diff options
72 files changed, 1709 insertions, 2718 deletions
diff --git a/wp-admin/admin-ajax.php b/wp-admin/admin-ajax.php index 64c9b06..013e375 100644 --- a/wp-admin/admin-ajax.php +++ b/wp-admin/admin-ajax.php @@ -4,47 +4,50 @@ require_once('includes/admin.php'); define('DOING_AJAX', true); +check_ajax_referer(); if ( !is_user_logged_in() ) die('-1'); function get_out_now() { exit; } add_action( 'shutdown', 'get_out_now', -1 ); +function wp_ajax_meta_row( $pid, $mid, $key, $value ) { + $value = attribute_escape($value); + $key_js = addslashes(wp_specialchars($key, 'double')); + $key = attribute_escape($key); + $r .= "<tr id='meta-$mid'><td valign='top'>"; + $r .= "<input name='meta[$mid][key]' tabindex='6' onkeypress='return killSubmit(\"theList.ajaxUpdater('meta','meta-$mid');\",event);' type='text' size='20' value='$key' />"; + $r .= "</td><td><textarea name='meta[$mid][value]' tabindex='6' rows='2' cols='30'>$value</textarea></td><td align='center'>"; + $r .= "<input name='updatemeta' type='button' class='updatemeta' tabindex='6' value='".attribute_escape(__('Update'))."' onclick='return theList.ajaxUpdater('meta','meta-$mid');' /><br />"; + $r .= "<input name='deletemeta[$mid]' type='submit' onclick=\"return deleteSomething( 'meta', $mid, '"; + $r .= js_escape(sprintf(__("You are about to delete the '%s' custom field on this post.\n'OK' to delete, 'Cancel' to stop."), $key_js)); + $r .= "' );\" class='deletemeta' tabindex='6' value='".attribute_escape(__('Delete'))."' /></td></tr>"; + return $r; +} + $id = (int) $_POST['id']; -switch ( $action = $_POST['action'] ) : -case 'add-post' : - check_ajax_referer( 'add-post' ); - add_filter( 'post_limits', $limit_filter = create_function( '$a', '$b = split(" ",$a); if ( !isset($b[2]) ) return $a; $start = intval(trim($b[1])) / 20 * 15; if ( !is_int($start) ) return $a; $start += intval(trim($b[2])) - 1; return "LIMIT $start, 1";' ) ); - wp_edit_posts_query( $_POST ); - if ( !have_posts() ) - die('1'); - $posts_columns = wp_manage_posts_columns(); - ob_start(); - include( 'edit-post-rows.php' ); - $data = ob_get_contents(); - ob_end_clean(); - if ( !preg_match('|<tbody.+?>(.+)</tbody>|s', $data, $matches) ) - my_dump($data); - $data = trim($matches[1]); - $x = new WP_Ajax_Response( array( 'what' => 'post', 'id' => $id, 'data' => $data ) ); - $x->send(); - break; +switch ( $_POST['action'] ) : case 'delete-comment' : - check_ajax_referer( "delete-comment_$id" ); if ( !$comment = get_comment( $id ) ) die('0'); if ( !current_user_can( 'edit_post', $comment->comment_post_ID ) ) die('-1'); - if ( isset($_POST['spam']) && 1 == $_POST['spam'] ) - $r = wp_set_comment_status( $comment->comment_ID, 'spam' ); - else - $r = wp_delete_comment( $comment->comment_ID ); + if ( wp_delete_comment( $comment->comment_ID ) ) + die('1'); + else die('0'); + break; +case 'delete-comment-as-spam' : + if ( !$comment = get_comment( $id ) ) + die('0'); + if ( !current_user_can( 'edit_post', $comment->comment_post_ID ) ) + die('-1'); - die( $r ? '1' : '0' ); + if ( wp_set_comment_status( $comment->comment_ID, 'spam' ) ) + die('1'); + else die('0'); break; case 'delete-cat' : - check_ajax_referer( "delete-category_$id" ); if ( !current_user_can( 'manage_categories' ) ) die('-1'); @@ -53,7 +56,6 @@ case 'delete-cat' : else die('0'); break; case 'delete-link' : - check_ajax_referer( "delete-bookmark_$id" ); if ( !current_user_can( 'manage_links' ) ) die('-1'); @@ -62,7 +64,6 @@ case 'delete-link' : else die('0'); break; case 'delete-meta' : - check_ajax_referer( 'change_meta' ); if ( !$meta = get_post_meta_by_id( $id ) ) die('0'); if ( !current_user_can( 'edit_post', $meta->post_id ) ) @@ -72,17 +73,14 @@ case 'delete-meta' : die('0'); break; case 'delete-post' : - check_ajax_referer( "{$action}_$id" ); if ( !current_user_can( 'delete_post', $id ) ) die('-1'); if ( wp_delete_post( $id ) ) die('1'); - else - die('0'); + else die('0'); break; case 'delete-page' : - check_ajax_referer( "{$action}_$id" ); if ( !current_user_can( 'delete_page', $id ) ) die('-1'); @@ -99,18 +97,15 @@ case 'dim-comment' : die('-1'); if ( 'unapproved' == wp_get_comment_status($comment->comment_ID) ) { - check_ajax_referer( "approve-comment_$id" ); if ( wp_set_comment_status( $comment->comment_ID, 'approve' ) ) die('1'); } else { - check_ajax_referer( "unapprove-comment_$id" ); if ( wp_set_comment_status( $comment->comment_ID, 'hold' ) ) die('1'); } die('0'); break; case 'add-category' : // On the Fly - check_ajax_referer( $action ); if ( !current_user_can( 'manage_categories' ) ) die('-1'); $names = explode(',', $_POST['newcat']); @@ -125,14 +120,12 @@ case 'add-category' : // On the Fly $x->add( array( 'what' => 'category', 'id' => $cat_id, - 'data' => "<li id='category-$cat_id'><label for='in-category-$cat_id' class='selectit'><input value='$cat_id' type='checkbox' checked='checked' name='post_category[]' id='in-category-$cat_id'/> $cat_name</label></li>", - 'position' => -1 + 'data' => "<li id='category-$cat_id'><label for='in-category-$cat_id' class='selectit'><input value='$cat_id' type='checkbox' checked='checked' name='post_category[]' id='in-category-$cat_id'/> $cat_name</label></li>" ) ); } $x->send(); break; case 'add-link-category' : // On the Fly - check_ajax_referer( $action ); if ( !current_user_can( 'manage_categories' ) ) die('-1'); $names = explode(',', $_POST['newcat']); @@ -143,20 +136,18 @@ case 'add-link-category' : // On the Fly die('0'); if ( !$cat_id = is_term( $cat_name, 'link_category' ) ) { $cat_id = wp_insert_term( $cat_name, 'link_category' ); + $cat_id = $cat_id['term_id']; } - $cat_id = $cat_id['term_id']; $cat_name = wp_specialchars(stripslashes($cat_name)); $x->add( array( 'what' => 'link-category', 'id' => $cat_id, - 'data' => "<li id='link-category-$cat_id'><label for='in-link-category-$cat_id' class='selectit'><input value='$cat_id' type='checkbox' checked='checked' name='link_category[]' id='in-link-category-$cat_id'/> $cat_name</label></li>", - 'position' => -1 + 'data' => "<li id='link-category-$cat_id'><label for='in-link-category-$cat_id' class='selectit'><input value='$cat_id' type='checkbox' checked='checked' name='link_category[]' id='in-link-category-$cat_id'/> $cat_name</label></li>" ) ); } $x->send(); break; case 'add-cat' : // From Manage->Categories - check_ajax_referer( 'add-category' ); if ( !current_user_can( 'manage_categories' ) ) die('-1'); if ( !$cat = wp_insert_category( $_POST ) ) @@ -164,29 +155,28 @@ case 'add-cat' : // From Manage->Categories if ( !$cat = get_category( $cat ) ) die('0'); $level = 0; - $cat_full_name = $cat->name; + $cat_full_name = $cat->cat_name; $_cat = $cat; - while ( $_cat->parent ) { - $_cat = get_category( $_cat->parent ); - $cat_full_name = $_cat->name . ' — ' . $cat_full_name; + while ( $_cat->category_parent ) { + $_cat = get_category( $_cat->category_parent ); + $cat_full_name = $_cat->cat_name . ' — ' . $cat_full_name; $level++; } $cat_full_name = attribute_escape($cat_full_name); $x = new WP_Ajax_Response( array( 'what' => 'cat', - 'id' => $cat->term_id, + 'id' => $cat->cat_ID, 'data' => _cat_row( $cat, $level, $cat_full_name ), - 'supplemental' => array('name' => $cat_full_name, 'show-link' => sprintf(__( 'Category <a href="#%s">%s</a> added' ), "cat-$cat->term_id", $cat_full_name)) + 'supplemental' => array('name' => $cat_full_name, 'show-link' => sprintf(__( 'Category <a href="#%s">%s</a> added' ), "cat-$cat->cat_ID", $cat_full_name)) ) ); $x->send(); break; case 'add-comment' : - check_ajax_referer( $action ); if ( !current_user_can( 'edit_post', $id ) ) die('-1'); $search = isset($_POST['s']) ? $_POST['s'] : false; - $start = isset($_POST['page']) ? intval($_POST['page']) * 25 - 1: 24; + $start = isset($_POST['page']) ? intval($_POST['page']) * 25 : 25; list($comments, $total) = _wp_get_comment_list( $search, $start, 1 ); @@ -208,70 +198,58 @@ case 'add-comment' : $x->send(); break; case 'add-meta' : - check_ajax_referer( 'change_meta' ); - $c = 0; - $pid = (int) $_POST['post_id']; - if ( isset($_POST['addmeta']) ) { - if ( !current_user_can( 'edit_post', $pid ) ) - die('-1'); - if ( $pid < 0 ) { - $now = current_time('timestamp', 1); - if ( $pid = wp_insert_post( array( - 'post_title' => sprintf('Draft created on %s at %s', date(get_option('date_format'), $now), date(get_option('time_format'), $now)) - ) ) ) { - if ( is_wp_error( $pid ) ) { - $x = new WP_Ajax_Response( array( - 'what' => 'meta', - 'data' => $pid - ) ); - $x->send(); - } - $mid = add_meta( $pid ); - } else { - die('0'); - } - } else if ( !$mid = add_meta( $pid ) ) { - die('0'); + if ( !current_user_can( 'edit_post', $id ) ) + die('-1'); + if ( $id < 0 ) { + $now = current_time('timestamp', 1); + if ( $pid = wp_insert_post( array( + 'post_title' => sprintf('Draft created on %s at %s', date(get_option('date_format'), $now), date(get_option('time_format'), $now)) + ) ) ) { + if ( is_wp_error( $pid ) ) + return $pid; + $mid = add_meta( $pid ); } + else + die('0'); + } else if ( !$mid = add_meta( $id ) ) { + die('0'); + } - $meta = get_post_meta_by_id( $mid ); - $pid = (int) $meta->post_id; - $meta = get_object_vars( $meta ); - $x = new WP_Ajax_Response( array( - 'what' => 'meta', - 'id' => $mid, - 'data' => _list_meta_row( $meta, $c ), - 'position' => 1, - 'supplemental' => array('postid' => $pid) - ) ); - } else { - $mid = (int) array_pop(array_keys($_POST['meta'])); - $key = $_POST['meta'][$mid]['key']; - $value = $_POST['meta'][$mid]['value']; - if ( !$meta = get_post_meta_by_id( $mid ) ) - die('0'); // if meta doesn't exist - if ( !current_user_can( 'edit_post', $meta->post_id ) ) - die('-1'); - if ( !$u = update_meta( $mid, $key, $value ) ) - die('1'); // We know meta exists; we also know it's unchanged (or DB error, in which case there are bigger problems). + $meta = get_post_meta_by_id( $mid ); + $key = $meta->meta_key; + $value = $meta->meta_value; + $pid = (int) $meta->post_id; + + $x = new WP_Ajax_Response( array( + 'what' => 'meta', + 'id' => $mid, + 'data' => wp_ajax_meta_row( $pid, $mid, $key, $value ), + 'supplemental' => array('postid' => $pid) + ) ); + $x->send(); + break; +case 'update-meta' : + $mid = (int) array_pop(array_keys($_POST['meta'])); + $key = $_POST['meta'][$mid]['key']; + $value = $_POST['meta'][$mid]['value']; + if ( !$meta = get_post_meta_by_id( $mid ) ) + die('0'); // if meta doesn't exist + if ( !current_user_can( 'edit_post', $meta->post_id ) ) + die('-1'); + if ( $u = update_meta( $mid, $key, $value ) ) { $key = stripslashes($key); $value = stripslashes($value); $x = new WP_Ajax_Response( array( 'what' => 'meta', - 'id' => $mid, 'old_id' => $mid, - 'data' => _list_meta_row( array( - 'meta_key' => $key, - 'meta_value' => $value, - 'meta_id' => $mid - ), $c ), - 'position' => 0, + 'id' => $mid, + 'data' => wp_ajax_meta_row( $meta->post_id, $mid, $key, $value ), 'supplemental' => array('postid' => $meta->post_id) ) ); + $x->send(); } - $x->send(); + die('1'); // We know meta exists; we also know it's unchanged (or DB error, in which case there are bigger problems). break; case 'add-user' : - check_ajax_referer( $action ); if ( !current_user_can('edit_users') ) die('-1'); require_once(ABSPATH . WPINC . '/registration.php'); @@ -283,20 +261,15 @@ case 'add-user' : exit; } $user_object = new WP_User( $user_id ); - $x = new WP_Ajax_Response( array( 'what' => 'user', 'id' => $user_id, 'data' => user_row( $user_object ), - 'supplemental' => array( - 'show-link' => sprintf(__( 'User <a href="#%s">%s</a> added' ), "user-$user_id", $user_object->user_login), - 'role' => $user_object->roles[0] - ) + 'supplemental' => array('show-link' => sprintf(__( 'User <a href="#%s">%s</a> added' ), "user-$user_id", $user_object->user_login)) ) ); $x->send(); break; case 'autosave' : // The name of this action is hardcoded in edit_post() - check_ajax_referer( $action ); $_POST['post_content'] = $_POST['content']; $_POST['post_excerpt'] = $_POST['excerpt']; $_POST['post_status'] = 'draft'; @@ -327,7 +300,6 @@ case 'autosave' : // The name of this action is hardcoded in edit_post() die('0'); break; case 'autosave-generate-nonces' : - check_ajax_referer( $action ); $ID = (int) $_POST['post_ID']; if($_POST['post_type'] == 'post') { if(current_user_can('edit_post', $ID)) diff --git a/wp-admin/categories.php b/wp-admin/categories.php index 6e83a61..59ff4eb 100644 --- a/wp-admin/categories.php +++ b/wp-admin/categories.php @@ -102,7 +102,7 @@ $messages[5] = __('Category not updated.'); <th colspan="2" style="text-align: center"><?php _e('Action') ?></th> </tr> </thead> - <tbody id="the-list" class="list:cat"> + <tbody id="the-list"> <?php cat_rows(); ?> diff --git a/wp-admin/edit-category-form.php b/wp-admin/edit-category-form.php index 69f0528..4696129 100644 --- a/wp-admin/edit-category-form.php +++ b/wp-admin/edit-category-form.php @@ -9,7 +9,7 @@ if ( ! empty($cat_ID) ) { } else { $heading = __('Add Category'); $submit_text = __('Add Category »'); - $form = '<form name="addcat" id="addcat" method="post" action="categories.php" class="add:the-list:">'; + $form = '<form name="addcat" id="addcat" method="post" action="categories.php">'; $action = 'addcat'; $nonce_action = 'add-category'; do_action('add_category_form_pre', $category); diff --git a/wp-admin/edit-comments.php b/wp-admin/edit-comments.php index c761e8c..ab1bdbc 100644 --- a/wp-admin/edit-comments.php +++ b/wp-admin/edit-comments.php @@ -102,27 +102,24 @@ if ('view' == $mode) { $offset = $offset + 1; $start = " start='$offset'"; - echo "<ol id='the-comment-list' class='list:comment commentlist' $start>\n"; + echo "<ol id='the-comment-list' class='commentlist' $start>\n"; $i = 0; foreach ( $comments as $comment ) { + get_comment( $comment ); // Cache it _wp_comment_list_item( $comment->comment_ID, ++$i ); } echo "</ol>\n\n"; if ( $extra_comments ) : ?> <div id="extra-comments" style="display:none"> -<ol id="the-extra-comment-list" class="list:comment commentlist" style="color:red"> +<ul id="the-extra-comment-list" class="commentlist"> <?php foreach ( $extra_comments as $comment ) { get_comment( $comment ); // Cache it - _wp_comment_list_item( $comment->comment_ID, 0 ); + _wp_comment_list_item( $comment->comment_ID, ++$i ); } ?> -</ol> -<form action="" method="get" id="get-extra-comments" class="add:the-extra-comment-list:"> -<input type="hidden" name="page" value="<?php echo $page; ?>" /> -<input type="hidden" name="s" value="<?php echo attribute_escape(@$_GET['s']); ?>" /> -<?php wp_nonce_field( 'add-comment', '_ajax_nonce', false ); ?> +</ul> </div> <?php endif; // $extra_comments ?> @@ -152,8 +149,7 @@ if ( $extra_comments ) : ?> <th scope="col">' . __('Comment Excerpt') . '</th> <th scope="col" colspan="3" style="text-align: center">' . __('Actions') . '</th> </tr> -</thead> -<tbody id="the-comment-list" class="list:comment">'; +</thead>'; foreach ($comments as $comment) { $post = get_post($comment->comment_post_ID); $authordata = get_userdata($post->post_author); @@ -163,7 +159,7 @@ if ( $extra_comments ) : ?> ?> <tr id="comment-<?php echo $comment->comment_ID; ?>" class='<?php echo $class; ?>'> <td style="text-align: center"><?php if ( current_user_can('edit_post', $comment->comment_post_ID) ) { ?><input type="checkbox" name="delete_comments[]" value="<?php echo $comment->comment_ID; ?>" /><?php } ?></td> - <td class="comment-author"><?php comment_author_link() ?></td> + <td><?php comment_author_link() ?></td> <td><?php comment_author_email_link() ?></td> <td><a href="edit-comments.php?s=<?php comment_author_IP() ?>&mode=edit"><?php comment_author_IP() ?></a></td> <td><?php comment_excerpt(); ?></td> @@ -177,14 +173,12 @@ if ( $extra_comments ) : ?> <td><?php if ( current_user_can('edit_post', $comment->comment_post_ID) ) { echo "<a href='comment.php?action=editcomment&c=$comment->comment_ID' class='edit'>" . __('Edit') . "</a>"; } ?></td> <td><?php if ( current_user_can('edit_post', $comment->comment_post_ID) ) { - $url = clean_url( wp_nonce_url( "comment.php?action=deletecomment&p=$comment->comment_post_ID&c=$comment->comment_ID", "delete-comment_$comment->comment_ID" ) ); - echo "<a href='$url' class='delete:the-comment-list:comment-$comment->comment_ID delete'>" . __('Delete') . "</a> "; + echo "<a href=\"comment.php?action=deletecomment&p=".$comment->comment_post_ID."&c=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to delete this comment by '%s'. \n 'Cancel' to stop, 'OK' to delete."), $comment->comment_author )) . "', theCommentList );\" class='delete'>" . __('Delete') . "</a> "; } ?></td> </tr> <?php } // end foreach - ?></tbody> -</table> + ?></table> <p class="submit"><input type="submit" name="delete_button" class="delete" value="<?php _e('Delete Checked Comments »') ?>" onclick="var numchecked = getNumChecked(document.getElementById('deletecomments')); if(numchecked < 1) { alert('<?php echo js_escape(__("Please select some comments to delete")); ?>'); return false } return confirm('<?php echo sprintf(js_escape(__("You are about to delete %s comments permanently \n 'Cancel' to stop, 'OK' to delete.")), "' + numchecked + '"); ?>')" /> <input type="submit" name="spam_button" value="<?php _e('Mark Checked Comments as Spam »') ?>" onclick="var numchecked = getNumChecked(document.getElementById('deletecomments')); if(numchecked < 1) { alert('<?php echo js_escape(__("Please select some comments to mark as spam")); ?>'); return false } return confirm('<?php echo sprintf(js_escape(__("You are about to mark %s comments as spam \n 'Cancel' to stop, 'OK' to mark as spam.")), "' + numchecked + '"); ?>')" /></p> </form> diff --git a/wp-admin/edit-form-advanced.php b/wp-admin/edit-form-advanced.php index 35726f3..ab3adff 100644 --- a/wp-admin/edit-form-advanced.php +++ b/wp-admin/edit-form-advanced.php @@ -74,8 +74,8 @@ addLoadEvent(focusit); <fieldset id="categorydiv" class="dbx-box"> <h3 class="dbx-handle"><?php _e('Categories') ?></h3> <div class="dbx-content"> -<p id="jaxcat"><?php wp_nonce_field( 'add-category', '_ajax_nonce', false ); ?></p> -<ul id="categorychecklist" class="list:category"><?php dropdown_categories(); ?></ul></div> +<p id="jaxcat"></p> +<ul id="categorychecklist"><?php dropdown_categories(); ?></ul></div> </fieldset> <fieldset id="commentstatusdiv" class="dbx-box"> diff --git a/wp-admin/edit-link-form.php b/wp-admin/edit-link-form.php index 920ebe4..e281d30 100644 --- a/wp-admin/edit-link-form.php +++ b/wp-admin/edit-link-form.php @@ -42,8 +42,8 @@ function xfn_check($class, $value = '', $type = 'check') { <fieldset id="categorydiv" class="dbx-box"> <h3 class="dbx-handle"><?php _e('Categories') ?></h3> <div class="dbx-content"> -<p id="jaxcat"><?php wp_nonce_field( 'add-link-category', '_ajax_nonce', false ); ?></p> -<ul id="categorychecklist" class="list:link-category"><?php dropdown_link_categories(get_option('default_link_category')); ?></ul> +<p id="jaxcat"></p> +<ul id="linkcategorychecklist"><?php dropdown_link_categories(get_option('default_link_category')); ?></ul> </div> </fieldset> diff --git a/wp-admin/edit-pages.php b/wp-admin/edit-pages.php index d9fa2ff..f263348 100644 --- a/wp-admin/edit-pages.php +++ b/wp-admin/edit-pages.php @@ -2,7 +2,7 @@ require_once('admin.php'); $title = __('Pages'); $parent_file = 'edit.php'; -wp_enqueue_script( 'wp-lists' ); +wp_enqueue_script( 'listman' ); require_once('admin-header.php'); $post_stati = array( // array( adj, noun ) @@ -20,12 +20,9 @@ if ( isset($_GET['post_status']) && in_array( $_GET['post_status'], array_keys($ } ?> -<script> -/* <![CDATA[ */ -jQuery(function($){$('#the-list').wpList();}); -/* ]]> */ -</script> + <div class="wrap"> + <h2><?php // Use $_GET instead of is_ since they can override each other $h2_search = isset($_GET['s']) && $_GET['s'] ? ' ' . sprintf(__('matching “%s”'), wp_specialchars( stripslashes( $_GET['s'] ) ) ) : ''; @@ -84,7 +81,7 @@ if ($posts) { <th scope="col" colspan="3" style="text-align: center"><?php _e('Action'); ?></th> </tr> </thead> - <tbody id="the-list" class="list:page"> + <tbody id="the-list"> <?php page_rows(0, 0, $posts, $all); ?> </tbody> </table> diff --git a/wp-admin/edit-post-rows.php b/wp-admin/edit-post-rows.php index d41f2df..c5e3a58 100644 --- a/wp-admin/edit-post-rows.php +++ b/wp-admin/edit-post-rows.php @@ -9,16 +9,13 @@ </tr> </thead> - <tbody id="the-list" class="list:post"> + <tbody id="the-list"> <?php -$i_post = 0; if ( have_posts() ) { $bgcolor = ''; add_filter('the_title','wp_specialchars'); -while (have_posts()) : the_post(); $i_post++; -if ( 16 == $i_post ) - echo "\t</tbody>\n\t<tbody id='the-extra-list' class='list:post' style='display: none'>\n"; // Hack! -$class = ( $i_post > 15 || 'alternate' == $class) ? '' : 'alternate'; +while (have_posts()) : the_post(); +$class = ('alternate' == $class) ? '' : 'alternate'; global $current_user; $post_owner = ( $current_user->ID == $post->post_author ? 'self' : 'other' ); ?> @@ -94,7 +91,7 @@ foreach($posts_columns as $column_name=>$column_display_name) { case 'control_delete': ?> - <td><?php if ( current_user_can('delete_post',$post->ID) ) { echo "<a href='" . wp_nonce_url("post.php?action=delete&post=$id", 'delete-post_' . $post->ID) . "' class='delete:the-list:post-$post->ID delete'>" . __('Delete') . "</a>"; } ?></td> + <td><?php if ( current_user_can('delete_post',$post->ID) ) { echo "<a href='" . wp_nonce_url("post.php?action=delete&post=$id", 'delete-post_' . $post->ID) . "' class='delete' onclick=\"return deleteSomething( 'post', " . $id . ", '" . js_escape(sprintf(__("You are about to delete this post '%s'.\n'OK' to delete, 'Cancel' to stop."), get_the_title())) . "' );\">" . __('Delete') . "</a>"; } ?></td> <?php break; diff --git a/wp-admin/edit.php b/wp-admin/edit.php index 6e8d978..ba4cc04 100644 --- a/wp-admin/edit.php +++ b/wp-admin/edit.php @@ -3,21 +3,67 @@ require_once('admin.php'); $title = __('Posts'); $parent_file = 'edit.php'; -wp_enqueue_script( 'admin-posts' ); -if ( 1 == $_GET['c'] ) - wp_enqueue_script( 'admin-comments' ); +wp_enqueue_script( 1 == $_GET['c'] ? 'admin-comments' : 'listman' ); require_once('admin-header.php'); -add_filter( 'post_limits', $limit_filter = create_function( '$a', '$b = split(" ",$a); if ( !isset($b[2]) ) return $a; $start = intval(trim($b[1])) / 20 * 15; if ( !is_int($start) ) return $a; return "LIMIT $start, 20";' ) ); -list($post_stati, $avail_post_stati) = wp_edit_posts_query(); -$wp_query->max_num_pages = ceil( $wp_query->found_posts / 15 ); // We grab 20 but only show 15 ( 5 more for ajax extra ) +$_GET['m'] = (int) $_GET['m']; +$_GET['cat'] = (int) $_GET['cat']; +$post_stati = array( // array( adj, noun ) + 'publish' => array(__('Published'), __('Published posts')), + 'future' => array(__('Scheduled'), __('Scheduled posts')), + 'pending' => array(__('Pending Review'), __('Pending posts')), + 'draft' => array(__('Draft'), _c('Drafts|manage posts header')), + 'private' => array(__('Private'), __('Private posts')) + ); + +$avail_post_stati = $wpdb->get_col("SELECT DISTINCT post_status FROM $wpdb->posts WHERE post_type = 'post'"); + +$post_status_q = ''; +$post_status_label = __('Posts'); +if ( isset($_GET['post_status']) && in_array( $_GET['post_status'], array_keys($post_stati) ) ) { + $post_status_label = $post_stati[$_GET['post_status']][1]; + $post_status_q = '&post_status=' . $_GET['post_status']; +} ?> <div class="wrap"> <?php -$posts_columns = wp_manage_posts_columns(); +if ( 'pending' === $_GET['post_status'] ) { + $order = 'ASC'; + $orderby = 'modified'; +} elseif ( 'draft' === $_GET['post_status'] ) { + $order = 'DESC'; + $orderby = 'modified'; +} else { + $order = 'DESC'; + $orderby = 'date'; +} + +wp("what_to_show=posts$post_status_q&posts_per_page=15&order=$order&orderby=$orderby"); + +// define the columns to display, the syntax is 'internal name' => 'display name' +$posts_columns = array(); +$posts_columns['id'] = '<div style="text-align: center">' . __('ID') . '</div>'; +if ( 'draft' === $_GET['post_status'] ) + $posts_columns['modified'] = __('Modified'); +elseif ( 'pending' === $_GET['post_status'] ) + $posts_columns['modified'] = __('Submitted'); +else + $posts_columns['date'] = __('When'); +$posts_columns['title'] = __('Title'); +$posts_columns['categories'] = __('Categories'); +if ( !in_array($_GET['post_status'], array('pending', 'draft', 'future')) ) + $posts_columns['comments'] = '<div style="text-align: center">' . __('Comments') . '</div>'; +$posts_columns['author'] = __('Author'); + +$posts_columns = apply_filters('manage_posts_columns', $posts_columns); + +// you can not edit these at the moment +$posts_columns['control_view'] = ''; +$posts_columns['control_edit'] = ''; +$posts_columns['control_delete'] = ''; ?> @@ -116,10 +162,6 @@ if ( $month_count && !( 1 == $month_count && 0 == $arc_result[0]->mmonth ) ) { ? <?php include( 'edit-post-rows.php' ); ?> -<form action="" method="post" id="get-extra-posts" class="add:the-extra-list:" style="display:none"> - <?php wp_nonce_field( 'add-post', '_ajax_nonce', false ); ?> -</form> - <div id="ajax-response"></div> <div class="navigation"> @@ -133,21 +175,48 @@ if ( 1 == count($posts) ) { $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = $id AND comment_approved != 'spam' ORDER BY comment_date"); if ($comments) { - // Make sure comments, post, and post_author are cached update_comment_cache($comments); - $post = get_post($id); - $authordata = get_userdata($post->post_author); ?> <h3 id="comments"><?php _e('Comments') ?></h3> -<ol id="the-comment-list" class="list:comment commentlist"> +<ol id="the-comment-list" class="commentlist"> <?php - $i = 0; - foreach ( $comments as $comment ) { - _wp_comment_list_item( $comment->comment_ID, ++$i ); - } - echo '</ol>'; - } // end if comments +$i = 0; +foreach ($comments as $comment) { + + ++$i; $class = ''; + $post = get_post($comment->comment_post_ID); + $authordata = get_userdata($post->post_author); + $comment_status = wp_get_comment_status($comment->comment_ID); + if ('unapproved' == $comment_status) + $class .= ' unapproved'; + if ($i % 2) + $class .= ' alternate'; + echo "<li id='comment-$comment->comment_ID' class='$class'>"; ?> +<p><strong><?php comment_author() ?></strong> <?php if ($comment->comment_author_email) { ?>| <?php comment_author_email_link() ?> <?php } if ($comment->comment_author_url && 'http://' != $comment->comment_author_url) { ?> | <?php comment_author_url_link() ?> <?php } ?>| <?php _e('IP:') ?> <a href="edit-comments.php?s=<?php comment_author_IP() ?>&mode=edit"><?php comment_author_IP() ?></a></p> + +<?php comment_text() ?> + +<p><?php comment_date(__('M j, g:i A')); ?> — [ +<?php +if ( current_user_can('edit_post', $comment->comment_post_ID) ) { + echo " <a href='comment.php?action=editcomment&c=".$comment->comment_ID."'>" . __('Edit') . '</a>'; + echo ' | <a href="' . wp_nonce_url('comment.php?action=deletecomment&p=' . $comment->comment_post_ID . '&c=' . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . '" onclick="return deleteSomething( \'comment\', ' . $comment->comment_ID . ', \'' . js_escape(sprintf(__("You are about to delete this comment by '%s'.\n'Cancel' to stop, 'OK' to delete."), $comment->comment_author)) . "', theCommentList );\">" . __('Delete') . '</a> '; + if ( ('none' != $comment_status) && ( current_user_can('moderate_comments') ) ) { + echo '<span class="unapprove"> | <a href="' . wp_nonce_url('comment.php?action=unapprovecomment&p=' . $comment->comment_post_ID . '&c=' . $comment->comment_ID, 'unapprove-comment_' . $comment->comment_ID) . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\', theCommentList );">' . __('Unapprove') . '</a> </span>'; + echo '<span class="approve"> | <a href="' . wp_nonce_url('comment.php?action=approvecomment&p=' . $comment->comment_post_ID . '&c=' . $comment->comment_ID, 'approve-comment_' . $comment->comment_ID) . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\', theCommentList );">' . __('Approve') . '</a> </span>'; + } + echo " | <a href=\"" . wp_nonce_url("comment.php?action=deletecomment&dt=spam&p=" . $comment->comment_post_ID . "&c=" . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . "\" onclick=\"return deleteSomething( 'comment-as-spam', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to mark as spam this comment by '%s'.\n'Cancel' to stop, 'OK' to mark as spam."), $comment->comment_author)) . "', theCommentList );\">" . __('Spam') . "</a> "; +} +?> ] +</p> + </li> + +<?php //end of the loop, don't delete + } // end foreach + echo '</ol>'; + }//end if comments + ?> <?php } ?> </div> diff --git a/wp-admin/export.php b/wp-admin/export.php index b3d9495..69741bc 100644 --- a/wp-admin/export.php +++ b/wp-admin/export.php @@ -182,7 +182,7 @@ echo '<?xml version="1.0" encoding="' . get_bloginfo('charset') . '"?' . ">\n"; <!-- 6. WordPress will then import each of the posts, comments, and categories --> <!-- contained in this file into your blog --> -<?php the_generator('export');?> +<!-- generator="wordpress/<?php bloginfo_rss('version') ?>" created="<?php echo date('Y-m-d H:i'); ?>"--> <rss version="2.0" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:wfw="http://wellformedweb.org/CommentAPI/" diff --git a/wp-admin/import/mt.php b/wp-admin/import/mt.php index 44bdd61..fc59794 100644 --- a/wp-admin/import/mt.php +++ b/wp-admin/import/mt.php @@ -138,7 +138,7 @@ class MT_Import { $j = -1; foreach ($authors as $author) { ++ $j; - echo '<li><i>'.$author.'</i><br />'.'<input type="text" value="'.$author.'" name="'.'user[]'.'" maxlength="30">'; + echo '<li>'.__('Current author:').' <strong>'.$author.'</strong><br />'.'<input type="text" value="'.$author.'" name="'.'user[]'.'" maxlength="30">'; $this->users_form($j); echo '</li>'; } diff --git a/wp-admin/includes/plugin.php b/wp-admin/includes/plugin.php index 3c4f474..e5911bd 100644 --- a/wp-admin/includes/plugin.php +++ b/wp-admin/includes/plugin.php @@ -86,48 +86,6 @@ function get_plugins() { return $wp_plugins; } -function activate_plugin($plugin) { - $current = get_option('active_plugins'); - $plugin = trim($plugin); - - if ( validate_file($plugin) ) - return new WP_Error('plugin_invalid', __('Invalid plugin.')); - if ( ! file_exists(ABSPATH . PLUGINDIR . '/' . $plugin) ) - return new WP_Error('plugin_not_found', __('Plugin file does not exist.')); - - if (!in_array($plugin, $current)) { - wp_redirect(add_query_arg('_error_nonce', wp_create_nonce('plugin-activation-error_' . $plugin), 'plugins.php?error=true&plugin=' . $plugin)); // we'll override this later if the plugin can be included without fatal error - ob_start(); - @include(ABSPATH . PLUGINDIR . '/' . $plugin); - $current[] = $plugin; - sort($current); - update_option('active_plugins', $current); - do_action('activate_' . $plugin); - ob_end_clean(); - } - - return null; -} - -function deactivate_plugins($plugins) { - $current = get_option('active_plugins'); - - if(!is_array($plugins)) - $plugins = array($plugins); - - foreach($plugins as $plugin) { - array_splice($current, array_search( $plugin, $current), 1 ); // Array-fu! - do_action('deactivate_' . trim( $plugin )); - } - - update_option('active_plugins', $current); -} - -function deactivate_all_plugins() { - $current = get_option('active_plugins'); - deactivate_plugins($current); -} - // // Menu // diff --git a/wp-admin/includes/post.php b/wp-admin/includes/post.php index 3c9cc77..acd6e64 100644 --- a/wp-admin/includes/post.php +++ b/wp-admin/includes/post.php @@ -348,8 +348,6 @@ function add_meta( $post_ID ) { if ( in_array($metakey, $protected) ) return false; - wp_cache_delete($post_ID, 'post_meta'); - $result = $wpdb->query( " INSERT INTO $wpdb->postmeta (post_id,meta_key,meta_value ) @@ -364,9 +362,6 @@ function delete_meta( $mid ) { global $wpdb; $mid = (int) $mid; - $post_id = $wpdb->get_var("SELECT post_id FROM $wpdb->postmeta WHERE meta_id = '$mid'"); - wp_cache_delete($post_id, 'post_meta'); - return $wpdb->query( "DELETE FROM $wpdb->postmeta WHERE meta_id = '$mid'" ); } @@ -413,9 +408,6 @@ function update_meta( $mid, $mkey, $mvalue ) { if ( in_array($mkey, $protected) ) return false; - $post_id = $wpdb->get_var("SELECT post_id FROM $wpdb->postmeta WHERE meta_id = '$mid'"); - wp_cache_delete($post_id, 'post_meta'); - $mvalue = maybe_serialize( stripslashes( $mvalue )); $mvalue = $wpdb->escape( $mvalue ); $mid = (int) $mid; @@ -476,43 +468,4 @@ function _relocate_children( $old_ID, $new_ID ) { return $wpdb->query( "UPDATE $wpdb->posts SET post_parent = $new_ID WHERE post_parent = $old_ID" ); } -function wp_edit_posts_query( $q = false ) { - global $wpdb; - if ( false === $q ) - $q = $_GET; - $q['m'] = (int) $q['m']; - $q['cat'] = (int) $q['cat']; - $post_stati = array( // array( adj, noun ) - 'draft' => array(__('Draft'), _c('Drafts|manage posts header')), - 'future' => array(__('Scheduled'), __('Scheduled posts')), - 'pending' => array(__('Pending Review'), __('Pending posts')), - 'private' => array(__('Private'), __('Private posts')), - 'publish' => array(__('Published'), __('Published posts')) - ); - - $avail_post_stati = $wpdb->get_col("SELECT DISTINCT post_status FROM $wpdb->posts WHERE post_type = 'post'"); - - $post_status_q = ''; - $post_status_label = _c('Posts|manage posts header'); - if ( isset($q['post_status']) && in_array( $q['post_status'], array_keys($post_stati) ) ) { - $post_status_label = $post_stati[$q['post_status']][1]; - $post_status_q = '&post_status=' . $q['post_status']; - } - - if ( 'pending' === $q['post_status'] ) { - $order = 'ASC'; - $orderby = 'modified'; - } elseif ( 'draft' === $q['post_status'] ) { - $order = 'DESC'; - $orderby = 'modified'; - } else { - $order = 'DESC'; - $orderby = 'date'; - } - - wp("what_to_show=posts$post_status_q&posts_per_page=20&order=$order&orderby=$orderby"); - - return array($post_stati, $avail_post_stati); -} - ?> diff --git a/wp-admin/includes/schema.php b/wp-admin/includes/schema.php index d76d5f7..de4e949 100644 --- a/wp-admin/includes/schema.php +++ b/wp-admin/includes/schema.php @@ -4,7 +4,7 @@ global $wp_queries; $charset_collate = ''; -if ( $wpdb->supports_collation() ) { +if ( version_compare(mysql_get_server_info(), '4.1.0', '>=') ) { if ( ! empty($wpdb->charset) ) $charset_collate = "DEFAULT CHARACTER SET $wpdb->charset"; if ( ! empty($wpdb->collate) ) @@ -334,11 +334,11 @@ function populate_roles_160() { global $wp_roles; // Add roles - add_role('administrator', _c('Administrator|User role')); - add_role('editor', _c('Editor|User role')); - add_role('author', _c('Author|User role')); - add_role('contributor', _c('Contributor|User role')); - add_role('subscriber', _c('Subscriber|User role')); + add_role('administrator', __('Administrator')); + add_role('editor', __('Editor')); + add_role('author', __('Author')); + add_role('contributor', __('Contributor')); + add_role('subscriber', __('Subscriber')); // Add caps for Administrator role $role = get_role('administrator'); diff --git a/wp-admin/includes/template.php b/wp-admin/includes/template.php index c604d4c..ff809ec 100644 --- a/wp-admin/includes/template.php +++ b/wp-admin/includes/template.php @@ -41,7 +41,7 @@ function _cat_row( $category, $level, $name_override = false ) { $default_link_cat_id = (int) get_option( 'default_link_category' ); if ( $category->term_id != $default_cat_id ) - $edit .= "<td><a href='" . wp_nonce_url( "categories.php?action=delete&cat_ID=$category->term_id", 'delete-category_' . $category->term_id ) . "' class='delete:the-list:cat-$category->term_id delete'>".__( 'Delete' )."</a>"; + $edit .= "<td><a href='" . wp_nonce_url( "categories.php?action=delete&cat_ID=$category->term_id", 'delete-category_' . $category->term_id ) . "' onclick=\"return deleteSomething( 'cat', $category->term_id, '" . js_escape(sprintf( __("You are about to delete the category '%s'.\nAll posts that were only assigned to this category will be assigned to the '%s' category.\nAll links that were only assigned to this category will be assigned to the '%s' category.\n'OK' to delete, 'Cancel' to stop." ), $category->name, get_catname( $default_cat_id ), get_catname( $default_link_cat_id ) )) . "' );\" class='delete'>".__( 'Delete' )."</a>"; else $edit .= "<td style='text-align:center'>".__( "Default" ); } else @@ -164,31 +164,6 @@ function dropdown_link_categories( $default = 0 ) { } } -// define the columns to display, the syntax is 'internal name' => 'display name' -function wp_manage_posts_columns() { - $posts_columns = array(); - $posts_columns['id'] = '<div style="text-align: center">' . __('ID') . '</div>'; - if ( 'draft' === $_GET['post_status'] ) - $posts_columns['modified'] = __('Modified'); - elseif ( 'pending' === $_GET['post_status'] ) - $posts_columns['modified'] = __('Submitted'); - else - $posts_columns['date'] = __('When'); - $posts_columns['title'] = __('Title'); - $posts_columns['categories'] = __('Categories'); - if ( !in_array($_GET['post_status'], array('pending', 'draft', 'future')) ) - $posts_columns['comments'] = '<div style="text-align: center">' . __('Comments') . '</div>'; - $posts_columns['author'] = __('Author'); - $posts_columns = apply_filters('manage_posts_columns', $posts_columns); - - // you can not edit these at the moment - $posts_columns['control_view'] = ''; - $posts_columns['control_edit'] = ''; - $posts_columns['control_delete'] = ''; - - return $posts_columns; -} - function page_rows( $parent = 0, $level = 0, $pages = 0, $hierarchy = true ) { global $wpdb, $class, $post; @@ -215,9 +190,9 @@ function page_rows( $parent = 0, $level = 0, $pages = 0, $hierarchy = true ) { </td> <td><?php the_author() ?></td> <td><?php if ( '0000-00-00 00:00:00' ==$post->post_modified ) _e('Unpublished'); else echo mysql2date( __('Y-m-d g:i a'), $post->post_modified ); ?></td> - <td><a href="<?php the_permalink(); ?>" rel="permalink" class="view"><?php _e( 'View' ); ?></a></td> + <td><a href="<?php the_permalink(); ?>" rel="permalink" class="view"><?php _e( 'View' ); ?></a></td> <td><?php if ( current_user_can( 'edit_page', $id ) ) { echo "<a href='page.php?action=edit&post=$id' class='edit'>" . __( 'Edit' ) . "</a>"; } ?></td> - <td><?php if ( current_user_can( 'delete_page', $id ) ) { echo "<a href='" . wp_nonce_url( "page.php?action=delete&post=$id", 'delete-page_' . $id ) . "' class='delete:the-list:page-$id delete'>" . __( 'Delete' ) . "</a>"; } ?></td> + <td><?php if ( current_user_can( 'delete_page', $id ) ) { echo "<a href='" . wp_nonce_url( "page.php?action=delete&post=$id", 'delete-page_' . $id ) . "' class='delete' onclick=\"return deleteSomething( 'page', " . $id . ", '" . js_escape(sprintf( __("You are about to delete the '%s' page.