, 1 )) . "' );\">" . __('Delete Comment') . "</a> "; + echo " | <a href=\"post.php?action=deletecomment&delete_type=spam&p=".$comment->comment_post_ID."&comment=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment-as-spam', $comment->comment_ID, '" . sprintf(__("You are about to mark as spam this comment by "%s".\\n"Cancel" to stop, "OK" to mark as spam."), wp_specialchars( $comment->comment_author, 1 )) . "' );\">" . __('Mark Comment as Spam') . "</a> "; } // end if any comments to show // Get post title if ( current_user_can('edit_post', $comment->comment_post_ID) ) { $post_title = $wpdb->get_var("SELECT post_title FROM $wpdb->posts WHERE ID = $comment->comment_post_ID"); $post_title = ('' == $post_title) ? "# $comment->comment_post_ID" : $post_title; - ?> <a href="post.php?action=edit&post=<?php echo $comment->comment_post_ID; ?>"><?php printf(__('Edit Post “%s”'), stripslashes($post_title)); ?></a> + ?> | <a href="post.php?action=edit&post=<?php echo $comment->comment_post_ID; ?>"><?php printf(__('Edit Post “%s”'), stripslashes($post_title)); ?></a> <?php } ?> | <a href="<?php echo get_permalink($comment->comment_post_ID); ?>"><?php _e('View Post') ?></a></p> </li> @@ -154,7 +163,8 @@ if ('view' == $mode) { } // end foreach ?></table> <p><a href="javascript:;" onclick="checkAll(document.getElementById('deletecomments')); return false; "><?php _e('Invert Checkbox Selection') ?></a></p> - <p class="submit"><input type="submit" name="Submit" value="<?php _e('Delete Checked Comments') ?> »" onclick="return confirm('<?php _e("You are about to delete these comments permanently \\n \'Cancel\' to stop, \'OK\' to delete.") ?>')" /> </p> + <p class="submit"><input type="submit" name="delete_button" value="<?php _e('Delete Checked Comments') ?> »" onclick="return confirm('<?php _e("You are about to delete these comments permanently \\n \'Cancel\' to stop, \'OK\' to delete.") ?>')" /> + <input type="submit" name="spam_button" value="<?php _e('Mark Checked Comments as Spam') ?> »" onclick="return confirm('<?php _e("You are about to mark these comments as spam \\n \'Cancel\' to stop, \'OK\' to mark as spam.") ?>')" /></p> </form> <?php } else { diff --git a/wp-inst/wp-admin/import/dotclear.php b/wp-inst/wp-admin/import/dotclear.php index 7d67509..8b32ff1 100644 --- a/wp-inst/wp-admin/import/dotclear.php +++ b/wp-inst/wp-admin/import/dotclear.php @@ -1,4 +1,9 @@ <?php +/* + * Dotclear import plugin + * by Thomas Quinot - http://thomas.quinot.org/ + */ + /** Add These Functions to make our lives easier **/ @@ -201,9 +206,9 @@ class Dotclear_Import { //General Housekeeping $dcdb = new wpdb(get_option('dcuser'), get_option('dcpass'), get_option('dcname'), get_option('dchost')); set_magic_quotes_runtime(0); - $prefix = get_option('tpre'); + $dbprefix = get_option('dbprefix'); - return $dcdb->get_results('SELECT * FROM dc_link ORDER BY position', ARRAY_A); + return $dcdb->get_results('SELECT * FROM '.$dbprefix.'link ORDER BY position', ARRAY_A); } function cat2wp($categories='') @@ -349,6 +354,7 @@ class Dotclear_Import { $Title = $wpdb->escape(csc ($post_titre)); $post_content = textconv ($post_content); + $post_excerpt = ""; if ($post_chapo != "") { $post_excerpt = textconv ($post_chapo); $post_content = $post_excerpt ."\n<!--more-->\n".$post_content; @@ -603,7 +609,7 @@ class Dotclear_Import { function cleanup_dcimport() { - delete_option('tpre'); + delete_option('dbprefix'); delete_option('dc_cats'); delete_option('dcid2wpid'); delete_option('dccat2wpcat'); @@ -644,7 +650,7 @@ class Dotclear_Import { printf('<li><label for="dbpass">%s</label> <input type="password" name="dbpass" /></li>', __('Dotclear Database Password:')); printf('<li><label for="dbname">%s</label> <input type="text" name="dbname" /></li>', __('Dotclear Database Name:')); printf('<li><label for="dbhost">%s</label> <input type="text" name="dbhost" value="localhost" /></li>', __('Dotclear Database Host:')); - /* printf('<li><label for="dbprefix">%s</label> <input type="text" name="dbprefix" /></li>', __('Dotclear Table prefix (if any):')); */ + printf('<li><label for="dbprefix">%s</label> <input type="text" name="dbprefix" value="dc_"/></li>', __('Dotclear Table prefix:')); printf('<li><label for="dccharset">%s</label> <input type="text" name="dccharset" value="ISO-8859-15"/></li>', __('Originating character set:')); echo '</ul>'; } diff --git a/wp-inst/wp-admin/invites.php b/wp-inst/wp-admin/invites.php index ba01e4e..d955387 100644 --- a/wp-inst/wp-admin/invites.php +++ b/wp-inst/wp-admin/invites.php @@ -175,7 +175,7 @@ if( $invites_list != '' ) } else { $invited_time = $wpdb->get_var( "SELECT meta_value FROM $wpdb->usermeta WHERE meta_key = '" . md5( $val ) . "_invite_timestamp'" ); if( $invited_time ) { - $days_left = 7 - intval( ( time() - $invited_time ) / 86400 ); + $days_left = intval( get_site_option( "invite_time_limit" ) ) - intval( ( time() - $invited_time ) / 86400 ); print "<tr><td>$val</td><td>$invited_user_login</td><td><em>Invite Not Used Yet</em> ($days_left days left)"; if ( function_exists('delete_invite') ) print " (<a href='?action=deleteinvite&inviteemail=" . urlencode( $val ) . "'>Delete</a>)"; diff --git a/wp-inst/wp-admin/list-manipulation.php b/wp-inst/wp-admin/list-manipulation.php index 9e44792..dec8087 100644 --- a/wp-inst/wp-admin/list-manipulation.php +++ b/wp-inst/wp-admin/list-manipulation.php @@ -63,6 +63,20 @@ case 'delete-comment' : die('0'); } break; +case 'delete-comment-as-spam' : + $id = (int) $_POST['id']; + + if ( !$comment = get_comment($id) ) + die('0'); + if ( !current_user_can('edit_posts', $comment->comment_post_ID) ) + die('-1'); + + if ( wp_set_comment_status($comment->comment_ID, 'spam') ) { + die('1'); + } else { + die('0'); + } + break; case 'delete-link-category' : $id = (int) $_POST['id']; if ( 1 == $id ) diff --git a/wp-inst/wp-admin/menu.php b/wp-inst/wp-admin/menu.php index 0b18a73..8e420a7 100644 --- a/wp-inst/wp-admin/menu.php +++ b/wp-inst/wp-admin/menu.php @@ -83,6 +83,9 @@ if (! user_can_access_admin_page()) { if( $primary_blog ) { header( "Location: " . get_blog_option( $primary_blog, "siteurl" ) . "wp-admin/" ); exit; + } else { + header( "Location: http://{$current_user->data->user_login}.wordpress.com/wp-admin/" ); + exit; } die( __('You do not have sufficient permissions to access this page.') ); } diff --git a/wp-inst/wp-admin/page-new.php b/wp-inst/wp-admin/page-new.php index 880b083..9efbcd1 100644 --- a/wp-inst/wp-admin/page-new.php +++ b/wp-inst/wp-admin/page-new.php @@ -17,6 +17,7 @@ if ( current_user_can('edit_pages') ) { $post = get_default_post_to_edit(); $post->post_type = 'page'; + $post->post_status = 'publish'; include('edit-page-form.php'); } diff --git a/wp-inst/wp-admin/post.php b/wp-inst/wp-admin/post.php index 4160ce5..11d46c2 100644 --- a/wp-inst/wp-admin/post.php +++ b/wp-inst/wp-admin/post.php @@ -184,7 +184,10 @@ case 'confirmdeletecomment': die( __('You are not allowed to delete comments on this post.') ); echo "<div class='wrap'>\n"; - echo "<p>" . __('<strong>Caution:</strong> You are about to delete the following comment:') . "</p>\n"; + if ( 'spam' == $_GET['delete_type'] ) + echo "<p>" . __('<strong>Caution:</strong> You are about to mark the following comment as spam:') . "</p>\n"; + else + echo "<p>" . __('<strong>Caution:</strong> You are about to delete the following comment:') . "</p>\n"; echo "<table border='0'>\n"; echo "<tr><td>" . __('Author:') . "</td><td>$comment->comment_author</td></tr>\n"; echo "<tr><td>" . __('E-mail:') . "</td><td>$comment->comment_author_email</td></tr>\n"; @@ -195,6 +198,8 @@ case 'confirmdeletecomment': echo "<form action='".get_settings('siteurl')."