diff options
49 files changed, 337 insertions, 164 deletions
diff --git a/wp-admin/admin-functions.php b/wp-admin/admin-functions.php index 49fe06e..29c8b1b 100644 --- a/wp-admin/admin-functions.php +++ b/wp-admin/admin-functions.php @@ -6,10 +6,10 @@ function write_post() { if ( 'page' == $_POST['post_type'] ) { if ( !current_user_can('edit_pages') ) - die(__('You are not allowed to create pages on this blog.')); + wp_die(__('You are not allowed to create pages on this blog.')); } else { if ( !current_user_can('edit_posts') ) - die(__('You are not allowed to create posts or drafts on this blog.')); + wp_die(__('You are not allowed to create posts or drafts on this blog.')); } // Rename. @@ -32,10 +32,10 @@ function write_post() { if ($_POST['post_author'] != $_POST['user_ID']) { if ( 'page' == $_POST['post_type'] ) { if ( !current_user_can('edit_others_pages') ) - die(__('You cannot create pages as this user.')); + wp_die(__('You cannot create pages as this user.')); } else { if ( !current_user_can('edit_others_posts') ) - die(__('You cannot post as this user.')); + wp_die(__('You cannot post as this user.')); } } @@ -151,10 +151,10 @@ function edit_post() { if ( 'page' == $_POST['post_type'] ) { if ( !current_user_can('edit_page', $post_ID) ) - die(__('You are not allowed to edit this page.')); + wp_die(__('You are not allowed to edit this page.')); } else { if ( !current_user_can('edit_post', $post_ID) ) - die(__('You are not allowed to edit this post.')); + wp_die(__('You are not allowed to edit this post.')); } // Rename. @@ -176,10 +176,10 @@ function edit_post() { if ($_POST['post_author'] != $_POST['user_ID']) { if ( 'page' == $_POST['post_type'] ) { if ( !current_user_can('edit_others_pages') ) - die(__('You cannot edit pages as this user.')); + wp_die(__('You cannot edit pages as this user.')); } else { if ( !current_user_can('edit_others_posts') ) - die(__('You cannot edit posts as this user.')); + wp_die(__('You cannot edit posts as this user.')); } } @@ -251,7 +251,7 @@ function edit_comment() { $comment_post_ID = (int) $_POST['comment_post_ID']; if (!current_user_can('edit_post', $comment_post_ID)) - die(__('You are not allowed to edit comments on this post, so you cannot edit this comment.')); + wp_die(__('You are not allowed to edit comments on this post, so you cannot edit this comment.')); $_POST['comment_author'] = $_POST['newcomment_author']; $_POST['comment_author_email'] = $_POST['newcomment_author_email']; @@ -530,7 +530,7 @@ function add_link() { function edit_link($link_id = '') { if (!current_user_can('manage_links')) - die(__("Cheatin' uh ?")); + wp_die(__("Cheatin' uh ?")); $_POST['link_url'] = wp_specialchars($_POST['link_url']); $_POST['link_url'] = preg_match('/^(https?|ftps?|mailto|news|gopher):/is', $_POST['link_url']) ? $_POST['link_url'] : 'http://' . $_POST['link_url']; @@ -642,6 +642,50 @@ function dropdown_categories($default = 0) { write_nested_categories(get_nested_categories($default)); } +function return_link_categories_list($parent = 0) { + global $wpdb; + return $wpdb->get_col("SELECT cat_ID FROM $wpdb->categories WHERE category_parent = $parent AND link_count > 0"); +} + +function get_nested_link_categories( $default = 0, $parent = 0 ) { + global $post_ID, $link_id, $mode, $wpdb; + + if ($link_id) { + $checked_categories = $wpdb->get_col(" + SELECT category_id + FROM $wpdb->categories, $wpdb->link2cat + WHERE $wpdb->link2cat.category_id = cat_ID AND $wpdb->link2cat.link_id = '$link_id' + "); + + if (count($checked_categories) == 0) { + // No selected categories, strange + $checked_categories[] = $default; + } + } else { + $checked_categories[] = $default; + } + + $cats = return_link_categories_list($parent); + $result = array (); + + if (is_array($cats)) { + foreach ($cats as $cat) { + $result[$cat]['children'] = get_nested_link_categories($default, $cat); + $result[$cat]['cat_ID'] = $cat; + $result[$cat]['checked'] = in_array($cat, $checked_categories); + $result[$cat]['cat_name'] = get_the_category_by_ID($cat); + } + } + + usort($result, 'sort_cats'); + + return $result; +} + +function dropdown_link_categories($default = 0) { + write_nested_categories(get_nested_link_categories($default)); +} + // Dandy new recursive multiple category stuff. function cat_rows($parent = 0, $level = 0, $categories = 0) { global $wpdb, $class; @@ -783,11 +827,6 @@ function wp_dropdown_cats($currentcat = 0, $currentparent = 0, $parent = 0, $lev } } -function return_link_categories_list($parent = 0) { - global $wpdb; - return $wpdb->get_col("SELECT cat_ID FROM $wpdb->categories WHERE category_parent = $parent ORDER BY link_count DESC"); -} - function wp_create_thumbnail($file, $max_side, $effect = '') { // 1 = GIF, 2 = JPEG, 3 = PNG @@ -1534,13 +1573,13 @@ function validate_file_to_edit($file, $allowed_files = '') { switch ($code) { case 1 : - die(__('Sorry, can’t edit files with ".." in the name. If you are trying to edit a file in your WordPress home directory, you can just type the name of the file in.')); + wp_die(__('Sorry, can’t edit files with ".." in the name. If you are trying to edit a file in your WordPress home directory, you can just type the name of the file in.')); case 2 : - die(__('Sorry, can’t call files with their real path.')); + wp_die(__('Sorry, can’t call files with their real path.')); case 3 : - die(__('Sorry, that file cannot be edited.')); + wp_die(__('Sorry, that file cannot be edited.')); } } @@ -1857,7 +1896,7 @@ function wp_handle_upload(&$file, $overrides = false) { // Move the file to the uploads dir $new_file = $uploads['path'] . "/$filename"; if ( false === @ move_uploaded_file($file['tmp_name'], $new_file) ) - die(printf(__('The uploaded file could not be moved to %s.'), $file['path'])); + wp_die(printf(__('The uploaded file could not be moved to %s.'), $file['path'])); // Set correct file permissions $stat = stat(dirname($new_file)); @@ -1887,7 +1926,7 @@ function wp_import_cleanup($id) { function wp_import_upload_form($action) { ?> -<form enctype="multipart/form-data" id="import-upload-form" method="POST" action="<?php echo $action ?>"> +<form enctype="multipart/form-data" id="import-upload-form" method="post" action="<?php echo $action ?>"> <p> <label for="upload"><?php _e('Choose a file from your computer:'); ?></label> <input type="file" id="upload" name="import" size="25" /> <input type="hidden" name="action" value="save" /> diff --git a/wp-admin/admin-header.php b/wp-admin/admin-header.php index ee0c286..f8322b1 100644 --- a/wp-admin/admin-header.php +++ b/wp-admin/admin-header.php @@ -30,7 +30,7 @@ function addLoadEvent(func) {if ( typeof wpOnload!='function'){wpOnload=func;}el <div id="wphead"> <h1><?php echo wptexturize(get_settings(('blogname'))); ?> <span>(<a href="<?php echo get_settings('home') . '/'; ?>"><?php _e('View site »') ?></a>)</span></h1> </div> -<div id="user_info"><p><?php printf(__('Howdy, <strong>%s</strong>.'), $user_identity) ?> [<a href="<?php echo get_settings('siteurl'); ?>/wp-login.php?action=logout" title="<?php _e('Log out of this account') ?>"><?php _e('Sign Out'); ?></a>, <a href="profile.php"><?php _e('My Account'); ?></a>] </p></div> +<div id="user_info"><p><?php printf(__('Howdy, <strong>%s</strong>.'), $user_identity) ?> [<a href="<?php echo get_settings('siteurl'); ?>/wp-login.php?action=logout" title="<?php _e('Log out of this account') ?>"><?php _e('Sign Out'); ?></a>, <a href="profile.php"><?php _e('My Profile'); ?