\n'OK' to delete, 'Cancel' to stop." ), get_the_title() ) ) . "' );\">" . __( 'Delete' ) . "</a>"; } ?></td> </tr> <?php @@ -289,45 +264,38 @@ function _wp_get_comment_list( $s = false, $start, $num ) { function _wp_comment_list_item( $id, $alt = 0 ) { global $authordata, $comment, $wpdb; + $id = (int) $id; $comment =& get_comment( $id ); - $id = (int) $comment->comment_ID; $class = ''; $post = get_post($comment->comment_post_ID); $authordata = get_userdata($post->post_author); - $comment_status = wp_get_comment_status($id); + $comment_status = wp_get_comment_status($comment->comment_ID); if ( 'unapproved' == $comment_status ) $class .= ' unapproved'; if ( $alt % 2 ) $class .= ' alternate'; - echo "<li id='comment-$id' class='$class'>"; + echo "<li id='comment-$comment->comment_ID' class='$class'>"; ?> -<p><strong class="comment-author"><?php comment_author(); ?></strong> <?php if ($comment->comment_author_email) { ?>| <?php comment_author_email_link() ?> <?php } if ($comment->comment_author_url && 'http://' != $comment->comment_author_url) { ?> | <?php comment_author_url_link() ?> <?php } ?>| <?php _e('IP:') ?> <a href="http://ws.arin.net/cgi-bin/whois.pl?queryinput=<?php comment_author_IP() ?>"><?php comment_author_IP() ?></a></p> +<p><strong><?php comment_author(); ?></strong> <?php if ($comment->comment_author_email) { ?>| <?php comment_author_email_link() ?> <?php } if ($comment->comment_author_url && 'http://' != $comment->comment_author_url) { ?> | <?php comment_author_url_link() ?> <?php } ?>| <?php _e('IP:') ?> <a href="http://ws.arin.net/cgi-bin/whois.pl?queryinput=<?php comment_author_IP() ?>"><?php comment_author_IP() ?></a></p> <?php comment_text() ?> <p><?php comment_date(__('M j, g:i A')); ?> — [ <?php if ( current_user_can('edit_post', $comment->comment_post_ID) ) { - echo " <a href='comment.php?action=editcomment&c=$id'>" . __('Edit') . '</a>'; - $url = clean_url( wp_nonce_url( "comment.php?action=deletecomment&p=$comment->comment_post_ID&c=$id", "delete-comment_$id" ) ); - echo " | <a href='$url' class='delete:the-comment-list:comment-$id'>" . __('Delete') . '</a> '; + echo " <a href='comment.php?action=editcomment&c=".$comment->comment_ID."'>" . __('Edit') . '</a>'; + echo ' | <a href="' . wp_nonce_url('comment.php?action=deletecomment&p=' . $comment->comment_post_ID . '&c=' . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . '" onclick="return deleteSomething( \'comment\', ' . $comment->comment_ID . ', \'' . js_escape(sprintf(__("You are about to delete this comment by '%s'.\n'Cancel' to stop, 'OK' to delete."), $comment->comment_author)) . "', theCommentList );\">" . __('Delete') . '</a> '; if ( ('none' != $comment_status) && ( current_user_can('moderate_comments') ) ) { - $url = clean_url( wp_nonce_url( "comment.php?action=unapprovecomment&p=$comment->comment_post_ID&c=$id", "unapprove-comment_$id" ) ); - echo "<span class='unapprove'> | <a href='$url' class='dim:the-comment-list:comment-$id:unapproved:FF3333'>" . __('Unapprove') . '</a> </span>'; - $url = clean_url( wp_nonce_url( "comment.php?action=approvecomment&p=$comment->comment_post_ID&c=$id", "approve-comment_$id" ) ); - echo "<span class='approve'> | <a href='$url' class='dim:the-comment-list:comment-$id:unapproved:FFFF33:FFFF33'>" . __('Approve') . '</a> </span>'; + echo '<span class="unapprove"> | <a href="' . wp_nonce_url('comment.php?action=unapprovecomment&p=' . $comment->comment_post_ID . '&c=' . $comment->comment_ID, 'unapprove-comment_' . $comment->comment_ID) . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\', theCommentList );">' . __('Unapprove') . '</a> </span>'; + echo '<span class="approve"> | <a href="' . wp_nonce_url('comment.php?action=approvecomment&p=' . $comment->comment_post_ID . '&c=' . $comment->comment_ID, 'approve-comment_' . $comment->comment_ID) . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\', theCommentList );">' . __('Approve') . '</a> </span>'; } - $url = clean_url( wp_nonce_url( "comment.php?action=deletecomment&dt=spam&p=$comment->comment_post_ID&c=$id", "delete-comment_$id" ) ); - echo " | <a href='$url' class='delete:the-comment-list:comment-$id::spam=1'>" . __('Spam') . '</a> '; + echo " | <a href=\"" . wp_nonce_url("comment.php?action=deletecomment&dt=spam&p=" . $comment->comment_post_ID . "&c=" . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . "\" onclick=\"return deleteSomething( 'comment-as-spam', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to mark as spam this comment by '%s'.\n'Cancel' to stop, 'OK' to mark as spam."), $comment->comment_author)) . "', theCommentList );\">" . __('Spam') . "</a> "; } -if ( !is_single() ) { - $post = get_post($comment->comment_post_ID, OBJECT, 'display'); - $post_title = wp_specialchars( $post->post_title, 'double' ); - $post_title = ('' == $post_title) ? "# $comment->comment_post_ID" : $post_title; +$post = get_post($comment->comment_post_ID, OBJECT, 'display'); +$post_title = wp_specialchars( $post->post_title, 'double' ); +$post_title = ('' == $post_title) ? "# $comment->comment_post_ID" : $post_title; ?> - ] — <a href="<?php echo get_permalink($comment->comment_post_ID); ?>"><?php echo $post_title; ?></a> -<?php } ?> -</p> + ] — <a href="<?php echo get_permalink($comment->comment_post_ID); ?>"><?php echo $post_title; ?></a></p> </li> <?php } @@ -358,7 +326,7 @@ function list_meta( $meta ) { global $post_ID; // Exit if no meta if (!$meta ) { - echo '<tbody id="the-list" class="list:meta"><tr style="display: none;"><td> </td></tr></tbody>'; //TBODY needed for list-manipulation JS + echo '<tbody id="the-list"><tr style="display: none;"><td> </td></tr></tbody>'; //TBODY needed for list-manipulation JS return; } $count = 0; @@ -370,47 +338,43 @@ function list_meta( $meta ) { <th colspan='2'><?php _e( 'Action' ) ?></th> </tr> </thead> - <tbody id='the-list' class='list:meta'> <?php - foreach ( $meta as $entry ) - echo _list_meta_row( $entry, $count ); - echo "\n\t</tbody>"; -} - -function _list_meta_row( $entry, &$count ) { - $r = ''; - ++ $count; - if ( $count % 2 ) - $style = 'alternate'; - else - $style = ''; - if ('_' == $entry['meta_key'] { 0 } ) - $style .= ' hidden'; - - if ( is_serialized( $entry['meta_value'] ) ) { - if ( is_serialized_string( $entry['meta_value'] ) ) { - // this is a serialized string, so we should display it - $entry['meta_value'] = maybe_unserialize( $entry['meta_value'] ); - } else { - // this is a serialized array/object so we should NOT display it - --$count; - return; + $r ="\n\t<tbody id='the-list'>"; + foreach ( $meta as $entry ) { + ++ $count; + if ( $count % 2 ) + $style = 'alternate'; + else + $style = ''; + if ('_' == $entry['meta_key'] { 0 } ) + $style .= ' hidden'; + + if ( is_serialized( $entry['meta_value'] ) ) { + if ( is_serialized_string( $entry['meta_value'] ) ) { + // this is a serialized string, so we should display it + $entry['meta_value'] = maybe_unserialize( $entry['meta_value'] ); + } else { + // this is a serialized array/object so we should NOT display it + --$count; + continue; + } } - } - $key_js = js_escape( $entry['meta_key'] ); - $entry['meta_key'] = attribute_escape($entry['meta_key']); - $entry['meta_value'] = attribute_escape($entry['meta_value']); - $entry['meta_id'] = (int) $entry['meta_id']; - $r .= "\n\t<tr id='meta-{$entry['meta_id']}' class='$style'>"; - $r .= "\n\t\t<td valign='top'><input name='meta[{$entry['meta_id']}][key]' tabindex='6' type='text' size='20' value='{$entry['meta_key']}' /></td>"; - $r .= "\n\t\t<td><textarea name='meta[{$entry['meta_id']}][value]' tabindex='6' rows='2' cols='30'>{$entry['meta_value']}</textarea></td>"; - $r .= "\n\t\t<td align='center'><input name='updatemeta' type='submit' tabindex='6' value='".attribute_escape(__( 'Update' ))."' class='add:the-list:meta-{$entry['meta_id']} updatemeta' /><br />"; - $r .= "\n\t\t<input name='deletemeta[{$entry['meta_id']}]' type='submit' "; - $r .= "class='delete:the-list:meta-{$entry['meta_id']} deletemeta' tabindex='6' value='".attribute_escape(__( 'Delete' ))."' />"; - $r .= "<input type='hidden' name='_ajax_nonce' value='$nonce' />"; - $r .= "</td>\n\t</tr>"; - return $r; + $key_js = js_escape( $entry['meta_key'] ); + $entry['meta_key'] = attribute_escape($entry['meta_key']); + $entry['meta_value'] = attribute_escape($entry['meta_value']); + $entry['meta_id'] = (int) $entry['meta_id']; + $r .= "\n\t<tr id='meta-{$entry['meta_id']}' class='$style'>"; + $r .= "\n\t\t<td valign='top'><input name='meta[{$entry['meta_id']}][key]' tabindex='6' type='text' size='20' value='{$entry['meta_key']}' /></td>"; + $r .= "\n\t\t<td><textarea name='meta[{$entry['meta_id']}][value]' tabindex='6' rows='2' cols='30'>{$entry['meta_value']}</textarea></td>"; + $r .= "\n\t\t<td align='center'><input name='updatemeta' type='submit' class='updatemeta' tabindex='6' value='".attribute_escape(__( 'Update' ))."' /><br />"; + $r .= "\n\t\t<input name='deletemeta[{$entry['meta_id']}]' type='submit' onclick=\"return deleteSomething( 'meta', {$entry['meta_id']}, '"; + $r .= js_escape(sprintf( __("You are about to delete the '%s' custom field on this post.\n'OK' to delete, 'Cancel' to stop." ), $key_js ) ); + $r .= "' );\" class='deletemeta' tabindex='6' value='".attribute_escape(__( 'Delete' ))."' /></td>"; + $r .= "\n\t</tr>"; + } + echo $r; + echo "\n\t</tbody>"; } function meta_form() { @@ -451,11 +415,8 @@ function meta_form() { <td><textarea id="metavalue" name="metavalue" rows="3" cols="25" tabindex="8"></textarea></td> </tr> -<tr class="submit"><td colspan="3"> - <?php wp_nonce_field( 'change_meta', '_ajax_nonce', false ); ?> - <input type="submit" id="addmetasub" name="addmeta" class="add:the-list:newmeta" tabindex="9" value="<?php _e( 'Add Custom Field »' ) ?>" /> -</td></tr> </table> +<p class="submit"><input type="submit" id="updatemetasub" name="updatemeta" tabindex="9" value="<?php _e( 'Add Custom Field »' ) ?>" /></p> <?php } diff --git a/wp-admin/includes/upgrade.php b/wp-admin/includes/upgrade.php index b30daef..797e6e7 100644 --- a/wp-admin/includes/upgrade.php +++ b/wp-admin/includes/upgrade.php @@ -1253,10 +1253,12 @@ function translate_level_to_role($level) { } function wp_check_mysql_version() { - global $wpdb; - $result = $wpdb->check_database_version(); - if ( is_wp_error( $result ) ) - die( $result->get_error_message() ); + global $wp_version; + + // Make sure the server has MySQL 4.0 + $mysql_version = preg_replace('|[^0-9\.]|', '', @mysql_get_server_info()); + if ( version_compare($mysql_version, '4.0.0', '<') ) + die(sprintf(__('<strong>ERROR</strong>: WordPress %s requires MySQL 4.0.0 or higher'), $wp_version)); } function maybe_disable_automattic_widgets() { diff --git a/wp-admin/includes/user.php b/wp-admin/includes/user.php index bd017a4..ca15057 100644 --- a/wp-admin/includes/user.php +++ b/wp-admin/includes/user.php @@ -87,7 +87,7 @@ function edit_user( $user_id = 0 ) { $errors->add( 'pass', __( '<strong>ERROR</strong>: Please enter your password twice.' )); } else { if ((empty ( $pass1 ) && !empty ( $pass2 ) ) || (empty ( $pass2 ) && !empty ( $pass1 ) ) ) - $errors->add( 'pass', __( '<strong>ERROR</strong>: You entered your new password only once.' )); + $errors->add( 'pass', __( "<strong>ERROR</strong>: you typed your new password only once." )); } /* Check for "\" in password */ @@ -96,23 +96,23 @@ function edit_user( $user_id = 0 ) { /* checking the password has been typed twice the same */ if ( $pass1 != $pass2 ) - $errors->add( 'pass', __( '<strong>ERROR</strong>: Please enter the same password in the two password fields.' )); + $errors->add( 'pass', __( '<strong>ERROR</strong>: Please type the same password in the two password fields.' )); if (!empty ( $pass1 )) $user->user_pass = $pass1; if ( !$update && !validate_username( $user->user_login ) ) - $errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is invalid. Please enter a valid username.' )); + $errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is invalid. Please enter a valid username.' )); if (!$update && username_exists( $user->user_login )) - $errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is already registered. Please choose another one.' )); + $errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is already registered, please choose another one.' )); /* checking e-mail address */ if ( empty ( $user->user_email ) ) { - $errors->add( 'user_email', __( '<strong>ERROR</strong>: Please enter an e-mail address.' )); + $errors->add( 'user_email', __( "<strong>ERROR</strong>: please type an e-mail address" )); } else if (!is_email( $user->user_email ) ) { - $errors->add( 'user_email', __( "<strong>ERROR</strong>: The e-mail address isn't correct." )); + $errors->add( 'user_email', __( "<strong>ERROR</strong>: the email address isn't correct" )); } if ( $errors->get_error_codes() ) diff --git a/wp-admin/js/cat.js b/wp-admin/js/cat.js index 9cb81cf..b486996 100644 --- a/wp-admin/js/cat.js +++ b/wp-admin/js/cat.js @@ -1,4 +1,12 @@ -jQuery( function($) { - $('#jaxcat').prepend('<span id="ajaxcat"><input type="text" name="newcat" id="newcat" size="16" autocomplete="off"/><input type="button" name="Button" class="add:categorychecklist:jaxcat" id="catadd" value="' + catL10n.add + '"/><input type="hidden"/><input type="hidden"/><span id="howto">' + catL10n.how + '</span></span><span id="cat-ajax-response"></span>') - var a = $('#categorychecklist').wpList( { alt: '', response: 'cat-ajax-response' } ); -} ); +addLoadEvent(function(){catList=new listMan('categorychecklist');catList.ajaxRespEl='jaxcat';catList.topAdder=1;catList.alt=0;catList.showLink=0;}); +addLoadEvent(newCatAddIn); +function newCatAddIn() { + var jaxcat = $('jaxcat'); + if ( !jaxcat ) + return false; + // These multiple blank hidden inputs are needed: https://bugzilla.mozilla.org/show_bug.cgi?id=377815 , #3895 , #4664 + Element.update(jaxcat,'<span id="ajaxcat"><input type="text" name="newcat" id="newcat" size="16" autocomplete="off"/><input type="button" name="Button" id="catadd" value="' + catL10n.add + '"/><input type="hidden"/><input type="hidden"/><span id="howto">' + catL10n.how + '</span></span>'); + $('newcat').onkeypress = function(e) { return killSubmit("catList.ajaxAdder('category','jaxcat');", e); }; + $('catadd').onclick = function() { catList.ajaxAdder('category', 'jaxcat'); }; +} + diff --git a/wp-admin/js/categories.js b/wp-admin/js/categories.js index 23a67c5..3cee6c6 100644 --- a/wp-admin/js/categories.js +++ b/wp-admin/js/categories.js @@ -1,18 +1,16 @@ -jQuery(function($) { - var options = document.forms['addcat'].category_parent.options; - - var addAfter = function( r, settings ) { - var name = $("<span>" + $('name', r).text() + "</span>").html(); - var id = $('cat', r).attr('id'); +addLoadEvent(function() { + if (!theList.theList) return false; + document.forms.addcat.submit.onclick = function(e) {return killSubmit('theList.ajaxAdder("cat", "addcat");', e); }; + theList.addComplete = function(what, where, update, transport) { + var name = getNodeValue(transport.responseXML, 'name').unescapeHTML(); + var id = transport.responseXML.getElementsByTagName(what)[0].getAttribute('id'); + var options = document.forms['addcat'].category_parent.options; options[options.length] = new Option(name, id); - } - - var delAfter = function( r, settings ) { - var id = $('cat', r).attr('id'); + }; + theList.delComplete = function(what, id) { + var options = document.forms['addcat'].category_parent.options; for ( var o = 0; o < options.length; o++ ) if ( id == options[o].value ) options[o] = null; - } - - var a = $('#the-list').wpList( { addAfter: addAfter, delAfter: delAfter } ); + }; }); diff --git a/wp-admin/js/custom-fields.js b/wp-admin/js/custom-fields.js index 8f2b1a5..ad7a2db 100644 --- a/wp-admin/js/custom-fields.js +++ b/wp-admin/js/custom-fields.js @@ -1,33 +1,26 @@ -jQuery( function($) { - var before = function() { - var nonce = $('#newmeta [@name=_ajax_nonce]').val(); - var postId = $('#post_ID').val(); - if ( !nonce || !postId ) { return false; } - return [nonce,postId]; +function customFieldsOnComplete( what, where, update, transport ) { + var pidEl = $('post_ID'); + pidEl.name = 'post_ID'; + pidEl.value = getNodeValue(transport.responseXML, 'postid'); + var aEl = $('hiddenaction') + if ( aEl.value == 'post' ) aEl.value = 'postajaxpost'; +} +addLoadEvent(customFieldsAddIn); +function customFieldsAddIn() { + theList.showLink=0; + theList.addComplete = customFieldsOnComplete; + if (!theList.theList) return false; + inputs = theList.theList.getElementsByTagName('input'); + for ( var i=0; i < inputs.length; i++ ) { + if ('text' == inputs[i].type) { + inputs[i].setAttribute('autocomplete', 'off'); + inputs[i].onkeypress = function(e) {return killSubmit('theList.ajaxUpdater("meta", "meta-' + parseInt(this.name.slice(5),10) + '");', e); }; + } + if ('updatemeta' == inputs[i].className) { + inputs[i].onclick = function(e) {return killSubmit('theList.ajaxUpdater("meta", "meta-' + parseInt(this.parentNode.parentNode.id.slice(5),10) + '");', e); }; + } } - var addBefore = function( s ) { - var b = before(); - if ( !b ) { return false; } - s.data = s.data.replace(/_ajax_nonce=[a-f0-9]+/, '_ajax_nonce=' + b[0]) + '&post_id=' + b[1]; - return s; - }; - - var addAfter = function( r, s ) { - var postId = $('postid', r).text(); - if ( !postId ) { return; } - $('#post_ID').attr( 'name', 'post_ID' ).val( postId ); - var h = $('#hiddenaction'); - if ( 'post' == h.val() ) { h.val( 'postajaxpost' ); } - }; - - var delBefore = function( s ) { - var b = before(); if ( !b ) return false; - s.data._ajax_nonce = b[0]; s.data.post_id = b[1]; - return s; - } - - $('#the-list') - .wpList( { addBefore: addBefore, addAfter: addAfter, delBefore: delBefore } ) - .find('.updatemeta, .deletemeta').attr( 'type', 'button' ); -} ); + $('metakeyinput').onkeypress = function(e) {return killSubmit('theList.inputData+="&id="+$("post_ID").value;theList.ajaxAdder("meta", "newmeta");', e); }; + $('updatemetasub').onclick = function(e) {return killSubmit('theList.inputData+="&id="+$("post_ID").value;theList.ajaxAdder("meta", "newmeta");', e); }; +} diff --git a/wp-admin/js/edit-comments.js b/wp-admin/js/edit-comments.js index a185774..e1fc68f 100644 --- a/wp-admin/js/edit-comments.js +++ b/wp-admin/js/edit-comments.js @@ -1,26 +1,59 @@ -var list; var extra; -jQuery(function($) { +addLoadEvent(function() { + theCommentList = new listMan('the-comment-list'); + if ( !theCommentList ) + return false; -var dimAfter = function( r, settings ) { - var a = $('#awaitmod'); - a.html( parseInt(a.html(),10) + ( $('#' + settings.element).is('.' + settings.dimClass) ? 1 : -1 ) ); -} - -var delAfter = function( r, settings ) { - var a = $('#awaitmod'); - if ( $('#' + settings.element).is('.unapproved') && parseInt(a.html(),10) > 0 ) { - a.html( parseInt(a.html(),10) - 1 ); + theExtraCommentList = new listMan('the-extra-comment-list'); + if ( theExtraCommentList ) { + theExtraCommentList.showLink = 0; + theExtraCommentList.altOffset = 1; + if ( theExtraCommentList.theList && theExtraCommentList.theList.childNodes ) + var commentNum = $A(theExtraCommentList.theList.childNodes).findAll( function(i) { return Element.visible(i) } ).length; + else + var commentNum = 0; + var urlQ = document.location.href.split('?'); + var params = urlQ[1] ? urlQ[1].toQueryParams() : []; + var search = params['s'] ? params['s'] : ''; + var page = params['apage'] ? params['apage'] : 1; } - if ( extra.size() == 0 || extra.children().size() == 0 ) { - return; + theCommentList.dimComplete = function(what,id,dimClass) { + var m = document.getElementById('awaitmod'); + if ( document.getElementById(what + '-' + id).className.match(dimClass) ) + m.innerHTML = parseInt(m.innerHTML,10) + 1; + else + m.innerHTML = parseInt(m.innerHTML,10) - 1; } - list[0].wpList.add( extra.children(':eq(0)').remove().clone() ); - $('#get-extra-comments').submit(); -} + theCommentList.delComplete = function(what,id) { + var m = document.getElementById('awaitmod'); + what = what.split('-')[0]; + if ( document.getElementById(what + '-' + id).className.match('unapproved') ) + m.innerHTML = parseInt(m.innerHTML,10) - 1; + if ( theExtraCommentList && commentNum ) { + var theMover = theExtraCommentList.theList.childNodes[0]; + Element.removeClassName(theMover,'alternate'); + theCommentList.theList.appendChild(theMover); + theExtraCommentList.inputData += '&page=' + page; + if ( search ) + theExtraCommentList.inputData += '&s=' + search; // trust the URL not the search box + theExtraCommentList.addComplete = function() { + if ( theExtraCommentList.theList.childNodes ) + var commentNum = $A(theExtraCommentList.theList.childNodes).findAll( function(i) { return Element.visible(i) } ).length; + else + var commentNum = 0; + } + theExtraCommentList.ajaxAdder( 'comment', 'ajax-response' ); // Dummy Request + } + } -extra = $('#the-extra-comment-list').wpList( { alt: '', delColor: 'none', addColor: 'none' } ); -list = $('#the-comment-list').wpList( { dimAfter : dimAfter, delAfter : delAfter, addColor: 'none' } ); + if ( theList ) // the post list: edit.php + theList.delComplete = function() { + var comments = document.getElementById('comments'); + var commdel = encloseFunc(function(a){a.parentNode.removeChild(a);},comments); + var listdel = encloseFunc(function(a){a.parentNode.removeChild(a);},theCommentList.theList); + setTimeout(commdel,705); + setTimeout(listdel,705); + } +}); -} ); diff --git a/wp-admin/js/edit-posts.js b/wp-admin/js/edit-posts.js deleted file mode 100644 index 5241c4c..0000000 --- a/wp-admin/js/edit-posts.js +++ /dev/null @@ -1,22 +0,0 @@ -jQuery(function($) { -var delAfter; var extra; var list; - -if ( document.location.href.match(/(\?|&)c=/) ) - delAfter = function() { $('#comments, #the-comment-list').remove(); } -else - delAfter = function() { - list[0].wpList.add( extra.children(':eq(0)').remove().clone() ); - $('#get-extra-posts').submit(); - } - -var addBefore = function ( settings ) { - var q = document.location.href.split('?'); - if ( q[1] ) - settings.data += '&' + q[1]; - return settings; -} - -extra = $('#the-extra-list').wpList( { alt: '', addBefore: addBefore, addColor: 'none', delColor: 'none' } ); -list = $('#the-list').wpList( { delAfter: delAfter, addColor: 'none' } ); - -} ); diff --git a/wp-admin/js/link-cat.js b/wp-admin/js/link-cat.js index e69de29..1e95fa3 100644 --- a/wp-admin/js/link-cat.js +++ b/wp-admin/js/link-cat.js @@ -0,0 +1,11 @@ +addLoadEvent(function(){linkcatList=new listMan('linkcategorychecklist');linkcatList.ajaxRespEl='jaxcat';linkcatList.topAdder=1;linkcatList.alt=0;linkcatList.showLink=0;}); +addLoadEvent(newLinkCatAddIn); +function newLinkCatAddIn() { + var jaxcat = $('jaxcat'); + if ( !jaxcat ) + return false; + Element.update(jaxcat,'<span id="ajaxcat"><input type="text" name="newcat" id="newcat" size="16" autocomplete="off"/><input type="button" name="Button" id="catadd" value="' + linkcatL10n.add + '"/><input type="hidden"/><span id="howto">' + linkcatL10n.how + '</span></span>'); + $('newcat').onkeypress = function(e) { return killSubmit("linkcatList.ajaxAdder('link-category','jaxcat');", e); }; + $('catadd').onclick = function() { linkcatList.ajaxAdder('link-category', 'jaxcat'); }; +} + diff --git a/wp-admin/js/users.js b/wp-admin/js/users.js index 5b89d0f..f249f65 100644 --- a/wp-admin/js/users.js +++ b/wp-admin/js/users.js @@ -1,22 +1,21 @@ -jQuery( function($) { - var userLists; var list; var addBefore; var addAfter; +addLoadEvent(function() { + theListEls = document.getElementsByTagName('tbody'); + theUserLists = new Array(); + for ( var l = 0; l < theListEls.length; l++ ) { + if ( theListEls[l].id ) + theUserLists[theListEls[l].id] = new listMan(theListEls[l].id); + } + addUserInputs = document.getElementById('adduser').getElementsByTagName('input'); + for ( var i = 0; i < addUserInputs.length; i++ ) { + addUserInputs[i].onkeypress = function(e) { return killSubmit('addUserSubmit();', e); } + } + document.getElementById('addusersub').onclick = function(e) { return killSubmit('addUserSubmit();', e); } +} +); - addBefore = function( s ) { - if ( $( '#role-' + $('#role').val() ).size() ) - return s; - return false; - }; - - addAfter = function( r, s ) { - var roleTable = $( '#role-' + $('role', r).text() ); - - var e = $('#user-' + $('user', r).attr('id') ); - if ( !roleTable.size() ) { return; } - if ( !e.size() ) { return; } - - roleTable[0].wpList.add(e.remove().clone()); - }; - - userLists = $('.user-list').wpList(); - list = $('#user-list').wpList( { addBefore: addBefore, addAfter: addAfter } ); -} ); +function addUserSubmit() { + var roleEl = document.getElementById('role'); + var role = roleEl.options[roleEl.selectedIndex].value; + if ( !theUserLists['role-' + role] ) return true; + return theUserLists['role-' + role].ajaxAdder('user', 'adduser'); +} diff --git a/wp-admin/link-add.php b/wp-admin/link-add.php index 1e48fe8..2b06d8e 100644 --- a/wp-admin/link-add.php +++ b/wp-admin/link-add.php @@ -13,7 +13,7 @@ wp_reset_vars(array('action', 'cat_id', 'linkurl', 'name', 'image', wp_enqueue_script( array('xfn', 'dbx-admin-key?pagenow=link.php') ); if ( current_user_can( 'manage_categories' ) ) - wp_enqueue_script( 'ajaxcat' ); + wp_enqueue_script( 'ajaxlinkcat' ); require('admin-header.php'); ?> diff --git a/wp-admin/link-manager.php b/wp-admin/link-manager.php index d9240de..ade3143 100644 --- a/wp-admin/link-manager.php +++ b/wp-admin/link-manager.php @@ -6,7 +6,7 @@ require_once ('admin.php'); -wp_enqueue_script( 'wp-lists' ); +wp_enqueue_script( 'listman' ); wp_reset_vars(array('action', 'cat_id', 'linkurl', 'name', 'image', 'description', 'visible', 'target', 'category', 'link_id', 'submit', 'order_by', 'links_show_cat_id', 'rating', 'rel', 'notes', 'linkcheck[]')); @@ -46,7 +46,7 @@ switch ($order_by) { } ?> <script type="text/javascript"> -/* <![CDATA[ */ +<!-- function checkAll(form) { for (i = 0, n = form.elements.length; i < n; i++) { @@ -58,10 +58,7 @@ function checkAll(form) } } } - -jQuery(function($){$('#the-list').wpList();}); - -/* ]]> */ +//--> </script> <?php @@ -131,7 +128,7 @@ if ( $links ) { <th style="text-align: center"><input type="checkbox" onclick="checkAll(document.getElementById('links'));" /></th> </tr> </thead> - <tbody id="the-list" class="list:link"> + <tbody id="the-list"> <?php foreach ($links as $link) { $link = sanitize_bookmark($link); @@ -179,8 +176,8 @@ if ( $links ) { ?><td align='center'><?php echo $visible; ?></td><?php break; case 'action': - echo "<td><a href='link.php?link_id=$link->link_id&action=edit' class='edit'>" . __('Edit') . '</a></td>'; - echo "<td><a href='" . wp_nonce_url('link.php?link_id='.$link->link_id.'&action=delete', 'delete-bookmark_' . $link->link_id ) . "' class='delete:the-list:link-$link->link_id delete'>" . __('Delete') . '</a></td>'; + echo '<td><a href="link.php?link_id='.$link->link_id.'&action=edit" class="edit">'.__('Edit').'</a></td>'; + echo '<td><a href="' . wp_nonce_url('link.php?link_id='.$link->link_id.'&action=delete', 'delete-bookmark_' . $link->link_id ) . '"'." onclick=\"return deleteSomething( 'link', $link->link_id , '".js_escape(sprintf(__("You are about to delete the '%s' link to %s.\n'Cancel' to stop, 'OK' to delete."), $link->link_name, $link->link_url )).'\' );" class="delete">'.__('Delete').'</a></td>'; break; default: ?> diff --git a/wp-admin/menu.php b/wp-admin/menu.php index 89337b8..11e04f4 100644 --- a/wp-admin/menu.php +++ b/wp-admin/menu.php @@ -150,7 +150,7 @@ unset($id); uksort($menu, "strnatcasecmp"); // make it all pretty -if ( !user_can_access_admin_page() ) { +if (! user_can_access_admin_page()) { // find the blog of this user first $primary_blog = (int) get_usermeta( $user_ID, 'primary_blog' ); if( $primary_blog != 0 ) { diff --git a/wp-admin/page.php b/wp-admin/page.php index c68901d..7a373e9 100644 --- a/wp-admin/page.php +++ b/wp-admin/page.php @@ -108,14 +108,10 @@ case 'editpost': } else { if ($_POST['save']) { $location = "page.php?action=edit&post=$page_ID"; - } elseif ($_POST['addemeta']) { - $location = add_query_arg( 'message', 2, wp_get_referer() ); - $location = explode('#', $location); - $location = $location[0] . '#postcustom'; + } elseif ($_POST['updatemeta']) { + $location = wp_get_referer() . '&message=2#postcustom'; } elseif ($_POST['deletemeta']) { - $location = add_query_arg( 'message', 3, wp_get_referer() ); - $location = explode('#', $location); - $location = $location[0] . '#postcustom'; + $location = wp_get_referer() . '&message=3#postcustom'; } elseif (!empty($_POST['referredby']) && $_POST['referredby'] != wp_get_referer()) { $location = $_POST['referredby']; if ( $_POST['referredby'] == 'redo' ) diff --git a/wp-admin/plugins.php b/wp-admin/plugins.php index 5e7bcf2..8593424 100644 --- a/wp-admin/plugins.php +++ b/wp-admin/plugins.php @@ -11,9 +11,22 @@ if( $menu_perms[ 'plugins' ] != 1 ) if ( isset($_GET['action']) ) { if ('activate' == $_GET['action']) { check_admin_referer('activate-plugin_' . $_GET['plugin']); - $result = activate_plugin($_GET['plugin']); - if( is_wp_error( $result ) ) - wp_die( $result->get_error_message() ); + $current = get_option('active_plugins'); + $plugin = trim($_GET['plugin']); + if ( validate_file($plugin) ) + wp_die(__('Invalid plugin.')); + if ( ! file_exists(ABSPATH . PLUGINDIR . '/' . $plugin) ) + wp_die(__('Plugin file does not exist.')); + if (!in_array($plugin, $current)) { + wp_redirect(add_query_arg('_error_nonce', wp_create_nonce('plugin-activation-error_' . $plugin), 'plugins.php?error=true&plugin=' . $plugin)); // we'll override this later if the plugin can be included without fatal error + ob_start(); + @include(ABSPATH . PLUGINDIR . '/' . $plugin); + $current[] = $plugin; + sort($current); + update_option('active_plugins', $current); + do_action('activate_' . $plugin); + ob_end_clean(); + } wp_redirect('plugins.php?activate=true'); // overrides the ?error=true one above } elseif ('error_scrape' == $_GET['action']) { $plugin = trim($_GET['plugin']); @@ -25,11 +38,21 @@ if ( isset($_GET['action']) ) { include(ABSPATH . PLUGINDIR . '/' . $plugin); } elseif ('deactivate' == $_GET['action']) { check_admin_referer('deactivate-plugin_' . $_GET['plugin']); - deactivate_plugins($_GET['plugin']); + $current = get_option('active_plugins'); + array_splice($current, array_search( $_GET['plugin'], $current), 1 ); // Array-fu! + update_option('active_plugins', $current); + do_action('deactivate_' . trim( $_GET['plugin'] )); wp_redirect('plugins.php?deactivate=true'); } elseif ($_GET['action'] == 'deactivate-all') { check_admin_referer('deactivate-all'); - deactivate_all_plugins(); + $current = get_option('active_plugins'); + + foreach ($current as $plugin) { + array_splice($current, array_search($plugin, $current), 1); + do_action('deactivate_' . $plugin); + } + + update_option('active_plugins', array()); wp_redirect('plugins.php?deactivate-all=true'); } exit; diff --git a/wp-admin/post.php b/wp-admin/post.php index 4609bae..680f8ab 100644 --- a/wp-admin/post.php +++ b/wp-admin/post.php @@ -121,14 +121,10 @@ case 'editpost': if ($_POST['save']) { $location = "post.php?action=edit&post=$post_ID"; - } elseif ($_POST['addemeta']) { - $location = add_query_arg( 'message', 2, wp_get_referer() ); - $location = explode('#', $location); - $location = $location[0] . '#postcustom'; + } elseif ($_POST['updatemeta']) { + $location = wp_get_referer() . '&message=2#postcustom'; } elseif ($_POST['deletemeta']) { - $location = add_query_arg( 'message', 3, wp_get_referer() ); - $location = explode('#', $location); - $location = $location[0] . '#postcustom'; + $location = wp_get_referer() . '&message=3#postcustom'; } elseif (!empty($referredby) && $referredby != $referer) { $location = $_POST['referredby']; if ( $_POST['referredby'] == 'redo' ) diff --git a/wp-admin/setup-config.php b/wp-admin/setup-config.php index 976c5ac..139ccd3 100644 --- a/wp-admin/setup-config.php +++ b/wp-admin/setup-config.php @@ -1,9 +1,6 @@ <?php die(); define('WP_INSTALLING', true); -//These two defines are required to allow us to use require_wp_db() to load the database class while being wp-content/wp-db.php aware -define('ABSPATH', dirname(dirname(__FILE__)).'/'); -define('WPINC', 'wp-includes'); require_once('../wp-includes/compat.php'); require_once('../wp-includes/functions.php'); @@ -164,7 +161,7 @@ switch($step) { define('DB_HOST', $dbhost); // We'll fail here if the values are no good. - require_wp_db(); + require_once('../wp-includes/wp-db.php'); $handle = fopen('../wp-config.php', 'w'); foreach ($configFile as $line_num => $line) { diff --git a/wp-admin/users.php b/wp-admin/users.php index c4a5917..83c6cb5 100644 --- a/wp-admin/users.php +++ b/wp-admin/users.php @@ -523,7 +523,7 @@ foreach($roleclasses as $role => $roleclass) { <th colspan="2" style="text-align: center"><?php _e('Actions') ?></th> </tr> </tbody> -<tbody id="role-<?php echo $role; ?>" class="list:user user-list"><?php +<tbody id="role-<?php echo $role; ?>"><?php $style = ''; foreach ( (array) $roleclass as $user_object ) { $style = ( ' class="alternate"' == $style ) ? '' : ' class="alternate"'; diff --git a/wp-admin/wp-admin.css b/wp-admin/wp-admin.css index 3897e79..2b06951 100644 --- a/wp-admin/wp-admin.css +++ b/wp-admin/wp-admin.css @@ -819,10 +819,6 @@ input.delete:hover { width: 95%; } -#postcustom table #addmetasub { - width: auto; -} - #poststuff { margin-right: 16em; } @@ -12,7 +12,6 @@ define('APP_REQUEST', true); require_once('./wp-config.php'); require_once(ABSPATH . WPINC . '/post-template.php'); require_once(ABSPATH . WPINC . '/atomlib.php'); -require_once(ABSPATH . WPINC . '/feed.php'); $_SERVER['PATH_INFO'] = preg_replace( '/.*\/wp-app\.php/', '', $_SERVER['REQUEST_URI'] ); @@ -697,7 +696,7 @@ EOD; } function get_feed($page = 1, $post_type = 'post') { - global $post, $wp, $wp_query, $posts, $wpdb, $blog_id; + global $post, $wp, $wp_query, $posts, $wpdb, $blog_id, $post_cache; log_app('function',"get_feed($page, '$post_type')"); ob_start(); @@ -716,6 +715,7 @@ EOD; $wp_query = $GLOBALS['wp_query']; $wpdb = $GLOBALS['wpdb']; $blog_id = (int) $GLOBALS['blog_id']; + $post_cache = $GLOBALS['post_cache']; log_app('function',"query_posts(# " . print_r($wp_query, true) . "#)"); log_app('function',"total_count(# $wp_query->max_num_pages #)"); @@ -739,7 +739,7 @@ EOD; <link rel="last" type="<?php echo $this->ATOM_CONTENT_TYPE ?>" href="<?php $this->the_entries_url($last_page) ?>" /> <link rel="self" type="<?php echo $this->ATOM_CONTENT_TYPE ?>" href="<?php $this->the_entries_url($self_page) ?>" /> <rights type="text">Copyright <?php echo mysql2date('Y', get_lastpostdate('blog')); ?></rights> -<?php the_generator( 'atom' ); ?> +<generator uri="http://wordpress.com/" version="1.0.5-dc">WordPress.com Atom API</generator> <?php if ( have_posts() ) { while ( have_posts() ) { the_post(); @@ -756,7 +756,7 @@ EOD; function get_entry($postID, $post_type = 'post') { log_app('function',"get_entry($postID, '$post_type')"); ob_start(); - global $posts, $post, $wp_query, $wp, $wpdb, $blog_id; + global $posts, $post, $wp_query, $wp, $wpdb, $blog_id, $post_cache; switch($post_type) { case 'post': $varname = 'p'; @@ -785,7 +785,7 @@ EOD; <entry xmlns="<?php echo $this->ATOM_NS ?>" xmlns:app="<?php echo $this->ATOMPUB_NS ?>" xml:lang="<?php echo get_option('rss_language'); ?>"> <id><?php the_guid($GLOBALS['post']->ID); ?></id> -<?php list($content_type, $content) = prep_atom_text_construct(get_the_title()); ?> +<?php list($content_type, $content) = $this->prep_content(get_the_title()); ?> <title type="<?php echo $content_type ?>"><?php echo $content ?></title> <updated><?php echo get_post_modified_time('Y-m-d\TH:i:s\Z', true); ?></updated> <published><?php echo get_post_time('Y-m-d\TH:i:s\Z', true); ?></published> @@ -806,7 +806,7 @@ EOD; <?php } else { ?> <link href="<?php the_permalink_rss() ?>" /> <?php if ( strlen( $GLOBALS['post']->post_content ) ) : -list($content_type, $content) = prep_atom_text_construct(get_the_content()); ?> +list($content_type, $content) = $this->prep_content(get_the_content()); ?> <content type="<?php echo $content_type ?>"><?php echo $content ?></content> <?php endif; ?> <?php } ?> @@ -814,11 +814,37 @@ list($content_type, $content) = prep_atom_text_construct(get_the_content()); ?> <?php foreach(get_the_category() as $category) { ?> <category scheme="<?php bloginfo_rss('home') ?>" term="<?php echo $category->name?>" /> <?php } ?> -<?php list($content_type, $content) = prep_atom_text_construct(get_the_excerpt()); ?> +<?php list($content_type, $content) = $this->prep_content(get_the_excerpt()); ?> <summary type="<?php echo $content_type ?>"><?php echo $content ?></summary> </entry> <?php } + function prep_content($data) { + if (strpos($data, '<') === false && strpos($data, '&') === false) { + return array('text', $data); + } + + $parser = xml_parser_create(); + xml_parse($parser, '<div>' . $data . '</div>', true); + $code = xml_get_error_code($parser); + xml_parser_free($parser); + + if (!$code) { + if (strpos($data, '<') === false) { + return array('text', $data); + } else { + $data = "<div xmlns='http://www.w3.org/1999/xhtml'>$data</div>"; + return array('xhtml', $data); + } + } + + if (strpos($data, ']]>') == false) { + return array('html', "<![CDATA[$data]]>"); + } else { + return array('html', htmlspecialchars($data)); + } + } + function ok() { log_app('Status','200: OK'); header('Content-Type: text/plain'); diff --git a/wp-content/themes/classic/header.php b/wp-content/themes/classic/header.php index 4a3e0b4..2c02a89 100644 --- a/wp-content/themes/classic/header.php +++ b/wp-content/themes/classic/header.php @@ -6,13 +6,15 @@ <title><?php bloginfo('name'); ?><?php wp_title(); ?></title> + <meta name="generator" content="WordPress <?php bloginfo('version'); ?>" /> <!-- leave this for stats please --> + <style type="text/css" media="screen"> @import url( <?php bloginfo('stylesheet_url'); ?> ); </style> <link rel="alternate" type="application/rss+xml" title="RSS 2.0" href="<?php bloginfo('rss2_url'); ?>" /> <link rel="alternate" type="text/xml" title="RSS .92" href="<?php bloginfo('rss_url'); ?>" /> - <link rel="alternate" type="application/atom+xml" title="Atom 1.0" href="<?php bloginfo('atom_url'); ?>" /> + <link rel="alternate" type="application/atom+xml" title="Atom 0.3" href="<?php bloginfo('atom_url'); ?>" /> <link rel="pingback" href="<?php bloginfo('pingback_url'); ?>" /> <?php wp_get_archives('type=monthly&format=link'); ?