/wp-admin/post.php' method='get'>\n"; echo "<input type='hidden' name='action' value='deletecomment' />\n"; + if ( 'spam' == $_GET['delete_type'] ) + echo "<input type='hidden' name='delete_type' value='spam' />\n"; echo "<input type='hidden' name='p' value='$p' />\n"; echo "<input type='hidden' name='comment' value='{$comment->comment_ID}' />\n"; echo "<input type='hidden' name='noredir' value='1' />\n"; @@ -226,8 +231,10 @@ case 'deletecomment': if ( !current_user_can('edit_post', $comment->comment_post_ID) ) die( __('You are not allowed to edit comments on this post.') ); - wp_set_comment_status($comment->comment_ID, "delete"); - do_action('delete_comment', $comment->comment_ID); + if ( 'spam' == $_GET['delete_type'] ) + wp_set_comment_status($comment->comment_ID, 'spam'); + else + wp_delete_comment($comment->comment_ID); if (($_SERVER['HTTP_REFERER'] != "") && (false == $noredir)) { header('Location: ' . $_SERVER['HTTP_REFERER']); diff --git a/wp-inst/wp-admin/upgrade-functions.php b/wp-inst/wp-admin/upgrade-functions.php index 80314c0..b1c2046 100644 --- a/wp-inst/wp-admin/upgrade-functions.php +++ b/wp-inst/wp-admin/upgrade-functions.php @@ -34,7 +34,7 @@ function upgrade_all() { if ( $wp_current_db_version < 3308 ) upgrade_160(); - if ( $wp_current_db_version < 3514 ) + if ( $wp_current_db_version < 3533 ) upgrade_210(); $wp_rewrite->flush_rules(); @@ -367,6 +367,17 @@ function upgrade_210() { if ( $wp_current_db_version < 3513 ) { populate_roles_210(); } + + if ( $wp_current_db_version < 3533 ) { + // Give future posts a post_status of future. + $now = gmdate('Y-m-d H:i:59'); + $wpdb->query ("UPDATE $wpdb->posts SET post_status = 'future' WHERE post_status = 'publish' AND post_date_gmt > '$now'"); + + $posts = $wpdb->get_results("SELECT ID, post_date FROM $wpdb->posts WHERE post_status ='future'"); + if ( !empty($posts) ) + foreach ( $posts as $post ) + wp_schedule_event(mysql2date('U', $post->post_date), 'once', 'publish_future_post', $post->ID); + } } // The functions we use to actually do stuff diff --git a/wp-inst/wp-admin/wpmu-blogs.php b/wp-inst/wp-admin/wpmu-blogs.php index 7809107..238e1a6 100644 --- a/wp-inst/wp-admin/wpmu-blogs.php +++ b/wp-inst/wp-admin/wpmu-blogs.php @@ -222,7 +222,7 @@ switch( $_GET[ 'action' ] ) { $start = intval( $_GET[ 'start' ] ); } if( isset( $_GET[ 'num' ] ) == false ) { - $num = 30; + $num = 60; } else { $num = intval( $_GET[ 'num' ] ); } @@ -236,6 +236,11 @@ switch( $_GET[ 'action' ] ) { WHERE site_id = '".$wpdb->siteid."' AND ".$wpdb->blogs.".site_id = ".$wpdb->site.".id AND {$wpdb->blogs}.domain like '%".$_GET[ 's' ]."%'"; + } elseif( $_GET[ 'blog_id' ] != '' ) { + $query = "SELECT * + FROM ".$wpdb->blogs." + WHERE site_id = '".$wpdb->siteid."' + AND blog_id = '".$_GET[ 'blog_id' ]."'"; } if( isset( $_GET[ 'sortby' ] ) == false ) { $_GET[ 'sortby' ] = 'ID'; @@ -243,7 +248,7 @@ switch( $_GET[ 'action' ] ) { if( $_GET[ 'sortby' ] == 'Registered' ) { $query .= ' ORDER BY registered '; } elseif( $_GET[ 'sortby' ] == 'ID' ) { - $query .= ' ORDER BY blog_id '; + $query .= ' ORDER BY ' . $wpdb->blogs . '.blog_id '; } elseif( $_GET[ 'sortby' ] == 'Last Updated' ) { $query .= ' ORDER BY last_updated '; } elseif( $_GET[ 'sortby' ] == 'Blog Name' ) { @@ -263,21 +268,49 @@ switch( $_GET[ 'action' ] ) { $next = true; } ?> +<script language="javascript"> +<!-- +var checkflag = "false"; +function check_all_rows() { + field = document.formlist; + if (checkflag == "false") { + for (i = 0; i < field.length; i++) { + if( field[i].name == 'allblogs[]' ) + field[i].checked = true;} + checkflag = "true"; + return "Uncheck All"; + } else { + for (i = 0; i < field.length; i++) { + if( field[i].name == 'allblogs[]' ) + field[i].checked = false; } + checkflag = "false"; + return "Check All"; + } +} +// --> +</script> + <h2>Blogs</h2> <form name="searchform" action="wpmu-blogs.php" method="get" style="float: left; width: 16em; margin-right: 3em;"> <table><td> <fieldset> <legend><?php _e('Search Blogs…') ?></legend> <input type='hidden' name='action' value='blogs'> - <input type="text" name="s" value="<?php if (isset($_GET[ 's' ])) echo wp_specialchars($_GET[ 's' ], 1); ?>" size="17" /> + Name: <input type="text" name="s" value="<?php if (isset($_GET[ 's' ])) echo wp_specialchars($_GET[ 's' ], 1); ?>" size="17" /><br /> + Blog ID: <input type="text" name="blog_id" value="<?php if (isset($_GET[ 'blog_id' ])) echo wp_specialchars($_GET[ 'blog_id' ], 1); ?>" size="10" /><br /> <input type="submit" name="submit" value="<?php _e('Search') ?>" /> </fieldset> + <?php + if( isset($_GET[ 's' ]) && $_GET[ 's' ] != '' ) { + ?><a href="/wp-admin/wpmu-users.php?action=users&s=<?php echo wp_specialchars($_GET[ 's' ], 1) ?>">Search Users: <?php echo wp_specialchars($_GET[ 's' ], 1) ?></a><?php + } + ?> </td><td> <fieldset> <legend><?php _e('Blog Navigation') ?></legend> <?php - $url2 = "order=" . $_GET[ 'order' ] . "&sortby=" . $_GET[ 'sortby' ]; + $url2 = "order=" . $_GET[ 'order' ] . "&sortby=" . $_GET[ 'sortby' ] . "&s=" . $_GET[ 's' ]; if( $start == 0 ) { echo 'Previous Blogs'; @@ -306,7 +339,7 @@ $posts_columns = array( 'blogname' => __('Blog Name'), 'last_updated' => __('Last Updated'), 'registered' => __('Registered'), - //'users' => __('Users'), + 'users' => __('Users'), 'plugins' => __('Actions') ); $posts_columns = apply_filters('manage_posts_columns', $posts_columns); @@ -321,7 +354,8 @@ $posts_columns['control_delete'] = ''; ?> -<form action='wpmu-edit.php?action=allblogs' method='POST'> +<form name='formlist' action='wpmu-edit.php?action=allblogs' method='POST'> +<input type=button value="Check All" onClick="this.value=check_all_rows()"> <table width="100%" cellpadding="3" cellspacing="3"> <tr> @@ -374,13 +408,11 @@ foreach($posts_columns as $column_name=>$column_display_name) { <?php break; - /* case 'users': ?> <td valign='top'><?php $blogusers = get_users_of_blog( $blog[ 'blog_id' ] ); if( is_array( $blogusers ) ) while( list( $key, $val ) = each( $blogusers ) ) { print '<a href="user-edit.php?user_id=' . $val->user_id . '">' . $val->user_login . '</a><BR>'; } ?></td> <?php break; - */ case 'control_view': ?> @@ -456,7 +488,12 @@ foreach($posts_columns as $column_name=>$column_display_name) { } // end if ($blogs) ?> </table> -<p>Selected Blogs:<ul><li><input type='checkbox' name='blogfunction' value='delete'> Delete</li></ul> +<input type=button value="Check All" onClick="this.value=check_all_rows()"> +<p>Selected Blogs:<ul> +<li><input type='radio' name='blogfunction' id='delete' value='delete'> <label for='delete'>Delete</label></li> +<li><input type='radio' name='blogfunction' id='spam' value='spam'> <label for='spam'>Mark as Spam</label></li> +</ul> +<input type='hidden' name='redirect' value='<?php echo $_SERVER[ 'REQUEST_URI' ] ?>'> <input type='submit' value='Apply Changes'></p> </form> <?php diff --git a/wp-inst/wp-admin/wpmu-edit.php b/wp-inst/wp-admin/wpmu-edit.php index 7d5f677..99e1138 100644 --- a/wp-inst/wp-admin/wpmu-edit.php +++ b/wp-inst/wp-admin/wpmu-edit.php @@ -119,11 +119,9 @@ switch( $_GET[ 'action' ] ) { $optvalue = $opts[ 'option_value' ]; $option_id = $opts[ 'option_id' ]; if( $opts == false ) { - $query = "INSERT INTO ".$options_table_name." ( `option_id` , `blog_id` , `option_name` , `option_can_override` , `option_type` , `option_value` , `option_width` , `option_height` , `option_description` , `option_admin_level` , `autoload` ) VALUES ( NULL, '0', '".$key."', 'Y', '1', '".$val."', '20', '8', '', '1', 'yes')"; - $wpdb->query( $query ); + add_blog_option( $id, $key, $val ); } elseif( $optvalue != $val ) { - $query = "UPDATE ".$options_table_name." SET option_value = '".$val."' WHERE option_name = '".$key."'"; - $wpdb->query( $query ); + update_blog_option( $id, $key, $val ); } } } @@ -188,15 +186,23 @@ switch( $_GET[ 'action' ] ) { if( is_site_admin() == false ) { die( __('<p>You do not have permission to access this page.