></a>] </p></div> <?php require(ABSPATH . '/wp-admin/menu-header.php'); diff --git a/wp-admin/admin.php b/wp-admin/admin.php index d1b98fb..b6e270c 100644 --- a/wp-admin/admin.php +++ b/wp-admin/admin.php @@ -54,11 +54,11 @@ if (isset($_GET['page'])) { do_action($page_hook); } else { if ( validate_file($plugin_page) ) { - die(__('Invalid plugin page')); + wp_die(__('Invalid plugin page')); } if (! file_exists(ABSPATH . "wp-content/plugins/$plugin_page") && ! file_exists(ABSPATH . "wp-content/mu-plugins/$plugin_page")) - die(sprintf(__('Cannot load %s.'), htmlentities($plugin_page))); + wp_die(sprintf(__('Cannot load %s.'), htmlentities($plugin_page))); if (! isset($_GET['noheader'])) require_once(ABSPATH . '/wp-admin/admin-header.php'); @@ -77,11 +77,11 @@ if (isset($_GET['page'])) { $importer = $_GET['import']; if ( validate_file($importer) ) { - die(__('Invalid importer.')); + wp_die(__('Invalid importer.')); } if (! file_exists(ABSPATH . "wp-admin/import/$importer.php")) - die(__('Cannot load importer.')); + wp_die(__('Cannot load importer.')); include(ABSPATH . "wp-admin/import/$importer.php"); diff --git a/wp-admin/categories.php b/wp-admin/categories.php index 4edcda5..cdfae6c 100644 --- a/wp-admin/categories.php +++ b/wp-admin/categories.php @@ -31,10 +31,10 @@ case 'delete': // Don't delete the default cats. if ( $cat_ID == get_option('default_category') ) - die(sprintf(__("Can't delete the <strong>%s</strong> category: this is the default one"), $cat_name)); + wp_die(sprintf(__("Can't delete the <strong>%s</strong> category: this is the default one"), $cat_name)); if ( $cat_ID == get_option('default_link_category') ) - die(sprintf(__("Can't delete the <strong>%s</strong> category: this is the default one for bookmarks"), $cat_name)); + wp_die(sprintf(__("Can't delete the <strong>%s</strong> category: this is the default one for bookmarks"), $cat_name)); wp_delete_category($cat_ID); diff --git a/wp-admin/comment.php b/wp-admin/comment.php index bc6f510..95bee96 100644 --- a/wp-admin/comment.php +++ b/wp-admin/comment.php @@ -19,10 +19,10 @@ case 'editcomment': $comment = (int) $_GET['comment']; if ( ! $comment = get_comment($comment) ) - die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'javascript:history.go(-1)')); + wp_die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'javascript:history.go(-1)')); if ( !current_user_can('edit_post', $comment->comment_post_ID) ) - die( __('You are not allowed to edit comments on this post.') ); + wp_die( __('You are not allowed to edit comments on this post.') ); $comment = get_comment_to_edit($comment); @@ -42,10 +42,10 @@ case 'mailapprovecomment': $nonce_action .= $comment; if ( ! $comment = get_comment($comment) ) - die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php')); + wp_die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php')); if ( !current_user_can('edit_post', $comment->comment_post_ID) ) - die( 'confirmdeletecomment' == $action ? __('You are not allowed to delete comments on this post.') : __('You are not allowed to edit comments on this post, so you cannot approve this comment.') ); + wp_die( 'confirmdeletecomment' == $action ? __('You are not allowed to delete comments on this post.') : __('You are not allowed to edit comments on this post, so you cannot approve this comment.') ); echo "<div class='wrap'>\n"; if ( 'spam' == $_GET['delete_type'] ) @@ -90,13 +90,13 @@ case 'deletecomment': } $postdata = get_post($p) or - die(sprintf(__('Oops, no post with this ID. <a href="%s">Go back</a>!'), 'edit.php')); + wp_die(sprintf(__('Oops, no post with this ID. <a href="%s">Go back</a>!'), 'edit.php')); if ( ! $comment = get_comment($comment) ) - die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit-comments.php')); + wp_die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit-comments.php')); if ( !current_user_can('edit_post', $comment->comment_post_ID) ) - die( __('You are not allowed to edit comments on this post.') ); + wp_die( __('You are not allowed to edit comments on this post.') ); if ( 'spam' == $_REQUEST['delete_type'] ) wp_set_comment_status($comment->comment_ID, 'spam'); @@ -123,10 +123,10 @@ case 'unapprovecomment': } if ( ! $comment = get_comment($comment) ) - die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php')); + wp_die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php')); if ( !current_user_can('edit_post', $comment->comment_post_ID) ) - die( __('You are not allowed to edit comments on this post, so you cannot disapprove this comment.') ); + wp_die( __('You are not allowed to edit comments on this post, so you cannot disapprove this comment.') ); wp_set_comment_status($comment->comment_ID, "hold"); @@ -150,10 +150,10 @@ case 'approvecomment': } if ( ! $comment = get_comment($comment) ) - die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php')); + wp_die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php')); if ( !current_user_can('edit_post', $comment->comment_post_ID) ) - die( __('You are not allowed to edit comments on this post, so you cannot approve this comment.') ); + wp_die( __('You are not allowed to edit comments on this post, so you cannot approve this comment.') ); wp_set_comment_status($comment->comment_ID, "approve"); if (get_settings("comments_notify") == true) { diff --git a/wp-admin/edit-form-advanced.php b/wp-admin/edit-form-advanced.php index 5431ce2..71eb46b 100644 --- a/wp-admin/edit-form-advanced.php +++ b/wp-admin/edit-form-advanced.php @@ -94,7 +94,7 @@ addLoadEvent(focusit); </fieldset> <fieldset id="passworddiv" class="dbx-box"> -<h3 class="dbx-handle"><?php _e('Password-Protect Post') ?></h3> +<h3 class="dbx-handle"><?php _e('Post Password') ?></h3> <div class="dbx-content"><input name="post_password" type="text" size="13" id="post_password" value="<?php echo $post->post_password ?>" /></div> </fieldset> @@ -189,20 +189,32 @@ if (current_user_can('upload_files')) { <div id="advancedstuff" class="dbx-group" > +<div class="dbx-box-wrapper"> <fieldset id="postexcerpt" class="dbx-box"> +<div class="dbx-handle-wrapper"> <h3 class="dbx-handle"><?php _e('Optional Excerpt') ?></h3> +</div> +<div class="dbx-content-wrapper"> <div class="dbx-content"><textarea rows="1" cols="40" name="excerpt" tabindex="6" id="excerpt"><?php echo $post->post_excerpt ?></textarea></div> +</div> </fieldset> +</div> +<div class="dbx-box-wrapper"> <fieldset class="dbx-box"> +<div class="dbx-handle-wrapper"> <h3 class="dbx-handle"><?php _e('Trackbacks') ?></h3> +</div> +<div class="dbx-content-wrapper"> <div class="dbx-content"><?php _e('Send trackbacks to'); ?>: <?php echo $form_trackback; ?> (<?php _e('Separate multiple URIs with spaces'); ?>) <?php if ( ! empty($pings) ) echo $pings; ?> </div> +</div> </fieldset> +</div> <fieldset id="postcustom" class="dbx-box"> <h3 class="dbx-handle"><?php _e('Custom Fields') ?></h3> diff --git a/wp-admin/edit-link-form.php b/wp-admin/edit-link-form.php index 5534f1d..30002e6 100644 --- a/wp-admin/edit-link-form.php +++ b/wp-admin/edit-link-form.php @@ -1,12 +1,12 @@ <?php
if ( ! empty($link_id) ) {
- $heading = __('Edit Bookmark');
+ $heading = __('Edit Link');
$submit_text = __('Save Changes »');
$form = '<form name="editlink" id="editlink" method="post" action="link.php">';
$nonce_action = 'update-bookmark_' . $link_id;
} else {
- $heading = __('Create Bookmark');
- $submit_text = __('Add Bookmark »');
+ $heading = __('Add Link');
+ $submit_text = __('Add Link »');
$form = '<form name="addlink" id="addlink" method="post" action="link.php">';
$nonce_action = 'add-bookmark';
}
@@ -84,14 +84,14 @@ function xfn_check($class, $value = '', $type = 'check') { <table class="editform" width="100%" cellspacing="2" cellpadding="5">
<tr>
-<th width="20%" scope="row" valign="top"><label for="link_url"><?php _e('URI:') ?></label></th>
-<td width="80%"><input type="text" name="link_url" value="<?php echo $link->link_url; ?>" style="width: 95%" /></td>
-</tr>
-<tr>
<th scope="row" valign="top"><label for="link_name"><?php _e('Name:') ?></label></th>
<td><input type="text" name="link_name" value="<?php echo $link->link_name; ?>" style="width: 95%" /></td>
</tr>
<tr>
+<th width="20%" scope="row" valign="top"><label for="link_url"><?php _e('Address:') ?></label></th>
+<td width="80%"><input type="text" name="link_url" value="<?php echo $link->link_url; if ( empty( $link->link_url ) ) echo 'http://'; ?>" style="width: 95%" /></td>
+</tr>
+<tr>
<th scope="row" valign="top"><label for="link_description"><?php _e('Description:') ?></label></th>
<td><input type="text" name="link_description" value="<?php echo $link->link_description; ?>" style="width: 95%" /></td>
</tr>
@@ -130,7 +130,7 @@ function xfn_check($class, $value = '', $type = 'check') { <input class="valinp" type="radio" name="friendship" value="contact" id="contact" <?php xfn_check('friendship', 'contact', 'radio'); ?> /> <?php _e('contact') ?></label>
<label for="acquaintance">
<input class="valinp" type="radio" name="friendship" value="acquaintance" id="acquaintance" <?php xfn_check('friendship', 'acquaintance', 'radio'); ?> /> <?php _e('acquaintance') ?></label>
- <label id="friend">
+ <label for="friend">
<input class="valinp" type="radio" name="friendship" value="friend" id="friend" <?php xfn_check('friendship', 'friend', 'radio'); ?> /> <?php _e('friend') ?></label>
<label for="friendship">
<input name="friendship" type="radio" class="valinp" value="" id="friendship" <?php xfn_check('friendship', '', 'radio'); ?> /> <?php _e('none') ?></label>
@@ -221,11 +221,11 @@ function xfn_check($class, $value = '', $type = 'check') { <div class="dbx-content">
<table class="editform" width="100%" cellspacing="2" cellpadding="5">
<tr>
- <th width="20%" scope="row"><?php _e('Image URI:') ?></th>
+ <th width="20%" scope="row"><?php _e('Image Address:') ?></th>
<td width="80%"><input type="text" name="link_image" size="50" value="<?php echo $link->link_image; ?>" style="width: 95%" /></td>
</tr>
<tr>
- <th scope="row"><?php _e('RSS URI:') ?> </th>
