From e08e3e006e1482c91ed76b24291f47f872f913ff Mon Sep 17 00:00:00 2001 From: donncha Date: Mon, 19 Mar 2007 13:04:29 +0000 Subject: WP Merge to rev 5061 git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@920 7be80a69-a1ef-0310-a953-fb0f7c49ff36 --- wp-admin/admin-functions.php | 18 ++++++++++-------- wp-admin/admin-header.php | 2 +- wp-admin/bookmarklet.php | 2 +- wp-admin/categories.php | 2 +- wp-admin/edit-comments.php | 12 ++++++------ wp-admin/edit-form-advanced.php | 4 ++-- wp-admin/edit-page-form.php | 2 +- wp-admin/import/b2.php | 0 wp-admin/import/blogger.php | 10 ++++++---- wp-admin/link-manager.php | 2 +- wp-admin/options-head.php | 2 -- wp-admin/page.php | 2 +- wp-admin/post.php | 2 +- wp-admin/upgrade.php | 4 ++-- wp-admin/upload-functions.php | 8 ++++---- wp-admin/upload.php | 2 +- wp-admin/user-edit.php | 2 +- 17 files changed, 39 insertions(+), 37 deletions(-) delete mode 100644 wp-admin/import/b2.php (limited to 'wp-admin') diff --git a/wp-admin/admin-functions.php b/wp-admin/admin-functions.php index a7b0428..1ed1cf3 100644 --- a/wp-admin/admin-functions.php +++ b/wp-admin/admin-functions.php @@ -370,7 +370,7 @@ function get_default_post_to_edit() { else if ( !empty( $post_title ) ) { $text = wp_specialchars( stripslashes( urldecode( $_REQUEST['text'] ) ) ); $text = funky_javascript_fix( $text); - $popupurl = attribute_escape($_REQUEST['popupurl']); + $popupurl = clean_url($_REQUEST['popupurl']); $post_content = ''.$post_title.''."\n$text"; } @@ -429,7 +429,7 @@ function get_user_to_edit( $user_id ) { $user = new WP_User( $user_id ); $user->user_login = attribute_escape($user->user_login); $user->user_email = attribute_escape($user->user_email); - $user->user_url = attribute_escape($user->user_url); + $user->user_url = clean_url($user->user_url); $user->first_name = attribute_escape($user->first_name); $user->last_name = attribute_escape($user->last_name); $user->display_name = attribute_escape($user->display_name); @@ -574,11 +574,11 @@ function edit_user( $user_id = 0 ) { function get_link_to_edit( $link_id ) { $link = get_link( $link_id ); - $link->link_url = attribute_escape($link->link_url); + $link->link_url = clean_url($link->link_url); $link->link_name = attribute_escape($link->link_name); $link->link_image = attribute_escape($link->link_image); $link->link_description = attribute_escape($link->link_description); - $link->link_rss = attribute_escape($link->link_rss); + $link->link_rss = clean_url($link->link_rss); $link->link_rel = attribute_escape($link->link_rel); $link->link_notes = wp_specialchars($link->link_notes); $link->post_category = $link->link_category; @@ -588,7 +588,7 @@ function get_link_to_edit( $link_id ) { function get_default_link_to_edit() { if ( isset( $_GET['linkurl'] ) ) - $link->link_url = attribute_escape( $_GET['linkurl']); + $link->link_url = clean_url( $_GET['linkurl']); else $link->link_url = ''; @@ -807,7 +807,7 @@ function _cat_row( $category, $level, $name_override = false ) { $default_link_cat_id = get_option( 'default_link_category' ); if ( ($category->cat_ID != $default_cat_id ) && ($category->cat_ID != $default_link_cat_id ) ) - $edit .