</p>') ); } - if( $_POST[ 'blogfunction' ] == 'delete' ) { - if( is_array( $_POST[ 'allblogs' ] ) ) { - while( list( $key, $val ) = each( $_POST[ 'allblogs' ] ) ) - if( $val != '0' && $val != '1' ) + if( is_array( $_POST[ 'allblogs' ] ) ) { + while( list( $key, $val ) = each( $_POST[ 'allblogs' ] ) ) { + if( $val != '0' && $val != '1' ) { + if( $_POST[ 'blogfunction' ] == 'delete' ) { wpmu_delete_blog( $val ); + } elseif( $_POST[ 'blogfunction' ] == 'spam' ) { + update_blog_status( $val, "spam", '1' ); + } + } } } - header( "Location: wpmu-blogs.php?updated=true" ); + if( isset( $_POST[ 'redirect' ] ) ) { + wpmu_admin_do_redirect( $_POST[ 'redirect' ] ); + } else { + header( "Location: wpmu-blogs.php?updated=true" ); + } break; case "activateblog": if( is_site_admin() == false ) { diff --git a/wp-inst/wp-admin/wpmu-themes.php b/wp-inst/wp-admin/wpmu-themes.php index f03d79d..a8e679c 100644 --- a/wp-inst/wp-admin/wpmu-themes.php +++ b/wp-inst/wp-admin/wpmu-themes.php @@ -16,14 +16,16 @@ $allowed_themes = get_site_option( "allowed_themes" ); if( $allowed_themes == false ) { $allowed_themes = array_keys( $themes ); } +?> -print "<br />"; -print "<form action='wpmu-edit.php?action=updatethemes' method='POST'>"; -print "<h3>Site Themes</h3>"; -print '<table border="0" cellspacing="2" cellpadding="5" class="editform">'; -print "<caption>Disable themes site-wide. You can enable themes on a blog by blog basis.</caption>"; -print '<tr><th>Theme</th><th>Description</th><th>Disabled</th></tr>'; -while( list( $key, $val ) = each( $themes ) ) { +<form action='wpmu-edit.php?action=updatethemes' method='POST'> +<h3>Site Themes</h3> +<table border="0" cellspacing="5" cellpadding="5"> +<caption>Disable themes site-wide. You can enable themes on a blog by blog basis.</caption> +<tr><th width="100">Disabled</th><th>Theme</th><th>Description</th></tr> +<?php +while( list( $key, $val ) = each( $themes ) ) { + $i++; $enabled = ''; $disabled = ''; if( isset( $allowed_themes[ $key ] ) == true ) { @@ -31,21 +33,24 @@ while( list( $key, $val ) = each( $themes ) ) { } else { $disabled = 'checked '; } - ?> - <tr valign="top"> - <th scope="row"><?php echo $key ?></th> - <td><?php echo $val[ 'Description' ] ?></td> - <td> - <input name="theme[<?php echo $key ?>]" type="radio" id="<?php echo $key ?>" value="disabled" <?php echo $disabled ?>/> Yes - - <input name="theme[<?php echo $key ?>]" type="radio" id="<?php echo $key ?>" value="enabled" <?php echo $enabled ?>/> No - </td> - </tr> - <?php +?> + +<tr valign="top" style="<?php if ($i%2) echo 'background: #eee'; ?>"> +<td> +<label><input name="theme[<?php echo $key ?>]" type="radio" id="<?php echo $key ?>" value="disabled" <?php echo $disabled ?>/> Yes</label> + +<label><input name="theme[<?php echo $key ?>]" type="radio" id="<?php echo $key ?>" value="enabled" <?php echo $enabled ?>/> No</label> +</td> +<th scope="row" align="left"><?php echo $key ?></th> +<td><?php echo $val[ 'Description' ] ?></td> +</tr> +<?php } ?> </table> -<input type='submit' value='Update Themes'> +<p class="submit"> +<input type='submit' value='Update Themes »' /> +</p> </form> </div> diff --git a/wp-inst/wp-admin/wpmu-upgrade-site.php b/wp-inst/wp-admin/wpmu-upgrade-site.php index 94a18f6..ae709a7 100644 --- a/wp-inst/wp-admin/wpmu-upgrade-site.php +++ b/wp-inst/wp-admin/wpmu-upgrade-site.php @@ -18,26 +18,30 @@ switch( $_GET[ 'action' ] ) { } else { $n = $_GET[ 'n' ]; } - $blogs = $wpdb->get_results( "SELECT blog_id, domain, path FROM $wpdb->blogs WHERE site_id = '$wpdb->siteid' ORDER BY registered DESC LIMIT $n, 10", ARRAY_A ); + $blogs = $wpdb->get_results( "SELECT * FROM $wpdb->blogs WHERE site_id = '$wpdb->siteid' AND spam = '0' AND deleted = '0' AND archived = '0' ORDER BY registered DESC LIMIT $n, 5", ARRAY_A ); if( is_array( $blogs ) ) { foreach( $blogs as $details ) { - $siteurl = $wpdb->get_var( "SELECT option_value from {$wpmuBaseTablePrefix}{$details[ 'blog_id' ]}_options WHERE option_name = 'siteurl'" ); - print "$siteurl<br>"; - $fp = fopen( $siteurl . "wp-admin/upgrade.php?step=1", "r" ); - if( $fp ) { - while( feof( $fp ) == false ) { - fgets($fp, 4096); + if( $details[ 'spam' ] == 0 && $details[ 'deleted' ] == 0 && $details[ 'archived' ] == 0 ) { + $siteurl = $wpdb->get_var( "SELECT option_value from {$wpmuBaseTablePrefix}{$details[ 'blog_id' ]}_options WHERE option_name = 'siteurl'" ); + print "$siteurl<br>"; + $fp = fopen( $siteurl . "wp-admin/upgrade.php?step=1", "r" ); + if( $fp ) { + while( feof( $fp ) == false ) { + fgets($fp, 4096); + } + fclose( $fp ); } - fclose( $fp ); + } else { + print "Not upgrading: {$details[ 'domain' ]}<br>"; } } ?> - <p>If your browser doesn't start loading the next page automatically click this link: <a href="?action=upgrade&n=<?php echo ($n + 10) ?>">Next Blogs</a> </p> + <p>If your browser doesn't start loading the next page automatically click this link: <a href="?action=upgrade&n=<?php echo ($n + 5) ?>">Next Blogs</a> </p> <script language='javascript'> <!-- function nextpage() { - location.href="wpmu-upgrade-site.php?action=upgrade&n=<?php echo ($n + 10) ?>"; + location.href="wpmu-upgrade-site.php?action=upgrade&n=<?php echo ($n + 5) ?>"; } setTimeout( "nextpage()", 250 ); diff --git a/wp-inst/wp-admin/wpmu-users.php b/wp-inst/wp-admin/wpmu-users.php index 007217b..7e3a1ff 100644 --- a/wp-inst/wp-admin/wpmu-users.php +++ b/wp-inst/wp-admin/wpmu-users.php @@ -8,8 +8,8 @@ switch( $_GET[ 'action' ] ) { $wpdb->query( "DELETE FROM " . $wpdb->usermeta . " WHERE user_id = '" . $id . "'" ); $wpdb->query( "DELETE FROM " . $wpdb->users . " WHERE ID = '" . $id . "'" ); } - header( "Location: wpmu-users.php?updated=true" ); - exit; + wpmu_admin_do_redirect( "wpmu-users.php" ); + die(); break; } @@ -81,12 +81,21 @@ switch( $_GET[ 'action' ] ) { if( is_site_admin() == false ) { die( __('<p>You do not have permission to access this page.</p>') ); } - if( $_POST[ 'userfunction' ] == 'delete' ) { - if( is_array( $_POST[ 'allusers' ] ) ) { - while( list( $key, $val ) = each( $_POST[ 'allusers' ] ) ) { - if( $val != '' && $val != '0' && $val != '1' ) { + if( is_array( $_POST[ 'allusers' ] ) ) { + while( list( $key, $val ) = each( $_POST[ 'allusers' ] ) ) { + if( $val != '' && $val != '0' && $val != '1' ) { + $user_details = get_userdata( $val ); + if( $_POST[ 'userfunction' ] == 'delete' ) { $wpdb->query( "DELETE FROM {$wpdb->users} WHERE ID = '$val'" ); $wpdb->query( "DELETE FROM {$wpdb->usermeta} WHERE user_id = '$val'" ); + } elseif( $_POST[ 'userfunction' ] == 'spam' ) { + $blogs = get_blogs_of_user( $val ); + if( is_array( $blogs ) ) { + while( list( $key, $details ) = each( $blogs ) ) { + update_blog_status( $details->userblog_id, "spam", '1' ); + do_action( "make_spam_blog", $details->userblog_id ); + } + } } } } @@ -147,12 +156,17 @@ switch( $_GET[ 'action' ] ) { <input type="text" name="s" value="<?php if (isset($_GET[ 's' ])) echo wp_specialchars($_GET[ 's' ], 1); ?>" size="17" /> <input type="submit" name="submit" value="<?php _e('Search') ?>" /> </fieldset> + <?php + if( isset($_GET[ 's' ]) && $_GET[ 's' ] != '' ) { + ?><a href="/wp-admin/wpmu-blogs.php?action=blogs&s=<?php echo wp_specialchars($_GET[ 's' ], 1) ?>">Search Blogs: <?php echo wp_specialchars($_GET[ 's' ], 1) ?></a><?php + } + ?> </td><td> <fieldset> <legend><?php _e('User Navigation') ?></legend> <?php - $url2 = "order=" . $_GET[ 'order' ] . "&sortby=" . $_GET[ 'sortby' ]; + $url2 = "order=" . $_GET[ 'order' ] . "&sortby=" . $_GET[ 'sortby' ] . "&s=" .$_GET[ 's' ]; if( $start == 0 ) { echo 'Previous Users'; @@ -191,8 +205,30 @@ $posts_columns['control_edit'] = ''; $posts_columns['control_delete'] = ''; ?> +<script language="javascript"> +<!-- +var checkflag = "false"; +function check_all_rows() { + field = document.formlist; + if (checkflag == "false") { + for (i = 0; i < field.length; i++) { + if( field[i].name == 'allusers[]' ) + field[i].checked = true;} + checkflag = "true"; + return "Uncheck All"; + } else { + for (i = 0; i < field.length; i++) { + if( field[i].name == 'allusers[]' ) + field[i].checked = false; } + checkflag = "false"; + return "Check All"; + } +} +// --> +</script> -<form action='wpmu-users.php?action=allusers' method='POST'> +<form name='formlist' action='wpmu-users.php?action=allusers' method='POST'> +<input type=button value="Check All" onClick="this.value=check_all_rows()"> <table width="100%" cellpadding="3" cellspacing="3"> <tr> @@ -247,8 +283,15 @@ foreach($posts_columns as $column_name=>$column_display_name) { break; case 'blogs': + $blogs = get_blogs_of_user( $user[ 'ID' ] ); ?