+ <th scope="row"><?php _e('RSS Address:') ?> </th>
<td><input name="link_rss" type="text" id="rss_uri" value="<?php echo $link->link_rss; ?>" size="50" style="width: 95%" /></td>
</tr>
<tr>
diff --git a/wp-admin/edit-page-form.php b/wp-admin/edit-page-form.php index de6dd62..58cd669 100644 --- a/wp-admin/edit-page-form.php +++ b/wp-admin/edit-page-form.php @@ -37,12 +37,12 @@ if (isset($mode) && 'bookmarklet' == $mode) { <input type="hidden" name="post_type" value="page" /> <script type="text/javascript"> -<!-- +// <![CDATA[ function focusit() { // focus on first input field document.post.title.focus(); } addLoadEvent(focusit); -//--> +// ]]> </script> <div id="poststuff"> @@ -69,7 +69,7 @@ addLoadEvent(focusit); </fieldset> <fieldset id="passworddiv" class="dbx-box"> -<h3 class="dbx-handle"><?php _e('Password-Protect Page') ?></h3> +<h3 class="dbx-handle"><?php _e('Page Password') ?></h3> <div class="dbx-content"><input name="post_password" type="text" size="13" id="post_password" value="<?php echo $post->post_password ?>" /></div> </fieldset> @@ -83,7 +83,7 @@ addLoadEvent(focusit); </fieldset> <?php if ( 0 != count( get_page_templates() ) ) { ?> -<fieldset id="pageparent" class="dbx-box"> +<fieldset id="pagetemplate" class="dbx-box"> <h3 class="dbx-handle"><?php _e('Page Template:') ?></h3> <div class="dbx-content"><p><select name="page_template"> <option value='default'><?php _e('Default Template'); ?></option> diff --git a/wp-admin/images/box-bg-left.gif b/wp-admin/images/box-bg-left.gif Binary files differnew file mode 100644 index 0000000..c3c7e35 --- /dev/null +++ b/wp-admin/images/box-bg-left.gif diff --git a/wp-admin/images/box-bg-right.gif b/wp-admin/images/box-bg-right.gif Binary files differnew file mode 100644 index 0000000..12a0d1a --- /dev/null +++ b/wp-admin/images/box-bg-right.gif diff --git a/wp-admin/images/box-butt-left.gif b/wp-admin/images/box-butt-left.gif Binary files differnew file mode 100644 index 0000000..590c2ef --- /dev/null +++ b/wp-admin/images/box-butt-left.gif diff --git a/wp-admin/images/box-butt-right.gif b/wp-admin/images/box-butt-right.gif Binary files differnew file mode 100644 index 0000000..487ebb3 --- /dev/null +++ b/wp-admin/images/box-butt-right.gif diff --git a/wp-admin/images/box-head-left.gif b/wp-admin/images/box-head-left.gif Binary files differnew file mode 100644 index 0000000..b03e075 --- /dev/null +++ b/wp-admin/images/box-head-left.gif diff --git a/wp-admin/images/box-head-right.gif b/wp-admin/images/box-head-right.gif Binary files differnew file mode 100644 index 0000000..897b03a --- /dev/null +++ b/wp-admin/images/box-head-right.gif diff --git a/wp-admin/import.php b/wp-admin/import.php index cd1951a..99f8d39 100644 --- a/wp-admin/import.php +++ b/wp-admin/import.php @@ -36,7 +36,7 @@ if (empty ($importers)) { $style = '';
foreach ($importers as $id => $data) {
$style = ('class="alternate"' == $style || 'class="alternate active"' == $style) ? '' : 'alternate';
- $action = "<a href='admin.php?import=$id' title='{$data[1]}'>{$data[0]}</a>";
+ $action = "<a href='admin.php?import=$id' title='".wptexturize(strip_tags($data[1]))."'>{$data[0]}</a>";
if ($style != '')
$style = 'class="'.$style.'"';
diff --git a/wp-admin/import/blogger.php b/wp-admin/import/blogger.php index f79a164..68541b0 100644 --- a/wp-admin/import/blogger.php +++ b/wp-admin/import/blogger.php @@ -246,7 +246,7 @@ class Blogger_Import { $blogsary = array();
preg_match_all('#posts\.g\?blogID=(\d+)">([^<]+)</a>#U', $response['body'], $blogsary);
if ( ! count( $blogsary[1] < 1 ) )
- die(__('No blogs found for this user.'));
+ wp_die(__('No blogs found for this user.'));
$this->import['blogs'] = array();
$template = '<!--<MainPage><BloggerArchives><a class="wparchive" href="<$BlogArchiveURL$>"><$BlogArchiveName$></a><br /></BloggerArchives></MainPage><ArchivePage><Blogger><wordpresspost><$BlogItemDateTime$>|W|P|<$BlogItemAuthorNickname$>|W|P|<$BlogItemBody$>|W|P|<$BlogItemNumber$>|W|P|<$BlogItemTitle$>|W|P|<$BlogItemAuthorEmail$><BlogItemCommentsEnabled><BlogItemComments><wordpresscomment><$BlogCommentDateTime$>|W|P|<$BlogCommentAuthor$>|W|P|<$BlogCommentBody$></BlogItemComments></BlogItemCommentsEnabled></Blogger></ArchivePage>-->';
foreach ( $blogsary[1] as $key => $id ) {
@@ -311,7 +311,7 @@ class Blogger_Import { if ( $_POST['publishMode'] > 0 ) {
$response = $this->get_blogger("http://www.blogger.com/blog-publishing.g?blogID={$_GET['blog']}&publishMode=0", $headers);
if ( $response['code'] >= 400 )
- die('<h2>'.__('Failed attempt to change publish mode from FTP to BlogSpot.').'</h2><pre>' . addslashes(print_r($headers, 1)) . addslashes(print_r($response, 1)) . '</pre>');
+ wp_die('<h2>'.__('Failed attempt to change publish mode from FTP to BlogSpot.').'</h2><pre>' . addslashes(print_r($headers, 1)) . addslashes(print_r($response, 1)) . '</pre>');
$this->import['blogs'][$_GET['blog']]['url'] = 'http://' . $optary['modify']['subdomain'] . '.blogspot.com/';
sleep(2);
} else {
@@ -329,7 +329,7 @@ class Blogger_Import { }
$response = $this->post_blogger($posturl, $headers, $paramary);
if ( $response['code'] >= 400 || strstr($response['body'], 'There are errors on this form') )
- die('<p>'.__('Error on form submission. Retry or reset the importer.').'</p>' . addslashes(print_r($response, 1)));
+ wp_die('<p>'.__('Error on form submission. Retry or reset the importer.').'</p>' . addslashes(print_r($response, 1)));
}
$output .= "<del><p>$blog_opt</p></del>\n";
} elseif ( is_array($this->import['blogs'][$_GET['blog']]['options']["$blog_opt"]['backup']) ) {
@@ -372,7 +372,7 @@ class Blogger_Import { function get_archive_urls() {
$bloghtml = $this->get_blogger($this->import['blogs'][$_GET['blog']]['url']);
if (! strstr($bloghtml['body'], '<a class="wparchive"') )
- die(__('Your Blogger blog did not take the new template or did not respond.'));
+ wp_die(__('Your Blogger blog did not take the new template or did not respond.'));
preg_match_all('#<a class="wparchive" href="([^"]*)"#', $bloghtml['body'], $archives);
foreach ($archives[1] as $archive) {
$this->import['blogs'][$_GET['blog']]['archives'][$archive] = false;
@@ -554,7 +554,7 @@ class Blogger_Import { $response = $this->get_blogger("http://www.blogger.com/blog-publishing.g?blogID={$_GET['blog']}&publishMode={$optary['backup']['publishMode']}", $headers);
sleep(2);
if ( $response['code'] >= 400 )
- die('<h1>Error restoring publishMode.</h1><p>Please tell the devs.</p>' . addslashes(print_r($response, 1)) );
+ wp_die('<h1>Error restoring publishMode.</h1><p>Please tell the devs.</p>' . addslashes(print_r($response, 1)) );
}
}
if ( $optary['backup'] != $optary['modify'] ) {
@@ -623,7 +623,7 @@ class Blogger_Import { $step = 0;
}
//echo "Step $step.";
-//die('<pre>'.print_r($this->import,1).'</pre');
+//wp_die('<pre>'.print_r($this->import,1).'</pre');
switch ($step) {
case 0 :
$this->do_login();
diff --git a/wp-admin/import/dotclear.php b/wp-admin/import/dotclear.php index 9dc8a6e..27ce6e6 100644 --- a/wp-admin/import/dotclear.php +++ b/wp-admin/import/dotclear.php @@ -646,12 +646,12 @@ class Dotclear_Import { function db_form() { echo '<ul>'; - printf('<li><label for="dbuser">%s</label> <input type="text" name="dbuser" /></li>', __('Dotclear Database User:')); - printf('<li><label for="dbpass">%s</label> <input type="password" name="dbpass" /></li>', __('Dotclear Database Password:')); - printf('<li><label for="dbname">%s</label> <input type="text" name="dbname" /></li>', __('Dotclear Database Name:')); - printf('<li><label for="dbhost">%s</label> <input type="text" name="dbhost" value="localhost" /></li>', __('Dotclear Database Host:')); - printf('<li><label for="dbprefix">%s</label> <input type="text" name="dbprefix" value="dc_"/></li>', __('Dotclear Table prefix:')); - printf('<li><label for="dccharset">%s</label> <input type="text" name="dccharset" value="ISO-8859-15"/></li>', __('Originating character set:')); + printf('<li><label for="dbuser">%s</label> <input type="text" name="dbuser" id="dbuser" /></li>', __('Dotclear Database User:')); + printf('<li><label for="dbpass">%s</label> <input type="password" name="dbpass" id="dbpass" /></li>', __('Dotclear Database Password:')); + printf('<li><label for="dbname">%s</label> <input type="text" name="dbname" id="dbname" /></li>', __('Dotclear Database Name:')); + printf('<li><label for="dbhost">%s</label> <input type="text" name="dbhost" nameid="dbhost" value="localhost" /></li>', __('Dotclear Database Host:')); + printf('<li><label for="dbprefix">%s</label> <input type="text" name="dbprefix" id="dbprefix" value="dc_"/></li>', __('Dotclear Table prefix:')); + printf('<li><label for="dccharset">%s</label> <input type="text" name="dccharset" id="dccharset" value="ISO-8859-15"/></li>', __('Originating character set:')); echo '</ul>'; } diff --git a/wp-admin/import/greymatter.php b/wp-admin/import/greymatter.php index f2b4e2d..8f7b34a 100644 --- a/wp-admin/import/greymatter.php +++ b/wp-admin/import/greymatter.php @@ -87,10 +87,10 @@ class GM_Import { } if (!chdir($archivespath)) - die("Wrong path, $archivespath\ndoesn't exist\non the server"); + wp_die("Wrong path, $archivespath\ndoesn't exist\non the server"); if (!chdir($gmpath)) - die("Wrong path, $gmpath\ndoesn't exist\non the server"); + wp_die("Wrong path, $gmpath\ndoesn't exist\non the server"); $this->header(); ?