WP Merge to 4674

git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@830 7be80a69-a1ef-0310-a953-fb0f7c49ff36

5 files changed, 174 insertions, 44 deletions

diff --git a/wp-includes/formatting.php b/wp-includes/formatting.php
index 963992d..d1ec74c 100644
--- a/wp-includes/formatting.php
+++ b/wp-includes/formatting.php
@@ -1067,7 +1067,7 @@ function wp_richedit_pre($text) {
 	return apply_filters('richedit_pre', $output);
 }
 
-function clean_url( $url ) {
+function clean_url( $url, $protocols = null ) {
 	if ('' == $url) return $url;
 	$url = preg_replace('|[^a-z0-9-~+_.?#=!&;,/:%]|i', '', $url);
 	$strip = array('%0d', '%0a');
@@ -1075,6 +1075,10 @@ function clean_url( $url ) {
 	$url = str_replace(';//', '://', $url);
 	$url = (!strstr($url, '://')) ? 'http://'.$url : $url;
 	$url = preg_replace('/&([^#])(?![a-z]{2,8};)/', '&$1', $url);
+	if ( !is_array($protocols) )
+		$protocols = array('http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet'); 
+	if ( wp_kses_bad_protocol( $url, $protocols ) != $url )
+		return '';
 	return $url;
 }
 
diff --git a/wp-includes/post-template.php b/wp-includes/post-template.php
index 101c9b6..443f0c6 100644
--- a/wp-includes/post-template.php
+++ b/wp-includes/post-template.php
@@ -331,71 +331,57 @@ function get_the_attachment_link($id = 0, $fullsize = false, $max_dims = false)
 	$id = (int) $id;
 	$_post = & get_post($id);
 
-	if ( ('attachment' != $_post->post_type) || ('' == $_post->guid) )
+	if ( ('attachment' != $_post->post_type) || !$url = wp_get_attachment_url() )
 		return __('Missing Attachment');
 
 	$post_title = attribute_escape($_post->post_title);
 
-	if (! empty($_post->guid) ) {
-		$innerHTML = get_attachment_innerHTML($_post->ID, $fullsize, $max_dims);
-
-		return "<a href='$_post->guid' title='$post_title'>$innerHTML</a>";
-
-	} else {
-		$p .= __('Missing Attachment');
-	}
-	return $p;
+	$innerHTML = get_attachment_innerHTML($_post->ID, $fullsize, $max_dims);
+	return "<a href='$url' title='$post_title'>$innerHTML</a>";
 }
 
-function get_attachment_icon($id = 0, $fullsize = false, $max_dims = false) {
+function get_attachment_icon_src( $id = 0, $fullsize = false ) {
 	$id = (int) $id;
-	$post = & get_post($id);
-
-	$mime = $post->post_mime_type;
+	if ( !$post = & get_post($id) )
+		return false;
 
 	$imagedata = wp_get_attachment_metadata( $post->ID );
 
 	$file = get_attached_file( $post->ID );
 
-	$exts = array('jpg', 'gif', 'png');
-	if ( !$fullsize && !empty($imagedata['thumb'])
-			&& ($thumbfile = str_replace(basename($file), $imagedata['thumb'], $file))
-			&& file_exists($thumbfile) ) {
-
+	if ( !$fullsize && $thumbfile = wp_get_attachment_thumb_file( $post->ID ) ) {
 		// We have a thumbnail desired, specified and existing
 
-		$src = str_replace(basename($post->guid), $imagedata['thumb'], $post->guid);
+		$src = wp_get_attachment_thumb_url( $post->ID );
 		$src_file = $thumbfile;
 		$class = 'attachmentthumb';
-
-	} elseif ( ( substr($mime, 0, 6) == 'image/' || 'import' == $mime && in_array(substr($file, -3), $exts) )
-			&& file_exists($file) ) {
-
+	} elseif ( wp_attachment_is_image( $post->ID ) ) {
 		// We have an image without a thumbnail
 
