diff options
| author | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2007-03-19 13:04:29 +0000 |
|---|---|---|
| committer | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2007-03-19 13:04:29 +0000 |
| commit | e08e3e006e1482c91ed76b24291f47f872f913ff (patch) | |
| tree | eb2ddf9b5b8eb5a46e412ded50090a1ef54143ee | |
| parent | 98190363e52787ef578afddbdd8d927ab703b286 (diff) | |
| download | wordpress-mu-e08e3e006e1482c91ed76b24291f47f872f913ff.tar.gz wordpress-mu-e08e3e006e1482c91ed76b24291f47f872f913ff.tar.xz wordpress-mu-e08e3e006e1482c91ed76b24291f47f872f913ff.zip | |
WP Merge to rev 5061
git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@920 7be80a69-a1ef-0310-a953-fb0f7c49ff36
30 files changed, 91 insertions, 64 deletions
diff --git a/wp-admin/admin-functions.php b/wp-admin/admin-functions.php index a7b0428..1ed1cf3 100644 --- a/wp-admin/admin-functions.php +++ b/wp-admin/admin-functions.php @@ -370,7 +370,7 @@ function get_default_post_to_edit() { else if ( !empty( $post_title ) ) { $text = wp_specialchars( stripslashes( urldecode( $_REQUEST['text'] ) ) ); $text = funky_javascript_fix( $text); - $popupurl = attribute_escape($_REQUEST['popupurl']); + $popupurl = clean_url($_REQUEST['popupurl']); $post_content = '<a href="'.$popupurl.'">'.$post_title.'</a>'."\n$text"; } @@ -429,7 +429,7 @@ function get_user_to_edit( $user_id ) { $user = new WP_User( $user_id ); $user->user_login = attribute_escape($user->user_login); $user->user_email = attribute_escape($user->user_email); - $user->user_url = attribute_escape($user->user_url); + $user->user_url = clean_url($user->user_url); $user->first_name = attribute_escape($user->first_name); $user->last_name = attribute_escape($user->last_name); $user->display_name = attribute_escape($user->display_name); @@ -574,11 +574,11 @@ function edit_user( $user_id = 0 ) { function get_link_to_edit( $link_id ) { $link = get_link( $link_id ); - $link->link_url = attribute_escape($link->link_url); + $link->link_url = clean_url($link->link_url); $link->link_name = attribute_escape($link->link_name); $link->link_image = attribute_escape($link->link_image); $link->link_description = attribute_escape($link->link_description); - $link->link_rss = attribute_escape($link->link_rss); + $link->link_rss = clean_url($link->link_rss); $link->link_rel = attribute_escape($link->link_rel); $link->link_notes = wp_specialchars($link->link_notes); $link->post_category = $link->link_category; @@ -588,7 +588,7 @@ function get_link_to_edit( $link_id ) { function get_default_link_to_edit() { if ( isset( $_GET['linkurl'] ) ) - $link->link_url = attribute_escape( $_GET['linkurl']); + $link->link_url = clean_url( $_GET['linkurl']); else $link->link_url = ''; @@ -807,7 +807,7 @@ function _cat_row( $category, $level, $name_override = false ) { $default_link_cat_id = get_option( 'default_link_category' ); if ( ($category->cat_ID != $default_cat_id ) && ($category->cat_ID != $default_link_cat_id ) ) - $edit .= "<td><a href='" . wp_nonce_url( "categories.php?action=delete&cat_ID=$category->cat_ID", 'delete-category_' . $category->cat_ID ) . "' onclick=\"return deleteSomething( 'cat', $category->cat_ID, '" . js_escape(sprintf( __("You are about to delete the category '%s'.\nAll of its posts will go into the default category of '%s'\nAll of its bookmarks will go into the default category of '%s'.\n'OK' to delete, 'Cancel' to stop." ), $category->cat_name, get_catname( $default_cat_id ), get_catname( $default_link_cat_id ) )) . "' );\" class='delete'>".__( 'Delete' )."</a>"; + $edit .= "<td><a href='" . wp_nonce_url( "categories.php?action=delete&cat_ID=$category->cat_ID", 'delete-category_' . $category->cat_ID ) . "' onclick=\"return deleteSomething( 'cat', $category->cat_ID, '" . js_escape(sprintf( __("You are about to delete the category '%s'.\nAll posts that were only assigned to this category will be assigned to the '%s' category.\nAll links that were only assigned to this category will be assigned to the '%s' category.