= "cat_ID ) . "' onclick=\"return deleteSomething( 'cat', $category->cat_ID, '" . js_escape(sprintf( __("You are about to delete the category '%s'.\nAll of its posts will go into the default category of '%s'\nAll of its bookmarks will go into the default category of '%s'.\n'OK' to delete, 'Cancel' to stop." ), $category->cat_name, get_catname( $default_cat_id ), get_catname( $default_link_cat_id ) )) . "' );\" class='delete'>".__( 'Delete' ).""; + $edit .= "cat_ID ) . "' onclick=\"return deleteSomething( 'cat', $category->cat_ID, '" . js_escape(sprintf( __("You are about to delete the category '%s'.\nAll posts that were only assigned to this category will be assigned to the '%s' category.\nAll links that were only assigned to this category will be assigned to the '%s' category.\n'OK' to delete, 'Cancel' to stop." ), $category->cat_name, get_catname( $default_cat_id ), get_catname( $default_link_cat_id ) )) . "' );\" class='delete'>".__( 'Delete' ).""; else $edit .= "".__( "Default" ); } else @@ -891,7 +891,7 @@ function user_row( $user_object, $style = '' ) { } $r .= "\n\t\t"; if ( ( is_site_admin() || $current_user->ID == $user_object->ID ) && current_user_can( 'edit_user', $user_object->ID ) ) { - $edit_link = attribute_escape( add_query_arg( 'wp_http_referer', urlencode( stripslashes( $_SERVER['REQUEST_URI'] ) ), "user-edit.php?user_id=$user_object->ID" )); + $edit_link = clean_url( add_query_arg( 'wp_http_referer', urlencode( stripslashes( $_SERVER['REQUEST_URI'] ) ), "user-edit.php?user_id=$user_object->ID" )); $r .= "".__( 'Edit' ).""; } $r .= "\n\t"; @@ -2100,7 +2100,9 @@ function wp_crop_image( $src_file, $src_x, $src_y, $src_w, $src_h, $dst_w, $dst_ $src_h -= $src_y; } - imageantialias( $dst, true ); + if (function_exists('imageantialias')) + imageantialias( $dst, true ); + imagecopyresampled( $dst, $src, 0, 0, $src_x, $src_y, $dst_w, $dst_h, $src_w, $src_h ); if ( !$dst_file ) diff --git a/wp-admin/admin-header.php b/wp-admin/admin-header.php index 34f6d7d..9f6402b 100644 --- a/wp-admin/admin-header.php +++ b/wp-admin/admin-header.php @@ -2,7 +2,7 @@ @header('Content-type: ' . get_option('html_type') . '; charset=' . get_option('blog_charset')); if (!isset($_GET["page"])) require_once('admin.php'); if ( $editing ) { - wp_enqueue_script( array("dbx-admin-key?pagenow=$pagenow",'admin-custom-fields') ); + wp_enqueue_script( array('dbx-admin-key?pagenow=' . attribute_escape($pagenow),'admin-custom-fields') ); if ( current_user_can('manage_categories') ) wp_enqueue_script( 'ajaxcat' ); if ( user_can_richedit() ) diff --git a/wp-admin/bookmarklet.php b/wp-admin/bookmarklet.php index cd2b542..e84b5d9 100644 --- a/wp-admin/bookmarklet.php +++ b/wp-admin/bookmarklet.php @@ -37,7 +37,7 @@ else $content = wp_specialchars($_REQUEST['content']); -$popupurl = attribute_escape($_REQUEST['popupurl']); +$popupurl = clean_url($_REQUEST['popupurl']); if ( !empty($content) ) { $post->post_content = wp_specialchars( stripslashes($_REQUEST['content']) ); } else { diff --git a/wp-admin/categories.php b/wp-admin/categories.php index 08e80c3..5e77e0f 100644 --- a/wp-admin/categories.php +++ b/wp-admin/categories.php @@ -114,7 +114,7 @@ cat_rows();
-