-		$src = $post->guid;
+		$src = wp_get_attachment_url( $post->ID );
 		$src_file = & $file;
 		$class = 'attachmentimage';
-	} elseif (! empty($mime) ) {
-
+	} elseif ( $src = wp_mime_type_icon( $post->ID ) ) {
 		// No thumb, no image. We'll look for a mime-related icon instead.
-		$icon_dir = apply_filters('icon_dir', get_template_directory().'/images');
-		$icon_dir_uri = apply_filters('icon_dir_uri', get_template_directory_uri().'/images');
-
-		$types = array(substr($mime, 0, strpos($mime, '/')), substr($mime, strpos($mime, '/') + 1), str_replace('/', '_', $mime));
-		foreach ($types as $type) {
-			foreach ($exts as $ext) {
-				$src_file = "$icon_dir/$type.$ext";
-				if ( file_exists($src_file) ) {
-					$src = "$icon_dir_uri/$type.$ext";
-					break 2;
-				}
-			}
-		}
+
+		$icon_dir = apply_filters( 'icon_dir', get_template_directory() . '/images' );
+		$src_file = $icon_dir . '/' . basename($src);
 	}
 
-	if (! isset($src) )
+	if ( !isset($src) )
 		return false;
+	return array($src, $src_file);
+}
+
+function get_attachment_icon( $id = 0, $fullsize = false, $max_dims = false ) {
+	$id = (int) $id;
+	if ( !$post = & get_post($id) )
+		return false;
+
+	if ( !$src = get_attachment_icon_src( $id, $fullsize ) )
+		return false;
+
+	list($src, $src_file) = $src;
 
 	// Do we need to constrain the image?
 	if ( ($max_dims = apply_filters('attachment_max_dims', $max_dims)) && file_exists($src_file) ) {
@@ -424,7 +410,7 @@ function get_attachment_icon($id = 0, $fullsize = false, $max_dims = false) {
 
 	$icon = "<img src='$src' title='$post_title' alt='$post_title' $constraint/>";
 
-	return apply_filters('attachment_icon', $icon, $post->ID);
+	return apply_filters( 'attachment_icon', $icon, $post->ID );
 }
 
 function get_attachment_innerHTML($id = 0, $fullsize = false, $max_dims = false) {
diff --git a/wp-includes/post.php b/wp-includes/post.php
index d0fd6df..144b4b6 100644
--- a/wp-includes/post.php
+++ b/wp-includes/post.php
@@ -1412,6 +1412,7 @@ function wp_get_attachment_metadata( $post_id, $unfiltered = false ) {
 }
 
 function wp_update_attachment_metadata( $post_id, $data ) {
+	$post_id = (int) $post_id;
 	if ( !get_post( $post_id ) )
 		return false;
 
@@ -1425,6 +1426,101 @@ function wp_update_attachment_metadata( $post_id, $data ) {
 		return add_post_meta( $post_id, '_wp_attachment_metadata', $data );
 }
 