\n'OK' to delete, 'Cancel' to stop." ), $category->cat_name, get_catname( $default_cat_id ), get_catname( $default_link_cat_id ) )) . "' );\" class='delete'>".__( 'Delete' )."</a>"; else $edit .= "<td style='text-align:center'>".__( "Default" ); } else @@ -891,7 +891,7 @@ function user_row( $user_object, $style = '' ) { } $r .= "</td>\n\t\t<td>"; if ( ( is_site_admin() || $current_user->ID == $user_object->ID ) && current_user_can( 'edit_user', $user_object->ID ) ) { - $edit_link = attribute_escape( add_query_arg( 'wp_http_referer', urlencode( stripslashes( $_SERVER['REQUEST_URI'] ) ), "user-edit.php?user_id=$user_object->ID" )); + $edit_link = clean_url( add_query_arg( 'wp_http_referer', urlencode( stripslashes( $_SERVER['REQUEST_URI'] ) ), "user-edit.php?user_id=$user_object->ID" )); $r .= "<a href='$edit_link' class='edit'>".__( 'Edit' )."</a>"; } $r .= "</td>\n\t</tr>"; @@ -2100,7 +2100,9 @@ function wp_crop_image( $src_file, $src_x, $src_y, $src_w, $src_h, $dst_w, $dst_ $src_h -= $src_y; } - imageantialias( $dst, true ); + if (function_exists('imageantialias')) + imageantialias( $dst, true ); + imagecopyresampled( $dst, $src, 0, 0, $src_x, $src_y, $dst_w, $dst_h, $src_w, $src_h ); if ( !$dst_file ) diff --git a/wp-admin/admin-header.php b/wp-admin/admin-header.php index 34f6d7d..9f6402b 100644 --- a/wp-admin/admin-header.php +++ b/wp-admin/admin-header.php @@ -2,7 +2,7 @@ @header('Content-type: ' . get_option('html_type') . '; charset=' . get_option('blog_charset')); if (!isset($_GET["page"])) require_once('admin.php'); if ( $editing ) { - wp_enqueue_script( array("dbx-admin-key?pagenow=$pagenow",'admin-custom-fields') ); + wp_enqueue_script( array('dbx-admin-key?pagenow=' . attribute_escape($pagenow),'admin-custom-fields') ); if ( current_user_can('manage_categories') ) wp_enqueue_script( 'ajaxcat' ); if ( user_can_richedit() ) diff --git a/wp-admin/bookmarklet.php b/wp-admin/bookmarklet.php index cd2b542..e84b5d9 100644 --- a/wp-admin/bookmarklet.php +++ b/wp-admin/bookmarklet.php @@ -37,7 +37,7 @@ else $content = wp_specialchars($_REQUEST['content']); -$popupurl = attribute_escape($_REQUEST['popupurl']); +$popupurl = clean_url($_REQUEST['popupurl']); if ( !empty($content) ) { $post->post_content = wp_specialchars( stripslashes($_REQUEST['content']) ); } else { diff --git a/wp-admin/categories.php b/wp-admin/categories.php index 08e80c3..5e77e0f 100644 --- a/wp-admin/categories.php +++ b/wp-admin/categories.php @@ -114,7 +114,7 @@ cat_rows(); <?php if ( current_user_can('manage_categories') ) : ?> <div class="wrap"> -<p><?php printf(__('<strong>Note:</strong><br />Deleting a category does not delete the posts and links in that category. Instead, posts in the deleted category are set to the category <strong>%s</strong> and links are set to <strong>%s</strong>.'), apply_filters('the_category', get_catname(get_option('default_category'))), apply_filters('the_category', get_catname(get_option('default_link_category')))) ?></p> +<p><?php printf(__('<strong>Note:</strong><br />Deleting a category does not delete the posts and links in that category. Instead, posts that were only assigned to the deleted category are set to the category <strong>%s</strong> and links that were only assigned to the deleted category are set to <strong>%s</strong>.'), apply_filters('the_category', get_catname(get_option('default_category'))), apply_filters('the_category', get_catname(get_option('default_link_category')))) ?></p> </div> <?php include('edit-category-form.php'); ?> diff --git a/wp-admin/edit-comments.php b/wp-admin/edit-comments.php index d3de2c5..9307b90 100644 --- a/wp-admin/edit-comments.php +++ b/wp-admin/edit-comments.php @@ -101,7 +101,7 @@ $total_pages = ceil( $total / 20 ); $r = ''; if ( 1 < $page ) { $args['apage'] = ( 1 == $page - 1 ) ? FALSE : $page - 1; - $r .= '<a class="prev" href="' . attribute_escape(add_query_arg( $args )) . '">« '. __('Previous Page') .'</a>' . "\n"; + $r .= '<a class="prev" href="' . clean_url(add_query_arg( $args )) . '">« '. __('Previous Page') .'