> diff --git a/wp-admin/import/textpattern.php b/wp-admin/import/textpattern.php index 17cae87..4a123de 100644 --- a/wp-admin/import/textpattern.php +++ b/wp-admin/import/textpattern.php @@ -569,11 +569,11 @@ class Textpattern_Import { function db_form() { echo '<ul>'; - printf('<li><label for="dbuser">%s</label> <input type="text" name="dbuser" /></li>', __('Textpattern Database User:')); - printf('<li><label for="dbpass">%s</label> <input type="password" name="dbpass" /></li>', __('Textpattern Database Password:')); - printf('<li><label for="dbname">%s</label> <input type="text" name="dbname" /></li>', __('Textpattern Database Name:')); - printf('<li><label for="dbhost">%s</label> <input type="text" name="dbhost" value="localhost" /></li>', __('Textpattern Database Host:')); - printf('<li><label for="dbprefix">%s</label> <input type="text" name="dbprefix" /></li>', __('Textpattern Table prefix (if any):')); + printf('<li><label for="dbuser">%s</label> <input type="text" name="dbuser" id="dbuser" /></li>', __('Textpattern Database User:')); + printf('<li><label for="dbpass">%s</label> <input type="password" name="dbpass" id="dbpass" /></li>', __('Textpattern Database Password:')); + printf('<li><label for="dbname">%s</label> <input type="text" id="dbname" name="dbname" /></li>', __('Textpattern Database Name:')); + printf('<li><label for="dbhost">%s</label> <input type="text" id="dbhost" name="dbhost" value="localhost" /></li>', __('Textpattern Database Host:')); + printf('<li><label for="dbprefix">%s</label> <input type="text" name="dbprefix" id="dbprefix" /></li>', __('Textpattern Table prefix (if any):')); echo '</ul>'; } diff --git a/wp-admin/inline-uploading.php b/wp-admin/inline-uploading.php index c5c969d..bd2a2b9 100644 --- a/wp-admin/inline-uploading.php +++ b/wp-admin/inline-uploading.php @@ -5,7 +5,7 @@ require_once('admin.php'); header('Content-Type: text/html; charset=' . get_option('blog_charset'));
if (!current_user_can('upload_files'))
- die(__('You do not have permission to upload files.'));
+ wp_die(__('You do not have permission to upload files.'));
wp_reset_vars(array('action', 'post', 'all', 'last', 'link', 'sort', 'start', 'imgtitle', 'descr', 'attachment'));
@@ -22,7 +22,7 @@ case 'delete': check_admin_referer('inlineuploading');
if ( !current_user_can('edit_post', (int) $attachment) )
- die(__('You are not allowed to delete this attachment.').' <a href="'.basename(__FILE__)."?post=$post&all=$all&action=upload\">".__('Go back').'</a>');
+ wp_die(__('You are not allowed to delete this attachment.').' <a href="'.basename(__FILE__)."?post=$post&all=$all&action=upload\">".__('Go back').'</a>');
wp_delete_attachment($attachment);
@@ -41,7 +41,7 @@ if( isset( $file[ 'error' ] ) == false ) $file[ 'error' ] = apply_filters( "check_uploaded_file", $file[ 'error' ] );
if ( isset($file['error']) )
- die($file['error'] . '<br /><a href="' . basename(__FILE__) . '?action=upload&post=' . $post . '">'.__('Back to Image Uploading').'</a>');
+ wp_die($file['error'] . '<br /><a href="' . basename(__FILE__) . '?action=upload&post=' . $post . '">'.__('Back to Image Uploading').'</a>');
$url = $file['url'];
$type = $file['type'];
@@ -279,7 +279,7 @@ $images_width = $uwidth_sum + ( count($images) * 6 ) + 35; break;
default:
-die(__('This script was not meant to be called directly.'));
+wp_die(__('This script was not meant to be called directly.'));
}
?>
@@ -287,8 +287,10 @@ die(__('This script was not meant to be called directly.')); <html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="<?php bloginfo('html_type'); ?>; charset=<?php echo get_settings('blog_charset'); ?>" />
+<title></title>
<meta http-equiv="imagetoolbar" content="no" />
<script type="text/javascript">
+// <![CDATA[
/* Define any variables we'll need, such as alternate URLs. */
<?php echo $script; ?>
function htmldecode(st) {
@@ -426,6 +428,7 @@ function sendToEditor(n) { else
win.edInsertContent(win.edCanvas, h);
}
+// ]]>
</script>
<style type="text/css">
<?php if ( $action == 'links' ) : ?>
@@ -670,7 +673,7 @@ th { ?><div class="center tip"><?php echo $upload_err ?></div><?php
} else { ?>
<div class="tip"></div>
-<form enctype="multipart/form-data" id="uploadForm" method="POST" action="<?php echo basename(__FILE__); ?>">
+<form enctype="multipart/form-data" id="uploadForm" method="post" action="<?php echo basename(__FILE__); ?>">
<table style="width:99%;">
<tr>
<th scope="row" align="right"><label for="upload"><?php _e('File:'); ?></label></th>
diff --git a/wp-admin/link-add.php b/wp-admin/link-add.php index 4d451fb..713a8d5 100644 --- a/wp-admin/link-add.php +++ b/wp-admin/link-add.php @@ -18,7 +18,7 @@ require('admin-header.php'); ?> <?php if ($_GET['added']) : ?> -<div id="message" class="updated fade"><p><?php _e('Bookmark added.'); ?></p></div> +<div id="message" class="updated fade"><p><?php _e('Link added.'); ?></p></div> <?php endif; ?> <?php @@ -27,7 +27,7 @@ require('admin-header.php'); ?> <div class="wrap"> -<?php printf(__('<p>You can drag <a href="%s" title="Bookmark add bookmarklet">Link This</a> to your toolbar and when you click it a window will pop up that will allow you to add whatever site you’re on to your bookmarks! Right now this only works on Mozilla or Netscape, but we’re working on it.</p>'), "javascript:void(linkmanpopup=window.open('" . get_settings('siteurl') . "/wp-admin/link-add.php?action=popup&linkurl='+escape(location.href)+'&name='+escape(document.title),'LinkManager','scrollbars=yes,width=750,height=550,left=15,top=15,status=yes,resizable=yes'));linkmanpopup.focus();window.focus();linkmanpopup.focus();") ?> +<?php printf(__('<p>You can drag <a href="%s" title="Link add bookmarklet">Link This</a> to your toolbar and when you click it a window will pop up that will allow you to add whatever site you’re on to your bookmarks! Right now this only works on Mozilla or Netscape, but we’re working on it.</p>'), "javascript:void(linkmanpopup=window.open('" . get_settings('siteurl') . "/wp-admin/link-add.php?action=popup&linkurl='+escape(location.href)+'&name='+escape(document.title),'LinkManager','scrollbars=yes,width=750,height=550,left=15,top=15,status=yes,resizable=yes'));linkmanpopup.focus();window.focus();linkmanpopup.focus();") ?> </div> <?php diff --git a/wp-admin/link-import.php b/wp-admin/link-import.php index 352b6e7..98bdc87 100644 --- a/wp-admin/link-import.php +++ b/wp-admin/link-import.php @@ -89,7 +89,7 @@ foreach ($categories as $category) { $file = wp_handle_upload($_FILES['userfile'], $overrides); if ( isset($file['error']) ) - die($file['error']); + wp_die($file['error']); $url = $file['url']; $opml_url = $file['file']; diff --git a/wp-admin/link-manager.php b/wp-admin/link-manager.php index c5e2049..783c938 100644 --- a/wp-admin/link-manager.php +++ b/wp-admin/link-manager.php @@ -22,7 +22,7 @@ $title = __('Manage Bookmarks'); include_once ("./admin-header.php"); if (!current_user_can('manage_links')) - die(__("You do not have sufficient permissions to edit the bookmarks for this blog.")); + wp_die(__("You do not have sufficient permissions to edit the bookmarks for this blog.")); switch ($order_by) { case 'order_id' : @@ -73,7 +73,7 @@ if ( isset($_GET['deleted']) ) { <div class="wrap"> -<h2><?php _e('Bookmark Management'); ?></h2> +<h2><?php _e('Blogroll Management'); ?></h2> <p><?php _e('Here you add links to sites that you visit often and share them on your blog. When you have a list of links in your sidebar to other blogs, it’s called a “blogroll.”'); ?></p> <form id="cats" method="get" action=""> <p>Currently showing @@ -85,11 +85,11 @@ if ( isset($_GET['deleted']) ) { </option> <?php endforeach; ?> </select> -bookmarks ordered by +links ordered by <select name="order_by"> <option value="order_id" <?php if ($order_by == 'order_id') echo " selected='selected'";?>><?php _e('Bookmark ID') ?></option> <option value="order_name" <?php if ($order_by == 'order_name') echo " selected='selected'";?>><?php _e('Name') ?></option> -<option value="order_url" <?php if ($order_by == 'order_url') echo " selected='selected'";?>><?php _e('URI') ?