diff options
| author | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2007-10-23 18:28:40 +0000 |
|---|---|---|
| committer | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2007-10-23 18:28:40 +0000 |
| commit | 87bb8cd69cc593fe6bed330fb1791eac9df87167 (patch) | |
| tree | 6b2ad252df89d2a1863198fd44b321b59e42ef54 /wp-includes | |
| parent | 0cbda3349a2571904ea063fdd73e018299919589 (diff) | |
| download | wordpress-mu-87bb8cd69cc593fe6bed330fb1791eac9df87167.tar.gz wordpress-mu-87bb8cd69cc593fe6bed330fb1791eac9df87167.tar.xz wordpress-mu-87bb8cd69cc593fe6bed330fb1791eac9df87167.zip | |
Merge with WordPress, rev 6285 and untested
git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@1125 7be80a69-a1ef-0310-a953-fb0f7c49ff36
Diffstat (limited to 'wp-includes')
39 files changed, 2326 insertions, 1365 deletions
diff --git a/wp-includes/bookmark.php b/wp-includes/bookmark.php index a8c1a3f..1baf608 100644 --- a/wp-includes/bookmark.php +++ b/wp-includes/bookmark.php @@ -3,8 +3,7 @@ function get_bookmark($bookmark_id, $output = OBJECT, $filter = 'raw') { global $wpdb; - $bookmark_id = (int) $bookmark_id; - $link = $wpdb->get_row("SELECT * FROM $wpdb->links WHERE link_id = '$bookmark_id' LIMIT 1"); + $link = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->links WHERE link_id = %d LIMIT 1", $bookmark_id)); $link->link_category = array_unique( wp_get_object_terms($link_id, 'link_category', 'fields=ids') ); $link = sanitize_bookmark($link, $filter); @@ -113,7 +112,7 @@ function get_bookmarks($args = '') { } if (!empty($category_query)) { $category_query .= ") AND taxonomy = 'link_category'"; - $join = " LEFT JOIN $wpdb->term_relationships AS tr ON ($wpdb->links.link_id = tr.object_id) LEFT JOIN $wpdb->term_taxonomy as tt ON tt.term_taxonomy_id = tr.term_taxonomy_id"; + $join = " INNER JOIN $wpdb->term_relationships AS tr ON ($wpdb->links.link_id = tr.object_id) INNER JOIN $wpdb->term_taxonomy as tt ON tt.term_taxonomy_id = tr.term_taxonomy_id"; } if (get_option('links_recently_updated_time')) { diff --git a/wp-includes/cache.php b/wp-includes/cache.php index 1b300d4..b877b81 100644 --- a/wp-includes/cache.php +++ b/wp-includes/cache.php @@ -168,7 +168,7 @@ class WP_Object_Cache { return false; } - $cache_file = $this->cache_dir.$this->get_group_dir($group_key)."/".$this->hash($hash).'.php'; + $cache_file = $this->cache_dir.$this->get_group_dir($group_key)."/".$this->hash($id).'.php'; if (!file_exists($cache_file)) { $this->non_existant_objects[$hash] = true; $this->cache_misses += 1; @@ -289,7 +289,7 @@ class WP_Object_Cache { if (empty ($group)) $group = 'default'; - if (NULL == $data) + if (NULL === $data) $data = ''; $this->cache[$hash] = $data; @@ -331,6 +331,9 @@ class WP_Object_Cache { // Loop over dirty objects and save them. $errors = 0; foreach ($this->dirty_objects as $group => $ids) { + if ( in_array($group, $this->non_persistent_groups) ) + continue; + $group_dir = $this->make_group_dir($group, $dir_perms); $ids = array_unique($ids); diff --git a/wp-includes/canonical.php b/wp-includes/canonical.php index 8027a1c..7c7c909 100644 --- a/wp-includes/canonical.php +++ b/wp-includes/canonical.php @@ -4,7 +4,7 @@ function redirect_canonical($requested_url=NULL, $do_redirect=true) { global $wp_rewrite, $posts, $is_IIS; - if ( is_feed() || is_trackback() || is_search() || is_comments_popup() || is_admin() || $is_IIS || ( isset($_POST) && count($_POST) ) ) + if ( is_feed() || is_trackback() || is_search() || is_comments_popup() || is_admin() || $is_IIS || ( isset($_POST) && count($_POST) ) || is_preview() ) return; if ( !$requested_url ) { @@ -180,15 +180,15 @@ function redirect_guess_404_permalink() { if ( !get_query_var('name') ) return false; - $where = "post_name LIKE '" . $wpdb->escape(get_query_var('name')) . "%'"; + $where = $wpdb->prepare("post_name LIKE %s", get_query_var('name') . '%'); // if any of year, monthnum, or day are set, use them to refine the query if ( get_query_var('year') ) - $where .= " AND YEAR(post_date) = '" . $wpdb->escape(get_query_var('year')) . "'"; + $where .= $wpdb->prepare(" AND YEAR(post_date) = %d", get_query_var('year')); if ( get_query_var('monthnum') ) - $where .= " AND MONTH(post_date) = '" . $wpdb->escape(get_query_var('monthnum')) . "'"; + $where .= $wpdb->prepare(" AND MONTH(post_date) = %d", get_query_var('monthnum')); if ( get_query_var('day') ) - $where .= " AND DAYOFMONTH(post_date) = '" . $wpdb->escape(get_query_var('day')) . "'"; + $where .= $wpdb->prepare(" AND DAYOFMONTH(post_date) = %d", get_query_var('day')); $post_id = $wpdb->get_var("SELECT ID FROM $wpdb->posts WHERE $where AND post_status = 'publish'"); if ( !$post_id ) @@ -198,4 +198,4 @@ function redirect_guess_404_permalink() { add_action('template_redirect', 'redirect_canonical'); -?>
\ No newline at end of file +?> diff --git a/wp-includes/category-template.php b/wp-includes/category-template.php index cd8dbcb..6efea7b 100644 --- a/wp-includes/category-template.php +++ b/wp-includes/category-template.php @@ -376,7 +376,7 @@ function wp_generate_tag_cloud( $tags, $args = '' ) { $tag_id = $tag_ids[$tag]; $tag_link = clean_url($tag_links[$tag]); $tag = str_replace(' ', ' ', wp_specialchars( $tag )); - $a[] = "<a href='$tag_link' class='tag-link-$tag_id' title='" . attribute_escape( sprintf( __('%d topics'), $count ) ) . "'$rel style='font-size: " . + $a[] = "<a href='$tag_link' class='tag-link-$tag_id' title='" . attribute_escape( sprintf( __ngettext('%d topic','%d topics',$count), $count ) ) . "'$rel style='font-size: " . ( $smallest + ( ( $count - $min_count ) * $font_step ) ) . "$unit;'>$tag</a>"; } diff --git a/wp-includes/classes.php b/wp-includes/classes.php index 6e55c45..c79442b 100644 --- a/wp-includes/classes.php +++ b/wp-includes/classes.php @@ -696,11 +696,13 @@ class WP_Ajax_Response { $defaults = array( 'what' => 'object', 'action' => false, 'id' => '0', 'old_id' => false, + 'position' => 1, // -1 = top, 1 = bottom, html ID = after, -html ID = before 'data' => '', 'supplemental' => array() ); $r = wp_parse_args( $args, $defaults ); extract( $r, EXTR_SKIP ); + $postition = preg_replace( '/[^a-z0-9:_-]/i', '', $position ); if ( is_wp_error($id) ) { $data = $id; @@ -724,7 +726,7 @@ class WP_Ajax_Response { $x = ''; $x .= "<response action='{$action}_$id'>"; // The action attribute in the xml output is formatted like a nonce action - $x .= "<$what id='$id'" . ( false !== $old_id ? "old_id='$old_id'>" : '>' ); + $x .= "<$what id='$id' " . ( false === $old_id ? '' : "old_id='$old_id' " ) . "position='$position'>"; $x .= $response; $x .= $s; $x .= "</$what>"; diff --git a/wp-includes/comment-template.php b/wp-includes/comment-template.php index 99fecfe..1dc84c1 100644 --- a/wp-includes/comment-template.php +++ b/wp-includes/comment-template.php @@ -288,13 +288,11 @@ function comments_template( $file = '/comments.php' ) { // TODO: Use API instead of SELECTs. if ( $user_ID) { - $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = '$post->ID' AND (comment_approved = '1' OR ( user_id = '$user_ID' AND comment_approved = '0' ) ) ORDER BY comment_date"); + $comments = $wpdb->get_results($wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND (comment_approved = '1' OR ( user_id = %d AND comment_approved = '0' ) ) ORDER BY comment_date", $post->ID, $user_ID)); } else if ( empty($comment_author) ) { - $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = '$post->ID' AND comment_approved = '1' ORDER BY comment_date"); + $comments = $wpdb->get_results($wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_approved = '1' ORDER BY comment_date", $post->ID)); } else { - $author_db = $wpdb->escape($comment_author); - $email_db = $wpdb->escape($comment_author_email); - $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = '$post->ID' AND ( comment_approved = '1' OR ( comment_author = '$author_db' AND comment_author_email = '$email_db' AND comment_approved = '0' ) ) ORDER BY comment_date"); + $comments = $wpdb->get_results($wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND ( comment_approved = '1' OR ( comment_author = %s AND comment_author_email = %s AND comment_approved = '0' ) ) ORDER BY comment_date", $post->ID, $comment_author, $comment_author_email)); } // keep $comments for legacy's sake (remember $table*? ;) ) diff --git a/wp-includes/comment.php b/wp-includes/comment.php index 3fedd9b..62377c5 100644 --- a/wp-includes/comment.php +++ b/wp-includes/comment.php @@ -41,11 +41,12 @@ function check_comment($author, $email, $url, $comment, $user_ip, $user_agent, $ $domain = $uri['host']; $uri = parse_url( get_option('home') ); $home_domain = $uri['host']; - if ( $wpdb->get_var("SELECT link_id FROM $wpdb->links WHERE link_url LIKE ('%$domain%') LIMIT 1") || $domain == $home_domain ) + if ( $wpdb->get_var($wpdb->prepare("SELECT link_id FROM $wpdb->links WHERE link_url LIKE (%s) LIMIT 1", '%'.$domain.'%')) || $domain == $home_domain ) return true; else return false; } elseif ( $author != '' && $email != '' ) { + // expected_slashed ($author, $email) $ok_to_comment = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_author = '$author' AND comment_author_email = '$email' and comment_approved = '1' LIMIT 1"); if ( ( 1 == $ok_to_comment ) && ( empty($mod_keys) || false === strpos( $email, $mod_keys) ) ) @@ -62,9 +63,7 @@ function check_comment($author, $email, $url, $comment, $user_ip, $user_agent, $ function get_approved_comments($post_id) { global $wpdb; - - $post_id = (int) $post_id; - return $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = '$post_id' AND comment_approved = '1' ORDER BY comment_date"); + return $wpdb->get_results($wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_approved = '1' ORDER BY comment_date", $post_id)); } @@ -82,11 +81,10 @@ function &get_comment(&$comment, $output = OBJECT) { wp_cache_add($comment->comment_ID, $comment, 'comment'); $_comment = $comment; } else { - $comment = (int) $comment; if ( isset($GLOBALS['comment']) && ($GLOBALS['comment']->comment_ID == $comment) ) { $_comment = & $GLOBALS['comment']; } elseif ( ! $_comment = wp_cache_get($comment, 'comment') ) { - $_comment = $wpdb->get_row("SELECT * FROM $wpdb->comments WHERE comment_ID = '$comment' LIMIT 1"); + $_comment = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_ID = %d LIMIT 1", $comment)); wp_cache_add($_comment->comment_ID, $_comment, 'comment'); } } @@ -109,7 +107,7 @@ function &get_comment(&$comment, $output = OBJECT) { function get_commentdata( $comment_ID, $no_cache = 0, $include_unapproved = false ) { // less flexible, but saves DB queries global $postc, $id, $commentdata, $wpdb; if ( $no_cache ) { - $query = "SELECT * FROM $wpdb->comments WHERE comment_ID = '$comment_ID'"; + $query = $wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_ID = %d", $comment_ID); if ( false == $include_unapproved ) $query .= " AND comment_approved = '1'"; $myrow = $wpdb->get_row($query, ARRAY_A); @@ -138,13 +136,13 @@ function get_lastcommentmodified($timezone = 'server') { if ( !isset($cache_lastcommentmodified[$timezone]) ) { switch ( strtolower($timezone)) { case 'gmt': - $lastcommentmodified = $wpdb->get_var("SELECT comment_date_gmt FROM $wpdb->comments WHERE comment_date_gmt <= '$now' AND comment_approved = '1' ORDER BY comment_date_gmt DESC LIMIT 1"); + $lastcommentmodified = $wpdb->get_var($wpdb->prepare("SELECT comment_date_gmt FROM $wpdb->comments WHERE comment_date_gmt <= %s AND comment_approved = '1' ORDER BY comment_date_gmt DESC LIMIT 1", $now)); break; case 'blog': - $lastcommentmodified = $wpdb->get_var("SELECT comment_date FROM $wpdb->comments WHERE comment_date_gmt <= '$now' AND comment_approved = '1' ORDER BY comment_date_gmt DESC LIMIT 1"); + $lastcommentmodified = $wpdb->get_var($wpdb->prepare("SELECT comment_date FROM $wpdb->comments WHERE comment_date_gmt <= %s AND comment_approved = '1' ORDER BY comment_date_gmt DESC LIMIT 1", $now)); break; case 'server': - $lastcommentmodified = $wpdb->get_var("SELECT DATE_ADD(comment_date_gmt, INTERVAL '$add_seconds_server' SECOND) FROM $wpdb->comments WHERE comment_date_gmt <= '$now' AND comment_approved = '1' ORDER BY comment_date_gmt DESC LIMIT 1"); + $lastcommentmodified = $wpdb->get_var($wpdb->prepare("SELECT DATE_ADD(comment_date_gmt, INTERVAL %s SECOND) FROM $wpdb->comments WHERE comment_date_gmt <= %s AND comment_approved = '1' ORDER BY comment_date_gmt DESC LIMIT 1", $add_seconds_server, $now)); break; } $cache_lastcommentmodified[$timezone] = $lastcommentmodified; @@ -183,6 +181,7 @@ function wp_allow_comment($commentdata) { extract($commentdata, EXTR_SKIP); // Simple duplicate check + // expected_slashed ($comment_post_ID, $comment_author, $comment_author_email, $comment_content) $dupe = "SELECT comment_ID FROM $wpdb->comments WHERE comment_post_ID = '$comment_post_ID' AND ( comment_author = '$comment_author' "; if ( $comment_author_email ) $dupe .= "OR comment_author_email = '$comment_author_email' "; @@ -195,7 +194,7 @@ function wp_allow_comment($commentdata) { if ( $user_id ) { $userdata = get_userdata($user_id); $user = new WP_User($user_id); - $post_author = $wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = '$comment_post_ID' LIMIT 1"); + $post_author = $wpdb->get_var($wpdb->prepare("SELECT post_author FROM $wpdb->posts WHERE ID = %d LIMIT 1", $comment_post_ID)); } if ( $userdata && is_site_admin( $userdata->user_login ) == false && ( $user_id == $post_author || $user->has_cap('level_9' ) ) ) { diff --git a/wp-includes/default-filters.php b/wp-includes/default-filters.php index 53060b1..15fab15 100644 --- a/wp-includes/default-filters.php +++ b/wp-includes/default-filters.php @@ -25,9 +25,18 @@ foreach ( $filters as $filter ) { add_filter($filter, 'wp_filter_kses'); } -// URL +// Save URL $filters = array('pre_comment_author_url', 'pre_user_url', 'pre_link_url', 'pre_link_image', - 'pre_link_rss', 'comment_url'); + 'pre_link_rss'); +foreach ( $filters as $filter ) { + add_filter($filter, 'strip_tags'); + add_filter($filter, 'trim'); + add_filter($filter, 'sanitize_url'); + add_filter($filter, 'wp_filter_kses'); +} + +// Display URL +$filters = array('user_url', 'link_url', 'link_image', 'link_rss', 'comment_url'); foreach ( $filters as $filter ) { add_filter($filter, 'strip_tags'); add_filter($filter, 'trim'); @@ -127,10 +136,12 @@ add_filter('comment_email', 'antispambot'); // Actions add_action('wp_head', 'rsd_link'); +add_action('wp_head', 'wlwmanifest_link'); add_action('wp_head', 'locale_stylesheet'); add_action('publish_future_post', 'wp_publish_post', 10, 1); add_action('wp_head', 'noindex', 1); add_action('wp_head', 'wp_print_scripts'); +add_action('wp_head', 'wp_generator'); if(!defined('DOING_CRON')) add_action('init', 'wp_cron'); add_action('do_feed_rdf', 'do_feed_rdf', 10, 1); diff --git a/wp-includes/feed-atom-comments.php b/wp-includes/feed-atom-comments.php index ee9a73b..72897bb 100644 --- a/wp-includes/feed-atom-comments.php +++ b/wp-includes/feed-atom-comments.php @@ -18,7 +18,7 @@ echo '<?xml version="1.0" encoding="' . get_option('blog_charset') . '" ?' . '>' <subtitle type="text"><?php bloginfo_rss('description'); ?></subtitle> <updated><?php echo mysql2date('Y-m-d\TH:i:s\Z', get_lastcommentmodified('GMT')); ?></updated> - <generator uri="http://wordpress.org/" version="<?php bloginfo('version'); ?>">WordPress</generator> + <?php the_generator( 'atom' ); ?> <link rel="alternate" type="<?php bloginfo_rss('html_type'); ?>" href="<?php bloginfo_rss('home'); ?>" /> <link rel="self" type="application/atom+xml" href="<?php bloginfo_rss('comments_atom_url'); ?>" /> diff --git a/wp-includes/feed-atom.php b/wp-includes/feed-atom.php index f80f48f..5f5570d 100644 --- a/wp-includes/feed-atom.php +++ b/wp-includes/feed-atom.php @@ -15,7 +15,7 @@ $more = 1; <subtitle type="text"><?php bloginfo_rss("description") ?></subtitle> <updated><?php echo mysql2date('Y-m-d\TH:i:s\Z', get_lastpostmodified('GMT')); ?></updated> - <generator uri="http://wordpress.org/" version="<?php bloginfo_rss('version'); ?>">WordPress</generator> + <?php the_generator( 'atom' ); ?> <link rel="alternate" type="text/html" href="<?php bloginfo_rss('home') ?>" /> <id><?php bloginfo('atom_url'); ?></id> @@ -30,15 +30,18 @@ $more = 1; <uri><?php the_author_url()?></uri> <?php endif; ?> </author> - <title type="<?php html_type_rss(); ?>"><![CDATA[<?php the_title_rss() ?>]]></title> +<?php list($content_type, $content) = prep_atom_text_construct(get_the_title()); ?> + <title type="<?php echo $content_type ?>"><?php echo $content ?></title> <link rel="alternate" type="text/html" href="<?php the_permalink_rss() ?>" /> <id><?php the_guid(); ?></id> <updated><?php echo get_post_modified_time('Y-m-d\TH:i:s\Z', true); ?></updated> <published><?php echo get_post_time('Y-m-d\TH:i:s\Z', true); ?></published> <?php the_category_rss('atom') ?> - <summary type="<?php html_type_rss(); ?>"><![CDATA[<?php the_excerpt_rss(); ?>]]></summary> +<?php list($content_type, $content) = prep_atom_text_construct(get_the_excerpt()); ?> + <summary type="<?php echo $content_type ?>"><?php echo $content ?></summary> <?php if ( !get_option('rss_use_excerpt') ) : ?> - <content type="<?php html_type_rss(); ?>" xml:base="<?php the_permalink_rss() ?>"><![CDATA[<?php the_content('', 0, '') ?>]]></content> +<?php list($content_type, $content) = prep_atom_text_construct(get_the_content()); ?> + <content type="<?php echo $content_type ?>" xml:base="<?php the_permalink_rss()?>"><?php echo $content ?></content> <?php endif; ?> <?php atom_enclosure(); ?> <?php do_action('atom_entry'); ?> diff --git a/wp-includes/feed-rdf.php b/wp-includes/feed-rdf.php index 1f92b23..dd0b785 100644 --- a/wp-includes/feed-rdf.php +++ b/wp-includes/feed-rdf.php @@ -4,7 +4,6 @@ $more = 1; ?> <?php echo '<?xml version="1.0" encoding="'.get_option('blog_charset').'"?'.'>'; ?> -<!-- generator="wordpress/<?php echo $wp_version ?>" --> <rdf:RDF xmlns="http://purl.org/rss/1.0/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" @@ -19,7 +18,7 @@ $more = 1; <link><?php bloginfo_rss('url') ?></link> <description><?php bloginfo_rss('description') ?></description> <dc:date><?php echo mysql2date('Y-m-d\TH:i:s\Z', get_lastpostmodified('GMT'), false); ?></dc:date> - <admin:generatorAgent rdf:resource="http://wordpress.org/?v=<?php echo $wp_version ?>"/> + <?php the_generator( 'rdf' ); ?> <sy:updatePeriod>hourly</sy:updatePeriod> <sy:updateFrequency>1</sy:updateFrequency> <sy:updateBase>2000-01-01T12:00+00:00</sy:updateBase> diff --git a/wp-includes/feed-rss.php b/wp-includes/feed-rss.php index 469e4bc..900dcec 100644 --- a/wp-includes/feed-rss.php +++ b/wp-includes/feed-rss.php @@ -4,7 +4,7 @@ $more = 1; ?> <?php echo '<?xml version="1.0" encoding="'.get_option('blog_charset').'"?'.'>'; ?> -<!-- generator="wordpress/<?php echo $wp_version ?>" --> +<?php the_generator( 'comment' ); ?> <rss version="0.92"> <channel> <title><?php bloginfo_rss('name'); wp_title_rss(); ?></title> diff --git a/wp-includes/feed-rss2-comments.php b/wp-includes/feed-rss2-comments.php index 7bd5ae2..ba06573 100644 --- a/wp-includes/feed-rss2-comments.php +++ b/wp-includes/feed-rss2-comments.php @@ -3,10 +3,10 @@ header('Content-Type: text/xml;charset=' . get_option('blog_charset'), true); echo '<?xml version="1.0" encoding="'.get_option('blog_charset').'"?'.'>'; ?> -<!-- generator="wordpress/<?php echo $wp_version ?>" --> <rss version="2.0" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" + xmlns:atom="http://www.w3.org/2005/Atom" > <channel> <title><?php @@ -17,10 +17,11 @@ echo '<?xml version="1.0" encoding="'.get_option('blog_charset').'"?'.'>'; else printf(__('Comments for %s'), get_bloginfo_rss( 'name' ) . get_wp_title_rss()); ?></title> + <atom:link href="<?php bloginfo('comments_rss2_url') ?>" rel="self" type="application/rss+xml" /> <link><?php (is_single()) ? the_permalink_rss() : bloginfo_rss("url") ?></link> <description><?php bloginfo_rss("description") ?></description> <pubDate><?php echo gmdate('r'); ?></pubDate> - <generator>http://wordpress.org/?v=<?php echo $wp_version ?></generator> + <?php the_generator( 'rss2' ); ?> <?php do_action('commentsrss2_head'); ?> <?php if ( have_comments() ) : while ( have_comments() ) : the_comment(); diff --git a/wp-includes/feed-rss2.php b/wp-includes/feed-rss2.php index 21d9b8e..5b330ad 100644 --- a/wp-includes/feed-rss2.php +++ b/wp-includes/feed-rss2.php @@ -5,20 +5,21 @@ $more = 1; ?> <?php echo '<?xml version="1.0" encoding="'.get_option('blog_charset').'"?'.'>'; ?> -<!-- generator="wordpress/<?php bloginfo_rss('version') ?>" --> <rss version="2.0" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:wfw="http://wellformedweb.org/CommentAPI/" xmlns:dc="http://purl.org/dc/elements/1.1/" + xmlns:atom="http://www.w3.org/2005/Atom" <?php do_action('rss2_ns'); ?> > <channel> <title><?php bloginfo_rss('name'); wp_title_rss(); ?></title> + <atom:link href="<?php bloginfo('rss2_url') ?>" rel="self" type="application/rss+xml" /> <link><?php bloginfo_rss('url') ?></link> <description><?php bloginfo_rss("description") ?></description> <pubDate><?php echo mysql2date('D, d M Y H:i:s +0000', get_lastpostmodified('GMT'), false); ?></pubDate> - <generator>http://wordpress.org/?v=<?php bloginfo_rss('version'); ?></generator> + <?php the_generator( 'rss2' ); ?> <language><?php echo get_option('rss_language'); ?></language> <?php do_action('rss2_head'); ?> <?php while( have_posts()) : the_post(); ?> diff --git a/wp-includes/feed.php b/wp-includes/feed.php index 8f9219c..6b431b1 100644 --- a/wp-includes/feed.php +++ b/wp-includes/feed.php @@ -250,4 +250,47 @@ function atom_enclosure() { } } +/** + * prep_atom_text_construct() - determine if given string of data is + * type text, html, or xhtml, per RFC 4287 section 3.1. + * + * In the case of WordPress, text is defined as containing no markup, + * xhtml is defined as "well formed", and html as tag soup (i.e., the rest). + * + * Container div tags are added to xhtml values, per section 3.1.1.3. + * + * @package WordPress + * @subpackage Feed + * @since 2.4 + * + * @param string $data input string + * @return array $result array(type, value) + * @link http://www.atomenabled.org/developers/syndication/atom-format-spec.php#rfc.section.3.1 + */ +function prep_atom_text_construct($data) { + if (strpos($data, '<') === false && strpos($data, '&') === false) { + return array('text', $data); + } + + $parser = xml_parser_create(); + xml_parse($parser, '<div>' . $data . '</div>', true); + $code = xml_get_error_code($parser); + xml_parser_free($parser); + + if (!$code) { + if (strpos($data, '<') === false) { + return array('text', $data); + } else { + $data = "<div xmlns='http://www.w3.org/1999/xhtml'>$data</div>"; + return array('xhtml', $data); + } + } + + if (strpos($data, ']]>') == false) { + return array('html', "<![CDATA[$data]]>"); + } else { + return array('html', htmlspecialchars($data)); + } +} + ?> diff --git a/wp-includes/formatting.php b/wp-includes/formatting.php index a58aa88..2c95dbe 100644 --- a/wp-includes/formatting.php +++ b/wp-includes/formatting.php @@ -1087,7 +1087,7 @@ function wp_richedit_pre($text) { return apply_filters('richedit_pre', $output); } -function clean_url( $url, $protocols = null ) { +function clean_url( $url, $protocols = null, $context = 'display' ) { $original_url = $url; if ('' == $url) return $url; @@ -1103,13 +1103,20 @@ function clean_url( $url, $protocols = null ) { substr( $url, 0, 1 ) != '/' && !preg_match('/^[a-z0-9-]+?\.php/i', $url) ) $url = 'http://' . $url; - $url = preg_replace('/&([^#])(?![a-z]{2,8};)/', '&$1', $url); + // Replace ampersands ony when displaying. + if ( 'display' == $context ) + $url = preg_replace('/&([^#])(?![a-z]{2,8};)/', '&$1', $url); + if ( !is_array($protocols) ) $protocols = array('http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet'); if ( wp_kses_bad_protocol( $url, $protocols ) != $url ) return ''; - return apply_filters('clean_url', $url, $original_url); + return apply_filters('clean_url', $url, $original_url, $context); +} + +function sanitize_url( $url, $protocols = null ) { + return clean_url( $url, $protocols, 'db'); } // Borrowed from the PHP Manual user notes. Convert entities, while diff --git a/wp-includes/functions.php b/wp-includes/functions.php index 43a2ba9..0a241d6 100644 --- a/wp-includes/functions.php +++ b/wp-includes/functions.php @@ -1,11 +1,10 @@ <?php -function mysql2date($dateformatstring, $mysqlstring, $translate = true) { +function mysql2date( $dateformatstring, $mysqlstring, $translate = true ) { global $wp_locale; $m = $mysqlstring; - if ( empty($m) ) { + if ( empty( $m ) ) return false; - } $i = mktime( (int) substr( $m, 11, 2 ), (int) substr( $m, 14, 2 ), (int) substr( $m, 17, 2 ), (int) substr( $m, 5, 2 ), (int) substr( $m, 8, 2 ), (int) substr( $m, 0, 4 ) @@ -17,166 +16,173 @@ function mysql2date($dateformatstring, $mysqlstring, $translate = true) { if ( -1 == $i || false == $i ) $i = 0; - if ( !empty($wp_locale->month) && !empty($wp_locale->weekday) && $translate ) { - $datemonth = $wp_locale->get_month(date('m', $i)); - $datemonth_abbrev = $wp_locale->get_month_abbrev($datemonth); - $dateweekday = $wp_locale->get_weekday(date('w', $i)); - $dateweekday_abbrev = $wp_locale->get_weekday_abbrev($dateweekday); - $datemeridiem = $wp_locale->get_meridiem(date('a', $i)); - $datemeridiem_capital = $wp_locale->get_meridiem(date('A', $i)); - $dateformatstring = ' '.$dateformatstring; - $dateformatstring = preg_replace("/([^\\\])D/", "\\1".backslashit($dateweekday_abbrev), $dateformatstring); - $dateformatstring = preg_replace("/([^\\\])F/", "\\1".backslashit($datemonth), $dateformatstring); - $dateformatstring = preg_replace("/([^\\\])l/", "\\1".backslashit($dateweekday), $dateformatstring); - $dateformatstring = preg_replace("/([^\\\])M/", "\\1".backslashit($datemonth_abbrev), $dateformatstring); - $dateformatstring = preg_replace("/([^\\\])a/", "\\1".backslashit($datemeridiem), $dateformatstring); - $dateformatstring = preg_replace("/([^\\\])A/", "\\1".backslashit($datemeridiem_capital), $dateformatstring); - - $dateformatstring = substr($dateformatstring, 1, strlen($dateformatstring)-1); - } - $j = @date($dateformatstring, $i); - if ( !$j ) { - // for debug purposes - // echo $i." ".$mysqlstring; - } + if ( !empty( $wp_locale->month ) && !empty( $wp_locale->weekday ) && $translate ) { + $datemonth = $wp_locale->get_month( date( 'm', $i ) ); + $datemonth_abbrev = $wp_locale->get_month_abbrev( $datemonth ); + $dateweekday = $wp_locale->get_weekday( date( 'w', $i ) ); + $dateweekday_abbrev = $wp_locale->get_weekday_abbrev( $dateweekday ); + $datemeridiem = $wp_locale->get_meridiem( date( 'a', $i ) ); + $datemeridiem_capital = $wp_locale->get_meridiem( date( 'A', $i ) ); + $dateformatstring = ' ' . $dateformatstring; + $dateformatstring = preg_replace( "/([^\\\])D/", "\\1" . backslashit( $dateweekday_abbrev ), $dateformatstring ); + $dateformatstring = preg_replace( "/([^\\\])F/", "\\1" . backslashit( $datemonth ), $dateformatstring ); + $dateformatstring = preg_replace( "/([^\\\])l/", "\\1" . backslashit( $dateweekday ), $dateformatstring ); + $dateformatstring = preg_replace( "/([^\\\])M/", "\\1" . backslashit( $datemonth_abbrev ), $dateformatstring ); + $dateformatstring = preg_replace( "/([^\\\])a/", "\\1" . backslashit( $datemeridiem ), $dateformatstring ); + $dateformatstring = preg_replace( "/([^\\\])A/", "\\1" . backslashit( $datemeridiem_capital ), $dateformatstring ); + + $dateformatstring = substr( $dateformatstring, 1, strlen( $dateformatstring ) -1 ); + } + $j = @date( $dateformatstring, $i ); + + /* + if ( !$j ) // for debug purposes + echo $i." ".$mysqlstring; + */ + return $j; } -function current_time($type, $gmt = 0) { - switch ($type) { + +function current_time( $type, $gmt = 0 ) { + switch ( $type ) { case 'mysql': - if ( $gmt ) $d = gmdate('Y-m-d H:i:s'); - else $d = gmdate('Y-m-d H:i:s', (time() + (get_option('gmt_offset') * 3600))); - return $d; + return ( $gmt ) ? gmdate( 'Y-m-d H:i:s' ) : gmdate( 'Y-m-d H:i:s', ( time() + ( get_option( 'gmt_offset' ) * 3600 ) ) ); break; case 'timestamp': - if ( $gmt ) $d = time(); - else $d = time() + (get_option('gmt_offset') * 3600); - return $d; + return ( $gmt ) ? time() : time() + ( get_option( 'gmt_offset' ) * 3600 ); break; } } -function date_i18n($dateformatstring, $unixtimestamp) { + +function date_i18n( $dateformatstring, $unixtimestamp ) { global $wp_locale; $i = $unixtimestamp; - if ( (!empty($wp_locale->month)) && (!empty($wp_locale->weekday)) ) { - $datemonth = $wp_locale->get_month(date('m', $i)); - $datemonth_abbrev = $wp_locale->get_month_abbrev($datemonth); - $dateweekday = $wp_locale->get_weekday(date('w', $i)); - $dateweekday_abbrev = $wp_locale->get_weekday_abbrev($dateweekday); - $datemeridiem = $wp_locale->get_meridiem(date('a', $i)); - $datemeridiem_capital = $wp_locale->get_meridiem(date('A', $i)); + if ( ( !empty( $wp_locale->month ) ) && ( !empty( $wp_locale->weekday ) ) ) { + $datemonth = $wp_locale->get_month( date( 'm', $i ) ); + $datemonth_abbrev = $wp_locale->get_month_abbrev( $datemonth ); + $dateweekday = $wp_locale->get_weekday( date( 'w', $i ) ); + $dateweekday_abbrev = $wp_locale->get_weekday_abbrev( $dateweekday ); + $datemeridiem = $wp_locale->get_meridiem( date( 'a', $i ) ); + $datemeridiem_capital = $wp_locale->get_meridiem( date( 'A', $i ) ); $dateformatstring = ' '.$dateformatstring; - $dateformatstring = preg_replace("/([^\\\])D/", "\\1".backslashit($dateweekday_abbrev), $dateformatstring); - $dateformatstring = preg_replace("/([^\\\])F/", "\\1".backslashit($datemonth), $dateformatstring); - $dateformatstring = preg_replace("/([^\\\])l/", "\\1".backslashit($dateweekday), $dateformatstring); - $dateformatstring = preg_replace("/([^\\\])M/", "\\1".backslashit($datemonth_abbrev), $dateformatstring); - $dateformatstring = preg_replace("/([^\\\])a/", "\\1".backslashit($datemeridiem), $dateformatstring); - $dateformatstring = preg_replace("/([^\\\])A/", "\\1".backslashit($datemeridiem_capital), $dateformatstring); - - $dateformatstring = substr($dateformatstring, 1, strlen($dateformatstring)-1); + $dateformatstring = preg_replace( "/([^\\\])D/", "\\1" . backslashit( $dateweekday_abbrev ), $dateformatstring ); + $dateformatstring = preg_replace( "/([^\\\])F/", "\\1" . backslashit( $datemonth ), $dateformatstring ); + $dateformatstring = preg_replace( "/([^\\\])l/", "\\1" . backslashit( $dateweekday ), $dateformatstring ); + $dateformatstring = preg_replace( "/([^\\\])M/", "\\1" . backslashit( $datemonth_abbrev ), $dateformatstring ); + $dateformatstring = preg_replace( "/([^\\\])a/", "\\1" . backslashit( $datemeridiem ), $dateformatstring ); + $dateformatstring = preg_replace( "/([^\\\])A/", "\\1" . backslashit( $datemeridiem_capital ), $dateformatstring ); + + $dateformatstring = substr( $dateformatstring, 1, strlen( $dateformatstring ) -1 ); } - $j = @date($dateformatstring, $i); + $j = @date( $dateformatstring, $i ); return $j; } -function number_format_i18n($number, $decimals = null) { + +function number_format_i18n( $number, $decimals = null ) { global $wp_locale; // let the user override the precision only - $decimals = is_null($decimals)? $wp_locale->number_format['decimals'] : intval($decimals); + $decimals = ( is_null( $decimals ) ) ? $wp_locale->number_format['decimals'] : intval( $decimals ); - return number_format($number, $decimals, $wp_locale->number_format['decimal_point'], $wp_locale->number_format['thousands_sep']); + return number_format( $number, $decimals, $wp_locale->number_format['decimal_point'], $wp_locale->number_format['thousands_sep'] ); } -function size_format($bytes, $decimals = null) { + +function size_format( $bytes, $decimals = null ) { // technically the correct unit names for powers of 1024 are KiB, MiB etc // see http://en.wikipedia.org/wiki/Byte $quant = array( - 'TB' => pow(1024, 4), - 'GB' => pow(1024, 3), - 'MB' => pow(1024, 2), - 'kB' => pow(1024, 1), - 'B' => pow(1024, 0), + // ========================= Origin ==== + 'TB' => 1099511627776, // pow( 1024, 4) + 'GB' => 1073741824, // pow( 1024, 3) + 'MB' => 1048576, // pow( 1024, 2) + 'kB' => 1024, // pow( 1024, 1) + 'B ' => 1, // pow( 1024, 0) ); - foreach ($quant as $unit => $mag) - if ( intval($bytes) >= $mag ) - return number_format_i18n($bytes / $mag, $decimals) . ' ' . $unit; + foreach ( $quant as $unit => $mag ) + if ( intval( $bytes ) >= $mag ) + return number_format_i18n( $bytes / $mag, $decimals ) . ' ' . $unit; } -function get_weekstartend($mysqlstring, $start_of_week) { - $my = substr($mysqlstring,0,4); - $mm = substr($mysqlstring,8,2); - $md = substr($mysqlstring,5,2); - $day = mktime(0,0,0, $md, $mm, $my); - $weekday = date('w',$day); + +function get_weekstartend( $mysqlstring, $start_of_week ) { + $my = substr( $mysqlstring, 0, 4 ); + $mm = substr( $mysqlstring, 8, 2 ); + $md = substr( $mysqlstring, 5, 2 ); + $day = mktime( 0, 0, 0, $md, $mm, $my ); + $weekday = date( 'w', $day ); $i = 86400; - if ( $weekday < get_option('start_of_week') ) - $weekday = 7 - (get_option('start_of_week') - $weekday); + if ( $weekday < get_option( 'start_of_week' ) ) + $weekday = 7 - ( get_option( 'start_of_week' ) - $weekday ); - while ($weekday > get_option('start_of_week')) { - $weekday = date('w',$day); - if ( $weekday < get_option('start_of_week') ) - $weekday = 7 - (get_option('start_of_week') - $weekday); + while ( $weekday > get_option( 'start_of_week' ) ) { + $weekday = date( 'w', $day ); + if ( $weekday < get_option( 'start_of_week' ) ) + $weekday = 7 - ( get_option( 'start_of_week' ) - $weekday ); $day = $day - 86400; $i = 0; } $week['start'] = $day + 86400 - $i; - // $week['end'] = $day - $i + 691199; $week['end'] = $week['start'] + 604799; return $week; } -function maybe_unserialize($original) { - if ( is_serialized($original) ) // don't attempt to unserialize data that wasn't serialized going in - if ( false !