</a>' . "\n"; } if ( ( $total_pages = ceil( $total / 20 ) ) > 1 ) { for ( $page_num = 1; $page_num <= $total_pages; $page_num++ ) : @@ -111,7 +111,7 @@ if ( ( $total_pages = ceil( $total / 20 ) ) > 1 ) { $p = false; if ( $page_num < 3 || ( $page_num >= $page - 3 && $page_num <= $page + 3 ) || $page_num > $total_pages - 3 ) : $args['apage'] = ( 1 == $page_num ) ? FALSE : $page_num; - $r .= '<a class="page-numbers" href="' . attribute_escape(add_query_arg($args)) . '">' . ( $page_num ) . "</a>\n"; + $r .= '<a class="page-numbers" href="' . clean_url(add_query_arg($args)) . '">' . ( $page_num ) . "</a>\n"; $in = true; elseif ( $in == true ) : $r .= "...\n"; @@ -122,7 +122,7 @@ if ( ( $total_pages = ceil( $total / 20 ) ) > 1 ) { } if ( ( $page ) * 20 < $total || -1 == $total ) { $args['apage'] = $page + 1; - $r .= '<a class="next" href="' . attribute_escape(add_query_arg($args)) . '">'. __('Next Page') .' »</a>' . "\n"; + $r .= '<a class="next" href="' . clean_url(add_query_arg($args)) . '">'. __('Next Page') .' »</a>' . "\n"; } echo "<p class='pagenav'>$r</p>"; ?> @@ -248,7 +248,7 @@ $total_pages = ceil( $total / 20 ); $r = ''; if ( 1 < $page ) { $args['apage'] = ( 1 == $page - 1 ) ? FALSE : $page - 1; - $r .= '<a class="prev" href="' . attribute_escape(add_query_arg( $args )) . '">« '. __('Previous Page') .'</a>' . "\n"; + $r .= '<a class="prev" href="' . clean_url(add_query_arg( $args )) . '">« '. __('Previous Page') .'</a>' . "\n"; } if ( ( $total_pages = ceil( $total / 20 ) ) > 1 ) { for ( $page_num = 1; $page_num <= $total_pages; $page_num++ ) : @@ -258,7 +258,7 @@ if ( ( $total_pages = ceil( $total / 20 ) ) > 1 ) { $p = false; if ( $page_num < 3 || ( $page_num >= $page - 3 && $page_num <= $page + 3 ) || $page_num > $total_pages - 3 ) : $args['apage'] = ( 1 == $page_num ) ? FALSE : $page_num; - $r .= '<a class="page-numbers" href="' . attribute_escape(add_query_arg($args)) . '">' . ( $page_num ) . "</a>\n"; + $r .= '<a class="page-numbers" href="' . clean_url(add_query_arg($args)) . '">' . ( $page_num ) . "</a>\n"; $in = true; elseif ( $in == true ) : $r .= "...\n"; @@ -269,7 +269,7 @@ if ( ( $total_pages = ceil( $total / 20 ) ) > 1 ) { } if ( ( $page ) * 20 < $total || -1 == $total ) { $args['apage'] = $page + 1; - $r .= '<a class="next" href="' . attribute_escape(add_query_arg($args)) . '">'. __('Next Page') .' »</a>' . "\n"; + $r .= '<a class="next" href="' . clean_url(add_query_arg($args)) . '">'. __('Next Page') .' »</a>' . "\n"; } echo "<p class='pagenav'>$r</p>"; ?> diff --git a/wp-admin/edit-form-advanced.php b/wp-admin/edit-form-advanced.php index 520bfbd..cdf467a 100644 --- a/wp-admin/edit-form-advanced.php +++ b/wp-admin/edit-form-advanced.php @@ -168,11 +168,11 @@ if ('publish' != $post->post_status || 0 == $post_ID) { ?> <input name="referredby" type="hidden" id="referredby" value="<?php if ( !empty($_REQUEST['popupurl']) ) - echo attribute_escape(stripslashes($_REQUEST['popupurl'])); + echo clean_url(stripslashes($_REQUEST['popupurl'])); else if ( url_to_postid(wp_get_referer()) == $post_ID ) echo 'redo'; else - echo attribute_escape(stripslashes(wp_get_referer())); + echo clean_url(stripslashes(wp_get_referer())); ?>" /></p> <?php do_action('edit_form_advanced'); ?> diff --git a/wp-admin/edit-page-form.php b/wp-admin/edit-page-form.php index 78e9588..f55f733 100644 --- a/wp-admin/edit-page-form.php +++ b/wp-admin/edit-page-form.php @@ -13,7 +13,7 @@ if (0 == $post_ID) { $form_extra = "<input type='hidden' id='post_ID' name='post_ID' value='$post_ID' />"; } -$sendto = attribute_escape(stripslashes(wp_get_referer())); +$sendto = clean_url(stripslashes(wp_get_referer())); if ( 0 != $post_ID && $sendto == get_permalink($post_ID) ) $sendto = 'redo'; diff --git a/wp-admin/import/b2.php b/wp-admin/import/b2.php deleted file mode 100644 index e69de29..0000000 --- a/wp-admin/import/b2.php +++ /dev/null diff --git a/wp-admin/import/blogger.php b/wp-admin/import/blogger.php index 1890c16..4614bf6 100644 --- a/wp-admin/import/blogger.php +++ b/wp-admin/import/blogger.php @@ -84,7 +84,7 @@ class Blogger_Import { if ( empty($this->blogs) ) {
$headers = array(