+function wp_get_attachment_url( $post_id = 0 ) {
+	$post_id = (int) $post_id;
+	if ( !$post =& get_post( $post_id ) )
+		return false;
+
+	$url = get_the_guid( $post_id );
+
+	if ( 'attachment' != $post->post_type || !$url )
+		return false;
+
+	return apply_filters( 'wp_get_attachment_url', $url, $post_id );
+}
+
+function wp_get_attachment_thumb_file( $post_id ) {
+	$post_id = (int) $post_id;
+	if ( !$imagedata = wp_get_attachment_metadata( $post_id ) )
+		return false;
+
+	$file = get_attached_file( $post_id );
+
+	if ( !empty($imagedata['thumb']) && ($thumbfile = str_replace(basename($file), $imagedata['thumb'], $file)) && file_exists($thumbfile) )
+		return apply_filters( 'wp_get_attachment_thumb_file', $thumbfile, $post_id );
+	return false;
+}
+
+function wp_get_attachment_thumb_url( $post_id = 0 ) {
+	$post_id = (int) $post_id;
+	if ( !$url = wp_get_attachment_url( $post_id ) )
+		return false;
+
+	if ( !$thumb = wp_get_attachment_thumb_file( $post_id ) )
+		return false;
+	return false;
+
+	$url = str_replace(basename($url), basename($thumb), $url);
+
+	return apply_filters( 'wp_get_attachment_thumb_url', $url, $post_id );
+}
+
+function wp_attachment_is_image( $post_id = 0 ) {
+	$post_id = (int) $post_id;
+	if ( !$post =& get_post( $post_id ) )
+		return false;
+
+	if ( !$file = get_attached_file( $post->ID ) )
+		return false;
+
+	$ext = preg_match('/\.([^.]+)$/', $file, $matches) ? strtolower($matches[1]) : false;
+
+	$image_exts = array('jpg', 'jpeg', 'gif', 'png');
+
+	if ( 'image/' == substr($post->post_mime_type, 0, 6) || $ext && 'import' == $post->post_mime_type && in_array($ext, $image_exts) )
+		return true;
+	return false;
+}
+
+function wp_mime_type_icon( $mime = 0 ) {
+	$post_id = 0;
+	if ( is_numeric($mime) ) {
+		$mime = (int) $mime;
+		if ( !$post =& get_post( $mime ) )
+			return false;
+		$post_id = $post->ID;
+		$mime = $post->post_mime_type;
+	}
+
+	if ( empty($mime) )
+		return false;
+
+	$icon_dir = apply_filters( 'icon_dir', get_template_directory() . '/images' );
+	$icon_dir_uri = apply_filters( 'icon_dir_uri', get_template_directory_uri() . '/images' );
+
+	$types = array(
+		substr($mime, 0, strpos($mime, '/')),
+		substr($mime, strpos($mime, '/') + 1),
+		str_replace('/', '_', $mime)
+	);
+
+	$exts = array('jpg', 'gif', 'png');
+
+	$src = false;
+
+	foreach ( $types as $type ) {
+		foreach ( $exts as $ext ) {
+			$src_file = "$icon_dir/$type.$ext";
+			if ( file_exists($src_file) ) {
+				$src = "$icon_dir_uri/$type.$ext";
+				break 2;
+			}
+		}
+	}
+
+	return apply_filters( 'wp_mime_type_icon', $src, $mime, $post_id ); // Last arg is 0 if function pass mime type.
+}
+
 function wp_check_for_changed_slugs($post_id) {
 	if ( !strlen($_POST['wp-old-slug']) )
 		return $post_id;
diff --git a/wp-includes/script-loader.php b/wp-includes/script-loader.php
index 1836899..cc6c7aa 100644
--- a/wp-includes/script-loader.php
+++ b/wp-includes/script-loader.php
@@ -35,7 +35,7 @@ class WP_Scripts {
 			$this->add( 'admin-comments', '/wp-admin/edit-comments.js', array('listman'), '3847' );
 			$this->add( 'admin-users', '/wp-admin/users.js', array('listman'), '4583' );
 			$this->add( 'xfn', '/wp-admin/xfn.js', false, '3517' );
-			$this->add( 'upload', '/wp-admin/upload-js.php', array('prototype'), '4535' );
+			$this->add( 'upload', '/wp-admin/upload-js.php', array('prototype'), '20061223' );
 		}
 	}
 
diff --git a/wp-includes/theme.php b/wp-includes/theme.php
index ca1ae60..f527b42 100644
--- a/wp-includes/theme.php
+++ b/wp-includes/theme.php
@@ -455,10 +455,54 @@ function set_theme_mod($name, $value) {
 	wp_cache_delete("mods_$theme", 'options');
 }
 
+function remove_theme_mod( $name ) {
+	$theme = get_current_theme();
+
+	$mods = get_option("mods_$theme");
+
+	if ( !isset($mods[$name]) )
+		return;
+
+	unset($mods[$name]);
+
+	if ( empty($mods) )
+		return remove_theme_mods();
+
+	update_option("mods_$theme", $mods);
+	wp_cache_delete("mods_$theme", 'options');
+}
+
 function remove_theme_mods() {
 	$theme = get_current_theme();
 
 	delete_option("mods_$theme");
 }
 
+function get_header_textcolor() {
+	return get_theme_mod('header_textcolor', HEADER_TEXTCOLOR);
+}
+
+function header_textcolor() {
+	echo get_header_textcolor();	
+}
+
+function get_header_image() {
+	return get_theme_mod('header_image', HEADER_IMAGE);
+}
+
+function header_image() {
+	echo get_header_image();	
+}
+
+function add_custom_image_header($header_callback, $admin_header_callback) {
+	if ( ! empty($header_callback) )
+		add_action('wp_head', $header_callback);
+
+	if ( ! is_admin() )
+		return;
+	require_once(ABSPATH . 'wp-admin/custom-header.php');
+	$GLOBALS['custom_image_header'] =& new Custom_Image_Header($admin_header_callback);
+	add_action('admin_menu', array(&$GLOBALS['custom_image_header'], 'init'));
+}
+
 ?>