> diff --git a/wp-content/themes/default/footer.php b/wp-content/themes/default/footer.php index 68e9e5f..50611ab 100644 --- a/wp-content/themes/default/footer.php +++ b/wp-content/themes/default/footer.php @@ -2,7 +2,7 @@ <?php $current_site = get_current_site(); ?> <hr /> <div id="footer"> -<!-- If you'd like to support WordPress, having the "powered by" link somewhere on your blog is the best way, it's our only promotion or advertising. --> +<!-- If you'd like to support WordPress, having the "powered by" link somewhere on your blog is the best way; it's our only promotion or advertising. --> <p> <?php bloginfo('name'); ?> is proudly powered by <a href="http://mu.wordpress.org/">WordPress MU</a> running on <a href="http://<?php echo $current_site->domain . $current_site->path ?>"><?php echo $current_site->site_name ?></a>. <a href="http://<?php echo $current_site->domain . $current_site->path ?>wp-signup.php" title="Create a new blog">Create a new blog</a> and join in the fun! diff --git a/wp-content/themes/default/header.php b/wp-content/themes/default/header.php index ec70a6a..99d3962 100644 --- a/wp-content/themes/default/header.php +++ b/wp-content/themes/default/header.php @@ -6,6 +6,8 @@ <title><?php bloginfo('name'); ?> <?php if ( is_single() ) { ?> » Blog Archive <?php } ?> <?php wp_title(); ?></title> +<meta name="generator" content="WordPress <?php bloginfo('version'); ?>" /> <!-- leave this for stats --> + <link rel="stylesheet" href="<?php bloginfo('stylesheet_url'); ?>" type="text/css" media="screen" /> <link rel="alternate" type="application/rss+xml" title="<?php bloginfo('name'); ?> RSS Feed" href="<?php bloginfo('rss2_url'); ?>" /> <link rel="pingback" href="<?php bloginfo('pingback_url'); ?>" /> diff --git a/wp-content/themes/default/index.php b/wp-content/themes/default/index.php index e56746e..6d8e8e7 100644 --- a/wp-content/themes/default/index.php +++ b/wp-content/themes/default/index.php @@ -7,7 +7,7 @@ <?php while (have_posts()) : the_post(); ?> <div class="post" id="post-<?php the_ID(); ?>"> - <h2><a href="<?php the_permalink() ?>" rel="bookmark" title="Permanent Link to <?php the_title(); ?>"><?php the_title(); ?></a></h2> + <h2><a href="<?php the_permalink() ?>" rel="bookmark" title="Permanent Link to <?php the_title_attribute(); ?>"><?php the_title(); ?></a></h2> <small><?php the_time('F jS, Y') ?> by <?php the_author() ?></small> <div class="entry"> diff --git a/wp-includes/bookmark.php b/wp-includes/bookmark.php index 1baf608..170e7df 100644 --- a/wp-includes/bookmark.php +++ b/wp-includes/bookmark.php @@ -3,7 +3,8 @@ function get_bookmark($bookmark_id, $output = OBJECT, $filter = 'raw') { global $wpdb; - $link = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->links WHERE link_id = %d LIMIT 1", $bookmark_id)); + $bookmark_id = (int) $bookmark_id; + $link = $wpdb->get_row("SELECT * FROM $wpdb->links WHERE link_id = '$bookmark_id' LIMIT 1"); $link->link_category = array_unique( wp_get_object_terms($link_id, 'link_category', 'fields=ids') ); $link = sanitize_bookmark($link, $filter); diff --git a/wp-includes/canonical.php b/wp-includes/canonical.php index 7c7c909..9226f3e 100644 --- a/wp-includes/canonical.php +++ b/wp-includes/canonical.php @@ -180,15 +180,15 @@ function redirect_guess_404_permalink() { if ( !get_query_var('name') ) return false; - $where = $wpdb->prepare("post_name LIKE %s", get_query_var('name') . '%'); + $where = "post_name LIKE '" . $wpdb->escape(get_query_var('name')) . "%'"; // if any of year, monthnum, or day are set, use them to refine the query if ( get_query_var('year') ) - $where .= $wpdb->prepare(" AND YEAR(post_date) = %d", get_query_var('year')); + $where .= " AND YEAR(post_date) = '" . $wpdb->escape(get_query_var('year')) . "'"; if ( get_query_var('monthnum') ) - $where .= $wpdb->prepare(" AND MONTH(post_date) = %d", get_query_var('monthnum')); + $where .= " AND MONTH(post_date) = '" . $wpdb->escape(get_query_var('monthnum')) . "'"; if ( get_query_var('day') ) - $where .= $wpdb->prepare(" AND DAYOFMONTH(post_date) = %d", get_query_var('day')); + $where .= " AND DAYOFMONTH(post_date) = '" . $wpdb->escape(get_query_var('day')) . "'"; $post_id = $wpdb->get_var("SELECT ID FROM $wpdb->posts WHERE $where AND post_status = 'publish'"); if ( !$post_id ) diff --git a/wp-includes/category-template.php b/wp-includes/category-template.php index 6efea7b..cd8dbcb 100644 --- a/wp-includes/category-template.php +++ b/wp-includes/category-template.php @@ -376,7 +376,7 @@ function wp_generate_tag_cloud( $tags, $args = '' ) { $tag_id = $tag_ids[$tag]; $tag_link = clean_url($tag_links[$tag]); $tag = str_replace(' ', ' ', wp_specialchars( $tag )); - $a[] = "<a href='$tag_link' class='tag-link-$tag_id' title='" . attribute_escape( sprintf( __ngettext('%d topic','%d topics',$count), $count ) ) . "'$rel style='font-size: " . + $a[] = "<a href='$tag_link' class='tag-link-$tag_id' title='" . attribute_escape( sprintf( __('%d topics'), $count ) ) . "'$rel style='font-size: " . ( $smallest + ( ( $count - $min_count ) * $font_step ) ) . "$unit;'>$tag</a>"; } diff --git a/wp-includes/classes.php b/wp-includes/classes.php index c79442b..6e55c45 100644 --- a/wp-includes/classes.php +++ b/wp-includes/classes.php @@ -696,13 +696,11 @@ class WP_Ajax_Response { $defaults = array( 'what' => 'object', 'action' => false, 'id' => '0', 'old_id' => false, - 'position' => 1, // -1 = top, 1 = bottom, html ID = after, -html ID = before 'data' => '', 'supplemental' => array() ); $r = wp_parse_args( $args, $defaults ); extract( $r, EXTR_SKIP ); - $postition = preg_replace( '/[^a-z0-9:_-]/i', '', $position ); if ( is_wp_error($id) ) { $data = $id; @@ -726,7 +724,7 @@ class WP_Ajax_Response { $x = ''; $x .= "<response action='{$action}_$id'>"; // The action attribute in the xml output is formatted like a nonce action - $x .= "<$what id='$id' " . ( false === $old_id ? '' : "old_id='$old_id' " ) . "position='$position'>"; + $x .= "<$what id='$id'" . ( false !== $old_id ? "old_id='$old_id'>" : '>' ); $x .= $response; $x .= $s; $x .= "</$what>"; diff --git a/wp-includes/comment-template.php b/wp-includes/comment-template.php index 1dc84c1..99fecfe 100644 --- a/wp-includes/comment-template.php +++ b/wp-includes/comment-template.php @@ -288,11 +288,13 @@ function comments_template( $file = '/comments.php' ) { // TODO: Use API instead of SELECTs. if ( $user_ID) { - $comments = $wpdb->get_results($wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND (comment_approved = '1' OR ( user_id = %d AND comment_approved = '0' ) ) ORDER BY comment_date", $post->ID, $user_ID)); + $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = '$post->ID' AND (comment_approved = '1' OR ( user_id = '$user_ID' AND comment_approved = '0' ) ) ORDER BY comment_date"); } else if ( empty($comment_author) ) { - $comments = $wpdb->get_results($wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_approved = '1' ORDER BY comment_date", $post->ID)); + $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = '$post->ID' AND comment_approved = '1' ORDER BY comment_date"); } else { - $comments = $wpdb->get_results($wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND ( comment_approved = '1' OR ( comment_author = %s AND comment_author_email = %s AND comment_approved = '0' ) ) ORDER BY comment_date", $post->ID, $comment_author, $comment_author_email)); + $author_db = $wpdb->escape($comment_author); + $email_db = $wpdb->escape($comment_author_email); + $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = '$post->ID' AND ( comment_approved = '1' OR ( comment_author = '$author_db' AND comment_author_email = '$email_db' AND comment_approved = '0' ) ) ORDER BY comment_date"); } // keep $comments for legacy's sake (remember $table*? ;) ) diff --git a/wp-includes/comment.php b/wp-includes/comment.php index 62377c5..3fedd9b 100644 --- a/wp-includes/comment.php +++ b/wp-includes/comment.php @@ -41,12 +41,11 @@ function check_comment($author, $email, $url, $comment, $user_ip, $user_agent, $ $domain = $uri['host']; $uri = parse_url( get_option('home') ); $home_domain = $uri['host']; - if ( $wpdb->get_var($wpdb->prepare("SELECT link_id FROM $wpdb->links WHERE link_url LIKE (%s) LIMIT 1", '%'.$domain.'%')) || $domain == $home_domain ) + if ( $wpdb->get_var("SELECT link_id FROM $wpdb->links WHERE link_url LIKE ('%$domain%') LIMIT 1") || $domain == $home_domain ) return true; else return false; } elseif ( $author != '' && $email != '' ) { - // expected_slashed ($author, $email) $ok_to_comment = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_author = '$author' AND comment_author_email = '$email' and comment_approved = '1' LIMIT 1"); if ( ( 1 == $ok_to_comment ) && ( empty($mod_keys) || false === strpos( $email, $mod_keys) ) ) @@ -63,7 +62,9 @@ function check_comment($author, $email, $url, $comment, $user_ip, $user_agent, $ function get_approved_comments($post_id) { global $wpdb; - return $wpdb->get_results($wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_approved = '1' ORDER BY comment_date", $post_id)); + + $post_id = (int) $post_id; + return $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = '$post_id' AND comment_approved = '1' ORDER BY comment_date"); } @@ -81,10 +82,11 @@ function &get_comment(&$comment, $output = OBJECT) { wp_cache_add($comment->comment_ID, $comment, 'comment'); $_comment = $comment; } else { + $comment = (int) $comment; if ( isset($GLOBALS['comment']) && ($GLOBALS['comment']->comment_ID == $comment) ) { $_comment = & $GLOBALS['comment']; } elseif ( ! $_comment = wp_cache_get($comment, 'comment') ) { - $_comment = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_ID = %d LIMIT 1", $comment)); + $_comment = $wpdb->get_row("SELECT * FROM $wpdb->comments WHERE comment_ID = '$comment' LIMIT 1"); wp_cache_add($_comment->comment_ID, $_comment, 'comment'); } } @@ -107,7 +109,7 @@ function &get_comment(&$comment, $output = OBJECT) { function get_commentdata( $comment_ID, $no_cache = 0, $include_unapproved = false ) { // less flexible, but saves DB queries global $postc, $id, $commentdata, $wpdb; if ( $no_cache ) { - $query = $wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_ID = %d", $comment_ID); + $query = "SELECT * FROM $wpdb->comments WHERE comment_ID = '$comment_ID'"; if ( false == $include_unapproved ) $query .= " AND comment_approved = '1'"; $myrow = $wpdb->get_row($query, ARRAY_A); @@ -136,13 +138,13 @@ function get_lastcommentmodified($timezone = 'server') { if ( !isset($cache_lastcommentmodified[$timezone]) ) { switch ( strtolower($timezone)) { case 'gmt': - $lastcommentmodified = $wpdb->get_var($wpdb->prepare("SELECT comment_date_gmt FROM $wpdb->comments WHERE comment_date_gmt <= %s AND comment_approved = '1' ORDER BY comment_date_gmt DESC LIMIT 1", $now)); + $lastcommentmodified = $wpdb->get_var("SELECT comment_date_gmt FROM $wpdb->comments WHERE comment_date_gmt <= '$now' AND comment_approved = '1' ORDER BY comment_date_gmt DESC LIMIT 1"); break; case 'blog': - $lastcommentmodified = $wpdb->get_var($wpdb->prepare("SELECT comment_date FROM $wpdb->comments WHERE comment_date_gmt <= %s AND comment_approved = '1' ORDER BY comment_date_gmt DESC LIMIT 1", $now)); + $lastcommentmodified = $wpdb->get_var("SELECT comment_date FROM $wpdb->comments WHERE comment_date_gmt <= '$now' AND comment_approved = '1' ORDER BY comment_date_gmt DESC LIMIT 1"); break; case 'server': - $lastcommentmodified = $wpdb->get_var($wpdb->prepare("SELECT DATE_ADD(comment_date_gmt, INTERVAL %s SECOND) FROM $wpdb->comments WHERE comment_date_gmt <= %s AND comment_approved = '1' ORDER BY comment_date_gmt DESC LIMIT 1", $add_seconds_server, $now)); + $lastcommentmodified = $wpdb->get_var("SELECT DATE_ADD(comment_date_gmt, INTERVAL '$add_seconds_server' SECOND) FROM $wpdb->comments WHERE comment_date_gmt <= '$now' AND comment_approved = '1' ORDER BY comment_date_gmt DESC LIMIT 1"); break; } $cache_lastcommentmodified[$timezone] = $lastcommentmodified; @@ -181,7 +183,6 @@ function wp_allow_comment($commentdata) { extract($commentdata, EXTR_SKIP); // Simple duplicate check - // expected_slashed ($comment_post_ID, $comment_author, $comment_author_email, $comment_content) $dupe = "SELECT comment_ID FROM $wpdb->comments WHERE comment_post_ID = '$comment_post_ID' AND ( comment_author = '$comment_author' "; if ( $comment_author_email ) $dupe .= "OR comment_author_email = '$comment_author_email' "; @@ -194,7 +195,7 @@ function wp_allow_comment($commentdata) { if ( $user_id ) { $userdata = get_userdata($user_id); $user = new WP_User($user_id); - $post_author = $wpdb->get_var($wpdb->prepare("SELECT post_author FROM $wpdb->posts WHERE ID = %d LIMIT 1", $comment_post_ID)); + $post_author = $wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = '$comment_post_ID' LIMIT 1"); } if ( $userdata && is_site_admin( $userdata->user_login ) == false && ( $user_id == $post_author || $user->has_cap('level_9' ) ) ) { diff --git a/wp-includes/default-filters.php b/wp-includes/default-filters.php index 15fab15..3fc94e8 100644 --- a/wp-includes/default-filters.php +++ b/wp-includes/default-filters.php @@ -141,7 +141,6 @@ add_action('wp_head', 'locale_stylesheet'); add_action('publish_future_post', 'wp_publish_post', 10, 1); add_action('wp_head', 'noindex', 1); add_action('wp_head', 'wp_print_scripts'); -add_action('wp_head', 'wp_generator'); if(!defined('DOING_CRON')) add_action('init', 'wp_cron'); add_action('do_feed_rdf', 'do_feed_rdf', 10, 1); diff --git a/wp-includes/feed-atom-comments.php b/wp-includes/feed-atom-comments.php index 72897bb..ee9a73b 100644 --- a/wp-includes/feed-atom-comments.php +++ b/wp-includes/feed-atom-comments.php @@ -18,7 +18,7 @@ echo '<?xml version="1.0" encoding="' . get_option('blog_charset') . '" ?' . '>' <subtitle type="text"><?php bloginfo_rss('description'); ?></subtitle> <updated><?php echo mysql2date('Y-m-d\TH:i:s\Z', get_lastcommentmodified('GMT')); ?></updated> - <?php the_generator( 'atom' ); ?> + <generator uri="http://wordpress.org/" version="<?php bloginfo('version'); ?>">WordPress</generator> <link rel="alternate" type="<?php bloginfo_rss('html_type'); ?>" href="<?php bloginfo_rss('home'); ?>" /> <link rel="self" type="application/atom+xml" href="<?php bloginfo_rss('comments_atom_url'); ?>" /> diff --git a/wp-includes/feed-atom.php b/wp-includes/feed-atom.php index 5f5570d..f80f48f 100644 --- a/wp-includes/feed-atom.php +++ b/wp-includes/feed-atom.php @@ -15,7 +15,7 @@ $more = 1; <subtitle type="text"><?php bloginfo_rss("description") ?></subtitle> <updated><?php echo mysql2date('Y-m-d\TH:i:s\Z', get_lastpostmodified('GMT')); ?></updated> - <?php the_generator( 'atom' ); ?> + <generator uri="http://wordpress.org/" version="<?php bloginfo_rss('version'); ?>">WordPress</generator> <link rel="alternate" type="text/html" href="<?php bloginfo_rss('home') ?>" /> <id><?php bloginfo('atom_url'); ?></id> @@ -30,18 +30,15 @@ $more = 1; <uri><?php the_author_url()?></uri> <?php endif; ?> </author> -<?php list($content_type, $content) = prep_atom_text_construct(get_the_title()); ?> - <title type="<?php echo $content_type ?>"><?php echo $content ?></title> + <title type="<?php html_type_rss(); ?>"><![CDATA[<?php the_title_rss() ?>]]></title> <link rel="alternate" type="text/html" href="<?php the_permalink_rss() ?>" /> <id><?php the_guid(); ?></id> <updated><?php echo get_post_modified_time('Y-m-d\TH:i:s\Z', true); ?></updated> <published><?php echo get_post_time('Y-m-d\TH:i:s\Z', true); ?></published> <?php the_category_rss('atom') ?> -<?php list($content_type, $content) = prep_atom_text_construct(get_the_excerpt()); ?> - <summary type="<?php echo $content_type ?>"><?php echo $content ?></summary> + <summary type="<?php html_type_rss(); ?>"><![CDATA[<?php the_excerpt_rss(); ?>]]></summary> <?php if ( !get_option('rss_use_excerpt') ) : ?> -<?php list($content_type, $content) = prep_atom_text_construct(get_the_content()); ?> - <content type="<?php echo $content_type ?>" xml:base="<?php the_permalink_rss()?>"><?php echo $content ?></content> + <content type="<?php html_type_rss(); ?>" xml:base="<?php the_permalink_rss() ?>"><![CDATA[<?php the_content('', 0, '') ?>]]></content> <?php endif; ?> <?php atom_enclosure(); ?> <?php do_action('atom_entry'); ?> diff --git a/wp-includes/feed-rdf.php b/wp-includes/feed-rdf.php index dd0b785..1f92b23 100644 --- a/wp-includes/feed-rdf.php +++ b/wp-includes/feed-rdf.php @@ -4,6 +4,7 @@ $more = 1; ?> <?php echo '<?xml version="1.0" encoding="'.get_option('blog_charset').'"?'.'>'; ?> +<!-- generator="wordpress/<?php echo $wp_version ?>" --> <rdf:RDF xmlns="http://purl.org/rss/1.0/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" @@ -18,7 +19,7 @@ $more = 1; <link><?php bloginfo_rss('url') ?></link> <description><?php bloginfo_rss('description') ?></description> <dc:date><?php echo mysql2date('Y-m-d\TH:i:s\Z', get_lastpostmodified('GMT'), false); ?></dc:date> - <?php the_generator( 'rdf' ); ?> + <admin:generatorAgent rdf:resource="http://wordpress.org/?v=<?php echo $wp_version ?>"/> <sy:updatePeriod>hourly</sy:updatePeriod> <sy:updateFrequency>1</sy:updateFrequency> <sy:updateBase>2000-01-01T12:00+00:00</sy:updateBase> diff --git a/wp-includes/feed-rss.php b/wp-includes/feed-rss.php index 900dcec..469e4bc 100644 --- a/wp-includes/feed-rss.php +++ b/wp-includes/feed-rss.php @@ -4,7 +4,7 @@ $more = 1; ?> <?php echo '<?xml version="1.0" encoding="'.get_option('blog_charset').'"?'.'>'; ?> -<?php the_generator( 'comment' ); ?> +<!-- generator="wordpress/<?php echo $wp_version ?>" --> <rss version="0.92"> <channel> <title><?php bloginfo_rss('name'); wp_title_rss(); ?></title> diff --git a/wp-includes/feed-rss2-comments.php b/wp-includes/feed-rss2-comments.php index ba06573..7bd5ae2 100644 --- a/wp-includes/feed-rss2-comments.php +++ b/wp-includes/feed-rss2-comments.php @@ -3,10 +3,10 @@ header('Content-Type: text/xml;charset=' . get_option('blog_charset'), true); echo '<?xml version="1.0" encoding="'.get_option('blog_charset').'"?'.'>'; ?> +<!-- generator="wordpress/<?php echo $wp_version ?>" --> <rss version="2.0" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" - xmlns:atom="http://www.w3.org/2005/Atom" > <channel> <title><?php @@ -17,11 +17,10 @@ echo '<?xml version="1.0" encoding="'.get_option('blog_charset').'"?'.'>'; else printf(__('Comments for %s'), get_bloginfo_rss( 'name' ) . get_wp_title_rss()); ?></title> - <atom:link href="<?php bloginfo('comments_rss2_url') ?>" rel="self" type="application/rss+xml" /> <link><?php (is_single()) ? the_permalink_rss() : bloginfo_rss("url") ?></link> <description><?php bloginfo_rss("description") ?></description> <pubDate><?php echo gmdate('r'); ?></pubDate> - <?php the_generator( 'rss2' ); ?> + <generator>http://wordpress.org/?v=<?php echo $wp_version ?></generator> <?php do_action('commentsrss2_head'); ?> <?php if ( have_comments() ) : while ( have_comments() ) : the_comment(); diff --git a/wp-includes/feed-rss2.php b/wp-includes/feed-rss2.php index 5b330ad..21d9b8e 100644 --- a/wp-includes/feed-rss2.php +++ b/wp-includes/feed-rss2.php @@ -5,21 +5,20 @@ $more = 1; ?> <?php echo '<?xml version="1.0" encoding="'.get_option('blog_charset').'"?'.'>'; ?> +<!-- generator="wordpress/<?php bloginfo_rss('version') ?>" --> <rss version="2.0" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:wfw="http://wellformedweb.org/CommentAPI/" xmlns:dc="http://purl.org/dc/elements/1.1/" - xmlns:atom="http://www.w3.org/2005/Atom" <?php do_action('rss2_ns'); ?> > <channel> <title><?php bloginfo_rss('name'); wp_title_rss(); ?></title> - <atom:link href="<?php bloginfo('rss2_url') ?>" rel="self" type="application/rss+xml" /> <link><?php bloginfo_rss('url') ?></link> <description><?php bloginfo_rss("description") ?></description> <pubDate><?php echo mysql2date('D, d M Y H:i:s +0000', get_lastpostmodified('GMT'), false); ?></pubDate> - <?php the_generator( 'rss2' ); ?> + <generator>http://wordpress.org/?v=<?php bloginfo_rss('version'); ?></generator> <language><?php echo get_option('rss_language'); ?></language> <?php do_action('rss2_head'); ?> <?php while( have_posts()) : the_post(); ?> diff --git a/wp-includes/feed.php b/wp-includes/feed.php index 6b431b1..8f9219c 100644 --- a/wp-includes/feed.php +++ b/wp-includes/feed.php @@ -250,47 +250,4 @@ function atom_enclosure() { } } -/** - * prep_atom_text_construct() - determine if given string of data is - * type text, html, or xhtml, per RFC 4287 section 3.1. - * - * In the case of WordPress, text is defined as containing no markup, - * xhtml is defined as "well formed", and html as tag soup (i.e., the rest). - * - * Container div tags are added to xhtml values, per section 3.1.1.3. - * - * @package WordPress - * @subpackage Feed - * @since 2.4 - * - * @param string $data input string - * @return array $result array(type, value) - * @link http://www.atomenabled.org/developers/syndication/atom-format-spec.php#rfc.section.3.1 - */ -function prep_atom_text_construct($data) { - if (strpos($data, '<') === false && strpos($data, '&') === false) { - return array('text', $data); - } - - $parser = xml_parser_create(); - xml_parse($parser, '<div>' . $data . '</div>', true); - $code = xml_get_error_code($parser); - xml_parser_free($parser); - - if (!$code) { - if (strpos($data, '<') === false) { - return array('text', $data); - } else { - $data = "<div xmlns='http://www.w3.org/1999/xhtml'>$data</div>"; - return array('xhtml', $data); - } - } - - if (strpos($data, ']]>') == false) { - return array('html', "<![CDATA[$data]]>"); - } else { - return array('html', htmlspecialchars($data)); - } -} - ?> diff --git a/wp-includes/functions.php b/wp-includes/functions.php index 0a241d6..bd89231 100644 --- a/wp-includes/functions.php +++ b/wp-includes/functions.php @@ -1,10 +1,11 @@ <?php -function mysql2date( $dateformatstring, $mysqlstring, $translate = true ) { +function mysql2date($dateformatstring, $mysqlstring, $translate = true) { global $wp_locale; $m = $mysqlstring; - if ( empty( $m ) ) + if ( empty($m) ) { return false; + } $i = mktime( (int) substr( $m, 11, 2 ), (int) substr( $m, 14, 2 ), (int) substr( $m, 17, 2 ), (int) substr( $m, 5, 2 ), (int) substr( $m, 8, 2 ), (int) substr( $m, 0, 4 ) @@ -16,173 +17,166 @@ function mysql2date( $dateformatstring, $mysqlstring, $translate = true ) { if ( -1 == $i || false == $i ) $i = 0; - if ( !empty( $wp_locale->month ) && !empty( $wp_locale->weekday ) && $translate ) { - $datemonth = $wp_locale->get_month( date( 'm', $i ) ); - $datemonth_abbrev = $wp_locale->get_month_abbrev( $datemonth ); - $dateweekday = $wp_locale->get_weekday( date( 'w', $i ) ); - $dateweekday_abbrev = $wp_locale->get_weekday_abbrev( $dateweekday ); - $datemeridiem = $wp_locale->get_meridiem( date( 'a', $i ) ); - $datemeridiem_capital = $wp_locale->get_meridiem( date( 'A', $i ) ); - $dateformatstring = ' ' . $dateformatstring; - $dateformatstring = preg_replace( "/([^\\\])D/", "\\1" . backslashit( $dateweekday_abbrev ), $dateformatstring ); - $dateformatstring = preg_replace( "/([^\\\])F/", "\\1" . backslashit( $datemonth ), $dateformatstring ); - $dateformatstring = preg_replace( "/([^\\\])l/", "\\1" . backslashit( $dateweekday ), $dateformatstring ); - $dateformatstring = preg_replace( "/([^\\\])M/", "\\1" . backslashit( $datemonth_abbrev ), $dateformatstring ); - $dateformatstring = preg_replace( "/([^\\\])a/", "\\1" . backslashit( $datemeridiem ), $dateformatstring ); - $dateformatstring = preg_replace( "/([^\\\])A/", "\\1" . backslashit( $datemeridiem_capital ), $dateformatstring ); - - $dateformatstring = substr( $dateformatstring, 1, strlen( $dateformatstring ) -1 ); - } - $j = @date( $dateformatstring, $i ); - - /* - if ( !$j ) // for debug purposes - echo $i." ".$mysqlstring; - */ - + if ( !empty($wp_locale->month) && !empty($wp_locale->weekday) && $translate ) { + $datemonth = $wp_locale->get_month(date('m', $i)); + $datemonth_abbrev = $wp_locale->get_month_abbrev($datemonth); + $dateweekday = $wp_locale->get_weekday(date('w', $i)); + $dateweekday_abbrev = $wp_locale->get_weekday_abbrev($dateweekday); + $datemeridiem = $wp_locale->get_meridiem(date('a', $i)); + $datemeridiem_capital = $wp_locale->get_meridiem(date('A', $i)); + $dateformatstring = ' '.$dateformatstring; + $dateformatstring = preg_replace("/([^\\\])D/", "\\1".backslashit($dateweekday_abbrev), $dateformatstring); + $dateformatstring = preg_replace("/([^\\\])F/", "\\1".backslashit($datemonth), $dateformatstring); + $dateformatstring = preg_replace("/([^\\\])l/", "\\1".backslashit($dateweekday), $dateformatstring); + $dateformatstring = preg_replace("/([^\\\])M/", "\\1".backslashit($datemonth_abbrev), $dateformatstring); + $dateformatstring = preg_replace("/([^\\\])a/", "\\1".backslashit($datemeridiem), $dateformatstring); + $dateformatstring = preg_replace("/([^\\\])A/", "\\1".backslashit($datemeridiem_capital), $dateformatstring); + + $dateformatstring = substr($dateformatstring, 1, strlen($dateformatstring)-1); + } + $j = @date($dateformatstring, $i); + if ( !$j ) { + // for debug purposes + // echo $i." ".$mysqlstring; + } return $j; } - -function current_time( $type, $gmt = 0 ) { - switch ( $type ) { +function current_time($type, $gmt = 0) { + switch ($type) { case 'mysql': - return ( $gmt ) ? gmdate( 'Y-m-d H:i:s' ) : gmdate( 'Y-m-d H:i:s', ( time() + ( get_option( 'gmt_offset' ) * 3600 ) ) ); + if ( $gmt ) $d = gmdate('Y-m-d H:i:s'); + else $d = gmdate('Y-m-d H:i:s', (time() + (get_option('gmt_offset') * 3600))); + return $d; break; case 'timestamp': - return ( $gmt ) ? time() : time() + ( get_option( 'gmt_offset' ) * 3600 ); + if ( $gmt ) $d = time(); + else $d = time() + (get_option('gmt_offset') * 3600); + return $d; break; } } - -function date_i18n( $dateformatstring, $unixtimestamp ) { +function date_i18n($dateformatstring, $unixtimestamp) { global $wp_locale; $i = $unixtimestamp; - if ( ( !empty( $wp_locale->month ) ) && ( !empty( $wp_locale->weekday ) ) ) { - $datemonth = $wp_locale->get_month( date( 'm', $i ) ); - $datemonth_abbrev = $wp_locale->get_month_abbrev( $datemonth ); - $dateweekday = $wp_locale->get_weekday( date( 'w', $i ) ); - $dateweekday_abbrev = $wp_locale->get_weekday_abbrev( $dateweekday ); - $datemeridiem = $wp_locale->get_meridiem( date( 'a', $i ) ); - $datemeridiem_capital = $wp_locale->get_meridiem( date( 'A', $i ) ); + if ( (!empty($wp_locale->month)) && (!empty($wp_locale->weekday)) ) { + $datemonth = $wp_locale->get_month(date('m', $i)); + $datemonth_abbrev = $wp_locale->get_month_abbrev($datemonth); + $dateweekday = $wp_locale->get_weekday(date('w', $i)); + $dateweekday_abbrev = $wp_locale->get_weekday_abbrev($dateweekday); + $datemeridiem = $wp_locale->get_meridiem(date('a', $i)); + $datemeridiem_capital = $wp_locale->get_meridiem(date('A', $i)); $dateformatstring = ' '.$dateformatstring; - $dateformatstring = preg_replace( "/([^\\\])D/", "\\1" . backslashit( $dateweekday_abbrev ), $dateformatstring ); - $dateformatstring = preg_replace( "/([^\\\])F/", "\\1" . backslashit( $datemonth ), $dateformatstring ); - $dateformatstring = preg_replace( "/([^\\\])l/", "\\1" . backslashit( $dateweekday ), $dateformatstring ); - $dateformatstring = preg_replace( "/([^\\\])M/", "\\1" . backslashit( $datemonth_abbrev ), $dateformatstring ); - $dateformatstring = preg_replace( "/([^\\\])a/", "\\1" . backslashit( $datemeridiem ), $dateformatstring ); - $dateformatstring = preg_replace( "/([^\\\])A/", "\\1" . backslashit( $datemeridiem_capital ), $dateformatstring ); - - $dateformatstring = substr( $dateformatstring, 1, strlen( $dateformatstring ) -1 ); + $dateformatstring = preg_replace("/([^\\\])D/", "\\1".backslashit($dateweekday_abbrev), $dateformatstring); + $dateformatstring = preg_replace("/([^\\\])F/", "\\1".backslashit($datemonth), $dateformatstring); + $dateformatstring = preg_replace("/([^\\\])l/", "\\1".backslashit($dateweekday), $dateformatstring); + $dateformatstring = preg_replace("/([^\\\])M/", "\\1".backslashit($datemonth_abbrev), $dateformatstring); + $dateformatstring = preg_replace("/([^\\\])a/", "\\1".backslashit($datemeridiem), $dateformatstring); + $dateformatstring = preg_replace("/([^\\\])A/", "\\1".backslashit($datemeridiem_capital), $dateformatstring); + + $dateformatstring = substr($dateformatstring, 1, strlen($dateformatstring)-1); } - $j = @date( $dateformatstring, $i ); + $j = @date($dateformatstring, $i); return $j; } - -function number_format_i18n( $number, $decimals = null ) { +function number_format_i18n($number, $decimals = null) { global $wp_locale; // let the user override the precision only - $decimals = ( is_null( $decimals ) ) ? $wp_locale->number_format['decimals'] : intval( $decimals ); + $decimals = is_null($decimals)? $wp_locale->number_format['decimals'] : intval($decimals); - return number_format( $number, $decimals, $wp_locale->number_format['decimal_point'], $wp_locale->number_format['thousands_sep'] ); + return number_format($number, $decimals, $wp_locale->number_format['decimal_point'], $wp_locale->number_format['thousands_sep']); } - -function size_format( $bytes, $decimals = null ) { +function size_format($bytes, $decimals = null) { // technically the correct unit names for powers of 1024 are KiB, MiB etc // see http://en.wikipedia.org/wiki/Byte $quant = array( - // ========================= Origin ==== - 'TB' => 1099511627776, // pow( 1024, 4) - 'GB' => 1073741824, // pow( 1024, 3) - 'MB' => 1048576, // pow( 1024, 2) - 'kB' => 1024, // pow( 1024, 1) - 'B ' => 1, // pow( 1024, 0) + 'TB' => pow(1024, 4), + 'GB' => pow(1024, 3), + 'MB' => pow(1024, 2), + 'kB' => pow(1024, 1), + 'B' => pow(1024, 0), ); - foreach ( $quant as $unit => $mag ) - if ( intval( $bytes ) >= $mag ) - return number_format_i18n( $bytes / $mag, $decimals ) . ' ' . $unit; + foreach ($quant as $unit => $mag) + if ( intval($bytes) >= $mag ) + return number_format_i18n($bytes / $mag, $decimals) . ' ' . $unit; } - -function get_weekstartend( $mysqlstring, $start_of_week ) { - $my = substr( $mysqlstring, 0, 4 ); - $mm = substr( $mysqlstring, 8, 2 ); - $md = substr( $mysqlstring, 5, 2 ); - $day = mktime( 0, 0, 0, $md, $mm, $my ); - $weekday = date( 'w', $day ); +function get_weekstartend($mysqlstring, $start_of_week) { + $my = substr($mysqlstring,0,4); + $mm = substr($mysqlstring,8,2); + $md = substr($mysqlstring,5,2); + $day = mktime(0,0,0, $md, $mm, $my); + $weekday = date('w',$day); $i = 86400; - if ( $weekday < get_option( 'start_of_week' ) ) - $weekday = 7 - ( get_option( 'start_of_week' ) - $weekday ); + if ( $weekday < get_option('start_of_week') ) + $weekday = 7 - (get_option('start_of_week') - $weekday); - while ( $weekday > get_option( 'start_of_week' ) ) { - $weekday = date( 'w', $day ); - if ( $weekday < get_option( 'start_of_week' ) ) - $weekday = 7 - ( get_option( 'start_of_week' ) - $weekday ); + while ($weekday > get_option('start_of_week')) { + $weekday = date('w',$day); + if ( $weekday < get_option('start_of_week') ) + $weekday = 7 - (get_option('start_of_week') - $weekday); $day = $day - 86400; $i = 0; } $week['start'] = $day + 86400 - $i; + // $week['end'] = $day - $i + 691199; $week['end'] = $week['start'] + 604799; return $week; } - -function maybe_unserialize( $original ) { - if ( is_serialized( $original ) ) // don't attempt to unserialize data that wasn't serialized going in - if ( false !== $gm = @unserialize( $original ) ) +function maybe_unserialize($original) { + if ( is_serialized($original) ) // don't attempt to unserialize data that wasn't serialized going in + if ( false !== $gm = @ unserialize($original) ) return $gm; return $original; } - -function is_serialized( $data ) { +function is_serialized($data) { // if it isn't a string, it isn't serialized - if ( !is_string( $data ) ) + if ( !is_string($data) ) return false; - $data = trim( $data ); + $data = trim($data); if ( 'N;' == $data ) return true; - if ( !preg_match( '/^([adObis]):/', $data, $badions ) ) + if ( !preg_match('/^([adObis]):/', $data, $badions) ) return false; - switch ( $badions[1] ) { - case 'a' : - case 'O' : - case 's' : - if ( preg_match( "/^{$badions[1]}:[0-9]+:.*[;}]\$/s", $data ) ) - return true; - break; - case 'b' : - case 'i' : - case 'd' : - if ( preg_match( "/^{$badions[1]}:[0-9.E-]+;\$/", $data ) ) - return true; - break; - } + switch ( $badions[1] ) : + case 'a' : + case 'O' : + case 's' : + if ( preg_match("/^{$badions[1]}:[0-9]+:.*[;}]\$/s", $data) ) + return true; + break; + case 'b' : + case 'i' : + case 'd' : + if ( preg_match("/^{$badions[1]}:[0-9.E-]+;\$/", $data) ) + return true; + break; + endswitch; return false; } - -function is_serialized_string( $data ) { +function is_serialized_string($data) { // if it isn't a string, it isn't a serialized string - if ( !is_string( $data ) ) + if ( !is_string($data) ) return false; - $data = trim( $data ); - if ( preg_match( '/^s:[0-9]+:.*;$/s', $data ) ) // this should fetch all serialized strings + $data = trim($data); + if ( preg_match('/^s:[0-9]+:.*;$/s',$data) ) // this should fetch all serialized strings return true; return false; } - /* Options functions */ // expects $setting to already be SQL-escaped -function get_option( $setting ) { +function get_option($setting) { global $wpdb, $switched, $current_blog; // Allow plugins to short-circuit options. @@ -197,31 +191,30 @@ function get_option( $setting ) { } // prevent non-existent options from triggering multiple queries - $notoptions = wp_cache_get( 'notoptions', 'options' ); - if ( isset( $notoptions[$setting] ) ) + $notoptions = wp_cache_get('notoptions', 'options'); + if ( isset($notoptions[$setting]) ) return false; $alloptions = wp_load_alloptions(); - if ( isset( $alloptions[$setting] ) ) { + if ( isset($alloptions[$setting]) ) { $value = $alloptions[$setting]; } else { - $value = wp_cache_get( $setting, 'options' ); + $value = wp_cache_get($setting, 'options'); if ( false === $value ) { - if ( defined( 'WP_INSTALLING' ) ) + if ( defined('WP_INSTALLING') ) $wpdb->hide_errors(); - // expected_slashed ($setting) - $row = $wpdb->get_row( "SELECT option_value FROM $wpdb->options WHERE option_name = '$setting' LIMIT 1" ); - if ( defined( 'WP_INSTALLING' ) ) + $row = $wpdb->get_row("SELECT option_value FROM $wpdb->options WHERE option_name = '$setting' LIMIT 1"); + if ( defined('WP_INSTALLING') ) $wpdb->show_errors(); - if ( is_object( $row) ) { // Has to be get_row instead of get_var because of funkiness with 0, false, null values + if( is_object( $row) ) { // Has to be get_row instead of get_var because of funkiness with 0, false, null values $value = $row->option_value; - wp_cache_add( $setting, $value, 'options' ); + wp_cache_add($setting, $value, 'options'); } else { // option does not exist, so we must cache its non-existence $notoptions[$setting] = true; - wp_cache_set( 'notoptions', $notoptions, 'options' ); + wp_cache_set('notoptions', $notoptions, 'options'); return false; } } @@ -229,277 +222,280 @@ function get_option( $setting ) { // If home is not set use siteurl. if ( 'home' == $setting && '' == $value ) - return get_option( 'siteurl' ); + return get_option('siteurl'); - if ( in_array( $setting, array('siteurl', 'home', 'category_base', 'tag_base') ) ) - $value = untrailingslashit( $value ); + if ( in_array($setting, array('siteurl', 'home', 'category_base', 'tag_base')) ) + $value = untrailingslashit($value); - return apply_filters( 'option_' . $setting, maybe_unserialize( $value ) ); + return apply_filters( 'option_' . $setting, maybe_unserialize($value) ); } - -function wp_protect_special_option( $option ) { - $protected = array( 'alloptions', 'notoptions' ); - if ( in_array( $option, $protected ) ) - die( sprintf( __( '%s is a protected WP option and may not be modified' ), wp_specialchars( $option ) ) ); +function wp_protect_special_option($option) { + $protected = array('alloptions', 'notoptions'); + if ( in_array($option, $protected) ) + die(sprintf(__('%s is a protected WP option and may not be modified'), wp_specialchars($option))); } -function form_option( $option ) { - echo attribute_escape (get_option( $option ) ); +function form_option($option) { + echo attribute_escape(get_option($option)); } function get_alloptions() { global $wpdb, $wp_queries; $wpdb->hide_errors(); - if ( !$options = $wpdb->get_results( "SELECT option_name, option_value FROM $wpdb->options WHERE autoload = 'yes'" ) ) - $options = $wpdb->get_results( "SELECT option_name, option_value FROM $wpdb->options" ); + if ( !$options = $wpdb->get_results("SELECT option_name, option_value FROM $wpdb->options WHERE autoload = 'yes'") ) { + $options = $wpdb->get_results("SELECT option_name, option_value FROM $wpdb->options"); + } $wpdb->show_errors(); - foreach ( $options as $option ) { + foreach ($options as $option) { // "When trying to design a foolproof system, // never underestimate the ingenuity of the fools :)" -- Dougal - if ( in_array( $option->option_name, array( 'siteurl', 'home', 'category_base' ) ) ) - $option->option_value = untrailingslashit( $option->option_value ); - $value = maybe_unserialize( $option->option_value ); - $all_options->{$option->option_name} = apply_filters( 'pre_option_' . $option->option_name, $value ); + if ( 'siteurl' == $option->option_name ) + $option->option_value = preg_replace('|/+$|', '', $option->option_value); + if ( 'home' == $option->option_name ) + $option->option_value = preg_replace('|/+$|', '', $option->option_value); + if ( 'category_base' == $option->option_name ) + $option->option_value = preg_replace('|/+$|', '', $option->option_value); + $value = maybe_unserialize($option->option_value); + $all_options->{$option->option_name} = apply_filters('pre_option_' . $option->option_name, $value); } - return apply_filters( 'all_options', $all_options ); + return apply_filters('all_options', $all_options); } - function wp_load_alloptions() { global $wpdb; - $alloptions = wp_cache_get( 'alloptions', 'options' ); + $alloptions = wp_cache_get('alloptions', 'options'); if ( !$alloptions ) { $wpdb->hide_errors(); - if ( !$alloptions_db = $wpdb->get_results( "SELECT option_name, option_value FROM $wpdb->options WHERE autoload = 'yes'" ) ) - $alloptions_db = $wpdb->get_results( "SELECT option_name, option_value FROM $wpdb->options" ); + if ( !