"GET /feeds/default/blogs HTTP/1.0",
- "Host: www.blogger.com",
+ "Host: www2.blogger.com",
"Authorization: AuthSub token=\"$this->token\""
);
$request = join( "\r\n", $headers ) . "\r\n\r\n";
@@ -547,7 +547,9 @@ class Blogger_Import { }
$comment_post_ID = $this->blogs[$importing_blog]['posts'][$entry->old_post_permalink];
- $comment_author = addslashes( $this->no_apos( strip_tags( $entry->author ) ) );
+ preg_match('#<name>(.+?)</name>.*(?:\<uri>(.+?)</uri>)?#', $entry->author, $matches);
+ $comment_author = addslashes( $this->no_apos( strip_tags( (string) $matches[1] ) ) );
+ $comment_author_url = addslashes( $this->no_apos( strip_tags( (string) $matches[2] ) ) );
$comment_date = $this->convert_date( $entry->updated );
$comment_content = addslashes( $this->no_apos( html_entity_decode( $entry->content ) ) );
@@ -563,7 +565,7 @@ class Blogger_Import { ) {
++$this->blogs[$importing_blog]['comments_skipped'];
} else {
- $comment = compact('comment_post_ID', 'comment_author', 'comment_date', 'comment_content');
+ $comment = compact('comment_post_ID', 'comment_author', 'comment_author_url', 'comment_date', 'comment_content');
$comment_id = wp_insert_comment($comment);
@@ -672,7 +674,7 @@ class Blogger_Import { return $sock;
}
- function _get_blogger_sock($host = 'www.blogger.com') {
+ function _get_blogger_sock($host = 'www2.blogger.com') {
if ( !$sock = @ fsockopen($host, 80, $errno, $errstr) ) {
$this->uh_oh(
sprintf( __('Could not connect to %s'), $host ),
diff --git a/wp-admin/link-manager.php b/wp-admin/link-manager.php index 8b0a4ee..54ae4f9 100644 --- a/wp-admin/link-manager.php +++ b/wp-admin/link-manager.php @@ -133,7 +133,7 @@ if ( $links ) { foreach ($links as $link) { $link->link_name = attribute_escape(apply_filters('link_title', $link->link_name)); $link->link_description = wp_specialchars(apply_filters('link_description', $link->link_description)); - $link->link_url = attribute_escape($link->link_url); + $link->link_url = clean_url($link->link_url); $link->link_category = wp_get_link_cats($link->link_id); $short_url = str_replace('http://', '', $link->link_url); $short_url = str_replace('www.', '', $short_url); diff --git a/wp-admin/options-head.php b/wp-admin/options-head.php index 8d097f4..da1784f 100644 --- a/wp-admin/options-head.php +++ b/wp-admin/options-head.php @@ -1,7 +1,5 @@ <?php wp_reset_vars(array('action', 'standalone', 'option_group_id')); ?> -<br clear="all" /> - <?php if (isset($_GET['updated'])) : ?> <div id="message" class="updated fade"><p><strong><?php _e('Options saved.') ?></strong></p></div> <?php endif; ?> diff --git a/wp-admin/page.php b/wp-admin/page.php index 4a29c37..4ef74e9 100644 --- a/wp-admin/page.php +++ b/wp-admin/page.php @@ -65,7 +65,7 @@ case 'edit': ?> <div id='preview' class='wrap'> <h2 id="preview-post"><?php _e('Page Preview (updated when page is saved)'); ?></h2> - <iframe src="<?php echo attribute_escape(apply_filters('preview_page_link', add_query_arg('preview', 'true', get_permalink($post->ID)))); ?>" width="100%" height="600" ></iframe> + <iframe src="<?php echo clean_url(apply_filters('preview_page_link', add_query_arg('preview', 'true', get_permalink($post->ID)))); ?>" width="100%" height="600" ></iframe> </div> <?php break; diff --git a/wp-admin/post.php b/wp-admin/post.php index b191661..b67f6bc 100644 --- a/wp-admin/post.php +++ b/wp-admin/post.php @@ -69,7 +69,7 @@ case 'edit': ?> <div id='preview' class='wrap'> <h2 id="preview-post"><?php _e('Post Preview (updated when post is saved)'); ?></h2> - <iframe src="<?php echo attribute_escape(apply_filters('preview_post_link', add_query_arg('preview', 'true', get_permalink($post->ID)))); ?>" width="100%" height="600" ></iframe> + <iframe src="<?php echo clean_url(apply_filters('preview_post_link', add_query_arg('preview', 'true', get_permalink($post->ID)))); ?>" width="100%" height="600" ></iframe> </div> <?php break; diff --git a/wp-admin/upgrade.php b/wp-admin/upgrade.php index 7cd81be..b08ffba 100644 --- a/wp-admin/upgrade.php +++ b/wp-admin/upgrade.php @@ -35,7 +35,7 @@ else <?php else : switch($step) : case 0: - $goback = attribute_escape(stripslashes(wp_get_referer())); + $goback = clean_url(stripslashes(wp_get_referer())); ?