></option> +<option value="order_url" <?php if ($order_by == 'order_url') echo " selected='selected'";?>><?php _e('Address') ?></option> </select> <input type="submit" name="action" value="<?php _e('Update »') ?>" /></p> </form> @@ -174,6 +174,7 @@ if ($links) <p class="submit"><input type="submit" class="button" name="deletebookmarks" id="deletebookmarks" value="<?php _e('Delete Checked Bookmarks') ?> »" onclick="return confirm('<?php _e("You are about to delete these bookmarks permanently \\n \'Cancel\' to stop, \'OK\' to delete.") ?>')" /></p> </form> </div> + <?php if( wp_cache_get( "checked_bookmarks_table", "options" ) == false ) { $results = $wpdb->get_results( "SELECT link_id, category_id, count( * ) AS c FROM {$wpdb->link2cat} GROUP BY link_id, category_id" ); diff --git a/wp-admin/link.php b/wp-admin/link.php index a62c01c..00a281b 100644 --- a/wp-admin/link.php +++ b/wp-admin/link.php @@ -18,7 +18,7 @@ switch ($action) { // check the current user's level first. if (!current_user_can('manage_links')) - die(__("Cheatin' uh ?")); + wp_die(__("Cheatin' uh ?")); //for each link id (in $linkcheck[]) change category to selected value if (count($linkcheck) == 0) { @@ -42,7 +42,7 @@ switch ($action) { // check the current user's level first. if (!current_user_can('manage_links')) - die(__("Cheatin' uh ?")); + wp_die(__("Cheatin' uh ?")); //for each link id (in $linkcheck[]) change category to selected value if (count($linkcheck) == 0) { @@ -79,7 +79,7 @@ switch ($action) { check_admin_referer('delete-bookmark_' . $link_id); if (!current_user_can('manage_links')) - die(__("Cheatin' uh ?")); + wp_die(__("Cheatin' uh ?")); wp_delete_link($link_id); @@ -95,12 +95,12 @@ switch ($action) { $title = __('Edit Bookmark'); include_once ('admin-header.php'); if (!current_user_can('manage_links')) - die(__('You do not have sufficient permissions to edit the bookmarks for this blog.')); + wp_die(__('You do not have sufficient permissions to edit the bookmarks for this blog.')); $link_id = (int) $_GET['link_id']; if (!$link = get_link_to_edit($link_id)) - die(__('Link not found.')); + wp_die(__('Link not found.')); include ('edit-link-form.php'); break; diff --git a/wp-admin/menu.php b/wp-admin/menu.php index 809d2e1..4b32230 100644 --- a/wp-admin/menu.php +++ b/wp-admin/menu.php @@ -14,13 +14,11 @@ if ( strstr($_SERVER['REQUEST_URI'], 'page-new.php') ) $menu[10] = array(__('Manage'), 'edit_pages', 'edit-pages.php'); else $menu[10] = array(__('Manage'), 'edit_posts', 'edit.php'); - - $menu_perms = get_site_option( "menu_items" ); if( is_array( $menu_perms ) == false ) $menu_perms = array(); -$menu[20] = array(__('Bookmarks'), 'manage_links', 'link-manager.php'); +$menu[20] = array(__('Blogroll'), 'manage_links', 'link-manager.php'); $menu[25] = array(__('Presentation'), 'switch_themes', 'themes.php'); if( $menu_perms[ 'plugins' ] == 1 ) $menu[30] = array(__('Plugins'), 'activate_plugins', 'plugins.php'); @@ -44,9 +42,9 @@ $submenu['edit.php'][25] = array(sprintf(__("Awaiting Moderation (%s)"), "<span $submenu['edit.php'][35] = array(__('Import'), 'import', 'import.php'); $submenu['edit.php'][40] = array(__('Export'), 'import', 'export.php'); -$submenu['link-manager.php'][5] = array(__('Manage Bookmarks'), 'manage_links', 'link-manager.php'); -$submenu['link-manager.php'][10] = array(__('Add Bookmark'), 'manage_links', 'link-add.php'); -$submenu['link-manager.php'][20] = array(__('Import Bookmarks'), 'manage_links', 'link-import.php'); +$submenu['link-manager.php'][5] = array(__('Manage Blogroll'), 'manage_links', 'link-manager.php'); +$submenu['link-manager.php'][10] = array(__('Add Link'), 'manage_links', 'link-add.php'); +$submenu['link-manager.php'][20] = array(__('Import Links'), 'manage_links', 'link-import.php'); if ( current_user_can('edit_users') ) { $submenu['users.php'][5] = array(__('Authors & Users'), 'edit_users', 'users.php'); @@ -140,7 +138,7 @@ if (! user_can_access_admin_page()) { header( "Location: " . get_blog_option( $primary_blog, "siteurl" ) . "/wp-admin/" ); exit; } - die( __('You do not have sufficient permissions to access this page.') ); + wp_die( __('You do not have sufficient permissions to access this page.') ); } ?> diff --git a/wp-admin/moderation.php b/wp-admin/moderation.php index 7b411cc..2a32435 100644 --- a/wp-admin/moderation.php +++ b/wp-admin/moderation.php @@ -21,7 +21,7 @@ case 'update': check_admin_referer('moderate-comments'); if ( ! current_user_can('moderate_comments') ) - die('<p>'.__('Your level is not high enough to moderate comments.').'</p>'); + wp_die('<p>'.__('Your level is not high enough to moderate comments.').'</p>'); $item_ignored = 0; $item_deleted = 0; @@ -143,10 +143,10 @@ $post_title = ('' == $post_title) ? "# $comment->comment_post_ID" : $post_title; ?> <a href="<?php echo get_permalink($comment->comment_post_ID); ?>" title="<?php echo $post_title; ?>"><?php _e('View Post') ?></a> ] — <?php _e('Bulk action:') ?> - <input type="radio" name="comment[<?php echo $comment->comment_ID; ?>]" id="comment[<?php echo $comment->comment_ID; ?>]-approve" value="approve" /> <label for="comment[<?php echo $comment->comment_ID; ?>]-approve"><?php _e('Approve') ?></label> - <input type="radio" name="comment[<?php echo $comment->comment_ID; ?>]" id="comment[<?php echo $comment->comment_ID; ?>]-spam" value="spam" /> <label for="comment[<?php echo $comment->comment_ID; ?>]-spam"><?php _e('Spam') ?></label> - <input type="radio" name="comment[<?php echo $comment->comment_ID; ?>]" id="comment[<?php echo $comment->comment_ID; ?>]-delete" value="delete" /> <label for="comment[<?php echo $comment->comment_ID; ?>]-delete"><?php _e('Delete') ?></label> - <input type="radio" name="comment[<?php echo $comment->comment_ID; ?>]" id="comment[<?php echo $comment->comment_ID; ?>]-nothing" value="later" checked="checked" /> <label for="comment[<?php echo $comment->comment_ID; ?>]-nothing"><?php _e('Defer until later') ?></label> + <input type="radio" name="comment[<?php echo $comment->comment_ID; ?>]" id="comment-<?php echo $comment->comment_ID; ?>-approve" value="approve" /> <label for="comment[<?php echo $comment->comment_ID; ?>]-approve"><?php _e('Approve') ?></label> + <input type="radio" name="comment[<?php echo $comment->comment_ID; ?>]" id="comment-<?php echo $comment->comment_ID; ?>-spam" value="spam" /> <label for="comment[<?php echo $comment->comment_ID; ?>]-spam"><?php _e('Spam') ?></label> + <input type="radio" name="comment[<?php echo $comment->comment_ID; ?>]" id="comment-<?php echo $comment->comment_ID; ?>-delete" value="delete" /> <label for="comment[<?php echo $comment->comment_ID; ?>]-delete"><?php _e('Delete') ?></label> + <input type="radio" name="comment[<?php echo $comment->comment_ID; ?>]" id="comment-<?php echo $comment->comment_ID; ?>-nothing" value="later" checked="checked" /> <label for="comment[<?php echo $comment->comment_ID; ?>]-nothing"><?php _e('Defer until later') ?></label> </p> </li> diff --git a/wp-admin/options.php b/wp-admin/options.php index 78d49fe..097db91 100644 --- a/wp-admin/options.php +++ b/wp-admin/options.php @@ -55,7 +55,7 @@ case 'update': if( $option == 'posts_per_page' && $value == '' ) $value = 10; - if( $option == 'new_admin_email' && $value != get_option( 'admin_email' ) ) { + if( $option == 'new_admin_email' && $value != get_option( 'admin_email' ) && is_email( $val ) ) { $hash = md5( $value.time().mt_rand() ); $newadminemail = array( "hash" => $hash, @@ -72,12 +72,13 @@ If this is correct, please click on the following link to change it: You can safely ignore and delete this email if you do not want to take this action. +This email has been sent to '{$email}' " ); } elseif (update_option($option, $value) ) { $any_changed++; } - if ( 'language' == $option ) { + if ( 'lang_id' == $option ) { $value = (int) $value; update_blog_status( $wpdb->blogid, 'lang_id', $value ); $any_changed++; diff --git a/wp-admin/page.php b/wp-admin/page.php index 19c6efe..9884ed6 100644 --- a/wp-admin/page.php +++ b/wp-admin/page.php @@ -116,14 +116,14 @@ case 'delete': $page = & get_post($page_id); if ( !current_user_can('delete_page', $page_id) ) - die( __('You are not allowed to delete this page.') ); + wp_die( __('You are not allowed to delete this page.') ); if ( $page->post_type == 'attachment' ) { if ( ! wp_delete_attachment($page_id) ) - die( __('Error in deleting...') ); + wp_die( __('Error in deleting...') ); } else { if ( !wp_delete_post($page_id) ) - die( __('Error in deleting...') ); + wp_die( __('Error in deleting...') ); } $sendback = wp_get_referer(); diff --git a/wp-admin/plugin-editor.php b/wp-admin/plugin-editor.php index 3085261..690baaf 100644 --- a/wp-admin/plugin-editor.php +++ b/wp-admin/plugin-editor.php @@ -1,6 +1,6 @@ <?php -die(); require_once('admin.php'); +wp_die( "The plugin editor is disabled" ); $title = __("Edit Plugins"); $parent_file = 'plugins.php'; @@ -24,7 +24,7 @@ case 'update': check_admin_referer('edit-plugin_' . $file); if ( !current_user_can('edit_plugins') ) - die('<p>'.