$alloptions_db = $wpdb->get_results("SELECT option_name, option_value FROM $wpdb->options WHERE autoload = 'yes'") ) + $alloptions_db = $wpdb->get_results("SELECT option_name, option_value FROM $wpdb->options"); $wpdb->show_errors(); $alloptions = array(); foreach ( (array) $alloptions_db as $o ) $alloptions[$o->option_name] = $o->option_value; - wp_cache_add( 'alloptions', $alloptions, 'options' ); + wp_cache_add('alloptions', $alloptions, 'options'); } return $alloptions; } - // expects $option_name to NOT be SQL-escaped -function update_option( $option_name, $newvalue ) { +function update_option($option_name, $newvalue) { global $wpdb; - wp_protect_special_option( $option_name ); + wp_protect_special_option($option_name); - $safe_option_name = $wpdb->escape( $option_name ); - $newvalue = sanitize_option( $option_name, $newvalue ); + $safe_option_name = $wpdb->escape($option_name); + $newvalue = sanitize_option($option_name, $newvalue); - // Likely legacy -- can we drop this? - if ( is_string( $newvalue ) ) - $newvalue = trim( $newvalue ); + if ( is_string($newvalue) ) + $newvalue = trim($newvalue); // If the new and old values are the same, no need to update. - $oldvalue = get_option( $safe_option_name ); - if ( $newvalue === $oldvalue ) + $oldvalue = get_option($safe_option_name); + if ( $newvalue === $oldvalue ) { return false; + } if ( false === $oldvalue ) { - add_option( $option_name, $newvalue ); + add_option($option_name, $newvalue); return true; } - $notoptions = wp_cache_get( 'notoptions', 'options' ); - if ( is_array( $notoptions ) && isset( $notoptions[$option_name] ) ) { - unset( $notoptions[$option_name] ); - wp_cache_set( 'notoptions', $notoptions, 'options' ); + $notoptions = wp_cache_get('notoptions', 'options'); + if ( is_array($notoptions) && isset($notoptions[$option_name]) ) { + unset($notoptions[$option_name]); + wp_cache_set('notoptions', $notoptions, 'options'); } $_newvalue = $newvalue; - $newvalue = maybe_serialize( $newvalue ); + $newvalue = maybe_serialize($newvalue); $alloptions = wp_load_alloptions(); - if ( isset( $alloptions[$option_name] ) ) { + if ( isset($alloptions[$option_name]) ) { $alloptions[$option_name] = $newvalue; - wp_cache_set( 'alloptions', $alloptions, 'options' ); + wp_cache_set('alloptions', $alloptions, 'options'); } else { - wp_cache_set( $option_name, $newvalue, 'options' ); + wp_cache_set($option_name, $newvalue, 'options'); } - $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->options SET option_value = %s WHERE option_name = %s", $newvalue, $option_name ) ); + $newvalue = $wpdb->escape($newvalue); + $option_name = $wpdb->escape($option_name); + $wpdb->query("UPDATE $wpdb->options SET option_value = '$newvalue' WHERE option_name = '$option_name'"); if ( $wpdb->rows_affected == 1 ) { - do_action( "update_option_{$option_name}", $oldvalue, $_newvalue ); + do_action("update_option_{$option_name}", $oldvalue, $_newvalue); return true; } return false; } - // thx Alex Stapleton, http://alex.vort-x.net/blog/ // expects $name to NOT be SQL-escaped -function add_option( $name, $value = '', $deprecated = '', $autoload = 'yes' ) { +function add_option($name, $value = '', $deprecated = '', $autoload = 'yes') { global $wpdb; - wp_protect_special_option( $name ); - $safe_name = $wpdb->escape( $name ); + wp_protect_special_option($name); + $safe_name = $wpdb->escape($name); // Make sure the option doesn't already exist. We can check the 'notoptions' cache before we ask for a db query - $notoptions = wp_cache_get( 'notoptions', 'options' ); - if ( !is_array( $notoptions ) || !isset( $notoptions[$name] ) ) - if ( false !== get_option( $safe_name ) ) + $notoptions = wp_cache_get('notoptions', 'options'); + if ( !is_array($notoptions) || !isset($notoptions[$name]) ) + if ( false !== get_option($safe_name) ) return; - $value = maybe_serialize( $value ); + $value = maybe_serialize($value); $autoload = ( 'no' === $autoload ) ? 'no' : 'yes'; if ( 'yes' == $autoload ) { $alloptions = wp_load_alloptions(); $alloptions[$name] = $value; - wp_cache_set( 'alloptions', $alloptions, 'options' ); + wp_cache_set('alloptions', $alloptions, 'options'); } else { - wp_cache_set( $name, $value, 'options' ); + wp_cache_set($name, $value, 'options'); } // This option exists now - $notoptions = wp_cache_get( 'notoptions', 'options' ); // yes, again... we need it to be fresh - if ( is_array( $notoptions ) && isset( $notoptions[$name] ) ) { - unset( $notoptions[$name] ); - wp_cache_set( 'notoptions', $notoptions, 'options' ); + $notoptions = wp_cache_get('notoptions', 'options'); // yes, again... we need it to be fresh + if ( is_array($notoptions) && isset($notoptions[$name]) ) { + unset($notoptions[$name]); + wp_cache_set('notoptions', $notoptions, 'options'); } - $wpdb->query( $wpdb->prepare( "INSERT INTO $wpdb->options (option_name, option_value, autoload) VALUES (%s, %s, %s)", $name, $value, $autoload ) ); + $name = $wpdb->escape($name); + $value = $wpdb->escape($value); + $wpdb->query("INSERT INTO $wpdb->options (option_name, option_value, autoload) VALUES ('$name', '$value', '$autoload')"); return; } - -function delete_option( $name ) { +function delete_option($name) { global $wpdb; - wp_protect_special_option( $name ); + wp_protect_special_option($name); // Get the ID, if no ID then return - // expected_slashed ($name) - $option = $wpdb->get_row( "SELECT option_id, autoload FROM $wpdb->options WHERE option_name = '$name'" ); - if ( !$option->option_id ) - return false; - // expected_slashed ($name) - $wpdb->query( "DELETE FROM $wpdb->options WHERE option_name = '$name'" ); + $option = $wpdb->get_row("SELECT option_id, autoload FROM $wpdb->options WHERE option_name = '$name'"); + if ( !$option->option_id ) return false; + $wpdb->query("DELETE FROM $wpdb->options WHERE option_name = '$name'"); if ( 'yes' == $option->autoload ) { $alloptions = wp_load_alloptions(); - if ( isset( $alloptions[$name] ) ) { - unset( $alloptions[$name] ); - wp_cache_set( 'alloptions', $alloptions, 'options' ); + if ( isset($alloptions[$name]) ) { + unset($alloptions[$name]); + wp_cache_set('alloptions', $alloptions, 'options'); } } else { - wp_cache_delete( $name, 'options' ); + wp_cache_delete($name, 'options'); } return true; } - -function maybe_serialize( $data ) { - if ( is_string( $data ) ) - $data = trim( $data ); - elseif ( is_array( $data ) || is_object( $data ) ) - return serialize( $data ); - if ( is_serialized( $data ) ) - return serialize( $data ); +function maybe_serialize($data) { + if ( is_string($data) ) + $data = trim($data); + elseif ( is_array($data) || is_object($data) ) + return serialize($data); + if ( is_serialized($data) ) + return serialize($data); return $data; } - function gzip_compression() { - if ( !get_option( 'gzipcompression' ) || ini_get( 'zlib.output_compression' ) == 'On' || ini_get( 'zlib.output_compression_level' ) > 0 || ini_get( 'output_handler' ) == 'ob_gzhandler' || !extension_loaded( 'zlib' ) ) + if ( !get_option( 'gzipcompression' ) ) { return false; - ob_start( 'ob_gzhandler' ); -} + } + if ( ( ini_get( 'zlib.output_compression' ) == 'On' || ini_get( 'zlib.output_compression_level' ) > 0 ) || ini_get( 'output_handler' ) == 'ob_gzhandler' ) { + return false; + } + + if ( extension_loaded( 'zlib' ) ) { + ob_start( 'ob_gzhandler' ); + } +} -function make_url_footnote( $content ) { - preg_match_all( '/<a(.+?)href=\"(.+?)\"(.*?)>(.+?)<\/a>/', $content, $matches ); +function make_url_footnote($content) { + preg_match_all('/<a(.+?)href=\"(.+?)\"(.*?)>(.+?)<\/a>/', $content, $matches); $j = 0; - for ( $i=0; $i<count($matches[0]); $i++ ) { - $links_summary = ( !$j ) ? "\n" : $links_summary; + for ($i=0; $i<count($matches[0]); $i++) { + $links_summary = (!$j) ? "\n" : $links_summary; $j++; $link_match = $matches[0][$i]; $link_number = '['.($i+1).']'; $link_url = $matches[2][$i]; $link_text = $matches[4][$i]; - $content = str_replace( $link_match, $link_text . ' ' . $link_number, $content ); - $link_url = ( ( strtolower( substr( $link_url, 0, 7 ) ) != 'http://' ) && ( strtolower( substr( $link_url, 0, 8 ) ) != 'https://' ) ) ? get_option( 'home' ) . $link_url : $link_url; - $links_summary .= "\n" . $link_number . ' ' . $link_url; + $content = str_replace($link_match, $link_text.' '.$link_number, $content); + $link_url = ((strtolower(substr($link_url,0,7)) != 'http://') && (strtolower(substr($link_url,0,8)) != 'https://')) ? get_option('home') . $link_url : $link_url; + $links_summary .= "\n".$link_number.' '.$link_url; } - $content = strip_tags( $content ); + $content = strip_tags($content); $content .= $links_summary; return $content; } -function xmlrpc_getposttitle( $content ) { +function xmlrpc_getposttitle($content) { global $post_default_title; - if ( preg_match( '/<title>(.+?)<\/title>/is', $content, $matchtitle ) ) { + if ( preg_match('/<title>(.+?)<\/title>/is', $content, $matchtitle) ) { $post_title = $matchtitle[0]; - $post_title = preg_replace( '/<title>/si', '', $post_title ); - $post_title = preg_replace( '/<\/title>/si', '', $post_title ); + $post_title = preg_replace('/<title>/si', '', $post_title); + $post_title = preg_replace('/<\/title>/si', '', $post_title); } else { $post_title = $post_default_title; } return $post_title; } - -function xmlrpc_getpostcategory( $content ) { +function xmlrpc_getpostcategory($content) { global $post_default_category; - if ( preg_match( '/<category>(.+?)<\/category>/is', $content, $matchcat ) ) { - $post_category = trim( $matchcat[1], ',' ); - $post_category = explode( ',', $post_category ); + if ( preg_match('/<category>(.+?)<\/category>/is', $content, $matchcat) ) { + $post_category = trim($matchcat[1], ','); + $post_category = explode(',', $post_category); } else { $post_category = $post_default_category; } return $post_category; } - -function xmlrpc_removepostdata( $content ) { - $content = preg_replace( '/<title>(.+?)<\/title>/si', '', $content ); - $content = preg_replace( '/<category>(.+?)<\/category>/si', '', $content ); - $content = trim( $content ); +function xmlrpc_removepostdata($content) { + $content = preg_replace('/<title>(.+?)<\/title>/si', '', $content); + $content = preg_replace('/<category>(.+?)<\/category>/si', '', $content); + $content = trim($content); return $content; } - -function debug_fopen( $filename, $mode ) { +function debug_fopen($filename, $mode) { global $debug; - if ( 1 == $debug ) { - $fp = fopen( $filename, $mode ); + if ( $debug == 1 ) { + $fp = fopen($filename, $mode); return $fp; } else { return false; } } - -function debug_fwrite( $fp, $string ) { +function debug_fwrite($fp, $string) { global $debug; - if ( 1 == $debug ) - fwrite( $fp, $string ); + if ( $debug == 1 ) { + fwrite($fp, $string); + } } - -function debug_fclose( $fp ) { +function debug_fclose($fp) { global $debug; - if ( 1 == $debug ) - fclose( $fp ); + if ( $debug == 1 ) { + fclose($fp); + } } function do_enclose( $content, $post_ID ) { global $wp_version, $wpdb; - include_once( ABSPATH . WPINC . '/class-IXR.php' ); + include_once (ABSPATH . WPINC . '/class-IXR.php'); - $log = debug_fopen( ABSPATH . 'enclosures.log', 'a' ); + $log = debug_fopen(ABSPATH . 'enclosures.log', 'a'); $post_links = array(); - debug_fwrite( $log, 'BEGIN ' . date( 'YmdHis', time() ) . "\n" ); + debug_fwrite($log, 'BEGIN '.date('YmdHis', time())."\n"); $pung = get_enclosed( $post_ID ); @@ -508,38 +504,37 @@ function do_enclose( $content, $post_ID ) { $punc = '.:?\-'; $any = $ltrs . $gunk . $punc; - preg_match_all( "{\b http : [$any] +? (?= [$punc] * [^$any] | $)}x", $content, $post_links_temp ); + preg_match_all("{\b http : [$any] +? (?= [$punc] * [^$any] | $)}x", $content, $post_links_temp); - debug_fwrite( $log, 'Post contents:' ); - debug_fwrite( $log, $content . "\n" ); + debug_fwrite($log, 'Post contents:'); + debug_fwrite($log, $content."\n"); - foreach ( $post_links_temp[0] as $link_test ) { - if ( !in_array( $link_test, $pung ) ) { // If we haven't pung it already - $test = parse_url( $link_test ); - if ( isset( $test['query'] ) ) + foreach($post_links_temp[0] as $link_test) : + if ( !in_array($link_test, $pung) ) : // If we haven't pung it already + $test = parse_url($link_test); + if ( isset($test['query']) ) $post_links[] = $link_test; - elseif ( $test['path'] != '/' && $test['path'] != '' ) + elseif (($test['path'] != '/') && ($test['path'] != '')) $post_links[] = $link_test; - } - } + endif; + endforeach; - foreach ( $post_links as $url ) { - if ( $url != '' && !$wpdb->get_var( $wpdb->prepare( "SELECT post_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = 'enclosure' AND meta_value LIKE (%s)", $post_ID, $url . '%' ) ) ) { + foreach ($post_links as $url) : + if ( $url != '' && !$wpdb->get_var("SELECT post_id FROM $wpdb->postmeta WHERE post_id = '$post_ID' AND meta_key = 'enclosure' AND meta_value LIKE ('$url%')") ) { if ( $headers = wp_get_http_headers( $url) ) { $len = (int) $headers['content-length']; $type = $wpdb->escape( $headers['content-type'] ); $allowed_types = array( 'video', 'audio' ); if ( in_array( substr( $type, 0, strpos( $type, "/" ) ), $allowed_types ) ) { $meta_value = "$url\n$len\n$type\n"; - $wpdb->query( $wpdb->prepare( "INSERT INTO `$wpdb->postmeta` ( `post_id` , `meta_key` , `meta_value` ) - VALUES ( %d, 'enclosure' , %s)", $post_ID, $meta_value ) ); + $wpdb->query( "INSERT INTO `$wpdb->postmeta` ( `post_id` , `meta_key` , `meta_value` ) + VALUES ( '$post_ID', 'enclosure' , '$meta_value')" ); } } } - } + endforeach; } - function wp_get_http_headers( $url, $red = 1 ) { global $wp_version; @set_time_limit( 60 ); @@ -548,14 +543,14 @@ function wp_get_http_headers( $url, $red = 1 ) { return false; $parts = parse_url( $url ); - $file = $parts['path'] . ( ( $parts['query'] ) ? '?' . $parts['query'] : '' ); + $file = $parts['path'] . ($parts['query'] ? '?'.$parts['query'] : ''); $host = $parts['host']; if ( !isset( $parts['port'] ) ) $parts['port'] = 80; $head = "HEAD $file HTTP/1.1\r\nHOST: $host\r\nUser-Agent: WordPress/" . $wp_version . "\r\n\r\n"; - $fp = @fsockopen( $host, $parts['port'], $err_num, $err_msg, 3 ); + $fp = @fsockopen($host, $parts['port'], $err_num, $err_msg, 3); if ( !$fp ) return false; @@ -564,38 +559,36 @@ function wp_get_http_headers( $url, $red = 1 ) { while ( !feof( $fp ) && strpos( $response, "\r\n\r\n" ) == false ) $response .= fgets( $fp, 2048 ); fclose( $fp ); - preg_match_all( '/(.*?): (.*)\r/', $response, $matches ); - $count = count( $matches[1] ); - for ( $i = 0; $i < $count; $i++ ) { - $key = strtolower( $matches[1][$i] ); + preg_match_all('/(.*?): (.*)\r/', $response, $matches); + $count = count($matches[1]); + for ( $i = 0; $i < $count; $i++) { + $key = strtolower($matches[1][$i]); $headers["$key"] = $matches[2][$i]; } - preg_match( '/.*([0-9]{3}).*/', $response, $return ); + preg_match('/.*([0-9]{3}).*/', $response, $return); $headers['response'] = $return[1]; // HTTP response code eg 204, 200, 404 $code = $headers['response']; - if ( ( '302' == $code || '301' == $code ) && isset( $headers['location'] ) ) + if ( ('302' == $code || '301' == $code) && isset($headers['location']) ) return wp_get_http_headers( $headers['location'], ++$red ); return $headers; } - function is_new_day() { global $day, $previousday; - if ( $day != $previousday ) - return 1; - else - return 0; + if ( $day != $previousday ) { + return(1); + } else { + return(0); + } } - -function build_query( $data ) { - return _http_build_query( $data, NULL, '&', '', false ); +function build_query($data) { + return _http_build_query($data, NULL, '&', '', false); } - /* add_query_arg: Returns a modified querystring by adding a single key & value or an associative array. @@ -608,40 +601,40 @@ add_query_arg(associative_array, oldquery_or_uri) */ function add_query_arg() { $ret = ''; - if ( is_array( func_get_arg(0) ) ) { - if ( @func_num_args() < 2 || false === @func_get_arg( 1 ) ) + if ( is_array(func_get_arg(0)) ) { + if ( @func_num_args() < 2 || false === @func_get_arg(1) ) $uri = $_SERVER['REQUEST_URI']; else - $uri = @func_get_arg( 1 ); + $uri = @func_get_arg(1); } else { - if ( @func_num_args() < 3 || false === @func_get_arg( 2 ) ) + if ( @func_num_args() < 3 || false === @func_get_arg(2) ) $uri = $_SERVER['REQUEST_URI']; else - $uri = @func_get_arg( 2 ); + $uri = @func_get_arg(2); } - if ( $frag = strstr( $uri, '#' ) ) - $uri = substr( $uri, 0, -strlen( $frag ) ); + if ( $frag = strstr($uri, '#') ) + $uri = substr($uri, 0, -strlen($frag)); else $frag = ''; - if ( preg_match( '|^https?://|i', $uri, $matches ) ) { + if ( preg_match('|^https?://|i', $uri, $matches) ) { $protocol = $matches[0]; - $uri = substr( $uri, strlen( $protocol ) ); + $uri = substr($uri, strlen($protocol)); } else { $protocol = ''; } - if ( strpos( $uri, '?' ) !== false ) { - $parts = explode( '?', $uri, 2 ); - if ( 1 == count( $parts ) ) { + if (strpos($uri, '?') !== false) { + $parts = explode('?', $uri, 2); + if ( 1 == count($parts) ) { $base = '?'; $query = $parts[0]; } else { $base = $parts[0] . '?'; $query = $parts[1]; } - } elseif ( !empty( $protocol ) || strpos( $uri, '=' ) === false ) { + } elseif (!empty($protocol) || strpos($uri, '=') === false ) { $base = $uri . '?'; $query = ''; } else { @@ -649,29 +642,28 @@ function add_query_arg() { $query = $uri; } - wp_parse_str( $query, $qs ); - $qs = urlencode_deep( $qs ); // this re-URL-encodes things that were already in the query string - if ( is_array( func_get_arg( 0 ) ) ) { - $kayvees = func_get_arg( 0 ); - $qs = array_merge( $qs, $kayvees ); + wp_parse_str($query, $qs); + $qs = urlencode_deep($qs); // this re-URL-encodes things that were already in the query string + if ( is_array(func_get_arg(0)) ) { + $kayvees = func_get_arg(0); + $qs = array_merge($qs, $kayvees); } else { - $qs[func_get_arg( 0 )] = func_get_arg( 1 ); + $qs[func_get_arg(0)] = func_get_arg(1); } foreach ( $qs as $k => $v ) { if ( $v === false ) - unset( $qs[$k] ); + unset($qs[$k]); } - $ret = build_query( $qs ); - $ret = trim( $ret, '?' ); - $ret = preg_replace( '#=(&|$)#', '$1', $ret ); + $ret = build_query($qs); + $ret = trim($ret, '?'); + $ret = preg_replace('#=(&|$)#', '$1', $ret); $ret = $protocol . $base . $ret . $frag; - $ret = rtrim( $ret, '?' ); + $ret = rtrim($ret, '?'); return $ret; } - /* remove_query_arg: Returns a modified querystring by removing a single key or an array of keys. @@ -682,24 +674,23 @@ remove_query_arg(removekey, [oldquery_or_uri]) or remove_query_arg(removekeyarray, [oldquery_or_uri]) */ -function remove_query_arg( $key, $query=FALSE ) { - if ( is_array( $key ) ) { // removing multiple keys +function remove_query_arg($key, $query=FALSE) { + if ( is_array($key) ) { // removing multiple keys foreach ( (array) $key as $k ) - $query = add_query_arg( $k, FALSE, $query ); + $query = add_query_arg($k, FALSE, $query); return $query; } - return add_query_arg( $key, FALSE, $query ); + return add_query_arg($key, FALSE, $query); } - -function add_magic_quotes( $array ) { +function add_magic_quotes($array) { global $wpdb; - foreach ( $array as $k => $v ) { - if ( is_array( $v ) ) { - $array[$k] = add_magic_quotes( $v ); + foreach ($array as $k => $v) { + if ( is_array($v) ) { + $array[$k] = add_magic_quotes($v); } else { - $array[$k] = $wpdb->escape( $v ); + $array[$k] = $wpdb->escape($v); } } return $array; @@ -707,55 +698,54 @@ function add_magic_quotes( $array ) { function wp_remote_fopen( $uri ) { $timeout = 10; - $parsed_url = @parse_url( $uri ); + $parsed_url = @parse_url($uri); - if ( !$parsed_url || !is_array( $parsed_url ) ) + if ( !$parsed_url || !is_array($parsed_url) ) return false; - if ( !isset( $parsed_url['scheme'] ) || !in_array( $parsed_url['scheme'], array( 'http','https' ) ) ) + if ( !isset($parsed_url['scheme']) || !in_array($parsed_url['scheme'], array('http','https')) ) $uri = 'http://' . $uri; - if ( ini_get( 'allow_url_fopen' ) ) { + if ( ini_get('allow_url_fopen') ) { $fp = @fopen( $uri, 'r' ); if ( !$fp ) return false; //stream_set_timeout($fp, $timeout); // Requires php 4.3 $linea = ''; - while ( $remote_read = fread( $fp, 4096 ) ) + while( $remote_read = fread($fp, 4096) ) $linea .= $remote_read; - fclose( $fp ); + fclose($fp); return $linea; - } elseif ( function_exists( 'curl_init' ) ) { + } else if ( function_exists('curl_init') ) { $handle = curl_init(); - curl_setopt( $handle, CURLOPT_URL, $uri); - curl_setopt( $handle, CURLOPT_CONNECTTIMEOUT, 1 ); - curl_setopt( $handle, CURLOPT_RETURNTRANSFER, 1 ); - curl_setopt( $handle, CURLOPT_TIMEOUT, $timeout ); - $buffer = curl_exec( $handle ); - curl_close( $handle ); + curl_setopt ($handle, CURLOPT_URL, $uri); + curl_setopt ($handle, CURLOPT_CONNECTTIMEOUT, 1); + curl_setopt ($handle, CURLOPT_RETURNTRANSFER, 1); + curl_setopt ($handle, CURLOPT_TIMEOUT, $timeout); + $buffer = curl_exec($handle); + curl_close($handle); return $buffer; } else { return false; } } - -function wp( $query_vars = '' ) { +function wp($query_vars = '') { global $wp, $wp_query, $wp_the_query; - $wp->main( $query_vars ); + + $wp->main($query_vars); if( !isset($wp_the_query) ) $wp_the_query = $wp_query; } - function get_status_header_desc( $code ) { global $wp_header_to_desc; - $code = absint( $code ); + $code = (int) $code; - if ( !isset( $wp_header_to_desc ) ) { + if ( !isset($wp_header_to_desc) ) { $wp_header_to_desc = array( 100 => 'Continue', 101 => 'Switching Protocols', @@ -803,13 +793,13 @@ function get_status_header_desc( $code ) { ); } - if ( isset( $wp_header_to_desc[$code] ) ) + if ( isset( $wp_header_to_desc[$code] ) ) { return $wp_header_to_desc[$code]; - else + } else { return ''; + } } - function status_header( $header ) { $text = get_status_header_desc( $header ); @@ -817,93 +807,86 @@ function status_header( $header ) { return false; $protocol = $_SERVER["SERVER_PROTOCOL"]; - if ( 'HTTP/1.1' != $protocol && 'HTTP/1.0' != $protocol ) + if ( ('HTTP/1.1' != $protocol) && ('HTTP/1.0' != $protocol) ) $protocol = 'HTTP/1.0'; $status_header = "$protocol $header $text"; - if ( function_exists( 'apply_filters' ) ) - $status_header = apply_filters( 'status_header', $status_header, $header, $text, $protocol ); + if ( function_exists('apply_filters') ) + $status_header = apply_filters('status_header', $status_header, $header, $text, $protocol); - if ( version_compare( phpversion(), '4.3.0', '>=' ) ) + if ( version_compare( phpversion(), '4.3.0', '>=' ) ) { return @header( $status_header, true, $header ); - else + } else { return @header( $status_header ); + } } - function nocache_headers() { - // why are these @-silenced when other header calls aren't? - @header( 'Expires: Wed, 11 Jan 1984 05:00:00 GMT' ); - @header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' ); - @header( 'Cache-Control: no-cache, must-revalidate, max-age=0' ); - @header( 'Pragma: no-cache' ); + @ header('Expires: Wed, 11 Jan 1984 05:00:00 GMT'); + @ header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); + @ header('Cache-Control: no-cache, must-revalidate, max-age=0'); + @ header('Pragma: no-cache'); } - function cache_javascript_headers() { $expiresOffset = 864000; // 10 days - header( "Content-Type: text/javascript; charset=" . get_bloginfo( 'charset' ) ); - header( "Vary: Accept-Encoding" ); // Handle proxies - header( "Expires: " . gmdate( "D, d M Y H:i:s", time() + $expiresOffset ) . " GMT" ); + header("Content-Type: text/javascript; charset=" . get_bloginfo('charset')); + header("Vary: Accept-Encoding"); // Handle proxies + header("Expires: " . gmdate("D, d M Y H:i:s", time() + $expiresOffset) . " GMT"); } - function get_num_queries() { global $wpdb; return $wpdb->num_queries; } - function bool_from_yn( $yn ) { return ( strtolower( $yn ) == 'y' ); } - function do_feed() { global $wp_query; - $feed = get_query_var( 'feed' ); + $feed = get_query_var('feed'); // Remove the pad, if present. - $feed = preg_replace( '/^_+/', '', $feed ); + $feed = preg_replace('/^_+/', '', $feed); if ( $feed == '' || $feed == 'feed' ) $feed = 'rss2'; $hook = 'do_feed_' . $feed; - do_action( $hook, $wp_query->is_comment_feed ); + do_action($hook, $wp_query->is_comment_feed); } - function do_feed_rdf() { - load_template( ABSPATH . WPINC . '/feed-rdf.php' ); + load_template(ABSPATH . WPINC . '/feed-rdf.php'); } - function do_feed_rss() { - load_template( ABSPATH . WPINC . '/feed-rss.php' ); + load_template(ABSPATH . WPINC . '/feed-rss.php'); } - -function do_feed_rss2( $for_comments ) { - if ( $for_comments ) - load_template( ABSPATH . WPINC . '/feed-rss2-comments.php' ); - else - load_template( ABSPATH . WPINC . '/feed-rss2.php' ); +function do_feed_rss2($for_comments) { + if ( $for_comments ) { + load_template(ABSPATH . WPINC . '/feed-rss2-comments.php'); + } else { + load_template(ABSPATH . WPINC . '/feed-rss2.php'); + } } - -function do_feed_atom( $for_comments ) { - if ($for_comments) - load_template( ABSPATH . WPINC . '/feed-atom-comments.php'); - else - load_template( ABSPATH . WPINC . '/feed-atom.php' ); +function do_feed_atom($for_comments) { + if ($for_comments) { + load_template(ABSPATH . WPINC . '/feed-atom-comments.php'); + } else { + load_template(ABSPATH . WPINC . '/feed-atom.php'); + } } function do_robots() { global $current_blog; header( 'Content-Type: text/plain; charset=utf-8' ); - do_action( 'do_robotstxt' ); + do_action('do_robotstxt'); if ( '0' == $current_blog->public ) { echo "User-agent: *\n"; @@ -914,109 +897,99 @@ function do_robots() { } } - function is_blog_installed() { global $wpdb; - - // Check cache first. If options table goes away and we have true cached, oh well. - if ( wp_cache_get('is_blog_installed') ) - return true; - $wpdb->hide_errors(); - $installed = $wpdb->get_var( "SELECT option_value FROM $wpdb->options WHERE option_name = 'siteurl'" ); + $installed = $wpdb->get_var("SELECT option_value FROM $wpdb->options WHERE option_name = 'siteurl'"); $wpdb->show_errors(); - $installed = !empty( $installed ) ? true : false; - wp_cache_set('is_blog_installed', $installed); - - return $installed; + $install_status = !empty( $installed ) ? TRUE : FALSE; + return $install_status; } - -function wp_nonce_url( $actionurl, $action = -1 ) { - $actionurl = str_replace( '&', '&', $actionurl ); - return wp_specialchars( add_query_arg( '_wpnonce', wp_create_nonce( $action ), $actionurl ) ); +function wp_nonce_url($actionurl, $action = -1) { + $actionurl = str_replace('&', '&', $actionurl); + return wp_specialchars(add_query_arg('_wpnonce', wp_create_nonce($action), $actionurl)); } - -function wp_nonce_field( $action = -1, $name = "_wpnonce", $referer = true ) { - $name = attribute_escape( $name ); - echo '<input type="hidden" name="' . $name . '" value="' . wp_create_nonce( $action ) . '" />'; +function wp_nonce_field($action = -1, $name = "_wpnonce", $referer = true) { + $name = attribute_escape($name); + echo '<input type="hidden" name="' . $name . '" value="' . wp_create_nonce($action) . '" />'; if ( $referer ) wp_referer_field(); } - function wp_referer_field() { - $ref = attribute_escape( $_SERVER['REQUEST_URI'] ); + $ref = attribute_escape($_SERVER['REQUEST_URI']); echo '<input type="hidden" name="_wp_http_referer" value="'. $ref . '" />'; if ( wp_get_original_referer() ) { - $original_ref = attribute_escape( stripslashes( wp_get_original_referer() ) ); + $original_ref = attribute_escape(stripslashes(wp_get_original_referer())); echo '<input type="hidden" name="_wp_original_http_referer" value="'. $original_ref . '" />'; } } - function wp_original_referer_field() { - echo '<input type="hidden" name="_wp_original_http_referer" value="' . attribute_escape( stripslashes( $_SERVER['REQUEST_URI'] ) ) . '" />'; + echo '<input type="hidden" name="_wp_original_http_referer" value="' . attribute_escape(stripslashes($_SERVER['REQUEST_URI'])) . '" />'; } - function wp_get_referer() { - foreach ( array( $_REQUEST['_wp_http_referer'], $_SERVER['HTTP_REFERER'] ) as $ref ) - if ( !empty( $ref ) ) + foreach ( array($_REQUEST['_wp_http_referer'], $_SERVER['HTTP_REFERER']) as $ref ) + if ( !empty($ref) ) return $ref; return false; } - function wp_get_original_referer() { - if ( !empty( $_REQUEST['_wp_original_http_referer'] ) ) + if ( !empty($_REQUEST['_wp_original_http_referer']) ) return $_REQUEST['_wp_original_http_referer']; return false; } - -function wp_mkdir_p( $target ) { +function wp_mkdir_p($target) { // from php.net/mkdir user contributed notes - if ( file_exists( $target ) ) - return @is_dir( $target ); + if (file_exists($target)) { + if (! @ is_dir($target)) + return false; + else + return true; + } // Attempting to create the directory may clutter up our display. - if ( @mkdir( $target ) ) { - $stat = @stat( dirname( $target ) ); + if (@ mkdir($target)) { + $stat = @ stat(dirname($target)); $dir_perms = $stat['mode'] & 0007777; // Get the permission bits. - @chmod( $target, $dir_perms ); + @ chmod($target, $dir_perms); return true; - } elseif ( is_dir( dirname( $target ) ) ) { + } else { + if ( is_dir(dirname($target)) ) return false; } // If the above failed, attempt to create the parent node, then try again. - if ( wp_mkdir_p( dirname( $target ) ) ) - return wp_mkdir_p( $target ); + if (wp_mkdir_p(dirname($target))) + return wp_mkdir_p($target); return false; } - // Returns an array containing the current upload directory's path and url, or an error message. function wp_upload_dir() { - $siteurl = get_option( 'siteurl' ); + $siteurl = get_option('siteurl'); //prepend ABSPATH to $dir and $siteurl to $url if they're not already there - $path = str_replace( ABSPATH, '', trim( get_option( 'upload_path' ) ) ); + $path = str_replace(ABSPATH, '', trim(get_option('upload_path'))); $dir = ABSPATH . $path; - $url = trailingslashit( $siteurl ) . $path; + $url = trailingslashit($siteurl) . $path; - if ( $dir == ABSPATH ) // the option was empty + if ( $dir == ABSPATH ) { //the option was empty $dir = ABSPATH . 'wp-content/uploads'; + } if ( defined('UPLOADS') ) { $dir = ABSPATH . UPLOADS; - $url = trailingslashit( $siteurl ) . UPLOADS; + $url = trailingslashit($siteurl) . UPLOADS; } - if ( get_option( 'uploads_use_yearmonth_folders' ) ) { + if ( get_option('uploads_use_yearmonth_folders')) { // Generate the yearly and monthly dirs $time = current_time( 'mysql' ); $y = substr( $time, 0, 4 ); @@ -1027,21 +1000,21 @@ function wp_upload_dir() { // Make sure we have an uploads dir if ( ! wp_mkdir_p( $dir ) ) { - $message = sprintf( __( 'Unable to create directory %s. Is its parent directory writable by the server?' ), $dir ); - return array( 'error' => $message ); + $message = sprintf(__('Unable to create directory %s. Is its parent directory writable by the server?'), $dir); + return array('error' => $message); } - $uploads = array( 'path' => $dir, 'url' => $url, 'error' => false ); - return apply_filters( 'upload_dir', $uploads ); + $uploads = array('path' => $dir, 'url' => $url, 'error' => false); + return apply_filters('upload_dir', $uploads); } -function wp_upload_bits( $name, $type, $bits ) { - if ( empty( $name ) ) - return array( 'error' => __( "Empty filename" ) ); +function wp_upload_bits($name, $type, $bits) { + if ( empty($name) ) + return array('error' => __("Empty filename")); - $wp_filetype = wp_check_filetype( $name ); + $wp_filetype = wp_check_filetype($name); if ( !$wp_filetype['ext'] ) - return array( 'error' => __( "Invalid file type" ) ); + return array('error' => __("Invalid file type")); $upload = wp_upload_dir(); @@ -1050,47 +1023,46 @@ function wp_upload_bits( $name, $type, $bits ) { $number = ''; $filename = $name; - $path_parts = pathinfo( $filename ); + $path_parts = pathinfo($filename); $ext = $path_parts['extension']; - if ( empty( $ext ) ) + if ( empty($ext) ) $ext = ''; else $ext = ".$ext"; - while ( file_exists( $upload['path'] . "/$filename" ) ) { + while ( file_exists($upload['path'] . "/$filename") ) { if ( '' == "$number$ext" ) $filename = $filename . ++$number . $ext; else - $filename = str_replace( "$number$ext", ++$number . $ext, $filename ); + $filename = str_replace("$number$ext", ++$number . $ext, $filename); } $new_file = $upload['path'] . "/$filename"; - if ( ! wp_mkdir_p( dirname( $new_file ) ) ) { - $message = sprintf( __( 'Unable to create directory %s. Is its parent directory writable by the server?' ), dirname( $new_file ) ); - return array( 'error' => $message ); + if ( ! wp_mkdir_p( dirname($new_file) ) ) { + $message = sprintf(__('Unable to create directory %s. Is its parent directory writable by the server?'), dirname($new_file)); + return array('error' => $message); } - $ifp = @ fopen( $new_file, 'wb' ); + $ifp = @ fopen($new_file, 'wb'); if ( ! $ifp ) - return array( 'error' => sprintf( __( 'Could not write file %s' ), $new_file ) ); + return array('error' => sprintf(__('Could not write file %s'), $new_file)); - $success = @fwrite( $ifp, $bits ); - fclose( $ifp ); + $success = @ fwrite($ifp, $bits); + fclose($ifp); // Set correct file permissions - $stat = @ stat( dirname( $new_file ) ); + $stat = @ stat(dirname($new_file)); $perms = $stat['mode'] & 0007777; $perms = $perms & 0000666; - @ chmod( $new_file, $perms ); + @ chmod($new_file, $perms); // Compute the URL $url = $upload['url'] . "/$filename"; - return array( 'file' => $new_file, 'url' => $url, 'error' => false ); + return array('file' => $new_file, 'url' => $url, 'error' => false); } - -function wp_check_filetype( $filename, $mimes = null ) { +function wp_check_filetype($filename, $mimes = null) { // Accepted MIME types are set here as PCRE unless provided. - $mimes = ( is_array( $mimes ) ) ? $mimes : apply_filters( 'upload_mimes', array( + $mimes = is_array($mimes) ? $mimes : apply_filters('upload_mimes', array ( 'jpg|jpeg|jpe' => 'image/jpeg', 'gif' => 'image/gif', 'png' => 'image/png', @@ -1134,129 +1106,127 @@ function wp_check_filetype( $filename, $mimes = null ) { 'odc' => 'application/vnd.oasis.opendocument.chart', 'odb' => 'application/vnd.oasis.opendocument.database', 'odf' => 'application/vnd.oasis.opendocument.formula', - ) - ); + + )); $type = false; $ext = false; - foreach ( $mimes as $ext_preg => $mime_match ) { + foreach ($mimes as $ext_preg => $mime_match) { $ext_preg = '!\.(' . $ext_preg . ')$!i'; - if ( preg_match( $ext_preg, $filename, $ext_matches ) ) { + if ( preg_match($ext_preg, $filename, $ext_matches) ) { $type = $mime_match; $ext = $ext_matches[1]; break; } } - return compact( 'ext', 'type' ); + return compact('ext', 'type'); } -function wp_explain_nonce( $action ) { - if ( $action !== -1 && preg_match( '/([a-z]+)-([a-z]+)(_(.+))?/', $action, $matches ) ) { +function wp_explain_nonce($action) { + if ( $action !== -1 && preg_match('/([a-z]+)-([a-z]+)(_(.+))?/', $action, $matches) ) { $verb = $matches[1]; $noun = $matches[2]; $trans = array(); - $trans['update']['attachment'] = array( __( 'Are you sure you want to edit this attachment: "%s"?' ), 'get_the_title' ); - - $trans['add']['category'] = array( __( 'Are you sure you want to add this category?' ), false ); - $trans['delete']['category'] = array( __( 'Are you sure you want to delete this category: "%s"?' ), 'get_catname' ); - $trans['update']['category'] = array( __( 'Are you sure you want to edit this category: "%s"?' ), 'get_catname' ); - - $trans['delete']['comment'] = array( __( 'Are you sure you want to delete this comment: "%s"?' ), 'use_id' ); - $trans['unapprove']['comment'] = array( __( 'Are you sure you want to unapprove this comment: "%s"?' ), 'use_id' ); - $trans['approve']['comment'] = array( __( 'Are you sure you want to approve this comment: "%s"?' ), 'use_id' ); - $trans['update']['comment'] = array( __( 'Are you sure you want to edit this comment: "%s"?' ), 'use_id' ); - $trans['bulk']['comments'] = array( __( 'Are you sure you want to bulk modify comments?' ), false ); - $trans['moderate']['comments'] = array( __( 'Are you sure you want to moderate comments?' ), false ); - - $trans['add']['bookmark'] = array( __( 'Are you sure you want to add this link?' ), false ); - $trans['delete']['bookmark'] = array( __( 'Are you sure you want to delete this link: "%s"?' ), 'use_id' ); - $trans['update']['bookmark'] = array( __( 'Are you sure you want to edit this link: "%s"?' ), 'use_id' ); - $trans['bulk']['bookmarks'] = array( __( 'Are you sure you want to bulk modify links?' ), false ); - - $trans['add']['page'] = array( __( 'Are you sure you want to add this page?' ), false ); - $trans['delete']['page'] = array( __( 'Are you sure you want to delete this page: "%s"?' ), 'get_the_title' ); - $trans['update']['page'] = array( __( 'Are you sure you want to edit this page: "%s"?' ), 'get_the_title' ); - - $trans['edit']['plugin'] = array( __( 'Are you sure you want to edit this plugin file: "%s"?' ), 'use_id' ); - $trans['activate']['plugin'] = array( __( 'Are you sure you want to activate this plugin: "%s"?' ), 'use_id' ); - $trans['deactivate']['plugin'] = array( __( 'Are you sure you want to deactivate this plugin: "%s"?' ), 'use_id' ); - - $trans['add']['post'] = array( __( 'Are you sure you want to add this post?' ), false ); - $trans['delete']['post'] = array( __( 'Are you sure you want to delete this post: "%s"?' ), 'get_the_title' ); - $trans['update']['post'] = array( __( 'Are you sure you want to edit this post: "%s"?' ), 'get_the_title' ); - - $trans['add']['user'] = array( __( 'Are you sure you want to add this user?' ), false ); - $trans['delete']['users'] = array( __( 'Are you sure you want to delete users?' ), false ); - $trans['bulk']['users'] = array( __( 'Are you sure you want to bulk modify users?' ), false ); - $trans['update']['user'] = array( __( 'Are you sure you want to edit this user: "%s"?' ), 'get_author_name' ); - $trans['update']['profile'] = array( __( 'Are you sure you want to modify the profile for: "%s"?' ), 'get_author_name' ); - - $trans['update']['options'] = array( __( 'Are you sure you want to edit your settings?' ), false ); - $trans['update']['permalink'] = array( __( 'Are you sure you want to change your permalink structure to: %s?' ), 'use_id' ); - $trans['edit']['file'] = array( __( 'Are you sure you want to edit this file: "%s"?' ), 'use_id' ); - $trans['edit']['theme'] = array( __( 'Are you sure you want to edit this theme file: "%s"?' ), 'use_id' ); - $trans['switch']['theme'] = array( __( 'Are you sure you want to switch to this theme: "%s"?' ), 'use_id' ); - - if ( isset( $trans[$verb][$noun] ) ) { - if ( !empty( $trans[$verb][$noun][1] ) ) { + $trans['update']['attachment'] = array(__('Are you sure you want to edit this attachment: "%s"?'), 'get_the_title'); + + $trans['add']['category'] = array(__('Are you sure you want to add this category?'), false); + $trans['delete']['category'] = array(__('Are you sure you want to delete this category: "%s"?'), 'get_catname'); + $trans['update']['category'] = array(__('Are you sure you want to edit this category: "%s"?'), 'get_catname'); + + $trans['delete']['comment'] = array(__('Are you sure you want to delete this comment: "%s"?'), 'use_id'); + $trans['unapprove']['comment'] = array(__('Are you sure you want to unapprove this comment: "%s"?'), 'use_id'); + $trans['approve']['comment'] = array(__('Are you sure you want to approve this comment: "%s"?'), 'use_id'); + $trans['update']['comment'] = array(__('Are you sure you want to edit this comment: "%s"?'), 'use_id'); + $trans['bulk']['comments'] = array(__('Are you sure you want to bulk modify comments?'), false); + $trans['moderate']['comments'] = array(__('Are you sure you want to moderate comments?'), false); + + $trans['add']['bookmark'] = array(__('Are you sure you want to add this link?'), false); + $trans['delete']['bookmark'] = array(__('Are you sure you want to delete this link: "%s"?'), 'use_id'); + $trans['update']['bookmark'] = array(__('Are you sure you want to edit this link: "%s"?'), 'use_id'); + $trans['bulk']['bookmarks'] = array(__('Are you sure you want to bulk modify links?'), false); + + $trans['add']['page'] = array(__('Are you sure you want to add this page?'), false); + $trans['delete']['page'] = array(__('Are you sure you want to delete this page: "%s"?'), 'get_the_title'); + $trans['update']['page'] = array(__('Are you sure you want to edit this page: "%s"?'), 'get_the_title'); + + $trans['edit']['plugin'] = array(__('Are you sure you want to edit this plugin file: "%s"?'), 'use_id'); + $trans['activate']['plugin'] = array(__('Are you sure you want to activate this plugin: "%s"?'), 'use_id'); + $trans['deactivate']['plugin'] = array(__('Are you sure you want to deactivate this plugin: "%s"?'), 'use_id'); + + $trans['add']['post'] = array(__('Are you sure you want to add this post?'), false); + $trans['delete']['post'] = array(__('Are you sure you want to delete this post: "%s"?'), 'get_the_title'); + $trans['update']['post'] = array(__('Are you sure you want to edit this post: "%s"?'), 'get_the_title'); + + $trans['add']['user'] = array(__('Are you sure you want to add this user?'), false); + $trans['delete']['users'] = array(__('Are you sure you want to delete users?'), false); + $trans['bulk']['users'] = array(__('Are you sure you want to bulk modify users?'), false); + $trans['update']['user'] = array(__('Are you sure you want to edit this user: "%s"?'), 'get_author_name'); + $trans['update']['profile'] = array(__('Are you sure you want to modify the profile for: "%s"?'), 'get_author_name'); + + $trans['update']['options'] = array(__('Are you sure you want to edit your settings?'), false); + $trans['update']['permalink'] = array(__('Are you sure you want to change your permalink structure to: %s?'), 'use_id'); + $trans['edit']['file'] = array(__('Are you sure you want to edit this file: "%s"?'), 'use_id'); + $trans['edit']['theme'] = array(__('Are you sure you want to edit this theme file: "%s"?'), 'use_id'); + $trans['switch']['theme'] = array(__('Are you sure you want to switch to this theme: "%s"?'), 'use_id'); + + if ( isset($trans[$verb][$noun]) ) { + if ( !empty($trans[$verb][$noun][1]) ) { $lookup = $trans[$verb][$noun][1]; $object = $matches[4]; if ( 'use_id' != $lookup ) - $object = call_user_func( $lookup, $object ); - return sprintf( $trans[$verb][$noun][0], $object ); + $object = call_user_func($lookup, $object); + return sprintf($trans[$verb][$noun][0], $object); } else { return $trans[$verb][$noun][0]; } } } - return apply_filters( 'explain_nonce_' . $verb . '-' . $noun, __( 'Are you sure you want to do this?' ), $matches[4] ); + return apply_filters( 'explain_nonce_' . $verb . '-' . $noun, __('Are you sure you want to do this?'), $matches[4] ); } - -function wp_nonce_ays( $action ) { +function wp_nonce_ays($action) { global $pagenow, $menu, $submenu, $parent_file, $submenu_file; - $adminurl = get_option( 'siteurl' ) . '/wp-admin'; + $adminurl = get_option('siteurl') . '/wp-admin'; if ( wp_get_referer() ) - $adminurl = clean_url( wp_get_referer() ); + $adminurl = clean_url(wp_get_referer()); - $title = __( 'WordPress Confirmation' ); + $title = __('WordPress Confirmation'); // Remove extra layer of slashes. - $_POST = stripslashes_deep( $_POST ); + $_POST = stripslashes_deep($_POST ); if ( $_POST ) { - $q = http_build_query( $_POST ); - $q = explode( ini_get( 'arg_separator.output' ), $q); - $html .