From 4fb300c67a3442cd0209a6129d53f0f727b60743 Mon Sep 17 00:00:00 2001 From: donncha Date: Fri, 22 Dec 2006 12:54:24 +0000 Subject: WP Merge to rev 4661 git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@828 7be80a69-a1ef-0310-a953-fb0f7c49ff36 --- wp-admin/admin-ajax.php | 6 +-- wp-admin/admin-functions.php | 79 ++++++++++++++++--------------- wp-admin/bookmarklet.php | 2 +- wp-admin/categories.php | 4 +- wp-admin/edit-category-form.php | 6 +-- wp-admin/edit-comments.php | 17 +++---- wp-admin/edit-form-advanced.php | 6 +-- wp-admin/edit-form-comment.php | 2 +- wp-admin/edit-form.php | 2 +- wp-admin/edit-link-form.php | 2 +- wp-admin/edit-page-form.php | 26 +++++------ wp-admin/edit-pages.php | 2 +- wp-admin/edit.php | 14 +++--- wp-admin/export.php | 2 +- wp-admin/index.php | 100 +++++++++++++--------------------------- wp-admin/link-add.php | 2 +- wp-admin/link-manager.php | 10 ++-- wp-admin/moderation.php | 30 ++++-------- wp-admin/options-discussion.php | 2 +- wp-admin/options-misc.php | 2 +- wp-admin/options-permalink.php | 4 +- wp-admin/options.php | 2 +- wp-admin/page.php | 2 +- wp-admin/plugins.php | 2 +- wp-admin/post.php | 2 +- wp-admin/profile-update.php | 6 --- wp-admin/templates.php | 2 +- wp-admin/theme-editor.php | 2 +- wp-admin/upgrade.php | 4 +- wp-admin/upload-functions.php | 10 ++-- wp-admin/upload-js.php | 44 +++++++++--------- wp-admin/upload.php | 2 +- wp-admin/user-edit.php | 2 +- wp-admin/users.php | 14 +++--- 34 files changed, 183 insertions(+), 231 deletions(-) (limited to 'wp-admin') diff --git a/wp-admin/admin-ajax.php b/wp-admin/admin-ajax.php index 67fe5a9..fdfe5c7 100644 --- a/wp-admin/admin-ajax.php +++ b/wp-admin/admin-ajax.php @@ -13,9 +13,9 @@ function get_out_now() { exit; } add_action( 'shutdown', 'get_out_now', -1 ); function wp_ajax_meta_row( $pid, $mid, $key, $value ) { - $value = wp_specialchars($value, true); + $value = attribute_escape($value); $key_js = addslashes(wp_specialchars($key, 'double')); - $key = wp_specialchars($key, true); + $key = attribute_escape($key); $r .= ""; $r .= ""; $r .= ""; @@ -141,7 +141,7 @@ case 'add-cat' : // From Manage->Categories $cat_full_name = $_cat->cat_name . ' — ' . $cat_full_name; $level++; } - $cat_full_name = wp_specialchars( $cat_full_name, 1 ); + $cat_full_name = attribute_escape($cat_full_name); $x = new WP_Ajax_Response( array( 'what' => 'cat', diff --git a/wp-admin/admin-functions.php b/wp-admin/admin-functions.php index b3fbc8b..438aa47 100644 --- a/wp-admin/admin-functions.php +++ b/wp-admin/admin-functions.php @@ -40,10 +40,10 @@ function wp_write_post() { if ( $_POST['post_author'] != $_POST['user_ID'] ) { if ( 'page' == $_POST['post_type'] ) { if ( !current_user_can( 'edit_others_pages' ) ) - return new WP_Error( 'edit_others_pages', __( 'You cannot create pages as this user.' ) ); + return new WP_Error( 'edit_others_pages', __( 'You are not allowed to create pages as this user.' ) ); } else { if ( !current_user_can( 'edit_others_posts' ) ) - return new WP_Error( 'edit_others_posts', __( 'You cannot post as this user.' ) ); + return new WP_Error( 'edit_others_posts', __( 'You are not allowed to post as this user.' ) ); } } @@ -184,10 +184,10 @@ function edit_post() { if ( $_POST['post_author'] != $_POST['user_ID'] ) { if ( 'page' == $_POST['post_type'] ) { if ( !current_user_can( 'edit_others_pages' ) ) - wp_die( __('You cannot edit pages as this user.' )); + wp_die( __('You are not allowed to edit pages as this user.' )); } else { if ( !current_user_can( 'edit_others_posts' ) ) - wp_die( __('You cannot edit posts as this user.' )); + wp_die( __('You are not allowed to edit posts as this user.' )); } } @@ -323,7 +323,7 @@ function get_default_post_to_edit() { else if ( !empty( $post_title ) ) { $text = wp_specialchars( stripslashes( urldecode( $_REQUEST['text'] ) ) ); $text = funky_javascript_fix( $text); - $popupurl = wp_specialchars( $_REQUEST['popupurl'] ); + $popupurl = attribute_escape($_REQUEST['popupurl']); $post_content = ''.$post_title.''."