> <h2><?php _e('Database Upgrade Required'); ?></h2> <p><?php _e('Your WordPress database is out-of-date, and must be upgraded before you can continue.'); ?></p> @@ -49,7 +49,7 @@ switch($step) : if ( empty( $_GET['backto'] ) ) $backto = __get_option('home') . '/'; else - $backto = attribute_escape(stripslashes($_GET['backto'])); + $backto = clean_url(stripslashes($_GET['backto'])); if( $wpdb->get_row( "SELECT blog_id FROM wp_blog_versions WHERE blog_id = '{$wpdb->blogid}'" ) ) { $wpdb->query( "UPDATE wp_blog_versions SET db_version = '{$wp_db_version}' WHERE blog_id = '{$wpdb->blogid}'" ); } else { diff --git a/wp-admin/upload-functions.php b/wp-admin/upload-functions.php index 1f79fb7..45fece4 100644 --- a/wp-admin/upload-functions.php +++ b/wp-admin/upload-functions.php @@ -83,9 +83,9 @@ function wp_upload_view() { echo '[ '; echo '<a href="' . get_permalink() . '">' . __('view') . '</a>'; echo ' | '; - echo '<a href="' . attribute_escape(add_query_arg('action', 'edit')) . '" title="' . __('Edit this file') . '">' . __('edit') . '</a>'; + echo '<a href="' . clean_url(add_query_arg('action', 'edit')) . '" title="' . __('Edit this file') . '">' . __('edit') . '</a>'; echo ' | '; - echo '<a href="' . attribute_escape(remove_query_arg(array('action', 'ID'))) . '" title="' . __('Browse your files') . '">' . __('cancel') . '</a>'; + echo '<a href="' . clean_url(remove_query_arg(array('action', 'ID'))) . '" title="' . __('Browse your files') . '">' . __('cancel') . '</a>'; echo ' ]'; ?></span> </div> @@ -123,9 +123,9 @@ function wp_upload_form() { echo '[ '; echo '<a href="' . get_permalink() . '">' . __('view') . '</a>'; echo ' | '; - echo '<a href="' . attribute_escape(add_query_arg('action', 'view')) . '">' . __('links') . '</a>'; + echo '<a href="' . clean_url(add_query_arg('action', 'view')) . '">' . __('links') . '</a>'; echo ' | '; - echo '<a href="' . attribute_escape(remove_query_arg(array('action','ID'))) . '" title="' . __('Browse your files') . '">' . __('cancel') . '</a>'; + echo '<a href="' . clean_url(remove_query_arg(array('action','ID'))) . '" title="' . __('Browse your files') . '">' . __('cancel') . '</a>'; echo ' ]'; ?></span> </div> diff --git a/wp-admin/upload.php b/wp-admin/upload.php index f592edb..562272c 100644 --- a/wp-admin/upload.php +++ b/wp-admin/upload.php @@ -90,7 +90,7 @@ foreach ( $wp_upload_tabs as $t => $tab_array ) { // We've already done the curr $href = add_query_arg( array('tab' => $t, 'ID' => '', 'action' => '', 'paged' => '') ); if ( isset($tab_array[4]) && is_array($tab_array[4]) ) add_query_arg( $tab_array[4], $href ); - $_href = attribute_escape( $href); + $_href = clean_url( $href); $page_links = ''; $class = 'upload-tab alignleft'; if ( $tab == $t ) { diff --git a/wp-admin/user-edit.php b/wp-admin/user-edit.php index 41fa9da..6feba01 100644 --- a/wp-admin/user-edit.php +++ b/wp-admin/user-edit.php @@ -61,7 +61,7 @@ include ('admin-header.php'); <div id="message" class="updated fade"> <p><strong><?php _e('User updated.') ?></strong></p> <?php if ( $wp_http_referer ) : ?> - <p><a href="<?php echo attribute_escape($wp_http_referer); ?>"><?php _e('« Back to Authors and Users'); ?></a></p> + <p><a href="<?php echo clean_url($wp_http_referer); ?>"><?php _e('« Back to Authors and Users'); ?></a></p> <?php endif; ?> </div> <?php endif; ?> diff --git a/wp-comments-post.php b/wp-comments-post.php index 26b476b..5988fd5 100644 --- a/wp-comments-post.php +++ b/wp-comments-post.php @@ -25,14 +25,20 @@ $comment_content = trim($_POST['comment']); // If the user is logged in $user = wp_get_current_user(); -if ( $user->ID ) : +if ( $user->ID ) { $comment_author = $wpdb->escape($user->display_name); $comment_author_email = $wpdb->escape($user->user_email); $comment_author_url = $wpdb->escape($user->user_url); -else : + if ( current_user_can('unfiltered_html') ) { + if ( wp_create_nonce('unfiltered-html-comment_' . $comment_post_ID) != $_POST['_wp_unfiltered_html_comment'] ) { + kses_remove_filters(); // start with a clean slate + kses_init_filters(); // set up the filters + } + } +} else { if ( get_option('comment_registration') ) wp_die( __('Sorry, you must be logged in to post a comment.') ); -endif; +} $comment_type = ''; diff --git a/wp-includes/bookmark-template.php b/wp-includes/bookmark-template.php index 65e38aa..4249f7f 100644 --- a/wp-includes/bookmark-template.php +++ b/wp-includes/bookmark-template.php @@ -96,7 +96,7 @@ function get_links($category = -1, $output .