= "\t<form method='post' action='" . attribute_escape( $pagenow ) . "'>\n"; + $q = http_build_query($_POST); + $q = explode( ini_get('arg_separator.output'), $q); + $html .= "\t<form method='post' action='" . attribute_escape($pagenow) . "'>\n"; foreach ( (array) $q as $a ) { - $v = substr( strstr( $a, '=' ), 1 ); - $k = substr( $a, 0, -( strlen( $v ) + 1 ) ); - $html .= "\t\t<input type='hidden' name='" . attribute_escape( urldecode( $k ) ) . "' value='" . attribute_escape( urldecode( $v ) ) . "' />\n"; + $v = substr(strstr($a, '='), 1); + $k = substr($a, 0, -(strlen($v)+1)); + $html .= "\t\t<input type='hidden' name='" . attribute_escape(urldecode($k)) . "' value='" . attribute_escape(urldecode($v)) . "' />\n"; } - $html .= "\t\t<input type='hidden' name='_wpnonce' value='" . wp_create_nonce( $action ) . "' />\n"; - $html .= "\t\t<div id='message' class='confirm fade'>\n\t\t<p>" . wp_specialchars( wp_explain_nonce( $action ) ) . "</p>\n\t\t<p><a href='$adminurl'>" . __( 'No' ) . "</a> <input type='submit' value='" . __( 'Yes' ) . "' /></p>\n\t\t</div>\n\t</form>\n"; + $html .= "\t\t<input type='hidden' name='_wpnonce' value='" . wp_create_nonce($action) . "' />\n"; + $html .= "\t\t<div id='message' class='confirm fade'>\n\t\t<p>" . wp_specialchars(wp_explain_nonce($action)) . "</p>\n\t\t<p><a href='$adminurl'>" . __('No') . "</a> <input type='submit' value='" . __('Yes') . "' /></p>\n\t\t</div>\n\t</form>\n"; } else { - $html .= "\t<div id='message' class='confirm fade'>\n\t<p>" . wp_specialchars( wp_explain_nonce( $action ) ) . "</p>\n\t<p><a href='$adminurl'>" . __( 'No' ) . "</a> <a href='" . clean_url( add_query_arg( '_wpnonce', wp_create_nonce( $action ), $_SERVER['REQUEST_URI'] ) ) . "'>" . __( 'Yes' ) . "</a></p>\n\t</div>\n"; + $html .= "\t<div id='message' class='confirm fade'>\n\t<p>" . wp_specialchars(wp_explain_nonce($action)) . "</p>\n\t<p><a href='$adminurl'>" . __('No') . "</a> <a href='" . clean_url(add_query_arg( '_wpnonce', wp_create_nonce($action), $_SERVER['REQUEST_URI'] )) . "'>" . __('Yes') . "</a></p>\n\t</div>\n"; } $html .= "</body>\n</html>"; - wp_die( $html, $title ); + wp_die($html, $title); } - function wp_die( $message, $title = '' ) { global $wp_locale; if ( function_exists( 'is_wp_error' ) && is_wp_error( $message ) ) { - if ( empty( $title ) ) { + if ( empty($title) ) { $error_data = $message->get_error_data(); - if ( is_array( $error_data ) && isset( $error_data['title'] ) ) + if ( is_array($error_data) && isset($error_data['title']) ) $title = $error_data['title']; } $errors = $message->get_error_messages(); - switch ( count( $errors ) ) : + switch ( count($errors) ) : case 0 : $message = ''; break; @@ -1267,42 +1237,42 @@ function wp_die( $message, $title = '' ) { $message = "<ul>\n\t\t<li>" . join( "</li>\n\t\t<li>", $errors ) . "</li>\n\t</ul>"; break; endswitch; - } elseif ( is_string( $message ) ) { + } elseif ( is_string($message) ) { $message = "<p>$message</p>"; } - if ( defined( 'WP_SITEURL' ) && '' != WP_SITEURL ) - $admin_dir = WP_SITEURL . '/wp-admin/'; - elseif ( function_exists( 'get_bloginfo' ) && '' != get_bloginfo( 'wpurl' ) ) - $admin_dir = get_bloginfo( 'wpurl' ) . '/wp-admin/'; - elseif ( strpos( $_SERVER['PHP_SELF'], 'wp-admin' ) !== false ) + if ( defined('WP_SITEURL') && '' != WP_SITEURL ) + $admin_dir = WP_SITEURL.'/wp-admin/'; + elseif (function_exists('get_bloginfo') && '' != get_bloginfo('wpurl')) + $admin_dir = get_bloginfo('wpurl').'/wp-admin/'; + elseif (strpos($_SERVER['PHP_SELF'], 'wp-admin') !== false) $admin_dir = ''; else $admin_dir = 'wp-admin/'; - if ( !function_exists( 'did_action' ) || !did_action( 'admin_head' ) ) : + if ( !function_exists('did_action') || !did_action('admin_head') ) : if( !headers_sent() ){ - status_header( 500 ); + status_header(500); nocache_headers(); - header( 'Content-Type: text/html; charset=utf-8' ); + header('Content-Type: text/html; charset=utf-8'); } - if ( empty($title) ) { - if ( function_exists( '__' ) ) - $title = __( 'WordPress › Error' ); + if ( empty($title) ){ + if( function_exists('__') ) + $title = __('WordPress › Error'); else $title = 'WordPress › Error'; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" <?php if ( function_exists( 'language_attributes' ) ) language_attributes(); ?>> +<html xmlns="http://www.w3.org/1999/xhtml" <?php if ( function_exists('language_attributes') ) language_attributes(); ?>> <head> <title><?php echo $title ?></title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link rel="stylesheet" href="<?php echo $admin_dir; ?>css/install.css" type="text/css" /> <?php -if ( ( $wp_locale ) && ( 'rtl' == $wp_locale->text_direction ) ) : ?> +if ( ( $wp_locale ) && ('rtl' == $wp_locale->text_direction) ) : ?> <link rel="stylesheet" href="<?php echo $admin_dir; ?>css/install-rtl.css" type="text/css" /> <?php endif; ?> </head> @@ -1317,61 +1287,55 @@ if ( ( $wp_locale ) && ( 'rtl' == $wp_locale->text_direction ) ) : ?> die(); } - -function _config_wp_home( $url = '' ) { +function _config_wp_home($url = '') { if ( defined( 'WP_HOME' ) ) return WP_HOME; - return $url; + else return $url; } - -function _config_wp_siteurl( $url = '' ) { +function _config_wp_siteurl($url = '') { if ( defined( 'WP_SITEURL' ) ) return WP_SITEURL; - return $url; + else return $url; } - function _mce_set_direction() { global $wp_locale; - if ( 'rtl' == $wp_locale->text_direction ) { + if ('rtl' == $wp_locale->text_direction) { echo 'directionality : "rtl" ,'; echo 'theme_advanced_toolbar_align : "right" ,'; } } - -function _mce_load_rtl_plugin( $input ) { +function _mce_load_rtl_plugin($input) { global $wp_locale; - if ( 'rtl' == $wp_locale->text_direction ) + if ('rtl' == $wp_locale->text_direction) $input[] = 'directionality'; return $input; } - -function _mce_add_direction_buttons( $input ) { +function _mce_add_direction_buttons($input) { global $wp_locale; - if ( 'rtl' == $wp_locale->text_direction ) { - $new_buttons = array( 'separator', 'ltr', 'rtl' ); - $input = array_merge( $input, $new_buttons ); + if ('rtl' == $wp_locale->text_direction) { + $new_buttons = array('separator', 'ltr', 'rtl'); + $input = array_merge($input, $new_buttons); } return $input; } - function smilies_init() { global $wpsmiliestrans, $wp_smiliessearch, $wp_smiliesreplace; // don't bother setting up smilies if they are disabled - if ( !get_option( 'use_smilies' ) ) + if ( !get_option('use_smilies') ) return; - if ( !isset( $wpsmiliestrans ) ) { + if (!isset($wpsmiliestrans)) { $wpsmiliestrans = array( ':mrgreen:' => 'icon_mrgreen.gif', ':neutral:' => 'icon_neutral.gif', @@ -1420,75 +1384,46 @@ function smilies_init() { ); } - $siteurl = get_option( 'siteurl' ); + $siteurl = get_option('siteurl'); foreach ( (array) $wpsmiliestrans as $smiley => $img ) { - $wp_smiliessearch[] = '/(\s|^)' . preg_quote( $smiley, '/' ) . '(\s|$)/'; - $smiley_masked = attribute_escape( trim( $smiley ) ); + $wp_smiliessearch[] = '/(\s|^)'.preg_quote($smiley, '/').'(\s|$)/'; + $smiley_masked = htmlspecialchars(trim($smiley), ENT_QUOTES); $wp_smiliesreplace[] = " <img src='$siteurl/wp-includes/images/smilies/$img' alt='$smiley_masked' class='wp-smiley' /> "; } } - function wp_parse_args( $args, $defaults = '' ) { - if ( is_object( $args ) ) - $r = get_object_vars( $args ); - elseif ( is_array( $args ) ) + if ( is_object($args) ) + $r = get_object_vars($args); + else if ( is_array( $args ) ) $r =& $args; else wp_parse_str( $args, $r ); if ( is_array( $defaults ) ) return array_merge( $defaults, $r ); - return $r; + else + return $r; } - function wp_maybe_load_widgets() { if ( !function_exists( 'dynamic_sidebar' ) ) { - require_once( ABSPATH . WPINC . '/widgets.php' ); + require_once ABSPATH . WPINC . '/widgets.php'; add_action( '_admin_menu', 'wp_widgets_add_menu' ); } } - function wp_widgets_add_menu() { global $submenu; $submenu['themes.php'][7] = array( __( 'Widgets' ), 'switch_themes', 'widgets.php' ); - ksort( $submenu['themes.php'], SORT_NUMERIC ); + ksort($submenu['themes.php'], SORT_NUMERIC); } - // For PHP 5.2, make sure all output buffers are flushed // before our singletons our destroyed. -function wp_ob_end_flush_all() { +function wp_ob_end_flush_all() +{ while ( @ob_end_flush() ); } - -/* - * require_wp_db() - require_once the correct database class file. - * - * This function is used to load the database class file either at runtime or by wp-admin/setup-config.php - * We must globalise $wpdb to ensure that it is defined globally by the inline code in wp-db.php - * - * @global $wpdb - */ -function require_wp_db() { - global $wpdb; - if ( file_exists( ABSPATH . 'wp-content/db.php' ) ) - require_once( ABSPATH . 'wp-content/db.php' ); - else - require_once( ABSPATH . WPINC . '/wp-db.php' ); -} - - -/** - * Converts input to an absolute integer - * @param mixed $maybeint data you wish to have convered to an absolute integer - * @return int an absolute integer - */ -function absint( $maybeint ) { - return abs( intval( $maybeint ) ); -} - ?> diff --git a/wp-includes/general-template.php b/wp-includes/general-template.php index de8318c..9bee774 100644 --- a/wp-includes/general-template.php +++ b/wp-includes/general-template.php @@ -208,7 +208,7 @@ function wp_title($sep = '»', $display = true) { } if ( !empty($author_name) ) { // We do a direct query here because we don't cache by nicename. - $title = $wpdb->get_var($wpdb->prepare("SELECT display_name FROM $wpdb->users WHERE user_nicename = %s", $author_name)); + $title = $wpdb->get_var("SELECT display_name FROM $wpdb->users WHERE user_nicename = '$author_name'"); } // If there's a month @@ -255,7 +255,7 @@ function single_post_title($prefix = '', $display = true) { if ( intval($p) || '' != $name ) { if ( !$p ) - $p = $wpdb->get_var($wpdb->prepare("SELECT ID FROM $wpdb->posts WHERE post_name = %s", $name)); + $p = $wpdb->get_var("SELECT ID FROM $wpdb->posts WHERE post_name = '$name'"); $post = & get_post($p); $title = $post->post_title; $title = apply_filters('single_post_title', $title); @@ -363,7 +363,7 @@ function wp_get_archives($args = '') { $type = 'monthly'; if ( '' != $limit ) { - $limit = abs(intval($limit)); + $limit = (int) $limit; $limit = ' LIMIT '.$limit; } @@ -1076,50 +1076,4 @@ function wp_admin_css( $file = 'wp-admin' ) { } } -/** - * Outputs the XHTML generator that is generated on the wp_head hook. - */ -function wp_generator() -{ - the_generator( apply_filters( 'wp_generator_type', 'xhtml' ) ); -} - -/** - * Outputs the generator XML or Comment for RSS, ATOM, etc. - * @param {String} $type The type of generator to return. - */ -function the_generator ( $type ) { - echo apply_filters('the_generator',get_the_generator($type),$type) . "\n"; -} - -/** - * Creates the generator XML or Comment for RSS, ATOM, etc. - * @param {String} $type The type of generator to return. - */ -function get_the_generator ( $type ) { - switch ($type) { - case 'html': - $gen = '<meta name="generator" content="WordPress/' . get_bloginfo( 'version' ) . '">'; - break; - case 'xhtml': - $gen = '<meta name="generator" content="WordPress/' . get_bloginfo( 'version' ) . '" />'; - break; - case 'atom': - $gen = '<generator uri="http://wordpress.org/" version="' . get_bloginfo_rss( 'version' ) . '">WordPress</generator>'; - break; - case 'rss2': - $gen = '<generator>http://wordpress.org/?v=' . get_bloginfo_rss( 'version' ) . '</generator>'; - break; - case 'rdf': - $gen = '<admin:generatorAgent rdf:resource="http://wordpress.org/?v=' . get_bloginfo_rss( 'version' ) . '" />'; - break; - case 'comment': - $gen = '<!-- generator="WordPress/' . get_bloginfo( 'version' ) . '" -->'; - break; - case 'export': - $gen = '<!-- generator="wordpress/' . get_bloginfo_rss('version') . '" created="'. date('Y-m-d H:i') . '"-->'; - break; - } - return apply_filters( "get_the_generator_{$type}", $gen, $type ); -} ?> diff --git a/wp-includes/js/wp-lists.js b/wp-includes/js/wp-lists.js deleted file mode 100644 index d32356a..0000000 --- a/wp-includes/js/wp-lists.js +++ /dev/null @@ -1,374 +0,0 @@ -(function($) { -var currentFormEl = false; -var fs = {add:'ajaxAdd',del:'ajaxDel',dim:'ajaxDim',process:'process',recolor:'recolor'}; - -wpAjax = { - unserialize: function( s ) { - var r = {}; if ( !s ) { return r; } - var q = s.split('?'); if ( q[1] ) { s = q[1]; } - var pp = s.split('&'); - for ( var i in pp ) { - var p = pp[i].split('='); - r[p[0]] = p[1]; - } - return r; - }, - parseAjaxResponse: function( x, r ) { // 1 = good, 0 = strange (bad data?), -1 = you lack permission - var re = $('#' + r).html(''); - if ( x && typeof x == 'object' && x.getElementsByTagName('wp_ajax') ) { - if ( $('wp_error', x).each( function() { re.append('<p>' + this.firstChild.nodeValue + '</p>'); } ).size() ) { - return !re.wrap( '<div class="error"></div>' ); - } - return true; - } - if ( isNaN(x) ) { return !re.html('<div class="error"><p>' + x + '</p></div>'); } - x = parseInt(x,10); - if ( -1 == x ) { return !re.html('<div class="error"><p>You do not have permission to do that.</p></div>'); } - else if ( 0 === x ) { return !re.html('<div class="error"><p>AJAX is teh b0rked.</p></div>'); } - return true; - } -}; - -var wpList = { - settings: { - url: wpListL10n.url, type: 'POST', - response: 'ajax-response', - - what: '', - alt: 'alternate', altOffset: 0, - addColor: null, delColor: null, dimAddColor: null, dimDelColor: null, - - confirm: null, - addBefore: null, addAfter: null, - delBefore: null, delAfter: null, - dimBefore: null, dimAfter: null - }, - - nonce: function(e,s) { - var url = wpAjax.unserialize(e.attr('href')); - return s.nonce || url._ajax_nonce || $('#' + s.element + ' input[@name=_ajax_nonce]').val() || url._wpnonce || $('#' + s.element + ' input[@name=_wpnonce]').val() || 0; - }, - - parseClass: function(e,t) { - var c = []; try { c = $(e).attr('class').match(new RegExp(t+':[A-Za-z0-9:_=-]+'))[0].split(':'); } catch(r) {} - return c; - }, - - pre: function(e,s,a) { - var bg; var r; - s = $.extend( {}, this.wpList.settings, { - element: null, - nonce: 0 - }, s || {} ); - if ( $.isFunction( s.confirm ) ) { - if ( 'add' != a ) { - bg = $('#' + s.element).css('background-color'); - $('#' + s.element).css('background-color', '#FF9966'); - } - r = s.confirm.call(this,e,s,a,bg); - if ( 'add' != a ) { $('#' + s.element).css('background-color', bg ); } - if ( !r ) { return false; } - } - return s; - }, - - ajaxAdd: function( e, s ) { - var list = this; e = $(e); s = s || {}; - var cls = wpList.parseClass(e,'add'); - s = $.extend(s, { - element: s.element || cls[2] || e.attr( 'id' ) || null, - addColor: s.addColor || '#' + ( cls[3] || 'FFFF33' ) - } ); - s = wpList.pre.call( list, e, s, 'add' ); - if ( !s ) { return false; } - - if ( !e.is("[@class^=add:" + list.id + ":]") ) { return !wpList.add.call( list, e, s ); } - - if ( !s.element ) { return true; } - - s.action = 'add-' + s.what; - - s.nonce = wpList.nonce(e,s); - - var es = $('#' + s.element + ' :input').not('[@name=_ajax_nonce], [@name=_wpnonce], [@name=action]'); - s.data = $.param( $.extend( { _ajax_nonce: s.nonce, action: s.action }, wpAjax.unserialize( cls[4] || '' ) ) ); - var formData = $.isFunction(es.fieldSerialize) ? es.fieldSerialize() : es.serialize(); - if ( formData ) { s.data += '&' + formData; } - - if ( $.isFunction(s.addBefore) ) { - s = s.addBefore( s ); - if ( !s ) { return true; } - } - if ( !s.data.match(/_ajax_nonce=[a-f0-9]+/) ) { return true; } - - s.success = function(r) { - if ( !wpAjax.parseAjaxResponse(r, s.response) ) { return false; } - - $(s.what + ' response_data', r).each( function() { - var t = $(this); - wpList.add.call( list, t.text(), $.extend( {}, s, { // this.firstChild.nodevalue - pos: t.parent().attr( 'position' ) || 0, - id: t.parent().attr( 'id' ) || 0, - oldId: t.parent().attr( 'old_id' ) || null - } ) ); - } ); - - if ( $.isFunction(s.addAfter) ) { - var o = this.complete; - this.complete = function(x,st) { - var _s = $.extend( { xml: x, status: st }, s ); - s.addAfter( r, _s ); - if ( $.isFunction(o) ) { o(x,st); } - }; - } - list.wpList.recolor(); - wpList.clear.call(list,'#' + s.element); - }; - - $.ajax( s ); - return false; - }, - - ajaxDel: function( e, s ) { - var list = this; e = $(e); s = s || {}; - var cls = wpList.parseClass(e,'delete'); - s = $.extend(s, { - element: s.element || cls[2] || null, - delColor: s.delColor || '#' + ( cls[3] || 'FF3333' ) - } ); - s = wpList.pre.call( list, e, s, 'delete' ); - if ( !s || !s.element ) { return false; } - - s.action = 'delete-' + s.what; - - s.nonce = wpList.nonce(e,s); - - s.data = $.extend( - { action: s.action, id: s.element.split('-').pop(), _ajax_nonce: s.nonce }, - wpAjax.unserialize( cls[4] || '' ) - ); - - if ( $.isFunction(s.delBefore) ) { - s = s.delBefore( s ); - if ( !s ) { return true; } - } - if ( !s.data._ajax_nonce ) { return true; } - - var func = function() { $('#' + s.element).css( 'background-color', '' ).hide(); list.wpList.recolor(); }; - var hideTO = -1; - if ( 'none' != s.delColor ) { - Fat.fade_element(s.element,null,700,s.delColor); - hideTO = setTimeout(func, 705); - } else { - func(); - } - - s.success = function(r) { - if ( !wpAjax.parseAjaxResponse(r, s.response) ) { - clearTimeout(hideTO); - func = function() { $('#' + s.element).css( 'background-color', '#FF3333' ).show(); list.wpList.recolor(); }; - func(); setTimeout(func, 705); // In case it's still fading - return false; - } - if ( $.isFunction(s.delAfter) ) { - var o = this.complete; - this.complete = function(x,st) { - var _s = $.extend( { xml: x, status: st }, s ); - s.delAfter( r, _s ); - if ( $.isFunction(o) ) { o(x,st); } - }; - } - }; - $.ajax( s ); - return false; - }, - - ajaxDim: function( e, s ) { - var list = this; e = $(e); s = s || {}; - var cls = wpList.parseClass(e,'dim'); - s = $.extend(s, { - element: s.element || cls[2] || null, - dimClass: s.dimClass || cls[3] || null, - dimAddColor: s.dimAddColor || '#' + ( cls[4] || 'FFFF33' ), - dimDelColor: s.dimDelColor || '#' + ( cls[5] || 'FF3333' ) - } ); - s = wpList.pre.call( list, e, s, 'dim' ); - if ( !s || !s.element || !s.dimClass ) { return true; } - - s.action = 'dim-' + s.what; - - s.nonce = wpList.nonce(e,s); - - s.data = $.extend( - { action: s.action, id: s.element.split('-').pop(), dimClass: s.dimClass, _ajax_nonce : s.nonce }, - wpAjax.unserialize( cls[6] || '' ) - ); - - if ( $.isFunction(s.dimBefore) ) { - s = s.dimBefore( s ); - if ( !s ) { return true; } - } - - if ( !s.data._ajax_nonce ) { return true; } - - var isClass = $('#' + s.element).toggleClass(s.dimClass).is('.' + s.dimClass); - if ( isClass && 'none' != s.dimAddColor ) { Fat.fade_element(s.element,null,700,s.dimAddColor); } - else if ( !isClass && 'none' != s.dimDelColor ) { Fat.fade_element(s.element,null,700,s.dimDelColor); } - - var dimTO = setTimeout( function() { $('#' + s.element).css( 'background-color', '' ); }, 705 ); - - s.success = function(r) { - if ( !wpAjax.parseAjaxResponse(r, s.response) ) { - clearTimeout(dimTO); - func = function() { $('#' + s.element).css( 'background-color', '#FF3333' )[isClass?'removeClass':'addClass'](s.dimClass); }; - func(); setTimeout(func, 705); - return false; - } - if ( $.isFunction(s.dimAfter) ) { - var o = this.complete; - this.complete = function(x,st) { - var _s = $.extend( { xml: x, status: st }, s ); - s.dimAfter( r, _s ); - if ( $.isFunction(o) ) { o(x,st); } - }; - } - }; - - $.ajax( s ); - return false; - }, - - add: function( e, s ) { - list = $(this); - e = $(e); - - var old = false; var next = false; - var _s = { pos: 0, id: 0, oldId: null }; - if ( 'string' == typeof s ) { s = { what: s }; } - s = $.extend(_s, this.wpList.settings, s); - - if ( !e.size() || !s.what ) { return false; } - if ( s.oldId ) { - old = $('#' + s.what + '-' + s.oldId); - next = old.next(); - old.remove(); - } - if ( s.id ) { $('#' + s.what + '-' + s.id).remove(); } - - if ( old && old.size() ) { - if ( next && next.size() ) { - next.before(e); - } else { - list.append(e); - } - } else if ( isNaN(s.pos) ) { - var ba = 'after'; - if ( '-' == s.pos.substr(0,1) ) { - s.pos = s.pos.substr(1); - ba = 'before'; - } - var ref = list.find( '#' + s.pos ); - if ( 1 === ref.size() ) { ref[ba](e); } - else { list.append(e); } - } else if ( s.pos < 0 ) { - list.prepend(e); - } else { - list.append(e); - } - - if ( s.alt ) { - if ( ( list.children(':visible').index( e[0] ) + s.altOffset ) % 2 ) { e.removeClass( s.alt ); } - else { e.addClass( s.alt ); } - } - - if ( 'none' != s.addColor ) { - var b = e.css( 'background-color' ); - if ( b == 'transparent' ) { b = ''; } - Fat.fade_element(e.attr('id'),null,700,s.addColor); - setTimeout( function() { - var g = e.css( 'background-color', '' ).css( 'background-color' ); - if ( b != g ) { e.css( 'background-color', b ); } - }, 705 ); - } - list.each( function() { this.wpList.process( e ); } ); - return e; - }, - - clear: function(e) { - var list = this; - e = $(e); - if ( list.wpList && e.parents( '#' + list.id ).size() ) { return; } - e.find(':input').each( function() { - var t = this.type.toLowerCase(); var tag = this.tagName.toLowerCase(); - if ( 'text' == t || 'password' == t || 'textarea' == tag ) { this.value = ''; } - else if ( 'checkbox' == t || 'radio' == t ) { this.checked = false; } - else if ( 'select' == tag ) { this.selectedIndex = null; } - }); - }, - - process: function(el) { - var list = this; - var bl = function() { currentFormEl = false; }; - var fo = function() { currentFormEl = this; }; - var a = $("[@class^=add:" + list.id + ":]", el || null) - .filter('form').submit( function() { return list.wpList.add(this); } ).end() - .not('form').click( function() { return list.wpList.add(this); } ).each( function() { - var addEl = this; - var c = wpList.parseClass(this,'add')[2] || addEl.id; - if ( !c ) { return; } - var forms = []; var ins = []; - $('#' + c + ' :input').click( function() { $(this).unbind( 'blur', bl ).unbind( 'focus', fo ).blur( bl ).focus( fo ).focus(); } ).each( function() { - ins.push(this); - $.merge(forms,$(this).parents('form')); - forms = $.unique(forms); - } ); - $(forms).submit( function() { - var e = currentFormEl; - if ( 0 <= $.inArray(e,ins) ) { - $(addEl).trigger( 'click' ); - $(e).focus(); - return false; - } - } ); - } ); - var d = $("[@class^=delete:" + list.id + ":]", el || null).click( function() { return list.wpList.del(this); } ); - var c = $("[@class^=dim:" + list.id + ":]", el || null).click( function() { return list.wpList.dim(this); } ); - }, - - recolor: function() { - var list = this; - if ( !list.wpList.settings.alt ) { return; } - var items = $('.list-item:visible', list); - if ( !items.size() ) { items = $(list).children(':visible'); } - var eo = [':even',':odd']; - if ( list.wpList.settings.altOffset % 2 ) { eo.reverse(); } - items.filter(eo[0]).addClass(list.wpList.settings.alt).end().filter(eo[1]).removeClass(list.wpList.settings.alt); - }, - - init: function() { - var lists = this; - lists.wpList.process = function(a) { - lists.each( function() { - this.wpList.process(a); - } ); - }; - lists.wpList.recolor = function() { - lists.each( function() { - this.wpList.recolor(); - } ); - }; - } -}; - -$.fn.wpList = function( settings ) { - this.each( function() { - var _this = this; - this.wpList = { settings: $.extend( {}, wpList.settings, { what: wpList.parseClass(this,'list')[1] || '' }, settings ) }; - $.each( fs, function(i,f) { _this.wpList[i] = function( e, s ) { return wpList[f].call( _this, e, s ); }; } ); - } ); - wpList.init.call(this); - this.wpList.process(); - return this; -}; - -})(jQuery); diff --git a/wp-includes/link-template.php b/wp-includes/link-template.php index c3b7ed7..6a0677b 100644 --- a/wp-includes/link-template.php +++ b/wp-includes/link-template.php @@ -367,9 +367,9 @@ function get_previous_post($in_same_cat = false, $excluded_categories = '') { if ( $in_same_cat ) { $join = " INNER JOIN $wpdb->term_relationships AS tr ON p.ID = tr.object_id "; $cat_array = wp_get_object_terms($post->ID, 'category', 'fields=tt_ids'); - $join .= $wpdb->prepare(' AND (tr.term_taxonomy_id = %d', $cat_array[0]); + $join .= ' AND (tr.term_taxonomy_id = ' . intval($cat_array[0]); for ( $i = 1; $i < (count($cat_array)); $i++ ) { - $join .= $wpdb->prepare(' OR tr.term_taxonomy_id = %d', $cat_array[$i]); + $join .= ' OR tr.term_taxonomy_id = ' . intval($cat_array[$i]); } $join .= ')'; } @@ -382,7 +382,7 @@ function get_previous_post($in_same_cat = false, $excluded_categories = '') { } $join = apply_filters( 'get_previous_post_join', $join, $in_same_cat, $excluded_categories ); - $where = apply_filters( 'get_previous_post_where', $wpdb->prepare("WHERE p.post_date < %s AND p.post_type = 'post' AND p.post_status = 'publish' $posts_in_ex_cats_sql", $current_post_date), $in_same_cat, $excluded_categories ); + $where = apply_filters( 'get_previous_post_where', "WHERE p.post_date < '$current_post_date' AND p.post_type = 'post' AND p.post_status = 'publish' $posts_in_ex_cats_sql", $in_same_cat, $excluded_categories ); $sort = apply_filters( 'get_previous_post_sort', 'ORDER BY p.post_date DESC LIMIT 1' ); return @$wpdb->get_row("SELECT p.ID, p.post_title FROM $wpdb->posts AS p $join $where $sort"); @@ -400,9 +400,9 @@ function get_next_post($in_same_cat = false, $excluded_categories = '') { if ( $in_same_cat ) { $join = " INNER JOIN $wpdb->term_relationships AS tr ON p.ID = tr.object_id "; $cat_array = wp_get_object_terms($post->ID, 'category', 'fields=tt_ids'); - $join .= $wpdb->prepare(' AND (tr.term_taxonomy_id = %d', $cat_array[0]); + $join .= ' AND (tr.term_taxonomy_id = ' . intval($cat_array[0]); for ( $i = 1; $i < (count($cat_array)); $i++ ) { - $join .= $wpdb->prepare(' OR tr.term_taxonomy_id = $d', $cat_array[$i]); + $join .= ' OR tr.term_taxonomy_id = ' . intval($cat_array[$i]); } $join .= ')'; } @@ -415,7 +415,7 @@ function get_next_post($in_same_cat = false, $excluded_categories = '') { } $join = apply_filters( 'get_next_post_join', $join, $in_same_cat, $excluded_categories ); - $where = apply_filters( 'get_next_post_where', $wpdb->prepare("WHERE p.post_date > %s AND p.post_type = 'post' AND p.post_status = 'publish' $posts_in_ex_cats_sql AND p.ID != %d", $current_post_date, $post->ID), $in_same_cat, $excluded_categories ); + $where = apply_filters( 'get_next_post_where', "WHERE p.post_date > '$current_post_date' AND p.post_type = 'post' AND p.post_status = 'publish' $posts_in_ex_cats_sql AND p.ID != $post->ID", $in_same_cat, $excluded_categories ); $sort = apply_filters( 'get_next_post_sort', 'ORDER BY p.post_date ASC LIMIT 1' ); return @$wpdb->get_row("SELECT p.ID, p.post_title FROM $wpdb->posts AS p $join $where $sort"); diff --git a/wp-includes/pluggable.php b/wp-includes/pluggable.php index 48ba4b2..4fd64e1 100644 --- a/wp-includes/pluggable.php +++ b/wp-includes/pluggable.php @@ -76,11 +76,11 @@ function get_userdata( $user_id ) { return $user; } - if ( !$user = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->users WHERE ID = %d LIMIT 1", $user_id)) ) + if ( !$user = $wpdb->get_row("SELECT * FROM $wpdb->users WHERE ID = '$user_id' LIMIT 1") ) return false; $wpdb->hide_errors(); - $metavalues = $wpdb->get_results($wpdb->prepare("SELECT meta_key, meta_value FROM $wpdb->usermeta WHERE user_id = %d", $user_id)); + $metavalues = $wpdb->get_results("SELECT meta_key, meta_value FROM $wpdb->usermeta WHERE user_id = '$user_id'"); $wpdb->show_errors(); if ($metavalues) { @@ -139,7 +139,9 @@ function get_userdatabylogin($user_login) { } elseif( $userdata ) return $userdata; - if ( !$user_ID = $wpdb->get_var($wpdb->prepare("SELECT ID FROM $wpdb->users WHERE user_login = %s", $user_login)) ) + $user_login = $wpdb->escape($user_login); + + if ( !$user_ID = $wpdb->get_var("SELECT ID FROM $wpdb->users WHERE user_login = '$user_login'") ) return false; $user = get_userdata($user_ID); @@ -396,26 +398,23 @@ function check_admin_referer($action = -1) { }endif; if ( !function_exists('check_ajax_referer') ) : -function check_ajax_referer( $action = -1 ) { - $nonce = $_REQUEST['_ajax_nonce'] ? $_REQUEST['_ajax_nonce'] : $_REQUEST['_wpnonce']; - if ( !wp_verify_nonce( $nonce, $action ) ) { - $current_name = ''; - if ( ( $current = wp_get_current_user() ) && $current->ID ) - $current_name = $current->data->user_login; - if ( !$current_name ) - die('-1'); - - $cookie = explode('; ', urldecode(empty($_POST['cookie']) ? $_GET['cookie'] : $_POST['cookie'])); // AJAX scripts must pass cookie=document.cookie - foreach ( $cookie as $tasty ) { - if ( false !== strpos($tasty, USER_COOKIE) ) - $user = substr(strstr($tasty, '='), 1); - if ( false !== strpos($tasty, PASS_COOKIE) ) - $pass = substr(strstr($tasty, '='), 1); - } - - if ( $current_name != $user || !wp_login( $user, $pass, true ) ) - die('-1'); +function check_ajax_referer() { + $current_name = ''; + if ( ( $current = wp_get_current_user() ) && $current->ID ) + $current_name = $current->data->user_login; + if ( !$current_name ) + die('-1'); + + $cookie = explode('; ', urldecode(empty($_POST['cookie']) ? $_GET['cookie'] : $_POST['cookie'])); // AJAX scripts must pass cookie=document.cookie + foreach ( $cookie as $tasty ) { + if ( false !== strpos($tasty, USER_COOKIE) ) + $user = substr(strstr($tasty, '='), 1); + if ( false !== strpos($tasty, PASS_COOKIE) ) + $pass = substr(strstr($tasty, '='), 1); } + + if ( $current_name != $user || !wp_login( $user, $pass, true ) ) + die('-1'); do_action('check_ajax_referer'); } endif; @@ -630,8 +629,8 @@ function wp_notify_moderator($comment_id) { if( get_option( "moderation_notify" ) == 0 ) return true; - $comment = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_ID=%d LIMIT 1", $comment_id)); - $post = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->posts WHERE ID=%d LIMIT 1", $comment->comment_post_ID)); + $comment = $wpdb->get_row("SELECT * FROM $wpdb->comments WHERE comment_ID='$comment_id' LIMIT 1"); + $post = $wpdb->get_row("SELECT * FROM $wpdb->posts WHERE ID='$comment->comment_post_ID' LIMIT 1"); $comment_author_domain = @gethostbyaddr($comment->comment_author_IP); $comments_waiting = $wpdb->get_var("SELECT count(comment_ID) FROM $wpdb->comments WHERE comment_approved = '0'"); diff --git a/wp-includes/plugin.php b/wp-includes/plugin.php index 42dde27..2c04c1c 100644 --- a/wp-includes/plugin.php +++ b/wp-includes/plugin.php @@ -1,79 +1,27 @@ <?php -/** - * The plugin API is located in this file, which allows for creating actions - * and filters and hooking functions, and methods. The functions or methods will - * then be run when the action or filter is called. - * - * The API callback examples reference functions, but can be methods of classes. - * To hook methods, you'll need to pass an array one of two ways. - * - * For static methods (you won't have access to the <tt>$this</tt> variable in the - * method): - * <code>array('class_name', 'method_name');</code> - * - * The second method will need the reference to the object to have access to the - * method. - * <code>array(&$this, 'method_name');</code> - * <code> - * $obj = new myObject(); - * array(&$obj, 'method_name'); - * </code> - * Any of the syntaxes explained in the PHP documentation for the - * {@link http://us2.php.net/manual/en/language.pseudo-types.php#language.types.callback 'callback' type} are valid. - * - * Also see the {@link http://codex.wordpress.org/Plugin_API Plugin API} for more information - * and examples on how to use a lot of these functions. - * - * @package WordPress - * @subpackage Plugin - * @since 1.5 - */ /** - * Hooks a function or method to a specific filter action. + * Hooks a function to a specific filter action. * * Filters are the hooks that WordPress launches to modify text of various types * before adding it to the database or sending it to the browser screen. Plugins * can specify that one or more of its PHP functions is executed to * modify specific types of text at these times, using the Filter API. - * - * To use the API, the following code should be used to bind a callback to the filter - * <code> - * function example_hook($example) { echo $example; } - * - * add_filter('example_filter', 'example_hook'); - * </code> - * - * In WordPress 1.5.1+, hooked functions can take extra arguments that are set when - * the matching do_action() or apply_filters() call is run. The <tt>$accepted_args - * allow for calling functions only when the number of args match. Hooked functions - * can take extra arguments that are set when the matching <tt>do_action()</tt> or - * <tt>apply_filters()</tt> call is run. For example, the action <tt>comment_id_not_found</tt> - * will pass any functions that hook onto it the ID of the requested comment. - * - * <strong>Note:</strong> the function will return true no matter if the function was hooked - * fails or not. There are no checks for whether the function exists beforehand and no checks - * to whether the <tt>$function_to_add is even a string. It is up to you to take care and - * this is done for optimization purposes, so everything is as quick as possible. - * - * @package WordPress - * @subpackage Plugin - * @since 1.5 - * @global array $wp_filter Stores all of the filters added in the form of - * wp_filter['tag']['array of priorities']['array of functions serialized']['array of ['array (functions, accepted_args)]'] - * @global array $merged_filters Tracks the tags that need to be merged for later. If the hook is added, it doesn't need to run through that process. + * See the [Plugin API] for a list of filter hooks. * * @param string $tag The name of the filter to hook the <tt>$function_to_add</tt> to. * @param callback $function_to_add The name of the function to be called when the filter is applied. * @param int $priority optional. Used to specify the order in which the functions associated with a particular action are executed (default: 10). Lower numbers correspond with earlier execution, and functions with the same priority are executed in the order in which they were added to the action. - * @param int $accepted_args optional. The number of arguments the function accept (default 1). - * @return boolean true + * @param int $accepted_args optional. The number of arguments the function accept (default 1). In WordPress 1.5.1+, hooked functions can take extra arguments that are set when the matching do_action() or apply_filters() call is run. + * @return boolean true if the <tt>$function_to_add</tt> is added succesfully to filter <tt>$tag</tt>. How many arguments your function takes. In WordPress 1.5.1+, hooked functions can take extra arguments that are set when the matching <tt>do_action()</tt> or <tt>apply_filters()</tt> call is run. For example, the action <tt>comment_id_not_found</tt> will pass any functions that hook onto it the ID of the requested comment. */ function add_filter($tag, $function_to_add, $priority = 10, $accepted_args = 1) { global $wp_filter, $merged_filters; + // So the format is wp_filter['tag']['array of priorities']['array of functions serialized']['array of ['array (functions, accepted_args)]'] $idx = _wp_filter_build_unique_id($tag, $function_to_add, $priority); - $wp_filter[$tag][$priority][$idx] = array('function' => $function_to_add, 'accepted_args' => $accepted_args); + $wp_filter[$tag][$priority][$idx] = array('function' => $function_to_add, 'accepted_args' => $accepted_args); + //$wp_filter[$tag][$priority][serialize($function_to_add)] = array('function' => $function_to_add, 'accepted_args' => $accepted_args); unset( $merged_filters[ $tag ] ); return true; } @@ -85,35 +33,20 @@ function add_filter($tag, $function_to_add, $priority = 10, $accepted_args = 1) * calling this function. This function can be used to create a new filter hook * by simply calling this function with the name of the new hook specified using * the <tt>$tag</a> parameter. - * - * The function allows for additional arguments to be added and passed to hooks. - * <code> - * function example_hook($string, $arg1, $arg2) - * { - * //Do stuff - * } - * $value = apply_filters('example_filter', 'filter me', 'arg1', 'arg2'); - * </code> - * - * @package WordPress - * @subpackage Plugin - * @since 1.5 - * @global array $wp_filter Stores all of the filters - * @global array $merge_filters Merges the filter hooks using this function. - * + * @uses merge_filters Merges the filter hooks using this function. * @param string $tag The name of the filter hook. - * @param string $value The value on which the filters hooked to <tt>$tag</tt> are applied on. + * @param string $string The text on which the filters hooked to <tt>$tag</tt> are applied on. * @param mixed $var,... Additional variables passed to the functions hooked to <tt>$tag</tt>. * @return string The text in <tt>$string</tt> after all hooked functions are applied to it. */ -function apply_filters($tag, $value) { +function apply_filters($tag, $string) { global $wp_filter, $merged_filters; if ( !isset( $merged_filters[ $tag ] ) ) merge_filters($tag); if ( !isset($wp_filter[$tag]) ) - return $value; + return $string; reset( $wp_filter[ $tag ] ); @@ -122,13 +55,13 @@ function apply_filters($tag, $value) { do{ foreach( (array) current($wp_filter[$tag]) as $the_ ) if ( !is_null($the_['function']) ){ - $args[1] = $value; - $value = call_user_func_array($the_['function'], array_slice($args, 1, (int) $the_['accepted_args'])); + $args[1] = $string; + $string = call_user_func_array($the_['function'], array_slice($args, 1, (int) $the_['accepted_args'])); } } while ( next($wp_filter[$tag]) !