Note:
Deleting a category does not delete the posts and links in that category. Instead, posts in the deleted category are set to the category %s and links are set to %s.'), apply_filters('the_category', get_catname(get_option('default_category'))), apply_filters('the_category', get_catname(get_option('default_link_category')))) ?>

+

Note:
Deleting a category does not delete the posts and links in that category. Instead, posts that were only assigned to the deleted category are set to the category %s and links that were only assigned to the deleted category are set to %s.'), apply_filters('the_category', get_catname(get_option('default_category'))), apply_filters('the_category', get_catname(get_option('default_link_category')))) ?>

diff --git a/wp-admin/edit-comments.php b/wp-admin/edit-comments.php index d3de2c5..9307b90 100644 --- a/wp-admin/edit-comments.php +++ b/wp-admin/edit-comments.php @@ -101,7 +101,7 @@ $total_pages = ceil( $total / 20 ); $r = ''; if ( 1 < $page ) { $args['apage'] = ( 1 == $page - 1 ) ? FALSE : $page - 1; - $r .= '' . "\n"; + $r .= '' . "\n"; } if ( ( $total_pages = ceil( $total / 20 ) ) > 1 ) { for ( $page_num = 1; $page_num <= $total_pages; $page_num++ ) : @@ -111,7 +111,7 @@ if ( ( $total_pages = ceil( $total / 20 ) ) > 1 ) { $p = false; if ( $page_num < 3 || ( $page_num >= $page - 3 && $page_num <= $page + 3 ) || $page_num > $total_pages - 3 ) : $args['apage'] = ( 1 == $page_num ) ? FALSE : $page_num; - $r .= '' . ( $page_num ) . "\n"; + $r .= '' . ( $page_num ) . "\n"; $in = true; elseif ( $in == true ) : $r .= "...\n"; @@ -122,7 +122,7 @@ if ( ( $total_pages = ceil( $total / 20 ) ) > 1 ) { } if ( ( $page ) * 20 < $total || -1 == $total ) { $args['apage'] = $page + 1; - $r .= '' . "\n"; + $r .= '' . "\n"; } echo "

$r

"; ?> @@ -248,7 +248,7 @@ $total_pages = ceil( $total / 20 ); $r = ''; if ( 1 < $page ) { $args['apage'] = ( 1 == $page - 1 ) ? FALSE : $page - 1; - $r .= '' . "\n"; + $r .= '' . "\n"; } if ( ( $total_pages = ceil( $total / 20 ) ) > 1 ) { for ( $page_num = 1; $page_num <= $total_pages; $page_num++ ) : @@ -258,7 +258,7 @@ if ( ( $total_pages = ceil( $total / 20 ) ) > 1 ) { $p = false; if ( $page_num < 3 || ( $page_num >= $page - 3 && $page_num <= $page + 3 ) || $page_num > $total_pages - 3 ) : $args['apage'] = ( 1 == $page_num ) ? FALSE : $page_num; - $r .= '' . ( $page_num ) . "\n"; + $r .= '' . ( $page_num ) . "\n"; $in = true; elseif ( $in == true ) : $r .= "...\n"; @@ -269,7 +269,7 @@ if ( ( $total_pages = ceil( $total / 20 ) ) > 1 ) { } if ( ( $page ) * 20 < $total || -1 == $total ) { $args['apage'] = $page + 1; - $r .= '' . "\n"; + $r .= '' . "\n"; } echo "

$r

"; ?> diff --git a/wp-admin/edit-form-advanced.php b/wp-admin/edit-form-advanced.php index 520bfbd..cdf467a 100644 --- a/wp-admin/edit-form-advanced.php +++ b/wp-admin/edit-form-advanced.php @@ -168,11 +168,11 @@ if ('publish' != $post->post_status || 0 == $post_ID) { ?>

diff --git a/wp-admin/edit-page-form.php b/wp-admin/edit-page-form.php index 78e9588..f55f733 100644 --- a/wp-admin/edit-page-form.php +++ b/wp-admin/edit-page-form.php @@ -13,7 +13,7 @@ if (0 == $post_ID) { $form_extra = ""; } -$sendto = attribute_escape(stripslashes(wp_get_referer())); +$sendto = clean_url(stripslashes(wp_get_referer())); if ( 0 != $post_ID && $sendto == get_permalink($post_ID) ) $sendto = 'redo'; diff --git a/wp-admin/import/b2.php b/wp-admin/import/b2.php deleted file mode 100644 index e69de29..0000000 diff --git a/wp-admin/import/blogger.php b/wp-admin/import/blogger.php index 1890c16..4614bf6 100644 --- a/wp-admin/import/blogger.php +++ b/wp-admin/import/blogger.php @@ -84,7 +84,7 @@ class Blogger_Import { if ( empty($this->blogs) ) { $headers = array( "GET /feeds/default/blogs HTTP/1.0", - "Host: www.blogger.com", + "Host: www2.blogger.com", "Authorization: AuthSub token=\"$this->token\"" ); $request = join( "\r\n", $headers ) . "\r\n\r\n"; @@ -547,7 +547,9 @@ class Blogger_Import { } $comment_post_ID = $this->blogs[$importing_blog]['posts'][$entry->old_post_permalink]; - $comment_author = addslashes( $this->no_apos( strip_tags( $entry->author ) ) ); + preg_match('#(.+?).*(?:\(.+?))?#', $entry->author, $matches); + $comment_author = addslashes( $this->no_apos( strip_tags( (string) $matches[1] ) ) ); + $comment_author_url = addslashes( $this->no_apos( strip_tags( (string) $matches[2] ) ) ); $comment_date = $this->convert_date( $entry->updated ); $comment_content = addslashes( $this->no_apos( html_entity_decode( $entry->content ) ) ); @@ -563,7 +565,7 @@ class Blogger_Import { ) { ++$this->blogs[$importing_blog]['comments_skipped']; } else { - $comment = compact('comment_post_ID', 'comment_author', 'comment_date', 'comment_content'); + $comment = compact('comment_post_ID', 'comment_author', 'comment_author_url', 'comment_date', 'comment_content'); $comment_id = wp_insert_comment($comment); @@ -672,7 +674,7 @@ class Blogger_Import { return $sock; } - function _get_blogger_sock($host = 'www.blogger.com') { + function _get_blogger_sock($host = 'www2.blogger.com') { if ( !$sock = @ fsockopen($host, 80, $errno, $errstr) ) { $this->uh_oh( sprintf( __('Could not connect to %s'), $host ), diff --git a/wp-admin/link-manager.php b/wp-admin/link-manager.php index 8b0a4ee..54ae4f9 100644 --- a/wp-admin/link-manager.php +++ b/wp-admin/link-manager.php @@ -133,7 +133,7 @@ if ( $links ) { foreach ($links as $link) { $link->link_name = attribute_escape(apply_filters('link_title', $link->link_name)); $link->link_description = wp_specialchars(apply_filters('link_description', $link->link_description)); - $link->link_url = attribute_escape($link->link_url); + $link->link_url = clean_url($link->link_url); $link->link_category = wp_get_link_cats($link->link_id); $short_url = str_replace('http://', '', $link->link_url); $short_url = str_replace('www.', '', $short_url); diff --git a/wp-admin/options-head.php b/wp-admin/options-head.php index 8d097f4..da1784f 100644 --- a/wp-admin/options-head.php +++ b/wp-admin/options-head.php @@ -1,7 +1,5 @@ -
-