__('You do not have sufficient permissions to edit templates for this blog.').'</p>'); + wp_die('<p>'.__('You do not have sufficient permissions to edit templates for this blog.').'</p>'); $newcontent = stripslashes($_POST['newcontent']); if (is_writeable($real_file)) { @@ -44,7 +44,7 @@ default: require_once('admin-header.php'); if ( !current_user_can('edit_plugins') ) - die('<p>'.__('You do not have sufficient permissions to edit plugins for this blog.').'</p>'); + wp_die('<p>'.__('You do not have sufficient permissions to edit plugins for this blog.').'</p>'); update_recently_edited("wp-content/plugins/$file"); diff --git a/wp-admin/post.php b/wp-admin/post.php index d1a0ff7..62abfe9 100644 --- a/wp-admin/post.php +++ b/wp-admin/post.php @@ -121,14 +121,14 @@ case 'delete': $post = & get_post($post_id); if ( !current_user_can('delete_post', $post_id) ) - die( __('You are not allowed to delete this post.') ); + wp_die( __('You are not allowed to delete this post.') ); if ( $post->post_type == 'attachment' ) { if ( ! wp_delete_attachment($post_id) ) - die( __('Error in deleting...') ); + wp_die( __('Error in deleting...') ); } else { if ( !wp_delete_post($post_id) ) - die( __('Error in deleting...') ); + wp_die( __('Error in deleting...') ); } $sendback = wp_get_referer(); diff --git a/wp-admin/profile-update.php b/wp-admin/profile-update.php index 4d6595b..2c6028f 100644 --- a/wp-admin/profile-update.php +++ b/wp-admin/profile-update.php @@ -7,7 +7,7 @@ require_once('admin.php'); check_admin_referer('update-profile_' . $user_ID); if ( !$_POST ) - die( __('No post?') ); + wp_die( __('No post?') ); $errors = edit_user($user_ID); diff --git a/wp-admin/sidebar.php b/wp-admin/sidebar.php index 140bd36..1c1832a 100644 --- a/wp-admin/sidebar.php +++ b/wp-admin/sidebar.php @@ -48,7 +48,7 @@ form { </head> <body id="sidebar"> <h1 id="wphead"><a href="http://wordpress.org/" rel="external">WordPress</a></h1> -<form name="post" action="post.php" method="POST"> +<form name="post" action="post.php" method="post"> <div><input type="hidden" name="action" value="post" /> <input type="hidden" name="user_ID" value="<?php echo $user_ID ?>" /> <input type="hidden" name="mode" value="sidebar" /> diff --git a/wp-admin/templates.php b/wp-admin/templates.php index 1aaabbe..fa560c8 100644 --- a/wp-admin/templates.php +++ b/wp-admin/templates.php @@ -1,6 +1,6 @@ <?php -die(); require_once('admin.php'); +wp_die( 'The template editor is disabled.' ); $title = __('Template & File Editing'); $parent_file = 'edit.php'; @@ -26,7 +26,7 @@ case 'update': check_admin_referer('edit-file_' . $file); if ( ! current_user_can('edit_files') ) - die('<p>'.__('You do not have sufficient permissions to edit templates for this blog.').'</p>'); + wp_die('<p>'.__('You do not have sufficient permissions to edit templates for this blog.').'</p>'); $newcontent = stripslashes($_POST['newcontent']); if (is_writeable($real_file)) { @@ -51,10 +51,10 @@ default: require_once('./admin-header.php'); if ( ! current_user_can('edit_files') ) - die('<p>'.__('You do not have sufficient permissions to edit templates for this blog.').'</p>'); + wp_die('<p>'.__('You do not have sufficient permissions to edit templates for this blog.').'</p>'); if ( strstr( $file, 'wp-config.php' ) ) - die('<p>'.__('The config file cannot be edited or viewed through the web interface. Sorry!').'</p>'); + wp_die('<p>'.__('The config file cannot be edited or viewed through the web interface. Sorry!').'</p>'); update_recently_edited($file); diff --git a/wp-admin/theme-editor.php b/wp-admin/theme-editor.php index 43ee21f..18c143c 100644 --- a/wp-admin/theme-editor.php +++ b/wp-admin/theme-editor.php @@ -1,6 +1,6 @@ <?php -die(); require_once('admin.php'); +wp_die( "The theme editor is disabled" ); $title = __("Edit Themes"); $parent_file = 'themes.php'; @@ -17,7 +17,7 @@ if (empty($theme)) { if ( ! isset($themes[$theme]) ) - die(__('The requested theme does not exist.')); + wp_die(__('The requested theme does not exist.')); $allowed_files = array_merge($themes[$theme]['Stylesheet Files'], $themes[$theme]['Template Files']); @@ -37,7 +37,7 @@ case 'update': check_admin_referer('edit-theme_' . $file . $theme); if ( !current_user_can('edit_themes') ) - die('<p>'.__('You do not have sufficient permissions to edit templates for this blog.').'</p>'); + wp_die('<p>'.__('You do not have sufficient permissions to edit templates for this blog.').'</p>'); $newcontent = stripslashes($_POST['newcontent']); $theme = urlencode($theme); @@ -58,7 +58,7 @@ default: require_once('admin-header.php'); if ( !current_user_can('edit_themes') ) - die('<p>'.__('You do not have sufficient permissions to edit themes for this blog.').'</p>'); + wp_die('<p>'.__('You do not have sufficient permissions to edit themes for this blog.').'</p>'); update_recently_edited($file); diff --git a/wp-admin/update-links.php b/wp-admin/update-links.php index eff00db..e2aa540 100644 --- a/wp-admin/update-links.php +++ b/wp-admin/update-links.php @@ -3,12 +3,12 @@ require_once( dirname( dirname(__FILE__) ) . '/wp-config.php'); require_once( ABSPATH . 'wp-includes/class-snoopy.php'); if ( !get_option('use_linksupdate') ) - die(__('Feature disabled.')); + wp_die(__('Feature disabled.')); $link_uris = $wpdb->get_col("SELECT link_url FROM $wpdb->links"); if ( !$link_uris ) - die('No links'); + wp_die('No links'); $link_uris = urlencode( join( $link_uris, "\n" ) ); diff --git a/wp-admin/users.php b/wp-admin/users.php index 3c75395..854449c 100644 --- a/wp-admin/users.php +++ b/wp-admin/users.php @@ -128,13 +128,13 @@ case 'promote': } if ( !current_user_can('edit_users') ) - die(__('You can’t edit users.')); + wp_die(__('You can’t edit users.')); $userids = $_POST['users']; $update = 'promote'; foreach($userids as $id) { if ( ! current_user_can('edit_user', $id) ) - die(__('You can’t edit that user.')); + wp_die(__('You can’t edit that user.')); // The new role of the current user must also have edit_users caps if($id == $current_user->id && !$wp_roles->role_objects[$_POST['new_role']]->has_cap('edit_users')) { $update = 'err_admin_role'; @@ -150,7 +150,7 @@ case 'promote': break; case 'dodelete': - die( "This function is disabled." ); + wp_die( "This function is disabled." ); check_admin_referer('delete-users'); if ( empty($_POST['users']) ) { @@ -158,7 +158,7 @@ case 'dodelete': } if ( !current_user_can('delete_users') ) - die(__('You can’t delete users.')); + wp_die(__('You can’t delete users.')); $userids = $_POST['users']; $update = 'del'; @@ -166,7 +166,7 @@ case 'dodelete': foreach ( (array) $userids as $id) { if ( ! current_user_can('delete_user', $id) ) - die(__('You can’t delete that user.')); + wp_die(__('You can’t delete that user.')); if($id == $current_user->id) { $update = 'err_admin_del'; @@ -190,7 +190,7 @@ case 'dodelete': break; case 'delete': - die( "This function is disabled." ); + wp_die( "This function is disabled." ); check_admin_referer('bulk-users'); if ( empty($_POST['users']) ) @@ -477,7 +477,7 @@ default: <p><a href="users.php"><?php _e('« Back to All Users'); ?></a></p> <?php endif; ?> - <h3><?php printf(__('Results %1$s - %2$s of %3$s shown below'), $wp_user_search->first_user + 1, min($wp_user_search->first_user + $wp_user_search->users_per_page, $wp_user_search->total_users_for_query), $wp_user_search->total_users_for_query); ?></h3> + <h3><?php printf(__('%1$s – %2$s of %3$s shown below'), $wp_user_search->first_user + 1, min($wp_user_search->first_user + $wp_user_search->users_per_page, $wp_user_search->total_users_for_query), $wp_user_search->total_users_for_query); ?></h3> <?php if ( $wp_user_search->results_are_paged() ) : ?> <div class="user-paging-text"><?php $wp_user_search->page_links(); ?></p></div> @@ -528,12 +528,12 @@ foreach ( (array) $roleclass as $user_object ) { <li><input type="radio" name="action" id="action0" value="removeuser" /> <label for="action0"><?php _e('Remove checked users.'); ?></label></li> <li> <input type="radio" name="action" id="action1" value="promote" /> <label for="action1"><?php _e('Set the Role of checked users to:'); ?></label> - <select name="new_role"><?php wp_dropdown_roles(); ?></select> + <select name="new_role" onchange="getElementById('action1').checked = 'true'"><?php wp_dropdown_roles(); ?></select> </li> </ul> - <p class="submit"> + <p class="submit" style="width: 420px"> <?php echo $referer; ?> - <input type="submit" value="<?php _e('Update »'); ?>" /> + <input type="submit" value="<?php _e('Bulk Update »'); ?