> - <td><?php $blogs = get_blogs_of_user( $user[ 'ID' ] ); if( is_array( $blogs ) ) while( list( $key, $val ) = each( $blogs ) ) { print '<a href="wpmu-blogs.php?action=editblog&id=' . $val->userblog_id . '">' . str_replace( '.' . $current_site->domain, '', $val->domain ) . '</a><BR>'; } ?></td> + <td><?php if( is_array( $blogs ) ) + while( list( $key, $val ) = each( $blogs ) ) { + print '<a href="wpmu-blogs.php?action=editblog&id=' . $val->userblog_id . '">' . str_replace( '.' . $current_site->domain, '', $val->domain ) . '</a> (<a '; + if( get_blog_status( $val->userblog_id, 'spam' ) == 1 ) + print 'style="background-color: #f66" '; + print 'target="_new" href="http://'.$val->domain . $val->path.'">View</a>)<BR>'; + } ?></td> <?php break; @@ -260,7 +303,7 @@ foreach($posts_columns as $column_name=>$column_display_name) { case 'control_delete': ?> - <td><?php echo "<a href='wpmu-users.php?action=delete&id=".$user[ 'ID' ]."' class='delete' onclick=\"return confirm('" . sprintf(__("You are about to delete this user?\\n \'OK\' to delete, \'Cancel\' to stop.") ) . "')\">" . __('Delete') . "</a>"; ?></td> + <td><?php echo "<a href='wpmu-users.php?action=delete&id=".$user[ 'ID' ]."&redirect=".wpmu_admin_redirect_url()."' class='delete' onclick=\"return confirm('" . sprintf(__("You are about to delete this user?\\n \'OK\' to delete, \'Cancel\' to stop.") ) . "')\">" . __('Delete') . "</a>"; ?></td> <?php break; @@ -284,7 +327,10 @@ foreach($posts_columns as $column_name=>$column_display_name) { } // end if ($users) ?> </table> -<p>Selected Users:<ul><li><input type='checkbox' name='userfunction' value='delete'> Delete</li></ul> +<p>Selected Users:<ul> +<li><input type='radio' name='userfunction' id='delete' value='delete'> <label for='delete'>Delete</label></li> +<li><input type='radio' name='userfunction' id='spam' value='spam'> <label for='spam'>Mark as Spammers</label></li> +</ul> <input type='submit' value='Apply Changes'></p> </form> diff --git a/wp-inst/wp-commentsrss2.php b/wp-inst/wp-commentsrss2.php index 2f0e47c..e81cc20 100644 --- a/wp-inst/wp-commentsrss2.php +++ b/wp-inst/wp-commentsrss2.php @@ -32,7 +32,7 @@ if (have_posts()) : comment_author_url, comment_date, comment_date_gmt, comment_content, comment_post_ID, $wpdb->posts.ID, $wpdb->posts.post_password FROM $wpdb->comments LEFT JOIN $wpdb->posts ON comment_post_id = id WHERE comment_post_ID = '$id' - AND $wpdb->comments.comment_approved = '1' AND $wpdb->posts.post_status = 'publish') + AND $wpdb->comments.comment_approved = '1' AND $wpdb->posts.post_status = 'publish' AND post_date_gmt < '" . gmdate("Y-m-d H:i:59") . "' ORDER BY comment_date_gmt DESC LIMIT " . get_settings('posts_per_rss') ); } else { // if no post id passed in, we'll just ue the last 10 comments. diff --git a/wp-inst/wp-content/mu-plugins/invites.php b/wp-inst/wp-content/mu-plugins/invites.php index ae5be6b..3cddc09 100644 --- a/wp-inst/wp-content/mu-plugins/invites.php +++ b/wp-inst/wp-content/mu-plugins/invites.php @@ -125,8 +125,8 @@ function invites_add_field() { add_action('newblogform', 'invites_add_field'); function invites_cleanup_db( $val ) { - global $wpdb, $wpmuBaseTablePrefix, $url, $weblog_title; - if( isset( $_POST[ 'u' ] ) ) { + global $wpdb, $wpmuBaseTablePrefix, $url, $weblog_title; + if( isset( $_POST[ 'u' ] ) ) { $wpdb->query( "DELETE FROM ".$wpdb->usermeta." WHERE meta_key = 'invite' AND meta_value = '".$_POST[ 'u' ]."'" ); $wpdb->query( "DELETE FROM ".$wpdb->usermeta." WHERE meta_key = '{$_POST[ 'u' ]}_to_email'" ); $wpdb->query( "DELETE FROM ".$wpdb->usermeta." WHERE meta_key = '{$_POST[ 'u' ]}_to_name'" ); @@ -148,7 +148,7 @@ function invites_cleanup_db( $val ) { $wpdb->query( "INSERT INTO ".$wpdb->usermeta." ( `umeta_id` , `user_id` , `meta_key` , `meta_value` ) VALUES ( NULL, '{$id}', 'invites_left' , '" . get_site_option( "invites_per_user" ) . "' )" ); $wpdb->query( "INSERT INTO ".$wpdb->usermeta." ( `umeta_id` , `user_id` , `meta_key` , `meta_value` ) VALUES ( NULL, '{$id}', 'invite_hash' , '{$_POST[ 'u' ]}' )" ); } - } + } } add_action('newblogfinished', 'invites_cleanup_db'); @@ -156,35 +156,33 @@ add_action('newblogfinished', 'invites_cleanup_db'); Configure invites: sig, number per user, default message */ -if( is_site_admin() ) { - add_action('admin_menu', 'invites_admin_menu'); - add_action('admin_footer', 'invites_admin_footer'); -} +add_action('admin_menu', 'invites_admin_menu'); function invites_admin_menu() { $pfile = basename(dirname(__FILE__)) . '/' . basename(__FILE__); - add_submenu_page('wpmu-admin.php', 'Invites', 'Invites', 0, $pfile, 'invites_admin_content'); -} - -function invites_admin_footer() { + if ( is_site_admin() ) + add_submenu_page('wpmu-admin.php', 'Invites', 'Invites', 0, $pfile, 'invites_admin_content'); } add_action('admin_footer', 'timed_invites'); function timed_invites() { - global $wpdb; + global $wpdb, $current_user; - $invites_add_days = get_site_option( "invites_add_days", 7 ); - if( $invites_add_days != 0 ) { - $days_registered = $wpdb->get_var( "SELECT TO_DAYS( NOW() ) - TO_DAYS( user_registered ) FROM $wpdb->users WHERE ID = '" . get_current_user_id() . "'" ); - if( $days_registered % get_site_option( "invites_add_days", 7 ) == 0 ) { - $invite_day = get_user_option( "invite_day" ); - if( $invite_day != $days_registered ) { - $invites_left = get_user_option( "invites_left" ); - if( $invites_left < get_site_option( "invites_per_user" ) ) { - update_usermeta( get_current_user_id(), "invites_left", ($invites_left + get_site_option( "invites_add_number", 1 ) ) ); + $chance = mt_rand( 0, 20 ); + if( $chance == '5' ) { + $invites_add_days = get_site_option( "invites_add_days", 7 ); + if( $invites_add_days != 0 ) { + $days_registered = $wpdb->get_var( "SELECT TO_DAYS( NOW() ) - TO_DAYS( user_registered ) FROM $wpdb->users WHERE ID = '" . get_current_user_id() . "'" ); + if( $days_registered % get_site_option( "invites_add_days", 7 ) == 0 ) { + $invite_day = get_user_option( "invite_day" ); + if( $invite_day != $days_registered ) { + $invites_left = get_usermeta( $current_user->id, "invites_left" ); + if( $invites_left < get_site_option( "invites_per_user" ) ) { + update_usermeta( get_current_user_id(), "invites_left", ($invites_left + get_site_option( "invites_add_number", 1 ) ) ); + } + update_usermeta( get_current_user_id(), "invite_day", $days_registered ); } - update_usermeta( get_current_user_id(), "invite_day", $days_registered ); } } } @@ -200,7 +198,7 @@ function expire_old_invites() { $mutex = $wpdb->get_var( "SELECT meta_value FROM ".$wpdb->usermeta." WHERE meta_key = 'invite_mutex'" ); if( $mutex == false ) { $wpdb->query( "INSERT INTO ".$wpdb->usermeta." ( `umeta_id` , `user_id` , `meta_key` , `meta_value` ) VALUES ( NULL, '0', 'invite_mutex' , '1' )" ); - $invites = $wpdb->get_results( "SELECT * FROM {$wpdb->usermeta} WHERE meta_key like '%_invite_timestamp' AND ( TO_DAYS( NOW() ) - TO_DAYS( FROM_UNIXTIME( meta_value ) ) ) >= " . intval( get_site_option( 'invite_time_limit', 7 ) ) ); + $invites = $wpdb->get_results( "SELECT * FROM {$wpdb->usermeta} WHERE meta_key like '%_invite_timestamp' AND ( TO_DAYS( NOW() ) - TO_DAYS( FROM_UNIXTIME( meta_value ) ) ) >= " . intval( get_site_option( 'invite_time_limit', 31 ) ) ); if( is_array( $invites ) ) { while( list( $key, $val ) = each( $invites ) ) { $email_md5 = substr( $val->meta_key, 0, strpos( $val->meta_key, "_invite_timestamp" ) ); @@ -263,6 +261,7 @@ function invites_admin_content() { update_site_option( "invites_default_subject", $_GET[ 'invites_default_subject' ] ); update_site_option( "invites_add_number", intval( $_GET[ 'invites_add_number' ] ) ); update_site_option( "invites_add_days", intval( $_GET[ 'invites_add_days' ] ) ); + update_site_option( "invite_time_limit", intval( $_GET[ 'invite_time_limit' ] ) ); if( $_GET[ 'check_reg_for_invite' ] == 'yes' ) { update_site_option( "check_reg_for_invite", 'yes' ); } else { @@ -292,6 +291,7 @@ function invites_admin_content() { <tr><th scope='row' valign='top'>Invites Per User:</td><td><input type='text' size='2' maxlength='2' name='invites_per_user' value='<?php echo $invites_per_user ?