== $gm = @ unserialize($original) ) + +function maybe_unserialize( $original ) { + if ( is_serialized( $original ) ) // don't attempt to unserialize data that wasn't serialized going in + if ( false !== $gm = @unserialize( $original ) ) return $gm; return $original; } -function is_serialized($data) { + +function is_serialized( $data ) { // if it isn't a string, it isn't serialized - if ( !is_string($data) ) + if ( !is_string( $data ) ) return false; - $data = trim($data); + $data = trim( $data ); if ( 'N;' == $data ) return true; - if ( !preg_match('/^([adObis]):/', $data, $badions) ) + if ( !preg_match( '/^([adObis]):/', $data, $badions ) ) return false; - switch ( $badions[1] ) : - case 'a' : - case 'O' : - case 's' : - if ( preg_match("/^{$badions[1]}:[0-9]+:.*[;}]\$/s", $data) ) - return true; - break; - case 'b' : - case 'i' : - case 'd' : - if ( preg_match("/^{$badions[1]}:[0-9.E-]+;\$/", $data) ) - return true; - break; - endswitch; + switch ( $badions[1] ) { + case 'a' : + case 'O' : + case 's' : + if ( preg_match( "/^{$badions[1]}:[0-9]+:.*[;}]\$/s", $data ) ) + return true; + break; + case 'b' : + case 'i' : + case 'd' : + if ( preg_match( "/^{$badions[1]}:[0-9.E-]+;\$/", $data ) ) + return true; + break; + } return false; } -function is_serialized_string($data) { + +function is_serialized_string( $data ) { // if it isn't a string, it isn't a serialized string - if ( !is_string($data) ) + if ( !is_string( $data ) ) return false; - $data = trim($data); - if ( preg_match('/^s:[0-9]+:.*;$/s',$data) ) // this should fetch all serialized strings + $data = trim( $data ); + if ( preg_match( '/^s:[0-9]+:.*;$/s', $data ) ) // this should fetch all serialized strings return true; return false; } + /* Options functions */ // expects $setting to already be SQL-escaped -function get_option($setting) { +function get_option( $setting ) { global $wpdb, $switched, $current_blog; // Allow plugins to short-circuit options. @@ -191,30 +197,31 @@ function get_option($setting) { } // prevent non-existent options from triggering multiple queries - $notoptions = wp_cache_get('notoptions', 'options'); - if ( isset($notoptions[$setting]) ) + $notoptions = wp_cache_get( 'notoptions', 'options' ); + if ( isset( $notoptions[$setting] ) ) return false; $alloptions = wp_load_alloptions(); - if ( isset($alloptions[$setting]) ) { + if ( isset( $alloptions[$setting] ) ) { $value = $alloptions[$setting]; } else { - $value = wp_cache_get($setting, 'options'); + $value = wp_cache_get( $setting, 'options' ); if ( false === $value ) { - if ( defined('WP_INSTALLING') ) + if ( defined( 'WP_INSTALLING' ) ) $wpdb->hide_errors(); - $row = $wpdb->get_row("SELECT option_value FROM $wpdb->options WHERE option_name = '$setting' LIMIT 1"); - if ( defined('WP_INSTALLING') ) + // expected_slashed ($setting) + $row = $wpdb->get_row( "SELECT option_value FROM $wpdb->options WHERE option_name = '$setting' LIMIT 1" ); + if ( defined( 'WP_INSTALLING' ) ) $wpdb->show_errors(); - if( is_object( $row) ) { // Has to be get_row instead of get_var because of funkiness with 0, false, null values + if ( is_object( $row) ) { // Has to be get_row instead of get_var because of funkiness with 0, false, null values $value = $row->option_value; - wp_cache_add($setting, $value, 'options'); + wp_cache_add( $setting, $value, 'options' ); } else { // option does not exist, so we must cache its non-existence $notoptions[$setting] = true; - wp_cache_set('notoptions', $notoptions, 'options'); + wp_cache_set( 'notoptions', $notoptions, 'options' ); return false; } } @@ -222,283 +229,277 @@ function get_option($setting) { // If home is not set use siteurl. if ( 'home' == $setting && '' == $value ) - return get_option('siteurl'); + return get_option( 'siteurl' ); - if ( in_array($setting, array('siteurl', 'home', 'category_base', 'tag_base')) ) - $value = untrailingslashit($value); + if ( in_array( $setting, array('siteurl', 'home', 'category_base', 'tag_base') ) ) + $value = untrailingslashit( $value ); - if (! unserialize($value) ) - $value = stripslashes( $value ); - - return apply_filters( 'option_' . $setting, maybe_unserialize($value) ); + return apply_filters( 'option_' . $setting, maybe_unserialize( $value ) ); } -function wp_protect_special_option($option) { - $protected = array('alloptions', 'notoptions'); - if ( in_array($option, $protected) ) - die(sprintf(__('%s is a protected WP option and may not be modified'), wp_specialchars($option))); + +function wp_protect_special_option( $option ) { + $protected = array( 'alloptions', 'notoptions' ); + if ( in_array( $option, $protected ) ) + die( sprintf( __( '%s is a protected WP option and may not be modified' ), wp_specialchars( $option ) ) ); } -function form_option($option) { - echo attribute_escape(get_option($option)); +function form_option( $option ) { + echo attribute_escape (get_option( $option ) ); } function get_alloptions() { global $wpdb, $wp_queries; $wpdb->hide_errors(); - if ( !$options = $wpdb->get_results("SELECT option_name, option_value FROM $wpdb->options WHERE autoload = 'yes'") ) { - $options = $wpdb->get_results("SELECT option_name, option_value FROM $wpdb->options"); - } + if ( !$options = $wpdb->get_results( "SELECT option_name, option_value FROM $wpdb->options WHERE autoload = 'yes'" ) ) + $options = $wpdb->get_results( "SELECT option_name, option_value FROM $wpdb->options" ); $wpdb->show_errors(); - foreach ($options as $option) { + foreach ( $options as $option ) { // "When trying to design a foolproof system, // never underestimate the ingenuity of the fools :)" -- Dougal - if ( 'siteurl' == $option->option_name ) - $option->option_value = preg_replace('|/+$|', '', $option->option_value); - if ( 'home' == $option->option_name ) - $option->option_value = preg_replace('|/+$|', '', $option->option_value); - if ( 'category_base' == $option->option_name ) - $option->option_value = preg_replace('|/+$|', '', $option->option_value); - $value = maybe_unserialize($option->option_value); - $all_options->{$option->option_name} = apply_filters('pre_option_' . $option->option_name, $value); + if ( in_array( $option->option_name, array( 'siteurl', 'home', 'category_base' ) ) ) + $option->option_value = untrailingslashit( $option->option_value ); + $value = maybe_unserialize( $option->option_value ); + $all_options->{$option->option_name} = apply_filters( 'pre_option_' . $option->option_name, $value ); } - return apply_filters('all_options', $all_options); + return apply_filters( 'all_options', $all_options ); } + function wp_load_alloptions() { global $wpdb; - $alloptions = wp_cache_get('alloptions', 'options'); + $alloptions = wp_cache_get( 'alloptions', 'options' ); if ( !$alloptions ) { $wpdb->hide_errors(); - if ( !$alloptions_db = $wpdb->get_results("SELECT option_name, option_value FROM $wpdb->options WHERE autoload = 'yes'") ) - $alloptions_db = $wpdb->get_results("SELECT option_name, option_value FROM $wpdb->options"); + if ( !$alloptions_db = $wpdb->get_results( "SELECT option_name, option_value FROM $wpdb->options WHERE autoload = 'yes'" ) ) + $alloptions_db = $wpdb->get_results( "SELECT option_name, option_value FROM $wpdb->options" ); $wpdb->show_errors(); $alloptions = array(); foreach ( (array) $alloptions_db as $o ) $alloptions[$o->option_name] = $o->option_value; - wp_cache_add('alloptions', $alloptions, 'options'); + wp_cache_add( 'alloptions', $alloptions, 'options' ); } return $alloptions; } + // expects $option_name to NOT be SQL-escaped -function update_option($option_name, $newvalue) { +function update_option( $option_name, $newvalue ) { global $wpdb; - wp_protect_special_option($option_name); + wp_protect_special_option( $option_name ); - $safe_option_name = $wpdb->escape($option_name); - $newvalue = sanitize_option($option_name, $newvalue); + $safe_option_name = $wpdb->escape( $option_name ); + $newvalue = sanitize_option( $option_name, $newvalue ); - if ( is_string($newvalue) ) - $newvalue = trim($newvalue); + // Likely legacy -- can we drop this? + if ( is_string( $newvalue ) ) + $newvalue = trim( $newvalue ); // If the new and old values are the same, no need to update. - $oldvalue = get_option($safe_option_name); - if ( $newvalue === $oldvalue ) { + $oldvalue = get_option( $safe_option_name ); + if ( $newvalue === $oldvalue ) return false; - } if ( false === $oldvalue ) { - add_option($option_name, $newvalue); + add_option( $option_name, $newvalue ); return true; } - $notoptions = wp_cache_get('notoptions', 'options'); - if ( is_array($notoptions) && isset($notoptions[$option_name]) ) { - unset($notoptions[$option_name]); - wp_cache_set('notoptions', $notoptions, 'options'); + $notoptions = wp_cache_get( 'notoptions', 'options' ); + if ( is_array( $notoptions ) && isset( $notoptions[$option_name] ) ) { + unset( $notoptions[$option_name] ); + wp_cache_set( 'notoptions', $notoptions, 'options' ); } $_newvalue = $newvalue; - $newvalue = maybe_serialize($newvalue); + $newvalue = maybe_serialize( $newvalue ); $alloptions = wp_load_alloptions(); - if ( isset($alloptions[$option_name]) ) { + if ( isset( $alloptions[$option_name] ) ) { $alloptions[$option_name] = $newvalue; - wp_cache_set('alloptions', $alloptions, 'options'); + wp_cache_set( 'alloptions', $alloptions, 'options' ); } else { - wp_cache_set($option_name, $newvalue, 'options'); + wp_cache_set( $option_name, $newvalue, 'options' ); } - $newvalue = $wpdb->escape($newvalue); - $option_name = $wpdb->escape($option_name); - $wpdb->query("UPDATE $wpdb->options SET option_value = '$newvalue' WHERE option_name = '$option_name'"); + $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->options SET option_value = %s WHERE option_name = %s", $newvalue, $option_name ) ); if ( $wpdb->rows_affected == 1 ) { - do_action("update_option_{$option_name}", $oldvalue, $_newvalue); + do_action( "update_option_{$option_name}", $oldvalue, $_newvalue ); return true; } return false; } + // thx Alex Stapleton, http://alex.vort-x.net/blog/ // expects $name to NOT be SQL-escaped -function add_option($name, $value = '', $deprecated = '', $autoload = 'yes') { +function add_option( $name, $value = '', $deprecated = '', $autoload = 'yes' ) { global $wpdb; - wp_protect_special_option($name); - $safe_name = $wpdb->escape($name); + wp_protect_special_option( $name ); + $safe_name = $wpdb->escape( $name ); // Make sure the option doesn't already exist. We can check the 'notoptions' cache before we ask for a db query - $notoptions = wp_cache_get('notoptions', 'options'); - if ( !is_array($notoptions) || !isset($notoptions[$name]) ) - if ( false !== get_option($safe_name) ) + $notoptions = wp_cache_get( 'notoptions', 'options' ); + if ( !is_array( $notoptions ) || !isset( $notoptions[$name] ) ) + if ( false !== get_option( $safe_name ) ) return; - $value = maybe_serialize($value); + $value = maybe_serialize( $value ); $autoload = ( 'no' === $autoload ) ? 'no' : 'yes'; if ( 'yes' == $autoload ) { $alloptions = wp_load_alloptions(); $alloptions[$name] = $value; - wp_cache_set('alloptions', $alloptions, 'options'); + wp_cache_set( 'alloptions', $alloptions, 'options' ); } else { - wp_cache_set($name, $value, 'options'); + wp_cache_set( $name, $value, 'options' ); } // This option exists now - $notoptions = wp_cache_get('notoptions', 'options'); // yes, again... we need it to be fresh - if ( is_array($notoptions) && isset($notoptions[$name]) ) { - unset($notoptions[$name]); - wp_cache_set('notoptions', $notoptions, 'options'); + $notoptions = wp_cache_get( 'notoptions', 'options' ); // yes, again... we need it to be fresh + if ( is_array( $notoptions ) && isset( $notoptions[$name] ) ) { + unset( $notoptions[$name] ); + wp_cache_set( 'notoptions', $notoptions, 'options' ); } - $name = $wpdb->escape($name); - $value = $wpdb->escape($value); - $wpdb->query("INSERT INTO $wpdb->options (option_name, option_value, autoload) VALUES ('$name', '$value', '$autoload')"); + $wpdb->query( $wpdb->prepare( "INSERT INTO $wpdb->options (option_name, option_value, autoload) VALUES (%s, %s, %s)", $name, $value, $autoload ) ); return; } -function delete_option($name) { + +function delete_option( $name ) { global $wpdb; - wp_protect_special_option($name); + wp_protect_special_option( $name ); // Get the ID, if no ID then return - $option = $wpdb->get_row("SELECT option_id, autoload FROM $wpdb->options WHERE option_name = '$name'"); - if ( !$option->option_id ) return false; - $wpdb->query("DELETE FROM $wpdb->options WHERE option_name = '$name'"); + // expected_slashed ($name) + $option = $wpdb->get_row( "SELECT option_id, autoload FROM $wpdb->options WHERE option_name = '$name'" ); + if ( !$option->option_id ) + return false; + // expected_slashed ($name) + $wpdb->query( "DELETE FROM $wpdb->options WHERE option_name = '$name'" ); if ( 'yes' == $option->autoload ) { $alloptions = wp_load_alloptions(); - if ( isset($alloptions[$name]) ) { - unset($alloptions[$name]); - wp_cache_set('alloptions', $alloptions, 'options'); + if ( isset( $alloptions[$name] ) ) { + unset( $alloptions[$name] ); + wp_cache_set( 'alloptions', $alloptions, 'options' ); } } else { - wp_cache_delete($name, 'options'); + wp_cache_delete( $name, 'options' ); } return true; } -function maybe_serialize($data) { - if ( is_string($data) ) - $data = trim($data); - elseif ( is_array($data) || is_object($data) ) - return serialize($data); - if ( is_serialized($data) ) - return serialize($data); + +function maybe_serialize( $data ) { + if ( is_string( $data ) ) + $data = trim( $data ); + elseif ( is_array( $data ) || is_object( $data ) ) + return serialize( $data ); + if ( is_serialized( $data ) ) + return serialize( $data ); return $data; } -function gzip_compression() { - if ( !get_option( 'gzipcompression' ) ) { - return false; - } - if ( ( ini_get( 'zlib.output_compression' ) == 'On' || ini_get( 'zlib.output_compression_level' ) > 0 ) || ini_get( 'output_handler' ) == 'ob_gzhandler' ) { +function gzip_compression() { + if ( !get_option( 'gzipcompression' ) || ini_get( 'zlib.output_compression' ) == 'On' || ini_get( 'zlib.output_compression_level' ) > 0 || ini_get( 'output_handler' ) == 'ob_gzhandler' || !extension_loaded( 'zlib' ) ) return false; - } - - if ( extension_loaded( 'zlib' ) ) { - ob_start( 'ob_gzhandler' ); - } + ob_start( 'ob_gzhandler' ); } -function make_url_footnote($content) { - preg_match_all('/<a(.+?)href=\"(.+?)\"(.*?)>(.+?)<\/a>/', $content, $matches); + +function make_url_footnote( $content ) { + preg_match_all( '/<a(.+?)href=\"(.+?)\"(.*?)>(.+?)<\/a>/', $content, $matches ); $j = 0; - for ($i=0; $i<count($matches[0]); $i++) { - $links_summary = (!$j) ? "\n" : $links_summary; + for ( $i=0; $i<count($matches[0]); $i++ ) { + $links_summary = ( !$j ) ? "\n" : $links_summary; $j++; $link_match = $matches[0][$i]; $link_number = '['.($i+1).']'; $link_url = $matches[2][$i]; $link_text = $matches[4][$i]; - $content = str_replace($link_match, $link_text.' '.$link_number, $content); - $link_url = ((strtolower(substr($link_url,0,7)) != 'http://') && (strtolower(substr($link_url,0,8)) != 'https://')) ? get_option('home') . $link_url : $link_url; - $links_summary .= "\n".$link_number.' '.$link_url; + $content = str_replace( $link_match, $link_text . ' ' . $link_number, $content ); + $link_url = ( ( strtolower( substr( $link_url, 0, 7 ) ) != 'http://' ) && ( strtolower( substr( $link_url, 0, 8 ) ) != 'https://' ) ) ? get_option( 'home' ) . $link_url : $link_url; + $links_summary .= "\n" . $link_number . ' ' . $link_url; } - $content = strip_tags($content); + $content = strip_tags( $content ); $content .= $links_summary; return $content; } -function xmlrpc_getposttitle($content) { +function xmlrpc_getposttitle( $content ) { global $post_default_title; - if ( preg_match('/<title>(.+?)<\/title>/is', $content, $matchtitle) ) { + if ( preg_match( '/<title>(.+?)<\/title>/is', $content, $matchtitle ) ) { $post_title = $matchtitle[0]; - $post_title = preg_replace('/<title>/si', '', $post_title); - $post_title = preg_replace('/<\/title>/si', '', $post_title); + $post_title = preg_replace( '/<title>/si', '', $post_title ); + $post_title = preg_replace( '/<\/title>/si', '', $post_title ); } else { $post_title = $post_default_title; } return $post_title; } -function xmlrpc_getpostcategory($content) { + +function xmlrpc_getpostcategory( $content ) { global $post_default_category; - if ( preg_match('/<category>(.+?)<\/category>/is', $content, $matchcat) ) { - $post_category = trim($matchcat[1], ','); - $post_category = explode(',', $post_category); + if ( preg_match( '/<category>(.+?)<\/category>/is', $content, $matchcat ) ) { + $post_category = trim( $matchcat[1], ',' ); + $post_category = explode( ',', $post_category ); } else { $post_category = $post_default_category; } return $post_category; } -function xmlrpc_removepostdata($content) { - $content = preg_replace('/<title>(.+?)<\/title>/si', '', $content); - $content = preg_replace('/<category>(.+?)<\/category>/si', '', $content); - $content = trim($content); + +function xmlrpc_removepostdata( $content ) { + $content = preg_replace( '/<title>(.+?)<\/title>/si', '', $content ); + $content = preg_replace( '/<category>(.+?)<\/category>/si', '', $content ); + $content = trim( $content ); return $content; } -function debug_fopen($filename, $mode) { + +function debug_fopen( $filename, $mode ) { global $debug; - if ( $debug == 1 ) { - $fp = fopen($filename, $mode); + if ( 1 == $debug ) { + $fp = fopen( $filename, $mode ); return $fp; } else { return false; } } -function debug_fwrite($fp, $string) { + +function debug_fwrite( $fp, $string ) { global $debug; - if ( $debug == 1 ) { - fwrite($fp, $string); - } + if ( 1 == $debug ) + fwrite( $fp, $string ); } -function debug_fclose($fp) { + +function debug_fclose( $fp ) { global $debug; - if ( $debug == 1 ) { - fclose($fp); - } + if ( 1 == $debug ) + fclose( $fp ); } function do_enclose( $content, $post_ID ) { global $wp_version, $wpdb; - include_once (ABSPATH . WPINC . '/class-IXR.php'); + include_once( ABSPATH . WPINC . '/class-IXR.php' ); - $log = debug_fopen(ABSPATH . 'enclosures.log', 'a'); + $log = debug_fopen( ABSPATH . 'enclosures.log', 'a' ); $post_links = array(); - debug_fwrite($log, 'BEGIN '.date('YmdHis', time())."\n"); + debug_fwrite( $log, 'BEGIN ' . date( 'YmdHis', time() ) . "\n" ); $pung = get_enclosed( $post_ID ); @@ -507,37 +508,38 @@ function do_enclose( $content, $post_ID ) { $punc = '.:?\-'; $any = $ltrs . $gunk . $punc; - preg_match_all("{\b http : [$any] +? (?= [$punc] * [^$any] | $)}x", $content, $post_links_temp); + preg_match_all( "{\b http : [$any] +? (?= [$punc] * [^$any] | $)}x", $content, $post_links_temp ); - debug_fwrite($log, 'Post contents:'); - debug_fwrite($log, $content."\n"); + debug_fwrite( $log, 'Post contents:' ); + debug_fwrite( $log, $content . "\n" ); - foreach($post_links_temp[0] as $link_test) : - if ( !in_array($link_test, $pung) ) : // If we haven't pung it already - $test = parse_url($link_test); - if ( isset($test['query']) ) + foreach ( $post_links_temp[0] as $link_test ) { + if ( !in_array( $link_test, $pung ) ) { // If we haven't pung it already + $test = parse_url( $link_test ); + if ( isset( $test['query'] ) ) $post_links[] = $link_test; - elseif (($test['path'] != '/') && ($test['path'] != '')) + elseif ( $test['path'] != '/' && $test['path'] != '' ) $post_links[] = $link_test; - endif; - endforeach; + } + } - foreach ($post_links as $url) : - if ( $url != '' && !$wpdb->get_var("SELECT post_id FROM $wpdb->postmeta WHERE post_id = '$post_ID' AND meta_key = 'enclosure' AND meta_value LIKE ('$url%')") ) { + foreach ( $post_links as $url ) { + if ( $url != '' && !$wpdb->get_var( $wpdb->prepare( "SELECT post_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = 'enclosure' AND meta_value LIKE (%s)", $post_ID, $url . '%' ) ) ) { if ( $headers = wp_get_http_headers( $url) ) { $len = (int) $headers['content-length']; $type = $wpdb->escape( $headers['content-type'] ); $allowed_types = array( 'video', 'audio' ); if ( in_array( substr( $type, 0, strpos( $type, "/" ) ), $allowed_types ) ) { $meta_value = "$url\n$len\n$type\n"; - $wpdb->query( "INSERT INTO `$wpdb->postmeta` ( `post_id` , `meta_key` , `meta_value` ) - VALUES ( '$post_ID', 'enclosure' , '$meta_value')" ); + $wpdb->query( $wpdb->prepare( "INSERT INTO `$wpdb->postmeta` ( `post_id` , `meta_key` , `meta_value` ) + VALUES ( %d, 'enclosure' , %s)", $post_ID, $meta_value ) ); } } } - endforeach; + } } + function wp_get_http_headers( $url, $red = 1 ) { global $wp_version; @set_time_limit( 60 ); @@ -546,14 +548,14 @@ function wp_get_http_headers( $url, $red = 1 ) { return false; $parts = parse_url( $url ); - $file = $parts['path'] . ($parts['query'] ? '?'.$parts['query'] : ''); + $file = $parts['path'] . ( ( $parts['query'] ) ? '?' . $parts['query'] : '' ); $host = $parts['host']; if ( !isset( $parts['port'] ) ) $parts['port'] = 80; $head = "HEAD $file HTTP/1.1\r\nHOST: $host\r\nUser-Agent: WordPress/" . $wp_version . "\r\n\r\n"; - $fp = @fsockopen($host, $parts['port'], $err_num, $err_msg, 3); + $fp = @fsockopen( $host, $parts['port'], $err_num, $err_msg, 3 ); if ( !$fp ) return false; @@ -562,36 +564,38 @@ function wp_get_http_headers( $url, $red = 1 ) { while ( !feof( $fp ) && strpos( $response, "\r\n\r\n" ) == false ) $response .= fgets( $fp, 2048 ); fclose( $fp ); - preg_match_all('/(.*?): (.*)\r/', $response, $matches); - $count = count($matches[1]); - for ( $i = 0; $i < $count; $i++) { - $key = strtolower($matches[1][$i]); + preg_match_all( '/(.*?): (.*)\r/', $response, $matches ); + $count = count( $matches[1] ); + for ( $i = 0; $i < $count; $i++ ) { + $key = strtolower( $matches[1][$i] ); $headers["$key"] = $matches[2][$i]; } - preg_match('/.*([0-9]{3}).*/', $response, $return); + preg_match( '/.*([0-9]{3}).*/', $response, $return ); $headers['response'] = $return[1]; // HTTP response code eg 204, 200, 404 $code = $headers['response']; - if ( ('302' == $code || '301' == $code) && isset($headers['location']) ) + if ( ( '302' == $code || '301' == $code ) && isset( $headers['location'] ) ) return wp_get_http_headers( $headers['location'], ++$red ); return $headers; } + function is_new_day() { global $day, $previousday; - if ( $day != $previousday ) { - return(1); - } else { - return(0); - } + if ( $day != $previousday ) + return 1; + else + return 0; } -function build_query($data) { - return _http_build_query($data, NULL, '&', '', false); + +function build_query( $data ) { + return _http_build_query( $data, NULL, '&', '', false ); } + /* add_query_arg: Returns a modified querystring by adding a single key & value or an associative array. @@ -604,40 +608,40 @@ add_query_arg(associative_array, oldquery_or_uri) */ function add_query_arg() { $ret = ''; - if ( is_array(func_get_arg(0)) ) { - if ( @func_num_args() < 2 || false === @func_get_arg(1) ) + if ( is_array( func_get_arg(0) ) ) { + if ( @func_num_args() < 2 || false === @func_get_arg( 1 ) ) $uri = $_SERVER['REQUEST_URI']; else - $uri = @func_get_arg(1); + $uri = @func_get_arg( 1 ); } else { - if ( @func_num_args() < 3 || false === @func_get_arg(2) ) + if ( @func_num_args() < 3 || false === @func_get_arg( 2 ) ) $uri = $_SERVER['REQUEST_URI']; else - $uri = @func_get_arg(2); + $uri = @func_get_arg( 2 ); } - if ( $frag = strstr($uri, '#') ) - $uri = substr($uri, 0, -strlen($frag)); + if ( $frag = strstr( $uri, '#' ) ) + $uri = substr( $uri, 0, -strlen( $frag ) ); else $frag = ''; - if ( preg_match('|^https?://|i', $uri, $matches) ) { + if ( preg_match( '|^https?://|i', $uri, $matches ) ) { $protocol = $matches[0]; - $uri = substr($uri, strlen($protocol)); + $uri = substr( $uri, strlen( $protocol ) ); } else { $protocol = ''; } - if (strpos($uri, '?') !== false) { - $parts = explode('?', $uri, 2); - if ( 1 == count($parts) ) { + if ( strpos( $uri, '?' ) !== false ) { + $parts = explode( '?', $uri, 2 ); + if ( 1 == count( $parts ) ) { $base = '?'; $query = $parts[0]; } else { $base = $parts[0] . '?'; $query = $parts[1]; } - } elseif (!empty($protocol) || strpos($uri, '=') === false ) { + } elseif ( !empty( $protocol ) || strpos( $uri, '=' ) === false ) { $base = $uri . '?'; $query = ''; } else { @@ -645,28 +649,29 @@ function add_query_arg() { $query = $uri; } - wp_parse_str($query, $qs); - $qs = urlencode_deep($qs); // this re-URL-encodes things that were already in the query string - if ( is_array(func_get_arg(0)) ) { - $kayvees = func_get_arg(0); - $qs = array_merge($qs, $kayvees); + wp_parse_str( $query, $qs ); + $qs = urlencode_deep( $qs ); // this re-URL-encodes things that were already in the query string + if ( is_array( func_get_arg( 0 ) ) ) { + $kayvees = func_get_arg( 0 ); + $qs = array_merge( $qs, $kayvees ); } else { - $qs[func_get_arg(0)] = func_get_arg(1); + $qs[func_get_arg( 0 )] = func_get_arg( 1 ); } foreach ( $qs as $k => $v ) { if ( $v === false ) - unset($qs[$k]); + unset( $qs[$k] ); } - $ret = build_query($qs); - $ret = trim($ret, '?'); - $ret = preg_replace('#=(&|$)#', '$1', $ret); + $ret = build_query( $qs ); + $ret = trim( $ret, '?' ); + $ret = preg_replace( '#=(&|$)#', '$1', $ret ); $ret = $protocol . $base . $ret . $frag; - $ret = rtrim($ret, '?'); + $ret = rtrim( $ret, '?' ); return $ret; } + /* remove_query_arg: Returns a modified querystring by removing a single key or an array of keys. @@ -677,23 +682,24 @@ remove_query_arg(removekey, [oldquery_or_uri]) or remove_query_arg(removekeyarray, [oldquery_or_uri]) */ -function remove_query_arg($key, $query=FALSE) { - if ( is_array($key) ) { // removing multiple keys +function remove_query_arg( $key, $query=FALSE ) { + if ( is_array( $key ) ) { // removing multiple keys foreach ( (array) $key as $k ) - $query = add_query_arg($k, FALSE, $query); + $query = add_query_arg( $k, FALSE, $query ); return $query; } - return add_query_arg($key, FALSE, $query); + return add_query_arg( $key, FALSE, $query ); } -function add_magic_quotes($array) { + +function add_magic_quotes( $array ) { global $wpdb; - foreach ($array as $k => $v) { - if ( is_array($v) ) { - $array[$k] = add_magic_quotes($v); + foreach ( $array as $k => $v ) { + if ( is_array( $v ) ) { + $array[$k] = add_magic_quotes( $v ); } else { - $array[$k] = $wpdb->escape($v); + $array[$k] = $wpdb->escape( $v ); } } return $array; @@ -701,51 +707,55 @@ function add_magic_quotes($array) { function wp_remote_fopen( $uri ) { $timeout = 10; - $parsed_url = @parse_url($uri); + $parsed_url = @parse_url( $uri ); - if ( !$parsed_url || !is_array($parsed_url) ) + if ( !$parsed_url || !is_array( $parsed_url ) ) return false; - if ( !isset($parsed_url['scheme']) || !in_array($parsed_url['scheme'], array('http','https')) ) + if ( !isset( $parsed_url['scheme'] ) || !in_array( $parsed_url['scheme'], array( 'http','https' ) ) ) $uri = 'http://' . $uri; - if ( ini_get('allow_url_fopen') ) { + if ( ini_get( 'allow_url_fopen' ) ) { $fp = @fopen( $uri, 'r' ); if ( !$fp ) return false; //stream_set_timeout($fp, $timeout); // Requires php 4.3 $linea = ''; - while( $remote_read = fread($fp, 4096) ) + while ( $remote_read = fread( $fp, 4096 ) ) $linea .= $remote_read; - fclose($fp); + fclose( $fp ); return $linea; - } else if ( function_exists('curl_init') ) { + } elseif ( function_exists( 'curl_init' ) ) { $handle = curl_init(); - curl_setopt ($handle, CURLOPT_URL, $uri); - curl_setopt ($handle, CURLOPT_CONNECTTIMEOUT, 1); - curl_setopt ($handle, CURLOPT_RETURNTRANSFER, 1); - curl_setopt ($handle, CURLOPT_TIMEOUT, $timeout); - $buffer = curl_exec($handle); - curl_close($handle); + curl_setopt( $handle, CURLOPT_URL, $uri); + curl_setopt( $handle, CURLOPT_CONNECTTIMEOUT, 1 ); + curl_setopt( $handle, CURLOPT_RETURNTRANSFER, 1 ); + curl_setopt( $handle, CURLOPT_TIMEOUT, $timeout ); + $buffer = curl_exec( $handle ); + curl_close( $handle ); return $buffer; } else { return false; } } -function wp($query_vars = '') { - global $wp; - $wp->main($query_vars); +function wp( $query_vars = '' ) { + global $wp, $wp_query, $wp_the_query; + $wp->main( $query_vars ); + + if( !isset($wp_the_query) ) + $wp_the_query = $wp_query; } + function get_status_header_desc( $code ) { global $wp_header_to_desc; - $code = (int) $code; + $code = absint( $code ); - if ( !isset($wp_header_to_desc) ) { + if ( !isset( $wp_header_to_desc ) ) { $wp_header_to_desc = array( 100 => 'Continue', 101 => 'Switching Protocols', @@ -793,13 +803,13 @@ function get_status_header_desc( $code ) { ); } - if ( isset( $wp_header_to_desc[$code] ) ) { + if ( isset( $wp_header_to_desc[$code] ) ) return $wp_header_to_desc[$code]; - } else { + else return ''; - } } + function status_header( $header ) { $text = get_status_header_desc( $header ); @@ -807,86 +817,93 @@ function status_header( $header ) { return false; $protocol = $_SERVER["SERVER_PROTOCOL"]; - if ( ('HTTP/1.1' != $protocol) && ('HTTP/1.0' != $protocol) ) + if ( 'HTTP/1.1' != $protocol && 'HTTP/1.0' != $protocol ) $protocol = 'HTTP/1.0'; $status_header = "$protocol $header $text"; - if ( function_exists('apply_filters') ) - $status_header = apply_filters('status_header', $status_header, $header, $text, $protocol); + if ( function_exists( 'apply_filters' ) ) + $status_header = apply_filters( 'status_header', $status_header, $header, $text, $protocol ); - if ( version_compare( phpversion(), '4.3.0', '>=' ) ) { + if ( version_compare( phpversion(), '4.3.0', '>=' ) ) return @header( $status_header, true, $header ); - } else { + else return @header( $status_header ); - } } + function nocache_headers() { - @ header('Expires: Wed, 11 Jan 1984 05:00:00 GMT'); - @ header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); - @ header('Cache-Control: no-cache, must-revalidate, max-age=0'); - @ header('Pragma: no-cache'); + // why are these @-silenced when other header calls aren't? + @header( 'Expires: Wed, 11 Jan 1984 05:00:00 GMT' ); + @header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' ); + @header( 'Cache-Control: no-cache, must-revalidate, max-age=0' ); + @header( 'Pragma: no-cache' ); } + function cache_javascript_headers() { $expiresOffset = 864000; // 10 days - header("Content-Type: text/javascript; charset=" . get_bloginfo('charset')); - header("Vary: Accept-Encoding"); // Handle proxies - header("Expires: " . gmdate("D, d M Y H:i:s", time() + $expiresOffset) . " GMT"); + header( "Content-Type: text/javascript; charset=" . get_bloginfo( 'charset' ) ); + header( "Vary: Accept-Encoding" ); // Handle proxies + header( "Expires: " . gmdate( "D, d M Y H:i:s", time() + $expiresOffset ) . " GMT" ); } + function get_num_queries() { global $wpdb; return $wpdb->num_queries; } + function bool_from_yn( $yn ) { return ( strtolower( $yn ) == 'y' ); } + function do_feed() { global $wp_query; - $feed = get_query_var('feed'); + $feed = get_query_var( 'feed' ); // Remove the pad, if present. - $feed = preg_replace('/^_+/', '', $feed); + $feed = preg_replace( '/^_+/', '', $feed ); if ( $feed == '' || $feed == 'feed' ) $feed = 'rss2'; $hook = 'do_feed_' . $feed; - do_action($hook, $wp_query->is_comment_feed); + do_action( $hook, $wp_query->is_comment_feed ); } + function do_feed_rdf() { - load_template(ABSPATH . WPINC . '/feed-rdf.php'); + load_template( ABSPATH . WPINC . '/feed-rdf.php' ); } + function do_feed_rss() { - load_template(ABSPATH . WPINC . '/feed-rss.php'); + load_template( ABSPATH . WPINC . '/feed-rss.php' ); } -function do_feed_rss2($for_comments) { - if ( $for_comments ) { - load_template(ABSPATH . WPINC . '/feed-rss2-comments.php'); - } else { - load_template(ABSPATH . WPINC . '/feed-rss2.php'); - } + +function do_feed_rss2( $for_comments ) { + if ( $for_comments ) + load_template( ABSPATH . WPINC . '/feed-rss2-comments.php' ); + else + load_template( ABSPATH . WPINC . '/feed-rss2.php' ); } -function do_feed_atom($for_comments) { - if ($for_comments) { - load_template(ABSPATH . WPINC . '/feed-atom-comments.php'); - } else { - load_template(ABSPATH . WPINC . '/feed-atom.php'); - } + +function do_feed_atom( $for_comments ) { + if ($for_comments) + load_template( ABSPATH . WPINC . '/feed-atom-comments.php'); + else + load_template( ABSPATH . WPINC . '/feed-atom.php' ); } function do_robots() { global $current_blog; - header('Content-Type: text/plain; charset=utf-8'); + header( 'Content-Type: text/plain; charset=utf-8' ); - do_action('do_robotstxt'); + do_action( 'do_robotstxt' ); if ( '0' == $current_blog->public ) { echo "User-agent: *\n"; @@ -897,99 +914,109 @@ function do_robots() { } } + function is_blog_installed() { global $wpdb; + + // Check cache first. If options table goes away and we have true cached, oh well. + if ( wp_cache_get('is_blog_installed') ) + return true; + $wpdb->hide_errors(); - $installed = $wpdb->get_var("SELECT option_value FROM $wpdb->options WHERE option_name = 'siteurl'"); + $installed = $wpdb->get_var( "SELECT option_value FROM $wpdb->options WHERE option_name = 'siteurl'" ); $wpdb->show_errors(); - $install_status = !empty( $installed ) ? TRUE : FALSE; - return $install_status; + $installed = !empty( $installed ) ? true : false; + wp_cache_set('is_blog_installed', $installed); + + return $installed; } -function wp_nonce_url($actionurl, $action = -1) { - $actionurl = str_replace('&', '&', $actionurl); - return wp_specialchars(add_query_arg('_wpnonce', wp_create_nonce($action), $actionurl)); + +function wp_nonce_url( $actionurl, $action = -1 ) { + $actionurl = str_replace( '&', '&', $actionurl ); + return wp_specialchars( add_query_arg( '_wpnonce', wp_create_nonce( $action ), $actionurl ) ); } -function wp_nonce_field($action = -1, $name = "_wpnonce", $referer = true) { - $name = attribute_escape($name); - echo '<input type="hidden" name="' . $name . '" value="' . wp_create_nonce($action) . '" />'; + +function wp_nonce_field( $action = -1, $name = "_wpnonce", $referer = true ) { + $name = attribute_escape( $name ); + echo '<input type="hidden" name="' . $name . '" value="' . wp_create_nonce( $action ) . '" />'; if ( $referer ) wp_referer_field(); } + function wp_referer_field() { - $ref = attribute_escape($_SERVER['REQUEST_URI']); + $ref = attribute_escape( $_SERVER['REQUEST_URI'] ); echo '<input type="hidden" name="_wp_http_referer" value="'. $ref . '" />'; if ( wp_get_original_referer() ) { - $original_ref = attribute_escape(stripslashes(wp_get_original_referer())); + $original_ref = attribute_escape( stripslashes( wp_get_original_referer() ) ); echo '<input type="hidden" name="_wp_original_http_referer" value="'. $original_ref . '" />'; } } + function wp_original_referer_field() { - echo '<input type="hidden" name="_wp_original_http_referer" value="' . attribute_escape(stripslashes($_SERVER['REQUEST_URI'])) . '" />'; + echo '<input type="hidden" name="_wp_original_http_referer" value="' . attribute_escape( stripslashes( $_SERVER['REQUEST_URI'] ) ) . '" />'; } + function wp_get_referer() { - foreach ( array($_REQUEST['_wp_http_referer'], $_SERVER['HTTP_REFERER']) as $ref ) - if ( !empty($ref) ) + foreach ( array( $_REQUEST['_wp_http_referer'], $_SERVER['HTTP_REFERER'] ) as $ref ) + if ( !empty( $ref ) ) return $ref; return false; } + function wp_get_original_referer() { - if ( !empty($_REQUEST['_wp_original_http_referer']) ) + if ( !empty( $_REQUEST['_wp_original_http_referer'] ) ) return $_REQUEST['_wp_original_http_referer']; return false; } -function wp_mkdir_p($target) { + +function wp_mkdir_p( $target ) { // from php.net/mkdir user contributed notes - if (file_exists($target)) { - if (! @ is_dir($target)) - return false; - else - return true; - } + if ( file_exists( $target ) ) + return @is_dir( $target ); // Attempting to create the directory may clutter up our display. - if (@ mkdir($target)) { - $stat = @ stat(dirname($target)); + if ( @mkdir( $target ) ) { + $stat = @stat( dirname( $target ) ); $dir_perms = $stat['mode'] & 0007777; // Get the permission bits. - @ chmod($target, $dir_perms); + @chmod( $target, $dir_perms ); return true; - } else { - if ( is_dir(dirname($target)) ) + } elseif ( is_dir( dirname( $target ) ) ) { return false; } // If the above failed, attempt to create the parent node, then try again. - if (wp_mkdir_p(dirname($target))) - return wp_mkdir_p($target); + if ( wp_mkdir_p( dirname( $target ) ) ) + return wp_mkdir_p( $target ); return false; } + // Returns an array containing the current upload directory's path and url, or an error message. function wp_upload_dir() { - $siteurl = get_option('siteurl'); + $siteurl = get_option( 'siteurl' ); //prepend ABSPATH to $dir and $siteurl to $url if they're not already there - $path = str_replace(ABSPATH, '', trim(get_option('upload_path'))); + $path = str_replace( ABSPATH, '', trim( get_option( 'upload_path' ) ) ); $dir = ABSPATH . $path; - $url = trailingslashit($siteurl) . $path; + $url = trailingslashit( $siteurl ) . $path; - if ( $dir == ABSPATH ) { //the option was empty + if ( $dir == ABSPATH ) // the option was empty $dir = ABSPATH . 