>" /> </p> </form> <?php endif; ?> diff --git a/wp-admin/wp-admin.css b/wp-admin/wp-admin.css index f7769f6..7a1a584 100644 --- a/wp-admin/wp-admin.css +++ b/wp-admin/wp-admin.css @@ -930,6 +930,55 @@ table .vers { background: url(images/box-bg.gif) repeat-y right; } +#advancedstuff h3.dbx-handle { + margin-left: 7px; + margin-bottom: -7px; + padding: 6px 1em 0 3px; + background: #2685af url(images/box-head-right.gif) no-repeat top right; +} + +#advancedstuff div.dbx-handle-wrapper { + margin: 0 0 0 -7px; + background: #fff url(images/box-head-left.gif) no-repeat top left; +} + +#advancedstuff div.dbx-content { + margin-left: 8px; + background: url(images/box-bg-right.gif) repeat-y right; + padding: 10px 10px 15px 0px; +} + +#postexcerpt div.dbx-content { + margin-right: 0; + padding-right: 17px; +} + +#advancedstuff div.dbx-content-wrapper { + margin-left: -7px; + margin-right: 0; + background: url(images/box-bg-left.gif) repeat-y left; +} + +#advancedstuff fieldset.dbx-box { + padding-bottom: 9px; + margin-left: 6px; + background: url(images/box-butt-right.gif) no-repeat bottom right; +} + +#advancedstuff div.dbx-box-wrapper { + background: url(images/box-butt-left.gif) no-repeat bottom left; +} + +#advancedstuff .dbx-box-closed div.dbx-content-wrapper { + padding-bottom: 2px; + background: url(images/box-butt-left.gif) no-repeat bottom left; +} + +#advancedstuff .dbx-box { + background: url(images/box-butt-right.gif) no-repeat bottom right; +} + + /* handle cursors */ .dbx-handle-cursor { cursor: move; @@ -964,12 +1013,16 @@ a.dbx-toggle, a.dbx-toggle:visited { #advancedstuff a.dbx-toggle, #advancedstuff a.dbx-toggle-open:visited { height: 22px; width: 22px; + top: 3px; + right: 5px; background-position: 0 -3px; } #advancedstuff a.dbx-toggle-open, #advancedstuff a.dbx-toggle-open:visited { height: 22px; width: 22px; + top: 3px; + right: 5px; background-position: 0 -28px; } diff --git a/wp-comments-post.php b/wp-comments-post.php index 2e561b2..f2954f2 100644 --- a/wp-comments-post.php +++ b/wp-comments-post.php @@ -12,7 +12,7 @@ if ( empty($status->comment_status) ) { exit; } elseif ( 'closed' == $status->comment_status ) { do_action('comment_closed', $comment_post_ID); - die( __('Sorry, comments are closed for this item.') ); + wp_die( __('Sorry, comments are closed for this item.') ); } elseif ( 'draft' == $status->post_status ) { do_action('comment_on_draft', $comment_post_ID); exit; @@ -31,20 +31,20 @@ if ( $user->ID ) : $comment_author_url = $wpdb->escape($user->user_url); else : if ( get_option('comment_registration') ) - die( __('Sorry, you must be logged in to post a comment.') ); + wp_die( __('Sorry, you must be logged in to post a comment.') ); endif; $comment_type = ''; if ( get_settings('require_name_email') && !$user->ID ) { if ( 6 > strlen($comment_author_email) || '' == $comment_author ) - die( __('Error: please fill the required fields (name, email).') ); + wp_die( __('Error: please fill the required fields (name, email).') ); elseif ( !is_email($comment_author_email)) - die( __('Error: please enter a valid email address.') ); + wp_die( __('Error: please enter a valid email address.') ); } if ( '' == $comment_content ) - die( __('Error: please type a comment.') ); + wp_die( __('Error: please type a comment.') ); $commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type', 'user_ID'); diff --git a/wp-content/themes/default/functions.php b/wp-content/themes/default/functions.php index 929a7cd..4558241 100644 --- a/wp-content/themes/default/functions.php +++ b/wp-content/themes/default/functions.php @@ -135,6 +135,7 @@ function kubrick_theme_page_head() { ?>
<script type="text/javascript" src="../wp-includes/js/colorpicker.js"></script>
<script type='text/javascript'>
+// <![CDATA[
function pickColor(color) {
ColorPicker_targetInput.value = color;
kUpdate(ColorPicker_targetInput.id);
@@ -239,6 +240,7 @@ function kubrick_theme_page_head() { document.getElementById('nonJsForm').style.display = 'none';
}
addLoadEvent(kInit);
+// ]]>
</script>
<style type='text/css'>
#headwrap {
@@ -351,13 +353,13 @@ function kubrick_theme_page() { </div>
<br />
<div id="nonJsForm">
- <form method="POST">
+ <form method="post" action="">
<div class="zerosize"><input type="submit" name="defaultsubmit" value="Save" /></div>
<label for="njfontcolor">Font Color:</label><input type="text" name="njfontcolor" id="njfontcolor" value="<?php echo kubrick_header_color(); ?>" /> Any CSS color (<code>red</code> or <code>#FF0000</code> or <code>rgb(255, 0, 0)</code>)<br />
<label for="njuppercolor">Upper Color:</label><input type="text" name="njuppercolor" id="njuppercolor" value="#<?php echo kubrick_upper_color(); ?>" /> HEX only (<code>#FF0000</code> or <code>#F00</code>)<br />
<label for="njlowercolor">Lower Color:</label><input type="text" name="njlowercolor" id="njlowercolor" value="#<?php echo kubrick_lower_color(); ?>" /> HEX only (<code>#FF0000</code> or <code>#F00</code>)<br />
<input type="hidden" name="hi" id="hi" value="<?php echo kubrick_header_image(); ?>" />
- <label> </label><input type="submit" name="toggledisplay" id="toggledisplay" value="Toggle Text" />
+ <input type="submit" name="toggledisplay" id="toggledisplay" value="Toggle Text" />
<input type="submit" name="defaults" value="Use Defaults" />
<input type="submit" class="defbutton" name="submitform" value=" Save " />
<input type="hidden" name="action" value="save" />
@@ -381,7 +383,7 @@ function kubrick_theme_page() { </form>
<div id="colorPickerDiv" style="z-index: 100;background:#eee;border:1px solid #ccc;position:absolute;visibility:hidden;"> </div>
<div id="advanced">
- <form id="jsAdvanced" style="display:none;">
+ <form id="jsAdvanced" style="display:none;" action="">
<label for="advfontcolor">Font Color (CSS): </label><input type="text" id="advfontcolor" onchange="advUpdate(this.value, 'fontcolor')" value="<?php echo kubrick_header_color(); ?>" /><br />
<label for="advuppercolor">Upper Color (HEX): </label><input type="text" id="advuppercolor" onchange="advUpdate(this.value, 'uppercolor')" value="#<?php echo kubrick_upper_color(); ?>" /><br />
<label for="advlowercolor">Lower Color (HEX): </label><input type="text" id="advlowercolor" onchange="advUpdate(this.value, 'lowercolor')" value="#<?php echo kubrick_lower_color(); ?>" /><br />
diff --git a/wp-includes/comment-template.php b/wp-includes/comment-template.php index c5d5b8f..1172bdf 100644 --- a/wp-includes/comment-template.php +++ b/wp-includes/comment-template.php @@ -350,7 +350,7 @@ function comments_popup_link($zero='No Comments', $one='1 Comment', $more='% Com if (!empty($CSSclass)) { echo ' class="'.$CSSclass.'"'; } - $title = wp_specialchars(apply_filters('the_title', get_the_title())); + $title = wp_specialchars(apply_filters('the_title', get_the_title()), true); echo ' title="' . sprintf( __('Comment on %s'), $title ) .'">'; comments_number($zero, $one, $more, $number); echo '</a>'; diff --git a/wp-includes/comment.php b/wp-includes/comment.php index 9211114..69ff8a9 100644 --- a/wp-includes/comment.php +++ b/wp-includes/comment.php @@ -181,7 +181,7 @@ function wp_allow_comment($commentdata) { $dupe .= "OR comment_author_email = '$comment_author_email' "; $dupe .= ") AND comment_content = '$comment_content' LIMIT 1"; if ( $wpdb->get_var($dupe) ) - die( __('Duplicate comment detected; it looks as though you\'ve already said that!') ); + wp_die( __('Duplicate comment detected; it looks as though you\'ve already said that!') ); // Simple flood-protection if ( $lasttime = $wpdb->get_var("SELECT comment_date_gmt FROM $wpdb->comments WHERE comment_author_IP = '$comment_author_IP' OR comment_author_email = '$comment_author_email' ORDER BY comment_date DESC LIMIT 1") ) { @@ -189,7 +189,7 @@ function wp_allow_comment($commentdata) { $time_newcomment = mysql2date('U', $comment_date_gmt); if ( ($time_newcomment - $time_lastcomment) < 15 ) { do_action('comment_flood_trigger', $time_lastcomment, $time_newcomment); - die( __('Sorry, you can only post a new comment once every 15 seconds. Slow down cowboy.') ); + wp_die( __('Sorry, you can only post a new comment once every 15 seconds. Slow down cowboy.') ); } } @@ -321,7 +321,7 @@ function wp_insert_comment($commentdata) { extract($commentdata); if ( ! isset($comment_author_IP) ) - $comment_author_IP = $_SERVER['REMOTE_ADDR']; + $comment_author_IP = preg_replace( '/[^0-9., ]/', '',$_SERVER['REMOTE_ADDR'] ); if ( ! isset($comment_date) ) $comment_date = current_time('mysql'); if ( ! isset($comment_date_gmt) ) @@ -365,7 +365,7 @@ function wp_new_comment( $commentdata ) { $commentdata['comment_post_ID'] = (int) $commentdata['comment_post_ID']; $commentdata['user_ID'] = (int) $commentdata['user_ID']; - $commentdata['comment_author_IP'] = $_SERVER['REMOTE_ADDR']; + $commentdata['comment_author_IP'] = preg_replace( '/[^0-9., ]/', '',$_SERVER['REMOTE_ADDR'] ); $commentdata['comment_agent'] = $_SERVER['HTTP_USER_AGENT']; $commentdata['comment_date'] = current_time('mysql'); diff --git a/wp-includes/functions.php b/wp-includes/functions.php index f36a79a..30a5360 100644 --- a/wp-includes/functions.php +++ b/wp-includes/functions.php @@ -1035,6 +1035,7 @@ function wp_check_filetype($filename, $mimes = null) { function wp_proxy_check($ipnum) { if ( get_option('open_proxy_check') && isset($ipnum) ) { + $ipnum = preg_replace( '/([0-9]{1,3})\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}).