\n$text"; } @@ -380,17 +380,17 @@ function wp_dropdown_roles( $default = false ) { function get_user_to_edit( $user_id ) { $user = new WP_User( $user_id ); - $user->user_login = wp_specialchars( $user->user_login, 1 ); - $user->user_email = wp_specialchars( $user->user_email, 1 ); - $user->user_url = wp_specialchars( $user->user_url, 1 ); - $user->first_name = wp_specialchars( $user->first_name, 1 ); - $user->last_name = wp_specialchars( $user->last_name, 1 ); - $user->display_name = wp_specialchars( $user->display_name, 1 ); - $user->nickname = wp_specialchars( $user->nickname, 1 ); - $user->aim = wp_specialchars( $user->aim, 1 ); - $user->yim = wp_specialchars( $user->yim, 1 ); - $user->jabber = wp_specialchars( $user->jabber, 1 ); - $user->description = wp_specialchars( $user->description ); + $user->user_login = attribute_escape($user->user_login); + $user->user_email = attribute_escape($user->user_email); + $user->user_url = attribute_escape($user->user_url); + $user->first_name = attribute_escape($user->first_name); + $user->last_name = attribute_escape($user->last_name); + $user->display_name = attribute_escape($user->display_name); + $user->nickname = attribute_escape($user->nickname); + $user->aim = attribute_escape($user->aim); + $user->yim = attribute_escape($user->yim); + $user->jabber = attribute_escape($user->jabber); + $user->description = wp_specialchars($user->description); return $user; } @@ -462,6 +462,12 @@ function edit_user( $user_id = 0 ) { $user->aim = wp_specialchars( trim( $_POST['aim'] )); if ( isset( $_POST['yim'] )) $user->yim = wp_specialchars( trim( $_POST['yim'] )); + if ( !$update ) + $user->rich_editing = 'true'; // Default to true for new users. + else if ( isset( $_POST['rich_editing'] ) ) + $user->rich_editing = $_POST['rich_editing']; + else + $user->rich_editing = 'false'; $errors = new WP_Error(); @@ -521,26 +527,26 @@ function edit_user( $user_id = 0 ) { function get_link_to_edit( $link_id ) { $link = get_link( $link_id ); - $link->link_url = wp_specialchars( $link->link_url, 1 ); - $link->link_name = wp_specialchars( $link->link_name, 1 ); - $link->link_image = wp_specialchars( $link->link_image, 1 ); - $link->link_description = wp_specialchars( $link->link_description, 1 ); - $link->link_notes = wp_specialchars( $link->link_notes ); - $link->link_rss = wp_specialchars( $link->link_rss, 1 ); - $link->link_rel = wp_specialchars( $link->link_rel, 1 ); - $link->post_category = $link->link_category; + $link->link_url = attribute_escape($link->link_url); + $link->link_name = attribute_escape($link->link_name); + $link->link_image = attribute_escape($link->link_image); + $link->link_description = attribute_escape($link->link_description); + $link->link_rss = attribute_escape($link->link_rss); + $link->link_rel = attribute_escape($link->link_rel); + $link->link_notes = wp_specialchars($link->link_notes); + $link->post_category = $link->link_category; return $link; } function get_default_link_to_edit() { if ( isset( $_GET['linkurl'] ) ) - $link->link_url = wp_specialchars( $_GET['linkurl'], 1 ); + $link->link_url = attribute_escape( $_GET['linkurl']); else $link->link_url = ''; if ( isset( $_GET['name'] ) ) - $link->link_name = wp_specialchars( $_GET['name'], 1 ); + $link->link_name = attribute_escape( $_GET['name']); else $link->link_name = ''; @@ -555,7 +561,7 @@ function add_link() { function edit_link( $link_id = '' ) { if (!current_user_can( 'manage_links' )) - wp_die( __("Cheatin' uh ?" )); + wp_die( __( 'Cheatin&8217; uh?' )); $_POST['link_url'] = wp_specialchars( $_POST['link_url'] ); $_POST['link_url'] = preg_match('/^(https?|ftps?|mailto|news|irc|gopher|nntp|feed|telnet):/is', $_POST['link_url']) ? $_POST['link_url'] : 'http://' . $_POST['link_url']; @@ -764,11 +770,12 @@ function _cat_row( $category, $level, $name_override = false ) { $category->category_count = number_format( $category->category_count ); $category->link_count = number_format( $category->link_count ); + $posts_count = ( $category->category_count > 0 ) ? "$category->category_count" : $category->category_count; return " $category->cat_ID " . ( $name_override ? $name_override : $pad . ' ' . $category->cat_name ) . " $category->category_description - $category->category_count + $posts_count $category->link_count $edit\n\t\n"; } @@ -832,12 +839,12 @@ function user_row( $user_object, $style = '' ) { $r .