'wp-content/uploads'; - } if ( defined('UPLOADS') ) { $dir = ABSPATH . UPLOADS; - $url = trailingslashit($siteurl) . UPLOADS; + $url = trailingslashit( $siteurl ) . UPLOADS; } - if ( get_option('uploads_use_yearmonth_folders')) { + if ( get_option( 'uploads_use_yearmonth_folders' ) ) { // Generate the yearly and monthly dirs $time = current_time( 'mysql' ); $y = substr( $time, 0, 4 ); @@ -1000,21 +1027,21 @@ function wp_upload_dir() { // Make sure we have an uploads dir if ( ! wp_mkdir_p( $dir ) ) { - $message = sprintf(__('Unable to create directory %s. Is its parent directory writable by the server?'), $dir); - return array('error' => $message); + $message = sprintf( __( 'Unable to create directory %s. Is its parent directory writable by the server?' ), $dir ); + return array( 'error' => $message ); } - $uploads = array('path' => $dir, 'url' => $url, 'error' => false); - return apply_filters('upload_dir', $uploads); + $uploads = array( 'path' => $dir, 'url' => $url, 'error' => false ); + return apply_filters( 'upload_dir', $uploads ); } -function wp_upload_bits($name, $type, $bits) { - if ( empty($name) ) - return array('error' => __("Empty filename")); +function wp_upload_bits( $name, $type, $bits ) { + if ( empty( $name ) ) + return array( 'error' => __( "Empty filename" ) ); - $wp_filetype = wp_check_filetype($name); + $wp_filetype = wp_check_filetype( $name ); if ( !$wp_filetype['ext'] ) - return array('error' => __("Invalid file type")); + return array( 'error' => __( "Invalid file type" ) ); $upload = wp_upload_dir(); @@ -1023,46 +1050,47 @@ function wp_upload_bits($name, $type, $bits) { $number = ''; $filename = $name; - $path_parts = pathinfo($filename); + $path_parts = pathinfo( $filename ); $ext = $path_parts['extension']; - if ( empty($ext) ) + if ( empty( $ext ) ) $ext = ''; else $ext = ".$ext"; - while ( file_exists($upload['path'] . "/$filename") ) { + while ( file_exists( $upload['path'] . "/$filename" ) ) { if ( '' == "$number$ext" ) $filename = $filename . ++$number . $ext; else - $filename = str_replace("$number$ext", ++$number . $ext, $filename); + $filename = str_replace( "$number$ext", ++$number . $ext, $filename ); } $new_file = $upload['path'] . "/$filename"; - if ( ! wp_mkdir_p( dirname($new_file) ) ) { - $message = sprintf(__('Unable to create directory %s. Is its parent directory writable by the server?'), dirname($new_file)); - return array('error' => $message); + if ( ! wp_mkdir_p( dirname( $new_file ) ) ) { + $message = sprintf( __( 'Unable to create directory %s. Is its parent directory writable by the server?' ), dirname( $new_file ) ); + return array( 'error' => $message ); } - $ifp = @ fopen($new_file, 'wb'); + $ifp = @ fopen( $new_file, 'wb' ); if ( ! $ifp ) - return array('error' => sprintf(__('Could not write file %s'), $new_file)); + return array( 'error' => sprintf( __( 'Could not write file %s' ), $new_file ) ); - $success = @ fwrite($ifp, $bits); - fclose($ifp); + $success = @fwrite( $ifp, $bits ); + fclose( $ifp ); // Set correct file permissions - $stat = @ stat(dirname($new_file)); + $stat = @ stat( dirname( $new_file ) ); $perms = $stat['mode'] & 0007777; $perms = $perms & 0000666; - @ chmod($new_file, $perms); + @ chmod( $new_file, $perms ); // Compute the URL $url = $upload['url'] . "/$filename"; - return array('file' => $new_file, 'url' => $url, 'error' => false); + return array( 'file' => $new_file, 'url' => $url, 'error' => false ); } -function wp_check_filetype($filename, $mimes = null) { + +function wp_check_filetype( $filename, $mimes = null ) { // Accepted MIME types are set here as PCRE unless provided. - $mimes = is_array($mimes) ? $mimes : apply_filters('upload_mimes', array ( + $mimes = ( is_array( $mimes ) ) ? $mimes : apply_filters( 'upload_mimes', array( 'jpg|jpeg|jpe' => 'image/jpeg', 'gif' => 'image/gif', 'png' => 'image/png', @@ -1106,127 +1134,129 @@ function wp_check_filetype($filename, $mimes = null) { 'odc' => 'application/vnd.oasis.opendocument.chart', 'odb' => 'application/vnd.oasis.opendocument.database', 'odf' => 'application/vnd.oasis.opendocument.formula', - - )); + ) + ); $type = false; $ext = false; - foreach ($mimes as $ext_preg => $mime_match) { + foreach ( $mimes as $ext_preg => $mime_match ) { $ext_preg = '!\.(' . $ext_preg . ')$!i'; - if ( preg_match($ext_preg, $filename, $ext_matches) ) { + if ( preg_match( $ext_preg, $filename, $ext_matches ) ) { $type = $mime_match; $ext = $ext_matches[1]; break; } } - return compact('ext', 'type'); + return compact( 'ext', 'type' ); } -function wp_explain_nonce($action) { - if ( $action !== -1 && preg_match('/([a-z]+)-([a-z]+)(_(.+))?/', $action, $matches) ) { +function wp_explain_nonce( $action ) { + if ( $action !== -1 && preg_match( '/([a-z]+)-([a-z]+)(_(.+))?/', $action, $matches ) ) { $verb = $matches[1]; $noun = $matches[2]; $trans = array(); - $trans['update']['attachment'] = array(__('Are you sure you want to edit this attachment: "%s"?'), 'get_the_title'); - - $trans['add']['category'] = array(__('Are you sure you want to add this category?'), false); - $trans['delete']['category'] = array(__('Are you sure you want to delete this category: "%s"?'), 'get_catname'); - $trans['update']['category'] = array(__('Are you sure you want to edit this category: "%s"?'), 'get_catname'); - - $trans['delete']['comment'] = array(__('Are you sure you want to delete this comment: "%s"?'), 'use_id'); - $trans['unapprove']['comment'] = array(__('Are you sure you want to unapprove this comment: "%s"?'), 'use_id'); - $trans['approve']['comment'] = array(__('Are you sure you want to approve this comment: "%s"?'), 'use_id'); - $trans['update']['comment'] = array(__('Are you sure you want to edit this comment: "%s"?'), 'use_id'); - $trans['bulk']['comments'] = array(__('Are you sure you want to bulk modify comments?'), false); - $trans['moderate']['comments'] = array(__('Are you sure you want to moderate comments?'), false); - - $trans['add']['bookmark'] = array(__('Are you sure you want to add this link?'), false); - $trans['delete']['bookmark'] = array(__('Are you sure you want to delete this link: "%s"?'), 'use_id'); - $trans['update']['bookmark'] = array(__('Are you sure you want to edit this link: "%s"?'), 'use_id'); - $trans['bulk']['bookmarks'] = array(__('Are you sure you want to bulk modify links?'), false); - - $trans['add']['page'] = array(__('Are you sure you want to add this page?'), false); - $trans['delete']['page'] = array(__('Are you sure you want to delete this page: "%s"?'), 'get_the_title'); - $trans['update']['page'] = array(__('Are you sure you want to edit this page: "%s"?'), 'get_the_title'); - - $trans['edit']['plugin'] = array(__('Are you sure you want to edit this plugin file: "%s"?'), 'use_id'); - $trans['activate']['plugin'] = array(__('Are you sure you want to activate this plugin: "%s"?'), 'use_id'); - $trans['deactivate']['plugin'] = array(__('Are you sure you want to deactivate this plugin: "%s"?'), 'use_id'); - - $trans['add']['post'] = array(__('Are you sure you want to add this post?'), false); - $trans['delete']['post'] = array(__('Are you sure you want to delete this post: "%s"?'), 'get_the_title'); - $trans['update']['post'] = array(__('Are you sure you want to edit this post: "%s"?'), 'get_the_title'); - - $trans['add']['user'] = array(__('Are you sure you want to add this user?'), false); - $trans['delete']['users'] = array(__('Are you sure you want to delete users?'), false); - $trans['bulk']['users'] = array(__('Are you sure you want to bulk modify users?'), false); - $trans['update']['user'] = array(__('Are you sure you want to edit this user: "%s"?'), 'get_author_name'); - $trans['update']['profile'] = array(__('Are you sure you want to modify the profile for: "%s"?'), 'get_author_name'); - - $trans['update']['options'] = array(__('Are you sure you want to edit your settings?'), false); - $trans['update']['permalink'] = array(__('Are you sure you want to change your permalink structure to: %s?'), 'use_id'); - $trans['edit']['file'] = array(__('Are you sure you want to edit this file: "%s"?'), 'use_id'); - $trans['edit']['theme'] = array(__('Are you sure you want to edit this theme file: "%s"?'), 'use_id'); - $trans['switch']['theme'] = array(__('Are you sure you want to switch to this theme: "%s"?'), 'use_id'); - - if ( isset($trans[$verb][$noun]) ) { - if ( !empty($trans[$verb][$noun][1]) ) { + $trans['update']['attachment'] = array( __( 'Are you sure you want to edit this attachment: "%s"?' ), 'get_the_title' ); + + $trans['add']['category'] = array( __( 'Are you sure you want to add this category?' ), false ); + $trans['delete']['category'] = array( __( 'Are you sure you want to delete this category: "%s"?' ), 'get_catname' ); + $trans['update']['category'] = array( __( 'Are you sure you want to edit this category: "%s"?' ), 'get_catname' ); + + $trans['delete']['comment'] = array( __( 'Are you sure you want to delete this comment: "%s"?' ), 'use_id' ); + $trans['unapprove']['comment'] = array( __( 'Are you sure you want to unapprove this comment: "%s"?' ), 'use_id' ); + $trans['approve']['comment'] = array( __( 'Are you sure you want to approve this comment: "%s"?' ), 'use_id' ); + $trans['update']['comment'] = array( __( 'Are you sure you want to edit this comment: "%s"?' ), 'use_id' ); + $trans['bulk']['comments'] = array( __( 'Are you sure you want to bulk modify comments?' ), false ); + $trans['moderate']['comments'] = array( __( 'Are you sure you want to moderate comments?' ), false ); + + $trans['add']['bookmark'] = array( __( 'Are you sure you want to add this link?' ), false ); + $trans['delete']['bookmark'] = array( __( 'Are you sure you want to delete this link: "%s"?' ), 'use_id' ); + $trans['update']['bookmark'] = array( __( 'Are you sure you want to edit this link: "%s"?' ), 'use_id' ); + $trans['bulk']['bookmarks'] = array( __( 'Are you sure you want to bulk modify links?' ), false ); + + $trans['add']['page'] = array( __( 'Are you sure you want to add this page?' ), false ); + $trans['delete']['page'] = array( __( 'Are you sure you want to delete this page: "%s"?' ), 'get_the_title' ); + $trans['update']['page'] = array( __( 'Are you sure you want to edit this page: "%s"?' ), 'get_the_title' ); + + $trans['edit']['plugin'] = array( __( 'Are you sure you want to edit this plugin file: "%s"?' ), 'use_id' ); + $trans['activate']['plugin'] = array( __( 'Are you sure you want to activate this plugin: "%s"?' ), 'use_id' ); + $trans['deactivate']['plugin'] = array( __( 'Are you sure you want to deactivate this plugin: "%s"?' ), 'use_id' ); + + $trans['add']['post'] = array( __( 'Are you sure you want to add this post?' ), false ); + $trans['delete']['post'] = array( __( 'Are you sure you want to delete this post: "%s"?' ), 'get_the_title' ); + $trans['update']['post'] = array( __( 'Are you sure you want to edit this post: "%s"?' ), 'get_the_title' ); + + $trans['add']['user'] = array( __( 'Are you sure you want to add this user?' ), false ); + $trans['delete']['users'] = array( __( 'Are you sure you want to delete users?' ), false ); + $trans['bulk']['users'] = array( __( 'Are you sure you want to bulk modify users?' ), false ); + $trans['update']['user'] = array( __( 'Are you sure you want to edit this user: "%s"?' ), 'get_author_name' ); + $trans['update']['profile'] = array( __( 'Are you sure you want to modify the profile for: "%s"?' ), 'get_author_name' ); + + $trans['update']['options'] = array( __( 'Are you sure you want to edit your settings?' ), false ); + $trans['update']['permalink'] = array( __( 'Are you sure you want to change your permalink structure to: %s?' ), 'use_id' ); + $trans['edit']['file'] = array( __( 'Are you sure you want to edit this file: "%s"?' ), 'use_id' ); + $trans['edit']['theme'] = array( __( 'Are you sure you want to edit this theme file: "%s"?' ), 'use_id' ); + $trans['switch']['theme'] = array( __( 'Are you sure you want to switch to this theme: "%s"?' ), 'use_id' ); + + if ( isset( $trans[$verb][$noun] ) ) { + if ( !empty( $trans[$verb][$noun][1] ) ) { $lookup = $trans[$verb][$noun][1]; $object = $matches[4]; if ( 'use_id' != $lookup ) - $object = call_user_func($lookup, $object); - return sprintf($trans[$verb][$noun][0], $object); + $object = call_user_func( $lookup, $object ); + return sprintf( $trans[$verb][$noun][0], $object ); } else { return $trans[$verb][$noun][0]; } } } - return apply_filters( 'explain_nonce_' . $verb . '-' . $noun, __('Are you sure you want to do this?'), $matches[4] ); + return apply_filters( 'explain_nonce_' . $verb . '-' . $noun, __( 'Are you sure you want to do this?' ), $matches[4] ); } -function wp_nonce_ays($action) { + +function wp_nonce_ays( $action ) { global $pagenow, $menu, $submenu, $parent_file, $submenu_file; - $adminurl = get_option('siteurl') . '/wp-admin'; + $adminurl = get_option( 'siteurl' ) . '/wp-admin'; if ( wp_get_referer() ) - $adminurl = clean_url(wp_get_referer()); + $adminurl = clean_url( wp_get_referer() ); - $title = __('WordPress Confirmation'); + $title = __( 'WordPress Confirmation' ); // Remove extra layer of slashes. - $_POST = stripslashes_deep($_POST ); + $_POST = stripslashes_deep( $_POST ); if ( $_POST ) { - $q = http_build_query($_POST); - $q = explode( ini_get('arg_separator.output'), $q); - $html .= "\t<form method='post' action='" . attribute_escape($pagenow) . "'>\n"; + $q = http_build_query( $_POST ); + $q = explode( ini_get( 'arg_separator.output' ), $q); + $html .= "\t<form method='post' action='" . attribute_escape( $pagenow ) . "'>\n"; foreach ( (array) $q as $a ) { - $v = substr(strstr($a, '='), 1); - $k = substr($a, 0, -(strlen($v)+1)); - $html .= "\t\t<input type='hidden' name='" . attribute_escape(urldecode($k)) . "' value='" . attribute_escape(urldecode($v)) . "' />\n"; + $v = substr( strstr( $a, '=' ), 1 ); + $k = substr( $a, 0, -( strlen( $v ) + 1 ) ); + $html .= "\t\t<input type='hidden' name='" . attribute_escape( urldecode( $k ) ) . "' value='" . attribute_escape( urldecode( $v ) ) . "' />\n"; } - $html .= "\t\t<input type='hidden' name='_wpnonce' value='" . wp_create_nonce($action) . "' />\n"; - $html .= "\t\t<div id='message' class='confirm fade'>\n\t\t<p>" . wp_specialchars(wp_explain_nonce($action)) . "</p>\n\t\t<p><a href='$adminurl'>" . __('No') . "</a> <input type='submit' value='" . __('Yes') . "' /></p>\n\t\t</div>\n\t</form>\n"; + $html .= "\t\t<input type='hidden' name='_wpnonce' value='" . wp_create_nonce( $action ) . "' />\n"; + $html .= "\t\t<div id='message' class='confirm fade'>\n\t\t<p>" . wp_specialchars( wp_explain_nonce( $action ) ) . "</p>\n\t\t<p><a href='$adminurl'>" . __( 'No' ) . "</a> <input type='submit' value='" . __( 'Yes' ) . "' /></p>\n\t\t</div>\n\t</form>\n"; } else { - $html .= "\t<div id='message' class='confirm fade'>\n\t<p>" . wp_specialchars(wp_explain_nonce($action)) . "</p>\n\t<p><a href='$adminurl'>" . __('No') . "</a> <a href='" . clean_url(add_query_arg( '_wpnonce', wp_create_nonce($action), $_SERVER['REQUEST_URI'] )) . "'>" . __('Yes') . "</a></p>\n\t</div>\n"; + $html .= "\t<div id='message' class='confirm fade'>\n\t<p>" . wp_specialchars( wp_explain_nonce( $action ) ) . "</p>\n\t<p><a href='$adminurl'>" . __( 'No' ) . "</a> <a href='" . clean_url( add_query_arg( '_wpnonce', wp_create_nonce( $action ), $_SERVER['REQUEST_URI'] ) ) . "'>" . __( 'Yes' ) . "</a></p>\n\t</div>\n"; } $html .= "</body>\n</html>"; - wp_die($html, $title); + wp_die( $html, $title ); } + function wp_die( $message, $title = '' ) { global $wp_locale; if ( function_exists( 'is_wp_error' ) && is_wp_error( $message ) ) { - if ( empty($title) ) { + if ( empty( $title ) ) { $error_data = $message->get_error_data(); - if ( is_array($error_data) && isset($error_data['title']) ) + if ( is_array( $error_data ) && isset( $error_data['title'] ) ) $title = $error_data['title']; } $errors = $message->get_error_messages(); - switch ( count($errors) ) : + switch ( count( $errors ) ) : case 0 : $message = ''; break; @@ -1237,42 +1267,42 @@ function wp_die( $message, $title = '' ) { $message = "<ul>\n\t\t<li>" . join( "</li>\n\t\t<li>", $errors ) . "</li>\n\t</ul>"; break; endswitch; - } elseif ( is_string($message) ) { + } elseif ( is_string( $message ) ) { $message = "<p>$message</p>"; } - if ( defined('WP_SITEURL') && '' != WP_SITEURL ) - $admin_dir = WP_SITEURL.'/wp-admin/'; - elseif (function_exists('get_bloginfo') && '' != get_bloginfo('wpurl')) - $admin_dir = get_bloginfo('wpurl').'/wp-admin/'; - elseif (strpos($_SERVER['PHP_SELF'], 'wp-admin') !== false) + if ( defined( 'WP_SITEURL' ) && '' != WP_SITEURL ) + $admin_dir = WP_SITEURL . '/wp-admin/'; + elseif ( function_exists( 'get_bloginfo' ) && '' != get_bloginfo( 'wpurl' ) ) + $admin_dir = get_bloginfo( 'wpurl' ) . '/wp-admin/'; + elseif ( strpos( $_SERVER['PHP_SELF'], 'wp-admin' ) !== false ) $admin_dir = ''; else $admin_dir = 'wp-admin/'; - if ( !function_exists('did_action') || !did_action('admin_head') ) : + if ( !function_exists( 'did_action' ) || !did_action( 'admin_head' ) ) : if( !headers_sent() ){ - status_header(500); + status_header( 500 ); nocache_headers(); - header('Content-Type: text/html; charset=utf-8'); + header( 'Content-Type: text/html; charset=utf-8' ); } - if ( empty($title) ){ - if( function_exists('__') ) - $title = __('WordPress › Error'); + if ( empty($title) ) { + if ( function_exists( '__' ) ) + $title = __( 'WordPress › Error' ); else $title = 'WordPress › Error'; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" <?php if ( function_exists('language_attributes') ) language_attributes(); ?>> +<html xmlns="http://www.w3.org/1999/xhtml" <?php if ( function_exists( 'language_attributes' ) ) language_attributes(); ?>> <head> <title><?php echo $title ?></title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link rel="stylesheet" href="<?php echo $admin_dir; ?>css/install.css" type="text/css" /> <?php -if ( ( $wp_locale ) && ('rtl' == $wp_locale->text_direction) ) : ?> +if ( ( $wp_locale ) && ( 'rtl' == $wp_locale->text_direction ) ) : ?> <link rel="stylesheet" href="<?php echo $admin_dir; ?>css/install-rtl.css" type="text/css" /> <?php endif; ?> </head> @@ -1287,55 +1317,61 @@ if ( ( $wp_locale ) && ('rtl' == $wp_locale->text_direction) ) : ?> die(); } -function _config_wp_home($url = '') { + +function _config_wp_home( $url = '' ) { if ( defined( 'WP_HOME' ) ) return WP_HOME; - else return $url; + return $url; } -function _config_wp_siteurl($url = '') { + +function _config_wp_siteurl( $url = '' ) { if ( defined( 'WP_SITEURL' ) ) return WP_SITEURL; - else return $url; + return $url; } + function _mce_set_direction() { global $wp_locale; - if ('rtl' == $wp_locale->text_direction) { + if ( 'rtl' == $wp_locale->text_direction ) { echo 'directionality : "rtl" ,'; echo 'theme_advanced_toolbar_align : "right" ,'; } } -function _mce_load_rtl_plugin($input) { + +function _mce_load_rtl_plugin( $input ) { global $wp_locale; - if ('rtl' == $wp_locale->text_direction) + if ( 'rtl' == $wp_locale->text_direction ) $input[] = 'directionality'; return $input; } -function _mce_add_direction_buttons($input) { + +function _mce_add_direction_buttons( $input ) { global $wp_locale; - if ('rtl' == $wp_locale->text_direction) { - $new_buttons = array('separator', 'ltr', 'rtl'); - $input = array_merge($input, $new_buttons); + if ( 'rtl' == $wp_locale->text_direction ) { + $new_buttons = array( 'separator', 'ltr', 'rtl' ); + $input = array_merge( $input, $new_buttons ); } return $input; } + function smilies_init() { global $wpsmiliestrans, $wp_smiliessearch, $wp_smiliesreplace; // don't bother setting up smilies if they are disabled - if ( !get_option('use_smilies') ) + if ( !get_option( 'use_smilies' ) ) return; - if (!isset($wpsmiliestrans)) { + if ( !isset( $wpsmiliestrans ) ) { $wpsmiliestrans = array( ':mrgreen:' => 'icon_mrgreen.gif', ':neutral:' => 'icon_neutral.gif', @@ -1384,46 +1420,75 @@ function smilies_init() { ); } - $siteurl = get_option('siteurl'); + $siteurl = get_option( 'siteurl' ); foreach ( (array) $wpsmiliestrans as $smiley => $img ) { - $wp_smiliessearch[] = '/(\s|^)'.preg_quote($smiley, '/').'(\s|$)/'; - $smiley_masked = htmlspecialchars(trim($smiley), ENT_QUOTES); + $wp_smiliessearch[] = '/(\s|^)' . preg_quote( $smiley, '/' ) . '(\s|$)/'; + $smiley_masked = attribute_escape( trim( $smiley ) ); $wp_smiliesreplace[] = " <img src='$siteurl/wp-includes/images/smilies/$img' alt='$smiley_masked' class='wp-smiley' /> "; } } + function wp_parse_args( $args, $defaults = '' ) { - if ( is_object($args) ) - $r = get_object_vars($args); - else if ( is_array( $args ) ) + if ( is_object( $args ) ) + $r = get_object_vars( $args ); + elseif ( is_array( $args ) ) $r =& $args; else wp_parse_str( $args, $r ); if ( is_array( $defaults ) ) return array_merge( $defaults, $r ); - else - return $r; + return $r; } + function wp_maybe_load_widgets() { if ( !function_exists( 'dynamic_sidebar' ) ) { - require_once ABSPATH . WPINC . '/widgets.php'; + require_once( ABSPATH . WPINC . '/widgets.php' ); add_action( '_admin_menu', 'wp_widgets_add_menu' ); } } + function wp_widgets_add_menu() { global $submenu; $submenu['themes.php'][7] = array( __( 'Widgets' ), 'switch_themes', 'widgets.php' ); - ksort($submenu['themes.php'], SORT_NUMERIC); + ksort( $submenu['themes.php'], SORT_NUMERIC ); } + // For PHP 5.2, make sure all output buffers are flushed // before our singletons our destroyed. -function wp_ob_end_flush_all() -{ +function wp_ob_end_flush_all() { while ( @ob_end_flush() ); } + +/* + * require_wp_db() - require_once the correct database class file. + * + * This function is used to load the database class file either at runtime or by wp-admin/setup-config.php + * We must globalise $wpdb to ensure that it is defined globally by the inline code in wp-db.php + * + * @global $wpdb + */ +function require_wp_db() { + global $wpdb; + if ( file_exists( ABSPATH . 'wp-content/db.php' ) ) + require_once( ABSPATH . 'wp-content/db.php' ); + else + require_once( ABSPATH . WPINC . '/wp-db.php' ); +} + + +/** + * Converts input to an absolute integer + * @param mixed $maybeint data you wish to have convered to an absolute integer + * @return int an absolute integer + */ +function absint( $maybeint ) { + return abs( intval( $maybeint ) ); +} + ?> diff --git a/wp-includes/general-template.php b/wp-includes/general-template.php index 9af63b6..de8318c 100644 --- a/wp-includes/general-template.php +++ b/wp-includes/general-template.php @@ -208,7 +208,7 @@ function wp_title($sep = '»', $display = true) { } if ( !empty($author_name) ) { // We do a direct query here because we don't cache by nicename. - $title = $wpdb->get_var("SELECT display_name FROM $wpdb->users WHERE user_nicename = '$author_name'"); + $title = $wpdb->get_var($wpdb->prepare("SELECT display_name FROM $wpdb->users WHERE user_nicename = %s", $author_name)); } // If there's a month @@ -255,7 +255,7 @@ function single_post_title($prefix = '', $display = true) { if ( intval($p) || '' != $name ) { if ( !$p ) - $p = $wpdb->get_var("SELECT ID FROM $wpdb->posts WHERE post_name = '$name'"); + $p = $wpdb->get_var($wpdb->prepare("SELECT ID FROM $wpdb->posts WHERE post_name = %s", $name)); $post = & get_post($p); $title = $post->post_title; $title = apply_filters('single_post_title', $title); @@ -363,7 +363,7 @@ function wp_get_archives($args = '') { $type = 'monthly'; if ( '' != $limit ) { - $limit = (int) $limit; + $limit = abs(intval($limit)); $limit = ' LIMIT '.$limit; } @@ -829,6 +829,11 @@ function rsd_link() { echo ' <link rel="EditURI" type="application/rsd+xml" title="RSD" href="' . get_bloginfo('wpurl') . "/xmlrpc.php?rsd\" />\n"; } +function wlwmanifest_link() { + echo ' <link rel="wlwmanifest" type="application/wlwmanifest+xml" href="' + . get_bloginfo('wpurl') . '/wp-includes/wlwmanifest.xml" /> '; +} + function noindex() { global $current_blog; // If the blog is not public, tell robots to go away. @@ -1071,4 +1076,50 @@ function wp_admin_css( $file = 'wp-admin' ) { } } +/** + * Outputs the XHTML generator that is generated on the wp_head hook. + */ +function wp_generator() +{ + the_generator( apply_filters( 'wp_generator_type', 'xhtml' ) ); +} + +/** + * Outputs the generator XML or Comment for RSS, ATOM, etc. + * @param {String} $type The type of generator to return. + */ +function the_generator ( $type ) { + echo apply_filters('the_generator',get_the_generator($type),$type) . "\n"; +} + +/** + * Creates the generator XML or Comment for RSS, ATOM, etc. + * @param {String} $type The type of generator to return. + */ +function get_the_generator ( $type ) { + switch ($type) { + case 'html': + $gen = '<meta name="generator" content="WordPress/' . get_bloginfo( 'version' ) . '">'; + break; + case 'xhtml': + $gen = '<meta name="generator" content="WordPress/' . get_bloginfo( 'version' ) . '" />'; + break; + case 'atom': + $gen = '<generator uri="http://wordpress.org/" version="' . get_bloginfo_rss( 'version' ) . '">WordPress</generator>'; + break; + case 'rss2': + $gen = '<generator>http://wordpress.org/?v=' . get_bloginfo_rss( 'version' ) . '</generator>'; + break; + case 'rdf': + $gen = '<admin:generatorAgent rdf:resource="http://wordpress.org/?v=' . get_bloginfo_rss( 'version' ) . '" />'; + break; + case 'comment': + $gen = '<!-- generator="WordPress/' . get_bloginfo( 'version' ) . '" -->'; + break; + case 'export': + $gen = '<!-- generator="wordpress/' . get_bloginfo_rss('version') . '" created="'. date('Y-m-d H:i') . '"-->'; + break; + } + return apply_filters( "get_the_generator_{$type}", $gen, $type ); +} ?> diff --git a/wp-includes/images/wlw/wp-comments.png b/wp-includes/images/wlw/wp-comments.png Binary files differnew file mode 100644 index 0000000..981b1af --- /dev/null +++ b/wp-includes/images/wlw/wp-comments.png diff --git a/wp-includes/images/wlw/wp-icon.png b/wp-includes/images/wlw/wp-icon.png Binary files differnew file mode 100644 index 0000000..cd94ee3 --- /dev/null +++ b/wp-includes/images/wlw/wp-icon.png diff --git a/wp-includes/images/wlw/wp-watermark.png b/wp-includes/images/wlw/wp-watermark.png Binary files differnew file mode 100644 index 0000000..c312a72 --- /dev/null +++ b/wp-includes/images/wlw/wp-watermark.png diff --git a/wp-includes/js/jquery/jquery.js b/wp-includes/js/jquery/jquery.js index 59201f3..163a7ef 100644 --- a/wp-includes/js/jquery/jquery.js +++ b/wp-includes/js/jquery/jquery.js @@ -10,4 +10,3 @@ */ eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('(9(){6(1f C!="Q")E v=C;E C=19.16=9(a,c){6(19==7||!7.4a)F 1s C(a,c);F 7.4a(a,c)};6(1f $!="Q")E B=$;19.$=C;E q=/^[^<]*(<(.|\\s)+>)[^>]*$|^#(\\w+)$/;C.15=C.3v={4a:9(a,c){a=a||R;6(1f a=="1E"){E m=q.2d(a);6(m&&(m[1]||!c)){6(m[1])a=C.3c([m[1]]);G{E b=R.37(m[3]);6(b)6(b.2j!=m[3])F C().1F(a);G{7[0]=b;7.H=1;F 7}G a=[]}}G F 1s C(c).1F(a)}G 6(C.1g(a))F 1s C(R)[C.15.1L?"1L":"2f"](a);F 7.5J(a.1b==1K&&a||(a.3w||a.H&&a!=19&&!a.1t&&a[0]!=Q&&a[0].1t)&&C.2V(a)||[a])},3w:"1.1.4",7K:9(){F 7.H},H:0,21:9(a){F a==Q?C.2V(7):7[a]},1O:9(a){E b=C(a);b.5c=7;F b},5J:9(a){7.H=0;1K.3v.Y.T(7,a);F 7},J:9(a,b){F C.J(7,a,b)},45:9(a){E b=-1;7.J(9(i){6(7==a)b=i});F b},1j:9(f,d,e){E c=f;6(f.1b==3n)6(d==Q)F 7.H&&C[e||"1j"](7[0],f)||Q;G{c={};c[f]=d}F 7.J(9(a){I(E b 17 c)C.1j(e?7.S:7,b,C.4Q(7,c[b],e,a,b))})},1h:9(b,a){F 7.1j(b,a,"34")},2Q:9(e){6(1f e!="4P"&&e!=K)F 7.3K().3H(R.60(e));E t="";C.J(e||7,9(){C.J(7.2Z,9(){6(7.1t!=8)t+=7.1t!=1?7.5S:C.15.2Q([7])})});F t},82:9(){E a,2e=1a;F 7.J(9(){6(!a)a=C.3c(2e,7.2I);E b=a[0].3B(O);7.P.2p(b,7);20(b.1k)b=b.1k;b.4p(7)})},3H:9(){F 7.2J(1a,O,1,9(a){7.4p(a)})},5v:9(){F 7.2J(1a,O,-1,9(a){7.2p(a,7.1k)})},5u:9(){F 7.2J(1a,M,1,9(a){7.P.2p(a,7)})},5t:9(){F 7.2J(1a,M,-1,9(a){7.P.2p(a,7.2a)})},3L:9(){F 7.5c||C([])},1F:9(t){E b=C.3M(7,9(a){F C.1F(t,a)});F 7.1O(/[^+>] [^+>]/.1d(t)||t.U("..")>-1?C.4d(b):b)},7o:9(e){e=e!=Q?e:O;E d=7.1r(7.1F("*"));6(C.N.12){d.J(9(){7.2l$1i={};I(E a 17 7.$1i)7.2l$1i[a]=C.14({},7.$1i[a])}).49()}E r=7.1O(C.3M(7,9(a){F a.3B(e)}));6(C.N.12){d.J(9(){E c=7.2l$1i;I(E a 17 c)I(E b 17 c[a])C.1c.1r(7,a,c[a][b],c[a][b].V);7.2l$1i=K})}6(e){E f=r.1r(r.1F(\'*\')).1l(\'2b,39[@L=3i]\');d.1l(\'2b,39[@L=3i]\').J(9(i){6(7.3j)f[i].3j=7.3j;6(7.27)f[i].27=O})}F r},1l:9(t){F 7.1O(C.1g(t)&&C.2B(7,9(b,a){F t.T(b,[a])})||C.2R(t,7))},5l:9(t){F 7.1O(t.1b==3n&&C.2R(t,7,O)||C.2B(7,9(a){F(t.1b==1K||t.3w)?C.4K(a,t)<0:a!=t}))},1r:9(t){F 7.1O(C.29(7.21(),t.1b==3n?C(t).21():t.H!=Q&&(!t.W||t.W=="6s")?t:[t]))},3y:9(a){F a?C.2R(a,7).H>0:M},2G:9(a){F a==Q?(7.H?7[0].2A:K):7.1j("2A",a)},5W:9(a){F a==Q?(7.H?7[0].2W:K):7.3K().3H(a)},3S:9(){F 7.1O(1K.3v.3S.T(7,1a))},2J:9(f,d,g,e){E c=7.H>1,a;F 7.J(9(){6(!a){a=C.3c(f,7.2I);6(g<0)a.8E()}E b=7;6(d&&C.W(7,"1A")&&C.W(a[0],"3O"))b=7.4L("1w")[0]||7.4p(R.6a("1w"));C.J(a,9(){6(C.W(7,"33")){6(7.32)C.31({1G:7.32,2w:M,3G:"33"});G C.4E(7.2Q||7.5Z||7.2W||"")}G e.T(b,[c?7.3B(O):7])})})}};C.14=C.15.14=9(){E c=1a[0]||{},a=1,1M=1a.H,4D=M;6(c.1b==8d){4D=c;c=1a[1]||{}}6(1M==1){c=7;a=0}E b;I(;a<1M;a++)6((b=1a[a])!=K)I(E i 17 b){6(c==b[i])5X;6(4D&&1f b[i]==\'4P\'&&c[i])C.14(c[i],b[i]);G 6(b[i]!=Q)c[i]=b[i]}F c};C.14({8a:9(a){19.$=B;6(a)19.16=v;F C},1g:9(a){F!!a&&1f a!="1E"&&!a.W&&a.1b!=1K&&/9/i.1d(a+"")},3E:9(a){F a.3D&&!a.4z||a.4y&&a.2I&&!a.2I.4z},4E:9(a){a=C.2s(a);6(a){6(19.5N)19.5N(a);G 6(C.N.1H)19.4x(a,0);G 2T.2S(19,a)}},W:9(b,a){F b.W&&b.W.1I()==a.1I()},J:9(a,b,c){6(c){6(a.H==Q)I(E i 17 a)b.T(a[i],c);G I(E i=0,3A=a.H;i<3A;i++)6(b.T(a[i],c)===M)1J}G{6(a.H==Q)I(E i 17 a)b.2S(a[i],i,a[i]);G I(E i=0,3A=a.H,2G=a[0];i<3A&&b.2S(2G,i,2G)!==M;2G=a[++i]){}}F a},4Q:9(c,b,d,e,a){6(C.1g(b))b=b.2S(c,[e]);E f=/z-?45|7S-?7Q|1e|5y|7O-?1u/i;F b&&b.1b==3x&&d=="34"&&!f.1d(a)?b+"4t":b},18:{1r:9(b,c){C.J((c||"").2M(/\\s+/),9(i,a){6(!C.18.2N(b.18,a))b.18+=(b.18?" ":"")+a})},23:9(b,c){b.18=c!=Q?C.2B(b.18.2M(/\\s+/),9(a){F!C.18.2N(c,a)}).5w(" "):""},2N:9(t,c){F C.4K(c,(t.18||t).3s().2M(/\\s+/))>-1}},1V:9(e,o,f){I(E i 17 o){e.S["2U"+i]=e.S[i];e.S[i]=o[i]}f.T(e,[]);I(E i 17 o)e.S[i]=e.S["2U"+i]},1h:9(e,p){6(p=="1u"||p=="24"){E b={},3p,3o,d=["7J","7G","7F","7B"];C.J(d,9(){b["7A"+7]=0;b["7x"+7+"7u"]=0});C.1V(e,b,9(){6(C(e).3y(\':4N\')){3p=e.7t;3o=e.7q}G{e=C(e.3B(O)).1F(":4e").5d("27").3L().1h({3V:"1C",3k:"7n",11:"2m",7h:"0",7e:"0"}).57(e.P)[0];E a=C.1h(e.P,"3k")||"3g";6(a=="3g")e.P.S.3k="76";3p=e.74;3o=e.71;6(a=="3g")e.P.S.3k="3g";e.P.3e(e)}});F p=="1u"?3p:3o}F C.34(e,p)},34:9(h,d,g){E i,1R=[],1V=[];9 2E(a){6(!C.N.1H)F M;E b=R.2L.3b(a,K);F!b||b.44("2E")==""}6(d=="1e"&&C.N.12){i=C.1j(h.S,"1e");F i==""?"1":i}6(d.2k(/3a/i))d=x;6(!g&&h.S[d])i=h.S[d];G 6(R.2L&&R.2L.3b){6(d.2k(/3a/i))d="3a";d=d.1v(/([A-Z])/g,"-$1").2D();E e=R.2L.3b(h,K);6(e&&!2E(h))i=e.44(d);G{I(E a=h;a&&2E(a);a=a.P)1R.42(a);I(a=0;a<1R.H;a++)6(2E(1R[a])){1V[a]=1R[a].S.11;1R[a].S.11="2m"}i=d=="11"&&1V[1R.H-1]!