>'></td></tr> <tr><th scope='row' valign='top'>Number of Invites To Add: </td><td><input type='text' size='2' maxlength='2' name='invites_add_number' value='<?php echo get_site_option( "invites_add_number", 1 ) ?>'> (This number of invites will be added to each user every X days.)</td></tr> <tr><th scope='row' valign='top'>Add Invites Every</td><td valign='top'><input type='text' size='2' maxlength='2' name='invites_add_days' value='<?php echo get_site_option( "invites_add_days", 7 ) ?>'> <strong>Days</strong> (0 to disable)</td></tr> + <tr><th scope='row' valign='top'>Invites Expire After</td><td valign='top'><input type='text' size='2' maxlength='2' name='invite_time_limit' value='<?php echo get_site_option( "invite_time_limit", 31 ) ?>'> <strong>Days</strong></td></tr> <tr><th scope='row' valign='top'>Default Subject:</td><td><input type='text' size='70' maxlength='90' name='invites_default_subject' value='<?php echo get_site_option( "invites_default_subject" ) ?>'></td></tr> <tr><th scope='row' valign='top'>Default Message:</td><td><textarea rows="9" cols="70" name="invites_default_message" tabindex="5" id="defaultmessage"><?php echo str_replace( "\\r\\n", "\n", stripslashes( get_site_option( 'invites_default_message' ) ) ) ?></textarea></td></tr> <tr><th scope='row' valign='top'>Registration - check for invite: </td><td><input type='checkbox' name='check_reg_for_invite' value='yes'<?php if( get_site_option( 'check_reg_for_invite' ) == 'yes' ) echo " checked"; ?>></td></tr> diff --git a/wp-inst/wp-content/mu-plugins/misc.php b/wp-inst/wp-content/mu-plugins/misc.php index 8e93f99..b843362 100644 --- a/wp-inst/wp-content/mu-plugins/misc.php +++ b/wp-inst/wp-content/mu-plugins/misc.php @@ -63,4 +63,17 @@ function upload_is_file_too_big( $ret ) { add_filter( "check_uploaded_file", "upload_is_file_too_big" ); add_filter('the_title', 'wp_filter_kses'); +function update_posts_count( $post_id ) { + global $wpdb; + $c = $wpdb->get_var( "SELECT count(*) FROM {$wpdb->posts} WHERE post_status = 'publish' and post_type='post'" ); + update_option( "post_count", $c ); +} +add_action( "publish_post", "update_posts_count" ); + +function update_pages_last_updated( $post_id ) { + global $wpdb; + if( $wpdb->get_var( "SELECT post_type FROM {$wpdb->posts} WHERE post_status = 'publish' and ID = '$post_id'" ) == 'page' ) + update_option( "pages_last_updated", time() ); +} +add_action( "save_post", "update_pages_last_updated" ); ?> diff --git a/wp-inst/wp-content/themes/default/index.php b/wp-inst/wp-content/themes/default/index.php index ffb0779..165cfab 100644 --- a/wp-inst/wp-content/themes/default/index.php +++ b/wp-inst/wp-content/themes/default/index.php @@ -8,8 +8,8 @@ <div class="post" id="post-<?php the_ID(); ?>"> <h2><a href="<?php the_permalink() ?>" rel="bookmark" title="Permanent Link to <?php the_title(); ?>"><?php the_title(); ?></a></h2> - <small><?php the_time('F jS, Y') ?> <!-- by <?php the_author() ?> --></small> - + <small><?php the_time('F jS, Y') ?> by <?php the_author() ?></small> + <div class="entry"> <?php the_content('Read the rest of this entry »'); ?> </div> diff --git a/wp-inst/wp-includes/js/tinymce/tiny_mce_gzip.php b/wp-inst/wp-includes/js/tinymce/tiny_mce_gzip.php index 36e1fca..4a5050b 100644 --- a/wp-inst/wp-includes/js/tinymce/tiny_mce_gzip.php +++ b/wp-inst/wp-includes/js/tinymce/tiny_mce_gzip.php @@ -94,17 +94,17 @@ } // Set up init variables - if ( current_user_can('unfiltered_html') ) // Use the full XHTML set provided in the docs +// if ( current_user_can('unfiltered_html') ) // Use the full XHTML set provided in the docs $valid_elements = 'a[accesskey|charset|class|coords|dir<ltr?rtl|href|hreflang|id|lang|name|onblur|onclick|ondblclick|onfocus|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|rel|rev|shape<circle?default?poly?rect|style|tabindex|title|target|type],abbr[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],acronym[class|dir<ltr?rtl|id|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],address[class|align|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],applet[align<bottom?left?middle?right?top|alt|archive|class|code|codebase|height|hspace|id|name|object|style|title|vspace|width],area[accesskey|alt|class|coords|dir<ltr?rtl|href|id|lang|nohref<nohref|onblur|onclick|ondblclick|onfocus|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|shape<circle?default?poly?rect|style|tabindex|title|target],base[href|target],basefont[color|face|id|size],bdo[class|dir<ltr?rtl|id|lang|style|title],big[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],blockquote[dir|style|cite|class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],body[alink|background|bgcolor|class|dir<ltr?rtl|id|lang|link|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onload|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|onunload|style|title|text|vlink],br[class|clear<all?left?none?right|id|style|title],button[accesskey|class|dir<ltr?rtl|disabled<disabled|id|lang|name|onblur|onclick|ondblclick|onfocus|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|tabindex|title|type|value],caption[align<bottom?left?right?top|class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],center[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],' - . 'cite[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],code[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],col[align<center?char?justify?left?right|char|charoff|class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|span|style|title|valign<baseline?bottom?middle?top|width],colgroup[align<center?char?justify?left?right|char|charoff|class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|span|style|title|valign<baseline?bottom?middle?top|width],dd[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],del[cite|class|datetime|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],dfn[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],dir[class|compact<compact|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],div[align<center?justify?left?right|class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],dl[class|compact<compact|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],dt[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],em/i[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],' + . 'cite[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],code[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],col[align<center?char?justify?left?right|char|charoff|class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|span|style|title|valign<baseline?bottom?middle?top|width],colgroup[align<center?char?justify?left?right|char|charoff|class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|span|style|title|valign<baseline?bottom?middle?top|width],dd[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],del[cite|class|datetime|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],dfn[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],dir[class|compact<compact|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],-div[align<center?justify?left?right|class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],dl[class|compact<compact|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],dt[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],-em/i[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],' . 