= get_option('links_recently_updated_prepend'); $the_link = '#'; if ( !empty($row->link_url) ) - $the_link = wp_specialchars($row->link_url); + $the_link = clean_url($row->link_url); $rel = $row->link_rel; if ( '' != $rel ) $rel = ' rel="' . $rel . '"'; @@ -260,7 +260,7 @@ function _walk_bookmarks($bookmarks, $args = '' ) { $the_link = '#'; if ( !empty($bookmark->link_url) ) - $the_link = wp_specialchars($bookmark->link_url); + $the_link = clean_url($bookmark->link_url); $rel = $bookmark->link_rel; if ( '' != $rel ) diff --git a/wp-includes/classes.php b/wp-includes/classes.php index dd387d3..6bdfb2e 100644 --- a/wp-includes/classes.php +++ b/wp-includes/classes.php @@ -149,7 +149,7 @@ class WP { elseif (!empty($perma_query_vars[$wpvar])) $this->query_vars[$wpvar] = $perma_query_vars[$wpvar]; - if( empty( $this->query_vars[$wpvar] ) == false ) + if ( !empty( $this->query_vars[$wpvar] ) ) $this->query_vars[$wpvar] = (string) $this->query_vars[$wpvar]; } diff --git a/wp-includes/comment-template.php b/wp-includes/comment-template.php index ba7c0cb..6ab6bc3 100644 --- a/wp-includes/comment-template.php +++ b/wp-includes/comment-template.php @@ -271,6 +271,12 @@ function pings_open() { return false; } +function wp_comment_form_unfiltered_html_nonce() { + global $post; + if ( current_user_can('unfiltered_html') ) + wp_nonce_field('unfiltered-html-comment_' . $post->ID, '_wp_unfiltered_html_comment', false); +} + function comments_template( $file = '/comments.php' ) { global $wp_query, $withcomments, $post, $wpdb, $id, $comment, $user_login, $user_ID, $user_identity; diff --git a/wp-includes/comment.php b/wp-includes/comment.php index 19218a7..7ed9d9c 100644 --- a/wp-includes/comment.php +++ b/wp-includes/comment.php @@ -169,7 +169,7 @@ function sanitize_comment_cookies() { if ( isset($_COOKIE['comment_author_url_'.COOKIEHASH]) ) { $comment_author_url = apply_filters('pre_comment_author_url', $_COOKIE['comment_author_url_'.COOKIEHASH]); $comment_author_url = stripslashes($comment_author_url); - $comment_author_url = attribute_escape($comment_author_url); + $comment_author_url = clean_url($comment_author_url); $_COOKIE['comment_author_url_'.COOKIEHASH] = $comment_author_url; } } diff --git a/wp-includes/default-filters.php b/wp-includes/default-filters.php index a02ae05..35cd104 100644 --- a/wp-includes/default-filters.php +++ b/wp-includes/default-filters.php @@ -31,6 +31,8 @@ add_filter('pre_comment_author_name', 'wp_filter_kses'); add_filter('pre_comment_author_email', 'wp_filter_kses'); add_filter('pre_comment_author_url', 'wp_filter_kses'); +add_action('comment_form', 'wp_comment_form_unfiltered_html_nonce'); + // Default filters for these functions add_filter('comment_author', 'wptexturize'); add_filter('comment_author', 'convert_chars'); diff --git a/wp-includes/functions.php b/wp-includes/functions.php index 0cb1eed..e93bf7a 100644 --- a/wp-includes/functions.php +++ b/wp-includes/functions.php @@ -1019,9 +1019,11 @@ function wp_nonce_url($actionurl, $action = -1) { return wp_specialchars(add_query_arg('_wpnonce', wp_create_nonce($action), $actionurl)); } -function wp_nonce_field($action = -1) { - echo '<input type="hidden" name="_wpnonce" value="' . wp_create_nonce($action) . '" />'; - wp_referer_field(); +function wp_nonce_field($action = -1, $name = "_wpnonce", $referer = true) { + $name = attribute_escape($name); + echo '<input type="hidden" name="' . $name . '" value="' . wp_create_nonce($action) . '" />'; + if ( $referer ) + wp_referer_field(); } function wp_referer_field() { @@ -1289,7 +1291,7 @@ function wp_nonce_ays($action) { $adminurl = get_option('siteurl') . '/wp-admin'; if ( wp_get_referer() ) - $adminurl = attribute_escape(wp_get_referer()); + $adminurl = clean_url(wp_get_referer()); $title = __('WordPress Confirmation'); // Remove extra layer of slashes. @@ -1297,7 +1299,7 @@ function wp_nonce_ays($action) { if ( $_POST ) { $q = http_build_query($_POST); $q = explode( ini_get('arg_separator.output'), $q); - $html .