=K?"1T":R.2L.3b(h,K).44(d)||"";I(a=0;a<1V.H;a++)6(1V[a]!=K)1R[a].S.11=1V[a]}6(d=="1e"&&i=="")i="1"}G 6(h.41){E f=d.1v(/\\-(\\w)/g,9(m,c){F c.1I()});i=h.41[d]||h.41[f]}F i},3c:9(a,c){E r=[];c=c||R;C.J(a,9(i,b){6(!b)F;6(b.1b==3x)b=b.3s();6(1f b=="1E"){E s=C.2s(b).2D(),1m=c.6a("1m"),1P=[];E a=!s.U("<1Z")&&[1,"<2b>","</2b>"]||!s.U("<6L")&&[1,"<4V>","</4V>"]||s.2k(/^<(6I|1w|6H|6F|6D)/)&&[1,"<1A>","</1A>"]||!s.U("<3O")&&[2,"<1A><1w>","</1w></1A>"]||(!s.U("<6A")||!s.U("<6y"))&&[3,"<1A><1w><3O>","</3O></1w></1A>"]||!s.U("<6x")&&[2,"<1A><1w></1w><4T>","</4T></1A>"]||C.N.12&&[1,"1m<1m>","</1m>"]||[0,"",""];1m.2W=a[1]+b+a[2];20(a[0]--)1m=1m.3Y;6(C.N.12){6(!s.U("<1A")&&s.U("<1w")<0)1P=1m.1k&&1m.1k.2Z;G 6(a[1]=="<1A>"&&s.U("<1w")<0)1P=1m.2Z;I(E n=1P.H-1;n>=0;--n)6(C.W(1P[n],"1w")&&!1P[n].2Z.H)1P[n].P.3e(1P[n]);6(/^\\s/.1d(b))1m.2p(c.60(b.2k(/^\\s*/)[0]),1m.1k)}b=C.2V(1m.2Z)}6(0===b.H&&(!C.W(b,"38")&&!C.W(b,"2b")))F;6(b[0]==Q||C.W(b,"38")||b.6u)r.Y(b);G r=C.29(r,b)});F r},1j:9(c,d,a){E e=C.3E(c)?{}:C.4q;6(d=="28"&&C.N.1H)c.P.3j;6(e[d]){6(a!=Q)c[e[d]]=a;F c[e[d]]}G 6(C.N.12&&d=="S")F C.1j(c.S,"6p",a);G 6(a==Q&&C.N.12&&C.W(c,"38")&&(d=="6n"||d=="6m"))F c.6k(d).5S;G 6(c.4y){6(a!=Q)c.6j(d,a);6(C.N.12&&/5R|32/.1d(d)&&!C.3E(c))F c.3F(d,2);F c.3F(d)}G{6(d=="1e"&&C.N.12){6(a!=Q){c.5y=1;c.1l=(c.1l||"").1v(/5T\\([^)]*\\)/,"")+(3m(a).3s()=="6d"?"":"5T(1e="+a*6c+")")}F c.1l?(3m(c.1l.2k(/1e=([^)]*)/)[1])/6c).3s():""}d=d.1v(/-([a-z])/8I,9(z,b){F b.1I()});6(a!=Q)c[d]=a;F c[d]}},2s:9(t){F(t||"").1v(/^\\s+|\\s+$/g,"")},2V:9(a){E r=[];6(1f a!="8H")I(E i=0,1M=a.H;i<1M;i++)r.Y(a[i]);G r=a.3S(0);F r},4K:9(b,a){I(E i=0,1M=a.H;i<1M;i++)6(a[i]==b)F i;F-1},29:9(a,b){6(C.N.12){I(E i=0;b[i];i++)6(b[i].1t!=8)a.Y(b[i])}G I(E i=0;b[i];i++)a.Y(b[i]);F a},4d:9(a){E r=[],4O=C.1q++;2g{I(E i=0,69=a.H;i<69;i++)6(4O!=a[i].1q){a[i].1q=4O;r.Y(a[i])}}2h(e){r=a}F r},1q:0,2B:9(b,a,c){6(1f a=="1E")a=2T("M||9(a,i){F "+a+"}");E d=[];I(E i=0,3P=b.H;i<3P;i++)6(!c&&a(b[i],i)||c&&!a(b[i],i))d.Y(b[i]);F d},3M:9(c,b){6(1f b=="1E")b=2T("M||9(a){F "+b+"}");E d=[];I(E i=0,3P=c.H;i<3P;i++){E a=b(c[i],i);6(a!==K&&a!=Q){6(a.1b!=1K)a=[a];d=d.8x(a)}}F d}});E u=8w.8u.2D();C.N={6b:(u.2k(/.+(?:8s|8q|8p|8o)[\\/: ]([\\d.]+)/)||[])[1],1H:/61/.1d(u),2t:/2t/.1d(u),12:/12/.1d(u)&&!/2t/.1d(u),3J:/3J/.1d(u)&&!/(8n|61)/.1d(u)};E x=C.N.12?"3I":"4G";C.14({8m:!C.N.12||R.8l=="8k",3I:C.N.12?"3I":"4G",4q:{"I":"8j","8i":"18","3a":x,4G:x,3I:x,2W:"2W",18:"18",2A:"2A",30:"30",27:"27",8h:"8g",28:"28",8f:"8e"}});C.J({5Y:"a.P",4C:"16.4C(a)",8c:"16.25(a,2,\'2a\')",8b:"16.25(a,2,\'4B\')",88:"16.4A(a.P.1k,a)",87:"16.4A(a.1k)"},9(i,n){C.15[i]=9(a){E b=C.3M(7,n);6(a&&1f a=="1E")b=C.2R(a,b);F 7.1O(C.4d(b))}});C.J({57:"3H",86:"5v",2p:"5u",85:"5t"},9(i,n){C.15[i]=9(){E a=1a;F 7.J(9(){I(E j=0,1M=a.H;j<1M;j++)C(a[j])[n](7)})}});C.J({5d:9(a){C.1j(7,a,"");7.84(a)},83:9(c){C.18.1r(7,c)},81:9(c){C.18.23(7,c)},80:9(c){C.18[C.18.2N(7,c)?"23":"1r"](7,c)},23:9(a){6(!a||C.1l(a,[7]).r.H)7.P.3e(7)},3K:9(){20(7.1k)7.3e(7.1k)}},9(i,n){C.15[i]=9(){F 7.J(n,1a)}});C.J(["5Q","5P","5M","5L"],9(i,n){C.15[n]=9(a,b){F 7.1l(":"+n+"("+a+")",b)}});C.J(["1u","24"],9(i,n){C.15[n]=9(h){F h==Q?(7.H?C.1h(7[0],n):K):7.1h(n,h.1b==3n?h:h+"4t")}});E A=C.N.1H&&5K(C.N.6b)<7Z?"(?:[\\\\w*2l-]|\\\\\\\\.)":"(?:[\\\\w\\7Y-\\7V*2l-]|\\\\\\\\.)",5I=1s 3C("^[/>]\\\\s*("+A+"+)"),5H=1s 3C("^("+A+"+)(#)("+A+"+)"),5G=1s 3C("^([#.]?)("+A+"*)");C.14({4w:{"":"m[2]==\'*\'||16.W(a,m[2])","#":"a.3F(\'2j\')==m[2]",":":{5P:"i<m[3]-0",5M:"i>m[3]-0",25:"m[3]-0==i",5Q:"m[3]-0==i",2H:"i==0",2P:"i==r.H-1",5E:"i%2==0",5D:"i%2","2H-3z":"a.P.4L(\'*\')[0]==a","2P-3z":"16.25(a.P.3Y,1,\'4B\')==a","7U-3z":"!16.25(a.P.3Y,2,\'4B\')",5Y:"a.1k",3K:"!a.1k",5L:"(a.5Z||a.7T||\'\').U(m[3])>=0",4N:\'"1C"!=a.L&&16.1h(a,"11")!="1T"&&16.1h(a,"3V")!="1C"\',1C:\'"1C"==a.L||16.1h(a,"11")=="1T"||16.1h(a,"3V")=="1C"\',7R:"!a.30",30:"a.30",27:"a.27",28:"a.28||16.1j(a,\'28\')",2Q:"\'2Q\'==a.L",4e:"\'4e\'==a.L",3i:"\'3i\'==a.L",4v:"\'4v\'==a.L",5C:"\'5C\'==a.L",4u:"\'4u\'==a.L",5B:"\'5B\'==a.L",5A:"\'5A\'==a.L",1X:\'"1X"==a.L||16.W(a,"1X")\',39:"/39|2b|7P|1X/i.1d(a.W)",2N:"16.1F(m[3],a).H"},"[":"16.1F(m[2],a).H"},5x:[/^\\[ *(@)([\\w-]+) *([!*$^~=]*) *(\'?"?)(.*?)\\4 *\\]/,/^(\\[)\\s*(.*?(\\[.*?\\])?[^[]*?)\\s*\\]/,/^(:)([\\w-]+)\\("?\'?(.*?(\\(.*?\\))?[^(]*?)"?\'?\\)/,1s 3C("^([:.#]*)("+A+"+)")],2R:9(a,c,b){E d,1Y=[];20(a&&a!=d){d=a;E f=C.1l(a,c,b);a=f.t.1v(/^\\s*,\\s*/,"");1Y=b?c=f.r:C.29(1Y,f.r)}F 1Y},1F:9(t,l){6(1f t!="1E")F[t];6(l&&!l.1t)l=K;l=l||R;6(!t.U("//")){t=t.2K(2,t.H)}G 6(!t.U("/")&&!l.2I){l=l.3D;t=t.2K(1,t.H);6(t.U("/")>=1)t=t.2K(t.U("/"),t.H)}E d=[l],2q=[],2P;20(t&&2P!=t){E r=[];2P=t;t=C.2s(t).1v(/^\\/\\//,"");E k=M;E g=5I;E m=g.2d(t);6(m){E o=m[1].1I();I(E i=0;d[i];i++)I(E c=d[i].1k;c;c=c.2a)6(c.1t==1&&(o=="*"||c.W.1I()==o.1I()))r.Y(c);d=r;t=t.1v(g,"");6(t.U(" ")==0)5X;k=O}G{g=/^((\\/?\\.\\.)|([>\\/+~]))\\s*(\\w*)/i;6((m=g.2d(t))!=K){r=[];E o=m[4],1q=C.1q++;m=m[1];I(E j=0,2o=d.H;j<2o;j++)6(m.U("..")<0){E n=m=="~"||m=="+"?d[j].2a:d[j].1k;I(;n;n=n.2a)6(n.1t==1){6(m=="~"&&n.1q==1q)1J;6(!o||n.W.1I()==o.1I()){6(m=="~")n.1q=1q;r.Y(n)}6(m=="+")1J}}G r.Y(d[j].P);d=r;t=C.2s(t.1v(g,""));k=O}}6(t&&!k){6(!t.U(",")){6(l==d[0])d.4s();2q=C.29(2q,d);r=d=[l];t=" "+t.2K(1,t.H)}G{E h=5H;E m=h.2d(t);6(m){m=[0,m[2],m[3],m[1]]}G{h=5G;m=h.2d(t)}m[2]=m[2].1v(/\\\\/g,"");E f=d[d.H-1];6(m[1]=="#"&&f&&f.37&&!C.3E(f)){E p=f.37(m[2]);6((C.N.12||C.N.2t)&&p&&1f p.2j=="1E"&&p.2j!=m[2])p=C(\'[@2j="\'+m[2]+\'"]\',f)[0];d=r=p&&(!m[3]||C.W(p,m[3]))?[p]:[]}G{I(E i=0;d[i];i++){E a=m[1]!=""||m[0]==""?"*":m[2];6(a=="*"&&d[i].W.2D()=="4P")a="2O";r=C.29(r,d[i].4L(a))}6(m[1]==".")r=C.4r(r,m[2]);6(m[1]=="#"){E e=[];I(E i=0;r[i];i++)6(r[i].3F("2j")==m[2]){e=[r[i]];1J}r=e}d=r}t=t.1v(h,"")}}6(t){E b=C.1l(t,r);d=r=b.r;t=C.2s(b.t)}}6(t)d=[];6(d&&l==d[0])d.4s();2q=C.29(2q,d);F 2q},4r:9(r,m,a){m=" "+m+" ";E c=[];I(E i=0;r[i];i++){E b=(" "+r[i].18+" ").U(m)>=0;6(!a&&b||a&&!b)c.Y(r[i])}F c},1l:9(t,r,h){E d;20(t&&t!=d){d=t;E p=C.5x,m;I(E i=0;p[i];i++){m=p[i].2d(t);6(m){t=t.7N(m[0].H);m[2]=m[2].1v(/\\\\/g,"");1J}}6(!m)1J;6(m[1]==":"&&m[2]=="5l")r=C.1l(m[3],r,O).r;G 6(m[1]==".")r=C.4r(r,m[2],h);G 6(m[1]=="@"){E g=[],L=m[3];I(E i=0,2o=r.H;i<2o;i++){E a=r[i],z=a[C.4q[m[2]]||m[2]];6(z==K||/5R|32|28/.1d(m[2]))z=C.1j(a,m[2])||\'\';6((L==""&&!!z||L=="="&&z==m[5]||L=="!="&&z!=m[5]||L=="^="&&z&&!z.U(m[5])||L=="$="&&z.2K(z.H-m[5].H)==m[5]||(L=="*="||L=="~=")&&z.U(m[5])>=0)^h)g.Y(a)}r=g}G 6(m[1]==":"&&m[2]=="25-3z"){E e=C.1q++,g=[],1d=/(\\d*)n\\+?(\\d*)/.2d(m[3]=="5E"&&"2n"||m[3]=="5D"&&"2n+1"||!/\\D/.1d(m[3])&&"n+"+m[3]||m[3]),2H=(1d[1]||1)-0,d=1d[2]-0;I(E i=0,2o=r.H;i<2o;i++){E j=r[i],P=j.P;6(e!=P.1q){E c=1;I(E n=P.1k;n;n=n.2a)6(n.1t==1)n.4o=c++;P.1q=e}E b=M;6(2H==1){6(d==0||j.4o==d)b=O}G 6((j.4o+d)%2H==0)b=O;6(b^h)g.Y(j)}r=g}G{E f=C.4w[m[1]];6(1f f!="1E")f=C.4w[m[1]][m[2]];f=2T("M||9(a,i){F "+f+"}");r=C.2B(r,f,h)}}F{r:r,t:t}},4C:9(c){E b=[];E a=c.P;20(a&&a!=R){b.Y(a);a=a.P}F b},25:9(a,e,c,b){e=e||1;E d=0;I(;a;a=a[c])6(a.1t==1&&++d==e)1J;F a},4A:9(n,a){E r=[];I(;n;n=n.2a){6(n.1t==1&&(!a||n!=a))r.Y(n)}F r}});C.1c={1r:9(f,d,c,b){6(C.N.12&&f.3t!=Q)f=19;6(!c.22)c.22=7.22++;6(b!=Q){E e=c;c=9(){F e.T(7,1a)};c.V=b;c.22=e.22}6(!f.$1i)f.$1i={};6(!f.$1y)f.$1y=9(){E a;6(1f C=="Q"||C.1c.4n)F a;a=C.1c.1y.T(f,1a);F a};E g=f.$1i[d];6(!g){g=f.$1i[d]={};6(f.4m)f.4m(d,f.$1y,M);G f.7M("3r"+d,f.$1y)}g[c.22]=c;7.1D[d]=O},22:1,1D:{},23:9(c,b,a){E d=c.$1i,2c,45;6(d){6(b&&b.L){a=b.4l;b=b.L}6(!b){I(b 17 d)7.23(c,b)}G 6(d[b]){6(a)4k d[b][a.22];G I(a 17 c.$1i[b])4k d[b][a];I(2c 17 d[b])1J;6(!2c){6(c.4j)c.4j(b,c.$1y,M);G c.7L("3r"+b,c.$1y);2c=K;4k d[b]}}I(2c 17 d)1J;6(!2c)c.$1y=c.$1i=K}},1z:9(c,b,d){b=C.2V(b||[]);6(!d){6(7.1D[c])C("*").1r([19,R]).1z(c,b)}G{E a,2c,15=C.1g(d[c]||K);b.42(7.4i({L:c,1S:d}));6(C.1g(d.$1y))a=d.$1y.T(d,b);6(!15&&d["3r"+c]&&d["3r"+c].T(d,b)===M)a=M;6(15&&a!==M&&!(C.W(d,\'a\')&&c=="4h")){7.4n=O;d[c]()}7.4n=M}},1y:9(b){E a;b=C.1c.4i(b||19.1c||{});E c=7.$1i&&7.$1i[b.L],2e=1K.3v.3S.2S(1a,1);2e.42(b);I(E j 17 c){2e[0].4l=c[j];2e[0].V=c[j].V;6(c[j].T(7,2e)===M){b.2u();b.2X();a=M}}6(C.N.12)b.1S=b.2u=b.2X=b.4l=b.V=K;F a},4i:9(c){E a=c;c=C.14({},a);c.2u=9(){6(a.2u)a.2u();a.7I=M};c.2X=9(){6(a.2X)a.2X();a.7H=O};6(!c.1S&&c.5r)c.1S=c.5r;6(C.N.1H&&c.1S.1t==3)c.1S=a.1S.P;6(!c.4g&&c.4F)c.4g=c.4F==c.1S?c.7C:c.4F;6(c.5p==K&&c.66!=K){E e=R.3D,b=R.4z;c.5p=c.66+(e&&e.5o||b.5o||0);c.7z=c.7v+(e&&e.5m||b.5m||0)}6(!c.3Q&&(c.5k||c.5j))c.3Q=c.5k||c.5j;6(!c.5i&&c.5g)c.5i=c.5g;6(!c.3Q&&c.1X)c.3Q=(c.1X&1?1:(c.1X&2?3:(c.1X&4?2:0)));F c}};C.15.14({3l:9(c,a,b){F c=="5f"?7.5e(c,a,b):7.J(9(){C.1c.1r(7,c,b||a,b&&a)})},5e:9(d,b,c){F 7.J(9(){C.1c.1r(7,d,9(a){C(7).49(a);F(c||b).T(7,1a)},c&&b)})},49:9(a,b){F 7.J(9(){C.1c.23(7,a,b)})},1z:9(a,b){F 7.J(9(){C.1c.1z(a,b,7)})},1W:9(){E a=1a;F 7.4h(9(e){7.3T=0==7.3T?1:0;e.2u();F a[7.3T].T(7,[e])||M})},7p:9(f,g){9 3U(e){E p=e.4g;20(p&&p!=7)2g{p=p.P}2h(e){p=7};6(p==7)F M;F(e.L=="3W"?f:g).T(7,[e])}F 7.3W(3U).5b(3U)},1L:9(f){5a();6(C.36)f.T(R,[C]);G C.2C.Y(9(){F f.T(7,[C])});F 7}});C.14({36:M,2C:[],1L:9(){6(!C.36){C.36=O;6(C.2C){C.J(C.2C,9(){7.T(R)});C.2C=K}6(C.N.3J||C.N.2t)R.4j("59",C.1L,M);6(!19.7m.H)C(19).2f(9(){C("#4b").23()})}}});C.J(("7l,7k,2f,7j,7i,5f,4h,7g,"+"7f,7d,7c,3W,5b,7b,2b,"+"4u,7a,79,78,3f").2M(","),9(i,o){C.15[o]=9(f){F f?7.3l(o,f):7.1z(o)}});E w=M;9 5a(){6(w)F;w=O;6(C.N.3J||C.N.2t)R.4m("59",C.1L,M);G 6(C.N.12){R.75("<73"+"72 2j=4b 70=O "+"32=//:><\\/33>");E a=R.37("4b");6(a)a.6Z=9(){6(R.3d!="1x")F;C.1L()};a=K}G 6(C.N.1H)C.48=3t(9(){6(R.3d=="6Y"||R.3d=="1x"){47(C.48);C.48=K;C.1L()}},10);C.1c.1r(19,"2f",C.1L)}C.15.14({6X:9(c,b,a){7.2f(c,b,a,1)},2f:9(g,e,c,d){6(C.1g(g))F 7.3l("2f",g);c=c||9(){};E f="46";6(e)6(C.1g(e)){c=e;e=K}G{e=C.2O(e);f="55"}E h=7;C.31({1G:g,L:f,V:e,2F:d,1x:9(a,b){6(b=="1U"||!d&&b=="54")h.5W(a.43);4x(9(){h.J(c,[a.43,b,a])},13)}});F 7},6W:9(){F C.2O(7)},6V:9(){}});C.J("53,52,51,50,4Z,5h".2M(","),9(i,o){C.15[o]=9(f){F 7.3l(o,f)}});C.14({21:9(e,c,a,d,b){6(C.1g(c)){a=c;c=K}F C.31({L:"46",1G:e,V:c,1U:a,3G:d,2F:b})},6U:9(d,b,a,c){F C.21(d,b,a,c,1)},6T:9(b,a){F C.21(b,K,a,"33")},77:9(c,b,a){F C.21(c,b,a,"56")},6S:9(d,b,a,c){6(C.1g(b)){a=b;b={}}F C.31({L:"55",1G:d,V:b,1U:a,3G:c})},6R:9(a){C.3u.1Q=a},6Q:9(a){C.14(C.3u,a)},3u:{1D:O,L:"46",1Q:0,4Y:"6P/x-6O-38-6N",4X:O,2w:O,V:K},3h:{},31:9(s){s=C.14(O,s,C.14(O,{},C.3u,s));6(s.V){6(s.4X&&1f s.V!="1E")s.V=C.2O(s.V);6(s.L.2D()=="21"){s.1G+=(s.1G.U("?")>-1?"&":"?")+s.V;s.V=K}}6(s.1D&&!C.40++)C.1c.1z("53");E f=M;E h=19.4W?1s 4W("6M.6K"):1s 58();h.6J(s.L,s.1G,s.2w);6(s.V)h.4c("7r-7s",s.4Y);6(s.2F)h.4c("6G-3Z-6E",C.3h[s.1G]||"7w, 6C 7y 6B 4J:4J:4J 6z");h.4c("X-7D-7E","58");6(s.4U)s.4U(h);6(s.1D)C.1c.1z("5h",[h,s]);E g=9(d){6(!f&&h&&(h.3d==4||d=="1Q")){f=O;6(i){47(i);i=K}E c=d=="1Q"&&"1Q"||!C.5n(h)&&"3f"||s.2F&&C.5s(h,s.1G)&&"54"||"1U";6(c=="1U"){2g{E a=C.5q(h,s.3G)}2h(e){c="4I"}}6(c=="1U"){E b;2g{b=h.4f("4S-3Z")}2h(e){}6(s.2F&&b)C.3h[s.1G]=b;6(s.1U)s.1U(a,c);6(s.1D)C.1c.1z("4Z",[h,s])}G C.3X(s,h,c);6(s.1D)C.1c.1z("51",[h,s]);6(s.1D&&!--C.40)C.1c.1z("52");6(s.1x)s.1x(h,c);6(s.2w)h=K}};6(s.2w){E i=3t(g,13);6(s.1Q>0)4x(9(){6(h){h.6w();6(!f)g("1Q")}},s.1Q)}2g{h.6v(s.V)}2h(e){C.3X(s,h,K,e)}6(!s.2w)g();F h},3X:9(s,a,b,e){6(s.3f)s.3f(a,b,e);6(s.1D)C.1c.1z("50",[a,s,e])},40:0,5n:9(r){2g{F!r.26&&6t.6r=="4v:"||(r.26>=4R&&r.26<6q)||r.26==5z||C.N.1H&&r.26==Q}2h(e){}F M},5s:9(a,c){2g{E b=a.4f("4S-3Z");F a.26==5z||b==C.3h[c]||C.N.1H&&a.26==Q}2h(e){}F M},5q:9(r,a){E b=r.4f("6o-L");E c=a=="5F"||!a&&b&&b.U("5F")>=0;V=c?r.7W:r.43;6(c&&V.3D.4y=="4I")7X"4I";6(a=="33")C.4E(V);6(a=="56")V=2T("("+V+")");F V},2O:9(a){E s=[];6(a.1b==1K||a.3w)C.J(a,9(){s.Y(2y(7.6l)+"="+2y(7.2A))});G I(E j 17 a)6(a[j]&&a[j].1b==1K)C.J(a[j],9(){s.Y(2y(j)+"="+2y(7))});G s.Y(2y(j)+"="+2y(a[j]));F s.5w("&")}});C.15.14({1o:9(b,a){F b?7.1B({1u:"1o",24:"1o",1e:"1o"},b,a):7.1l(":1C").J(9(){7.S.11=7.2r?7.2r:"";6(C.1h(7,"11")=="1T")7.S.11="2m"}).3L()},1p:9(b,a){F b?7.1B({1u:"1p",24:"1p",1e:"1p"},b,a):7.1l(":4N").J(9(){7.2r=7.2r||C.1h(7,"11");6(7.2r=="1T")7.2r="2m";7.S.11="1T"}).3L()},5O:C.15.1W,1W:9(a,b){F C.1g(a)&&C.1g(b)?7.5O(a,b):a?7.1B({1u:"1W",24:"1W",1e:"1W"},a,b):7.J(9(){C(7)[C(7).3y(":1C")?"1o":"1p"]()})},6i:9(b,a){F 7.1B({1u:"1o"},b,a)},6h:9(b,a){F 7.1B({1u:"1p"},b,a)},6g:9(b,a){F 7.1B({1u:"1W"},b,a)},6f:9(b,a){F 7.1B({1e:"1o"},b,a)},89:9(b,a){F 7.1B({1e:"1p"},b,a)},6e:9(c,a,b){F 7.1B({1e:a},c,b)},1B:9(d,h,f,g){F 7.1n(9(){E c=C(7).3y(":1C"),1Z=C.5V(h,f,g),5U=7;I(E p 17 d){6(d[p]=="1p"&&c||d[p]=="1o"&&!c)F C.1g(1Z.1x)&&1Z.1x.T(7);6(p=="1u"||p=="24"){1Z.11=C.1h(7,"11");1Z.2z=7.S.2z}}6(1Z.2z!=K)7.S.2z="1C";7.2v=C.14({},d);C.J(d,9(a,b){E e=1s C.2Y(5U,1Z,a);6(b.1b==3x)e.3R(e.1Y()||0,b);G e[b=="1W"?c?"1o":"1p":b](d)});F O})},1n:9(a,b){6(!b){b=a;a="2Y"}F 7.J(9(){6(!7.1n)7.1n={};6(!7.1n[a])7.1n[a]=[];7.1n[a].Y(b);6(7.1n[a].H==1)b.T(7)})}});C.14({5V:9(b,a,c){E d=b&&b.1b==8G?b:{1x:c||!c&&a||C.1g(b)&&b,1N:b,35:c&&a||a&&a.1b!=8F&&a};d.1N=(d.1N&&d.1N.1b==3x?d.1N:{8D:8C,8B:4R}[d.1N])||8A;d.2U=d.1x;d.1x=9(){C.68(7,"2Y");6(C.1g(d.2U))d.2U.T(7)};F d},35:{62:9(p,n,b,a){F b+a*p},4H:9(p,n,b,a){F((-67.8z(p*67.8y)/2)+0.5)*a+b}},1n:{},68:9(b,a){a=a||"2Y";6(b.1n&&b.1n[a]){b.1n[a].4s();E f=b.1n[a][0];6(f)f.T(b)}},3N:[],2Y:9(f,e,g){E z=7;E y=f.S;z.a=9(){6(e.3q)e.3q.T(f,[z.2x]);6(g=="1e")C.1j(y,"1e",z.2x);G{y[g]=5K(z.2x)+"4t";6(g=="1u"||g=="24")y.11="2m"}};z.65=9(){F 3m(C.1h(f,g))};z.1Y=9(){E r=3m(C.34(f,g));F r&&r>-8v?r:z.65()};z.3R=9(c,b){z.4M=(1s 64()).63();z.2x=c;z.a();C.3N.Y(9(){F z.3q(c,b)});6(C.3N.H==1){E d=3t(9(){E a=C.3N;I(E i=0;i<a.H;i++)6(!a[i]())a.8t(i--,1);6(!a.H)47(d)},13)}};z.1o=9(){6(!f.2i)f.2i={};f.2i[g]=C.1j(f.S,g);e.1o=O;z.3R(0,7.1Y());6(g!="1e")y[g]="8r";C(f).1o()};z.1p=9(){6(!f.2i)f.2i={};f.2i[g]=C.1j(f.S,g);e.1p=O;z.3R(7.1Y(),0)};z.3q=9(a,c){E t=(1s 64()).63();6(t>e.1N+z.4M){z.2x=c;z.a();6(f.2v)f.2v[g]=O;E b=O;I(E i 17 f.2v)6(f.2v[i]!==O)b=M;6(b){6(e.11!=K){y.2z=e.2z;y.11=e.11;6(C.1h(f,"11")=="1T")y.11="2m"}6(e.1p)y.11="1T";6(e.1p||e.1o)I(E p 17 f.2v)C.1j(y,p,f.2i[p])}6(b&&C.1g(e.1x))e.1x.T(f);F M}G{E n=t-7.4M;E p=n/e.1N;z.2x=C.35[e.35||(C.35.4H?"4H":"62")](p,n,a,(c-a),e.1N);z.a()}F O}}})})();',62,541,'||||||if|this||function|||||||||||||||||||||||||||||||var|return|else|length|for|each|null|type|false|browser|true|parentNode|undefined|document|style|apply|indexOf|data|nodeName||push|||display|msie||extend|fn|jQuery|in|className|window|arguments|constructor|event|test|opacity|typeof|isFunction|css|events|attr|firstChild|filter|div|queue|show|hide|mergeNum|add|new|nodeType|height|replace|tbody|complete|handle|trigger|table|animate|hidden|global|string|find|url|safari|toUpperCase|break|Array|ready|al|duration|pushStack|tb|timeout|stack|target|none|success|swap|toggle|button|cur|opt|while|get|guid|remove|width|nth|status|checked|selected|merge|nextSibling|select|ret|exec|args|load|try|catch|orig|id|match|_|block||rl|insertBefore|done|oldblock|trim|opera|preventDefault|curAnim|async|now|encodeURIComponent|overflow|value|grep|readyList|toLowerCase|color|ifModified|val|first|ownerDocument|domManip|substr|defaultView|split|has|param|last|text|multiFilter|call|eval|old|makeArray|innerHTML|stopPropagation|fx|childNodes|disabled|ajax|src|script|curCSS|easing|isReady|getElementById|form|input|float|getComputedStyle|clean|readyState|removeChild|error|static|lastModified|checkbox|selectedIndex|position|bind|parseFloat|String|oWidth|oHeight|step|on|toString|setInterval|ajaxSettings|prototype|jquery|Number|is|child|ol|cloneNode|RegExp|documentElement|isXMLDoc|getAttribute|dataType|append|styleFloat|mozilla|empty|end|map|timers|tr|el|which|custom|slice|lastToggle|handleHover|visibility|mouseover|handleError|lastChild|Modified|active|currentStyle|unshift|responseText|getPropertyValue|index|GET|clearInterval|safariTimer|unbind|init|__ie_init|setRequestHeader|unique|radio|getResponseHeader|relatedTarget|click|fix|removeEventListener|delete|handler|addEventListener|triggered|nodeIndex|appendChild|props|classFilter|shift|px|submit|file|expr|setTimeout|tagName|body|sibling|previousSibling|parents|deep|globalEval|fromElement|cssFloat|swing|parsererror|00|inArray|getElementsByTagName|startTime|visible|num|object|prop|200|Last|colgroup|beforeSend|fieldset|ActiveXObject|processData|contentType|ajaxSuccess|ajaxError|ajaxComplete|ajaxStop|ajaxStart|notmodified|POST|json|appendTo|XMLHttpRequest|DOMContentLoaded|bindReady|mouseout|prevObject|removeAttr|one|unload|ctrlKey|ajaxSend|metaKey|keyCode|charCode|not|scrollTop|httpSuccess|scrollLeft|pageX|httpData|srcElement|httpNotModified|after|before|prepend|join|parse|zoom|304|reset|image|password|odd|even|xml|quickClass|quickID|quickChild|setArray|parseInt|contains|gt|execScript|_toggle|lt|eq|href|nodeValue|alpha|self|speed|html|continue|parent|textContent|createTextNode|webkit|linear|getTime|Date|max|clientX|Math|dequeue|fl|createElement|version|100|NaN|fadeTo|fadeIn|slideToggle|slideUp|slideDown|setAttribute|getAttributeNode|name|method|action|content|cssText|300|protocol|FORM|location|options|send|abort|col|th|GMT|td|1970|01|cap|Since|colg|If|tfoot|thead|open|XMLHTTP|leg|Microsoft|urlencoded|www|application|ajaxSetup|ajaxTimeout|post|getScript|getIfModified|evalScripts|serialize|loadIfModified|loaded|onreadystatechange|defer|clientWidth|ipt|scr|clientHeight|write|relative|getJSON|keyup|keypress|keydown|change|mousemove|mouseup|left|mousedown|dblclick|right|scroll|resize|focus|blur|frames|absolute|clone|hover|offsetWidth|Content|Type|offsetHeight|Width|clientY|Thu|border|Jan|pageY|padding|Left|toElement|Requested|With|Right|Bottom|cancelBubble|returnValue|Top|size|detachEvent|attachEvent|substring|line|textarea|weight|enabled|font|innerText|only|uFFFF|responseXML|throw|u0128|417|toggleClass|removeClass|wrap|addClass|removeAttribute|insertAfter|prependTo|children|siblings|fadeOut|noConflict|prev|next|Boolean|maxLength|maxlength|readOnly|readonly|class|htmlFor|CSS1Compat|compatMode|boxModel|compatible|ie|ra|it|1px|rv|splice|userAgent|10000|navigator|concat|PI|cos|400|fast|600|slow|reverse|Function|Object|array|ig'.split('|'),0,{})); jQuery.noConflict(); - diff --git a/wp-includes/js/tinymce/plugins/spellchecker/editor_plugin.js b/wp-includes/js/tinymce/plugins/spellchecker/editor_plugin.js index 18b1101..865b332 100755 --- a/wp-includes/js/tinymce/plugins/spellchecker/editor_plugin.js +++ b/wp-includes/js/tinymce/plugins/spellchecker/editor_plugin.js @@ -628,4 +628,3 @@ var TinyMCE_SpellCheckerPlugin = { // Register plugin tinyMCE.addPlugin('spellchecker', TinyMCE_SpellCheckerPlugin); - diff --git a/wp-includes/js/wp-lists.js b/wp-includes/js/wp-lists.js new file mode 100644 index 0000000..edd48e3 --- /dev/null +++ b/wp-includes/js/wp-lists.js @@ -0,0 +1,373 @@ +(function($) { +var currentFormEl = false; +var fs = {add:'ajaxAdd',del:'ajaxDel',dim:'ajaxDim',process:'process',recolor:'recolor'}; + +wpAjax = { + unserialize: function( s ) { + var r = {}; if ( !s ) { return r; } + var q = s.split('?'); if ( q[1] ) { s = q[1]; } + var pp = s.split('&'); + for ( var i in pp ) { + var p = pp[i].split('='); + r[p[0]] = p[1]; + } + return r; + }, + parseAjaxResponse: function( x, r ) { // 1 = good, 0 = strange (bad data?), -1 = you lack permission + var re = $('#' + r).html(''); + if ( x && typeof x == 'object' && x.getElementsByTagName('wp_ajax') ) { + if ( $('wp_error', x).each( function() { re.append('<p>' + this.firstChild.nodeValue + '</p>'); } ).size() ) { + return !re.wrap( '<div class="error"></div>' ); + } + return true; + } + if ( isNaN(x) ) { return !re.html('<div class="error"><p>' + x + '</p></div>'); } + x = parseInt(x,10); + if ( -1 == x ) { return !re.html('<div class="error"><p>You do not have permission to do that.</p></div>'); } + else if ( 0 === x ) { return !re.html('<div class="error"><p>AJAX is teh b0rked.</p></div>'); } + return true; + } +}; + +var wpList = { + settings: { + url: wpListL10n.url, type: 'POST', + response: 'ajax-response', + + what: '', + alt: 'alternate', altOffset: 0, + addColor: null, delColor: null, dimAddColor: null, dimDelColor: null, + + confirm: null, + addBefore: null, addAfter: null, + delBefore: null, delAfter: null, + dimBefore: null, dimAfter: null + }, + + nonce: function(e,s) { + var url = wpAjax.unserialize(e.attr('href')); + return s.nonce || url._ajax_nonce || $('#' + s.element + ' input[@name=_ajax_nonce]').val() || url._wpnonce || $('#' + s.element + ' input[@name=_wpnonce]').val() || 0; + }, + + parseClass: function(e,t) { + var c = []; try { c = $(e).attr('class').match(new RegExp(t+':[A-Za-z0-9:_=-]+'))[0].split(':'); } catch(r) {} + return c; + }, + + pre: function(e,s,a) { + var bg; var r; + s = $.extend( {}, this.wpList.settings, { + element: null, + nonce: 0 + }, s || {} ); + if ( $.isFunction( s.confirm ) ) { + if ( 'add' != a ) { + bg = $('#' + s.element).css('background-color'); + $('#' + s.element).css('background-color', '#FF9966'); + } + r = s.confirm.call(this,e,s,a,bg); + if ( 'add' != a ) { $('#' + s.element).css('background-color', bg ); } + if ( !r ) { return false; } + } + return s; + }, + + ajaxAdd: function( e, s ) { + var list = this; e = $(e); s = s || {}; + var cls = wpList.parseClass(e,'add'); + s = $.extend(s, { + element: s.element || cls[2] || e.attr( 'id' ) || null, + addColor: s.addColor || '#' + ( cls[3] || 'FFFF33' ) + } ); + s = wpList.pre.call( list, e, s, 'add' ); + if ( !s ) { return false; } + + if ( !e.is("[@class^=add:" + list.id + ":]") ) { return !wpList.add.call( list, e, s ); } + + if ( !s.element ) { return true; } + + s.action = 'add-' + s.what; + + s.nonce = wpList.nonce(e,s); + + var es = $('#' + s.element + ' :input').not('[@name=_ajax_nonce], [@name=_wpnonce], [@name=action]'); + s.data = $.param( $.extend( { _ajax_nonce: s.nonce, action: s.action }, wpAjax.unserialize( cls[4] || '' ) ) ); + var formData = $.isFunction(es.fieldSerialize) ? es.fieldSerialize() : es.serialize(); + if ( formData ) { s.data += '&' + formData; } + + if ( $.isFunction(s.addBefore) ) { + s = s.addBefore( s ); + if ( !s ) { return true; } + } + if ( !s.data.match(/_ajax_nonce=[a-f0-9]+/) ) { return true; } + + s.success = function(r) { + if ( !wpAjax.parseAjaxResponse(r, s.response) ) { return false; } + + $(s.what + ' response_data', r).each( function() { + var t = $(this); + wpList.add.call( list, t.text(), $.extend( {}, s, { // this.firstChild.nodevalue + pos: t.parent().attr( 'position' ) || 0, + id: t.parent().attr( 'id' ) || 0, + oldId: t.parent().attr( 'old_id' ) || null + } ) ); + } ); + + if ( $.isFunction(s.addAfter) ) { + var o = this.complete; + this.complete = function(x,st) { + var _s = $.extend( { xml: x, status: st }, s ); + s.addAfter( r, _s ); + if ( $.isFunction(o) ) { o(x,st); } + }; + } + list.wpList.recolor(); + wpList.clear.call(list,'#' + s.element); + }; + + $.ajax( s ); + return false; + }, + + ajaxDel: function( e, s ) { + var list = this; e = $(e); s = s || {}; + var cls = wpList.parseClass(e,'delete'); + s = $.extend(s, { + element: s.element || cls[2] || null, + delColor: s.delColor || '#' + ( cls[3] || 'FF3333' ) + } ); + s = wpList.pre.call( list, e, s, 'delete' ); + if ( !s || !s.element ) { return false; } + + s.action = 'delete-' + s.what; + + s.nonce = wpList.nonce(e,s); + + s.data = $.extend( + { action: s.action, id: s.element.split('-').pop(), _ajax_nonce: s.nonce }, + wpAjax.unserialize( cls[4] || '' ) + ); + + if ( $.isFunction(s.delBefore) ) { + s = s.delBefore( s ); + if ( !s ) { return true; } + } + if ( !s.data._ajax_nonce ) { return true; } + + var func = function() { $('#' + s.element).css( 'background-color', '' ).hide(); list.wpList.recolor(); }; + var hideTO = -1; + if ( 'none' != s.delColor ) { + Fat.fade_element(s.element,null,700,s.delColor); + hideTO = setTimeout(func, 705); + } else { + func(); + } + + s.success = function(r) { + if ( !wpAjax.parseAjaxResponse(r, s.response) ) { + clearTimeout(hideTO); + func = function() { $('#' + s.element).css( 'background-color', '#FF3333' ).show(); list.wpList.recolor(); }; + func(); setTimeout(func, 705); // In case it's still fading + return false; + } + if ( $.isFunction(s.delAfter) ) { + var o = this.complete; + this.complete = function(x,st) { + var _s = $.extend( { xml: x, status: st }, s ); + s.delAfter( r, _s ); + if ( $.isFunction(o) ) { o(x,st); } + }; + } + }; + $.ajax( s ); + return false; + }, + + ajaxDim: function( e, s ) { + var list = this; e = $(e); s = s || {}; + var cls = wpList.parseClass(e,'dim'); + s = $.extend(s, { + element: s.element || cls[2] || null, + dimClass: s.dimClass || cls[3] || null, + dimAddColor: s.dimAddColor || '#' + ( cls[4] || 'FFFF33' ), + dimDelColor: s.dimDelColor || '#' + ( cls[5] || 'FF3333' ) + } ); + s = wpList.pre.call( list, e, s, 'dim' ); + if ( !s || !s.element || !s.dimClass ) { return true; } + + s.action = 'dim-' + s.what; + + s.nonce = wpList.nonce(e,s); + + s.data = $.extend( + { action: s.action, id: s.element.split('-').pop(), dimClass: s.dimClass, _ajax_nonce : s.nonce }, + wpAjax.unserialize( cls[6] || '' ) + ); + + if ( $.isFunction(s.dimBefore) ) { + s = s.dimBefore( s ); + if ( !s ) { return true; } + } + + if ( !s.data._ajax_nonce ) { return true; } + + var isClass = $('#' + s.element).toggleClass(s.dimClass).is('.' + s.dimClass); + if ( isClass && 'none' != s.dimAddColor ) { Fat.fade_element(s.element,null,700,s.dimAddColor); } + else if ( !isClass && 'none' != s.dimDelColor ) { Fat.fade_element(s.element,null,700,s.dimDelColor); } + + var dimTO = setTimeout( function() { $('#' + s.element).css( 'background-color', '' ); }, 705 ); + + s.success = function(r) { + if ( !wpAjax.parseAjaxResponse(r, s.response) ) { + clearTimeout(dimTO); + func = function() { $('#' + s.element).css( 'background-color', '#FF3333' )[isClass?'removeClass':'addClass'](s.dimClass); }; + func(); setTimeout(func, 705); + return false; + } + if ( $.isFunction(s.dimAfter) ) { + var o = this.complete; + this.complete = function(x,st) { + var _s = $.extend( { xml: x, status: st }, s ); + s.dimAfter( r, _s ); + if ( $.isFunction(o) ) { o(x,st); } + }; + } + }; + + $.ajax( s ); + return false; + }, + + add: function( e, s ) { + list = $(this); + e = $(e); + + var old = false; var next = false; + var _s = { pos: 0, id: 0, oldId: null }; + if ( 'string' == typeof s ) { s = { what: s }; } + s = $.extend(_s, this.wpList.settings, s); + + if ( !e.size() || !s.what ) { return false; } + if ( s.oldId ) { + old = $('#' + s.what + '-' + s.oldId); + next = old.next(); + old.remove(); + } + if ( s.id ) { $('#' + s.what + '-' + s.id).remove(); } + + if ( old && old.size() ) { + if ( next && next.size() ) { + next.before(e); + } else { + list.append(e); + } + } else if ( isNaN(s.pos) ) { + var ba = 'after'; + if ( '-' == s.pos.substr(0,1) ) { + s.pos = s.pos.substr(1); + ba = 'before'; + } + var ref = list.find( '#' + s.pos ); + if ( 1 === ref.size() ) { ref[ba](e); } + else { list.append(e); } + } else if ( s.pos < 0 ) { + list.prepend(e); + } else { + list.append(e); + } + + if ( s.alt ) { + if ( ( list.children(':visible').index( e[0] ) + s.altOffset ) % 2 ) { e.removeClass( s.alt ); } + else { e.addClass( s.alt ); } + } + + if ( 'none' != s.addColor ) { + Fat.fade_element(e.attr('id'),null,700,s.addColor); + setTimeout( function() { + var b = e.css( 'background-color' ); + var g = e.css( 'background-color', '' ).css( 'background-color' ); + if ( b != g ) { e.css( 'background-color', b ); } + }, 705 ); + } + list.each( function() { this.wpList.process( e ); } ); + return e; + }, + + clear: function(e) { + var list = this; + e = $(e); + if ( list.wpList && e.parents( '#' + list.id ).size() ) { return; } + e.find(':input').each( function() { + var t = this.type.toLowerCase(); var tag = this.tagName.toLowerCase(); + if ( 'text' == t || 'password' == t || 'textarea' == tag ) { this.value = ''; } + else if ( 'checkbox' == t || 'radio' == t ) { this.checked = false; } + else if ( 'select' == tag ) { this.selectedIndex = null; } + }); + }, + + process: function(el) { + var list = this; + var bl = function() { currentFormEl = false; }; + var fo = function() { currentFormEl = this; }; + var a = $("[@class^=add:" + list.id + ":]", el || null) + .filter('form').submit( function() { return list.wpList.add(this); } ).end() + .not('form').click( function() { return list.wpList.add(this); } ).each( function() { + var addEl = this; + var c = wpList.parseClass(this,'add')[2] || addEl.id; + if ( !c ) { return; } + var forms = []; var ins = []; + $('#' + c + ' :input').click( function() { $(this).unbind( 'blur', bl ).unbind( 'focus', fo ).blur( bl ).focus( fo ).focus(); } ).each( function() { + ins.push(this); + $.merge(forms,$(this).parents('form')); + forms = $.unique(forms); + } ); + $(forms).submit( function() { + var e = currentFormEl; + if ( 0 <= $.inArray(e,ins) ) { + $(addEl).trigger( 'click' ); + $(e).focus(); + return false; + } + } ); + } ); + var d = $("[@class^=delete:" + list.id + ":]", el || null).click( function() { return list.wpList.del(this); } ); + var c = $("[@class^=dim:" + list.id + ":]", el || null).click( function() { return list.wpList.dim(this); } ); + }, + + recolor: function() { + var list = this; + if ( !list.wpList.settings.alt ) { return; } + var items = $('.list-item:visible', list); + if ( !items.size() ) { items = $(list).children(':visible'); } + var eo = [':even',':odd']; + if ( list.wpList.settings.altOffset % 2 ) { eo.reverse(); } + items.filter(eo[0]).addClass(list.wpList.settings.alt).end().filter(eo[1]).removeClass(list.wpList.settings.alt); + }, + + init: function() { + var lists = this; + lists.wpList.process = function(a) { + lists.each( function() { + this.wpList.process(a); + } ); + }; + lists.wpList.recolor = function() { + lists.each( function() { + this.wpList.recolor(); + } ); + }; + } +}; + +$.fn.wpList = function( settings ) { + this.each( function() { + var _this = this; + this.wpList = { settings: $.extend( {}, wpList.settings, { what: wpList.parseClass(this,'list')[1] || '' }, settings ) }; + $.each( fs, function(i,f) { _this.wpList[i] = function( e, s ) { return wpList[f].call( _this, e, s ); }; } ); + } ); + wpList.init.call(this); + this.wpList.process(); + return this; +}; + +})(jQuery); diff --git a/wp-includes/link-template.php b/wp-includes/link-template.php index 6a0677b..c3b7ed7 100644 --- a/wp-includes/link-template.php +++ b/wp-includes/link-template.php @@ -367,9 +367,9 @@ function get_previous_post($in_same_cat = false, $excluded_categories = '') { if ( $in_same_cat ) { $join = " INNER JOIN $wpdb->term_relationships AS tr ON p.ID = tr.object_id "; $cat_array = wp_get_object_terms($post->ID, 'category', 'fields=tt_ids'); - $join .= ' AND (tr.term_taxonomy_id = ' . intval($cat_array[0]); + $join .= $wpdb->prepare(' AND (tr.term_taxonomy_id = %d', $cat_array[0]); for ( $i = 1; $i < (count($cat_array)); $i++ ) { - $join .= ' OR tr.term_taxonomy_id = ' . intval($cat_array[$i]); + $join .= $wpdb->prepare(' OR tr.term_taxonomy_id = %d', $cat_array[$i]); } $join .= ')'; } @@ -382,7 +382,7 @@ function get_previous_post($in_same_cat = false, $excluded_categories = '') { } $join = apply_filters( 'get_previous_post_join', $join, $in_same_cat, $excluded_categories ); - $where = apply_filters( 'get_previous_post_where', "WHERE p.post_date < '$current_post_date' AND p.post_type = 'post' AND p.post_status = 'publish' $posts_in_ex_cats_sql", $in_same_cat, $excluded_categories ); + $where = apply_filters( 'get_previous_post_where', $wpdb->prepare("WHERE p.post_date < %s AND p.post_type = 'post' AND p.post_status = 'publish' $posts_in_ex_cats_sql", $current_post_date), $in_same_cat, $excluded_categories ); $sort = apply_filters( 'get_previous_post_sort', 'ORDER BY p.post_date DESC LIMIT 1' ); return @$wpdb->get_row("SELECT p.ID, p.post_title FROM $wpdb->posts AS p $join $where $sort"); @@ -400,9 +400,9 @@ function get_next_post($in_same_cat = false, $excluded_categories = '') { if ( $in_same_cat ) { $join = " INNER JOIN $wpdb->term_relationships AS tr ON p.ID = tr.object_id "; $cat_array = wp_get_object_terms($post->ID, 'category', 'fields=tt_ids'); - $join .= ' AND (tr.term_taxonomy_id = ' . intval($cat_array[0]); + $join .= $wpdb->prepare(' AND (tr.term_taxonomy_id = %d', $cat_array[0]); for ( $i = 1; $i < (count($cat_array)); $i++ ) { - $join .= ' OR tr.term_taxonomy_id = ' . intval($cat_array[$i]); + $join .= $wpdb->prepare(' OR tr.term_taxonomy_id = $d', $cat_array[$i]); } $join .= ')'; } @@ -415,7 +415,7 @@ function get_next_post($in_same_cat = false, $excluded_categories = '') { } $join = apply_filters( 'get_next_post_join', $join, $in_same_cat, $excluded_categories ); - $where = apply_filters( 'get_next_post_where', "WHERE p.post_date > '$current_post_date' AND p.post_type = 'post' AND p.post_status = 'publish' $posts_in_ex_cats_sql AND p.ID != $post->ID", $in_same_cat, $excluded_categories ); + $where = apply_filters( 'get_next_post_where', $wpdb->prepare("WHERE p.post_date > %s AND p.post_type = 'post' AND p.post_status = 'publish' $posts_in_ex_cats_sql AND p.ID != %d", $current_post_date, $post->ID), $in_same_cat, $excluded_categories ); $sort = apply_filters( 'get_next_post_sort', 'ORDER BY p.post_date ASC LIMIT 1' ); return @$wpdb->get_row("SELECT p.ID, p.post_title FROM $wpdb->posts AS p $join $where $sort"); diff --git a/wp-includes/pluggable.php b/wp-includes/pluggable.php index b25ede2..5c92fe4 100644 --- a/wp-includes/pluggable.php +++ b/wp-includes/pluggable.php @@ -60,7 +60,7 @@ endif; if ( !function_exists('get_userdata') ) : function get_userdata( $user_id ) { global $wpdb, $cache_userdata, $wpmuBaseTablePrefix; - $user_id = (int) $user_id; + $user_id = abs(intval($user_id)); if ( $user_id == 0 ) return false; @@ -76,16 +76,16 @@ function get_userdata( $user_id ) { return $user; } - if ( !$user = $wpdb->get_row("SELECT * FROM $wpdb->users WHERE ID = '$user_id'") ) + if ( !