== false ); - return $value; + return $string; } /** @@ -137,17 +70,7 @@ function apply_filters($tag, $value) { * It is possible to defined generic filter functions using the filter hook * <em>all</e>. These functions are called for every filter tag. This function * merges the functions attached to the <em>all</em> hook with the functions - * of a specific hook defined by <tt>$tag</tt>. - * - * Bugged if you hook into 'all' tag, then you <strong>will</strong> lose all priority - * information. {@link http://trac.wordpress.org/ticket/4715 Bug #4715} for more information. - * - * @package WordPress - * @subpackage Plugin - * @since 1.5 - * @global array $wp_filter Stores all of the filters - * @global array $merge_filters Merges the filter hooks using this function. - * + * of a specific hoook defined by <tt>$tag</tt>. * @param string $tag The filter hook of which the functions should be merged. */ function merge_filters($tag) { @@ -169,20 +92,11 @@ function merge_filters($tag) { * This function removes a function attached to a specified filter hook. This * method can be used to remove default functions attached to a specific filter * hook and possibly replace them with a substitute. - * - * To remove a hook, the <tt>$function_to_remove</tt> and <tt>$priority</tt> arguments - * must match when the hook was added. This goes for both filters and actions. No warning - * will be given on removal failure. - * - * @package WordPress - * @subpackage Plugin - * @since 1.5 - * * @param string $tag The filter hook to which the function to be removed is hooked. * @param callback $function_to_remove The name of the function which should be removed. * @param int $priority optional. The priority of the function (default: 10). * @param int $accepted_args optional. The number of arguments the function accpets (default: 1). - * @return boolean Whether the function existed before it was removed. + * @return boolean Whether the function is removed. */ function remove_filter($tag, $function_to_remove, $priority = 10, $accepted_args = 1) { $function_to_remove = _wp_filter_build_unique_id($tag, $function_to_remove, $priority); @@ -203,16 +117,11 @@ function remove_filter($tag, $function_to_remove, $priority = 10, $accepted_args * one or more of its PHP functions are executed at these points, using the * Action API. * - * @uses add_filter() Adds an action. Parameter list and functionality are the same. - * - * @package WordPress - * @subpackage Plugin - * @since 1.5 - * * @param string $tag The name of the action to which the <tt>$function_to-add</tt> is hooked. - * @param callback $function_to_add The name of the function you wish to be called. + * @param callback $function_to_add The name of the function you wish to be called. Note: any of the syntaxes explained in the PHP documentation for the 'callback' type (http://us2.php.net/manual/en/language.pseudo-types.php#language.types.callback) are valid. * @param int $priority optional. Used to specify the order in which the functions associated with a particular action are executed (default: 10). Lower numbers correspond with earlier execution, and functions with the same priority are executed in the order in which they were added to the action. - * @param int $accepted_args optional. The number of arguments the function accept (default 1). + * @param int $accepted_args optional. The number of arguments the function accept (default 1). In WordPress 1.5.1+, hooked functions can take extra arguments that are set when the matching do_action() or apply_filters() call is run. + * @return boolean Always true. */ function add_action($tag, $function_to_add, $priority = 10, $accepted_args = 1) { add_filter($tag, $function_to_add, $priority, $accepted_args); @@ -224,21 +133,9 @@ function add_action($tag, $function_to_add, $priority = 10, $accepted_args = 1) * This function invokes all functions attached to action hook <tt>$tag</tt>. * It is possible to create new action hooks by simply calling this function, * specifying the name of the new hook using the <tt>$tag</tt> parameter. - * - * You can pass extra arguments to the hooks, much like you can with apply_filters(). - * - * @see apply_filters() This function works similar with the exception that nothing is - * returned and only the functions or methods are called. - * - * @package WordPress - * @subpackage Plugin - * @since 1.5 - * @global array $wp_filter Stores all of the filters - * @global array $wp_actions Increments the amount of times action was triggered. - * + * @uses merge_filters * @param string $tag The name of the action to be executed. * @param mixed $arg,... Optional additional arguments which are passed on to the functions hooked to the action. - * @return null Will return null if $tag does not exist in $wp_filter array */ function do_action($tag, $arg = '') { global $wp_filter, $wp_actions; @@ -272,12 +169,6 @@ function do_action($tag, $arg = '') { /** * Return the number times an action is fired. - * - * @package WordPress - * @subpackage Plugin - * @since 2.1 - * @global array $wp_actions Increments the amount of times action was triggered. - * * @param string $tag The name of the action hook. * @return int The number of times action hook <tt>$tag</tt> is fired */ @@ -291,22 +182,12 @@ function did_action($tag) { } /** - * Execute functions hooked on a specific action hook, specifying arguments in an array. + * Execute functions hooked on a specific action hook, specifying arguments in a array. * - * @see do_action() This function is identical, but the arguments passed to + * This function is identical to {@link do_action}, but the argumetns passe to * the functions hooked to <tt>$tag</tt> are supplied using an array. - * - * @uses merge_filters() - * - * @package WordPress - * @subpackage Plugin - * @since 2.1 - * @global array $wp_filter Stores all of the filters - * @global array $wp_actions Increments the amount of times action was triggered. - * * @param string $tag The name of the action to be executed. * @param array $args The arguments supplied to the functions hooked to <tt>$tag</tt> - * @return null Will return null if $tag does not exist in $wp_filter array */ function do_action_ref_array($tag, $args) { global $wp_filter, $wp_actions; @@ -336,13 +217,6 @@ function do_action_ref_array($tag, $args) { * This function removes a function attached to a specified action hook. This * method can be used to remove default functions attached to a specific filter * hook and possibly replace them with a substitute. - * - * @uses remove_filter() Uses remove_filter to remove actions added. - * - * @package WordPress - * @subpackage Plugin - * @since 1.5 - * * @param string $tag The action hook to which the function to be removed is hooked. * @param callback $function_to_remove The name of the function which should be removed. * @param int $priority optional The priority of the function (default: 10). @@ -361,13 +235,6 @@ function remove_action($tag, $function_to_remove, $priority = 10, $accepted_args * Gets the basename of a plugin. * * This method extract the name of a plugin from its filename. - * - * @package WordPress - * @subpackage Plugin - * @since 1.5 - * - * @access private - * * @param string $file The filename of plugin. * @return string The name of a plugin. */ @@ -385,17 +252,10 @@ function plugin_basename($file) { * activated. In the name of this hook, PLUGINNAME is replaced with the name of * the plugin, including the optional subdirectory. For example, when the plugin * is located in <tt>wp-content/plugin/sampleplugin/sample.php</tt>, then the - * name of this hook will become 'activate_sampleplugin/sample.php' + * name of this hook will become 'activate_sampleplugin/sample.php'. * When the plugin consists of only one file and is (as by default) located at * <tt>wp-content/plugin/sample.php</tt> the name of this hook will be * 'activate_sample.php'. - * - * @package WordPress - * @subpackage Plugin - * @since 1.5 - * - * @access private - * * @param string $file The filename of the plugin including the path. * @param string $function the function hooked to the 'activate_PLUGIN' action. */ @@ -415,13 +275,6 @@ function register_activation_hook($file, $function) { * When the plugin consists of only one file and is (as by default) located at * <tt>wp-content/plugin/sample.php</tt> the name of this hook will be * 'activate_sample.php'. - * - * @package WordPress - * @subpackage Plugin - * @since 2.0 - * - * @access private - * * @param string $file The filename of the plugin including the path. * @param string $function the function hooked to the 'activate_PLUGIN' action. */ @@ -430,49 +283,19 @@ function register_deactivation_hook($file, $function) { add_action('deactivate_' . $file, $function); } -/** - * Build Unique ID for storage and retrieval - * - * The old way to serialize the callback caused issues and this function is the - * solution. It works by checking for objects and creating an a new property in - * the class to keep track of the object and new objects of the same class that - * need to be added. - * - * It also allows for the removal of actions and filters for objects after they - * change class properties. It is possible to include the property $wp_filter_id - * in your class and set it to "null" or a number to bypass the workaround. However - * this will prevent you from adding new classes and any new classes will overwrite - * the previous hook by the same class. - * - * Functions and static method callbacks are just returned as strings and shouldn't - * have any speed penalty. - * - * @package WordPress - * @subpackage Plugin - * @since 2.2.3 - * - * @link http://trac.wordpress.org/ticket/3875 - * - * @access private - * - * @global array $wp_filter Storage for all of the filters and actions - * @param string $tag Used in counting how many hooks were applied - * @param string|array $function Used for creating unique id - * @param int $priority Used in counting how many hooks were applied - * @return string Unique ID for usage as array key - */ function _wp_filter_build_unique_id($tag, $function, $priority = 10) { global $wp_filter; // If function then just skip all of the tests and not overwrite the following. + // Static Calling if( is_string($function) ) return $function; // Object Class Calling else if(is_object($function[0]) ) { $obj_idx = get_class($function[0]).$function[1]; - if( is_null($function[0]->wp_filter_id) ) { // This should be instead of is_null() change to !isset() to fix notice + if( is_null($function[0]->wp_filter_id) ) { $count = count((array)$wp_filter[$tag][$priority]); $function[0]->wp_filter_id = $count; $obj_idx .= $count; @@ -481,7 +304,6 @@ function _wp_filter_build_unique_id($tag, $function, $priority = 10) $obj_idx .= $function[0]->wp_filter_id; return $obj_idx; } - // Static Calling else if( is_string($function[0]) ) return $function[0].$function[1]; } diff --git a/wp-includes/post-template.php b/wp-includes/post-template.php index 175906c..a956dc4 100644 --- a/wp-includes/post-template.php +++ b/wp-includes/post-template.php @@ -445,7 +445,6 @@ function get_attachment_icon( $id = 0, $fullsize = false, $max_dims = false ) { } } else { $post->iconsize = array($imagesize[0], $imagesize[1]); - $constraint = ''; } } @@ -492,38 +491,4 @@ function get_the_password_form() { return $output; } -/** - * is_page_template() - Determine wether or not we are in a page template - * - * This template tag allows you to determine wether or not you are in a page template. - * You can optional provide a template name and then the check will be specific to - * that template. - * - * @package Template Tags - * @global object $wp_query - * @param string $template The specific template name if specific matching is required - */ -function is_page_template($template = '') { - if (!is_page()) { - return false; - } - - global $wp_query; - - $page = $wp_query->get_queried_object(); - $custom_fields = get_post_custom_values('_wp_page_template',$page->ID); - $page_template = $custom_fields[0]; - - // We have no argument passed so just see if a page_template has been specified - if ( empty( $template ) ) { - if (!empty( $page_template ) ) { - return true; - } - } elseif ( $template == $page_template) { - return true; - } - - return false; -} - ?> diff --git a/wp-includes/post.php b/wp-includes/post.php index ecc77c6..ea41d62 100644 --- a/wp-includes/post.php +++ b/wp-includes/post.php @@ -26,7 +26,7 @@ function update_attached_file( $attachment_id, $file ) { } function &get_children($args = '', $output = OBJECT) { - global $wpdb; + global $post_cache, $wpdb, $blog_id; if ( empty( $args ) ) { if ( isset( $GLOBALS['post'] ) ) { @@ -49,13 +49,14 @@ function &get_children($args = '', $output = OBJECT) { $children = get_posts( $r ); - if ( !$children ) + if ( $children ) { + foreach ( $children as $key => $child ) { + $post_cache[$blog_id][$child->ID] =& $children[$key]; + $kids[$child->ID] =& $children[$key]; + } + } else { return false; - - update_post_cache($children); - - foreach ( $children as $key => $child ) - $kids[$child->ID] =& $children[$key]; + } if ( $output == OBJECT ) { return $kids; @@ -92,24 +93,37 @@ function get_extended($post) { // Retrieves post data given a post ID or post object. // Handles post caching. function &get_post(&$post, $output = OBJECT, $filter = 'raw') { - global $wpdb; + global $post_cache, $wpdb, $blog_id; if ( empty($post) ) { if ( isset($GLOBALS['post']) ) $_post = & $GLOBALS['post']; else - return null; + $_post = null; } elseif ( is_object($post) ) { - wp_cache_add($post->ID, $post, 'posts'); - $_post = &$post; + if ( 'page' == $post->post_type ) + return get_page($post, $output, $filter); + if ( !isset($post_cache[$blog_id][$post->ID]) ) + $post_cache[$blog_id][$post->ID] = &$post; + $_post = & $post_cache[$blog_id][$post->ID]; } else { $post = (int) $post; - if ( ! $_post = wp_cache_get($post, 'posts') ) { - $_post = & $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->posts WHERE ID = %d LIMIT 1", $post)); - wp_cache_add($_post->ID, $_post, 'posts'); + if ( isset($post_cache[$blog_id][$post]) ) + $_post = & $post_cache[$blog_id][$post]; + elseif ( $_post = wp_cache_get($post, 'pages') ) + return get_page($_post, $output, $filter); + else { + $query = "SELECT * FROM $wpdb->posts WHERE ID = '$post' LIMIT 1"; + $_post = & $wpdb->get_row($query); + if ( 'page' == $_post->post_type ) + return get_page($_post, $output, $filter); + $post_cache[$blog_id][$post] = & $_post; } } + if ( defined('WP_IMPORTING') ) + unset($post_cache[$blog_id]); + $_post = sanitize_post($_post, $filter); if ( $output == OBJECT ) { @@ -209,9 +223,9 @@ function get_posts($args) { if ( count($incposts) ) { foreach ( $incposts as $incpost ) { if (empty($inclusions)) - $inclusions = $wpdb->prepare(' AND ( ID = %d ', $incpost); + $inclusions = ' AND ( ID = ' . intval($incpost) . ' '; else - $inclusions .= $wpdb->prepare(' OR ID = %d ', $incpost); + $inclusions .= ' OR ID = ' . intval($incpost) . ' '; } } } @@ -224,9 +238,9 @@ function get_posts($args) { if ( count($exposts) ) { foreach ( $exposts as $expost ) { if (empty($exclusions)) - $exclusions = $wpdb->prepare(' AND ( ID <> %d ', $expost); + $exclusions = ' AND ( ID <> ' . intval($expost) . ' '; else - $exclusions .= $wpdb->prepare(' AND ID <> %d ', $expost); + $exclusions .= ' AND ID <> ' . intval($expost) . ' '; } } } @@ -237,16 +251,15 @@ function get_posts($args) { $query .= empty( $category ) ? '' : ", $wpdb->term_relationships, $wpdb->term_taxonomy "; $query .= empty( $meta_key ) ? '' : ", $wpdb->postmeta "; $query .= " WHERE 1=1 "; - $query .= empty( $post_type ) ? '' : $wpdb->prepare("AND post_type = %s ", $post_type); - $query .= empty( $post_status ) ? '' : $wpdb->prepare("AND post_status = %s ", $post_status); + $query .= empty( $post_type ) ? '' : "AND post_type = '$post_type' "; + $query .= empty( $post_status ) ? '' : "AND post_status = '$post_status' "; $query .= "$exclusions $inclusions " ; - $query .= empty( $category ) ? '' : $wpdb->prepare("AND ($wpdb->posts.ID = $wpdb->term_relationships.object_id AND $wpdb->term_relationships.term_taxonomy_id = $wpdb->term_taxonomy.term_taxonomy_id AND $wpdb->term_taxonomy.term_id = %d) ", $category); - $query .= empty( $post_parent ) ? '' : $wpdb->prepare("AND $wpdb->posts.post_parent = %d ", $post_parent); - // expected_slashed ($meta_key, $meta_value) -- Also, this looks really funky, doesn't seem like it works + $query .= empty( $category ) ? '' : "AND ($wpdb->posts.ID = $wpdb->term_relationships.object_id AND $wpdb->term_relationships.term_taxonomy_id = $wpdb->term_taxonomy.term_taxonomy_id AND $wpdb->term_taxonomy.term_id = " . $category. ") "; + $query .= empty( $post_parent ) ? '' : "AND $wpdb->posts.post_parent = '$post_parent' "; $query .= empty( $meta_key ) | empty($meta_value) ? '' : " AND ($wpdb->posts.ID = $wpdb->postmeta.post_id AND $wpdb->postmeta.meta_key = '$meta_key' AND $wpdb->postmeta.meta_value = '$meta_value' )"; $query .= " GROUP BY $wpdb->posts.ID ORDER BY " . $orderby . ' ' . $order; if ( 0 < $numberposts ) - $query .= $wpdb->prepare(" LIMIT %d,%d", $offset, $numberposts); + $query .= " LIMIT " . $offset . ',' . $numberposts; $posts = $wpdb->get_results($query); @@ -259,118 +272,124 @@ function get_posts($args) { // Post meta functions // -function add_post_meta($post_id, $meta_key, $meta_value, $unique = false) { - global $wpdb; +function add_post_meta($post_id, $key, $value, $unique = false) { + global $wpdb, $post_meta_cache, $blog_id; - // expected_slashed ($meta_key) - $meta_key = stripslashes($meta_key); + $post_id = (int) $post_id; - if ( $unique && $wpdb->get_var( $wpdb->prepare( "SELECT meta_key FROM $wpdb->postmeta WHERE meta_key = %s AND post_id = %d", $meta_key, $post_id ) ) ) - return false; + if ( $unique ) { + if ( $wpdb->get_var("SELECT meta_key FROM $wpdb->postmeta WHERE meta_key = '$key' AND post_id = '$post_id'") ) { + return false; + } + } - $cache = wp_cache_get($post_id, 'post_meta'); - if ( ! is_array($cache) ) - $cache = array(); - // expected_slashed ($meta_key) - $cache[$wpdb->escape($meta_key)][] = $meta_value; + $post_meta_cache[$blog_id][$post_id][$key][] = $value; - wp_cache_set($post_id, $cache, 'post_meta'); + $value = maybe_serialize($value); + $value = $wpdb->escape($value); - $meta_value = maybe_serialize($meta_value); + $wpdb->query("INSERT INTO $wpdb->postmeta (post_id,meta_key,meta_value) VALUES ('$post_id','$key','$value')"); - $wpdb->insert( $wpdb->postmeta, compact( 'post_id', 'meta_key', 'meta_value' ) ); return true; } function delete_post_meta($post_id, $key, $value = '') { - global $wpdb; - - $post_id = absint( $post_id ); + global $wpdb, $post_meta_cache, $blog_id; - // expected_slashed ($key, $value) - $key = stripslashes( $key ); - $value = stripslashes( $value ); + $post_id = (int) $post_id; - if ( empty( $value ) ) - $meta_id = $wpdb->get_var( $wpdb->prepare( "SELECT meta_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = %s", $post_id, $key ) ); - else - $meta_id = $wpdb->get_var( $wpdb->prepare( "SELECT meta_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = %s AND meta_value = %s", $post_id, $key, $value ) ); + if ( empty($value) ) { + $meta_id = $wpdb->get_var("SELECT meta_id FROM $wpdb->postmeta WHERE post_id = '$post_id' AND meta_key = '$key'"); + } else { + $meta_id = $wpdb->get_var("SELECT meta_id FROM $wpdb->postmeta WHERE post_id = '$post_id' AND meta_key = '$key' AND meta_value = '$value'"); + } if ( !$meta_id ) return false; - if ( empty( $value ) ) - $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = %s", $post_id, $key ) ); - else - $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = %s AND meta_value = %s", $post_id, $key, $value ) ); + if ( empty($value) ) { + $wpdb->query("DELETE FROM $wpdb->postmeta WHERE post_id = '$post_id' AND meta_key = '$key'"); + unset($post_meta_cache[$blog_id][$post_id][$key]); + } else { + $wpdb->query("DELETE FROM $wpdb->postmeta WHERE post_id = '$post_id' AND meta_key = '$key' AND meta_value = '$value'"); + $cache_key = $post_meta_cache[$blog_id][$post_id][$key]; + if ($cache_key) foreach ( $cache_key as $index => $data ) + if ( $data == $value ) + unset($post_meta_cache[$blog_id][$post_id][$key][$index]); + } - wp_cache_delete($post_id, 'post_meta'); + unset($post_meta_cache[$blog_id][$post_id][$key]); return true; } function get_post_meta($post_id, $key, $single = false) { - global $wpdb; + global $wpdb, $post_meta_cache, $blog_id; $post_id = (int) $post_id; - $meta_cache = wp_cache_get($post_id, 'post_meta'); - - if ( isset($meta_cache[$key]) ) { + if ( isset($post_meta_cache[$blog_id][$post_id][$key]) ) { if ( $single ) { - return maybe_unserialize( $meta_cache[$key][0] ); + return maybe_unserialize( $post_meta_cache[$blog_id][$post_id][$key][0] ); } else { - return maybe_unserialize( $meta_cache[$key] ); + return maybe_unserialize( $post_meta_cache[$blog_id][$post_id][$key] ); } } - if ( !$meta_cache ) { + if ( !isset($post_meta_cache[$blog_id][$post_id]) ) update_postmeta_cache($post_id); - $meta_cache = wp_cache_get($post_id, 'post_meta'); - } if ( $single ) { - if ( isset($meta_cache[$key][0]) ) - return maybe_unserialize($meta_cache[$key][0]); + if ( isset($post_meta_cache[$blog_id][$post_id][$key][0]) ) + return maybe_unserialize($post_meta_cache[$blog_id][$post_id][$key][0]); else return ''; - } else { - return maybe_unserialize($meta_cache[$key]); + } else { + return maybe_unserialize($post_meta_cache[$blog_id][$post_id][$key]); } } -function update_post_meta($post_id, $meta_key, $meta_value, $prev_value = '') { - global $wpdb; +function update_post_meta($post_id, $key, $value, $prev_value = '') { + global $wpdb, $post_meta_cache, $blog_id; - $original_value = $meta_value; - $meta_value = maybe_serialize($meta_value); + $post_id = (int) $post_id; + + $original_value = $value; + $value = maybe_serialize($value); + $value = $wpdb->escape($value); $original_prev = $prev_value; $prev_value = maybe_serialize($prev_value); + $prev_value = $wpdb->escape($prev_value); - // expected_slashed ($meta_key) - $meta_key = stripslashes($meta_key); - - if ( ! $wpdb->get_var( $wpdb->prepare( "SELECT meta_key FROM $wpdb->postmeta WHERE meta_key = %s AND post_id = %d", $meta_key, $post_id ) ) ) + if (! $wpdb->get_var("SELECT meta_key FROM $wpdb->postmeta WHERE meta_key = '$key' AND post_id = '$post_id'") ) { return false; + } - $data = compact( 'meta_value' ); - $where = compact( 'meta_key', 'post_id' ); - - if ( !empty( $prev_value ) ) - $where['meta_value'] = $prev_value; + if ( empty($prev_value) ) { + $wpdb->query("UPDATE $wpdb->postmeta SET meta_value = '$value' WHERE meta_key = '$key' AND post_id = '$post_id'"); + $cache_key = $post_meta_cache[$blog_id][$post_id][$key]; + if ( !empty($cache_key) ) + foreach ($cache_key as $index => $data) + $post_meta_cache[$blog_id][$post_id][$key][$index] = $original_value; + } else { + $wpdb->query("UPDATE $wpdb->postmeta SET meta_value = '$value' WHERE meta_key = '$key' AND post_id = '$post_id' AND meta_value = '$prev_value'"); + $cache_key = $post_meta_cache[$blog_id][$post_id][$key]; + if ( !empty($cache_key) ) + foreach ($cache_key as $index => $data) + if ( $data == $original_prev ) + $post_meta_cache[$blog_id][$post_id][$key][$index] = $original_value; + } - $wpdb->update( $wpdb->postmeta, $data, $where ); - wp_cache_delete($post_id, 'post_meta'); return true; } function delete_post_meta_by_key($post_meta_key) { - global $wpdb; - if ( $wpdb->query($wpdb->prepare("DELETE FROM $wpdb->postmeta WHERE meta_key = %s", $post_meta_key)) ) { - // TODO Get post_ids and delete cache - // wp_cache_delete($post_id, 'post_meta'); + global $wpdb, $post_meta_cache, $blog_id; + $post_meta_key = $wpdb->escape($post_meta_key); + if ( $wpdb->query("DELETE FROM $wpdb->postmeta WHERE meta_key = '$post_meta_key'") ) { + unset($post_meta_cache[$blog_id]); // not worth doing the work to iterate through the cache return true; } return false; @@ -378,17 +397,17 @@ function delete_post_meta_by_key($post_meta_key) { function get_post_custom($post_id = 0) { - global $id, $wpdb; + global $id, $post_meta_cache, $wpdb, $blog_id; if ( !$post_id ) $post_id = (int) $id; $post_id = (int) $post_id; - if ( ! wp_cache_get($post_id, 'post_meta') ) + if ( !isset($post_meta_cache[$blog_id][$post_id]) ) update_postmeta_cache($post_id); - return wp_cache_get($post_id, 'post_meta'); + return $post_meta_cache[$blog_id][$post_id]; } function get_post_custom_keys( $post_id = 0 ) { @@ -485,8 +504,9 @@ function sanitize_post_field($field, $value, $post_id, $context) { function wp_delete_post($postid = 0) { global $wpdb, $wp_rewrite; + $postid = (int) $postid; - if ( !$post = $wpdb->get_row($wpdb->prepare("SELECT * FROM $wpdb->posts WHERE ID = %d", $postid)) ) + if ( !$post = $wpdb->get_row("SELECT * FROM $wpdb->posts WHERE ID = $postid") ) return $post; if ( 'attachment' == $post->post_type ) @@ -497,25 +517,20 @@ function wp_delete_post($postid = 0) { // TODO delete for pluggable post taxonomies too wp_delete_object_term_relationships($postid, array('category', 'post_tag')); - $parent_data = array( 'post_parent' => $post->post_parent ); - $parent_where = array( 'post_parent' => $postid ); - if ( 'page' == $post->post_type ) - $wpdb->update( $wpdb->posts, $parent_data, $parent_where + array( 'post_type' => 'page' ) ); + $wpdb->query("UPDATE $wpdb->posts SET post_parent = $post->post_parent WHERE post_parent = $postid AND post_type = 'page'"); - $wpdb->update( $wpdb->posts, $parent_data, $parent_where + array( 'post_type' => 'attachment' ) ); + $wpdb->query("UPDATE $wpdb->posts SET post_parent = $post->post_parent WHERE post_parent = $postid AND post_type = 'attachment'"); - $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->posts WHERE ID = %d", $postid )); + $wpdb->query("DELETE FROM $wpdb->posts WHERE ID = $postid"); - $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->comments WHERE comment_post_ID = %d", $postid )); + $wpdb->query("DELETE FROM $wpdb->comments WHERE comment_post_ID = $postid"); - $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->postmeta WHERE post_id = %d", $postid )); + $wpdb->query("DELETE FROM $wpdb->postmeta WHERE post_id = $postid"); if ( 'page' == $post->post_type ) { clean_page_cache($postid); $wp_rewrite->flush_rules(); - } else { - clean_post_cache($postid); } do_action('deleted_post', $postid); @@ -642,14 +657,6 @@ function wp_insert_post($postarr = array()) { $post_date_gmt = get_gmt_from_date($post_date); } - if ( $update ) { - $post_modified = current_time( 'mysql' ); - $post_modified_gmt = current_time( 'mysql', 1 ); - } else { - $post_modified = $post_date; - $post_modified_gmt = $post_date_gmt; - } - if ( 'publish' == $post_status ) { $now = gmdate('Y-m-d H:i:59'); if ( mysql2date('U', $post_date_gmt) > mysql2date('U', $now) ) @@ -687,36 +694,54 @@ function wp_insert_post($postarr = array()) { $post_password = ''; if ( 'draft' != $post_status ) { - $post_name_check = $wpdb->get_var($wpdb->prepare("SELECT post_name FROM $wpdb->posts WHERE post_name = %s AND post_type = %s AND ID != %d AND post_parent = %d LIMIT 1", $post_name, $post_type, $post_ID, $post_parent)); + $post_name_check = $wpdb->get_var("SELECT post_name FROM $wpdb->posts WHERE post_name = '$post_name' AND post_type = '$post_type' AND ID != '$post_ID' AND post_parent = '$post_parent' LIMIT 1"); if ($post_name_check || in_array($post_name, $wp_rewrite->feeds) ) { $suffix = 2; do { $alt_post_name = substr($post_name, 0, 200-(strlen($suffix)+1)). "-$suffix"; - // expected_slashed ($alt_post_name, $post_name, $post_type) - $post_name_check = $wpdb->get_var($wpdb->prepare("SELECT post_name FROM $wpdb->posts WHERE post_name = '$alt_post_name' AND post_type = '$post_type' AND ID != %d AND post_parent = %d LIMIT 1", $post_ID, $post_parent)); + $post_name_check = $wpdb->get_var("SELECT post_name FROM $wpdb->posts WHERE post_name = '$alt_post_name' AND post_type = '$post_type' AND ID != '$post_ID' AND post_parent = '$post_parent' LIMIT 1"); $suffix++; } while ($post_name_check); $post_name = $alt_post_name; } } - // expected_slashed (everything!) - $data = compact( array( 'post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_content_filtered', 'post_title', 'post_excerpt', 'post_status', 'post_type', 'comment_status', 'ping_status', 'post_password', 'post_name', 'to_ping', 'pinged', 'post_modified', 'post_modified_gmt', 'post_parent', 'menu_order' ) ); - $data = stripslashes_deep( $data ); - $where = array( 'ID' => $post_ID ); - if ($update) { - $wpdb->update( $wpdb->posts, $data, $where ); + $wpdb->query( + "UPDATE IGNORE $wpdb->posts SET + post_author = '$post_author', + post_date = '$post_date', + post_date_gmt = '$post_date_gmt', + post_content = '$post_content', + post_content_filtered = '$post_content_filtered', + post_title = '$post_title', + post_excerpt = '$post_excerpt', + post_status = '$post_status', + post_type = '$post_type', + comment_status = '$comment_status', + ping_status = '$ping_status', + post_password = '$post_password', + post_name = '$post_name', + to_ping = '$to_ping', + pinged = '$pinged', + post_modified = '".current_time('mysql')."', + post_modified_gmt = '".current_time('mysql',1)."', + post_parent = '$post_parent', + menu_order = '$menu_order' + WHERE ID = $post_ID"); } else { - $data['post_mime_type'] = stripslashes( $post_mime_type ); // This isn't in the update - $wpdb->insert( $wpdb->posts, $data ); - $post_ID = (int) $wpdb->insert_id; + $wpdb->query( + "INSERT IGNORE INTO $wpdb->posts + (post_author, post_date, post_date_gmt, post_content, post_content_filtered, post_title, post_excerpt, post_status, post_type, comment_status, ping_status, post_password, post_name, to_ping, pinged, post_modified, post_modified_gmt, post_parent, menu_order, post_mime_type) + VALUES + ('$post_author', '$post_date', '$post_date_gmt', '$post_content', '$post_content_filtered', '$post_title', '$post_excerpt', '$post_status', '$post_type', '$comment_status', '$ping_status', '$post_password', '$post_name', '$to_ping', '$pinged', '$post_date', '$post_date_gmt', '$post_parent', '$menu_order', '$post_mime_type')"); + $post_ID = (int) $wpdb->insert_id; } if ( empty($post_name) && 'draft' != $post_status ) { $post_name = sanitize_title($post_title, $post_ID); - $wpdb->update( $wpdb->posts, compact( 'post_name' ), $where ); + $wpdb->query( "UPDATE $wpdb->posts SET post_name = '$post_name' WHERE ID = '$post_ID'" ); } wp_set_post_categories( $post_ID, $post_category ); @@ -730,7 +755,7 @@ function wp_insert_post($postarr = array()) { // Set GUID if ( ! $update ) - $wpdb->update( $wpdb->posts, array( 'guid' => get_permalink( $post_ID ) ), $where ); + $wpdb->query("UPDATE $wpdb->posts SET guid = '" . get_permalink($post_ID) . "' WHERE ID = '$post_ID'"); $post = get_post($post_ID); if ( !empty($page_template) ) @@ -798,7 +823,7 @@ function wp_publish_post($post_id) { if ( 'publish' == $post->post_status ) return; - $wpdb->update( $wpdb->posts, array( 'post_status' => 'publish' ), array( 'ID' => $post_id ) ); + $wpdb->query( "UPDATE $wpdb->posts SET post_status = 'publish' WHERE ID = '$post_id'" ); $old_status = $post->post_status; $post->post_status = 'publish'; @@ -858,15 +883,13 @@ function wp_transition_post_status($new_status, $old_status, $post) { function add_ping($post_id, $uri) { // Add a URL to those already pung global $wpdb; - $pung = $wpdb->get_var( $wpdb->prepare( "SELECT pinged FROM $wpdb->posts WHERE ID = %d", $post_id )); + $pung = $wpdb->get_var("SELECT pinged FROM $wpdb->posts WHERE ID = $post_id"); $pung = trim($pung); $pung = preg_split('/\s/', $pung); $pung[] = $uri; $new = implode("\n", $pung); $new = apply_filters('add_ping', $new); - // expected_slashed ($new) - $new = stripslashes($new); - return $wpdb->update( $wpdb->posts, array( 'pinged' => $new ), array( 'ID' => $post_id ) ); + return $wpdb->query("UPDATE $wpdb->posts SET pinged = '$new' WHERE ID = $post_id"); } function get_enclosed($post_id) { // Get enclosures already enclosed for a post @@ -890,7 +913,7 @@ function get_enclosed($post_id) { // Get enclosures already enclosed for a post function get_pung($post_id) { // Get URLs already pung for a post global $wpdb; - $pung = $wpdb->get_var( $wpdb->prepare( "SELECT pinged FROM $wpdb->posts WHERE ID = %d", $post_id )); + $pung = $wpdb->get_var("SELECT pinged FROM $wpdb->posts WHERE ID = $post_id"); $pung = trim($pung); $pung = preg_split('/\s/', $pung); $pung = apply_filters('get_pung', $pung); @@ -899,7 +922,7 @@ function get_pung($post_id) { // Get URLs already pung for a post function get_to_ping($post_id) { // Get any URLs in the todo list global $wpdb; - $to_ping = $wpdb->get_var( $wpdb->prepare( "SELECT to_ping FROM $wpdb->posts WHERE ID = %d", $post_id )); + $to_ping = $wpdb->get_var("SELECT to_ping FROM $wpdb->posts WHERE ID = $post_id"); $to_ping = trim($to_ping); $to_ping = preg_split('/\s/', $to_ping, -1, PREG_SPLIT_NO_EMPTY); $to_ping = apply_filters('get_to_ping', $to_ping); @@ -938,9 +961,9 @@ function trackback_url_list($tb_list, $post_id) { function get_all_page_ids() { global $wpdb; - if ( ! $page_ids = wp_cache_get('all_page_ids', 'posts') ) { + if ( ! $page_ids = wp_cache_get('all_page_ids', 'pages') ) { $page_ids = $wpdb->get_col("SELECT ID FROM $wpdb->posts WHERE post_type = 'page'"); - wp_cache_add('all_page_ids', $page_ids, 'posts'); + wp_cache_add('all_page_ids', $page_ids, 'pages'); } return $page_ids; @@ -950,14 +973,57 @@ function get_all_page_ids() { // Retrieves page data given a page ID or page object. // Handles page caching. function &get_page(&$page, $output = OBJECT, $filter = 'raw') { + global $wpdb, $blog_id; + if ( empty($page) ) { - if ( isset( $GLOBALS['page'] ) && isset( $GLOBALS['page']->ID ) ) - return get_post($GLOBALS['page'], $output, $filter); - else - return null; + if ( isset( $GLOBALS['page'] ) && isset( $GLOBALS['page']->ID ) ) { + $_page = & $GLOBALS['page']; + wp_cache_add($_page->ID, $_page, 'pages'); + } else { + // shouldn't we just return NULL at this point? ~ Mark + $_page = null; + } + } elseif ( is_object($page) ) { + if ( 'post' == $page->post_type ) + return get_post($page, $output, $filter); + wp_cache_add($page->ID, $page, 'pages'); + $_page = $page; + } else { + $page = (int) $page; + // first, check the cache + if ( ! ( $_page = wp_cache_get($page, 'pages') ) ) { + // not in the page cache? + if ( isset($GLOBALS['page']->ID) && ($page == $GLOBALS['page']->ID) ) { // for is_page() views + // I don't think this code ever gets executed ~ Mark + $_page = & $GLOBALS['page']; + wp_cache_add($_page->ID, $_page, 'pages'); + } elseif ( isset($GLOBALS['post_cache'][$blog_id][$page]) ) { // it's actually a page, and is cached + return get_post($page, $output, $filter); + } else { // it's not in any caches, so off to the DB we go + // Why are we using assignment for this query? + $_page = & $wpdb->get_row("SELECT * FROM $wpdb->posts WHERE ID= '$page' LIMIT 1"); + if ( 'post' == $_page->post_type ) + return get_post($_page, $output, $filter); + // Potential issue: we're not checking to see if the post_type = 'page' + // So all non-'post' posts will get cached as pages. + wp_cache_add($_page->ID, $_page, 'pages'); + } + } } - return get_post($page, $output, $filter); + $_page = sanitize_post($_page, $filter); + + // at this point, one way or another, $_post contains the page object + + if ( $output == OBJECT ) { + return $_page; + } elseif ( $output == ARRAY_A ) { + return get_object_vars($_page); + } elseif ( $output == ARRAY_N ) { + return array_values(get_object_vars($_page)); + } else { + return $_page; + } } function get_page_by_path($page_path, $output = OBJECT) { @@ -971,7 +1037,7 @@ function get_page_by_path($page_path, $output = OBJECT) { foreach($page_paths as $pathdir) $full_path .