'fieldset[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],font[class|color|dir<ltr?rtl|face|id|lang|size|style|title],form[accept|accept-charset|action|class|dir<ltr?rtl|enctype|id|lang|method<get?post|name|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|onreset|onsubmit|style|title|target],frame[class|frameborder|id|longdesc|marginheight|marginwidth|name|noresize<noresize|scrolling<auto?no?yes|src|style|title],frameset[class|cols|id|onload|onunload|rows|style|title],h1[align<center?justify?left?right|class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],h2[align<center?justify?left?right|class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],h3[align<center?justify?left?right|class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],h4[align<center?justify?left?right|class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],h5[align<center?justify?left?right|class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],h6[align<center?justify?left?right|class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],head[dir<ltr?rtl|lang|profile],hr[align<center?left?right|class|dir<ltr?rtl|id|lang|noshade<noshade|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|size|style|title|width],html[dir<ltr?rtl|lang|version],' . 'iframe[align<bottom?left?middle?right?top|class|frameborder|height|id|longdesc|marginheight|marginwidth|name|scrolling<auto?no?yes|src|style|title|width],img[align<bottom?left?middle?right?top|alt|border|class|dir<ltr?rtl|height|hspace|id|ismap<ismap|lang|longdesc|name|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|src|style|title|usemap|vspace|width],input[accept|accesskey|align<bottom?left?middle?right?top|alt|checked<checked|class|dir<ltr?rtl|disabled<disabled|id|ismap<ismap|lang|maxlength|name|onblur|onclick|ondblclick|onfocus|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|onselect|readonly<readonly|size|src|style|tabindex|title|type<button?checkbox?file?hidden?image?password?radio?reset?submit?text|usemap|value],ins[cite|class|datetime|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],isindex[class|dir<ltr?rtl|id|lang|prompt|style|title],kbd[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],label[accesskey|class|dir<ltr?rtl|for|id|lang|onblur|onclick|ondblclick|onfocus|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],legend[align<bottom?left?right?top|accesskey|class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],li[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title|type|value],link[charset|class|dir<ltr?rtl|href|hreflang|id|lang|media|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|rel|rev|style|title|target|type],map[class|dir<ltr?rtl|id|lang|name|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],' . 'menu[class|compact<compact|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],meta[content|dir<ltr?rtl|http-equiv|lang|name|scheme],noframes[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],noscript[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],object[align<bottom?left?middle?right?top|archive|border|class|classid|codebase|codetype|data|declare|dir<ltr?rtl|height|hspace|id|lang|name|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|standby|style|tabindex|title|type|usemap|vspace|width],ol[class|compact<compact|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|start|style|title|type],optgroup[class|dir<ltr?rtl|disabled<disabled|id|label|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],option[class|dir<ltr?rtl|disabled<disabled|id|label|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|selected<selected|style|title|value],p[align<center?justify?left?right|class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],param[id|name|type|value|valuetype<DATA?OBJECT?REF],pre/listing/plaintext/xmp[align|class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title|width],q[cite|class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],' - . 's[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],samp[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],script[charset|defer|language|src|type],select[class|dir<ltr?rtl|disabled<disabled|id|lang|multiple<multiple|name|onblur|onclick|ondblclick|onfocus|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|size|style|tabindex|title],small[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],span[align<center?justify?left?right|class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],strike[class|class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],strong/b[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],style[dir<ltr?rtl|lang|media|title|type],sub[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],sup[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],table[align<center?left?right|bgcolor|border|cellpadding|cellspacing|class|dir<ltr?rtl|frame|height|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|rules|style|summary|title|width],' + . 's[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],samp[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],script[charset|defer|language|src|type],select[class|dir<ltr?rtl|disabled<disabled|id|lang|multiple<multiple|name|onblur|onclick|ondblclick|onfocus|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|size|style|tabindex|title],small[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],span[align<center?justify?left?right|class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],strike[class|class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],-strong/b[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],style[dir<ltr?rtl|lang|media|title|type],sub[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],sup[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],table[align<center?left?right|bgcolor|border|cellpadding|cellspacing|class|dir<ltr?rtl|frame|height|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|rules|style|summary|title|width],' . 'tbody[align<center?char?justify?left?right|char|class|charoff|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title|valign<baseline?bottom?middle?top],td[abbr|align<center?char?justify?left?right|axis|bgcolor|char|charoff|class|colspan|dir<ltr?rtl|headers|height|id|lang|nowrap<nowrap|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|rowspan|scope<col?colgroup?row?rowgroup|style|title|valign<baseline?bottom?middle?top|width],textarea[accesskey|class|cols|dir<ltr?rtl|disabled<disabled|id|lang|name|onblur|onclick|ondblclick|onfocus|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|onselect|readonly<readonly|rows|style|tabindex|title],tfoot[align<center?char?justify?left?right|char|charoff|class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title|valign<baseline?bottom?middle?top],th[abbr|align<center?char?justify?left?right|axis|bgcolor|char|charoff|class|colspan|dir<ltr?rtl|headers|height|id|lang|nowrap<nowrap|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|rowspan|scope<col?colgroup?row?rowgroup|style|title|valign<baseline?bottom?middle?top|width],thead[align<center?char?justify?left?right|char|charoff|class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title|valign<baseline?bottom?middle?top],' . 'title[dir<ltr?rtl|lang],tr[abbr|align<center?char?justify?left?right|bgcolor|char|charoff|class|rowspan|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title|valign<baseline?bottom?middle?top],tt[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],u[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title],ul[class|compact<compact|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title|type],var[class|dir<ltr?rtl|id|lang|onclick|ondblclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|style|title]'; - else // Use a much smaller set - $valid_elements = '-a[id|href|title|rel],-strong/b,-em/i,-strike,-del,-u,p[class|align|dir],-ol,-ul,-li,br,img[class|src|alt|title|width|height|align],-sub,-sup,-blockquote[dir],-table[border|cellspacing|cellpadding|width|height|class|align|dir],thead[class|rowspan|width|height|align|valign|dir],tr[class|rowspan|width|height|align|valign|dir],th[dir|class|colspan|rowspan|width|height|align|valign|scope],td[dir|class|colspan|rowspan|width|height|align|valign],-div[dir|class|align],-span[class|align],-pre[class],-code[class],-address,-h1[class|align|dir],-h2[class|align|dir],-h3[class|align|dir],-h4[class|align|dir],-h5[class|align|dir],-h6[class|align|dir],hr'; +// else // Use a much smaller set +// $valid_elements = '-a[id|href|title|rel],-strong/b,-em/i,-strike,-del,-u,p[class|align|dir],-ol,-ul,-li,br,img[class|src|alt|title|width|height|align],-sub,-sup,-blockquote[dir],-table[border|cellspacing|cellpadding|width|height|class|align|dir],thead[class|rowspan|width|height|align|valign|dir],tr[class|rowspan|width|height|align|valign|dir],th[dir|class|colspan|rowspan|width|height|align|valign|scope],td[dir|class|colspan|rowspan|width|height|align|valign],-div[dir|class|align],-span[class|align],-pre[class],-code[class],-address,-h1[class|align|dir],-h2[class|align|dir],-h3[class|align|dir],-h4[class|align|dir],-h5[class|align|dir],-h6[class|align|dir],hr'; $valid_elements = apply_filters('mce_valid_elements', $valid_elements); $plugins = implode($plugins, ','); $mce_buttons = apply_filters('mce_buttons', array('bold', 'italic', 'strikethrough', 'separator', 'bullist', 'numlist', 'outdent', 'indent', 'separator', 'justifyleft', 'justifycenter', 'justifyright' ,'separator', 'link', 'unlink', 'image', 'wordpress', 'separator', 'undo', 'redo', 'code', 'wphelp')); diff --git a/wp-inst/wp-includes/kses.php b/wp-inst/wp-includes/kses.php index 4679bfb..b371c0f 100644 --- a/wp-inst/wp-includes/kses.php +++ b/wp-inst/wp-includes/kses.php @@ -21,6 +21,7 @@ if (!CUSTOM_TAGS) { $allowedposttags = array ( 'address' => array (), 'a' => array ( + 'class' => array (), 'href' => array (), 'title' => array (), 'rel' => array (), @@ -92,6 +93,18 @@ if (!CUSTOM_TAGS) { 'size' => array (), 'width' => array ()), 'i' => array (), + 'iframe' => array ( + 'longdesc' => array(), + 'name' => array(), + 'src' => array(), + 'frameborder' => array(), + 'marginwidth' => array(), + 'marginheight' => array(), + 'scroll' => array(), + 'scrolling' => array(), + 'align' => array(), + 'height' => array(), + 'width' => array ()), 'img' => array ( 'alt' => array (), 'align' => array (), @@ -252,6 +265,7 @@ function wp_kses_hook($string) # You add any kses hooks here. ############################################################################### { + $string = apply_filters('pre_kses', $string); return $string; } # function wp_kses_hook @@ -297,17 +311,21 @@ function wp_kses_split2($string, $allowed_html, $allowed_protocols) } # Allow HTML comments - if (!preg_match('%^<\s*(/\s*)?([a-zA-Z0-9]+)([^>]*)>?$%', $string, $matches)) + if (!preg_match('%^<\s*(/\s*)?([a-zA-Z0-9]+)([^>]*)>?$%', $string, $matches)) { + wp_kses_reject(__('Seriously malformed HTML removed')); return ''; # It's seriously malformed + } $slash = trim($matches[1]); $elem = $matches[2]; $attrlist = $matches[3]; - if (!@ is_array($allowed_html[strtolower($elem)])) + if (!@ is_array($allowed_html[strtolower($elem)])) { + wp_kses_reject(sprintf(__('Removed <code><%1$s%2$s></code> tag'), $slash, $elem)); return ''; # They are using a not allowed HTML element + } if ($slash != '') return "<$slash$elem>"; @@ -316,6 +334,43 @@ function wp_kses_split2($string, $allowed_html, $allowed_protocols) return wp_kses_attr("$slash$elem", $attrlist, $allowed_html, $allowed_protocols); } # function wp_kses_split2 +$kses_messages = array(); +function wp_kses_reject($message) { + global $kses_messages; +return; // Disabled + if ( count($kses_messages) == 0 ) + add_action('save_post', 'wp_kses_save_message'); + + $kses_messages[] = $message; + + return ''; +} + +function wp_kses_save_message($id) { + global $kses_messages; + + foreach ( $kses_messages as $text ) + $message .= "$text\n"; + + $kses_messages[] = ""; + + update_option('kses_message', $message); +} + +function wp_kses_show_message() { + $message = get_option('kses_message'); + + if ( empty($message) ) + return; + + echo "<div class='updated fade'>\n"; + echo nl2br($message); + echo "</div>\n"; + + update_option('kses_message', ''); +} + + function wp_kses_attr($element, $attr, $allowed_html, $allowed_protocols) ############################################################################### # This function removes all attributes, if none are allowed for this element. @@ -334,8 +389,11 @@ function wp_kses_attr($element, $attr, $allowed_html, $allowed_protocols) # Are any attributes allowed at all for this element? - if (@ count($allowed_html[strtolower($element)]) == 0) + if (@ count($allowed_html[strtolower($element)]) == 0) { + if ( ! empty($attr) ) + wp_kses_reject(sprintf(__('All attributes removed from <%s> tag'), $element)); return "<$element$xhtml_slash>"; + } # Split it @@ -347,12 +405,16 @@ function wp_kses_attr($element, $attr, $allowed_html, $allowed_protocols) $attr2 = ''; foreach ($attrarr as $arreach) { - if (!@ isset ($allowed_html[strtolower($element)][strtolower($arreach['name'])])) + if (!@ isset ($allowed_html[strtolower($element)][strtolower($arreach['name'])])) { + wp_kses_reject(sprintf(__('Attribute <code>%1$s</code> removed from <code><%2$s></code> tag'), $arreach['name'], $element)); continue; # the attribute is not allowed + } $current = $allowed_html[strtolower($element)][strtolower($arreach['name'])]; - if ($current == '') + if ($current == '') { + wp_kses_reject(sprintf(__('Attribute <code>%1$s</code> removed from <code><%2$s></code> tag'), $arreach['name'], $element)); continue; # the attribute is not allowed + } if (!is_array($current)) $attr2 .= ' '.$arreach['whole']; @@ -363,6 +425,7 @@ function wp_kses_attr($element, $attr, $allowed_html, $allowed_protocols) $ok = true; foreach ($current as $currkey => $currval) if (!wp_kses_check_attr_val($arreach['value'], $arreach['vless'], $currkey, $currval)) { + wp_kses_reject(sprintf(__('Attribute <code>%1$s</code> removed from <code><%2$s></code> tag due to illegal value'), $arreach['name'], $element)); $ok = false; break; } @@ -717,6 +780,7 @@ function kses_init_filters() { add_filter('pre_comment_content', 'wp_filter_kses'); add_filter('content_save_pre', 'wp_filter_post_kses'); add_filter('title_save_pre', 'wp_filter_kses'); + add_action('admin_notices', 'wp_kses_show_message'); } function wp_filter_post_display_kses($data) { global $allowedposttags; diff --git a/wp-inst/wp-includes/links.php b/wp-inst/wp-includes/links.php index 6a61849..861801f 100644 --- a/wp-inst/wp-includes/links.php +++ b/wp-inst/wp-includes/links.php @@ -196,7 +196,13 @@ function get_links($category = -1, /* The next 2 lines implement LIMIT TO processing */ if ($limit != -1) $sql .= " LIMIT $limit"; - $results = $wpdb->get_results($sql); + $cached_results = wp_cache_get( md5( $sql ), 'general'); + if ( is_array( $cached_results ) == false || ( is_array( $cached_results ) == true && ( get_option( 'links_last_updated' ) != false && $cached_results[ 'time' ] < get_option( 'links_last_updated' ) ) ) ) { + $results = $wpdb->get_results($sql); + wp_cache_set( md5( $sql ), array( 'results' => $results, 'time' => time() ), 'general', 360 ); + } else { + $results = $cached_results[ 'results' ]; + } if (!$results) { return; } @@ -526,7 +532,8 @@ function get_links_list($order = 'name', $hide_if_empty = 'obsolete') { if (!isset($direction)) $direction = ''; // Fetch the link category data as an array of hashesa - $cats = $wpdb->get_results(" + + $q = " SELECT DISTINCT link_category, cat_name, show_images, show_description, show_rating, show_updated, sort_order, sort_desc, list_limit @@ -534,7 +541,15 @@ function get_links_list($order = 'name', $hide_if_empty = 'obsolete') { LEFT JOIN `$wpdb->linkcategories` ON (link_category = cat_id) WHERE link_visible = 'Y' AND list_limit <> 0 - ORDER BY $cat_order $direction ", ARRAY_A); + ORDER BY $cat_order $direction "; + + $cached_results = wp_cache_get( md5( $q ), 'general'); + if ( is_array( $cached_results ) == false || ( is_array( $cached_results ) == true && ( get_option( 'links_last_updated' ) != false && $cached_results[ 'time' ] < get_option( 'links_last_updated' ) ) ) ) { + $cats = $wpdb->get_results($q, ARRAY_A); + wp_cache_set( md5( $q ), array( 'results' => $cats, 'time' => time() ), 'general', 360 ); + } else { + $cats = $cached_results[ 'results' ]; + } // Display each category if ($cats) { diff --git a/wp-inst/wp-includes/pluggable-functions.php b/wp-inst/wp-includes/pluggable-functions.php index 0795b05..5100bed 100644 --- a/wp-inst/wp-includes/pluggable-functions.php +++ b/wp-inst/wp-includes/pluggable-functions.php @@ -338,6 +338,7 @@ function wp_notify_postauthor($comment_id, $comment_type='') { } $notify_message .