$user = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->users WHERE ID = %d LIMIT 1", $user_id)) ) return false; - $metavalues = $wpdb->get_results("SELECT meta_key, meta_value FROM $wpdb->usermeta WHERE user_id = '$user_id' /* pluggable get_userdata */"); + $wpdb->hide_errors(); + $metavalues = $wpdb->get_results($wpdb->prepare("SELECT meta_key, meta_value FROM $wpdb->usermeta WHERE user_id = %d", $user_id)); + $wpdb->show_errors(); if ($metavalues) { foreach ( $metavalues as $meta ) { - @ $value = unserialize($meta->meta_value); - if ($value === FALSE) - $value = $meta->meta_value; + $value = maybe_unserialize($meta->meta_value); $user->{$meta->meta_key} = $value; // We need to set user_level from meta, not row @@ -94,6 +94,14 @@ function get_userdata( $user_id ) { } // end foreach } //end if + // For backwards compat. + if ( isset($user->first_name) ) + $user->user_firstname = $user->first_name; + if ( isset($user->last_name) ) + $user->user_lastname = $user->last_name; + if ( isset($user->description) ) + $user->user_description = $user->description; + if( is_site_admin( $user->user_login ) == true ) { $user->user_level = 10; $cap_key = $wpdb->prefix . 'capabilities'; @@ -101,8 +109,7 @@ function get_userdata( $user_id ) { } wp_cache_add($user_id, $user, 'users'); - wp_cache_add($user->user_login, $user, 'userlogins'); - + wp_cache_add($user->user_login, $user_id, 'userlogins'); return $user; } endif; @@ -121,7 +128,8 @@ function get_userdatabylogin($user_login) { if ( empty( $user_login ) ) return false; - $userdata = wp_cache_get($user_login, 'userlogins'); + $user_id = wp_cache_get($user_login, 'userlogins'); + $userdata = wp_cache_get($user_id, 'users'); if( $userdata && is_site_admin( $user_login ) == true ) { $userdata->user_level = 10; @@ -131,32 +139,15 @@ function get_userdatabylogin($user_login) { } elseif( $userdata ) return $userdata; - if ( !$user = $wpdb->get_row("SELECT * FROM $wpdb->users WHERE user_login = '$user_login'") ) + if ( !$user_ID = $wpdb->get_var($wpdb->prepare("SELECT ID FROM $wpdb->users WHERE user_login = %s", $user_login)) ) return false; - $metavalues = $wpdb->get_results("SELECT meta_key, meta_value FROM $wpdb->usermeta WHERE user_id = '$user->ID'"); - - if ($metavalues) { - foreach ( $metavalues as $meta ) { - @ $value = unserialize($meta->meta_value); - if ($value === FALSE) - $value = $meta->meta_value; - $user->{$meta->meta_key} = $value; - - // We need to set user_level from meta, not row - if ( $wpdb->prefix . 'user_level' == $meta->meta_key ) - $user->user_level = $meta->meta_value; - } - } + $user = get_userdata($user_ID); if( is_site_admin( $user_login ) == true ) { $user->user_level = 10; $cap_key = $wpdb->prefix . 'capabilities'; $user->{$cap_key} = array( 'administrator' => '1' ); } - - wp_cache_add($user->ID, $user, 'users'); - wp_cache_add($user->user_login, $user, 'userlogins'); - return $user; } endif; @@ -255,6 +246,7 @@ function wp_mail( $to, $subject, $message, $headers = '' ) { // Set the from name and email $phpmailer->From = apply_filters( 'wp_mail_from', $from_email ); + $phpmailer->Sender = apply_filters( 'wp_mail_from', $from_email ); $phpmailer->FromName = apply_filters( 'wp_mail_from_name', $from_name ); // Set destination address @@ -320,10 +312,8 @@ function wp_login($username, $password, $already_md5 = false) { return false; } - if ($current_user->data->user_login == $username) - return true; - $login = get_userdatabylogin($username); + //$login = $wpdb->get_row("SELECT ID, user_login, user_pass FROM $wpdb->users WHERE user_login = '$username'"); if (!$login) { if( is_site_admin( $username ) ) { @@ -334,17 +324,17 @@ function wp_login($username, $password, $already_md5 = false) { } else { $admins = get_admin_users_for_domain(); reset( $admins ); - while( list( $key, $val ) = each( $admins ) ) { - if( $val[ 'user_login' ] == $username ) { + foreach( $admins as $admin ) { + if( $admin[ 'user_login' ] == $username ) { unset( $login ); $login->user_login = $username; - $login->user_pass = $val[ 'user_pass' ]; + $login->user_pass = $admin[ 'user_pass' ]; } } } } if (!$login) { - $error = __('<strong>Error</strong>: Wrong username.'); + $error = __('<strong>ERROR</strong>: Invalid username.'); return false; } else { if( is_site_admin( $username ) == false && ( $primary_blog = get_usermeta( $login->ID, "primary_blog" ) ) ) { @@ -359,7 +349,7 @@ function wp_login($username, $password, $already_md5 = false) { if ( ($already_md5 && $login->user_login == $username && md5($login->user_pass) == $password) || ($login->user_login == $username && $login->user_pass == md5($password)) ) { return true; } else { - $error = __('<strong>Error</strong>: Incorrect password.'); + $error = __('<strong>ERROR</strong>: Incorrect password.'); $pwd = ''; return false; } @@ -406,23 +396,26 @@ function check_admin_referer($action = -1) { }endif; if ( !function_exists('check_ajax_referer') ) : -function check_ajax_referer() { - $current_name = ''; - if ( ( $current = wp_get_current_user() ) && $current->ID ) - $current_name = $current->data->user_login; - if ( !$current_name ) - die('-1'); - - $cookie = explode('; ', urldecode(empty($_POST['cookie']) ? $_GET['cookie'] : $_POST['cookie'])); // AJAX scripts must pass cookie=document.cookie - foreach ( $cookie as $tasty ) { - if ( false !== strpos($tasty, USER_COOKIE) ) - $user = substr(strstr($tasty, '='), 1); - if ( false !== strpos($tasty, PASS_COOKIE) ) - $pass = substr(strstr($tasty, '='), 1); - } +function check_ajax_referer( $action = -1 ) { + $nonce = $_REQUEST['_ajax_nonce'] ? $_REQUEST['_ajax_nonce'] : $_REQUEST['_wpnonce']; + if ( !wp_verify_nonce( $nonce, $action ) ) { + $current_name = ''; + if ( ( $current = wp_get_current_user() ) && $current->ID ) + $current_name = $current->data->user_login; + if ( !$current_name ) + die('-1'); + + $cookie = explode('; ', urldecode(empty($_POST['cookie']) ? $_GET['cookie'] : $_POST['cookie'])); // AJAX scripts must pass cookie=document.cookie + foreach ( $cookie as $tasty ) { + if ( false !== strpos($tasty, USER_COOKIE) ) + $user = substr(strstr($tasty, '='), 1); + if ( false !== strpos($tasty, PASS_COOKIE) ) + $pass = substr(strstr($tasty, '='), 1); + } - if ( $current_name != $user || !wp_login( $user, $pass, true ) ) - die('-1'); + if ( $current_name != $user || !wp_login( $user, $pass, true ) ) + die('-1'); + } do_action('check_ajax_referer'); } endif; @@ -494,7 +487,7 @@ function wp_safe_redirect($location, $status = 302) { $allowed_hosts = (array) apply_filters('allowed_redirect_hosts', array($wpp['host']), $lp['host']); - if ( isset($lp['host']) && !in_array($lp['host'], $allowed_hosts) ) + if ( isset($lp['host']) && ( !in_array($lp['host'], $allowed_hosts) && $lp['host'] != strtolower($wpp['host'])) ) $location = get_option('siteurl') . '/wp-admin/'; wp_redirect($location, $status); @@ -637,8 +630,8 @@ function wp_notify_moderator($comment_id) { if( get_option( "moderation_notify" ) == 0 ) return true; - $comment = $wpdb->get_row("SELECT * FROM $wpdb->comments WHERE comment_ID='$comment_id' LIMIT 1"); - $post = $wpdb->get_row("SELECT * FROM $wpdb->posts WHERE ID='$comment->comment_post_ID' LIMIT 1"); + $comment = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_ID=%d LIMIT 1", $comment_id)); + $post = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->posts WHERE ID=%d LIMIT 1", $comment->comment_post_ID)); $comment_author_domain = @gethostbyaddr($comment->comment_author_IP); $comments_waiting = $wpdb->get_var("SELECT count(comment_ID) FROM $wpdb->comments WHERE comment_approved = '0'"); diff --git a/wp-includes/plugin.php b/wp-includes/plugin.php index 385c569..42dde27 100644 --- a/wp-includes/plugin.php +++ b/wp-includes/plugin.php @@ -1,27 +1,79 @@ <?php +/** + * The plugin API is located in this file, which allows for creating actions + * and filters and hooking functions, and methods. The functions or methods will + * then be run when the action or filter is called. + * + * The API callback examples reference functions, but can be methods of classes. + * To hook methods, you'll need to pass an array one of two ways. + * + * For static methods (you won't have access to the <tt>$this</tt> variable in the + * method): + * <code>array('class_name', 'method_name');</code> + * + * The second method will need the reference to the object to have access to the + * method. + * <code>array(&$this, 'method_name');</code> + * <code> + * $obj = new myObject(); + * array(&$obj, 'method_name'); + * </code> + * Any of the syntaxes explained in the PHP documentation for the + * {@link http://us2.php.net/manual/en/language.pseudo-types.php#language.types.callback 'callback' type} are valid. + * + * Also see the {@link http://codex.wordpress.org/Plugin_API Plugin API} for more information + * and examples on how to use a lot of these functions. + * + * @package WordPress + * @subpackage Plugin + * @since 1.5 + */ /** - * Hooks a function to a specific filter action. + * Hooks a function or method to a specific filter action. * * Filters are the hooks that WordPress launches to modify text of various types * before adding it to the database or sending it to the browser screen. Plugins * can specify that one or more of its PHP functions is executed to * modify specific types of text at these times, using the Filter API. - * See the [Plugin API] for a list of filter hooks. + * + * To use the API, the following code should be used to bind a callback to the filter + * <code> + * function example_hook($example) { echo $example; } + * + * add_filter('example_filter', 'example_hook'); + * </code> + * + * In WordPress 1.5.1+, hooked functions can take extra arguments that are set when + * the matching do_action() or apply_filters() call is run. The <tt>$accepted_args + * allow for calling functions only when the number of args match. Hooked functions + * can take extra arguments that are set when the matching <tt>do_action()</tt> or + * <tt>apply_filters()</tt> call is run. For example, the action <tt>comment_id_not_found</tt> + * will pass any functions that hook onto it the ID of the requested comment. + * + * <strong>Note:</strong> the function will return true no matter if the function was hooked + * fails or not. There are no checks for whether the function exists beforehand and no checks + * to whether the <tt>$function_to_add is even a string. It is up to you to take care and + * this is done for optimization purposes, so everything is as quick as possible. + * + * @package WordPress + * @subpackage Plugin + * @since 1.5 + * @global array $wp_filter Stores all of the filters added in the form of + * wp_filter['tag']['array of priorities']['array of functions serialized']['array of ['array (functions, accepted_args)]'] + * @global array $merged_filters Tracks the tags that need to be merged for later. If the hook is added, it doesn't need to run through that process. * * @param string $tag The name of the filter to hook the <tt>$function_to_add</tt> to. * @param callback $function_to_add The name of the function to be called when the filter is applied. * @param int $priority optional. Used to specify the order in which the functions associated with a particular action are executed (default: 10). Lower numbers correspond with earlier execution, and functions with the same priority are executed in the order in which they were added to the action. - * @param int $accepted_args optional. The number of arguments the function accept (default 1). In WordPress 1.5.1+, hooked functions can take extra arguments that are set when the matching do_action() or apply_filters() call is run. - * @return boolean true if the <tt>$function_to_add</tt> is added succesfully to filter <tt>$tag</tt>. How many arguments your function takes. In WordPress 1.5.1+, hooked functions can take extra arguments that are set when the matching <tt>do_action()</tt> or <tt>apply_filters()</tt> call is run. For example, the action <tt>comment_id_not_found</tt> will pass any functions that hook onto it the ID of the requested comment. + * @param int $accepted_args optional. The number of arguments the function accept (default 1). + * @return boolean true */ function add_filter($tag, $function_to_add, $priority = 10, $accepted_args = 1) { global $wp_filter, $merged_filters; - // So the format is wp_filter['tag']['array of priorities']['array of functions serialized']['array of ['array (functions, accepted_args)]'] $idx = _wp_filter_build_unique_id($tag, $function_to_add, $priority); - $wp_filter[$tag][$priority][$idx] = array('function' => $function_to_add, 'accepted_args' => $accepted_args); - //$wp_filter[$tag][$priority][serialize($function_to_add)] = array('function' => $function_to_add, 'accepted_args' => $accepted_args); + $wp_filter[$tag][$priority][$idx] = array('function' => $function_to_add, 'accepted_args' => $accepted_args); unset( $merged_filters[ $tag ] ); return true; } @@ -33,20 +85,35 @@ function add_filter($tag, $function_to_add, $priority = 10, $accepted_args = 1) * calling this function. This function can be used to create a new filter hook * by simply calling this function with the name of the new hook specified using * the <tt>$tag</a> parameter. - * @uses merge_filters Merges the filter hooks using this function. + * + * The function allows for additional arguments to be added and passed to hooks. + * <code> + * function example_hook($string, $arg1, $arg2) + * { + * //Do stuff + * } + * $value = apply_filters('example_filter', 'filter me', 'arg1', 'arg2'); + * </code> + * + * @package WordPress + * @subpackage Plugin + * @since 1.5 + * @global array $wp_filter Stores all of the filters + * @global array $merge_filters Merges the filter hooks using this function. + * * @param string $tag The name of the filter hook. - * @param string $string The text on which the filters hooked to <tt>$tag</tt> are applied on. + * @param string $value The value on which the filters hooked to <tt>$tag</tt> are applied on. * @param mixed $var,... Additional variables passed to the functions hooked to <tt>$tag</tt>. * @return string The text in <tt>$string</tt> after all hooked functions are applied to it. */ -function apply_filters($tag, $string) { +function apply_filters($tag, $value) { global $wp_filter, $merged_filters; if ( !isset( $merged_filters[ $tag ] ) ) merge_filters($tag); if ( !isset($wp_filter[$tag]) ) - return $string; + return $value; reset( $wp_filter[ $tag ] ); @@ -55,13 +122,13 @@ function apply_filters($tag, $string) { do{ foreach( (array) current($wp_filter[$tag]) as $the_ ) if ( !is_null($the_['function']) ){ - $args[1] = $string; - $string = call_user_func_array($the_['function'], array_slice($args, 1, (int) $the_['accepted_args'])); + $args[1] = $value; + $value = call_user_func_array($the_['function'], array_slice($args, 1, (int) $the_['accepted_args'])); } } while ( next($wp_filter[$tag]) !== false ); - return $string; + return $value; } /** @@ -70,7 +137,17 @@ function apply_filters($tag, $string) { * It is possible to defined generic filter functions using the filter hook * <em>all</e>. These functions are called for every filter tag. This function * merges the functions attached to the <em>all</em> hook with the functions - * of a specific hoook defined by <tt>$tag</tt>. + * of a specific hook defined by <tt>$tag</tt>. + * + * Bugged if you hook into 'all' tag, then you <strong>will</strong> lose all priority + * information. {@link http://trac.wordpress.org/ticket/4715 Bug #4715} for more information. + * + * @package WordPress + * @subpackage Plugin + * @since 1.5 + * @global array $wp_filter Stores all of the filters + * @global array $merge_filters Merges the filter hooks using this function. + * * @param string $tag The filter hook of which the functions should be merged. */ function merge_filters($tag) { @@ -92,11 +169,20 @@ function merge_filters($tag) { * This function removes a function attached to a specified filter hook. This * method can be used to remove default functions attached to a specific filter * hook and possibly replace them with a substitute. + * + * To remove a hook, the <tt>$function_to_remove</tt> and <tt>$priority</tt> arguments + * must match when the hook was added. This goes for both filters and actions. No warning + * will be given on removal failure. + * + * @package WordPress + * @subpackage Plugin + * @since 1.5 + * * @param string $tag The filter hook to which the function to be removed is hooked. * @param callback $function_to_remove The name of the function which should be removed. * @param int $priority optional. The priority of the function (default: 10). * @param int $accepted_args optional. The number of arguments the function accpets (default: 1). - * @return boolean Whether the function is removed. + * @return boolean Whether the function existed before it was removed. */ function remove_filter($tag, $function_to_remove, $priority = 10, $accepted_args = 1) { $function_to_remove = _wp_filter_build_unique_id($tag, $function_to_remove, $priority); @@ -117,11 +203,16 @@ function remove_filter($tag, $function_to_remove, $priority = 10, $accepted_args * one or more of its PHP functions are executed at these points, using the * Action API. * + * @uses add_filter() Adds an action. Parameter list and functionality are the same. + * + * @package WordPress + * @subpackage Plugin + * @since 1.5 + * * @param string $tag The name of the action to which the <tt>$function_to-add</tt> is hooked. - * @param callback $function_to_add The name of the function you wish to be called. Note: any of the syntaxes explained in the PHP documentation for the 'callback' type (http://us2.php.net/manual/en/language.pseudo-types.php#language.types.callback) are valid. + * @param callback $function_to_add The name of the function you wish to be called. * @param int $priority optional. Used to specify the order in which the functions associated with a particular action are executed (default: 10). Lower numbers correspond with earlier execution, and functions with the same priority are executed in the order in which they were added to the action. - * @param int $accepted_args optional. The number of arguments the function accept (default 1). In WordPress 1.5.1+, hooked functions can take extra arguments that are set when the matching do_action() or apply_filters() call is run. - * @return boolean Always true. + * @param int $accepted_args optional. The number of arguments the function accept (default 1). */ function add_action($tag, $function_to_add, $priority = 10, $accepted_args = 1) { add_filter($tag, $function_to_add, $priority, $accepted_args); @@ -133,9 +224,21 @@ function add_action($tag, $function_to_add, $priority = 10, $accepted_args = 1) * This function invokes all functions attached to action hook <tt>$tag</tt>. * It is possible to create new action hooks by simply calling this function, * specifying the name of the new hook using the <tt>$tag</tt> parameter. - * @uses merge_filters + * + * You can pass extra arguments to the hooks, much like you can with apply_filters(). + * + * @see apply_filters() This function works similar with the exception that nothing is + * returned and only the functions or methods are called. + * + * @package WordPress + * @subpackage Plugin + * @since 1.5 + * @global array $wp_filter Stores all of the filters + * @global array $wp_actions Increments the amount of times action was triggered. + * * @param string $tag The name of the action to be executed. * @param mixed $arg,... Optional additional arguments which are passed on to the functions hooked to the action. + * @return null Will return null if $tag does not exist in $wp_filter array */ function do_action($tag, $arg = '') { global $wp_filter, $wp_actions; @@ -169,6 +272,12 @@ function do_action($tag, $arg = '') { /** * Return the number times an action is fired. + * + * @package WordPress + * @subpackage Plugin + * @since 2.1 + * @global array $wp_actions Increments the amount of times action was triggered. + * * @param string $tag The name of the action hook. * @return int The number of times action hook <tt>$tag</tt> is fired */ @@ -182,12 +291,22 @@ function did_action($tag) { } /** - * Execute functions hooked on a specific action hook, specifying arguments in a array. + * Execute functions hooked on a specific action hook, specifying arguments in an array. * - * This function is identical to {@link do_action}, but the argumetns passe to + * @see do_action() This function is identical, but the arguments passed to * the functions hooked to <tt>$tag</tt> are supplied using an array. + * + * @uses merge_filters() + * + * @package WordPress + * @subpackage Plugin + * @since 2.1 + * @global array $wp_filter Stores all of the filters + * @global array $wp_actions Increments the amount of times action was triggered. + * * @param string $tag The name of the action to be executed. * @param array $args The arguments supplied to the functions hooked to <tt>$tag</tt> + * @return null Will return null if $tag does not exist in $wp_filter array */ function do_action_ref_array($tag, $args) { global $wp_filter, $wp_actions; @@ -217,6 +336,13 @@ function do_action_ref_array($tag, $args) { * This function removes a function attached to a specified action hook. This * method can be used to remove default functions attached to a specific filter * hook and possibly replace them with a substitute. + * + * @uses remove_filter() Uses remove_filter to remove actions added. + * + * @package WordPress + * @subpackage Plugin + * @since 1.5 + * * @param string $tag The action hook to which the function to be removed is hooked. * @param callback $function_to_remove The name of the function which should be removed. * @param int $priority optional The priority of the function (default: 10). @@ -235,6 +361,13 @@ function remove_action($tag, $function_to_remove, $priority = 10, $accepted_args * Gets the basename of a plugin. * * This method extract the name of a plugin from its filename. + * + * @package WordPress + * @subpackage Plugin + * @since 1.5 + * + * @access private + * * @param string $file The filename of plugin. * @return string The name of a plugin. */ @@ -242,7 +375,6 @@ function plugin_basename($file) { $file = str_replace('\\','/',$file); // sanitize for Win32 installs $file = preg_replace('|/+|','/', $file); // remove any duplicate slash $file = preg_replace('|^.*/wp-content/plugins/|','',$file); // get relative path from plugins dir - $file = preg_replace('|^.*/wp-content/mu-plugins/|','',$file); // get relative path from plugins dir return $file; } @@ -253,10 +385,17 @@ function plugin_basename($file) { * activated. In the name of this hook, PLUGINNAME is replaced with the name of * the plugin, including the optional subdirectory. For example, when the plugin * is located in <tt>wp-content/plugin/sampleplugin/sample.php</tt>, then the - * name of this hook will become 'activate_sampleplugin/sample.php'. + * name of this hook will become 'activate_sampleplugin/sample.php' * When the plugin consists of only one file and is (as by default) located at * <tt>wp-content/plugin/sample.php</tt> the name of this hook will be * 'activate_sample.php'. + * + * @package WordPress + * @subpackage Plugin + * @since 1.5 + * + * @access private + * * @param string $file The filename of the plugin including the path. * @param string $function the function hooked to the 'activate_PLUGIN' action. */ @@ -276,6 +415,13 @@ function register_activation_hook($file, $function) { * When the plugin consists of only one file and is (as by default) located at * <tt>wp-content/plugin/sample.php</tt> the name of this hook will be * 'activate_sample.php'. + * + * @package WordPress + * @subpackage Plugin + * @since 2.0 + * + * @access private + * * @param string $file The filename of the plugin including the path. * @param string $function the function hooked to the 'activate_PLUGIN' action. */ @@ -284,19 +430,49 @@ function register_deactivation_hook($file, $function) { add_action('deactivate_' . $file, $function); } +/** + * Build Unique ID for storage and retrieval + * + * The old way to serialize the callback caused issues and this function is the + * solution. It works by checking for objects and creating an a new property in + * the class to keep track of the object and new objects of the same class that + * need to be added. + * + * It also allows for the removal of actions and filters for objects after they + * change class properties. It is possible to include the property $wp_filter_id + * in your class and set it to "null" or a number to bypass the workaround. However + * this will prevent you from adding new classes and any new classes will overwrite + * the previous hook by the same class. + * + * Functions and static method callbacks are just returned as strings and shouldn't + * have any speed penalty. + * + * @package WordPress + * @subpackage Plugin + * @since 2.2.3 + * + * @link http://trac.wordpress.org/ticket/3875 + * + * @access private + * + * @global array $wp_filter Storage for all of the filters and actions + * @param string $tag Used in counting how many hooks were applied + * @param string|array $function Used for creating unique id + * @param int $priority Used in counting how many hooks were applied + * @return string Unique ID for usage as array key + */ function _wp_filter_build_unique_id($tag, $function, $priority = 10) { global $wp_filter; // If function then just skip all of the tests and not overwrite the following. - // Static Calling if( is_string($function) ) return $function; // Object Class Calling else if(is_object($function[0]) ) { $obj_idx = get_class($function[0]).$function[1]; - if( is_null($function[0]->wp_filter_id) ) { + if( is_null($function[0]->wp_filter_id) ) { // This should be instead of is_null() change to !isset() to fix notice $count = count((array)$wp_filter[$tag][$priority]); $function[0]->wp_filter_id = $count; $obj_idx .= $count; @@ -305,6 +481,7 @@ function _wp_filter_build_unique_id($tag, $function, $priority = 10) $obj_idx .= $function[0]->wp_filter_id; return $obj_idx; } + // Static Calling else if( is_string($function[0]) ) return $function[0].$function[1]; } diff --git a/wp-includes/post-template.php b/wp-includes/post-template.php index a956dc4..175906c 100644 --- a/wp-includes/post-template.php +++ b/wp-includes/post-template.php @@ -445,6 +445,7 @@ function get_attachment_icon( $id = 0, $fullsize = false, $max_dims = false ) { } } else { $post->iconsize = array($imagesize[0], $imagesize[1]); + $constraint = ''; } } @@ -491,4 +492,38 @@ function get_the_password_form() { return $output; } +/** + * is_page_template() - Determine wether or not we are in a page template + * + * This template tag allows you to determine wether or not you are in a page template. + * You can optional provide a template name and then the check will be specific to + * that template. + * + * @package Template Tags + * @global object $wp_query + * @param string $template The specific template name if specific matching is required + */ +function is_page_template($template = '') { + if (!is_page()) { + return false; + } + + global $wp_query; + + $page = $wp_query->get_queried_object(); + $custom_fields = get_post_custom_values('_wp_page_template',$page->ID); + $page_template = $custom_fields[0]; + + // We have no argument passed so just see if a page_template has been specified + if ( empty( $template ) ) { + if (!empty( $page_template ) ) { + return true; + } + } elseif ( $template == $page_template) { + return true; + } + + return false; +} + ?> diff --git a/wp-includes/post.php b/wp-includes/post.php index f23ba32..ecc77c6 100644 --- a/wp-includes/post.php +++ b/wp-includes/post.php @@ -26,7 +26,7 @@ function update_attached_file( $attachment_id, $file ) { } function &get_children($args = '', $output = OBJECT) { - global $post_cache, $wpdb, $blog_id; + global $wpdb; if ( empty( $args ) ) { if ( isset( $GLOBALS['post'] ) ) { @@ -49,14 +49,13 @@ function &get_children($args = '', $output = OBJECT) { $children = get_posts( $r ); - if ( $children ) { - foreach ( $children as $key => $child ) { - $post_cache[$blog_id][$child->ID] =& $children[$key]; - $kids[$child->ID] =& $children[$key]; - } - } else { + if ( !$children ) return false; - } + + update_post_cache($children); + + foreach ( $children as $key => $child ) + $kids[$child->ID] =& $children[$key]; if ( $output == OBJECT ) { return $kids; @@ -93,37 +92,24 @@ function get_extended($post) { // Retrieves post data given a post ID or post object. // Handles post caching. function &get_post(&$post, $output = OBJECT, $filter = 'raw') { - global $post_cache, $wpdb, $blog_id; + global $wpdb; if ( empty($post) ) { if ( isset($GLOBALS['post']) ) $_post = & $GLOBALS['post']; else - $_post = null; + return null; } elseif ( is_object($post) ) { - if ( 'page' == $post->post_type ) - return get_page($post, $output); - if ( !isset($post_cache[$blog_id][$post->ID]) ) - $post_cache[$blog_id][$post->ID] = &$post; - $_post = & $post_cache[$blog_id][$post->ID]; + wp_cache_add($post->ID, $post, 'posts'); + $_post = &$post; } else { $post = (int) $post; - if ( isset($post_cache[$blog_id][$post]) ) - $_post = & $post_cache[$blog_id][$post]; - elseif ( $_post = wp_cache_get($post, 'pages') ) - return get_page($_post, $output); - else { - $query = "SELECT * FROM $wpdb->posts WHERE ID = '$post' LIMIT 1"; - $_post = & $wpdb->get_row($query); - if ( 'page' == $_post->post_type ) - return get_page($_post, $output); - $post_cache[$blog_id][$post] = & $_post; + if ( ! $_post = wp_cache_get($post, 'posts') ) { + $_post = & $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->posts WHERE ID = %d LIMIT 1", $post)); + wp_cache_add($_post->ID, $_post, 'posts'); } } - if ( defined('WP_IMPORTING') ) - unset($post_cache[$blog_id]); - $_post = sanitize_post($_post, $filter); if ( $output == OBJECT ) { @@ -223,9 +209,9 @@ function get_posts($args) { if ( count($incposts) ) { foreach ( $incposts as $incpost ) { if (empty($inclusions)) - $inclusions = ' AND ( ID = ' . intval($incpost) . ' '; + $inclusions = $wpdb->prepare(' AND ( ID = %d ', $incpost); else - $inclusions .= ' OR ID = ' . intval($incpost) . ' '; + $inclusions .= $wpdb->prepare(' OR ID = %d ', $incpost); } } } @@ -238,9 +224,9 @@ function get_posts($args) { if ( count($exposts) ) { foreach ( $exposts as $expost ) { if (empty($exclusions)) - $exclusions = ' AND ( ID <> ' . intval($expost) . ' '; + $exclusions = $wpdb->prepare(' AND ( ID <> %d ', $expost); else - $exclusions .= ' AND ID <> ' . intval($expost) . ' '; + $exclusions .= $wpdb->prepare(' AND ID <> %d ', $expost); } } } @@ -251,15 +237,16 @@ function get_posts($args) { $query .= empty( $category ) ? '' : ", $wpdb->term_relationships, $wpdb->term_taxonomy "; $query .= empty( $meta_key ) ? '' : ", $wpdb->postmeta "; $query .= " WHERE 1=1 "; - $query .= empty( $post_type ) ? '' : "AND post_type = '$post_type' "; - $query .= empty( $post_status ) ? '' : "AND post_status = '$post_status' "; + $query .= empty( $post_type ) ? '' : $wpdb->prepare("AND post_type = %s ", $post_type); + $query .= empty( $post_status ) ? '' : $wpdb->prepare("AND post_status = %s ", $post_status); $query .= "$exclusions $inclusions " ; - $query .= empty( $category ) ? '' : "AND ($wpdb->posts.ID = $wpdb->term_relationships.object_id AND $wpdb->term_relationships.term_taxonomy_id = $wpdb->term_taxonomy.term_taxonomy_id AND $wpdb->term_taxonomy.term_id = " . $category. ") "; - $query .= empty( $post_parent ) ? '' : "AND $wpdb->posts.post_parent = '$post_parent' "; + $query .= empty( $category ) ? '' : $wpdb->prepare("AND ($wpdb->posts.ID = $wpdb->term_relationships.object_id AND $wpdb->term_relationships.term_taxonomy_id = $wpdb->term_taxonomy.term_taxonomy_id AND $wpdb->term_taxonomy.term_id = %d) ", $category); + $query .= empty( $post_parent ) ? '' : $wpdb->prepare("AND $wpdb->posts.post_parent = %d ", $post_parent); + // expected_slashed ($meta_key, $meta_value) -- Also, this looks really funky, doesn't seem like it works $query .= empty( $meta_key ) | empty($meta_value) ? '' : " AND ($wpdb->posts.ID = $wpdb->postmeta.post_id AND $wpdb->postmeta.meta_key = '$meta_key' AND $wpdb->postmeta.meta_value = '$meta_value' )"; $query .= " GROUP BY $wpdb->posts.ID ORDER BY " . $orderby . ' ' . $order; if ( 0 < $numberposts ) - $query .= " LIMIT " . $offset . ',' . $numberposts; + $query .= $wpdb->prepare(" LIMIT %d,%d", $offset, $numberposts); $posts = $wpdb->get_results($query); @@ -272,124 +259,118 @@ function get_posts($args) { // Post meta functions // -function add_post_meta($post_id, $key, $value, $unique = false) { - global $wpdb, $post_meta_cache, $blog_id; +function add_post_meta($post_id, $meta_key, $meta_value, $unique = false) { + global $wpdb; - $post_id = (int) $post_id; + // expected_slashed ($meta_key) + $meta_key = stripslashes($meta_key); - if ( $unique ) { - if ( $wpdb->get_var("SELECT meta_key FROM $wpdb->postmeta WHERE meta_key = '$key' AND post_id = '$post_id'") ) { - return false; - } - } + if ( $unique && $wpdb->get_var( $wpdb->prepare( "SELECT meta_key FROM $wpdb->postmeta WHERE meta_key = %s AND post_id = %d", $meta_key, $post_id ) ) ) + return false; - $post_meta_cache[$blog_id][$post_id][$key][] = $value; + $cache = wp_cache_get($post_id, 'post_meta'); + if ( ! is_array($cache) ) + $cache = array(); + // expected_slashed ($meta_key) + $cache[$wpdb->escape($meta_key)][] = $meta_value; - $value = maybe_serialize($value); - $value = $wpdb->escape($value); + wp_cache_set($post_id, $cache, 'post_meta'); - $wpdb->query("INSERT INTO $wpdb->postmeta (post_id,meta_key,meta_value) VALUES ('$post_id','$key','$value')"); + $meta_value = maybe_serialize($meta_value); + $wpdb->insert( $wpdb->postmeta, compact( 'post_id', 'meta_key', 'meta_value' ) ); return true; } function delete_post_meta($post_id, $key, $value = '') { - global $wpdb, $post_meta_cache, $blog_id; + global $wpdb; - $post_id = (int) $post_id; + $post_id = absint( $post_id ); - if ( empty($value) ) { - $meta_id = $wpdb->get_var("SELECT meta_id FROM $wpdb->postmeta WHERE post_id = '$post_id' AND meta_key = '$key'"); - } else { - $meta_id = $wpdb->get_var("SELECT meta_id FROM $wpdb->postmeta WHERE post_id = '$post_id' AND meta_key = '$key' AND meta_value = '$value'"); - } + // expected_slashed ($key, $value) + $key = stripslashes( $key ); + $value = stripslashes( $value ); + + if ( empty( $value ) ) + $meta_id = $wpdb->get_var( $wpdb->prepare( "SELECT meta_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = %s", $post_id, $key ) ); + else + $meta_id = $wpdb->get_var( $wpdb->prepare( "SELECT meta_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = %s AND meta_value = %s", $post_id, $key, $value ) ); if ( !