= "\t<form method='post' action='$pagenow'>\n"; + $html .= "\t<form method='post' action='" . attribute_escape($pagenow) . "'>\n"; foreach ( (array) $q as $a ) { $v = substr(strstr($a, '='), 1); $k = substr($a, 0, -(strlen($v)+1)); @@ -1306,7 +1308,7 @@ function wp_nonce_ays($action) { $html .= "\t\t<input type='hidden' name='_wpnonce' value='" . wp_create_nonce($action) . "' />\n"; $html .= "\t\t<div id='message' class='confirm fade'>\n\t\t<p>" . wp_specialchars(wp_explain_nonce($action)) . "</p>\n\t\t<p><a href='$adminurl'>" . __('No') . "</a> <input type='submit' value='" . __('Yes') . "' /></p>\n\t\t</div>\n\t</form>\n"; } else { - $html .= "\t<div id='message' class='confirm fade'>\n\t<p>" . wp_specialchars(wp_explain_nonce($action)) . "</p>\n\t<p><a href='$adminurl'>" . __('No') . "</a> <a href='" . attribute_escape(add_query_arg( '_wpnonce', wp_create_nonce($action), $_SERVER['REQUEST_URI'] )) . "'>" . __('Yes') . "</a></p>\n\t</div>\n"; + $html .= "\t<div id='message' class='confirm fade'>\n\t<p>" . wp_specialchars(wp_explain_nonce($action)) . "</p>\n\t<p><a href='$adminurl'>" . __('No') . "</a> <a href='" . clean_url(add_query_arg( '_wpnonce', wp_create_nonce($action), $_SERVER['REQUEST_URI'] )) . "'>" . __('Yes') . "</a></p>\n\t</div>\n"; } $html .= "</body>\n</html>"; wp_die($html, $title); diff --git a/wp-includes/general-template.php b/wp-includes/general-template.php index d320d67..37d80d6 100644 --- a/wp-includes/general-template.php +++ b/wp-includes/general-template.php @@ -297,6 +297,7 @@ function single_month_title($prefix = '', $display = true ) { function get_archives_link($url, $text, $format = 'html', $before = '', $after = '') { $text = wptexturize($text); $title_text = attribute_escape($text); + $url = clean_url($url); if ('link' == $format) return "\t<link rel='archives' title='$title_text' href='$url' />\n"; @@ -415,7 +416,7 @@ function wp_get_archives($args = '') { } } elseif ( ( 'postbypost' == $type ) || ('alpha' == $type) ) { ('alpha' == $type) ? $orderby = "post_title ASC " : $orderby = "post_date DESC "; - $arcresults = $wpdb->get_results("SELECT * FROM $wpdb->posts $join $where $orderby $limit"); + $arcresults = $wpdb->get_results("SELECT * FROM $wpdb->posts $join $where ORDER BY $orderby $limit"); if ( $arcresults ) { foreach ( $arcresults as $arcresult ) { if ( $arcresult->post_date != '0000-00-00 00:00:00' ) { @@ -986,7 +987,7 @@ function paginate_links( $arg = '' ) { $link = str_replace('%#%', $current - 1, $link); if ( $add_args ) $link = add_query_arg( $add_args, $link ); - $page_links[] = "<a class='prev page-numbers' href='" . attribute_escape($link) . "'>$prev_text</a>"; + $page_links[] = "<a class='prev page-numbers' href='" . clean_url($link) . "'>$prev_text</a>"; endif; for ( $n = 1; $n <= $total; $n++ ) : if ( $n == $current ) : @@ -998,7 +999,7 @@ function paginate_links( $arg = '' ) { $link = str_replace('%#%', $n, $link); if ( $add_args ) $link = add_query_arg( $add_args, $link ); - $page_links[] = "<a class='page-numbers' href='" . attribute_escape($link) . "'>$n</a>"; + $page_links[] = "<a class='page-numbers' href='" . clean_url($link) . "'>$n</a>"; $dots = true; elseif ( $dots && !$show_all ) : $page_links[] = "<span class='page-numbers dots'>...