= "\n\t\t"; if ( $numposts > 0 ) { $r .= ""; - $r .= sprintf( __('View %1$s %2$s' ), $numposts, __ngettext( 'post', 'posts', $numposts )); + $r .= sprintf(__ngettext( 'View %s post', 'View %s posts', $numposts ), $numposts); $r .= ''; } $r .= "\n\t\t"; if ( ( is_site_admin() || $current_user->ID == $user_object->ID ) && current_user_can( 'edit_user', $user_object->ID ) ) { - $edit_link = wp_specialchars( add_query_arg( 'wp_http_referer', urlencode( stripslashes( $_SERVER['REQUEST_URI'] ) ), "user-edit.php?user_id=$user_object->ID" ) ); + $edit_link = attribute_escape( add_query_arg( 'wp_http_referer', urlencode( stripslashes( $_SERVER['REQUEST_URI'] ) ), "user-edit.php?user_id=$user_object->ID" )); $r .= "".__( 'Edit' ).""; } $r .= "\n\t"; @@ -917,8 +924,8 @@ function list_meta( $meta ) { } $key_js = js_escape( $entry['meta_key'] ); - $entry['meta_key'] = wp_specialchars( $entry['meta_key'], true ); - $entry['meta_value'] = wp_specialchars( $entry['meta_value'], true ); + $entry['meta_key'] = attribute_escape($entry['meta_key']); + $entry['meta_value'] = attribute_escape($entry['meta_value']); $r .= "\n\t"; $r .= "\n\t\t"; $r .= "\n\t\t"; @@ -971,7 +978,7 @@ function meta_form() { $key"; } ?> @@ -1075,9 +1082,7 @@ function touch_time( $edit = 1, $for_post = 1 ) { get_month( $mm ) . "$jj, $aa @ $hh:$mn"; - echo sprintf( __(': %1$s %2$s, %3$s @ %4$s:%5$s' ), $wp_locale->get_month( $mm ), $jj, $aa, $hh, $mn ); + printf( __('Existing timestamp: %1$s %2$s, %3$s @ %4$s:%5$s' ), $wp_locale->get_month( $mm ), $jj, $aa, $hh, $mn ); } ?> @@ -1999,7 +2004,7 @@ function wp_reset_vars( $vars ) { function wp_remember_old_slug() { global $post; - $name = wp_specialchars($post->post_name); // just in case + $name = attribute_escape($post->post_name); // just in case if ( strlen($name) ) echo ''; } diff --git a/wp-admin/bookmarklet.php b/wp-admin/bookmarklet.php index def516e..cd2b542 100644 --- a/wp-admin/bookmarklet.php +++ b/wp-admin/bookmarklet.php @@ -37,7 +37,7 @@ else $content = wp_specialchars($_REQUEST['content']); -$popupurl = wp_specialchars($_REQUEST['popupurl']); +$popupurl = attribute_escape($_REQUEST['popupurl']); if ( !empty($content) ) { $post->post_content = wp_specialchars( stripslashes($_REQUEST['content']) ); } else { diff --git a/wp-admin/categories.php b/wp-admin/categories.php index 0bdd68f..a101727 100644 --- a/wp-admin/categories.php +++ b/wp-admin/categories.php @@ -34,10 +34,10 @@ case 'delete': // Don't delete the default cats. if ( $cat_ID == get_option('default_category') ) - wp_die(sprintf(__("Can't delete the %s category: this is the default one"), $cat_name)); + wp_die(sprintf(__("Can&8217;t delete the %s category: this is the default one"), $cat_name)); if ( $cat_ID == get_option('default_link_category') ) - wp_die(sprintf(__("Can't delete the %s category: this is the default one for links"), $cat_name)); + wp_die(sprintf(__("Can&8217;t delete the %s category: this is the default one for links"), $cat_name)); wp_delete_category($cat_ID); diff --git a/wp-admin/edit-category-form.php b/wp-admin/edit-category-form.php index 44328fa..2c0e036 100644 --- a/wp-admin/edit-category-form.php +++ b/wp-admin/edit-category-form.php @@ -26,8 +26,8 @@ if ( ! empty($cat_ID) ) { - - + + @@ -37,7 +37,7 @@ if ( ! empty($cat_ID) ) { - +
diff --git a/wp-admin/edit-comments.php b/wp-admin/edit-comments.php index 0799839..dfa1a23 100644 --- a/wp-admin/edit-comments.php +++ b/wp-admin/edit-comments.php @@ -7,7 +7,7 @@ wp_enqueue_script( 'admin-comments' ); require_once('admin-header.php'); if (empty($_GET['mode'])) $mode = 'view'; -else $mode = wp_specialchars($_GET['mode'], 1); +else $mode = attribute_escape($_GET['mode']); ?> +
-