$meta_id ) return false; - if ( empty($value) ) { - $wpdb->query("DELETE FROM $wpdb->postmeta WHERE post_id = '$post_id' AND meta_key = '$key'"); - unset($post_meta_cache[$blog_id][$post_id][$key]); - } else { - $wpdb->query("DELETE FROM $wpdb->postmeta WHERE post_id = '$post_id' AND meta_key = '$key' AND meta_value = '$value'"); - $cache_key = $post_meta_cache[$blog_id][$post_id][$key]; - if ($cache_key) foreach ( $cache_key as $index => $data ) - if ( $data == $value ) - unset($post_meta_cache[$blog_id][$post_id][$key][$index]); - } + if ( empty( $value ) ) + $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = %s", $post_id, $key ) ); + else + $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = %s AND meta_value = %s", $post_id, $key, $value ) ); - unset($post_meta_cache[$blog_id][$post_id][$key]); + wp_cache_delete($post_id, 'post_meta'); return true; } function get_post_meta($post_id, $key, $single = false) { - global $wpdb, $post_meta_cache, $blog_id; + global $wpdb; $post_id = (int) $post_id; - if ( isset($post_meta_cache[$blog_id][$post_id][$key]) ) { + $meta_cache = wp_cache_get($post_id, 'post_meta'); + + if ( isset($meta_cache[$key]) ) { if ( $single ) { - return maybe_unserialize( $post_meta_cache[$blog_id][$post_id][$key][0] ); + return maybe_unserialize( $meta_cache[$key][0] ); } else { - return maybe_unserialize( $post_meta_cache[$blog_id][$post_id][$key] ); + return maybe_unserialize( $meta_cache[$key] ); } } - if ( !isset($post_meta_cache[$blog_id][$post_id]) ) + if ( !$meta_cache ) { update_postmeta_cache($post_id); + $meta_cache = wp_cache_get($post_id, 'post_meta'); + } if ( $single ) { - if ( isset($post_meta_cache[$blog_id][$post_id][$key][0]) ) - return maybe_unserialize($post_meta_cache[$blog_id][$post_id][$key][0]); + if ( isset($meta_cache[$key][0]) ) + return maybe_unserialize($meta_cache[$key][0]); else return ''; - } else { - return maybe_unserialize($post_meta_cache[$blog_id][$post_id][$key]); + } else { + return maybe_unserialize($meta_cache[$key]); } } -function update_post_meta($post_id, $key, $value, $prev_value = '') { - global $wpdb, $post_meta_cache, $blog_id; - - $post_id = (int) $post_id; +function update_post_meta($post_id, $meta_key, $meta_value, $prev_value = '') { + global $wpdb; - $original_value = $value; - $value = maybe_serialize($value); - $value = $wpdb->escape($value); + $original_value = $meta_value; + $meta_value = maybe_serialize($meta_value); $original_prev = $prev_value; $prev_value = maybe_serialize($prev_value); - $prev_value = $wpdb->escape($prev_value); - if (! $wpdb->get_var("SELECT meta_key FROM $wpdb->postmeta WHERE meta_key = '$key' AND post_id = '$post_id'") ) { + // expected_slashed ($meta_key) + $meta_key = stripslashes($meta_key); + + if ( ! $wpdb->get_var( $wpdb->prepare( "SELECT meta_key FROM $wpdb->postmeta WHERE meta_key = %s AND post_id = %d", $meta_key, $post_id ) ) ) return false; - } - if ( empty($prev_value) ) { - $wpdb->query("UPDATE $wpdb->postmeta SET meta_value = '$value' WHERE meta_key = '$key' AND post_id = '$post_id'"); - $cache_key = $post_meta_cache[$blog_id][$post_id][$key]; - if ( !empty($cache_key) ) - foreach ($cache_key as $index => $data) - $post_meta_cache[$blog_id][$post_id][$key][$index] = $original_value; - } else { - $wpdb->query("UPDATE $wpdb->postmeta SET meta_value = '$value' WHERE meta_key = '$key' AND post_id = '$post_id' AND meta_value = '$prev_value'"); - $cache_key = $post_meta_cache[$blog_id][$post_id][$key]; - if ( !empty($cache_key) ) - foreach ($cache_key as $index => $data) - if ( $data == $original_prev ) - $post_meta_cache[$blog_id][$post_id][$key][$index] = $original_value; - } + $data = compact( 'meta_value' ); + $where = compact( 'meta_key', 'post_id' ); + if ( !empty( $prev_value ) ) + $where['meta_value'] = $prev_value; + + $wpdb->update( $wpdb->postmeta, $data, $where ); + wp_cache_delete($post_id, 'post_meta'); return true; } function delete_post_meta_by_key($post_meta_key) { - global $wpdb, $post_meta_cache, $blog_id; - $post_meta_key = $wpdb->escape($post_meta_key); - if ( $wpdb->query("DELETE FROM $wpdb->postmeta WHERE meta_key = '$post_meta_key'") ) { - unset($post_meta_cache[$blog_id]); // not worth doing the work to iterate through the cache + global $wpdb; + if ( $wpdb->query($wpdb->prepare("DELETE FROM $wpdb->postmeta WHERE meta_key = %s", $post_meta_key)) ) { + // TODO Get post_ids and delete cache + // wp_cache_delete($post_id, 'post_meta'); return true; } return false; @@ -397,17 +378,17 @@ function delete_post_meta_by_key($post_meta_key) { function get_post_custom($post_id = 0) { - global $id, $post_meta_cache, $wpdb, $blog_id; + global $id, $wpdb; if ( !$post_id ) $post_id = (int) $id; $post_id = (int) $post_id; - if ( !isset($post_meta_cache[$blog_id][$post_id]) ) + if ( ! wp_cache_get($post_id, 'post_meta') ) update_postmeta_cache($post_id); - return $post_meta_cache[$blog_id][$post_id]; + return wp_cache_get($post_id, 'post_meta'); } function get_post_custom_keys( $post_id = 0 ) { @@ -504,9 +485,8 @@ function sanitize_post_field($field, $value, $post_id, $context) { function wp_delete_post($postid = 0) { global $wpdb, $wp_rewrite; - $postid = (int) $postid; - if ( !$post = $wpdb->get_row("SELECT * FROM $wpdb->posts WHERE ID = $postid") ) + if ( !$post = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->posts WHERE ID = %d", $postid)) ) return $post; if ( 'attachment' == $post->post_type ) @@ -517,20 +497,25 @@ function wp_delete_post($postid = 0) { // TODO delete for pluggable post taxonomies too wp_delete_object_term_relationships($postid, array('category', 'post_tag')); + $parent_data = array( 'post_parent' => $post->post_parent ); + $parent_where = array( 'post_parent' => $postid ); + if ( 'page' == $post->post_type ) - $wpdb->query("UPDATE $wpdb->posts SET post_parent = $post->post_parent WHERE post_parent = $postid AND post_type = 'page'"); + $wpdb->update( $wpdb->posts, $parent_data, $parent_where + array( 'post_type' => 'page' ) ); - $wpdb->query("UPDATE $wpdb->posts SET post_parent = $post->post_parent WHERE post_parent = $postid AND post_type = 'attachment'"); + $wpdb->update( $wpdb->posts, $parent_data, $parent_where + array( 'post_type' => 'attachment' ) ); - $wpdb->query("DELETE FROM $wpdb->posts WHERE ID = $postid"); + $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->posts WHERE ID = %d", $postid )); - $wpdb->query("DELETE FROM $wpdb->comments WHERE comment_post_ID = $postid"); + $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->comments WHERE comment_post_ID = %d", $postid )); - $wpdb->query("DELETE FROM $wpdb->postmeta WHERE post_id = $postid"); + $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->postmeta WHERE post_id = %d", $postid )); if ( 'page' == $post->post_type ) { clean_page_cache($postid); $wp_rewrite->flush_rules(); + } else { + clean_post_cache($postid); } do_action('deleted_post', $postid); @@ -657,6 +642,14 @@ function wp_insert_post($postarr = array()) { $post_date_gmt = get_gmt_from_date($post_date); } + if ( $update ) { + $post_modified = current_time( 'mysql' ); + $post_modified_gmt = current_time( 'mysql', 1 ); + } else { + $post_modified = $post_date; + $post_modified_gmt = $post_date_gmt; + } + if ( 'publish' == $post_status ) { $now = gmdate('Y-m-d H:i:59'); if ( mysql2date('U', $post_date_gmt) > mysql2date('U', $now) ) @@ -694,54 +687,36 @@ function wp_insert_post($postarr = array()) { $post_password = ''; if ( 'draft' != $post_status ) { - $post_name_check = $wpdb->get_var("SELECT post_name FROM $wpdb->posts WHERE post_name = '$post_name' AND post_type = '$post_type' AND ID != '$post_ID' AND post_parent = '$post_parent' LIMIT 1"); + $post_name_check = $wpdb->get_var($wpdb->prepare("SELECT post_name FROM $wpdb->posts WHERE post_name = %s AND post_type = %s AND ID != %d AND post_parent = %d LIMIT 1", $post_name, $post_type, $post_ID, $post_parent)); if ($post_name_check || in_array($post_name, $wp_rewrite->feeds) ) { $suffix = 2; do { $alt_post_name = substr($post_name, 0, 200-(strlen($suffix)+1)). "-$suffix"; - $post_name_check = $wpdb->get_var("SELECT post_name FROM $wpdb->posts WHERE post_name = '$alt_post_name' AND post_type = '$post_type' AND ID != '$post_ID' AND post_parent = '$post_parent' LIMIT 1"); + // expected_slashed ($alt_post_name, $post_name, $post_type) + $post_name_check = $wpdb->get_var($wpdb->prepare("SELECT post_name FROM $wpdb->posts WHERE post_name = '$alt_post_name' AND post_type = '$post_type' AND ID != %d AND post_parent = %d LIMIT 1", $post_ID, $post_parent)); $suffix++; } while ($post_name_check); $post_name = $alt_post_name; } } + // expected_slashed (everything!) + $data = compact( array( 'post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_content_filtered', 'post_title', 'post_excerpt', 'post_status', 'post_type', 'comment_status', 'ping_status', 'post_password', 'post_name', 'to_ping', 'pinged', 'post_modified', 'post_modified_gmt', 'post_parent', 'menu_order' ) ); + $data = stripslashes_deep( $data ); + $where = array( 'ID' => $post_ID ); + if ($update) { - $wpdb->query( - "UPDATE IGNORE $wpdb->posts SET - post_author = '$post_author', - post_date = '$post_date', - post_date_gmt = '$post_date_gmt', - post_content = '$post_content', - post_content_filtered = '$post_content_filtered', - post_title = '$post_title', - post_excerpt = '$post_excerpt', - post_status = '$post_status', - post_type = '$post_type', - comment_status = '$comment_status', - ping_status = '$ping_status', - post_password = '$post_password', - post_name = '$post_name', - to_ping = '$to_ping', - pinged = '$pinged', - post_modified = '".current_time('mysql')."', - post_modified_gmt = '".current_time('mysql',1)."', - post_parent = '$post_parent', - menu_order = '$menu_order' - WHERE ID = $post_ID"); + $wpdb->update( $wpdb->posts, $data, $where ); } else { - $wpdb->query( - "INSERT IGNORE INTO $wpdb->posts - (post_author, post_date, post_date_gmt, post_content, post_content_filtered, post_title, post_excerpt, post_status, post_type, comment_status, ping_status, post_password, post_name, to_ping, pinged, post_modified, post_modified_gmt, post_parent, menu_order, post_mime_type) - VALUES - ('$post_author', '$post_date', '$post_date_gmt', '$post_content', '$post_content_filtered', '$post_title', '$post_excerpt', '$post_status', '$post_type', '$comment_status', '$ping_status', '$post_password', '$post_name', '$to_ping', '$pinged', '$post_date', '$post_date_gmt', '$post_parent', '$menu_order', '$post_mime_type')"); - $post_ID = (int) $wpdb->insert_id; + $data['post_mime_type'] = stripslashes( $post_mime_type ); // This isn't in the update + $wpdb->insert( $wpdb->posts, $data ); + $post_ID = (int) $wpdb->insert_id; } if ( empty($post_name) && 'draft' != $post_status ) { $post_name = sanitize_title($post_title, $post_ID); - $wpdb->query( "UPDATE $wpdb->posts SET post_name = '$post_name' WHERE ID = '$post_ID'" ); + $wpdb->update( $wpdb->posts, compact( 'post_name' ), $where ); } wp_set_post_categories( $post_ID, $post_category ); @@ -755,7 +730,7 @@ function wp_insert_post($postarr = array()) { // Set GUID if ( ! $update ) - $wpdb->query("UPDATE $wpdb->posts SET guid = '" . get_permalink($post_ID) . "' WHERE ID = '$post_ID'"); + $wpdb->update( $wpdb->posts, array( 'guid' => get_permalink( $post_ID ) ), $where ); $post = get_post($post_ID); if ( !empty($page_template) ) @@ -823,7 +798,7 @@ function wp_publish_post($post_id) { if ( 'publish' == $post->post_status ) return; - $wpdb->query( "UPDATE $wpdb->posts SET post_status = 'publish' WHERE ID = '$post_id'" ); + $wpdb->update( $wpdb->posts, array( 'post_status' => 'publish' ), array( 'ID' => $post_id ) ); $old_status = $post->post_status; $post->post_status = 'publish'; @@ -883,13 +858,15 @@ function wp_transition_post_status($new_status, $old_status, $post) { function add_ping($post_id, $uri) { // Add a URL to those already pung global $wpdb; - $pung = $wpdb->get_var("SELECT pinged FROM $wpdb->posts WHERE ID = $post_id"); + $pung = $wpdb->get_var( $wpdb->prepare( "SELECT pinged FROM $wpdb->posts WHERE ID = %d", $post_id )); $pung = trim($pung); $pung = preg_split('/\s/', $pung); $pung[] = $uri; $new = implode("\n", $pung); $new = apply_filters('add_ping', $new); - return $wpdb->query("UPDATE $wpdb->posts SET pinged = '$new' WHERE ID = $post_id"); + // expected_slashed ($new) + $new = stripslashes($new); + return $wpdb->update( $wpdb->posts, array( 'pinged' => $new ), array( 'ID' => $post_id ) ); } function get_enclosed($post_id) { // Get enclosures already enclosed for a post @@ -913,7 +890,7 @@ function get_enclosed($post_id) { // Get enclosures already enclosed for a post function get_pung($post_id) { // Get URLs already pung for a post global $wpdb; - $pung = $wpdb->get_var("SELECT pinged FROM $wpdb->posts WHERE ID = $post_id"); + $pung = $wpdb->get_var( $wpdb->prepare( "SELECT pinged FROM $wpdb->posts WHERE ID = %d", $post_id )); $pung = trim($pung); $pung = preg_split('/\s/', $pung); $pung = apply_filters('get_pung', $pung); @@ -922,7 +899,7 @@ function get_pung($post_id) { // Get URLs already pung for a post function get_to_ping($post_id) { // Get any URLs in the todo list global $wpdb; - $to_ping = $wpdb->get_var("SELECT to_ping FROM $wpdb->posts WHERE ID = $post_id"); + $to_ping = $wpdb->get_var( $wpdb->prepare( "SELECT to_ping FROM $wpdb->posts WHERE ID = %d", $post_id )); $to_ping = trim($to_ping); $to_ping = preg_split('/\s/', $to_ping, -1, PREG_SPLIT_NO_EMPTY); $to_ping = apply_filters('get_to_ping', $to_ping); @@ -961,9 +938,9 @@ function trackback_url_list($tb_list, $post_id) { function get_all_page_ids() { global $wpdb; - if ( ! $page_ids = wp_cache_get('all_page_ids', 'pages') ) { + if ( ! $page_ids = wp_cache_get('all_page_ids', 'posts') ) { $page_ids = $wpdb->get_col("SELECT ID FROM $wpdb->posts WHERE post_type = 'page'"); - wp_cache_add('all_page_ids', $page_ids, 'pages'); + wp_cache_add('all_page_ids', $page_ids, 'posts'); } return $page_ids; @@ -972,56 +949,15 @@ function get_all_page_ids() { // Retrieves page data given a page ID or page object. // Handles page caching. -function &get_page(&$page, $output = OBJECT) { - global $wpdb, $blog_id; - +function &get_page(&$page, $output = OBJECT, $filter = 'raw') { if ( empty($page) ) { - if ( isset( $GLOBALS['page'] ) && isset( $GLOBALS['page']->ID ) ) { - $_page = & $GLOBALS['page']; - wp_cache_add($_page->ID, $_page, 'pages'); - } else { - // shouldn't we just return NULL at this point? ~ Mark - $_page = null; - } - } elseif ( is_object($page) ) { - if ( 'post' == $page->post_type ) - return get_post($page, $output); - wp_cache_add($page->ID, $page, 'pages'); - $_page = $page; - } else { - $page = (int) $page; - // first, check the cache - if ( ! ( $_page = wp_cache_get($page, 'pages') ) ) { - // not in the page cache? - if ( isset($GLOBALS['page']->ID) && ($page == $GLOBALS['page']->ID) ) { // for is_page() views - // I don't think this code ever gets executed ~ Mark - $_page = & $GLOBALS['page']; - wp_cache_add($_page->ID, $_page, 'pages'); - } elseif ( isset($GLOBALS['post_cache'][$blog_id][$page]) ) { // it's actually a page, and is cached - return get_post($page, $output); - } else { // it's not in any caches, so off to the DB we go - // Why are we using assignment for this query? - $_page = & $wpdb->get_row("SELECT * FROM $wpdb->posts WHERE ID= '$page' LIMIT 1"); - if ( 'post' == $_page->post_type ) - return get_post($_page, $output); - // Potential issue: we're not checking to see if the post_type = 'page' - // So all non-'post' posts will get cached as pages. - wp_cache_add($_page->ID, $_page, 'pages'); - } - } + if ( isset( $GLOBALS['page'] ) && isset( $GLOBALS['page']->ID ) ) + return get_post($GLOBALS['page'], $output, $filter); + else + return null; } - // at this point, one way or another, $_post contains the page object - - if ( $output == OBJECT ) { - return $_page; - } elseif ( $output == ARRAY_A ) { - return get_object_vars($_page); - } elseif ( $output == ARRAY_N ) { - return array_values(get_object_vars($_page)); - } else { - return $_page; - } + return get_post($page, $output, $filter); } function get_page_by_path($page_path, $output = OBJECT) { @@ -1035,7 +971,7 @@ function get_page_by_path($page_path, $output = OBJECT) { foreach($page_paths as $pathdir) $full_path .= ($pathdir!=''?'/':'') . sanitize_title($pathdir); - $pages = $wpdb->get_results("SELECT ID, post_name, post_parent FROM $wpdb->posts WHERE post_name = '$leaf_path' AND post_type='page'"); + $pages = $wpdb->get_results( $wpdb->prepare( "SELECT ID, post_name, post_parent FROM $wpdb->posts WHERE post_name = %s AND post_type='page'", $leaf_path )); if ( empty($pages) ) return NULL; @@ -1044,7 +980,7 @@ function get_page_by_path($page_path, $output = OBJECT) { $path = '/' . $leaf_path; $curpage = $page; while ($curpage->post_parent != 0) { - $curpage = $wpdb->get_row("SELECT ID, post_name, post_parent FROM $wpdb->posts WHERE ID = '$curpage->post_parent' and post_type='page'"); + $curpage = $wpdb->get_row( $wpdb->prepare( "SELECT ID, post_name, post_parent FROM $wpdb->posts WHERE ID = %d and post_type='page'", $curpage->post_parent )); $path = '/' . $curpage->post_name . $path; } @@ -1057,8 +993,7 @@ function get_page_by_path($page_path, $output = OBJECT) { function get_page_by_title($page_title, $output = OBJECT) { global $wpdb; - $page_title = $wpdb->escape($page_title); - $page = $wpdb->get_var("SELECT ID FROM $wpdb->posts WHERE post_title = '$page_title' AND post_type='page'"); + $page = $wpdb->get_var( $wpdb->prepare( "SELECT ID FROM $wpdb->posts WHERE post_title = %s AND post_type='page'", $page_title )); if ( $page ) return get_page($page, $output); @@ -1066,11 +1001,6 @@ function get_page_by_title($page_title, $output = OBJECT) { } function &get_page_children($page_id, $pages) { - global $page_cache, $blog_id; - - if ( empty($pages) ) - $pages = &$page_cache[$blog_id]; - $page_list = array(); foreach ( $pages as $page ) { if ( $page->post_parent == $page_id ) { @@ -1127,7 +1057,7 @@ function &get_pages($args = '') { extract( $r, EXTR_SKIP ); $key = md5( serialize( $r ) ); - if ( $cache = wp_cache_get( 'get_pages', 'page' ) ) + if ( $cache = wp_cache_get( 'get_pages', 'posts' ) ) if ( isset( $cache[ $key ] ) ) return apply_filters('get_pages', $cache[ $key ], $r ); @@ -1141,9 +1071,9 @@ function &get_pages($args = '') { if ( count($incpages) ) { foreach ( $incpages as $incpage ) { if (empty($inclusions)) - $inclusions = ' AND ( ID = ' . intval($incpage) . ' '; + $inclusions = $wpdb->prepare(' AND ( ID = %d ', $incpage); else - $inclusions .= ' OR ID = ' . intval($incpage) . ' '; + $inclusions .= $wpdb->prepare(' OR ID = %d ', $incpage); } } } @@ -1156,9 +1086,9 @@ function &get_pages($args = '') { if ( count($expages) ) { foreach ( $expages as $expage ) { if (empty($exclusions)) - $exclusions = ' AND ( ID <> ' . intval($expage) . ' '; + $exclusions = $wpdb->prepare(' AND ( ID <> %d ', $expage); else - $exclusions .= ' AND ID <> ' . intval($expage) . ' '; + $exclusions .= $wpdb->prepare(' AND ID <> %d ', $expage); } } } @@ -1182,9 +1112,9 @@ function &get_pages($args = '') { } if ( '' == $author_query ) - $author_query = ' post_author = ' . intval($post_author) . ' '; + $author_query = $wpdb->prepare(' post_author = %d ', $post_author); else - $author_query .= ' OR post_author = ' . intval($post_author) . ' '; + $author_query .= $wpdb->prepare(' OR post_author = %d ', $post_author); } if ( '' != $author_query ) $author_query = " AND ($author_query)"; @@ -1194,6 +1124,7 @@ function &get_pages($args = '') { $query = "SELECT * FROM $wpdb->posts " ; $query .= ( empty( $meta_key ) ? "" : ", $wpdb->postmeta " ) ; $query .= " WHERE (post_type = 'page' AND post_status = 'publish') $exclusions $inclusions " ; + // expected_slashed ($meta_key, $meta_value) -- also, it looks funky $query .= ( empty( $meta_key ) | empty($meta_value) ? "" : " AND ($wpdb->posts.ID = $wpdb->postmeta.post_id AND $wpdb->postmeta.meta_key = '$meta_key' AND $wpdb->postmeta.meta_value = '$meta_value' )" ) ; $query .= $author_query; $query .= " ORDER BY " . $sort_column . " " . $sort_order ; @@ -1201,7 +1132,7 @@ function &get_pages($args = '') { $pages = $wpdb->get_results($query); if ( empty($pages) ) - return array(); + return apply_filters('get_pages', array(), $r); // Update cache. update_page_cache($pages); @@ -1210,7 +1141,7 @@ function &get_pages($args = '') { $pages = & get_page_children($child_of, $pages); $cache[ $key ] = $pages; - wp_cache_set( 'get_pages', $cache, 'page' ); + wp_cache_set( 'get_pages', $cache, 'posts' ); $pages = apply_filters('get_pages', $pages, $r); @@ -1234,7 +1165,7 @@ function generate_page_uri_index() { // URL => page name $uri = get_page_uri($id); - $attachments = $wpdb->get_results("SELECT ID, post_name, post_parent FROM $wpdb->posts WHERE post_type = 'attachment' AND post_parent = '$id'"); + $attachments = $wpdb->get_results( $wpdb->prepare( "SELECT ID, post_name, post_parent FROM $wpdb->posts WHERE post_type = 'attachment' AND post_parent = %d", $id )); if ( $attachments ) { foreach ( $attachments as $attachment ) { $attach_uri = get_page_uri($attachment->ID); @@ -1312,14 +1243,16 @@ function wp_insert_attachment($object, $file = false, $parent = 0) { else $post_name = sanitize_title($post_name); + // expected_slashed ($post_name) $post_name_check = - $wpdb->get_var("SELECT post_name FROM $wpdb->posts WHERE post_name = '$post_name' AND post_status = 'inherit' AND ID != '$post_ID' LIMIT 1"); + $wpdb->get_var( $wpdb->prepare( "SELECT post_name FROM $wpdb->posts WHERE post_name = '$post_name' AND post_status = 'inherit' AND ID != %d LIMIT 1", $post_ID)); if ($post_name_check) { $suffix = 2; while ($post_name_check) { $alt_post_name = $post_name . "-$suffix"; - $post_name_check = $wpdb->get_var("SELECT post_name FROM $wpdb->posts WHERE post_name = '$alt_post_name' AND post_status = 'inherit' AND ID != '$post_ID' AND post_parent = '$post_parent' LIMIT 1"); + // expected_slashed ($alt_post_name, $post_name) + $post_name_check = $wpdb->get_var( $wpdb->prepare( "SELECT post_name FROM $wpdb->posts WHERE post_name = '$alt_post_name' AND post_status = 'inherit' AND ID != %d AND post_parent = %d LIMIT 1", $post_ID, $post_parent)); $suffix++; } $post_name = $alt_post_name; @@ -1360,43 +1293,20 @@ function wp_insert_attachment($object, $file = false, $parent = 0) { if ( ! isset($pinged) ) $pinged = ''; - if ($update) { - $wpdb->query( - "UPDATE $wpdb->posts SET - post_author = '$post_author', - post_date = '$post_date', - post_date_gmt = '$post_date_gmt', - post_content = '$post_content', - post_content_filtered = '$post_content_filtered', - post_title = '$post_title', - post_excerpt = '$post_excerpt', - post_status = '$post_status', - post_type = '$post_type', - comment_status = '$comment_status', - ping_status = '$ping_status', - post_password = '$post_password', - post_name = '$post_name', - to_ping = '$to_ping', - pinged = '$pinged', - post_modified = '".current_time('mysql')."', - post_modified_gmt = '".current_time('mysql',1)."', - post_parent = '$post_parent', - menu_order = '$menu_order', - post_mime_type = '$post_mime_type', - guid = '$guid' - WHERE ID = $post_ID"); + // expected_slashed (everything!) + $data = compact( array( 'post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_content_filtered', 'post_title', 'post_excerpt', 'post_status', 'post_type', 'comment_status', 'ping_status', 'post_password', 'post_name', 'to_ping', 'pinged', 'post_modified', 'post_modified_gmt', 'post_parent', 'menu_order', 'post_mime_type', 'guid' ) ); + $data = stripslashes_deep( $data ); + + if ( $update ) { + $wpdb->update( $wpdb->posts, $data, array( 'ID' => $post_ID ) ); } else { - $wpdb->query( - "INSERT INTO $wpdb->posts - (post_author, post_date, post_date_gmt, post_content, post_content_filtered, post_title, post_excerpt, post_status, post_type, comment_status, ping_status, post_password, post_name, to_ping, pinged, post_modified, post_modified_gmt, post_parent, menu_order, post_mime_type, guid) - VALUES - ('$post_author', '$post_date', '$post_date_gmt', '$post_content', '$post_content_filtered', '$post_title', '$post_excerpt', '$post_status', '$post_type', '$comment_status', '$ping_status', '$post_password', '$post_name', '$to_ping', '$pinged', '$post_date', '$post_date_gmt', '$post_parent', '$menu_order', '$post_mime_type', '$guid')"); - $post_ID = (int) $wpdb->insert_id; + $wpdb->insert( $wpdb->posts, $data ); + $post_ID = (int) $wpdb->insert_id; } if ( empty($post_name) ) { $post_name = sanitize_title($post_title, $post_ID); - $wpdb->query( "UPDATE $wpdb->posts SET post_name = '$post_name' WHERE ID = '$post_ID'" ); + $wpdb->update( $wpdb->posts, compact( $post_name ), array( 'ID' => $post_ID ) ); } wp_set_post_categories($post_ID, $post_category); @@ -1417,9 +1327,8 @@ function wp_insert_attachment($object, $file = false, $parent = 0) { function wp_delete_attachment($postid) { global $wpdb; - $postid = (int) $postid; - if ( !$post = $wpdb->get_row("SELECT * FROM $wpdb->posts WHERE ID = '$postid'") ) + if ( !$post = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM $wpdb->posts WHERE ID = %d", $postid)) ) return $post; if ( 'attachment' != $post->post_type ) @@ -1431,15 +1340,15 @@ function wp_delete_attachment($postid) { // TODO delete for pluggable post taxonomies too wp_delete_object_term_relationships($postid, array('category', 'post_tag')); - $wpdb->query("DELETE FROM $wpdb->posts WHERE ID = '$postid'"); + $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->posts WHERE ID = %d", $postid )); - $wpdb->query("DELETE FROM $wpdb->comments WHERE comment_post_ID = '$postid'"); + $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->comments WHERE comment_post_ID = %d", $postid )); - $wpdb->query("DELETE FROM $wpdb->postmeta WHERE post_id = '$postid'"); + $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->postmeta WHERE post_id = %d ", $postid )); if ( ! empty($meta['thumb']) ) { // Don't delete the thumb if another attachment uses it - if (! $wpdb->get_row("SELECT meta_id FROM $wpdb->postmeta WHERE meta_key = '_wp_attachment_metadata' AND meta_value LIKE '%".$wpdb->escape($meta['thumb'])."%' AND post_id <> $postid")) { + if (! $wpdb->get_row( $wpdb->prepare( "SELECT meta_id FROM $wpdb->postmeta WHERE meta_key = '_wp_attachment_metadata' AND meta_value LIKE %s AND post_id <> %d", '%'.$meta['thumb'].'%', $postid)) ) { $thumbfile = str_replace(basename($file), $meta['thumb'], $file); $thumbfile = apply_filters('wp_delete_file', $thumbfile); @ unlink($thumbfile); @@ -1451,6 +1360,8 @@ function wp_delete_attachment($postid) { if ( ! empty($file) ) @ unlink($file); + clean_post_cache($postid); + do_action('delete_attachment', $postid); return $post; @@ -1708,118 +1619,105 @@ function get_lastpostmodified($timezone = 'server') { // function update_post_cache(&$posts) { - global $post_cache, $blog_id; - if ( !$posts ) return; - for ($i = 0; $i < count($posts); $i++) { - $post_cache[$blog_id][$posts[$i]->ID] = &$posts[$i]; - } + foreach ( $posts as $post ) + wp_cache_add($post->ID, $post, 'posts'); } function clean_post_cache($id) { - global $post_cache, $post_meta_cache, $post_term_cache, $blog_id; - - if ( isset( $post_cache[$blog_id][$id] ) ) - unset( $post_cache[$blog_id][$id] ); - - if ( isset ($post_meta_cache[$blog_id][$id] ) ) - unset( $post_meta_cache[$blog_id][$id] ); + wp_cache_delete($id, 'posts'); + wp_cache_delete($id, 'post_meta'); clean_object_term_cache($id, 'post'); + + do_action('clean_post_cache', $id); } function update_page_cache(&$pages) { - global $page_cache, $blog_id; - - if ( !$pages ) - return; - - for ($i = 0; $i < count($pages); $i++) { - $page_cache[$blog_id][$pages[$i]->ID] = &$pages[$i]; - wp_cache_add($pages[$i]->ID, $pages[$i], 'pages'); - } + update_post_cache($pages); } function clean_page_cache($id) { - global $page_cache, $blog_id; + clean_post_cache($id); - if ( isset( $page_cache[$blog_id][$id] ) ) - unset( $page_cache[$blog_id][$id] ); + wp_cache_delete( 'all_page_ids', 'posts' ); + wp_cache_delete( 'get_pages', 'posts' ); - wp_cache_delete($id, 'pages'); - wp_cache_delete( 'all_page_ids', 'pages' ); - wp_cache_delete( 'get_pages', 'page' ); + do_action('clean_page_cache', $id); } function update_post_caches(&$posts) { - global $post_cache; - global $wpdb, $blog_id; + global $wpdb; // No point in doing all this work if we didn't match any posts. if ( !$posts ) return; - // Get the categories for all the posts - for ($i = 0; $i < count($posts); $i++) { - $post_id_array[] = $posts[$i]->ID; - $post_cache[$blog_id][$posts[$i]->ID] = &$posts[$i]; - } + update_post_cache($posts); - $post_id_list = implode(',', $post_id_array); + $post_ids = array(); - update_object_term_cache($post_id_list, 'post'); + for ($i = 0; $i < count($posts); $i++) + $post_ids[] = $posts[$i]->ID; - update_postmeta_cache($post_id_list); -} + update_object_term_cache($post_ids, 'post'); -function update_postmeta_cache($post_id_list = '') { - global $wpdb, $post_meta_cache, $blog_id; + update_postmeta_cache($post_ids); +} - // We should validate this comma-separated list for the upcoming SQL query - $post_id_list = preg_replace('|[^0-9,]|', '', $post_id_list); +function update_postmeta_cache($post_ids) { + global $wpdb; - if ( empty( $post_id_list ) ) + if ( empty( $post_ids ) ) return false; - // we're marking each post as having its meta cached (with no keys... empty array), to prevent posts with no meta keys from being queried again - // any posts that DO have keys will have this empty array overwritten with a proper array, down below - $post_id_array = (array) explode(',', $post_id_list); - $count = count( $post_id_array); - for ( $i = 0; $i < $count; $i++ ) { - $post_id = (int) $post_id_array[ $i ]; - if ( isset( $post_meta_cache[$blog_id][$post_id] ) ) { // If the meta is already cached - unset( $post_id_array[ $i ] ); - continue; - } - $post_meta_cache[$blog_id][$post_id] = array(); + if ( !is_array($post_ids) ) { + $post_ids = preg_replace('|[^0-9,]|', '', $post_ids); + $post_ids = explode(',', $post_ids); } - if ( count( $post_id_array ) == 0 ) - return; - $post_id_list = join( ',', $post_id_array ); // with already cached stuff removeds - // Get post-meta info - if ( $meta_list = $wpdb->get_results("SELECT post_id, meta_key, meta_value FROM $wpdb->postmeta WHERE post_id IN($post_id_list) ORDER BY post_id, meta_key", ARRAY_A) ) { - // Change from flat structure to hierarchical: - if ( !isset($post_meta_cache) ) - $post_meta_cache[$blog_id] = array(); + $post_ids = array_map('intval', $post_ids); + + $ids = array(); + foreach ( (array) $post_ids as $id ) { + if ( false === wp_cache_get($id, 'post_meta') ) + $ids[] = $id; + } + + if ( empty( $ids ) ) + return false; - foreach ($meta_list as $metarow) { + // Get post-meta info + $id_list = join(',', $ids); + $cache = array(); + if ( $meta_list = $wpdb->get_results("SELECT post_id, meta_key, meta_value FROM $wpdb->postmeta WHERE post_id IN ($id_list) ORDER BY post_id, meta_key", ARRAY_A) ) { + foreach ( (array) $meta_list as $metarow) { $mpid = (int) $metarow['post_id']; $mkey = $metarow['meta_key']; $mval = $metarow['meta_value']; // Force subkeys to be array type: - if ( !isset($post_meta_cache[$blog_id][$mpid]) || !is_array($post_meta_cache[$blog_id][$mpid]) ) - $post_meta_cache[$blog_id][$mpid] = array(); - if ( !isset($post_meta_cache[$blog_id][$mpid]["$mkey"]) || !is_array($post_meta_cache[$blog_id][$mpid]["$mkey"]) ) - $post_meta_cache[$blog_id][$mpid]["$mkey"] = array(); + if ( !isset($cache[$mpid]) || !is_array($cache[$mpid]) ) + $cache[$mpid] = array(); + if ( !isset($cache[$mpid][$mkey]) || !is_array($cache[$mpid][$mkey]) ) + $cache[$mpid][$mkey] = array(); // Add a value to the current pid/key: - $post_meta_cache[$blog_id][$mpid][$mkey][] = $mval; + $cache[$mpid][$mkey][] = $mval; } } + + foreach ( (array) $ids as $id ) { + if ( ! isset($cache[$id]) ) + $cache[$id] = array(); + } + + foreach ( array_keys($cache) as $post) + wp_cache_set($post, $cache[$post], 'post_meta'); + + return $cache; } // @@ -1831,7 +1729,7 @@ function _transition_post_status($new_status, $old_status, $post) { if ( $old_status != 'publish' && $new_status == 'publish' ) { // Reset GUID if transitioning to publish. - $wpdb->query("UPDATE $wpdb->posts SET guid = '" . get_permalink($post->ID) . "' WHERE ID = '$post->ID'"); + $wpdb->update( $wpdb->posts, array( 'guid' => get_permalink( $post->ID ) ), array( 'ID' => $post->ID ) ); do_action('private_to_published', $post->ID); // Deprecated, use private_to_publish } @@ -1858,17 +1756,10 @@ function _publish_post_hook($post_id) { $post = get_post($post_id); + $data = array( 'post_id' => $post_id, 'meta_value' => '1' ); if ( get_option('default_pingback_flag') ) - $result = $wpdb->query(" - INSERT INTO $wpdb->postmeta - (post_id,meta_key,meta_value) - VALUES ('$post_id','_pingme','1') - "); - $result = $wpdb->query(" - INSERT INTO $wpdb->postmeta - (post_id,meta_key,meta_value) - VALUES ('$post_id','_encloseme','1') - "); + $wpdb->insert( $wpdb->postmeta, $data + array( 'meta_key' => '_pingme' ) ); + $wpdb->insert( $wpdb->postmeta, $data + array( 'meta_key' => '_encloseme' ) ); wp_schedule_single_event(time(), 'do_pings'); } diff --git a/wp-includes/query.php b/wp-includes/query.php index 49cff8b..fad901a 100644 --- a/wp-includes/query.php +++ b/wp-includes/query.php @@ -932,7 +932,7 @@ class WP_Query { }