</span>"; @@ -1011,7 +1012,7 @@ function paginate_links( $arg = '' ) { $link = str_replace('%#%', $current + 1, $link); if ( $add_args ) $link = add_query_arg( $add_args, $link ); - $page_links[] = "<a class='next page-numbers' href='" . attribute_escape($link) . "'>$next_text</a>"; + $page_links[] = "<a class='next page-numbers' href='" . clean_url($link) . "'>$next_text</a>"; endif; switch ( $type ) : case 'array' : diff --git a/wp-includes/link-template.php b/wp-includes/link-template.php index 10de62a..7905311 100644 --- a/wp-includes/link-template.php +++ b/wp-includes/link-template.php @@ -422,7 +422,7 @@ function next_post_link($format='%link »', $link='%title', $in_same_cat = function get_pagenum_link($pagenum = 1) { global $wp_rewrite; - $qstr = wp_specialchars($_SERVER['REQUEST_URI']); + $qstr = $_SERVER['REQUEST_URI']; $page_querystring = "paged"; $page_modstring = "page/"; @@ -490,7 +490,7 @@ function get_pagenum_link($pagenum = 1) { return $qstr; } -function next_posts($max_page = 0) { // original by cfactor at cooltux.org +function get_next_posts_page_link($max_page = 0) { global $paged, $pagenow; if ( !is_single() ) { @@ -498,10 +498,14 @@ function next_posts($max_page = 0) { // original by cfactor at cooltux.org $paged = 1; $nextpage = intval($paged) + 1; if ( !$max_page || $max_page >= $nextpage ) - echo get_pagenum_link($nextpage); + return get_pagenum_link($nextpage); } } +function next_posts($max_page = 0) { + echo clean_url(get_next_posts_page_link($max_page)); +} + function next_posts_link($label='Next Page »', $max_page=0) { global $paged, $wpdb, $wp_query; if ( !$max_page ) { @@ -517,18 +521,20 @@ function next_posts_link($label='Next Page »', $max_page=0) { } } - -function previous_posts() { // original by cfactor at cooltux.org +function get_previous_posts_page_link() { global $paged, $pagenow; if ( !is_single() ) { $nextpage = intval($paged) - 1; if ( $nextpage < 1 ) $nextpage = 1; - echo get_pagenum_link($nextpage); + return get_pagenum_link($nextpage); } } +function previous_posts() { + echo clean_url(get_previous_posts_page_link()); +} function previous_posts_link($label='« Previous Page') { global $paged; diff --git a/wp-includes/post-template.php b/wp-includes/post-template.php index 3b1ca35..94d2876 100644 --- a/wp-includes/post-template.php +++ b/wp-includes/post-template.php @@ -281,7 +281,7 @@ function wp_list_pages($args = '') { parse_str($args, $r); $defaults = array('depth' => 0, 'show_date' => '', 'date_format' => get_option('date_format'), - 'child_of' => 0, 'exclude' => '', 'title_li' => __('Pages'), 'echo' => 1, 'authors' => ''); + 'child_of' => 0, 'exclude' => '', 'title_li' => __('Pages'), 'echo' => 1, 'authors' => '', 'sort_column' => 'menu_order, post_title'); $r = array_merge($defaults, $r); $output = ''; diff --git a/wp-includes/script-loader.php b/wp-includes/script-loader.php index a763315..cd3dfbc 100644 --- a/wp-includes/script-loader.php +++ b/wp-includes/script-loader.php @@ -150,7 +150,7 @@ class WP_Scripts { $ver .= '&' . $this->args[$handle]; $src = 0 === strpos($this->scripts[$handle]->src, 'http://') ? $this->scripts[$handle]->src : get_option( 'siteurl' ) . $this->scripts[$handle]->src; $src = add_query_arg('ver', $ver, $src); - $src = attribute_escape(apply_filters( 'script_loader_src', $src )); + $src = clean_url(apply_filters( 'script_loader_src', $src )); echo "<script type='text/javascript' src='$src'></script>\n"; $this->print_scripts_l10n( $handle ); } diff --git a/wp-includes/user.php b/wp-includes/user.php index 00b58d2..281483f 100644 --- a/wp-includes/user.php +++ b/wp-includes/user.php @@ -9,6 +9,7 @@ function get_profile($field, $user = false) { function get_usernumposts($userid) { global $wpdb; + $userid = (int) $userid; return $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE post_author = '$userid' AND post_type = 'post' AND post_status = 'publish'"); } @@ -1428,8 +1428,9 @@ class wp_xmlrpc_server extends IXR_Server { $upload = wp_upload_bits($name, $type, $bits, $overwrite); if ( ! empty($upload['error']) ) { - logIO('O', '(MW) Could not write file '.$name); - return new IXR_Error(500, 'Could not write file '.$name); + $errorString = 'Could not write file ' . $name . ' (' . $upload['error'] . ')'; + logIO('O', '(MW) ' . $errorString); + return new IXR_Error(500, $errorString); } // Construct the attachment array // attach to post_id -1 |