+

-items) && 0 != count($rss->items) ) { -?> - - + get_results("SELECT comment_author, comment_author_url, comment_ID, comment_post_ID FROM $wpdb->comments WHERE comment_approved = '1' ORDER BY comment_date_gmt DESC LIMIT 5"); @@ -46,11 +46,11 @@ if ( $comments || $numcomments ) :
    -' . sprintf(__('%1$s on %2$s'), get_comment_author_link(), '' . get_the_title($comment->comment_post_ID) . ''); - edit_comment_link(__("Edit"), ' (', ')'); + edit_comment_link(__("Edit"), ' (', ')'); echo ''; } } @@ -80,7 +80,7 @@ foreach ($recentposts as $post) { get_results("SELECT ID, post_title, post_date_gmt FROM $wpdb->posts WHERE post_type = 'post' AND post_status = 'future' ORDER BY post_date ASC") ) : -?> +?>

      @@ -90,7 +90,7 @@ foreach ($scheduled as $post) { $post->post_title = sprintf(__('Post #%s'), $post->ID); echo "
    • " . sprintf(__('%1$s in %2$s'), "$post->post_title", human_time_diff( current_time('timestamp', 1), strtotime($post->post_date_gmt. ' GMT') )) . "
      • "; } -?> +?>
    @@ -99,7 +99,7 @@ foreach ($scheduled as $post) {

    get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE post_type = 'post' AND post_status = 'publish'"); -if (0 < $numposts) $numposts = number_format($numposts); +if (0 < $numposts) $numposts = number_format($numposts); $numcomms = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->comments WHERE comment_approved = '1'"); if (0 < $numcomms) $numcomms = number_format($numcomms); @@ -107,14 +107,17 @@ if (0 < $numcomms) $numcomms = number_format($numcomms); $numcats = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->categories"); if (0 < $numcats) $numcats = number_format($numcats); ?> -

    posts and %3$s comments, contained within %5$s categories.'), $numposts, 'edit.php', $numcomms, 'edit-comments.php', $numcats, 'categories.php'); ?>

    +

    post', '%1$s posts', $numposts), $numposts, 'edit.php'); +$comm_str = sprintf(__ngettext('%1$s comment', '%1$s comments', $numcomms), $numcomms, 'edit-comments.php'); +$cat_str = sprintf(__ngettext('%1$s category', '%1$s categories', $numcats), $numcats, 'categories.php'); + +printf(__('There are currently %1$s and %2$s, contained within %3$s.'), $post_str, $comm_str, $cat_str); ?>

-

-

documentation or visit the support forums."); ?>

-items) && 0 != count($rss->items) ) { -?> -
-

-items = array_slice($rss->items, 0, 3); -foreach ($rss->items as $item ) { -?> -

'>

-

- -
-items) && 0 != count($rss->items) ) { -?> -
-

- -

»

