WP Merge to rev 4273

git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@788 7be80a69-a1ef-0310-a953-fb0f7c49ff36

9 files changed, 15 insertions, 11 deletions

diff --git a/wp-admin/admin-functions.php b/wp-admin/admin-functions.php
index 5dd0794..5c220a5 100644
--- a/wp-admin/admin-functions.php
+++ b/wp-admin/admin-functions.php
@@ -1911,7 +1911,7 @@ function wp_handle_upload(&$file, $overrides = false) {
 	// Move the file to the uploads dir
 	$new_file = $uploads['path'] . "/$filename";
 	if ( false === @ move_uploaded_file($file['tmp_name'], $new_file) )
-		wp_die(printf(__('The uploaded file could not be moved to %s.'), $file['path']));
+		wp_die(printf(__('The uploaded file could not be moved to %s.'), $uploads['path']));
 
 	// Set correct file permissions
 	$stat = stat(dirname($new_file));
diff --git a/wp-admin/edit-comments.php b/wp-admin/edit-comments.php
index eb3c102..ae23c63 100644
--- a/wp-admin/edit-comments.php
+++ b/wp-admin/edit-comments.php
@@ -191,7 +191,7 @@ $post_title = ('' == $post_title) ? "# $comment->comment_post_ID" : $post_title;
 		<?php 
 		} // end foreach
 	?></table>
-<p class="submit"><input type="submit" name="delete_button" value="<?php _e('Delete Checked Comments &raquo;') ?>" onclick="var numchecked = getNumChecked(document.getElementById('deletecomments')); if(numchecked < 1) { alert('<?php _e("Please select some comments to delete"); ?>'); return false } return confirm('<?php printf(__("You are about to delete %s comments permanently \\n  \'Cancel\' to stop, \'OK\' to delete."), "' + numchecked + '"); ?>')" />
+<p class="submit"><input type="submit" name="delete_button" class="delete" value="<?php _e('Delete Checked Comments &raquo;') ?>" onclick="var numchecked = getNumChecked(document.getElementById('deletecomments')); if(numchecked < 1) { alert('<?php _e("Please select some comments to delete"); ?>'); return false } return confirm('<?php printf(__("You are about to delete %s comments permanently \\n  \'Cancel\' to stop, \'OK\' to delete."), "' + numchecked + '"); ?>')" />
 			<input type="submit" name="spam_button" value="<?php _e('Mark Checked Comments as Spam &raquo;') ?>" onclick="return confirm('<?php _e("You are about to mark these comments as spam \\n  \'Cancel\' to stop, \'OK\' to mark as spam.") ?>')" /></p>
   </form>
 <div id="ajax-response"></div>
diff --git a/wp-admin/edit-form-advanced.php b/wp-admin/edit-form-advanced.php
index 7f9a97a..3ae45b9 100644
--- a/wp-admin/edit-form-advanced.php
+++ b/wp-admin/edit-form-advanced.php
@@ -252,7 +252,7 @@ list_meta($metadata);
 </div>
 
 <?php if ('edit' == $action) : $delete_nonce = wp_create_nonce( 'delete-post_' . $post_ID ); ?>
-<input name="deletepost" class="button" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this post') ?>" <?php echo "onclick=\"if ( confirm('" . sprintf(__("You are about to delete this post \'%s\'\\n  \'Cancel\' to stop, \'OK\' to delete."), js_escape($post->post_title) ) . "') ) { document.forms.post._wpnonce.value = '$delete_nonce'; return true;}return false;\""; ?> />
+<input name="deletepost" class="button delete" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this post') ?>" <?php echo "onclick=\"if ( confirm('" . sprintf(__("You are about to delete this post \'%s\'\\n  \'Cancel\' to stop, \'OK\' to delete."), js_escape($post->post_title) ) . "') ) { document.forms.post._wpnonce.value = '$delete_nonce'; return true;}return false;\""; ?> />
 <?php endif; ?>
 
 </div>
diff --git a/wp-admin/edit-form-comment.php b/wp-admin/edit-form-comment.php
index bbcac0b..e90e059 100644
--- a/wp-admin/edit-form-comment.php
+++ b/wp-admin/edit-form-comment.php
@@ -66,8 +66,8 @@ addLoadEvent(focusit);
 <?php endif; ?>
 