if ( !empty($q['category__in']) ) {
- $join = " LEFT JOIN $wpdb->term_relationships ON ($wpdb->posts.ID = $wpdb->term_relationships.object_id) LEFT JOIN $wpdb->term_taxonomy ON ($wpdb->term_relationships.term_taxonomy_id = $wpdb->term_taxonomy.term_taxonomy_id) ";
+ $join = " INNER JOIN $wpdb->term_relationships ON ($wpdb->posts.ID = $wpdb->term_relationships.object_id) INNER JOIN $wpdb->term_taxonomy ON ($wpdb->term_relationships.term_taxonomy_id = $wpdb->term_taxonomy.term_taxonomy_id) ";
$whichcat .= " AND $wpdb->term_taxonomy.taxonomy = 'category' ";
$include_cats = "'" . implode("', '", $q['category__in']) . "'";
$whichcat .= " AND $wpdb->term_taxonomy.term_id IN ($include_cats) ";
@@ -948,15 +948,6 @@ class WP_Query { }
}
- if ( !empty($q['category__and']) ) {
- $count = 0;
- foreach ( $q['category__and'] as $category_and ) {
- $join .= " LEFT JOIN $wpdb->term_relationships AS tr$count ON ($wpdb->posts.ID = tr$count.object_id) LEFT JOIN $wpdb->term_taxonomy AS tt$count ON (tr$count.term_taxonomy_id = tt$count.term_taxonomy_id) ";
- $whichcat .= " AND tt$count.term_id = '$category_and' ";
- $count++;
- }
- }
-
// Category stuff for nice URLs
if ( '' != $q['category_name'] ) {
$reqcat = get_category_by_path($q['category_name']);
@@ -982,7 +973,7 @@ class WP_Query { $q['cat'] = $reqcat;
- $join = " LEFT JOIN $wpdb->term_relationships ON ($wpdb->posts.ID = $wpdb->term_relationships.object_id) LEFT JOIN $wpdb->term_taxonomy ON ($wpdb->term_relationships.term_taxonomy_id = $wpdb->term_taxonomy.term_taxonomy_id) ";
+ $join = " INNER JOIN $wpdb->term_relationships ON ($wpdb->posts.ID = $wpdb->term_relationships.object_id) INNER JOIN $wpdb->term_taxonomy ON ($wpdb->term_relationships.term_taxonomy_id = $wpdb->term_taxonomy.term_taxonomy_id) ";
$whichcat = " AND $wpdb->term_taxonomy.taxonomy = 'category' ";
$in_cats = array($q['cat']);
$in_cats = array_merge($in_cats, get_term_children($q['cat'], 'category'));
@@ -1007,14 +998,7 @@ class WP_Query { }
} else {
$q['tag'] = sanitize_term_field('slug', $q['tag'], 0, 'post_tag', 'db');
- $reqtag = is_term( $q['tag'], 'post_tag' );
- if ( !empty($reqtag) )
- $reqtag = $reqtag['term_id'];
- else
- $reqtag = 0;
-
- $q['tag_id'] = $reqtag;
- $q['tag__in'][] = $reqtag;
+ $q['tag_slug__in'][] = $q['tag'];
}
}
@@ -1024,7 +1008,7 @@ class WP_Query { }
if ( !empty($q['tag__in']) ) {
- $join = " LEFT JOIN $wpdb->term_relationships ON ($wpdb->posts.ID = $wpdb->term_relationships.object_id) LEFT JOIN $wpdb->term_taxonomy ON ($wpdb->term_relationships.term_taxonomy_id = $wpdb->term_taxonomy.term_taxonomy_id) ";
+ $join = " INNER JOIN $wpdb->term_relationships ON ($wpdb->posts.ID = $wpdb->term_relationships.object_id) INNER JOIN $wpdb->term_taxonomy ON ($wpdb->term_relationships.term_taxonomy_id = $wpdb->term_taxonomy.term_taxonomy_id) ";
$whichcat .= " AND $wpdb->term_taxonomy.taxonomy = 'post_tag' ";
$include_tags = "'" . implode("', '", $q['tag__in']) . "'";
$whichcat .= " AND $wpdb->term_taxonomy.term_id IN ($include_tags) ";
@@ -1034,7 +1018,7 @@ class WP_Query { }
if ( !empty($q['tag_slug__in']) ) {
- $join = " LEFT JOIN $wpdb->term_relationships ON ($wpdb->posts.ID = $wpdb->term_relationships.object_id) LEFT JOIN $wpdb->term_taxonomy ON ($wpdb->term_relationships.term_taxonomy_id = $wpdb->term_taxonomy.term_taxonomy_id) LEFT JOIN $wpdb->terms ON ($wpdb->term_taxonomy.term_id = $wpdb->terms.term_id) ";
+ $join = " INNER JOIN $wpdb->term_relationships ON ($wpdb->posts.ID = $wpdb->term_relationships.object_id) INNER JOIN $wpdb->term_taxonomy ON ($wpdb->term_relationships.term_taxonomy_id = $wpdb->term_taxonomy.term_taxonomy_id) INNER JOIN $wpdb->terms ON ($wpdb->term_taxonomy.term_id = $wpdb->terms.term_id) ";
$whichcat .= " AND $wpdb->term_taxonomy.taxonomy = 'post_tag' ";
$include_tags = "'" . implode("', '", $q['tag_slug__in']) . "'";
$whichcat .= " AND $wpdb->terms.slug IN ($include_tags) ";
@@ -1051,28 +1035,32 @@ class WP_Query { }
}
- if ( !empty($q['tag__and']) ) {
- $count = 0;
- foreach ( $q['tag__and'] as $tag_and ) {
- $join .= " LEFT JOIN $wpdb->term_relationships AS tr$count ON ($wpdb->posts.ID = tr$count.object_id) LEFT JOIN $wpdb->term_taxonomy AS tt$count ON (tr$count.term_taxonomy_id = tt$count.term_taxonomy_id) ";
- $whichcat .= " AND tt$count.term_id = '$tag_and' ";
- $count++;
+ // Tag and slug intersections.
+ $intersections = array('category__and' => 'category', 'tag__and' => 'post_tag', 'tag_slug__and' => 'post_tag');
+ foreach ($intersections as $item => $taxonomy) {
+ if ( empty($q[$item]) ) continue;
+
+ if ( $item != 'category__and' ) {
+ $reqtag = is_term( $q[$item][0], 'post_tag' );
+ if ( !empty($reqtag) )
+ $q['tag_id'] = $reqtag['term_id'];
}
- $reqtag = is_term( $q['tag__and'][0], 'post_tag' );
- if ( !empty($reqtag) )
- $q['tag_id'] = $reqtag['term_id'];
- }
- if ( !empty($q['tag_slug__and']) ) {
- $count = 0;
- foreach ( $q['tag_slug__and'] as $tag_and ) {
- $join .= " LEFT JOIN $wpdb->term_relationships AS tr$count ON ($wpdb->posts.ID = tr$count.object_id) LEFT JOIN $wpdb->term_taxonomy AS tt$count ON (tr$count.term_taxonomy_id = tt$count.term_taxonomy_id) LEFT JOIN $wpdb->terms AS term$count ON (tt$count.term_id = term$count.term_id) ";
- $whichcat .= " AND term$count.slug = '$tag_and' ";
- $count++;
+ $taxonomy_field = $item == 'tag_slug__and' ? 'slug' : 'term_id';
+
+ $q[$item] = array_unique($q[$item]);
+ $tsql = "SELECT p.ID FROM $wpdb->posts p INNER JOIN $wpdb->term_relationships tr ON (p.ID = tr.object_id) INNER JOIN $wpdb->term_taxonomy tt ON (tr.term_taxonomy_id = tt.term_taxonomy_id) INNER JOIN $wpdb->terms t ON (tt.term_id = t.term_id)";
+ $tsql .= " WHERE tt.taxonomy = '$taxonomy' AND t.$taxonomy_field IN ('" . implode("', '", $q[$item]) . "')";
+ $tsql .= " GROUP BY p.ID HAVING count(p.ID) = " . count($q[$item]);
+
+ $post_ids = $wpdb->get_col($tsql);
+
+ if ( count($post_ids) )
+ $whichcat .= " AND $wpdb->posts.ID IN (" . implode(', ', $post_ids) . ") ";
+ else {
+ $whichcat = " AND 0 = 1";
+ break;
}
- $reqtag = is_term( $q['tag_slug__and'][0], 'post_tag' );
- if ( !empty($reqtag) )
- $q['tag_id'] = $reqtag['term_id'];
}
// Author/user stuff
diff --git a/wp-includes/registration.php b/wp-includes/registration.php index c5b0fb1..c535983 100644 --- a/wp-includes/registration.php +++ b/wp-includes/registration.php @@ -21,8 +21,7 @@ function username_exists( $username ) { */ function email_exists( $email ) { global $wpdb; - $email = $wpdb->escape( $email ); - return $wpdb->get_var( "SELECT ID FROM $wpdb->users WHERE user_email = '$email'" ); + return $wpdb->get_var( $wpdb->prepare( "SELECT ID FROM $wpdb->users WHERE user_email = %s", $email) ); } /** @@ -98,18 +97,13 @@ function wp_insert_user($userdata) { if ( empty($user_registered) ) $user_registered = gmdate('Y-m-d H:i:s'); + $data = compact( 'user_pass', 'user_email', 'user_url', 'user_nicename', 'display_name' ); + if ( $update ) { - $query = "UPDATE $wpdb->users SET user_pass='$user_pass', user_email='$user_email', user_url='$user_url', user_nicename = '$user_nicename', display_name = '$display_name' WHERE ID = '$ID'"; - $query = apply_filters('update_user_query', $query); - $wpdb->query( $query ); + $wpdb->update( $wpdb->users, $data, compact( 'ID' ) ); $user_id = (int) $ID; } else { - $query = "INSERT INTO $wpdb->users - (user_login, user_pass, user_email, user_url, user_registered, user_nicename, display_name) - VALUES - ('$user_login', '$user_pass', '$user_email', '$user_url', '$user_registered', '$user_nicename', '$display_name')"; - $query = apply_filters('create_user_query', $query); - $wpdb->query( $query ); + $wpdb->insert( $wpdb->users, $data + compact( 'user_login' ) ); $user_id = (int) $wpdb->insert_id; } @@ -145,13 +139,10 @@ function wp_insert_user($userdata) { /** * Update an user in the database. - * @global object $wpdb WordPress database layer. * @param array $userdata An array of user data. * @return int The updated user's ID. */ function wp_update_user($userdata) { - global $wpdb; - $ID = (int) $userdata['ID']; // First, get all of the original fields diff --git a/wp-includes/rss.php b/wp-includes/rss.php index 8746767..d782a7a 100644 --- a/wp-includes/rss.php +++ b/wp-includes/rss.php @@ -667,9 +667,10 @@ class RSSCache { $cache_option = 'rss_' . $this->file_name( $url ); $cache_timestamp = 'rss_' . $this->file_name( $url ) . '_ts'; - if ( !$wpdb->get_var("SELECT option_name FROM $wpdb->options WHERE option_name = '$cache_option'") ) + // shouldn't these be using get_option() ? + if ( !$wpdb->get_var( $wpdb->prepare( "SELECT option_name FROM $wpdb->options WHERE option_name = %s", $cache_option ) ) ) add_option($cache_option, '', '', 'no'); - if ( !$wpdb->get_var("SELECT option_name FROM $wpdb->options WHERE option_name = '$cache_timestamp'") ) + if ( !$wpdb->get_var( $wpdb->prepare( "SELECT option_name FROM $wpdb->options WHERE option_name = %s", $cache_timestamp ) ) ) add_option($cache_timestamp, '', '', 'no'); update_option($cache_option, $rss); diff --git a/wp-includes/script-loader.php b/wp-includes/script-loader.php index 2a7730c..1be5632 100644 --- a/wp-includes/script-loader.php +++ b/wp-includes/script-loader.php @@ -61,6 +61,11 @@ class WP_Scripts { 'delText' => __('Are you sure you want to delete this %thing%?') ) ); + $this->add( 'wp-lists', '/wp-includes/js/wp-lists.js', array('jquery'), '20070823' ); + $this->localize( 'wp-lists', 'wpListL10n', array( + 'url' => get_option( 'siteurl' ) . '/wp-admin/admin-ajax.php' + ) ); + $this->add( 'scriptaculous-root', '/wp-includes/js/scriptaculous/scriptaculous.js', array('prototype'), '1.7.1-b3'); $this->add( 'scriptaculous-builder', '/wp-includes/js/scriptaculous/builder.js', array('scriptaculous-root'), '1.7.1-b3'); $this->add( 'scriptaculous-dragdrop', '/wp-includes/js/scriptaculous/dragdrop.js', array('scriptaculous-builder', 'scriptaculous-effects'), '1.7.1-b3'); @@ -105,20 +110,16 @@ class WP_Scripts { 'toggleKey' => __(', or press the enter key to %toggle% it'), ) ); } - $this->add( 'ajaxcat', '/wp-admin/js/cat.js', array('listman'), '20070724' ); + $this->add( 'ajaxcat', '/wp-admin/js/cat.js', array( 'wp-lists' ), '20070823' ); $this->localize( 'ajaxcat', 'catL10n', array( 'add' => attribute_escape(__('Add')), 'how' => __('Separate multiple categories with commas.') ) ); - $this->add( 'ajaxlinkcat', '/wp-admin/js/link-cat.js', array('listman'), '200700601' ); - $this->localize( 'ajaxlinkcat', 'linkcatL10n', array( - 'add' => attribute_escape(__('Add')), - 'how' => __('Separate multiple categories with commas.') - ) ); - $this->add( 'admin-categories', '/wp-admin/js/categories.js', array('listman'), '3684' ); - $this->add( 'admin-custom-fields', '/wp-admin/js/custom-fields.js', array('listman'), '3733' ); - $this->add( 'admin-comments', '/wp-admin/js/edit-comments.js', array('listman'), '20070327' ); - $this->add( 'admin-users', '/wp-admin/js/users.js', array('listman'), '4583' ); + $this->add( 'admin-categories', '/wp-admin/js/categories.js', array('wp-lists'), '20070823' ); + $this->add( 'admin-custom-fields', '/wp-admin/js/custom-fields.js', array('wp-lists'), '20070823' ); + $this->add( 'admin-comments', '/wp-admin/js/edit-comments.js', array('wp-lists'), '20070822' ); + $this->add( 'admin-posts', '/wp-admin/js/edit-posts.js', array('wp-lists'), '20070823' ); + $this->add( 'admin-users', '/wp-admin/js/users.js', array('wp-lists'), '20070823' ); $this->add( 'xfn', '/wp-admin/js/xfn.js', false, '3517' ); $this->add( 'upload', '/wp-admin/js/upload.js', array('jquery'), '20070518' ); $this->localize( 'upload', 'uploadL10n', array( @@ -178,8 +179,8 @@ class WP_Scripts { $src = add_query_arg('ver', $ver, $src); $src = clean_url(apply_filters( 'script_loader_src', $src )); - echo "<script type='text/javascript' src='$src'></script>\n"; $this->print_scripts_l10n( $handle ); + echo "<script type='text/javascript' src='$src'></script>\n"; } $this->printed[] = $handle; } @@ -421,4 +422,24 @@ function wp_enqueue_script( $handle, $src = false, $deps = array(), $ver = false } $wp_scripts->enqueue( $handle ); } + +function wp_prototype_before_jquery( $js_array ) { + if ( false === $jquery = array_search( 'jquery', $js_array ) ) + return $js_array; + + if ( false === $prototype = array_search( 'prototype', $js_array ) ) + return $js_array; + + if ( $prototype < $jquery ) + return $js_array; + + unset($js_array[$prototype]); + + array_splice( $js_array, $jquery, 0, 'prototype' ); + + return $js_array; +} + +add_filter( 'print_scripts_array', 'wp_prototype_before_jquery' ); + ?> diff --git a/wp-includes/taxonomy.php b/wp-includes/taxonomy.php index ea2f432..5c60ad4 100644 --- a/wp-includes/taxonomy.php +++ b/wp-includes/taxonomy.php @@ -1,11 +1,18 @@ <?php +/** + * @package WordPress + * @subpackage Taxonomy + * @since 2.3 + */ // // Taxonomy Registration // /** - * @global array $wp_taxonomies Fill me out please + * Default Taxonomy Objects + * @since 2.3 + * @global array $wp_taxonomies */ $wp_taxonomies = array(); $wp_taxonomies['category'] = (object) array('name' => 'category', 'object_type' => 'post', 'hierarchical' => true, 'update_count_callback' => '_update_post_term_count'); @@ -18,20 +25,17 @@ $wp_taxonomies['link_category'] = (object) array('name' => 'link_category', 'obj * It appears that this function can be used to find all of the names inside of * $wp_taxonomies global variable. * - * @example - * <?php $taxonomies = get_object_taxonomies('post'); ?> - * Should result in <pre>Array( - * 'category', - * 'post_tag' - * )</pre> + * <code><?php $taxonomies = get_object_taxonomies('post'); ?></code> + * Should result in <code>Array('category', 'post_tag')</code> * - * @package Taxonomy - * @global array $wp_taxonomies - * @param string $object_type Name of the type of taxonomy object - * @return array The names of all within the object_type. + * @package WordPress + * @subpackage Taxonomy + * @since 2.3 + * + * @uses $wp_taxonomies * - * @internal - * This is all conjecture and might be partially or completely inaccurate. + * @param string $object_type Name of the type of taxonomy object + * @return array The names of all taxonomy of $object_type. */ function get_object_taxonomies($object_type) { global $wp_taxonomies; @@ -46,18 +50,20 @@ function get_object_taxonomies($object_type) { } /** - * get_taxonomy() - Returns the "taxonomy" object of $taxonomy. + * get_taxonomy() - Returns the taxonomy object of $taxonomy. * * The get_taxonomy function will first check that the parameter string given * is a taxonomy object and if it is, it will return it. * - * @package Taxonomy - * @global array $wp_taxonomies - * @param string $taxonomy Name of taxonomy object to return - * @return object|bool The Taxonomy Object or false if taxonomy doesn't exist + * @package WordPress + * @subpackage Taxonomy + * @since 2.3 * - * @internal - * This is all conjecture and might be partially or completely inaccurate. + * @uses $wp_taxonomies + * @uses is_taxonomy() Checks whether taxonomy exists + * + * @param string $taxonomy Name of taxonomy object to return + * @return object|bool The Taxonomy Object or false if $taxonomy doesn't exist */ function get_taxonomy( $taxonomy ) { global $wp_taxonomies; @@ -71,13 +77,14 @@ function get_taxonomy( $taxonomy ) { /** * is_taxonomy() - Checks that the taxonomy name exists * - * @package Taxonomy - * @global array $wp_taxonomies + * @package WordPress + * @subpackage Taxonomy + * @since 2.3 + * + * @uses $wp_taxonomies + * * @param string $taxonomy Name of taxonomy object * @return bool Whether the taxonomy exists or not. - * - * @internal - * This is all conjecture and might be partially or completely inaccurate. */ function is_taxonomy( $taxonomy ) { global $wp_taxonomies; @@ -91,15 +98,17 @@ function is_taxonomy( $taxonomy ) { * Checks to make sure that the taxonomy is an object first. Then Gets the object, and finally * returns the hierarchical value in the object. * - * A false return value, might also mean that the taxonomy does not exist. + * A false return value might also mean that the taxonomy does not exist. + * + * @package WordPress + * @subpackage Taxonomy + * @since 2.3 + * + * @uses is_taxonomy() Checks whether taxonomy exists + * @uses get_taxonomy() Used to get the taxonomy object * - * @package Taxonomy - * @global array $wp_taxonomies * @param string $taxonomy Name of taxonomy object * @return bool Whether the taxonomy is hierarchical - * - * @internal - * This is all conjecture and might be partially or completely inaccurate. */ function is_taxonomy_hierarchical($taxonomy) { if ( ! is_taxonomy($taxonomy) ) @@ -120,20 +129,20 @@ function is_taxonomy_hierarchical($taxonomy) { * functions to still work. It is possible to overwrite the default set, which contains two * keys: hierarchical and update_count_callback. * - * hierarachical has some defined purpose at other parts of the API and is a boolean value. + * Nothing is returned, so expect error maybe or use is_taxonomy() to check whether taxonomy exists. * - * update_count_callback works much like a hook, in that it will be called (or something from - * somewhere). + * Optional $args contents: + * hierarachical - has some defined purpose at other parts of the API and is a boolean value. + * update_count_callback - works much like a hook, in that it will be called when the count is updated. * - * @package Taxonomy - * @global array $wp_taxonomies + * @package WordPress + * @subpackage Taxonomy + * @since 2.3 + * @uses $wp_taxonomies Inserts new taxonomy object into the list + * * @param string $taxonomy Name of taxonomy object * @param string $object_type Name of the object type for the taxonomy object. * @param array|string $args See above description for the two keys values. - * @return null Nothing is returned, so expect error maybe or use is_taxonomy() to check. - * - * @internal - * This is all conjecture and might be partially or completely inaccurate. */ function register_taxonomy( $taxonomy, $object_type, $args = array() ) { global $wp_taxonomies; @@ -164,18 +173,18 @@ function register_taxonomy( $taxonomy, $object_type, $args = array() ) { * functions or using the database by using $args with either ASC or DESC array. The value should * be in the key named 'order'. * - * @package Taxonomy - * @subpackage Term - * @global object $wpdb Database Query + * @package WordPress + * @subpackage Taxonomy + * @since 2.3 + * + * @uses $wpdb + * @uses wp_parse_args() Creates an array from string $args. + * * @param string|array $terms String of term or array of string values of terms that will be used * @param string|array $taxonomies String of taxonomy name or Array of string values of taxonomy names * @param array|string $args Change the order of the object_ids, either ASC or DESC - * @return object WP_Error - A PHP 4 compatible Exception class prototype - * @return array Empty array if there are no $object_ids - * @return array Array of $object_ids - * - * @internal - * This is all conjecture and might be partially or completely inaccurate. + * @return WP_Error|array If the taxonomy does not exist, then WP_Error will be returned. On success + * the array can be empty meaning that there are no $object_ids found or it will return the $object_ids found. */ function get_objects_in_term( $terms, $taxonomies, $args = array() ) { global $wpdb; @@ -195,6 +204,8 @@ function get_objects_in_term( $terms, $taxonomies, $args = array() ) { $args = wp_parse_args( $args, $defaults ); extract($args, EXTR_SKIP); + $order = ( 'desc' == strtolower($order) ) ? 'DESC' : 'ASC'; + $terms = array_map('intval', $terms); $taxonomies = "'" . implode("', '", $taxonomies) . "'"; @@ -209,21 +220,39 @@ function get_objects_in_term( $terms, $taxonomies, $args = array() ) { } /** - * get_term() - + * get_term() - Get all Term data from database by Term ID. + * + * The usage of the get_term function is to apply filters to a term object. + * It is possible to get a term object from the database before applying the + * filters. * + * $term ID must be part of $taxonomy, to get from the database. Failure, might be + * able to be captured by the hooks. Failure would be the same value as $wpdb returns for the + * get_row method. * + * There are two hooks, one is specifically for each term, named 'get_term', and the second is + * for the taxonomy name, 'term_$taxonomy'. Both hooks gets the term object, and the taxonomy + * name as parameters. Both hooks are expected to return a Term object. * - * @package Taxonomy - * @subpackage Term - * @global object $wpdb Database Query - * @param int|object $term - * @param string $taxonomy - * @param string $output Either OBJECT, ARRAY_A, or ARRAY_N - * @return mixed Term Row from database + * 'get_term' hook - Takes two parameters the term Object and the taxonomy name. Must return + * term object. Used in @see get_term() as a catch-all filter for every $term. * - * @internal - * This won't appear but just a note to say that this is all conjecture and parts or whole - * might be inaccurate or wrong. + * 'get_$taxonomy' hook - Takes two parameters the term Object and the taxonomy name. Must return + * term object. $taxonomy will be the taxonomy name, so for example, if 'category', it would be + * 'get_category' as the filter name. Useful for custom taxonomies or plugging into default taxonomies. + * + * @package WordPress + * @subpackage Taxonomy + * @since 2.3 + * + * @uses $wpdb + * + * @param int|object $term If integer, will get from database. If object will apply filters and return $term. + * @param string $taxonomy Taxonomy name that $term is part of. + * @param string $output Constant OBJECT, ARRAY_A, or ARRAY_N + * @param string $filter {@internal Missing Description}} + * @return mixed|null|WP_Error Term Row from database. Will return null if $term is empty. If taxonomy does not + * exist then WP_Error will be returned. */ function &get_term($term, $taxonomy, $output = OBJECT, $filter = 'raw') { global $wpdb; @@ -240,29 +269,12 @@ function &get_term($term, $taxonomy, $output = OBJECT, $filter = 'raw') { } else { $term = (int) $term; if ( ! $_term = wp_cache_get($term, $taxonomy) ) { - $_term = $wpdb->get_row("SELECT t.*, tt.* FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy AS tt ON t.term_id = tt.term_id WHERE tt.taxonomy = '$taxonomy' AND t.term_id = '$term' LIMIT 1"); + $_term = $wpdb->get_row( $wpdb->prepare( "SELECT t.*, tt.* FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy AS tt ON t.term_id = tt.term_id WHERE tt.taxonomy = %s AND t.term_id = %s LIMIT 1", $taxonomy, $term) ); wp_cache_add($term, $_term, $taxonomy); } } - /** - * @internal - * Filter tag is basically: filter 'type' 'hook_name' 'description' - * - * Takes two parameters the term Object and the taxonomy name. Must return term object. - * @filter object get_term Used in @see get_term() as a catch-all filter for every $term - */ $_term = apply_filters('get_term', $_term, $taxonomy); - /** - * @internal - * Filter tag is basically: filter 'type' 'hook_name' 'description' - * - * Takes two parameters the term Object and the taxonomy name. Must return term object. - * $taxonomy will be the taxonomy name, so for example, if 'category', it would be 'get_category' - * as the filter name. - * Useful for custom taxonomies or plugging into default taxonomies. - * @filter object get_$taxonomy Used in @see get_term() as specific filter for each $taxonomy. - */ $_term = apply_filters("get_$taxonomy", $_term, $taxonomy); $_term = sanitize_term($_term, $taxonomy, $filter); @@ -278,22 +290,28 @@ function &get_term($term, $taxonomy, $output = OBJECT, $filter = 'raw') { } /** - * get_term_by() - + * get_term_by() - Get all Term data from database by Term field and data. + * + * Warning: $value is not escaped for 'name' $field. You must do it yourself, if required. + * + * The default $field is 'id', therefore it is possible to also use null for field, but not + * recommended that you do so. * + * If $value does not exist, the return value will be false. If $taxonomy exists and $field + * and $value combinations exist, the Term will be returned. * + * @package WordPress + * @subpackage Taxonomy + * @since 2.3 * - * @package Taxonomy - * @subpackage Term - * @global object $wpdb Database Query - * @param string $field - * @param string $value - * @param string $taxonomy - * @param string $output Either OBJECT, ARRAY_A, or ARRAY_N - * @return mixed Term Row from database + * @uses $wpdb * - * @internal - * This won't appear but just a note to say that this is all conjecture and parts or whole - * might be inaccurate or wrong. + * @param string $field Either 'slug', 'name', or 'id' + * @param string|int $value Search for this term value + * @param string $taxonomy Taxonomy Name + * @param string $output Constant OBJECT, ARRAY_A, or ARRAY_N + * @param string $filter {@internal Missing Description}} + * @return mixed Term Row from database. Will return false if $taxonomy does not exist or $term was not found. */ function get_term_by($field, $value, $taxonomy, $output = OBJECT, $filter = 'raw') { global $wpdb; @@ -314,7 +332,7 @@ function get_term_by($field, $value, $taxonomy, $output = OBJECT, $filter = 'raw $value = (int) $value; } - $term = $wpdb->get_row("SELECT t.*, tt.* FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy AS tt ON t.term_id = tt.term_id WHERE tt.taxonomy = '$taxonomy' AND $field = '$value' LIMIT 1"); + $term = $wpdb->get_row( $wpdb->prepare( "SELECT t.*, tt.* FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy AS tt ON t.term_id = tt.term_id WHERE tt.taxonomy = %s AND $field = %s LIMIT 1", $taxonomy, $value) ); if ( !$term ) return false; @@ -337,19 +355,21 @@ function get_term_by($field, $value, $taxonomy, $output = OBJECT, $filter = 'raw * get_term_children() - Merge all term children into a single array. * * This recursive function will merge all of the children of $term into - * the same array. + * the same array. Only useful for taxonomies which are hierarchical. * - * Only useful for taxonomies which are hierarchical. + * Will return an empty array if $term does not exist in $taxonomy. * - * @package Taxonomy - * @subpackage Term - * @global object $wpdb Database Query + * @package WordPress + * @subpackage Taxonomy + * @since 2.3 + * + * @uses $wpdb + * @uses _get_term_hierarchy() + * @uses get_term_children() Used to get the children of both $taxonomy and the parent $term + * * @param string $term Name of Term to get children * @param string $taxonomy Taxonomy Name - * @return array List of Term Objects - * - * @internal - * This is all conjecture and might be partially or completely inaccurate. + * @return array|WP_Error List of Term Objects. WP_Error returned if $taxonomy does not exist */ function get_term_children( $term, $taxonomy ) { if ( ! is_taxonomy($taxonomy) ) @@ -377,16 +397,17 @@ function get_term_children( $term, $taxonomy ) { * contextual reasons and for simplicity of usage. @see sanitize_term_field() for * more information. * - * @package Taxonomy - * @subpackage Term + * @package WordPress + * @subpackage Taxonomy + * @since 2.3 + * + * @uses sanitize_term_field() Passes the return value in sanitize_term_field on success. + * * @param string $field Term field to fetch * @param int $term Term ID * @param string $taxonomy Taxonomy Name - * @param string $context ?? - * @return mixed @see sanitize_term_field() - * - * @internal - * This is all conjecture and might be partially or completely inaccurate. + * @param string $context {@internal Missing Description}} + * @return mixed Will return an empty string if $term is not an object or if $field is not set in $term. */ function get_term_field( $field, $term, $taxonomy, $context = 'display' ) { $term = (int) $term; @@ -409,14 +430,15 @@ function get_term_field( $field, $term, $taxonomy, $context = 'display' ) { * Return value is @see sanitize_term() and usage is for sanitizing the term * for editing. Function is for contextual and simplicity. * - * @package Taxonomy - * @subpackage Term + * @package WordPress + * @subpackage Taxonomy + * @since 2.3 + * + * @uses sanitize_term() Passes the return value on success + * * @param int|object $id Term ID or Object * @param string $taxonomy Taxonomy Name - * @return mixed @see sanitize_term() - * - * @internal - * This is all conjecture and might be partially or completely inaccurate. + * @return mixed|null|WP_Error Will return empty string if $term is not an object. */ function get_term_to_edit( $id, $taxonomy ) { $term = get_term( $id, $taxonomy ); @@ -431,18 +453,51 @@ function get_term_to_edit( $id, $taxonomy ) { } /** - * get_terms() - + * get_terms() - Retrieve the terms in taxonomy or list of taxonomies. * - * - * - * @package Taxonomy - * @subpackage Term - * @param string|array Taxonomy name or list of Taxonomy names - * @param string|array $args ?? - * @return array List of Term Objects and their children. + * You can fully inject any customizations to the query before it is sent, as well as control + * the output with a filter. + * + * The 'get_terms' filter will be called when the cache has the term and will pass the found + * term along with the array of $taxonomies and array of $args. This filter is also called + * before the array of terms is passed and will pass the array of terms, along with the $taxonomies + * and $args. + * + * The 'list_terms_exclusions' filter passes the compiled exclusions along with the $args. + * + * The list that $args can contain, which will overwrite the defaults. + * orderby - Default is 'name'. Can be name, count, or nothing (will use term_id). + * order - Default is ASC. Can use DESC. + * hide_empty - Default is true. Will not return empty $terms. + * fields - Default is all. + * slug - Any terms that has this value. Default is empty string. + * hierarchical - Whether to return hierarchical taxonomy. Default is true. + * name__like - Default is empty string. + * + * The argument 'pad_counts' will count all of the children along with the $terms. + * + * The 'get' argument allows for overwriting 'hide_empty' and 'child_of', which can be done by + * setting the value to 'all', instead of its default empty string value. + * + * The 'child_of' argument will be used if you use multiple taxonomy or the first $taxonomy + * isn't hierarchical or 'parent' isn't used. The default is 0, which will be translated to + * a false value. If 'child_of' is set, then 'child_of' value will be tested against + * $taxonomy to see if 'child_of' is contained within. Will return an empty array if test + * fails. + * + * If 'parent' is set, then it will be used to test against the first taxonomy. Much like + * 'child_of'. Will return an empty array if the test fails. + * + * @package WordPress + * @subpackage Taxonomy + * @since 2.3 * - * @internal - * This is all conjecture and might be partially or completely inaccurate. + * @uses $wpdb + * @uses wp_parse_args() Merges the defaults with those defined by $args and allows for strings. + * + * @param string|array Taxonomy name or list of Taxonomy names + * @param string|array $args The values of what to search for when returning terms + * @return array|WP_Error List of Term Objects and their children. Will return WP_Error, if any of $taxonomies do not exist. */ function &get_terms($taxonomies, $args = '') { global $wpdb; @@ -466,7 +521,7 @@ function &get_terms($taxonomies, $args = '') { 'hierarchical' => true, 'child_of' => 0, 'get' => '', 'name__like' => '', 'pad_counts' => false); $args = wp_parse_args( $args, $defaults ); - $args['number'] = (int) $args['number']; + $args['number'] = absint( $args['number'] ); if ( !