= ($pathdir!=''?'/':'') . sanitize_title($pathdir); - $pages = $wpdb->get_results( $wpdb->prepare( "SELECT ID, post_name, post_parent FROM $wpdb->posts WHERE post_name = %s AND post_type='page'", $leaf_path )); + $pages = $wpdb->get_results("SELECT ID, post_name, post_parent FROM $wpdb->posts WHERE post_name = '$leaf_path' AND post_type='page'"); if ( empty($pages) ) return NULL; @@ -980,7 +1046,7 @@ function get_page_by_path($page_path, $output = OBJECT) { $path = '/' . $leaf_path; $curpage = $page; while ($curpage->post_parent != 0) { - $curpage = $wpdb->get_row( $wpdb->prepare( "SELECT ID, post_name, post_parent FROM $wpdb->posts WHERE ID = %d and post_type='page'", $curpage->post_parent )); + $curpage = $wpdb->get_row("SELECT ID, post_name, post_parent FROM $wpdb->posts WHERE ID = '$curpage->post_parent' and post_type='page'"); $path = '/' . $curpage->post_name . $path; } @@ -993,7 +1059,8 @@ function get_page_by_path($page_path, $output = OBJECT) { function get_page_by_title($page_title, $output = OBJECT) { global $wpdb; - $page = $wpdb->get_var( $wpdb->prepare( "SELECT ID FROM $wpdb->posts WHERE post_title = %s AND post_type='page'", $page_title )); + $page_title = $wpdb->escape($page_title); + $page = $wpdb->get_var("SELECT ID FROM $wpdb->posts WHERE post_title = '$page_title' AND post_type='page'"); if ( $page ) return get_page($page, $output); @@ -1001,6 +1068,11 @@ function get_page_by_title($page_title, $output = OBJECT) { } function &get_page_children($page_id, $pages) { + global $page_cache, $blog_id; + + if ( empty($pages) ) + $pages = &$page_cache[$blog_id]; + $page_list = array(); foreach ( $pages as $page ) { if ( $page->post_parent == $page_id ) { @@ -1057,7 +1129,7 @@ function &get_pages($args = '') { extract( $r, EXTR_SKIP ); $key = md5( serialize( $r ) ); - if ( $cache = wp_cache_get( 'get_pages', 'posts' ) ) + if ( $cache = wp_cache_get( 'get_pages', 'page' ) ) if ( isset( $cache[ $key ] ) ) return apply_filters('get_pages', $cache[ $key ], $r ); @@ -1071,9 +1143,9 @@ function &get_pages($args = '') { if ( count($incpages) ) { foreach ( $incpages as $incpage ) { if (empty($inclusions)) - $inclusions = $wpdb->prepare(' AND ( ID = %d ', $incpage); + $inclusions = ' AND ( ID = ' . intval($incpage) . ' '; else - $inclusions .= $wpdb->prepare(' OR ID = %d ', $incpage); + $inclusions .= ' OR ID = ' . intval($incpage) . ' '; } } } @@ -1086,9 +1158,9 @@ function &get_pages($args = '') { if ( count($expages) ) { foreach ( $expages as $expage ) { if (empty($exclusions)) - $exclusions = $wpdb->prepare(' AND ( ID <> %d ', $expage); + $exclusions = ' AND ( ID <> ' . intval($expage) . ' '; else - $exclusions .= $wpdb->prepare(' AND ID <> %d ', $expage); + $exclusions .= ' AND ID <> ' . intval($expage) . ' '; } } } @@ -1112,9 +1184,9 @@ function &get_pages($args = '') { } if ( '' == $author_query ) - $author_query = $wpdb->prepare(' post_author = %d ', $post_author); + $author_query = ' post_author = ' . intval($post_author) . ' '; else - $author_query .= $wpdb->prepare(' OR post_author = %d ', $post_author); + $author_query .= ' OR post_author = ' . intval($post_author) . ' '; } if ( '' != $author_query ) $author_query = " AND ($author_query)"; @@ -1124,7 +1196,6 @@ function &get_pages($args = '') { $query = "SELECT * FROM $wpdb->posts " ; $query .= ( empty( $meta_key ) ? "" : ", $wpdb->postmeta " ) ; $query .= " WHERE (post_type = 'page' AND post_status = 'publish') $exclusions $inclusions " ; - // expected_slashed ($meta_key, $meta_value) -- also, it looks funky $query .= ( empty( $meta_key ) | empty($meta_value) ? "" : " AND ($wpdb->posts.ID = $wpdb->postmeta.post_id AND $wpdb->postmeta.meta_key = '$meta_key' AND $wpdb->postmeta.meta_value = '$meta_value' )" ) ; $query .= $author_query; $query .= " ORDER BY " . $sort_column . " " . $sort_order ; @@ -1141,7 +1212,7 @@ function &get_pages($args = '') { $pages = & get_page_children($child_of, $pages); $cache[ $key ] = $pages; - wp_cache_set( 'get_pages', $cache, 'posts' ); + wp_cache_set( 'get_pages', $cache, 'page' ); $pages = apply_filters('get_pages', $pages, $r); @@ -1165,7 +1236,7 @@ function generate_page_uri_index() { // URL => page name $uri = get_page_uri($id); - $attachments = $wpdb->get_results( $wpdb->prepare( "SELECT ID, post_name, post_parent FROM $wpdb->posts WHERE post_type = 'attachment' AND post_parent = %d", $id )); + $attachments = $wpdb->get_results("SELECT ID, post_name, post_parent FROM $wpdb->posts WHERE post_type = 'attachment' AND post_parent = '$id'"); if ( $attachments ) { foreach ( $attachments as $attachment ) { $attach_uri = get_page_uri($attachment->ID); @@ -1243,16 +1314,14 @@ function wp_insert_attachment($object, $file = false, $parent = 0) { else $post_name = sanitize_title($post_name); - // expected_slashed ($post_name) $post_name_check = - $wpdb->get_var( $wpdb->prepare( "SELECT post_name FROM $wpdb->posts WHERE post_name = '$post_name' AND post_status = 'inherit' AND ID != %d LIMIT 1", $post_ID)); + $wpdb->get_var("SELECT post_name FROM $wpdb->posts WHERE post_name = '$post_name' AND post_status = 'inherit' AND ID != '$post_ID' LIMIT 1"); if ($post_name_check) { $suffix = 2; while ($post_name_check) { $alt_post_name = $post_name . "-$suffix"; - // expected_slashed ($alt_post_name, $post_name) - $post_name_check = $wpdb->get_var( $wpdb->prepare( "SELECT post_name FROM $wpdb->posts WHERE post_name = '$alt_post_name' AND post_status = 'inherit' AND ID != %d AND post_parent = %d LIMIT 1", $post_ID, $post_parent)); + $post_name_check = $wpdb->get_var("SELECT post_name FROM $wpdb->posts WHERE post_name = '$alt_post_name' AND post_status = 'inherit' AND ID != '$post_ID' AND post_parent = '$post_parent' LIMIT 1"); $suffix++; } $post_name = $alt_post_name; @@ -1293,20 +1362,43 @@ function wp_insert_attachment($object, $file = false, $parent = 0) { if ( ! isset($pinged) ) $pinged = ''; - // expected_slashed (everything!) - $data = compact( array( 'post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_content_filtered', 'post_title', 'post_excerpt', 'post_status', 'post_type', 'comment_status', 'ping_status', 'post_password', 'post_name', 'to_ping', 'pinged', 'post_modified', 'post_modified_gmt', 'post_parent', 'menu_order', 'post_mime_type', 'guid' ) ); - $data = stripslashes_deep( $data ); - - if ( $update ) { - $wpdb->update( $wpdb->posts, $data, array( 'ID' => $post_ID ) ); + if ($update) { + $wpdb->query( + "UPDATE $wpdb->posts SET + post_author = '$post_author', + post_date = '$post_date', + post_date_gmt = '$post_date_gmt', + post_content = '$post_content', + post_content_filtered = '$post_content_filtered', + post_title = '$post_title', + post_excerpt = '$post_excerpt', + post_status = '$post_status', + post_type = '$post_type', + comment_status = '$comment_status', + ping_status = '$ping_status', + post_password = '$post_password', + post_name = '$post_name', + to_ping = '$to_ping', + pinged = '$pinged', + post_modified = '".current_time('mysql')."', + post_modified_gmt = '".current_time('mysql',1)."', + post_parent = '$post_parent', + menu_order = '$menu_order', + post_mime_type = '$post_mime_type', + guid = '$guid' + WHERE ID = $post_ID"); } else { - $wpdb->insert( $wpdb->posts, $data ); - $post_ID = (int) $wpdb->insert_id; + $wpdb->query( + "INSERT INTO $wpdb->posts + (post_author, post_date, post_date_gmt, post_content, post_content_filtered, post_title, post_excerpt, post_status, post_type, comment_status, ping_status, post_password, post_name, to_ping, pinged, post_modified, post_modified_gmt, post_parent, menu_order, post_mime_type, guid) + VALUES + ('$post_author', '$post_date', '$post_date_gmt', '$post_content', '$post_content_filtered', '$post_title', '$post_excerpt', '$post_status', '$post_type', '$comment_status', '$ping_status', '$post_password', '$post_name', '$to_ping', '$pinged', '$post_date', '$post_date_gmt', '$post_parent', '$menu_order', '$post_mime_type', '$guid')"); + $post_ID = (int) $wpdb->insert_id; } if ( empty($post_name) ) { $post_name = sanitize_title($post_title, $post_ID); - $wpdb->update( $wpdb->posts, compact( $post_name ), array( 'ID' => $post_ID ) ); + $wpdb->query( "UPDATE $wpdb->posts SET post_name = '$post_name' WHERE ID = '$post_ID'" ); } wp_set_post_categories($post_ID, $post_category); @@ -1327,8 +1419,9 @@ function wp_insert_attachment($object, $file = false, $parent = 0) { function wp_delete_attachment($postid) { global $wpdb; + $postid = (int) $postid; - if ( !$post = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM $wpdb->posts WHERE ID = %d", $postid)) ) + if ( !$post = $wpdb->get_row("SELECT * FROM $wpdb->posts WHERE ID = '$postid'") ) return $post; if ( 'attachment' != $post->post_type ) @@ -1340,15 +1433,15 @@ function wp_delete_attachment($postid) { // TODO delete for pluggable post taxonomies too wp_delete_object_term_relationships($postid, array('category', 'post_tag')); - $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->posts WHERE ID = %d", $postid )); + $wpdb->query("DELETE FROM $wpdb->posts WHERE ID = '$postid'"); - $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->comments WHERE comment_post_ID = %d", $postid )); + $wpdb->query("DELETE FROM $wpdb->comments WHERE comment_post_ID = '$postid'"); - $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->postmeta WHERE post_id = %d ", $postid )); + $wpdb->query("DELETE FROM $wpdb->postmeta WHERE post_id = '$postid'"); if ( ! empty($meta['thumb']) ) { // Don't delete the thumb if another attachment uses it - if (! $wpdb->get_row( $wpdb->prepare( "SELECT meta_id FROM $wpdb->postmeta WHERE meta_key = '_wp_attachment_metadata' AND meta_value LIKE %s AND post_id <> %d", '%'.$meta['thumb'].'%', $postid)) ) { + if (! $wpdb->get_row("SELECT meta_id FROM $wpdb->postmeta WHERE meta_key = '_wp_attachment_metadata' AND meta_value LIKE '%".$wpdb->escape($meta['thumb'])."%' AND post_id <> $postid")) { $thumbfile = str_replace(basename($file), $meta['thumb'], $file); $thumbfile = apply_filters('wp_delete_file', $thumbfile); @ unlink($thumbfile); @@ -1360,8 +1453,6 @@ function wp_delete_attachment($postid) { if ( ! empty($file) ) @ unlink($file); - clean_post_cache($postid); - do_action('delete_attachment', $postid); return $post; @@ -1619,105 +1710,118 @@ function get_lastpostmodified($timezone = 'server') { // function update_post_cache(&$posts) { + global $post_cache, $blog_id; + if ( !$posts ) return; - foreach ( $posts as $post ) - wp_cache_add($post->ID, $post, 'posts'); + for ($i = 0; $i < count($posts); $i++) { + $post_cache[$blog_id][$posts[$i]->ID] = &$posts[$i]; + } } function clean_post_cache($id) { - wp_cache_delete($id, 'posts'); - wp_cache_delete($id, 'post_meta'); + global $post_cache, $post_meta_cache, $post_term_cache, $blog_id; - clean_object_term_cache($id, 'post'); + if ( isset( $post_cache[$blog_id][$id] ) ) + unset( $post_cache[$blog_id][$id] ); + + if ( isset ($post_meta_cache[$blog_id][$id] ) ) + unset( $post_meta_cache[$blog_id][$id] ); - do_action('clean_post_cache', $id); + clean_object_term_cache($id, 'post'); } function update_page_cache(&$pages) { - update_post_cache($pages); + global $page_cache, $blog_id; + + if ( !$pages ) + return; + + for ($i = 0; $i < count($pages); $i++) { + $page_cache[$blog_id][$pages[$i]->ID] = &$pages[$i]; + wp_cache_add($pages[$i]->ID, $pages[$i], 'pages'); + } } function clean_page_cache($id) { - clean_post_cache($id); + global $page_cache, $blog_id; - wp_cache_delete( 'all_page_ids', 'posts' ); - wp_cache_delete( 'get_pages', 'posts' ); + if ( isset( $page_cache[$blog_id][$id] ) ) + unset( $page_cache[$blog_id][$id] ); - do_action('clean_page_cache', $id); + wp_cache_delete($id, 'pages'); + wp_cache_delete( 'all_page_ids', 'pages' ); + wp_cache_delete( 'get_pages', 'page' ); } function update_post_caches(&$posts) { - global $wpdb; + global $post_cache; + global $wpdb, $blog_id; // No point in doing all this work if we didn't match any posts. if ( !$posts ) return; - update_post_cache($posts); - - $post_ids = array(); + // Get the categories for all the posts + for ($i = 0; $i < count($posts); $i++) { + $post_id_array[] = $posts[$i]->ID; + $post_cache[$blog_id][$posts[$i]->ID] = &$posts[$i]; + } - for ($i = 0; $i < count($posts); $i++) - $post_ids[] = $posts[$i]->ID; + $post_id_list = implode(',', $post_id_array); - update_object_term_cache($post_ids, 'post'); + update_object_term_cache($post_id_list, 'post'); - update_postmeta_cache($post_ids); + update_postmeta_cache($post_id_list); } -function update_postmeta_cache($post_ids) { - global $wpdb; - - if ( empty( $post_ids ) ) - return false; +function update_postmeta_cache($post_id_list = '') { + global $wpdb, $post_meta_cache, $blog_id; - if ( !is_array($post_ids) ) { - $post_ids = preg_replace('|[^0-9,]|', '', $post_ids); - $post_ids = explode(',', $post_ids); - } + // We should validate this comma-separated list for the upcoming SQL query + $post_id_list = preg_replace('|[^0-9,]|', '', $post_id_list); - $post_ids = array_map('intval', $post_ids); + if ( empty( $post_id_list ) ) + return false; - $ids = array(); - foreach ( (array) $post_ids as $id ) { - if ( false === wp_cache_get($id, 'post_meta') ) - $ids[] = $id; + // we're marking each post as having its meta cached (with no keys... empty array), to prevent posts with no meta keys from being queried again + // any posts that DO have keys will have this empty array overwritten with a proper array, down below + $post_id_array = (array) explode(',', $post_id_list); + $count = count( $post_id_array); + for ( $i = 0; $i < $count; $i++ ) { + $post_id = (int) $post_id_array[ $i ]; + if ( isset( $post_meta_cache[$blog_id][$post_id] ) ) { // If the meta is already cached + unset( $post_id_array[ $i ] ); + continue; + } + $post_meta_cache[$blog_id][$post_id] = array(); } - - if ( empty( $ids ) ) - return false; + if ( count( $post_id_array ) == 0 ) + return; + $post_id_list = join( ',', $post_id_array ); // with already cached stuff removeds // Get post-meta info - $id_list = join(',', $ids); - $cache = array(); - if ( $meta_list = $wpdb->get_results("SELECT post_id, meta_key, meta_value FROM $wpdb->postmeta WHERE post_id IN ($id_list) ORDER BY post_id, meta_key", ARRAY_A) ) { - foreach ( (array) $meta_list as $metarow) { + if ( $meta_list = $wpdb->get_results("SELECT post_id, meta_key, meta_value FROM $wpdb->postmeta WHERE post_id IN($post_id_list) ORDER BY post_id, meta_key", ARRAY_A) ) { + // Change from flat structure to hierarchical: + if ( !isset($post_meta_cache) ) + $post_meta_cache[$blog_id] = array(); + + foreach ($meta_list as $metarow) { $mpid = (int) $metarow['post_id']; $mkey = $metarow['meta_key']; $mval = $metarow['meta_value']; // Force subkeys to be array type: - if ( !isset($cache[$mpid]) || !is_array($cache[$mpid]) ) - $cache[$mpid] = array(); - if ( !isset($cache[$mpid][$mkey]) || !is_array($cache[$mpid][$mkey]) ) - $cache[$mpid][$mkey] = array(); + if ( !isset($post_meta_cache[$blog_id][$mpid]) || !is_array($post_meta_cache[$blog_id][$mpid]) ) + $post_meta_cache[$blog_id][$mpid] = array(); + if ( !isset($post_meta_cache[$blog_id][$mpid]["$mkey"]) || !is_array($post_meta_cache[$blog_id][$mpid]["$mkey"]) ) + $post_meta_cache[$blog_id][$mpid]["$mkey"] = array(); // Add a value to the current pid/key: - $cache[$mpid][$mkey][] = $mval; + $post_meta_cache[$blog_id][$mpid][$mkey][] = $mval; } } - - foreach ( (array) $ids as $id ) { - if ( ! isset($cache[$id]) ) - $cache[$id] = array(); - } - - foreach ( array_keys($cache) as $post) - wp_cache_set($post, $cache[$post], 'post_meta'); - - return $cache; } // @@ -1729,7 +1833,7 @@ function _transition_post_status($new_status, $old_status, $post) { if ( $old_status != 'publish' && $new_status == 'publish' ) { // Reset GUID if transitioning to publish. - $wpdb->update( $wpdb->posts, array( 'guid' => get_permalink( $post->ID ) ), array( 'ID' => $post->ID ) ); + $wpdb->query("UPDATE $wpdb->posts SET guid = '" . get_permalink($post->ID) . "' WHERE ID = '$post->ID'"); do_action('private_to_published', $post->ID); // Deprecated, use private_to_publish } @@ -1756,10 +1860,17 @@ function _publish_post_hook($post_id) { $post = get_post($post_id); - $data = array( 'post_id' => $post_id, 'meta_value' => '1' ); if ( get_option('default_pingback_flag') ) - $wpdb->insert( $wpdb->postmeta, $data + array( 'meta_key' => '_pingme' ) ); - $wpdb->insert( $wpdb->postmeta, $data + array( 'meta_key' => '_encloseme' ) ); + $result = $wpdb->query(" + INSERT INTO $wpdb->postmeta + (post_id,meta_key,meta_value) + VALUES ('$post_id','_pingme','1') + "); + $result = $wpdb->query(" + INSERT INTO $wpdb->postmeta + (post_id,meta_key,meta_value) + VALUES ('$post_id','_encloseme','1') + "); wp_schedule_single_event(time(), 'do_pings'); } diff --git a/wp-includes/query.php b/wp-includes/query.php index fad901a..61a78f6 100644 --- a/wp-includes/query.php +++ b/wp-includes/query.php @@ -998,7 +998,14 @@ class WP_Query { }
} else {
$q['tag'] = sanitize_term_field('slug', $q['tag'], 0, 'post_tag', 'db');
- $q['tag_slug__in'][] = $q['tag'];
+ $reqtag = is_term( $q['tag'], 'post_tag' );
+ if ( !empty($reqtag) )
+ $reqtag = $reqtag['term_id'];
+ else
+ $reqtag = 0;
+
+ $q['tag_id'] = $reqtag;
+ $q['tag__in'][] = $reqtag;
}
}
diff --git a/wp-includes/registration.php b/wp-includes/registration.php index c535983..c5b0fb1 100644 --- a/wp-includes/registration.php +++ b/wp-includes/registration.php @@ -21,7 +21,8 @@ function username_exists( $username ) { */ function email_exists( $email ) { global $wpdb; - return $wpdb->get_var( $wpdb->prepare( "SELECT ID FROM $wpdb->users WHERE user_email = %s", $email) ); + $email = $wpdb->escape( $email ); + return $wpdb->get_var( "SELECT ID FROM $wpdb->users WHERE user_email = '$email'" ); } /** @@ -97,13 +98,18 @@ function wp_insert_user($userdata) { if ( empty($user_registered) ) $user_registered = gmdate('Y-m-d H:i:s'); - $data = compact( 'user_pass', 'user_email', 'user_url', 'user_nicename', 'display_name' ); - if ( $update ) { - $wpdb->update( $wpdb->users, $data, compact( 'ID' ) ); + $query = "UPDATE $wpdb->users SET user_pass='$user_pass', user_email='$user_email', user_url='$user_url', user_nicename = '$user_nicename', display_name = '$display_name' WHERE ID = '$ID'"; + $query = apply_filters('update_user_query', $query); + $wpdb->query( $query ); $user_id = (int) $ID; } else { - $wpdb->insert( $wpdb->users, $data + compact( 'user_login' ) ); + $query = "INSERT INTO $wpdb->users + (user_login, user_pass, user_email, user_url, user_registered, user_nicename, display_name) + VALUES + ('$user_login', '$user_pass', '$user_email', '$user_url', '$user_registered', '$user_nicename', '$display_name')"; + $query = apply_filters('create_user_query', $query); + $wpdb->query( $query ); $user_id = (int) $wpdb->insert_id; } @@ -139,10 +145,13 @@ function wp_insert_user($userdata) { /** * Update an user in the database. + * @global object $wpdb WordPress database layer. * @param array $userdata An array of user data. * @return int The updated user's ID. */ function wp_update_user($userdata) { + global $wpdb; + $ID = (int) $userdata['ID']; // First, get all of the original fields diff --git a/wp-includes/rss.php b/wp-includes/rss.php index d782a7a..8746767 100644 --- a/wp-includes/rss.php +++ b/wp-includes/rss.php @@ -667,10 +667,9 @@ class RSSCache { $cache_option = 'rss_' . $this->file_name( $url ); $cache_timestamp = 'rss_' . $this->file_name( $url ) . '_ts'; - // shouldn't these be using get_option() ? - if ( !$wpdb->get_var( $wpdb->prepare( "SELECT option_name FROM $wpdb->options WHERE option_name = %s", $cache_option ) ) ) + if ( !$wpdb->get_var("SELECT option_name FROM $wpdb->options WHERE option_name = '$cache_option'") ) add_option($cache_option, '', '', 'no'); - if ( !$wpdb->get_var( $wpdb->prepare( "SELECT option_name FROM $wpdb->options WHERE option_name = %s", $cache_timestamp ) ) ) + if ( !$wpdb->get_var("SELECT option_name FROM $wpdb->options WHERE option_name = '$cache_timestamp'") ) add_option($cache_timestamp, '', '', 'no'); update_option($cache_option, $rss); diff --git a/wp-includes/script-loader.php b/wp-includes/script-loader.php index 2e1365c..f8c83d0 100644 --- a/wp-includes/script-loader.php +++ b/wp-includes/script-loader.php @@ -61,11 +61,6 @@ class WP_Scripts { 'delText' => __('Are you sure you want to delete this %thing%?') ) ); - $this->add( 'wp-lists', '/wp-includes/js/wp-lists.js', array('jquery'), '20071023' ); - $this->localize( 'wp-lists', 'wpListL10n', array( - 'url' => get_option( 'siteurl' ) . '/wp-admin/admin-ajax.php' - ) ); - $this->add( 'scriptaculous-root', '/wp-includes/js/scriptaculous/scriptaculous.js', array('prototype'), '1.7.1-b3'); $this->add( 'scriptaculous-builder', '/wp-includes/js/scriptaculous/builder.js', array('scriptaculous-root'), '1.7.1-b3'); $this->add( 'scriptaculous-dragdrop', '/wp-includes/js/scriptaculous/dragdrop.js', array('scriptaculous-builder', 'scriptaculous-effects'), '1.7.1-b3'); @@ -110,16 +105,20 @@ class WP_Scripts { 'toggleKey' => __(', or press the enter key to %toggle% it'), ) ); } - $this->add( 'ajaxcat', '/wp-admin/js/cat.js', array( 'wp-lists' ), '20070823' ); + $this->add( 'ajaxcat', '/wp-admin/js/cat.js', array('listman'), '20070724' ); $this->localize( 'ajaxcat', 'catL10n', array( 'add' => attribute_escape(__('Add')), 'how' => __('Separate multiple categories with commas.') ) ); - $this->add( 'admin-categories', '/wp-admin/js/categories.js', array('wp-lists'), '20070823' ); - $this->add( 'admin-custom-fields', '/wp-admin/js/custom-fields.js', array('wp-lists'), '20070823' ); - $this->add( 'admin-comments', '/wp-admin/js/edit-comments.js', array('wp-lists'), '20070822' ); - $this->add( 'admin-posts', '/wp-admin/js/edit-posts.js', array('wp-lists'), '20071023' ); - $this->add( 'admin-users', '/wp-admin/js/users.js', array('wp-lists'), '20070823' ); + $this->add( 'ajaxlinkcat', '/wp-admin/js/link-cat.js', array('listman'), '200700601' ); + $this->localize( 'ajaxlinkcat', 'linkcatL10n', array( + 'add' => attribute_escape(__('Add')), + 'how' => __('Separate multiple categories with commas.') + ) ); + $this->add( 'admin-categories', '/wp-admin/js/categories.js', array('listman'), '3684' ); + $this->add( 'admin-custom-fields', '/wp-admin/js/custom-fields.js', array('listman'), '3733' ); + $this->add( 'admin-comments', '/wp-admin/js/edit-comments.js', array('listman'), '20070327' ); + $this->add( 'admin-users', '/wp-admin/js/users.js', array('listman'), '4583' ); $this->add( 'xfn', '/wp-admin/js/xfn.js', false, '3517' ); $this->add( 'upload', '/wp-admin/js/upload.js', array('jquery'), '20070518' ); $this->localize( 'upload', 'uploadL10n', array( @@ -179,8 +178,8 @@ class WP_Scripts { $src = add_query_arg('ver', $ver, $src); $src = clean_url(apply_filters( 'script_loader_src', $src )); - $this->print_scripts_l10n( $handle ); echo "<script type='text/javascript' src='$src'></script>\n"; + $this->print_scripts_l10n( $handle ); } $this->printed[] = $handle; } diff --git a/wp-includes/taxonomy.php b/wp-includes/taxonomy.php index 3bc1429..ea9fae6 100644 --- a/wp-includes/taxonomy.php +++ b/wp-includes/taxonomy.php @@ -1,18 +1,11 @@ <?php -/** - * @package WordPress - * @subpackage Taxonomy - * @since 2.3 - */ // // Taxonomy Registration // /** - * Default Taxonomy Objects - * @since 2.3 - * @global array $wp_taxonomies + * @global array $wp_taxonomies Fill me out please */ $wp_taxonomies = array(); $wp_taxonomies['category'] = (object) array('name' => 'category', 'object_type' => 'post', 'hierarchical' => true, 'update_count_callback' => '_update_post_term_count'); @@ -25,17 +18,20 @@ $wp_taxonomies['link_category'] = (object) array('name' => 'link_category', 'obj * It appears that this function can be used to find all of the names inside of * $wp_taxonomies global variable. * - * <code><?php $taxonomies = get_object_taxonomies('post'); ?></code> - * Should result in <code>Array('category', 'post_tag')</code> - * - * @package WordPress - * @subpackage Taxonomy - * @since 2.3 - * - * @uses $wp_taxonomies + * @example + * <?php $taxonomies = get_object_taxonomies('post'); ?> + * Should result in <pre>Array( + * 'category', + * 'post_tag' + * )</pre> * + * @package Taxonomy + * @global array $wp_taxonomies * @param string $object_type Name of the type of taxonomy object - * @return array The names of all taxonomy of $object_type. + * @return array The names of all within the object_type. + * + * @internal + * This is all conjecture and might be partially or completely inaccurate. */ function get_object_taxonomies($object_type) { global $wp_taxonomies; @@ -50,20 +46,18 @@ function get_object_taxonomies($object_type) { } /** - * get_taxonomy() - Returns the taxonomy object of $taxonomy. + * get_taxonomy() - Returns the "taxonomy" object of $taxonomy. * * The get_taxonomy function will first check that the parameter string given * is a taxonomy object and if it is, it will return it. * - * @package WordPress - * @subpackage Taxonomy - * @since 2.3 - * - * @uses $wp_taxonomies - * @uses is_taxonomy() Checks whether taxonomy exists - * + * @package Taxonomy + * @global array $wp_taxonomies * @param string $taxonomy Name of taxonomy object to return - * @return object|bool The Taxonomy Object or false if $taxonomy doesn't exist + * @return object|bool The Taxonomy Object or false if taxonomy doesn't exist + * + * @internal + * This is all conjecture and might be partially or completely inaccurate. */ function get_taxonomy( $taxonomy ) { global $wp_taxonomies; @@ -77,14 +71,13 @@ function get_taxonomy( $taxonomy ) { /** * is_taxonomy() - Checks that the taxonomy name exists * - * @package WordPress - * @subpackage Taxonomy - * @since 2.3 - * - * @uses $wp_taxonomies - * + * @package Taxonomy + * @global array $wp_taxonomies * @param string $taxonomy Name of taxonomy object * @return bool Whether the taxonomy exists or not. + * + * @internal + * This is all conjecture and might be partially or completely inaccurate. */ function is_taxonomy( $taxonomy ) { global $wp_taxonomies; @@ -98,17 +91,15 @@ function is_taxonomy( $taxonomy ) { * Checks to make sure that the taxonomy is an object first. Then Gets the object, and finally * returns the hierarchical value in the object. * - * A false return value might also mean that the taxonomy does not exist. - * - * @package WordPress - * @subpackage Taxonomy - * @since 2.3 - * - * @uses is_taxonomy() Checks whether taxonomy exists - * @uses get_taxonomy() Used to get the taxonomy object + * A false return value, might also mean that the taxonomy does not exist. * + * @package Taxonomy + * @global array $wp_taxonomies * @param string $taxonomy Name of taxonomy object * @return bool Whether the taxonomy is hierarchical + * + * @internal + * This is all conjecture and might be partially or completely inaccurate. */ function is_taxonomy_hierarchical($taxonomy) { if ( ! is_taxonomy($taxonomy) ) @@ -129,20 +120,20 @@ function is_taxonomy_hierarchical($taxonomy) { * functions to still work. It is possible to overwrite the default set, which contains two * keys: hierarchical and update_count_callback. * - * Nothing is returned, so expect error maybe or use is_taxonomy() to check whether taxonomy exists. + * hierarachical has some defined purpose at other parts of the API and is a boolean value. * - * Optional $args contents: - * hierarachical - has some defined purpose at other parts of the API and is a boolean value. - * update_count_callback - works much like a hook, in that it will be called when the count is updated. + * update_count_callback works much like a hook, in that it will be called (or something from + * somewhere). * - * @package WordPress - * @subpackage Taxonomy - * @since 2.3 - * @uses $wp_taxonomies Inserts new taxonomy object into the list - * + * @package Taxonomy + * @global array $wp_taxonomies * @param string $taxonomy Name of taxonomy object * @param string $object_type Name of the object type for the taxonomy object. * @param array|string $args See above description for the two keys values. + * @return null Nothing is returned, so expect error maybe or use is_taxonomy() to check. + * + * @internal + * This is all conjecture and might be partially or completely inaccurate. */ function register_taxonomy( $taxonomy, $object_type, $args = array() ) { global $wp_taxonomies; @@ -173,18 +164,18 @@ function register_taxonomy( $taxonomy, $object_type, $args = array() ) { * functions or using the database by using $args with either ASC or DESC array. The value should * be in the key named 'order'. * - * @package WordPress - * @subpackage Taxonomy - * @since 2.3 - * - * @uses $wpdb - * @uses wp_parse_args() Creates an array from string $args. - * + * @package Taxonomy + * @subpackage Term + * @global object $wpdb Database Query * @param string|array $terms String of term or array of string values of terms that will be used * @param string|array $taxonomies String of taxonomy name or Array of string values of taxonomy names * @param array|string $args Change the order of the object_ids, either ASC or DESC - * @return WP_Error|array If the taxonomy does not exist, then WP_Error will be returned. On success - * the array can be empty meaning that there are no $object_ids found or it will return the $object_ids found. + * @return object WP_Error - A PHP 4 compatible Exception class prototype + * @return array Empty array if there are no $object_ids + * @return array Array of $object_ids + * + * @internal + * This is all conjecture and might be partially or completely inaccurate. */ function get_objects_in_term( $terms, $taxonomies, $args = array() ) { global $wpdb; @@ -204,8 +195,6 @@ function get_objects_in_term( $terms, $taxonomies, $args = array() ) { $args = wp_parse_args( $args, $defaults ); extract($args, EXTR_SKIP); - $order = ( 'desc' == strtolower($order) ) ? 'DESC' : 'ASC'; - $terms = array_map('intval', $terms); $taxonomies = "'" . implode("', '", $taxonomies) . "'"; @@ -220,39 +209,21 @@ function get_objects_in_term( $terms, $taxonomies, $args = array() ) { } /** - * get_term() - Get all Term data from database by Term ID. - * - * The usage of the get_term function is to apply filters to a term object. - * It is possible to get a term object from the database before applying the - * filters. + * get_term() - * - * $term ID must be part of $taxonomy, to get from the database. Failure, might be - * able to be captured by the hooks. Failure would be the same value as $wpdb returns for the - * get_row method. * - * There are two hooks, one is specifically for each term, named 'get_term', and the second is - * for the taxonomy name, 'term_$taxonomy'. Both hooks gets the term object, and the taxonomy - * name as parameters. Both hooks are expected to return a Term object. * - * 'get_term' hook - Takes two parameters the term Object and the taxonomy name. Must return - * term object. Used in @see get_term() as a catch-all filter for every $term. + * @package Taxonomy + * @subpackage Term + * @global object $wpdb Database Query + * @param int|object $term + * @param string $taxonomy + * @param string $output Either OBJECT, ARRAY_A, or ARRAY_N + * @return mixed Term Row from database * - * 'get_$taxonomy' hook - Takes two parameters the term Object and the taxonomy name. Must return - * term object. $taxonomy will be the taxonomy name, so for example, if 'category', it would be - * 'get_category' as the filter name. Useful for custom taxonomies or plugging into default taxonomies. - * - * @package WordPress - * @subpackage Taxonomy - * @since 2.3 - * - * @uses $wpdb - * - * @param int|object $term If integer, will get from database. If object will apply filters and return $term. - * @param string $taxonomy Taxonomy name that $term is part of. - * @param string $output Constant OBJECT, ARRAY_A, or ARRAY_N - * @param string $filter {@internal Missing Description}} - * @return mixed|null|WP_Error Term Row from database. Will return null if $term is empty. If taxonomy does not - * exist then WP_Error will be returned. + * @internal + * This won't appear but just a note to say that this is all conjecture and parts or whole + * might be inaccurate or wrong. */ function &get_term($term, $taxonomy, $output = OBJECT, $filter = 'raw') { global $wpdb; @@ -269,12 +240,29 @@ function &get_term($term, $taxonomy, $output = OBJECT, $filter = 'raw') { } else { $term = (int) $term; if ( ! $_term = wp_cache_get($term, $taxonomy) ) { - $_term = $wpdb->get_row( $wpdb->prepare( "SELECT t.*, tt.* FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy AS tt ON t.term_id = tt.term_id WHERE tt.taxonomy = %s AND t.term_id = %s LIMIT 1", $taxonomy, $term) ); + $_term = $wpdb->get_row("SELECT t.*, tt.* FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy AS tt ON t.term_id = tt.term_id WHERE tt.taxonomy = '$taxonomy' AND t.term_id = '$term' LIMIT 1"); wp_cache_add($term, $_term, $taxonomy); } } + /** + * @internal + * Filter tag is basically: filter 'type' 'hook_name' 'description' + * + * Takes two parameters the term Object and the taxonomy name. Must return term object. + * @filter object get_term Used in @see get_term() as a catch-all filter for every $term + */ $_term = apply_filters('get_term', $_term, $taxonomy); + /** + * @internal + * Filter tag is basically: filter 'type' 'hook_name' 'description' + * + * Takes two parameters the term Object and the taxonomy name. Must return term object. + * $taxonomy will be the taxonomy name, so for example, if 'category', it would be 'get_category' + * as the filter name. + * Useful for custom taxonomies or plugging into default taxonomies. + * @filter object get_$taxonomy Used in @see get_term() as specific filter for each $taxonomy. + */ $_term = apply_filters("get_$taxonomy", $_term, $taxonomy); $_term = sanitize_term($_term, $taxonomy, $filter); @@ -290,28 +278,22 @@ function &get_term($term, $taxonomy, $output = OBJECT, $filter = 'raw') { } /** - * get_term_by() - Get all Term data from database by Term field and data. - * - * Warning: $value is not escaped for 'name' $field. You must do it yourself, if required. - * - * The default $field is 'id', therefore it is possible to also use null for field, but not - * recommended that you do so. + * get_term_by() - * - * If $value does not exist, the return value will be false. If $taxonomy exists and $field - * and $value combinations exist, the Term will be returned. * - * @package WordPress - * @subpackage Taxonomy - * @since 2.3 * - * @uses $wpdb + * @package Taxonomy + * @subpackage Term + * @global object $wpdb Database Query + * @param string $field + * @param string $value + * @param string $taxonomy + * @param string $output Either OBJECT, ARRAY_A, or ARRAY_N + * @return mixed Term Row from database * - * @param string $field Either 'slug', 'name', or 'id' - * @param string|int $value Search for this term value - * @param string $taxonomy Taxonomy Name - * @param string $output Constant OBJECT, ARRAY_A, or ARRAY_N - * @param string $filter {@internal Missing Description}} - * @return mixed Term Row from database. Will return false if $taxonomy does not exist or $term was not found. + * @internal + * This won't appear but just a note to say that this is all conjecture and parts or whole + * might be inaccurate or wrong. */ function get_term_by($field, $value, $taxonomy, $output = OBJECT, $filter = 'raw') { global $wpdb; @@ -332,7 +314,7 @@ function get_term_by($field, $value, $taxonomy, $output = OBJECT, $filter = 'raw $value = (int) $value; } - $term = $wpdb->get_row( $wpdb->prepare( "SELECT t.*, tt.* FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy AS tt ON t.term_id = tt.term_id WHERE tt.taxonomy = %s AND $field = %s LIMIT 1", $taxonomy, $value) ); + $term = $wpdb->get_row("SELECT t.*, tt.* FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy AS tt ON t.term_id = tt.term_id WHERE tt.taxonomy = '$taxonomy' AND $field = '$value' LIMIT 1"); if ( !