*/', '$1', $ipnum ); $rev_ip = implode( '.', array_reverse( explode( '.', $ipnum ) ) ); $lookup = $rev_ip . '.sbl-xbl.spamhaus.org.'; if ( $lookup != gethostbyname( $lookup ) ) @@ -1138,4 +1139,68 @@ function wp_nonce_ays($action) { include_once(ABSPATH . '/wp-admin/admin-footer.php'); } +function wp_die($message) { + global $wpdb; + + if ( !$wpdb->show_errors ) + return false; + header('Content-Type: text/html; charset=utf-8'); + + $output = <<<HEAD + <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> + <html xmlns="http://www.w3.org/1999/xhtml"> + <head> + <title>WordPress › Error</title> + <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> + <style media="screen" type="text/css"> + <!-- + html { + background: #eee; + } + body { + background: #fff; + color: #000; + font-family: Georgia, "Times New Roman", Times, serif; + margin-left: 25%; + margin-right: 25%; + padding: .2em 2em; + } + + h1 { + color: #006; + font-size: 18px; + font-weight: lighter; + } + + h2 { + font-size: 16px; + } + + p, li, dt { + line-height: 140%; + padding-bottom: 2px; + } + + ul, ol { + padding: 5px 5px 5px 20px; + } + #logo { + margin-bottom: 2em; + } + --> + </style> + </head> + <body> + <h1 id="logo"><img alt="WordPress" src="../wp-admin/images/wordpress-logo.png" /></h1> + <p>$message</p> + </body> + </html> +HEAD; + + $output = apply_filters('wp_die', $output, $message); + echo $output; + + die(); +} + ?> diff --git a/wp-includes/js/tinymce/plugins/spellchecker/classes/TinyPspellShell.class.php b/wp-includes/js/tinymce/plugins/spellchecker/classes/TinyPspellShell.class.php index 41c0948..81e3f15 100755 --- a/wp-includes/js/tinymce/plugins/spellchecker/classes/TinyPspellShell.class.php +++ b/wp-includes/js/tinymce/plugins/spellchecker/classes/TinyPspellShell.class.php @@ -71,7 +71,7 @@ class TinyPspellShell { fwrite($fh, "^$word\n");
fclose($fh);
} else
- die("Error opening tmp file.");
+ wp_die("Error opening tmp file.");
$data = shell_exec($this->cmd);
@unlink($this->tmpfile);
diff --git a/wp-includes/kses.php b/wp-includes/kses.php index 0fc416e..3f244bc 100644 --- a/wp-includes/kses.php +++ b/wp-includes/kses.php @@ -1,8 +1,8 @@ <?php // Added wp_ prefix to avoid conflicts with existing kses users -# kses 0.2.1 - HTML/XHTML filter that only allows some elements and attributes -# Copyright (C) 2002, 2003 Ulf Harnhammar +# kses 0.2.2 - HTML/XHTML filter that only allows some elements and attributes +# Copyright (C) 2002, 2003, 2005 Ulf Harnhammar # *** CONTACT INFORMATION *** # # E-mail: metaur at users dot sourceforge dot net @@ -329,7 +329,7 @@ function wp_kses_split2($string, $allowed_html, $allowed_protocols) $elem = $matches[2]; $attrlist = $matches[3]; - if (!@ is_array($allowed_html[strtolower($elem)])) { + if (!@isset($allowed_html[strtolower($elem)])) { wp_kses_reject(sprintf(__('Removed <code><%1$s%2$s></code> tag'), $slash, $elem)); return ''; # They are using a not allowed HTML element @@ -629,6 +629,7 @@ function wp_kses_bad_protocol($string, $allowed_protocols) ############################################################################### { $string = wp_kses_no_null($string); + $string = preg_replace('/\xad+/', '', $string); # deals with Opera "feature" $string2 = $string.'a'; while ($string != $string2) { @@ -641,7 +642,7 @@ function wp_kses_bad_protocol($string, $allowed_protocols) function wp_kses_no_null($string) ############################################################################### -# This function removes any NULL or chr(173) characters in $string. +# This function removes any NULL characters in $string. ############################################################################### { $string = preg_replace('/\0+/', '', $string); @@ -717,6 +718,8 @@ function wp_kses_bad_protocol_once2($string, $allowed_protocols) $string2 = wp_kses_decode_entities($string); $string2 = preg_replace('/\s/', '', $string2); $string2 = wp_kses_no_null($string2); + $string2 = preg_replace('/\xad+/', '', $string2); + # deals with Opera "feature" $string2 = strtolower($string2); $allowed = false; diff --git a/wp-includes/pluggable.php b/wp-includes/pluggable.php index ab054bf..d2e7137 100644 --- a/wp-includes/pluggable.php +++ b/wp-includes/pluggable.php @@ -267,6 +267,7 @@ function wp_redirect($location) { global $is_IIS; $location = preg_replace('|[^a-z0-9-~+_.?#=&;,/:%]|i', '', $location); + $location = wp_kses_no_null($location); $strip = array('%0d', '%0a'); $location = str_replace($strip, '', $location); diff --git a/wp-includes/vars.php b/wp-includes/vars.php index 2573b27..beec34c 100644 --- a/wp-includes/vars.php +++ b/wp-includes/vars.php @@ -34,11 +34,6 @@ $is_IE = (($is_macIE) || ($is_winIE)); $is_apache = ( strstr($_SERVER['SERVER_SOFTWARE'], 'Apache') || strstr($_SERVER['SERVER_SOFTWARE'], 'LiteSpeed') ) ? 1 : 0; $is_IIS = strstr($_SERVER['SERVER_SOFTWARE'], 'Microsoft-IIS') ? 1 : 0; -// On OS X Server, $_SERVER['REMOTE_ADDR'] is the server's address. Workaround this -// by using $_SERVER['HTTP_PC_REMOTE_ADDR'], which *is* the remote address. -if ( isset($_SERVER['HTTP_PC_REMOTE_ADDR']) ) - $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_PC_REMOTE_ADDR']; - // if the config file does not provide the smilies array, let's define it here if (!isset($wpsmiliestrans)) { $wpsmiliestrans = array( diff --git a/wp-includes/wpmu-functions.php b/wp-includes/wpmu-functions.php index b643eb8..c43fcb8 100644 --- a/wp-includes/wpmu-functions.php +++ b/wp-includes/wpmu-functions.php @@ -1332,7 +1332,7 @@ SITE_NAME" ) ); $message = $welcome_email; if( empty( $current_site->site_name ) ) $current_site->site_name = "WordPress MU"; - $subject = sprintf(__('New %s Blog: %s'), $current_site->site_name, $title); + $subject = sprintf(__('New %1$s Blog: %2$s'), $current_site->site_name, $title); wp_mail($user->user_email, $subject, $message, $message_headers); } @@ -1363,7 +1363,7 @@ SITE_NAME" ); $message = $welcome_email; if( empty( $current_site->site_name ) ) $current_site->site_name = "WordPress MU"; - $subject = sprintf(__('New %s User: %s'), $current_site->site_name, $user->user_login); + $subject = sprintf(__('New %1$s User: %2$s'), $current_site->site_name, $user->user_login); wp_mail($user->user_email, $subject, $message, $message_headers); } diff --git a/wp-login.php b/wp-login.php index b169ee5..8ee6e8a 100644 --- a/wp-login.php +++ b/wp-login.php @@ -98,7 +98,7 @@ case 'retrievepassword': $user_email = $user_data->user_email; if (!$user_email || $user_email != $_POST['email']) - die(sprintf(__('Sorry, that user does not seem to exist in our database. Perhaps you have the wrong username or e-mail address? <a href="%s">Try again</a>.'), 'wp-login.php?action=lostpassword')); + wp_die(sprintf(__('Sorry, that user does not seem to exist in our database. Perhaps you have the wrong username or e-mail address? <a href="%s">Try again</a>.'), 'wp-login.php?action=lostpassword')); do_action('retreive_password', $user_login); // Misspelled and deprecated. do_action('retrieve_password', $user_login); @@ -132,10 +132,10 @@ case 'rp' : // Generate something random for a password... md5'ing current time with a rand salt $key = preg_replace('/a-z0-9/i', '', $_GET['key']); if ( empty($key) ) - die( __('Sorry, that key does not appear to be valid.') ); + wp_die( __('Sorry, that key does not appear to be valid.') ); $user = $wpdb->get_row("SELECT * FROM $wpdb->users WHERE user_activation_key = '$key'"); if ( !$user ) - die( __('Sorry, that key does not appear to be valid.') ); + wp_die( __('Sorry, that key does not appear to be valid.') ); do_action('password_reset'); diff --git a/wp-mail.php b/wp-mail.php index 2512907..7ab76f8 100644 --- a/wp-mail.php +++ b/wp-mail.php @@ -17,7 +17,7 @@ if (!$pop3->connect(get_settings('mailserver_url'), get_settings('mailserver_por endif; $count = $pop3->login(get_settings('mailserver_login'), get_settings('mailserver_pass')); -if (0 == $count) die(__('There doesn’t seem to be any new mail.')); +if (0 == $count) wp_die(__('There doesn’t seem to be any new mail.')); for ($i=1; $i <= $count; $i++) : |