diff --git a/wp-admin/page.php b/wp-admin/page.php index 4a29c37..4ef74e9 100644 --- a/wp-admin/page.php +++ b/wp-admin/page.php @@ -65,7 +65,7 @@ case 'edit': ?>

- +

- +

@@ -49,7 +49,7 @@ switch($step) : if ( empty( $_GET['backto'] ) ) $backto = __get_option('home') . '/'; else - $backto = attribute_escape(stripslashes($_GET['backto'])); + $backto = clean_url(stripslashes($_GET['backto'])); if( $wpdb->get_row( "SELECT blog_id FROM wp_blog_versions WHERE blog_id = '{$wpdb->blogid}'" ) ) { $wpdb->query( "UPDATE wp_blog_versions SET db_version = '{$wp_db_version}' WHERE blog_id = '{$wpdb->blogid}'" ); } else { diff --git a/wp-admin/upload-functions.php b/wp-admin/upload-functions.php index 1f79fb7..45fece4 100644 --- a/wp-admin/upload-functions.php +++ b/wp-admin/upload-functions.php @@ -83,9 +83,9 @@ function wp_upload_view() { echo '[ '; echo '' . __('view') . ''; echo ' | '; - echo '' . __('edit') . ''; + echo '' . __('edit') . ''; echo ' | '; - echo '' . __('cancel') . ''; + echo '' . __('cancel') . ''; echo ' ]'; ?> @@ -123,9 +123,9 @@ function wp_upload_form() { echo '[ '; echo '' . __('view') . ''; echo ' | '; - echo '' . __('links') . ''; + echo '' . __('links') . ''; echo ' | '; - echo '' . __('cancel') . ''; + echo '' . __('cancel') . ''; echo ' ]'; ?> diff --git a/wp-admin/upload.php b/wp-admin/upload.php index f592edb..562272c 100644 --- a/wp-admin/upload.php +++ b/wp-admin/upload.php @@ -90,7 +90,7 @@ foreach ( $wp_upload_tabs as $t => $tab_array ) { // We've already done the curr $href = add_query_arg( array('tab' => $t, 'ID' => '', 'action' => '', 'paged' => '') ); if ( isset($tab_array[4]) && is_array($tab_array[4]) ) add_query_arg( $tab_array[4], $href ); - $_href = attribute_escape( $href); + $_href = clean_url( $href); $page_links = ''; $class = 'upload-tab alignleft'; if ( $tab == $t ) { diff --git a/wp-admin/user-edit.php b/wp-admin/user-edit.php index 41fa9da..6feba01 100644 --- a/wp-admin/user-edit.php +++ b/wp-admin/user-edit.php @@ -61,7 +61,7 @@ include ('admin-header.php');

-

+

-- cgit