 	<tr>
-		<th scope="row" valign="top"><?php _e('Delete'); ?>:</th>
-		<td><input name="deletecomment" class="button" type="submit" id="deletecomment" tabindex="10" value="<?php _e('Delete this comment') ?>" <?php echo "onclick=\"return confirm('" . __("You are about to delete this comment \\n  \'Cancel\' to stop, \'OK\' to delete.") . "')\""; ?> /> 
+		<th scope="row" valign="top"><?php _e('Delete'); $delete_nonce = wp_create_nonce( 'delete-comment_' . $comment->comment_ID ); ?>:</th>
+		<td><input name="deletecomment" class="button delete" type="submit" id="deletecomment" tabindex="10" value="<?php _e('Delete this comment') ?>" <?php echo "onclick=\"if ( confirm('" . __("You are about to delete this comment \\n  \'Cancel\' to stop, \'OK\' to delete.") . "') ) { document.forms.post._wpnonce.value = '$delete_nonce'; return true; } return false;\""; ?> /> 
 		<input type="hidden" name="comment" value="<?php echo $comment->comment_ID ?>" />
 		<input type="hidden" name="p" value="<?php echo $comment->comment_post_ID ?>" />
 		<input type="hidden" name="noredir" value="1" />
diff --git a/wp-admin/edit-page-form.php b/wp-admin/edit-page-form.php
index d68e71b..d7216a3 100644
--- a/wp-admin/edit-page-form.php
+++ b/wp-admin/edit-page-form.php
@@ -189,7 +189,7 @@ list_meta($metadata);
 <?php if ('edit' == $action) :
 	$delete_nonce = wp_create_nonce( 'delete-page_' . $post_ID ); 
 	if ( current_user_can('delete_page', $post->ID) ) ?>
-		<input name="deletepost" class="button" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this page') ?>" <?php echo "onclick=\"if ( confirm('" . sprintf(__("You are about to delete this page \'%s\'\\n  \'Cancel\' to stop, \'OK\' to delete."), js_escape($post->post_title) ) . "') ) { document.forms.post._wpnonce.value = '$delete_nonce'; return true;}return false;\""; ?> />
+		<input name="deletepost" class="button delete" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this page') ?>" <?php echo "onclick=\"if ( confirm('" . sprintf(__("You are about to delete this page \'%s\'\\n  \'Cancel\' to stop, \'OK\' to delete."), js_escape($post->post_title) ) . "') ) { document.forms.post._wpnonce.value = '$delete_nonce'; return true;}return false;\""; ?> />
 <?php endif; ?>
 </div>
 
diff --git a/wp-admin/import/dotclear.php b/wp-admin/import/dotclear.php
index ba988f6..48db721 100644
--- a/wp-admin/import/dotclear.php
+++ b/wp-admin/import/dotclear.php
@@ -408,7 +408,7 @@ class Dotclear_Import {
 				$cats = array();
 				if($cat1 = get_catbynicename($post_cat_name)) { $cats[1] = $cat1; }
 
-				if(!empty($cats)) { wp_set_post_cats('', $ret_id, $cats); }
+				if(!empty($cats)) { wp_set_post_categories($ret_id, $cats); }
 			}
 		}
 		// Store ID translation for later use
diff --git a/wp-admin/import/textpattern.php b/wp-admin/import/textpattern.php
index 6af31aa..f9937ff 100644
--- a/wp-admin/import/textpattern.php
+++ b/wp-admin/import/textpattern.php
@@ -338,7 +338,7 @@ class Textpattern_Import {
 				if($cat1 = get_catbynicename($Category1)) { $cats[1] = $cat1; }
 				if($cat2 = get_catbynicename($Category2)) { $cats[2] = $cat2; }
 
-				if(!empty($cats)) { wp_set_post_cats('', $ret_id, $cats); }
+				if(!empty($cats)) { wp_set_post_categories($ret_id, $cats); }
 			}
 		}
 		// Store ID translation for later use
diff --git a/wp-admin/theme-editor.php b/wp-admin/theme-editor.php
index 037cc91..7832b91 100644
--- a/wp-admin/theme-editor.php
+++ b/wp-admin/theme-editor.php
@@ -45,11 +45,15 @@ case 'update':
 		$f = fopen($real_file, 'w+');
 		fwrite($f, $newcontent);
 		fclose($f);
-		wp_redirect("theme-editor.php?file=$file&theme=$theme&a=te");
+		$location = "theme-editor.php?file=$file&theme=$theme&a=te";
 	} else {
-		wp_redirect("theme-editor.php?file=$file&theme=$theme");
+		$location = "theme-editor.php?file=$file&theme=$theme";
 	}
 
+	$location = wp_kses_no_null($location);
+	$strip = array('%0d', '%0a');
+	$location = str_replace($strip, '', $location);
+	header("Location: $location");
 	exit();
 
 break;
diff --git a/wp-admin/wp-admin.css b/wp-admin/wp-admin.css
index fb19af1..a4420cc 100644
--- a/wp-admin/wp-admin.css
+++ b/wp-admin/wp-admin.css
@@ -502,7 +502,7 @@ table .vers {
 	width: 300px;
 }
 
-#deletepost:hover, #deletecomment:hover {
+input.delete:hover {
 	background: #ce0000;
 	color: #fff;
 }