= get_permalink($comment->comment_post_ID) . "#comments\r\n\r\n"; $notify_message .= sprintf( __('To delete this comment, visit: %s'), get_settings('siteurl').'/wp-admin/post.php?action=confirmdeletecomment&p='.$comment->comment_post_ID."&comment=$comment_id" ) . "\r\n"; + $notify_message .= sprintf( __('To mark this comment as spam, visit: %s'), get_settings('siteurl').'/wp-admin/post.php?action=confirmdeletecomment&delete_type=spam&p='.$comment->comment_post_ID."&comment=$comment_id" ) . "\r\n"; $admin_email = get_settings('admin_email'); @@ -395,6 +396,7 @@ function wp_notify_moderator($comment_id) { $notify_message .= __('Comment: ') . "\r\n" . $comment->comment_content . "\r\n\r\n"; $notify_message .= sprintf( __('To approve this comment, visit: %s'), get_settings('siteurl').'/wp-admin/post.php?action=mailapprovecomment&p='.$comment->comment_post_ID."&comment=$comment_id" ) . "\r\n"; $notify_message .= sprintf( __('To delete this comment, visit: %s'), get_settings('siteurl').'/wp-admin/post.php?action=confirmdeletecomment&p='.$comment->comment_post_ID."&comment=$comment_id" ) . "\r\n"; + $notify_message .= sprintf( __('To mark this comment as spam, visit: %s'), get_settings('siteurl').'/wp-admin/post.php?action=confirmdeletecomment&delete_type=spam&p='.$comment->comment_post_ID."&comment=$comment_id" ) . "\r\n"; $notify_message .= sprintf( __('Currently %s comments are waiting for approval. Please visit the moderation panel:'), $comments_waiting ) . "\r\n"; $notify_message .= get_settings('siteurl') . "/wp-admin/moderation.php\r\n"; diff --git a/wp-inst/wp-includes/template-functions-category.php b/wp-inst/wp-includes/template-functions-category.php index 679972c..001066e 100644 --- a/wp-inst/wp-includes/template-functions-category.php +++ b/wp-inst/wp-includes/template-functions-category.php @@ -301,10 +301,18 @@ function list_cats($optionall = 1, $all = 'All', $sort_column = 'ID', $sort_orde WHERE cat_ID > 0 $exclusions ORDER BY $sort_column $sort_order"; - $categories = wp_cache_get( md5( $query), 'general'); + $cached_results = wp_cache_get( md5( $query ), 'general'); + if ( is_array( $cached_results ) == false || ( is_array( $cached_results ) == true && ( get_option( 'categories_last_updated' ) != false && $cached_results[ 'time' ] < get_option( 'categories_last_updated' ) ) ) ) { + $categories = $wpdb->get_results($query); + wp_cache_set( md5( $query ), array( 'results' => $categories, 'time' => time() ), 'general', 360 ); + } else { + $categories = $cached_results[ 'results' ]; + } + $cached_results = wp_cache_get( md5( $query), 'general'); + $categories = $cached_results[ 'results' ]; if ( !$categories ) { $categories = $wpdb->get_results($query); - wp_cache_set( md5($query), $categories, 'general', 360); + wp_cache_set( md5( $query ), array( 'results' => $categories, 'time' => time() ), 'general', 360); } } diff --git a/wp-inst/wp-includes/template-functions-post.php b/wp-inst/wp-includes/template-functions-post.php index bd0bcce..1ccfa76 100644 --- a/wp-inst/wp-includes/template-functions-post.php +++ b/wp-inst/wp-includes/template-functions-post.php @@ -318,9 +318,12 @@ function &get_pages($args = '') { "$exclusions " . "ORDER BY " . $r['sort_column'] . " " . $r['sort_order']; - if ( !$pages = wp_cache_get( md5( $q ), 'general') ) { + $cached_pages = wp_cache_get( md5( $q ), 'general'); + if ( is_array( $cached_pages ) == false || ( is_array( $cached_pages ) == true && ( get_option( 'pages_last_updated' ) != false && $cached_pages[ 'time' ] < get_option( 'pages_last_updated' ) ) ) ) { $pages = $wpdb->get_results($q); - wp_cache_set( md5( $q ), $pages, 'general', 180); + wp_cache_set( md5( $q ), array( 'pages' => $pages, 'time' => time() ), 'general', 600 ); + } else { + $pages = $cached_pages[ 'pages' ]; } if ( empty($pages) ) diff --git a/wp-inst/wp-includes/version.php b/wp-inst/wp-includes/version.php index 47d8d36..848e82f 100644 --- a/wp-inst/wp-includes/version.php +++ b/wp-inst/wp-includes/version.php @@ -3,6 +3,6 @@ // This just holds the version number, in a separate file so we can bump it without cluttering the SVN $wp_version = 'MU'; // Let's just avoid confusion -$wp_db_version = 3514; +$wp_db_version = 3533; ?> diff --git a/wp-inst/wp-includes/wpmu-functions.php b/wp-inst/wp-includes/wpmu-functions.php index 958767e..64aa404 100644 --- a/wp-inst/wp-includes/wpmu-functions.php +++ b/wp-inst/wp-includes/wpmu-functions.php @@ -268,7 +268,7 @@ SITE_NAME" ) ); $first_post = stripslashes( $first_post ); $wpdb->query("INSERT INTO $wpdb->posts (post_author, post_date, post_date_gmt, post_content, post_title, post_category, post_name, post_modified, post_modified_gmt, comment_count) VALUES ('".$userID."', '$now', '$now_gmt', '".addslashes($first_post)."', '".addslashes(__('Hello world!'))."', '0', '".addslashes(__('hello-world'))."', '$now', '$now_gmt', '1')"); - $wpdb->query("INSERT INTO $wpdb->posts (post_author, post_date, post_date_gmt, post_content, post_title, post_category, post_name, post_modified, post_modified_gmt, post_status) VALUES ('".$userID."', '$now', '$now_gmt', '".addslashes(__('This is an example of a WordPress page, you could edit this to put information about yourself or your site so readers know where you are coming from. You can create as many pages like this one or sub-pages as you like and manage all of your content inside of WordPress.'))."', '".addslashes(__('About'))."', '0', '".addslashes(__('about'))."', '$now', '$now_gmt', 'static')"); + $wpdb->query("INSERT INTO $wpdb->posts (post_author, post_date, post_date_gmt, post_content, post_excerpt, post_title, post_category, post_name, post_modified, post_modified_gmt, post_status, post_type, to_ping, pinged, post_content_filtered) VALUES ('$userID', '$now', '$now_gmt', '".$wpdb->escape(__('This is an example of a WordPress page, you could edit this to put information about yourself or your site so readers know where you are coming from. You can create as many pages like this one or sub-pages as you like and manage all of your content inside of WordPress.'))."', '', '".$wpdb->escape(__('About'))."', '0', '".$wpdb->escape(__('about'))."', '$now', '$now_gmt', 'publish', 'page', '', '', '')"); $wpdb->query( "INSERT INTO $wpdb->post2cat (`rel_id`, `post_id`, `category_id`) VALUES (1, 1, 1)" ); $wpdb->query( "INSERT INTO $wpdb->post2cat (`rel_id`, `post_id`, `category_id`) VALUES (2, 2, 1)" ); @@ -685,6 +685,14 @@ function update_blog_status( $id, $pref, $value ) { $wpdb->query( "UPDATE {$wpdb->blogs} SET last_updated = NOW() WHERE blog_id = '$id'" ); refresh_blog_details( $id ); + if( $pref == 'spam' ) { + if( $value == 1 ) { + do_action( "make_spam_blog", $id ); + } else { + do_action( "make_ham_blog", $id ); + } + } + return $value; } @@ -779,7 +787,7 @@ function get_blog_list( $start = 0, $num = 10, $display = true ) { unset( $blogs[ $key ] ); $blog_list[ $details[ 'blog_id' ] ] = $details; - $blog_list[ $details[ 'blog_id' ] ][ 'postcount' ] = $wpdb->get_var( "SELECT count(*) FROM " . $wpmuBaseTablePrefix . $details[ 'blog_id' ] . "_posts WHERE post_status='publish'" ); + $blog_list[ $details[ 'blog_id' ] ][ 'postcount' ] = $wpdb->get_var( "SELECT count(*) FROM " . $wpmuBaseTablePrefix . $details[ 'blog_id' ] . "_posts WHERE post_status='publish' AND post_type='post'" ); } unset( $blogs ); $blogs = $blog_list; @@ -886,9 +894,21 @@ function wpmu_admin_do_redirect( $url = '' ) { header( "Location: {$url}?updated=true&action=blogs&s=". wp_specialchars( substr( $_GET[ 'redirect' ], 2 ) ) ); die(); } + } elseif( isset( $_POST[ 'redirect' ] ) ) { + $url = $_POST[ 'redirect' ]; + if( strpos( $url, 'updated=true' ) === false ) { + if( strpos( $url, '?' ) === true ) { + $url .= '&updated=true'; + } else { + $url .= '?updated=true'; + } + } + header( "Location: {$url}" ); + die(); + } else { + header( "Location: {$url}?updated=true" ); + die(); } - header( "Location: {$url}?updated=true" ); - die(); } function wpmu_admin_redirect_url() { |