$single_taxonomy || !is_taxonomy_hierarchical($taxonomies[0]) || '' != $args['parent'] ) { $args['child_of'] = 0; @@ -504,6 +559,10 @@ function &get_terms($taxonomies, $args = '') { $orderby = 'tt.count'; else if ( 'name' == $orderby ) $orderby = 't.name'; + else if ( 'slug' == $orderby ) + $orderby = 't.slug'; + else if ( 'term_group' == $orderby ) + $orderby = 't.term_group'; else $orderby = 't.term_id'; @@ -622,7 +681,12 @@ function &get_terms($taxonomies, $args = '') { * * Returns the index of a defined term, or 0 (false) if the term doesn't exist. * - * @global $wpdb Database Object + * @package WordPress + * @subpackage Taxonomy + * @since 2.3 + * + * @uses $wpdb + * * @param int|string $term The term to check * @param string $taxonomy The taxonomy name to use * @return mixed Get the term id or Term Object, if exists. @@ -633,19 +697,17 @@ function is_term($term, $taxonomy = '') { if ( is_int($term) ) { if ( 0 == $term ) return 0; - $where = "t.term_id = '$term'"; + $where = $wpdb->prepare( "t.term_id = %d", $term ); } else { if ( ! $term = sanitize_title($term) ) return 0; - $where = "t.slug = '$term'"; + $where = $wpdb->prepare( "t.slug = %s", $term ); } - $term_id = $wpdb->get_var("SELECT term_id FROM $wpdb->terms as t WHERE $where"); - - if ( empty($taxonomy) || empty($term_id) ) - return $term_id; + if ( !empty($taxonomy) ) + return $wpdb->get_row("SELECT tt.term_id, tt.term_taxonomy_id FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy as tt ON tt.term_id = t.term_id WHERE $where AND tt.taxonomy = '$taxonomy'", ARRAY_A); - return $wpdb->get_row("SELECT tt.term_id, tt.term_taxonomy_id FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy as tt ON tt.term_id = t.term_id WHERE $where AND tt.taxonomy = '$taxonomy'", ARRAY_A); + return $wpdb->get_var("SELECT term_id FROM $wpdb->terms as t WHERE $where"); } /** @@ -657,9 +719,15 @@ function is_term($term, $taxonomy = '') { * * The $term is expected to be either an array or an object. * + * @package WordPress + * @subpackage Taxonomy + * @since 2.3 + * + * @uses sanitize_term_field Used to sanitize all fields in a term + * * @param array|object $term The term to check * @param string $taxonomy The taxonomy name to use - * @param string $context Default is display + * @param string $context Default is 'display'. * @return array|object Term with all fields sanitized */ function sanitize_term($term, $taxonomy, $context = 'display') { @@ -680,11 +748,16 @@ function sanitize_term($term, $taxonomy, $context = 'display') { } /** - * sanitize_term_field() - + * sanitize_term_field() - {@internal Missing Short Description}} + * + * {@internal Missing Long Description}} * + * @package WordPress + * @subpackage Taxonomy + * @since 2.3 * + * @uses $wpdb * - * @global object $wpdb Database Object * @param string $field Term field to sanitize * @param string $value Search for this term value * @param int $term_id Term ID @@ -731,11 +804,16 @@ function sanitize_term_field($field, $value, $term_id, $taxonomy, $context) { /** * wp_count_terms() - Count how many terms are in Taxonomy * - * Default $args is 'ignore_empty' which can be @example 'ignore_empty=true' or - * @example array('ignore_empty' => true); See @see wp_parse_args() for more - * information on parsing $args. + * Default $args is 'ignore_empty' which can be <code>'ignore_empty=true'</code> or + * <code>array('ignore_empty' => true);</code>. + * + * @package WordPress + * @subpackage Taxonomy + * @since 2.3 + * + * @uses $wpdb + * @uses wp_parse_args() Turns strings into arrays and merges defaults into an array. * - * @global object $wpdb Database Object * @param string $taxonomy Taxonomy name * @param array|string $args Overwrite defaults * @return int How many terms are in $taxonomy @@ -751,16 +829,21 @@ function wp_count_terms( $taxonomy, $args = array() ) { if ( $ignore_empty ) $where = 'AND count > 0'; + $taxonomy = $wpdb->escape( $taxonomy ); return $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->term_taxonomy WHERE taxonomy = '$taxonomy' $where"); } /** - * wp_delete_object_term_relationships() - + * wp_delete_object_term_relationships() - {@internal Missing Short Description}} * + * {@internal Missing Long Description}} * + * @package WordPress + * @subpackage Taxonomy + * @since 2.3 + * @uses $wpdb * - * @global object $wpdb Database Object - * @param int $object_id ?? + * @param int $object_id The term Object Id that refers to the term * @param string|array $taxonomy List of Taxonomy Names or single Taxonomy name. */ function wp_delete_object_term_relationships( $object_id, $taxonomies ) { @@ -780,7 +863,19 @@ function wp_delete_object_term_relationships( $object_id, $taxonomies ) { } /** - * Removes a term from the database. + * wp_delete_term() - Removes a term from the database. + * + * {@internal Missing Long Description}} + * + * @package WordPress + * @subpackage Taxonomy + * @since 2.3 + * @uses $wpdb + * + * @param int $term Term ID + * @param string $taxonomy Taxonomy Name + * @param array|string $args Change Default + * @return bool Returns false if not term; true if completes delete action. */ function wp_delete_term( $term, $taxonomy, $args = array() ) { global $wpdb; @@ -808,10 +903,10 @@ function wp_delete_term( $term, $taxonomy, $args = array() ) { return $term_obj; $parent = $term_obj->parent; - $wpdb->query("UPDATE $wpdb->term_taxonomy SET parent = '$parent' WHERE parent = '$term_obj->term_id' AND taxonomy = '$taxonomy'"); + $wpdb->update( $wpdb->term_taxonomy, compact( $parent ), array( 'parent' => $term_obj->term_id) + compact( $taxonomy ) ); } - $objects = $wpdb->get_col("SELECT object_id FROM $wpdb->term_relationships WHERE term_taxonomy_id = '$tt_id'"); + $objects = $wpdb->get_col( $wpdb->prepare( "SELECT object_id FROM $wpdb->term_relationships WHERE term_taxonomy_id = %d", $tt_id ) ); foreach ( (array) $objects as $object ) { $terms = wp_get_object_terms($object, $taxonomy, 'fields=ids'); @@ -823,11 +918,11 @@ function wp_delete_term( $term, $taxonomy, $args = array() ) { wp_set_object_terms($object, $terms, $taxonomy); } - $wpdb->query("DELETE FROM $wpdb->term_taxonomy WHERE term_taxonomy_id = '$tt_id'"); + $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->term_taxonomy WHERE term_taxonomy_id = %d", $tt_id ) ); // Delete the term if no taxonomies use it. - if ( !$wpdb->get_var("SELECT COUNT(*) FROM $wpdb->term_taxonomy WHERE term_id = '$term'") ) - $wpdb->query("DELETE FROM $wpdb->terms WHERE term_id = '$term'"); + if ( !$wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM $wpdb->term_taxonomy WHERE term_id = %d", $term) ) ) + $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->terms WHERE term_id = %d", $term) ); clean_term_cache($term, $taxonomy); @@ -838,10 +933,19 @@ function wp_delete_term( $term, $taxonomy, $args = array() ) { } /** - * Returns the terms associated with the given object(s), in the supplied taxonomies. - * @param int|array $object_id The id of the object(s)) to retrieve for. + * wp_get_object_terms() - Returns the terms associated with the given object(s), in the supplied taxonomies. + * + * {@internal Missing Long Description}} + * + * @package WordPress + * @subpackage Taxonomy + * @since 2.3 + * @uses $wpdb + * + * @param int|array $object_id The id of the object(s)) to retrieve. * @param string|array $taxonomies The taxonomies to retrieve terms from. - * @return array The requested term data. + * @param array|string $args Change what is returned + * @return array|WP_Error The requested term data or empty array if no terms found. WP_Error if $taxonomy does not exist. */ function wp_get_object_terms($object_ids, $taxonomies, $args = array()) { global $wpdb; @@ -899,13 +1003,17 @@ function wp_get_object_terms($object_ids, $taxonomies, $args = array()) { /** * wp_insert_term() - Adds a new term to the database. Optionally marks it as an alias of an existing term. * - * + * {@internal Missing Long Description}} + * + * @package WordPress + * @subpackage Taxonomy + * @since 2.3 + * @uses $wpdb * - * @global $wpdb Database Object * @param int|string $term The term to add or update. * @param string $taxonomy The taxonomy to which to add the term * @param array|string $args Change the values of the inserted term - * @return array The Term ID and Term Taxonomy ID + * @return array|WP_Error The Term ID and Term Taxonomy ID */ function wp_insert_term( $term, $taxonomy, $args = array() ) { global $wpdb; @@ -923,19 +1031,22 @@ function wp_insert_term( $term, $taxonomy, $args = array() ) { $args = sanitize_term($args, $taxonomy, 'db'); extract($args, EXTR_SKIP); + // expected_slashed ($name) + $name = stripslashes($name); + if ( empty($slug) ) $slug = sanitize_title($name); $term_group = 0; if ( $alias_of ) { - $alias = $wpdb->fetch_row("SELECT term_id, term_group FROM $wpdb->terms WHERE slug = '$alias_of'"); + $alias = $wpdb->get_row( $wpdb->prepare( "SELECT term_id, term_group FROM $wpdb->terms WHERE slug = %s", $alias_of) ); if ( $alias->term_group ) { // The alias we want is already in a group, so let's use that one. $term_group = $alias->term_group; } else { // The alias isn't in a group, so let's create a new one and firstly add the alias term to it. - $term_group = $wpdb->get_var("SELECT MAX(term_group) FROM $wpdb->terms GROUP BY term_group") + 1; - $wpdb->query("UPDATE $wpdb->terms SET term_group = $term_group WHERE term_id = $alias->term_id"); + $term_group = $wpdb->get_var("SELECT MAX(term_group) FROM $wpdb->terms") + 1; + $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->terms SET term_group = %d WHERE term_id = %d", $term_group, $alias->term_id ) ); } } @@ -954,27 +1065,23 @@ function wp_insert_term( $term, $taxonomy, $args = array() ) { if ( empty($slug) ) { $slug = sanitize_title($slug, $term_id); - $wpdb->query("UPDATE $wpdb->terms SET slug = '$slug' WHERE term_id = '$term_id'"); + $wpdb->update( $wpdb->terms, compact( 'slug' ), compact( 'term_id' ) ); } - $tt_id = $wpdb->get_var("SELECT tt.term_taxonomy_id FROM $wpdb->term_taxonomy AS tt INNER JOIN $wpdb->terms AS t ON tt.term_id = t.term_id WHERE tt.taxonomy = '$taxonomy' AND t.term_id = $term_id"); + $tt_id = $wpdb->get_var( $wpdb->prepare( "SELECT tt.term_taxonomy_id FROM $wpdb->term_taxonomy AS tt INNER JOIN $wpdb->terms AS t ON tt.term_id = t.term_id WHERE tt.taxonomy = %s AND t.term_id = %d", $taxonomy, $term_id ) ); - if ( !empty($tt_id) ) { - $term_id = apply_filters('term_id_filter', $term_id, $tt_id); + if ( !empty($tt_id) ) return array('term_id' => $term_id, 'term_taxonomy_id' => $tt_id); - } - $wpdb->query("INSERT INTO $wpdb->term_taxonomy (term_id, taxonomy, description, parent, count) VALUES ('$term_id', '$taxonomy', '$description', '$parent', '0')"); + $wpdb->insert( $wpdb->term_taxonomy, compact( 'term_id', 'taxonomy', 'description', 'parent') + array( 'count' => 0 ) ); $tt_id = (int) $wpdb->insert_id; do_action("create_term", $term_id, $tt_id); do_action("create_$taxonomy", $term_id, $tt_id); - clean_term_cache($term_id, $taxonomy); - $term_id = apply_filters('term_id_filter', $term_id, $tt_id); - clean_term_cache($term_id, $taxonomy); // Clean again if ID changed + clean_term_cache($term_id, $taxonomy); do_action("created_term", $term_id, $tt_id); do_action("created_$taxonomy", $term_id, $tt_id); @@ -983,16 +1090,21 @@ function wp_insert_term( $term, $taxonomy, $args = array() ) { } /** - * wp_set_object_terms() - + * wp_set_object_terms() - {@internal Missing Short Description}} * * Relates an object (post, link etc) to a term and taxonomy type. Creates the term and taxonomy * relationship if it doesn't already exist. Creates a term if it doesn't exist (using the slug). * - * @global $wpdb Database Object + * @package WordPress + * @subpackage Taxonomy + * @since 2.3 + * @uses $wpdb + * * @param int $object_id The object to relate to. * @param array|int|string $term The slug or id of the term. * @param array|string $taxonomy The context in which to relate the term to the object. * @param bool $append If false will delete difference of terms. + * @return array|WP_Error Affected Term IDs */ function wp_set_object_terms($object_id, $terms, $taxonomy, $append = false) { global $wpdb; @@ -1014,13 +1126,15 @@ function wp_set_object_terms($object_id, $terms, $taxonomy, $append = false) { foreach ($terms as $term) { if ( !$id = is_term($term, $taxonomy) ) $id = wp_insert_term($term, $taxonomy); + if ( is_wp_error($id) ) + return $id; $term_ids[] = $id['term_id']; $id = $id['term_taxonomy_id']; $tt_ids[] = $id; - if ( $wpdb->get_var("SELECT term_taxonomy_id FROM $wpdb->term_relationships WHERE object_id = '$object_id' AND term_taxonomy_id = '$id'") ) + if ( $wpdb->get_var( $wpdb->prepare( "SELECT term_taxonomy_id FROM $wpdb->term_relationships WHERE object_id = %d AND term_taxonomy_id = %d", $object_id, $id ) ) ) continue; - $wpdb->query("INSERT INTO $wpdb->term_relationships (object_id, term_taxonomy_id) VALUES ('$object_id', '$id')"); + $wpdb->insert( $wpdb->term_relationships, array( 'object_id' => $object_id, 'term_taxonomy_id' => $id ) ); } wp_update_term_count($tt_ids, $taxonomy); @@ -1037,6 +1151,30 @@ function wp_set_object_terms($object_id, $terms, $taxonomy, $append = false) { return $tt_ids; } +/** + * wp_unique_term_slug() - Will make slug unique, if it isn't already + * + * The $slug has to be unique global to every taxonomy, meaning that one taxonomy + * term can't have a matching slug with another taxonomy term. Each slug has to be + * globally unique for every taxonomy. + * + * The way this works is that if the taxonomy that the term belongs to is heirarchical + * and has a parent, it will append that parent to the $slug. + * + * If that still doesn't return an unique slug, then it try to append a number until + * it finds a number that is truely unique. + * + * The only purpose for $term is for appending a parent, if one exists. + * + * @package WordPress + * @subpackage Taxonomy + * @since 2.3 + * @uses $wpdb + * + * @param string $slug The string that will be tried for a unique slug + * @param object $term The term object that the $slug will belong too + * @return string Will return a true unique slug. + */ function wp_unique_term_slug($slug, $term) { global $wpdb; @@ -1056,12 +1194,12 @@ function wp_unique_term_slug($slug, $term) { } // If we didn't get a unique slug, try appending a number to make it unique. - if ( $wpdb->get_var("SELECT slug FROM $wpdb->terms WHERE slug = '$slug'") ) { + if ( $wpdb->get_var( $wpdb->prepare( "SELECT slug FROM $wpdb->terms WHERE slug = %s", $slug ) ) ) { $num = 2; do { $alt_slug = $slug . "-$num"; $num++; - $slug_check = $wpdb->get_var("SELECT slug FROM $wpdb->terms WHERE slug = '$alt_slug'"); + $slug_check = $wpdb->get_var( $wpdb->prepare( "SELECT slug FROM $wpdb->terms WHERE slug = %s", $alt_slug ) ); } while ( $slug_check ); $slug = $alt_slug; } @@ -1069,6 +1207,21 @@ function wp_unique_term_slug($slug, $term) { return $slug; } +/** + * wp_update_term() - {@internal Missing Short Description}} + * + * {@internal Missing Long Description}} + * + * @package WordPress + * @subpackage Taxonomy + * @since 2.3 + * @uses $wpdb + * + * @param int $term The ID of the term + * @param string $taxonomy The context in which to relate the term to the object. + * @param array|string $args Overwrite defaults + * @return array Returns Term ID and Taxonomy Term ID + */ function wp_update_term( $term, $taxonomy, $args = array() ) { global $wpdb; @@ -1098,19 +1251,19 @@ function wp_update_term( $term, $taxonomy, $args = array() ) { } if ( $alias_of ) { - $alias = $wpdb->fetch_row("SELECT term_id, term_group FROM $wpdb->terms WHERE slug = '$alias_of'"); + $alias = $wpdb->get_row( $wpdb->prepare( "SELECT term_id, term_group FROM $wpdb->terms WHERE slug = %s", $alias_of) ); if ( $alias->term_group ) { // The alias we want is already in a group, so let's use that one. $term_group = $alias->term_group; } else { // The alias isn't in a group, so let's create a new one and firstly add the alias term to it. - $term_group = $wpdb->get_var("SELECT MAX(term_group) FROM $wpdb->terms GROUP BY term_group") + 1; - $wpdb->query("UPDATE $wpdb->terms SET term_group = $term_group WHERE term_id = $alias->term_id"); + $term_group = $wpdb->get_var("SELECT MAX(term_group) FROM $wpdb->terms") + 1; + $wpdb->update( $wpdb->terms, compact('term_group'), array( 'term_id' => $alias->term_id ) ); } } // Check for duplicate slug - $id = $wpdb->get_var("SELECT term_id FROM $wpdb->terms WHERE slug = '$slug'"); + $id = $wpdb->get_var( $wpdb->prepare( "SELECT term_id FROM $wpdb->terms WHERE slug = %s", $slug ) ); if ( $id && ($id != $term_id) ) { // If an empty slug was passed, reset the slug to something unique. // Otherwise, bail. @@ -1120,22 +1273,20 @@ function wp_update_term( $term, $taxonomy, $args = array() ) { return new WP_Error('duplicate_term_slug', sprintf(__('The slug "%s" is already in use by another term'), $slug)); } - $wpdb->query("UPDATE $wpdb->terms SET name = '$name', slug = '$slug', term_group = '$term_group' WHERE term_id = '$term_id'"); + $wpdb->update($wpdb->terms, compact( 'name', 'slug', 'term_group' ), compact( 'term_id' ) ); if ( empty($slug) ) { $slug = sanitize_title($name, $term_id); - $wpdb->query("UPDATE $wpdb->terms SET slug = '$slug' WHERE term_id = '$term_id'"); + $wpdb->update( $wpdb->terms, compact( 'slug' ), compact( 'term_id' ) ); } - $tt_id = $wpdb->get_var("SELECT tt.term_taxonomy_id FROM $wpdb->term_taxonomy AS tt INNER JOIN $wpdb->terms AS t ON tt.term_id = t.term_id WHERE tt.taxonomy = '$taxonomy' AND t.term_id = $term_id"); + $tt_id = $wpdb->get_var( $wpdb->prepare( "SELECT tt.term_taxonomy_id FROM $wpdb->term_taxonomy AS tt INNER JOIN $wpdb->terms AS t ON tt.term_id = t.term_id WHERE tt.taxonomy = %s AND t.term_id = %d", $taxonomy, $term_id) ); - $wpdb->query("UPDATE $wpdb->term_taxonomy SET term_id = '$term_id', taxonomy = '$taxonomy', description = '$description', parent = '$parent' WHERE term_taxonomy_id = '$tt_id'"); + $wpdb->update( $wpdb->term_taxonomy, compact( 'term_id', 'taxonomy', 'description', 'parent' ), array( 'term_taxonomy_id' => $tt_id ) ); do_action("edit_term", $term_id, $tt_id); do_action("edit_$taxonomy", $term_id, $tt_id); - clean_term_cache($term_id, $taxonomy); - $term_id = apply_filters('term_id_filter', $term_id, $tt_id); clean_term_cache($term_id, $taxonomy); @@ -1146,6 +1297,23 @@ function wp_update_term( $term, $taxonomy, $args = array() ) { return array('term_id' => $term_id, 'term_taxonomy_id' => $tt_id); } +/** + * wp_update_term_count() - Updates the amount of terms in taxonomy + * + * If there is a taxonomy callback applyed, then it will be called for updating the count. + * + * The default action is to count what the amount of terms have the relationship of term ID. + * Once that is done, then update the database. + * + * @package WordPress + * @subpackage Taxonomy + * @since 2.3 + * @uses $wpdb + * + * @param int|array $terms The ID of the terms + * @param string $taxonomy The context of the term. + * @return bool If no terms will return false, and if successful will return true. + */ function wp_update_term_count( $terms, $taxonomy ) { global $wpdb; @@ -1163,8 +1331,8 @@ function wp_update_term_count( $terms, $taxonomy ) { } else { // Default count updater foreach ($terms as $term) { - $count = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->term_relationships WHERE term_taxonomy_id = '$term'"); - $wpdb->query("UPDATE $wpdb->term_taxonomy SET count = '$count' WHERE term_taxonomy_id = '$term'"); + $count = $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM $wpdb->term_relationships WHERE term_taxonomy_id = %d", $term) ); + $wpdb->update( $wpdb->term_taxonomy, compact( 'count' ), array( 'term_taxonomy_id' => $term ) ); } } @@ -1178,24 +1346,43 @@ function wp_update_term_count( $terms, $taxonomy ) { // Cache // +/** + * clean_object_term_cache() - {@internal Missing Short Description}} + * + * {@internal Missing Long Description}} + * + * @package WordPress + * @subpackage Taxonomy + * @since 2.3 + * + * @see get_object_taxonomies() for more on $object_type + * + * @param int|array $object_ids {@internal Missing Description}} + * @param string $object_type {@internal Missing Description}} + */ function clean_object_term_cache($object_ids, $object_type) { - global $object_term_cache, $blog_id; - if ( !is_array($object_ids) ) $object_ids = array($object_ids); - $taxonomies = get_object_taxonomies($object_type); - - foreach ( $object_ids as $id ) { - foreach ( $taxonomies as $taxonomy ) { - if ( isset($object_term_cache[$blog_id][$id][$taxonomy]) ) - unset($object_term_cache[$blog_id][$id][$taxonomy]); - } - } + foreach ( $object_ids as $id ) + wp_cache_delete($id, 'object_terms'); do_action('clean_object_term_cache', $object_ids, $object_type); } +/** + * clean_term_cache() - {@internal Missing Short Description}} + * + * {@internal Missing Long Description}} + * + * @package WordPress + * @subpackage Taxonomy + * @since 2.3 + * @uses $wpdb + * + * @param int|array $ids {@internal Missing Description}} + * @param string $taxonomy Can be empty and will assume tt_ids, else will use for context. + */ function clean_term_cache($ids, $taxonomy = '') { global $wpdb; @@ -1221,7 +1408,6 @@ function clean_term_cache($ids, $taxonomy = '') { foreach ( $taxonomies as $taxonomy ) { wp_cache_delete('all_ids', $taxonomy); - wp_cache_delete("all_{$taxonomy}_ids", $taxonomy); wp_cache_delete('get', $taxonomy); delete_option("{$taxonomy}_children"); } @@ -1231,20 +1417,47 @@ function clean_term_cache($ids, $taxonomy = '') { do_action('clean_term_cache', $ids, $taxonomy); } +/** + * get_object_term_cache() - {@internal Missing Short Description}} + * + * {@internal Missing Long Description}} + * + * @package WordPress + * @subpackage Taxonomy + * @since 2.3 + * + * @param int|array $ids {@internal Missing Description}} + * @param string $taxonomy {@internal Missing Description}} + * @return bool|array Empty array if $terms found, but not $taxonomy. False if nothing is in cache for $taxonomy and $id. + */ function &get_object_term_cache($id, $taxonomy) { - global $object_term_cache, $blog_id; - - if ( isset($object_term_cache[$blog_id][$id][$taxonomy]) ) - return $object_term_cache[$blog_id][$id][$taxonomy]; - - if ( isset($object_term_cache[$blog_id][$id]) ) - return array(); + $terms = wp_cache_get($id, 'object_terms'); + if ( false !== $terms ) { + if ( isset($terms[$taxonomy]) ) + return $terms[$taxonomy]; + else + return array(); + } return false; } +/** + * get_object_term_cache() - {@internal Missing Short Description}} + * + * {@internal Missing Long Description}} + * + * @package WordPress + * @subpackage Taxonomy + * @since 2.3 + * @uses $wpdb + * + * @param string|array $object_ids {@internal Missing Description}} + * @param string $object_type {@internal Missing Description}} + * @return null|array Null value is given with empty $object_ids. + */ function update_object_term_cache($object_ids, $object_type) { - global $wpdb, $object_term_cache, $blog_id; + global $wpdb; if ( empty($object_ids) ) return; @@ -1252,32 +1465,42 @@ function update_object_term_cache($object_ids, $object_type) { if ( !is_array($object_ids) ) $object_ids = explode(',', $object_ids); - $count = count( $object_ids); - for ( $i = 0; $i < $count; $i++ ) { - $object_id = (int) $object_ids[ $i ]; - if ( isset( $object_term_cache[$blog_id][$object_id] ) ) { - unset( $object_ids[ $i ] ); - continue; - } - } + $object_ids = array_map('intval', $object_ids); - if ( count( $object_ids ) == 0 ) - return; + $ids = array(); + foreach ( (array) $object_ids as $id ) { + if ( false === wp_cache_get($id, 'object_terms') ) + $ids[] = $id; + } - $terms = wp_get_object_terms($object_ids, get_object_taxonomies($object_type), 'fields=all_with_object_id'); + if ( empty( $ids ) ) + return false; - if ( empty($terms) ) - return; + $terms = wp_get_object_terms($ids, get_object_taxonomies($object_type), 'fields=all_with_object_id'); - foreach ( $terms as $term ) - $object_term_cache[$blog_id][$term->object_id][$term->taxonomy][$term->term_id] = $term; + $object_terms = array(); + foreach ( (array) $terms as $term ) + $object_terms[$term->object_id][$term->taxonomy][$term->term_id] = $term; - foreach ( $object_ids as $id ) { - if ( ! isset($object_term_cache[$blog_id][$id]) ) - $object_term_cache[$blog_id][$id] = array(); + foreach ( $ids as $id ) { + if ( ! isset($object_terms[$id]) ) + $object_terms[$id] = array(); } + + foreach ( $object_terms as $id => $value ) + wp_cache_set($id, $value, 'object_terms'); } +/** + * update_term_cache() - Updates Terms to Taxonomy in cache. + * + * @package WordPress + * @subpackage Taxonomy + * @since 2.3 + * + * @param array $terms List of Term objects to change + * @param string $taxonomy Optional. Update Term to this taxonomy in cache + */ function update_term_cache($terms, $taxonomy = '') { foreach ( $terms as $term ) { $term_taxonomy = $taxonomy; @@ -1292,6 +1515,19 @@ function update_term_cache($terms, $taxonomy = '') { // Private // +/** + * _get_term_hierarchy() - Retrieves children of taxonomy + * + * {@internal Missing Long Description}} + * + * @package WordPress + * @subpackage Taxonomy + * @access private + * @since 2.3 + * + * @param string $taxonomy {@internal Missing Description}} + * @return array Empty if $taxonomy isn't hierarachical or returns children. + */ function _get_term_hierarchy($taxonomy) { if ( !is_taxonomy_hierarchical($taxonomy) ) return array(); @@ -1310,6 +1546,22 @@ function _get_term_hierarchy($taxonomy) { return $children; } +/** + * _get_term_children() - Get array of child terms + * + * If $terms is an array of objects, then objects will returned from the function. + * If $terms is an array of IDs, then an array of ids of children will be returned. + * + * @package WordPress + * @subpackage Taxonomy + * @access private + * @since 2.3 + * + * @param int $term_id Look for this Term ID in $terms + * @param array $terms List of Term IDs + * @param string $taxonomy Term Context + * @return array Empty if $terms is empty else returns full list of child terms. + */ function &_get_term_children($term_id, $terms, $taxonomy) { if ( empty($terms) ) return array(); @@ -1349,8 +1601,22 @@ function &_get_term_children($term_id, $terms, $taxonomy) { return $term_list; } -// Recalculates term counts by including items from child terms -// Assumes all relevant children are already in the $terms argument +/** + * _pad_term_counts() - Add count of children to parent count + * + * Recalculates term counts by including items from child terms. + * Assumes all relevant children are already in the $terms argument + * + * @package WordPress + * @subpackage Taxonomy + * @access private + * @since 2.3 + * @uses $wpdb + * + * @param array $terms List of Term IDs + * @param string $taxonomy Term Context + * @return null Will break from function if conditions are not met. + */ function _pad_term_counts(&$terms, $taxonomy) { global $wpdb; @@ -1398,12 +1664,25 @@ function _pad_term_counts(&$terms, $taxonomy) { // Default callbacks // +/** + * _update_post_term_count() - Will update term count based on posts + * + * Private function for the default callback for post_tag and category taxonomies. + * + * @package WordPress + * @subpackage Taxonomy + * @access private + * @since 2.3 + * @uses $wpdb + * + * @param array $terms List of Term IDs + */ function _update_post_term_count( $terms ) { global $wpdb; foreach ( $terms as $term ) { - $count = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->term_relationships, $wpdb->posts WHERE $wpdb->posts.ID = $wpdb->term_relationships.object_id AND post_status = 'publish' AND post_type = 'post' AND term_taxonomy_id = '$term'"); - $wpdb->query("UPDATE $wpdb->term_taxonomy SET count = '$count' WHERE term_taxonomy_id = '$term'"); + $count = $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM $wpdb->term_relationships, $wpdb->posts WHERE $wpdb->posts.ID = $wpdb->term_relationships.object_id AND post_status = 'publish' AND post_type = 'post' AND term_taxonomy_id = %d", $term ) ); + $wpdb->update( $wpdb->term_taxonomy, compact( 'count' ), array( 'term_taxonomy_id' => $term ) ); } } diff --git a/wp-includes/user.php b/wp-includes/user.php index 1990a39..d7aa7bd 100644 --- a/wp-includes/user.php +++ b/wp-includes/user.php @@ -15,12 +15,8 @@ function get_usernumposts($userid) { // TODO: xmlrpc only. Maybe move to xmlrpc.php. function user_pass_ok($user_login,$user_pass) { - global $cache_userdata; - if ( empty($cache_userdata[$user_login]) ) { - $userdata = get_userdatabylogin($user_login); - } else { - $userdata = $cache_userdata[$user_login]; - } + $userdata = get_userdatabylogin($user_login); + return (md5($user_pass) == $userdata->user_pass); } diff --git a/wp-includes/version.php b/wp-includes/version.php index 55433b7..9c0713d 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -3,7 +3,7 @@ // This holds the version number in a separate file so we can bump it without cluttering the SVN $wp_version = '2.3'; -$wpmu_version = '1.3rc2'; +$wpmu_version = '1.3'; $wp_db_version = 6124; ?> diff --git a/wp-includes/widgets.php b/wp-includes/widgets.php index 7bd6fbd..c9f2404 100644 --- a/wp-includes/widgets.php +++ b/wp-includes/widgets.php @@ -18,9 +18,7 @@ function register_sidebars($number = 1, $args = array()) { if ( is_string($args) ) parse_str($args, $args); - $i = 1; - - while ( $i <= $number ) { + for ( $i=1; $i <= $number; $i++ ) { $_args = $args; if ( $number > 1 ) { $_args['name'] = isset($args['name']) ? $args['name'] : sprintf(__('Sidebar %d'), $i); @@ -29,7 +27,6 @@ function register_sidebars($number = 1, $args = array()) { } $_args['id'] = isset($args['id']) ? $args['id'] : "sidebar-$i"; register_sidebar($_args); - ++$i; } } @@ -630,7 +627,7 @@ function wp_widget_categories($args, $number = 1) { wp_dropdown_categories($cat_args . '&show_option_none= ' . __('Select Category')); ?> -<script lang='javascript'><!-- +<script type='text/javascript'><!-- var dropdown = document.getElementById("cat"); function onCatChange() { if ( dropdown.options[dropdown.selectedIndex].value > 0 ) { @@ -786,7 +783,7 @@ function wp_widget_categories_register() { } $dims = array( 'width' => 350, 'height' => 170 ); - $class = array( 'classname' => 'widget_catgories' ); + $class = array( 'classname' => 'widget_categories' ); for ( $i = 1; $i <= 9; $i++ ) { $name = sprintf( __( 'Categories %d' ), $i ); @@ -1001,7 +998,7 @@ function wp_widget_rss_control($number) { $options = $newoptions = get_option('widget_rss'); if ( $_POST["rss-submit-$number"] ) { $newoptions[$number]['items'] = (int) $_POST["rss-items-$number"]; - $url = clean_url(strip_tags(stripslashes($_POST["rss-url-$number"]))); + $url = sanitize_url(strip_tags(stripslashes($_POST["rss-url-$number"]))); $newoptions[$number]['title'] = trim(strip_tags(stripslashes($_POST["rss-title-$number"]))); if ( $url !== $options[$number]['url'] ) { require_once(ABSPATH . WPINC . '/rss.php'); diff --git a/wp-includes/wlwmanifest.xml b/wp-includes/wlwmanifest.xml new file mode 100644 index 0000000..2be48d5 --- /dev/null +++ b/wp-includes/wlwmanifest.xml @@ -0,0 +1,43 @@ +<?xml version="1.0" encoding="utf-8" ?> + +<manifest xmlns="http://schemas.microsoft.com/wlw/manifest/weblog"> + + <options> + <clientType>WordPress</clientType> + <supportsKeywords>Yes</supportsKeywords> + </options> + + <weblog> + <serviceName>WordPress</serviceName> + <imageUrl>images/wlw/wp-icon.png</imageUrl> + <watermarkImageUrl>images/wlw/wp-watermark.png</watermarkImageUrl> + <homepageLinkText>View site</homepageLinkText> + <adminLinkText>Dashboard</adminLinkText> + <adminUrl> + <![CDATA[ + {blog-postapi-url}/../wp-admin/ + ]]> + </adminUrl> + <postEditingUrl> + <![CDATA[ + {blog-postapi-url}/../wp-admin/post.php?action=edit&post={post-id} + ]]> + </postEditingUrl> + </weblog> + + <buttons> + <button> + <id>0</id> + <text>Manage Comments</text> + <imageUrl>images/wlw/wp-comments.png</imageUrl> + <clickUrl> + <![CDATA[ + {blog-postapi-url}/../wp-admin/edit-comments.php + ]]> + </clickUrl> + </button> + + </buttons> + +</manifest> + diff --git a/wp-includes/wp-db.php b/wp-includes/wp-db.php index 88840fe..9c11646 100644 --- a/wp-includes/wp-db.php +++ b/wp-includes/wp-db.php @@ -322,6 +322,39 @@ class wpdb { } /** + * Insert an array of data into a table + * @param string $table WARNING: not sanitized! + * @param array $data should not already be SQL-escaped + * @return mixed results of $this->query() + */ + function insert($table, $data) { + $data = add_magic_quotes($data); + $fields = array_keys($data); + return $this->query("INSERT INTO $table (`" . implode('`,`',$fields) . "`) VALUES ('".implode("','",$data)."')"); + } + + /** + * Update a row in the table with an array of data + * @param string $table WARNING: not sanitized! + * @param array $data should not already be SQL-escaped + * @param array $where a named array of WHERE column => value relationships. Multiple member pairs will be joined with ANDs. WARNING: the column names are not currently sanitized! + * @return mixed results of $this->query() + */ + function update($table, $data, $where){ + $data = add_magic_quotes($data); + $bits = $wheres = array(); + foreach ( array_keys($data) as $k ) + $bits[] = "`$k` = '$data[$k]'"; + + if ( is_array( $where ) ) + foreach ( $where as $c => $v ) + $wheres[] = "$c = '" . $this->escape( $v ) . "'"; + else + return false; + return $this->query( "UPDATE $table SET " . implode( ', ', $bits ) . ' WHERE ' . implode( ' AND ', $wheres ) . ' LIMIT 1' ); + } + + /** * Get one variable from the database * @param string $query (can be null as well, for caching, see codex) * @param int $x = 0 row num to return @@ -472,65 +505,28 @@ class wpdb { function bail($message) { // Just wraps errors in a nice header and footer if ( !$this->show_errors ) return false; - - header('Content-Type: text/html; charset=utf-8'); - - if (strpos($_SERVER['PHP_SELF'], 'wp-admin') !== false) - $admin_dir = ''; - else - $admin_dir = 'wp-admin/'; - -?> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml"> -<head> - <title>WordPress › Error</title> - <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> - <style media="screen" type="text/css"> - <!-- - html { - background: #eee; - } - body { - background: #fff; - color: #000; - font-family: Georgia, "Times New Roman", Times, serif; - margin-left: 25%; - margin-right: 25%; - padding: .2em 2em; - } - - h1 { - color: #006; - font-size: 18px; - font-weight: lighter; + wp_die($message); } - - h2 { - font-size: 16px; - } - - p, li, dt { - line-height: 140%; - padding-bottom: 2px; + /** + * Checks wether of not the database version is high enough to support the features WordPress uses + * @global $wp_version + */ + function check_database_version() + { + global $wp_version; + // Make sure the server has MySQL 4.0 + $mysql_version = preg_replace('|[^0-9\.]|', '', @mysql_get_server_info()); + if ( version_compare($mysql_version, '4.0.0', '<') ) + return new WP_Error('database_version',sprintf(__('<strong>ERROR</strong>: WordPress %s requires MySQL 4.0.0 or higher'), $wp_version)); } - ul, ol { - padding: 5px 5px 5px 20px; - } - #logo { - margin-bottom: 2em; - } - --> - </style> -</head> -<body> - <h1 id="logo"><img alt="WordPress" src="<?php echo $admin_dir; ?>images/wordpress-logo.png" /></h1> - <p><?php echo $message; ?></p> -</body> -</html> -<?php - die(); + /** + * This function is called when WordPress is generating the table schema to determine wether or not the current database + * supports or needs the collation statements. + */ + function supports_collation() + { + return ( version_compare(mysql_get_server_info(), '4.1.0', '>=') ); } } |