-
- +
+ +
+
 
diff --git a/wp-admin/link-add.php b/wp-admin/link-add.php index c871e53..2f7ed78 100644 --- a/wp-admin/link-add.php +++ b/wp-admin/link-add.php @@ -28,7 +28,7 @@ require('admin-header.php'); diff --git a/wp-admin/link-manager.php b/wp-admin/link-manager.php index 562e2e5..05b1841 100644 --- a/wp-admin/link-manager.php +++ b/wp-admin/link-manager.php @@ -65,7 +65,7 @@ function checkAll(form) if ( isset($_GET['deleted']) ) { echo '

'; $deleted = (int) $_GET['deleted']; - printf(__('%s links deleted.'), $deleted); + printf(__ngettext('%s link deleted.', '%s links deleted', $deleted), $deleted); echo '

'; } ?> @@ -116,7 +116,7 @@ if ( $links ) { - + @@ -130,9 +130,9 @@ if ( $links ) { link_name = wp_specialchars($link->link_name); + $link->link_name = attribute_escape($link->link_name); $link->link_description = wp_specialchars($link->link_description); - $link->link_url = wp_specialchars($link->link_url); + $link->link_url = attribute_escape($link->link_url); $link->link_category = wp_get_link_cats($link->link_id); $short_url = str_replace('http://', '', $link->link_url); $short_url = str_replace('www.', '', $short_url); @@ -188,7 +188,6 @@ if ( $links ) { echo ''; echo "\n \n"; } -} ?>
@@ -198,6 +197,7 @@ if ( $links ) {

')" />

+ get_results( "SELECT link_id, category_id, count( * ) AS c FROM {$wpdb->link2cat} GROUP BY link_id, category_id" ); diff --git a/wp-admin/moderation.php b/wp-admin/moderation.php index 8999741..22bcf26 100644 --- a/wp-admin/moderation.php +++ b/wp-admin/moderation.php @@ -72,32 +72,20 @@ if ( isset($_GET['deleted']) || isset($_GET['approved']) || isset($_GET['ignored $ignored = (int) $_GET['ignored']; $spam = (int) $_GET['spam']; if ($approved) { - if ('1' == $approved) { - echo __("1 comment approved") . "
\n"; - } else { - echo sprintf(__("%s comments approved
"), $approved) . "\n"; - } + printf(__ngettext('%s comment approved', '%s comments approved', $approved), $approved); + echo "
\n"; } if ($deleted) { - if ('1' == $deleted) { - echo __("1 comment deleted") . "
\n"; - } else { - echo sprintf(__("%s comments deleted"), $deleted) . "
\n"; - } + printf(__ngettext('%s comment deleted', '%s comments deleted', $deleted), $deleted); + echo "
\n"; } if ($spam) { - if ('1' == $spam) { - echo __("1 comment marked as spam") . "
\n"; - } else { - echo sprintf(__("%s comments marked as spam"), $spam) . "
\n"; - } + printf(__ngettext('%s comment marked as spam', '%s comments marked as spam', $spam), $spam); + echo "
\n"; } if ($ignored) { - if ('1' == $ignored) { - echo __("1 comment unchanged") . "
\n"; - } else { - echo sprintf(__("%s comments unchanged"), $ignored) . "
\n"; - } + printf(__ngettext('%s comment unchanged', '%s comments unchanged', $ignored), $ignored); + echo "
\n"; } echo "

\n"; } @@ -135,7 +123,7 @@ $i = 0;

— [ comment_ID.'">' . __('Edit') . ' | '; -echo " comment_post_ID."&comment=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to delete this comment by "%s".\\n"Cancel" to stop, "OK" to delete."), $comment->comment_author )) . "', theCommentList );\">" . __('Delete ') . " | "; ?> +echo " comment_post_ID."&comment=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to delete this comment by "%s".\n"Cancel" to stop, "OK" to delete."), $comment->comment_author )) . "', theCommentList );\">" . __('Delete ') . " | "; ?> comment_post_ID); $post_title = wp_specialchars( $post->post_title, 'double' ); diff --git a/wp-admin/options-discussion.php b/wp-admin/options-discussion.php index 74503ed..51b3122 100644 --- a/wp-admin/options-discussion.php +++ b/wp-admin/options-discussion.php @@ -13,7 +13,7 @@ include('admin-header.php');

-(These settings may be overridden for individual articles.)') ?> +('.__('These settings may be overridden for individual articles.').')'; ?>