$term ) return false; @@ -355,21 +337,19 @@ function get_term_by($field, $value, $taxonomy, $output = OBJECT, $filter = 'raw * get_term_children() - Merge all term children into a single array. * * This recursive function will merge all of the children of $term into - * the same array. Only useful for taxonomies which are hierarchical. + * the same array. * - * Will return an empty array if $term does not exist in $taxonomy. + * Only useful for taxonomies which are hierarchical. * - * @package WordPress - * @subpackage Taxonomy - * @since 2.3 - * - * @uses $wpdb - * @uses _get_term_hierarchy() - * @uses get_term_children() Used to get the children of both $taxonomy and the parent $term - * + * @package Taxonomy + * @subpackage Term + * @global object $wpdb Database Query * @param string $term Name of Term to get children * @param string $taxonomy Taxonomy Name - * @return array|WP_Error List of Term Objects. WP_Error returned if $taxonomy does not exist + * @return array List of Term Objects + * + * @internal + * This is all conjecture and might be partially or completely inaccurate. */ function get_term_children( $term, $taxonomy ) { if ( ! is_taxonomy($taxonomy) ) @@ -397,17 +377,16 @@ function get_term_children( $term, $taxonomy ) { * contextual reasons and for simplicity of usage. @see sanitize_term_field() for * more information. * - * @package WordPress - * @subpackage Taxonomy - * @since 2.3 - * - * @uses sanitize_term_field() Passes the return value in sanitize_term_field on success. - * + * @package Taxonomy + * @subpackage Term * @param string $field Term field to fetch * @param int $term Term ID * @param string $taxonomy Taxonomy Name - * @param string $context {@internal Missing Description}} - * @return mixed Will return an empty string if $term is not an object or if $field is not set in $term. + * @param string $context ?? + * @return mixed @see sanitize_term_field() + * + * @internal + * This is all conjecture and might be partially or completely inaccurate. */ function get_term_field( $field, $term, $taxonomy, $context = 'display' ) { $term = (int) $term; @@ -430,15 +409,14 @@ function get_term_field( $field, $term, $taxonomy, $context = 'display' ) { * Return value is @see sanitize_term() and usage is for sanitizing the term * for editing. Function is for contextual and simplicity. * - * @package WordPress - * @subpackage Taxonomy - * @since 2.3 - * - * @uses sanitize_term() Passes the return value on success - * + * @package Taxonomy + * @subpackage Term * @param int|object $id Term ID or Object * @param string $taxonomy Taxonomy Name - * @return mixed|null|WP_Error Will return empty string if $term is not an object. + * @return mixed @see sanitize_term() + * + * @internal + * This is all conjecture and might be partially or completely inaccurate. */ function get_term_to_edit( $id, $taxonomy ) { $term = get_term( $id, $taxonomy ); @@ -453,51 +431,18 @@ function get_term_to_edit( $id, $taxonomy ) { } /** - * get_terms() - Retrieve the terms in taxonomy or list of taxonomies. - * - * You can fully inject any customizations to the query before it is sent, as well as control - * the output with a filter. - * - * The 'get_terms' filter will be called when the cache has the term and will pass the found - * term along with the array of $taxonomies and array of $args. This filter is also called - * before the array of terms is passed and will pass the array of terms, along with the $taxonomies - * and $args. - * - * The 'list_terms_exclusions' filter passes the compiled exclusions along with the $args. - * - * The list that $args can contain, which will overwrite the defaults. - * orderby - Default is 'name'. Can be name, count, or nothing (will use term_id). - * order - Default is ASC. Can use DESC. - * hide_empty - Default is true. Will not return empty $terms. - * fields - Default is all. - * slug - Any terms that has this value. Default is empty string. - * hierarchical - Whether to return hierarchical taxonomy. Default is true. - * name__like - Default is empty string. - * - * The argument 'pad_counts' will count all of the children along with the $terms. - * - * The 'get' argument allows for overwriting 'hide_empty' and 'child_of', which can be done by - * setting the value to 'all', instead of its default empty string value. - * - * The 'child_of' argument will be used if you use multiple taxonomy or the first $taxonomy - * isn't hierarchical or 'parent' isn't used. The default is 0, which will be translated to - * a false value. If 'child_of' is set, then 'child_of' value will be tested against - * $taxonomy to see if 'child_of' is contained within. Will return an empty array if test - * fails. - * - * If 'parent' is set, then it will be used to test against the first taxonomy. Much like - * 'child_of'. Will return an empty array if the test fails. - * - * @package WordPress - * @subpackage Taxonomy - * @since 2.3 - * - * @uses $wpdb - * @uses wp_parse_args() Merges the defaults with those defined by $args and allows for strings. + * get_terms() - * + * + * + * @package Taxonomy + * @subpackage Term * @param string|array Taxonomy name or list of Taxonomy names - * @param string|array $args The values of what to search for when returning terms - * @return array|WP_Error List of Term Objects and their children. Will return WP_Error, if any of $taxonomies do not exist. + * @param string|array $args ?? + * @return array List of Term Objects and their children. + * + * @internal + * This is all conjecture and might be partially or completely inaccurate. */ function &get_terms($taxonomies, $args = '') { global $wpdb; @@ -521,7 +466,7 @@ function &get_terms($taxonomies, $args = '') { 'hierarchical' => true, 'child_of' => 0, 'get' => '', 'name__like' => '', 'pad_counts' => false); $args = wp_parse_args( $args, $defaults ); - $args['number'] = absint( $args['number'] ); + $args['number'] = (int) $args['number']; if ( !$single_taxonomy || !is_taxonomy_hierarchical($taxonomies[0]) || '' != $args['parent'] ) { $args['child_of'] = 0; @@ -559,10 +504,6 @@ function &get_terms($taxonomies, $args = '') { $orderby = 'tt.count'; else if ( 'name' == $orderby ) $orderby = 't.name'; - else if ( 'slug' == $orderby ) - $orderby = 't.slug'; - else if ( 'term_group' == $orderby ) - $orderby = 't.term_group'; else $orderby = 't.term_id'; @@ -681,12 +622,7 @@ function &get_terms($taxonomies, $args = '') { * * Returns the index of a defined term, or 0 (false) if the term doesn't exist. * - * @package WordPress - * @subpackage Taxonomy - * @since 2.3 - * - * @uses $wpdb - * + * @global $wpdb Database Object * @param int|string $term The term to check * @param string $taxonomy The taxonomy name to use * @return mixed Get the term id or Term Object, if exists. @@ -697,17 +633,19 @@ function is_term($term, $taxonomy = '') { if ( is_int($term) ) { if ( 0 == $term ) return 0; - $where = $wpdb->prepare( "t.term_id = %d", $term ); + $where = "t.term_id = '$term'"; } else { if ( ! $term = sanitize_title($term) ) return 0; - $where = $wpdb->prepare( "t.slug = %s", $term ); + $where = "t.slug = '$term'"; } - if ( !empty($taxonomy) ) - return $wpdb->get_row("SELECT tt.term_id, tt.term_taxonomy_id FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy as tt ON tt.term_id = t.term_id WHERE $where AND tt.taxonomy = '$taxonomy'", ARRAY_A); + $term_id = $wpdb->get_var("SELECT term_id FROM $wpdb->terms as t WHERE $where"); + + if ( empty($taxonomy) || empty($term_id) ) + return $term_id; - return $wpdb->get_var("SELECT term_id FROM $wpdb->terms as t WHERE $where"); + return $wpdb->get_row("SELECT tt.term_id, tt.term_taxonomy_id FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy as tt ON tt.term_id = t.term_id WHERE $where AND tt.taxonomy = '$taxonomy'", ARRAY_A); } /** @@ -719,15 +657,9 @@ function is_term($term, $taxonomy = '') { * * The $term is expected to be either an array or an object. * - * @package WordPress - * @subpackage Taxonomy - * @since 2.3 - * - * @uses sanitize_term_field Used to sanitize all fields in a term - * * @param array|object $term The term to check * @param string $taxonomy The taxonomy name to use - * @param string $context Default is 'display'. + * @param string $context Default is display * @return array|object Term with all fields sanitized */ function sanitize_term($term, $taxonomy, $context = 'display') { @@ -748,16 +680,11 @@ function sanitize_term($term, $taxonomy, $context = 'display') { } /** - * sanitize_term_field() - {@internal Missing Short Description}} - * - * {@internal Missing Long Description}} + * sanitize_term_field() - * - * @package WordPress - * @subpackage Taxonomy - * @since 2.3 * - * @uses $wpdb * + * @global object $wpdb Database Object * @param string $field Term field to sanitize * @param string $value Search for this term value * @param int $term_id Term ID @@ -804,16 +731,11 @@ function sanitize_term_field($field, $value, $term_id, $taxonomy, $context) { /** * wp_count_terms() - Count how many terms are in Taxonomy * - * Default $args is 'ignore_empty' which can be <code>'ignore_empty=true'</code> or - * <code>array('ignore_empty' => true);</code>. - * - * @package WordPress - * @subpackage Taxonomy - * @since 2.3 - * - * @uses $wpdb - * @uses wp_parse_args() Turns strings into arrays and merges defaults into an array. + * Default $args is 'ignore_empty' which can be @example 'ignore_empty=true' or + * @example array('ignore_empty' => true); See @see wp_parse_args() for more + * information on parsing $args. * + * @global object $wpdb Database Object * @param string $taxonomy Taxonomy name * @param array|string $args Overwrite defaults * @return int How many terms are in $taxonomy @@ -829,21 +751,16 @@ function wp_count_terms( $taxonomy, $args = array() ) { if ( $ignore_empty ) $where = 'AND count > 0'; - $taxonomy = $wpdb->escape( $taxonomy ); return $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->term_taxonomy WHERE taxonomy = '$taxonomy' $where"); } /** - * wp_delete_object_term_relationships() - {@internal Missing Short Description}} + * wp_delete_object_term_relationships() - * - * {@internal Missing Long Description}} * - * @package WordPress - * @subpackage Taxonomy - * @since 2.3 - * @uses $wpdb * - * @param int $object_id The term Object Id that refers to the term + * @global object $wpdb Database Object + * @param int $object_id ?? * @param string|array $taxonomy List of Taxonomy Names or single Taxonomy name. */ function wp_delete_object_term_relationships( $object_id, $taxonomies ) { @@ -863,19 +780,7 @@ function wp_delete_object_term_relationships( $object_id, $taxonomies ) { } /** - * wp_delete_term() - Removes a term from the database. - * - * {@internal Missing Long Description}} - * - * @package WordPress - * @subpackage Taxonomy - * @since 2.3 - * @uses $wpdb - * - * @param int $term Term ID - * @param string $taxonomy Taxonomy Name - * @param array|string $args Change Default - * @return bool Returns false if not term; true if completes delete action. + * Removes a term from the database. */ function wp_delete_term( $term, $taxonomy, $args = array() ) { global $wpdb; @@ -903,10 +808,10 @@ function wp_delete_term( $term, $taxonomy, $args = array() ) { return $term_obj; $parent = $term_obj->parent; - $wpdb->update( $wpdb->term_taxonomy, compact( 'parent' ), array( 'parent' => $term_obj->term_id) + compact( 'taxonomy' ) ); + $wpdb->query("UPDATE $wpdb->term_taxonomy SET parent = '$parent' WHERE parent = '$term_obj->term_id' AND taxonomy = '$taxonomy'"); } - $objects = $wpdb->get_col( $wpdb->prepare( "SELECT object_id FROM $wpdb->term_relationships WHERE term_taxonomy_id = %d", $tt_id ) ); + $objects = $wpdb->get_col("SELECT object_id FROM $wpdb->term_relationships WHERE term_taxonomy_id = '$tt_id'"); foreach ( (array) $objects as $object ) { $terms = wp_get_object_terms($object, $taxonomy, 'fields=ids'); @@ -918,34 +823,24 @@ function wp_delete_term( $term, $taxonomy, $args = array() ) { wp_set_object_terms($object, $terms, $taxonomy); } - $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->term_taxonomy WHERE term_taxonomy_id = %d", $tt_id ) ); + $wpdb->query("DELETE FROM $wpdb->term_taxonomy WHERE term_taxonomy_id = '$tt_id'"); // Delete the term if no taxonomies use it. - if ( !$wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM $wpdb->term_taxonomy WHERE term_id = %d", $term) ) ) - $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->terms WHERE term_id = %d", $term) ); + if ( !$wpdb->get_var("SELECT COUNT(*) FROM $wpdb->term_taxonomy WHERE term_id = '$term'") ) + $wpdb->query("DELETE FROM $wpdb->terms WHERE term_id = '$term'"); clean_term_cache($term, $taxonomy); - do_action('delete_term', $term, $tt_id, $taxonomy); do_action("delete_$taxonomy", $term, $tt_id); return true; } /** - * wp_get_object_terms() - Returns the terms associated with the given object(s), in the supplied taxonomies. - * - * {@internal Missing Long Description}} - * - * @package WordPress - * @subpackage Taxonomy - * @since 2.3 - * @uses $wpdb - * - * @param int|array $object_id The id of the object(s)) to retrieve. + * Returns the terms associated with the given object(s), in the supplied taxonomies. + * @param int|array $object_id The id of the object(s)) to retrieve for. * @param string|array $taxonomies The taxonomies to retrieve terms from. - * @param array|string $args Change what is returned - * @return array|WP_Error The requested term data or empty array if no terms found. WP_Error if $taxonomy does not exist. + * @return array The requested term data. */ function wp_get_object_terms($object_ids, $taxonomies, $args = array()) { global $wpdb; @@ -1003,17 +898,13 @@ function wp_get_object_terms($object_ids, $taxonomies, $args = array()) { /** * wp_insert_term() - Adds a new term to the database. Optionally marks it as an alias of an existing term. * - * {@internal Missing Long Description}} - * - * @package WordPress - * @subpackage Taxonomy - * @since 2.3 - * @uses $wpdb + * * + * @global $wpdb Database Object * @param int|string $term The term to add or update. * @param string $taxonomy The taxonomy to which to add the term * @param array|string $args Change the values of the inserted term - * @return array|WP_Error The Term ID and Term Taxonomy ID + * @return array The Term ID and Term Taxonomy ID */ function wp_insert_term( $term, $taxonomy, $args = array() ) { global $wpdb; @@ -1031,15 +922,12 @@ function wp_insert_term( $term, $taxonomy, $args = array() ) { $args = sanitize_term($args, $taxonomy, 'db'); extract($args, EXTR_SKIP); - // expected_slashed ($name) - $name = stripslashes($name); - if ( empty($slug) ) $slug = sanitize_title($name); $term_group = 0; if ( $alias_of ) { - $alias = $wpdb->get_row( $wpdb->prepare( "SELECT term_id, term_group FROM $wpdb->terms WHERE slug = %s", $alias_of) ); + $alias = $wpdb->fetch_row("SELECT term_id, term_group FROM $wpdb->terms WHERE slug = '$alias_of'"); if ( $alias->term_group ) { // The alias we want is already in a group, so let's use that one. $term_group = $alias->term_group; @@ -1065,15 +953,15 @@ function wp_insert_term( $term, $taxonomy, $args = array() ) { if ( empty($slug) ) { $slug = sanitize_title($slug, $term_id); - $wpdb->update( $wpdb->terms, compact( 'slug' ), compact( 'term_id' ) ); + $wpdb->query("UPDATE $wpdb->terms SET slug = '$slug' WHERE term_id = '$term_id'"); } - $tt_id = $wpdb->get_var( $wpdb->prepare( "SELECT tt.term_taxonomy_id FROM $wpdb->term_taxonomy AS tt INNER JOIN $wpdb->terms AS t ON tt.term_id = t.term_id WHERE tt.taxonomy = %s AND t.term_id = %d", $taxonomy, $term_id ) ); + $tt_id = $wpdb->get_var("SELECT tt.term_taxonomy_id FROM $wpdb->term_taxonomy AS tt INNER JOIN $wpdb->terms AS t ON tt.term_id = t.term_id WHERE tt.taxonomy = '$taxonomy' AND t.term_id = $term_id"); if ( !empty($tt_id) ) return array('term_id' => $term_id, 'term_taxonomy_id' => $tt_id); - $wpdb->insert( $wpdb->term_taxonomy, compact( 'term_id', 'taxonomy', 'description', 'parent') + array( 'count' => 0 ) ); + $wpdb->query("INSERT INTO $wpdb->term_taxonomy (term_id, taxonomy, description, parent, count) VALUES ('$term_id', '$taxonomy', '$description', '$parent', '0')"); $tt_id = (int) $wpdb->insert_id; do_action("create_term", $term_id, $tt_id); @@ -1090,21 +978,16 @@ function wp_insert_term( $term, $taxonomy, $args = array() ) { } /** - * wp_set_object_terms() - {@internal Missing Short Description}} + * wp_set_object_terms() - * * Relates an object (post, link etc) to a term and taxonomy type. Creates the term and taxonomy * relationship if it doesn't already exist. Creates a term if it doesn't exist (using the slug). * - * @package WordPress - * @subpackage Taxonomy - * @since 2.3 - * @uses $wpdb - * + * @global $wpdb Database Object * @param int $object_id The object to relate to. * @param array|int|string $term The slug or id of the term. * @param array|string $taxonomy The context in which to relate the term to the object. * @param bool $append If false will delete difference of terms. - * @return array|WP_Error Affected Term IDs */ function wp_set_object_terms($object_id, $terms, $taxonomy, $append = false) { global $wpdb; @@ -1126,15 +1009,13 @@ function wp_set_object_terms($object_id, $terms, $taxonomy, $append = false) { foreach ($terms as $term) { if ( !$id = is_term($term, $taxonomy) ) $id = wp_insert_term($term, $taxonomy); - if ( is_wp_error($id) ) - return $id; $term_ids[] = $id['term_id']; $id = $id['term_taxonomy_id']; $tt_ids[] = $id; - if ( $wpdb->get_var( $wpdb->prepare( "SELECT term_taxonomy_id FROM $wpdb->term_relationships WHERE object_id = %d AND term_taxonomy_id = %d", $object_id, $id ) ) ) + if ( $wpdb->get_var("SELECT term_taxonomy_id FROM $wpdb->term_relationships WHERE object_id = '$object_id' AND term_taxonomy_id = '$id'") ) continue; - $wpdb->insert( $wpdb->term_relationships, array( 'object_id' => $object_id, 'term_taxonomy_id' => $id ) ); + $wpdb->query("INSERT INTO $wpdb->term_relationships (object_id, term_taxonomy_id) VALUES ('$object_id', '$id')"); } wp_update_term_count($tt_ids, $taxonomy); @@ -1151,30 +1032,6 @@ function wp_set_object_terms($object_id, $terms, $taxonomy, $append = false) { return $tt_ids; } -/** - * wp_unique_term_slug() - Will make slug unique, if it isn't already - * - * The $slug has to be unique global to every taxonomy, meaning that one taxonomy - * term can't have a matching slug with another taxonomy term. Each slug has to be - * globally unique for every taxonomy. - * - * The way this works is that if the taxonomy that the term belongs to is heirarchical - * and has a parent, it will append that parent to the $slug. - * - * If that still doesn't return an unique slug, then it try to append a number until - * it finds a number that is truely unique. - * - * The only purpose for $term is for appending a parent, if one exists. - * - * @package WordPress - * @subpackage Taxonomy - * @since 2.3 - * @uses $wpdb - * - * @param string $slug The string that will be tried for a unique slug - * @param object $term The term object that the $slug will belong too - * @return string Will return a true unique slug. - */ function wp_unique_term_slug($slug, $term) { global $wpdb; @@ -1194,12 +1051,12 @@ function wp_unique_term_slug($slug, $term) { } // If we didn't get a unique slug, try appending a number to make it unique. - if ( $wpdb->get_var( $wpdb->prepare( "SELECT slug FROM $wpdb->terms WHERE slug = %s", $slug ) ) ) { + if ( $wpdb->get_var("SELECT slug FROM $wpdb->terms WHERE slug = '$slug'") ) { $num = 2; do { $alt_slug = $slug . "-$num"; $num++; - $slug_check = $wpdb->get_var( $wpdb->prepare( "SELECT slug FROM $wpdb->terms WHERE slug = %s", $alt_slug ) ); + $slug_check = $wpdb->get_var("SELECT slug FROM $wpdb->terms WHERE slug = '$alt_slug'"); } while ( $slug_check ); $slug = $alt_slug; } @@ -1207,21 +1064,6 @@ function wp_unique_term_slug($slug, $term) { return $slug; } -/** - * wp_update_term() - {@internal Missing Short Description}} - * - * {@internal Missing Long Description}} - * - * @package WordPress - * @subpackage Taxonomy - * @since 2.3 - * @uses $wpdb - * - * @param int $term The ID of the term - * @param string $taxonomy The context in which to relate the term to the object. - * @param array|string $args Overwrite defaults - * @return array Returns Term ID and Taxonomy Term ID - */ function wp_update_term( $term, $taxonomy, $args = array() ) { global $wpdb; @@ -1252,19 +1094,19 @@ function wp_update_term( $term, $taxonomy, $args = array() ) { } if ( $alias_of ) { - $alias = $wpdb->get_row( $wpdb->prepare( "SELECT term_id, term_group FROM $wpdb->terms WHERE slug = %s", $alias_of) ); + $alias = $wpdb->fetch_row("SELECT term_id, term_group FROM $wpdb->terms WHERE slug = '$alias_of'"); if ( $alias->term_group ) { // The alias we want is already in a group, so let's use that one. $term_group = $alias->term_group; } else { // The alias isn't in a group, so let's create a new one and firstly add the alias term to it. - $term_group = $wpdb->get_var("SELECT MAX(term_group) FROM $wpdb->terms") + 1; - $wpdb->update( $wpdb->terms, compact('term_group'), array( 'term_id' => $alias->term_id ) ); + $term_group = $wpdb->get_var("SELECT MAX(term_group) FROM $wpdb->terms GROUP BY term_group") + 1; + $wpdb->query("UPDATE $wpdb->terms SET term_group = $term_group WHERE term_id = $alias->term_id"); } } // Check for duplicate slug - $id = $wpdb->get_var( $wpdb->prepare( "SELECT term_id FROM $wpdb->terms WHERE slug = %s", $slug ) ); + $id = $wpdb->get_var("SELECT term_id FROM $wpdb->terms WHERE slug = '$slug'"); if ( $id && ($id != $term_id) ) { // If an empty slug was passed, reset the slug to something unique. // Otherwise, bail. @@ -1274,16 +1116,16 @@ function wp_update_term( $term, $taxonomy, $args = array() ) { return new WP_Error('duplicate_term_slug', sprintf(__('The slug "%s" is already in use by another term'), $slug)); } - $wpdb->update($wpdb->terms, compact( 'name', 'slug', 'term_group' ), compact( 'term_id' ) ); + $wpdb->query("UPDATE $wpdb->terms SET name = '$name', slug = '$slug', term_group = '$term_group' WHERE term_id = '$term_id'"); if ( empty($slug) ) { $slug = sanitize_title($name, $term_id); - $wpdb->update( $wpdb->terms, compact( 'slug' ), compact( 'term_id' ) ); + $wpdb->query("UPDATE $wpdb->terms SET slug = '$slug' WHERE term_id = '$term_id'"); } - $tt_id = $wpdb->get_var( $wpdb->prepare( "SELECT tt.term_taxonomy_id FROM $wpdb->term_taxonomy AS tt INNER JOIN $wpdb->terms AS t ON tt.term_id = t.term_id WHERE tt.taxonomy = %s AND t.term_id = %d", $taxonomy, $term_id) ); + $tt_id = $wpdb->get_var("SELECT tt.term_taxonomy_id FROM $wpdb->term_taxonomy AS tt INNER JOIN $wpdb->terms AS t ON tt.term_id = t.term_id WHERE tt.taxonomy = '$taxonomy' AND t.term_id = $term_id"); - $wpdb->update( $wpdb->term_taxonomy, compact( 'term_id', 'taxonomy', 'description', 'parent' ), array( 'term_taxonomy_id' => $tt_id ) ); + $wpdb->query("UPDATE $wpdb->term_taxonomy SET term_id = '$term_id', taxonomy = '$taxonomy', description = '$description', parent = '$parent' WHERE term_taxonomy_id = '$tt_id'"); do_action("edit_term", $term_id, $tt_id); do_action("edit_$taxonomy", $term_id, $tt_id); @@ -1298,23 +1140,6 @@ function wp_update_term( $term, $taxonomy, $args = array() ) { return array('term_id' => $term_id, 'term_taxonomy_id' => $tt_id); } -/** - * wp_update_term_count() - Updates the amount of terms in taxonomy - * - * If there is a taxonomy callback applyed, then it will be called for updating the count. - * - * The default action is to count what the amount of terms have the relationship of term ID. - * Once that is done, then update the database. - * - * @package WordPress - * @subpackage Taxonomy - * @since 2.3 - * @uses $wpdb - * - * @param int|array $terms The ID of the terms - * @param string $taxonomy The context of the term. - * @return bool If no terms will return false, and if successful will return true. - */ function wp_update_term_count( $terms, $taxonomy ) { global $wpdb; @@ -1332,8 +1157,8 @@ function wp_update_term_count( $terms, $taxonomy ) { } else { // Default count updater foreach ($terms as $term) { - $count = $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM $wpdb->term_relationships WHERE term_taxonomy_id = %d", $term) ); - $wpdb->update( $wpdb->term_taxonomy, compact( 'count' ), array( 'term_taxonomy_id' => $term ) ); + $count = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->term_relationships WHERE term_taxonomy_id = '$term'"); + $wpdb->query("UPDATE $wpdb->term_taxonomy SET count = '$count' WHERE term_taxonomy_id = '$term'"); } } @@ -1347,44 +1172,22 @@ function wp_update_term_count( $terms, $taxonomy ) { // Cache // -/** - * clean_object_term_cache() - {@internal Missing Short Description}} - * - * {@internal Missing Long Description}} - * - * @package WordPress - * @subpackage Taxonomy - * @since 2.3 - * - * @see get_object_taxonomies() for more on $object_type - * - * @param int|array $object_ids {@internal Missing Description}} - * @param string $object_type {@internal Missing Description}} - */ function clean_object_term_cache($object_ids, $object_type) { + global $object_term_cache, $blog_id; + if ( !is_array($object_ids) ) $object_ids = array($object_ids); - foreach ( $object_ids as $id ) - foreach ( get_object_taxonomies($object_type) as $taxonomy ) - wp_cache_delete($id, "{$taxonomy}_relationships"); + $taxonomies = get_object_taxonomies($object_type); - do_action('clean_object_term_cache', $object_ids, $object_type); + foreach ( $object_ids as $id ) { + foreach ( $taxonomies as $taxonomy ) { + if ( isset($object_term_cache[$blog_id][$id][$taxonomy]) ) + unset($object_term_cache[$blog_id][$id][$taxonomy]); + } + } } -/** - * clean_term_cache() - {@internal Missing Short Description}} - * - * {@internal Missing Long Description}} - * - * @package WordPress - * @subpackage Taxonomy - * @since 2.3 - * @uses $wpdb - * - * @param int|array $ids {@internal Missing Description}} - * @param string $taxonomy Can be empty and will assume tt_ids, else will use for context. - */ function clean_term_cache($ids, $taxonomy = '') { global $wpdb; @@ -1415,43 +1218,22 @@ function clean_term_cache($ids, $taxonomy = '') { } wp_cache_delete('get_terms', 'terms'); - - do_action('clean_term_cache', $ids, $taxonomy); } -/** - * get_object_term_cache() - {@internal Missing Short Description}} - * - * {@internal Missing Long Description}} - * - * @package WordPress - * @subpackage Taxonomy - * @since 2.3 - * - * @param int|array $ids {@internal Missing Description}} - * @param string $taxonomy {@internal Missing Description}} - * @return bool|array Empty array if $terms found, but not $taxonomy. False if nothing is in cache for $taxonomy and $id. - */ function &get_object_term_cache($id, $taxonomy) { - return wp_cache_get($id, "{$taxonomy}_relationships"); + global $object_term_cache, $blog_id; + + if ( isset($object_term_cache[$blog_id][$id][$taxonomy]) ) + return $object_term_cache[$blog_id][$id][$taxonomy]; + + if ( isset($object_term_cache[$blog_id][$id]) ) + return array(); + + return false; } -/** - * get_object_term_cache() - {@internal Missing Short Description}} - * - * {@internal Missing Long Description}} - * - * @package WordPress - * @subpackage Taxonomy - * @since 2.3 - * @uses $wpdb - * - * @param string|array $object_ids {@internal Missing Description}} - * @param string $object_type {@internal Missing Description}} - * @return null|array Null value is given with empty $object_ids. - */ function update_object_term_cache($object_ids, $object_type) { - global $wpdb; + global $wpdb, $object_term_cache, $blog_id; if ( empty($object_ids) ) return; @@ -1459,56 +1241,32 @@ function update_object_term_cache($object_ids, $object_type) { if ( !is_array($object_ids) ) $object_ids = explode(',', $object_ids); - $object_ids = array_map('intval', $object_ids); - - $taxonomies = get_object_taxonomies($object_type); - - $ids = array(); - foreach ( (array) $object_ids as $id ) { - foreach ( $taxonomies as $taxonomy ) { - if ( false === wp_cache_get($id, "{$taxonomy}_relationships") ) { - $ids[] = $id; - break; - } + $count = count( $object_ids); + for ( $i = 0; $i < $count; $i++ ) { + $object_id = (int) $object_ids[ $i ]; + if ( isset( $object_term_cache[$blog_id][$object_id] ) ) { + unset( $object_ids[ $i ] ); + continue; } } - if ( empty( $ids ) ) - return false; + if ( count( $object_ids ) == 0 ) + return; - $terms = wp_get_object_terms($ids, $taxonomies, 'fields=all_with_object_id'); + $terms = wp_get_object_terms($object_ids, get_object_taxonomies($object_type), 'fields=all_with_object_id'); - $object_terms = array(); - foreach ( (array) $terms as $term ) - $object_terms[$term->object_id][$term->taxonomy][$term->term_id] = $term; + if ( empty($terms) ) + return; - foreach ( $ids as $id ) { - foreach ( $taxonomies as $taxonomy ) { - if ( ! isset($object_terms[$id][$taxonomy]) ) { - if ( !isset($object_terms[$id]) ) - $object_terms[$id] = array(); - $object_terms[$id][$taxonomy] = array(); - } - } - } + foreach ( $terms as $term ) + $object_term_cache[$blog_id][$term->object_id][$term->taxonomy][$term->term_id] = $term; - foreach ( $object_terms as $id => $value ) { - foreach ( $value as $taxonomy => $terms ) { - wp_cache_set($id, $terms, "{$taxonomy}_relationships"); - } + foreach ( $object_ids as $id ) { + if ( ! isset($object_term_cache[$blog_id][$id]) ) + $object_term_cache[$blog_id][$id] = array(); } } -/** - * update_term_cache() - Updates Terms to Taxonomy in cache. - * - * @package WordPress - * @subpackage Taxonomy - * @since 2.3 - * - * @param array $terms List of Term objects to change - * @param string $taxonomy Optional. Update Term to this taxonomy in cache - */ function update_term_cache($terms, $taxonomy = '') { foreach ( $terms as $term ) { $term_taxonomy = $taxonomy; @@ -1523,19 +1281,6 @@ function update_term_cache($terms, $taxonomy = '') { // Private // -/** - * _get_term_hierarchy() - Retrieves children of taxonomy - * - * {@internal Missing Long Description}} - * - * @package WordPress - * @subpackage Taxonomy - * @access private - * @since 2.3 - * - * @param string $taxonomy {@internal Missing Description}} - * @return array Empty if $taxonomy isn't hierarachical or returns children. - */ function _get_term_hierarchy($taxonomy) { if ( !is_taxonomy_hierarchical($taxonomy) ) return array(); @@ -1554,22 +1299,6 @@ function _get_term_hierarchy($taxonomy) { return $children; } -/** - * _get_term_children() - Get array of child terms - * - * If $terms is an array of objects, then objects will returned from the function. - * If $terms is an array of IDs, then an array of ids of children will be returned. - * - * @package WordPress - * @subpackage Taxonomy - * @access private - * @since 2.3 - * - * @param int $term_id Look for this Term ID in $terms - * @param array $terms List of Term IDs - * @param string $taxonomy Term Context - * @return array Empty if $terms is empty else returns full list of child terms. - */ function &_get_term_children($term_id, $terms, $taxonomy) { if ( empty($terms) ) return array(); @@ -1609,22 +1338,8 @@ function &_get_term_children($term_id, $terms, $taxonomy) { return $term_list; } -/** - * _pad_term_counts() - Add count of children to parent count - * - * Recalculates term counts by including items from child terms. - * Assumes all relevant children are already in the $terms argument - * - * @package WordPress - * @subpackage Taxonomy - * @access private - * @since 2.3 - * @uses $wpdb - * - * @param array $terms List of Term IDs - * @param string $taxonomy Term Context - * @return null Will break from function if conditions are not met. - */ +// Recalculates term counts by including items from child terms +// Assumes all relevant children are already in the $terms argument function _pad_term_counts(&$terms, $taxonomy) { global $wpdb; @@ -1672,25 +1387,12 @@ function _pad_term_counts(&$terms, $taxonomy) { // Default callbacks // -/** - * _update_post_term_count() - Will update term count based on posts - * - * Private function for the default callback for post_tag and category taxonomies. - * - * @package WordPress - * @subpackage Taxonomy - * @access private - * @since 2.3 - * @uses $wpdb - * - * @param array $terms List of Term IDs - */ function _update_post_term_count( $terms ) { global $wpdb; foreach ( $terms as $term ) { - $count = $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM $wpdb->term_relationships, $wpdb->posts WHERE $wpdb->posts.ID = $wpdb->term_relationships.object_id AND post_status = 'publish' AND post_type = 'post' AND term_taxonomy_id = %d", $term ) ); - $wpdb->update( $wpdb->term_taxonomy, compact( 'count' ), array( 'term_taxonomy_id' => $term ) ); + $count = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->term_relationships, $wpdb->posts WHERE $wpdb->posts.ID = $wpdb->term_relationships.object_id AND post_status = 'publish' AND post_type = 'post' AND term_taxonomy_id = '$term'"); + $wpdb->query("UPDATE $wpdb->term_taxonomy SET count = '$count' WHERE term_taxonomy_id = '$term'"); } } diff --git a/wp-includes/user.php b/wp-includes/user.php index 3f25ffc..7d5ff6e 100644 --- a/wp-includes/user.php +++ b/wp-includes/user.php @@ -15,8 +15,12 @@ function get_usernumposts($userid) { // TODO: xmlrpc only. Maybe move to xmlrpc.php. function user_pass_ok($user_login,$user_pass) { - $userdata = get_userdatabylogin($user_login); - + global $cache_userdata; + if ( empty($cache_userdata[$user_login]) ) { + $userdata = get_userdatabylogin($user_login); + } else { + $userdata = $cache_userdata[$user_login]; + } return (md5($user_pass) == $userdata->user_pass); } diff --git a/wp-includes/version.php b/wp-includes/version.php index 9c0713d..e2814c1 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -2,7 +2,7 @@ // This holds the version number in a separate file so we can bump it without cluttering the SVN -$wp_version = '2.3'; +$wp_version = '2.3.1'; $wpmu_version = '1.3'; $wp_db_version = 6124; diff --git a/wp-includes/widgets.php b/wp-includes/widgets.php index c9f2404..10d1e3d 100644 --- a/wp-includes/widgets.php +++ b/wp-includes/widgets.php @@ -18,7 +18,9 @@ function register_sidebars($number = 1, $args = array()) { if ( is_string($args) ) parse_str($args, $args); - for ( $i=1; $i <= $number; $i++ ) { + $i = 1; + + while ( $i <= $number ) { $_args = $args; if ( $number > 1 ) { $_args['name'] = isset($args['name']) ? $args['name'] : sprintf(__('Sidebar %d'), $i); @@ -27,6 +29,7 @@ function register_sidebars($number = 1, $args = array()) { } $_args['id'] = isset($args['id']) ? $args['id'] : "sidebar-$i"; register_sidebar($_args); + ++$i; } } @@ -627,7 +630,7 @@ function wp_widget_categories($args, $number = 1) { wp_dropdown_categories($cat_args . '&show_option_none= ' . __('Select Category')); ?> -<script type='text/javascript'><!-- +<script lang='javascript'><!-- var dropdown = document.getElementById("cat"); function onCatChange() { if ( dropdown.options[dropdown.selectedIndex].value > 0 ) { diff --git a/wp-includes/wp-db.php b/wp-includes/wp-db.php index 9c11646..ef1070e 100644 --- a/wp-includes/wp-db.php +++ b/wp-includes/wp-db.php @@ -322,39 +322,6 @@ class wpdb { } /** - * Insert an array of data into a table - * @param string $table WARNING: not sanitized! - * @param array $data should not already be SQL-escaped - * @return mixed results of $this->query() - */ - function insert($table, $data) { - $data = add_magic_quotes($data); - $fields = array_keys($data); - return $this->query("INSERT INTO $table (`" . implode('`,`',$fields) . "`) VALUES ('".implode("','",$data)."')"); - } - - /** - * Update a row in the table with an array of data - * @param string $table WARNING: not sanitized! - * @param array $data should not already be SQL-escaped - * @param array $where a named array of WHERE column => value relationships. Multiple member pairs will be joined with ANDs. WARNING: the column names are not currently sanitized! - * @return mixed results of $this->query() - */ - function update($table, $data, $where){ - $data = add_magic_quotes($data); - $bits = $wheres = array(); - foreach ( array_keys($data) as $k ) - $bits[] = "`$k` = '$data[$k]'"; - - if ( is_array( $where ) ) - foreach ( $where as $c => $v ) - $wheres[] = "$c = '" . $this->escape( $v ) . "'"; - else - return false; - return $this->query( "UPDATE $table SET " . implode( ', ', $bits ) . ' WHERE ' . implode( ' AND ', $wheres ) . ' LIMIT 1' ); - } - - /** * Get one variable from the database * @param string $query (can be null as well, for caching, see codex) * @param int $x = 0 row num to return @@ -507,27 +474,6 @@ class wpdb { return false; wp_die($message); } - /** - * Checks wether of not the database version is high enough to support the features WordPress uses - * @global $wp_version - */ - function check_database_version() - { - global $wp_version; - // Make sure the server has MySQL 4.0 - $mysql_version = preg_replace('|[^0-9\.]|', '', @mysql_get_server_info()); - if ( version_compare($mysql_version, '4.0.0', '<') ) - return new WP_Error('database_version',sprintf(__('<strong>ERROR</strong>: WordPress %s requires MySQL 4.0.0 or higher'), $wp_version)); - } - - /** - * This function is called when WordPress is generating the table schema to determine wether or not the current database - * supports or needs the collation statements. - */ - function supports_collation() - { - return ( version_compare(mysql_get_server_info(), '4.1.0', '>=') ); - } } if ( ! isset($wpdb) ) diff --git a/wp-links-opml.php b/wp-links-opml.php index 6facd69..f2c36c2 100644 --- a/wp-links-opml.php +++ b/wp-links-opml.php @@ -14,7 +14,7 @@ if ((empty ($link_cat)) || ($link_cat == 'all') || ($link_cat == '0')) { $link_cat = intval($link_cat); } ?><?php echo '<?xml version="1.0"?'.">\n"; ?> -<?php the_generator( 'comment' ); ?> +<!-- generator="wordpress/<?php bloginfo_rss('version') ?>" --> <opml version="1.0"> <head> <title>Links for <?php echo attribute_escape(get_bloginfo('name', 'display').$cat_name); ?></title> diff --git a/wp-settings.php b/wp-settings.php index 442fe50..ccd127b 100644 --- a/wp-settings.php +++ b/wp-settings.php @@ -44,10 +44,12 @@ if ( empty( $_SERVER['REQUEST_URI'] ) ) { else if (isset($_SERVER['HTTP_X_REWRITE_URL'])) { $_SERVER['REQUEST_URI'] = $_SERVER['HTTP_X_REWRITE_URL']; } - else - { - // Some IIS + PHP configurations puts the script-name in the path-info (No need to append it twice) - if ( $_SERVER['PATH_INFO'] == $_SERVER['SCRIPT_NAME'] ) + else { + // If root then simulate that no script-name was specified + if (empty($_SERVER['PATH_INFO'])) + $_SERVER['REQUEST_URI'] = substr($_SERVER['SCRIPT_NAME'], 0, strrpos($_SERVER['SCRIPT_NAME'], '/')) . '/'; + elseif ( $_SERVER['PATH_INFO'] == $_SERVER['SCRIPT_NAME'] ) + // Some IIS + PHP configurations puts the script-name in the path-info (No need to append it twice) $_SERVER['REQUEST_URI'] = $_SERVER['PATH_INFO']; else $_SERVER['REQUEST_URI'] = $_SERVER['SCRIPT_NAME'] . $_SERVER['PATH_INFO']; @@ -101,12 +103,8 @@ function timer_stop($display = 0, $precision = 3) { //if called like timer_stop( } timer_start(); -// Add define('WP_DEBUG',true); to wp-config.php to enable display of notices during development. -if (defined('WP_DEBUG') and WP_DEBUG == true) { - error_reporting(E_ALL); -} else { - error_reporting(E_ALL ^ E_NOTICE); -} +// Change to E_ALL for development/debugging +error_reporting(E_ALL ^ E_NOTICE); // For an advanced caching plugin to use, static because you would only want one if ( defined('WP_CACHE') ) @@ -127,7 +125,11 @@ if ( !defined('PLUGINDIR') ) require (ABSPATH . WPINC . '/compat.php'); require (ABSPATH . WPINC . '/functions.php'); -require_wp_db(); +if ( file_exists(ABSPATH . 'wp-content/db.php') ) + require_once (ABSPATH . 'wp-content/db.php'); +else + require_once (ABSPATH . WPINC . '/wp-db.php'); + // $table_prefix is deprecated as of 2.1 $wpdb->prefix = $wpdb->base_prefix = $table_prefix; @@ -178,9 +180,6 @@ if ( file_exists(ABSPATH . 'wp-content/object-cache.php') ) else require_once (ABSPATH . WPINC . '/cache.php'); -// To disable persistant caching, add the below line to your wp-config.php file, uncommented of course. -// define('DISABLE_CACHE', true); - wp_cache_init(); if( !defined( "UPLOADS" ) ) @@ -32,7 +32,6 @@ header('Content-Type: text/xml; charset=' . get_option('blog_charset'), true); <api name="Movable Type" blogID="1" preferred="false" apiLink="<?php bloginfo_rss('wpurl') ?>/xmlrpc.php" /> <api name="MetaWeblog" blogID="1" preferred="false" apiLink="<?php bloginfo_rss('wpurl') ?>/xmlrpc.php" /> <api name="Blogger" blogID="1" preferred="false" apiLink="<?php bloginfo_rss('wpurl') ?>/xmlrpc.php" /> - <api name="Atom" blogID="1" preferred="false" apiLink="<?php bloginfo_rss('wpurl') ?>/wp-app.php/service" /> </apis> </service> </rsd> @@ -595,7 +594,7 @@ class wp_xmlrpc_server extends IXR_Server { restore_current_blog(); } - return $struct; + return $struct; } |