From 359ec6f7109409ea4398b0b30f09a78ef2dac6e8 Mon Sep 17 00:00:00 2001
From: donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36>
Date: Tue, 7 Mar 2006 16:17:35 +0000
Subject: WP Merge

git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@538 7be80a69-a1ef-0310-a953-fb0f7c49ff36
---
 wp-inst/wp-admin/admin-functions.php | 19 +++++++++++------
 wp-inst/wp-admin/admin.php           |  2 +-
 wp-inst/wp-admin/moderation.php      |  2 +-
 wp-inst/wp-admin/post-new.php        |  6 +++---
 wp-inst/wp-admin/post.php            |  9 ++++++--
 wp-inst/wp-admin/user-edit.php       |  2 ++
 wp-inst/wp-includes/classes.php      |  3 +--
 wp-inst/wp-includes/kses.php         | 40 ++++++++++++++++++++++++++++--------
 wp-inst/wp-register.php              | 13 +++++++-----
 wp-inst/wp-settings.php              |  1 -
 wp-inst/wpmu-settings.php.dist       |  2 +-
 11 files changed, 69 insertions(+), 30 deletions(-)

(limited to 'wp-inst')

diff --git a/wp-inst/wp-admin/admin-functions.php b/wp-inst/wp-admin/admin-functions.php
index aabf77e..b33f94e 100644
--- a/wp-inst/wp-admin/admin-functions.php
+++ b/wp-inst/wp-admin/admin-functions.php
@@ -105,12 +105,12 @@ function relocate_children($old_ID, $new_ID) {
 function fix_attachment_links($post_ID) {
 	global $wp_rewrite;
 
-	$post = & get_post($post_ID);
+	$post = & get_post($post_ID, ARRAY_A);
 
 	$search = "#<a[^>]+rel=('|\")[^'\"]*attachment[^>]*>#ie";
 
 	// See if we have any rel="attachment" links
-	if ( 0 == preg_match_all($search, $post->post_content, $anchor_matches, PREG_PATTERN_ORDER) )
+	if ( 0 == preg_match_all($search, $post['post_content'], $anchor_matches, PREG_PATTERN_ORDER) )
 		return;
 
 	$i = 0;
@@ -122,9 +122,11 @@ function fix_attachment_links($post_ID) {
 		$id = $id_matches[2];
 
 		// While we have the attachment ID, let's adopt any orphans.
-		$attachment = & get_post($id);
-		if ( ! is_object(get_post($attachment->post_parent)) ) {
-			$attachment->post_parent = $post_ID;
+		$attachment = & get_post($id, ARRAY_A);
+		if ( ! empty($attachment) && ! is_object(get_post($attachment['post_parent'])) ) {
+			$attachment['post_parent'] = $post_ID;
+			// Escape data pulled from DB.
+			$attachment = add_magic_quotes($attachment);
 			wp_update_post($attachment);
 		}
 
@@ -133,7 +135,10 @@ function fix_attachment_links($post_ID) {
 		++$i;
 	}
 
-	$post->post_content = str_replace($post_search, $post_replace, $post->post_content);
+	$post['post_content'] = str_replace($post_search, $post_replace, $post['post_content']);
+
+	// Escape data pulled from DB.
+	$post = add_magic_quotes($post);
 
 	return wp_update_post($post);
 }
@@ -491,6 +496,8 @@ function get_default_link_to_edit() {
 	else
 		$link->link_name = '';
 
+	$link->link_visible = 'Y';
+
 	return $link;
 }
 
diff --git a/wp-inst/wp-admin/admin.php b/wp-inst/wp-admin/admin.php
index 37894ca..4cedbbe 100644
--- a/wp-inst/wp-admin/admin.php
+++ b/wp-inst/wp-admin/admin.php
@@ -61,7 +61,7 @@ if (isset($_GET['page'])) {
 		}
 
 		if (! file_exists(ABSPATH . "wp-content/plugins/$plugin_page") && ! file_exists(ABSPATH . "wp-content/mu-plugins/$plugin_page"))
-			die(sprintf(__('Cannot load %s.'), $plugin_page));
+			die(sprintf(__('Cannot load %s.'), htmlentities($plugin_page)));
 
 		if (! isset($_GET['noheader']))
 			require_once(ABSPATH . '/wp-admin/admin-header.php');
diff --git a/wp-inst/wp-admin/moderation.php b/wp-inst/wp-admin/moderation.php
index 9166536..c684f6e 100644
--- a/wp-inst/wp-admin/moderation.php
+++ b/wp-inst/wp-admin/moderation.php
@@ -145,7 +145,7 @@ $i = 0;
 	<p><strong><?php _e('Name:') ?></strong> <?php comment_author_link() ?> <?php if ($comment->comment_author_email) { ?>| <strong><?php _e('E-mail:') ?></strong> <?php comment_author_email_link() ?> <?php } if ($comment->comment_author_url && 'http://' != $comment->comment_author_url) { ?> | <strong><?php _e('URI:') ?></strong> <?php comment_author_url_link() ?> <?php } ?>| <strong><?php _e('IP:') ?></strong> <a href="http://ws.arin.net/cgi-bin/whois.pl?queryinput=<?php comment_author_IP() ?>"><?php comment_author_IP() ?></a> | <strong><?php _e('Date:') ?></strong> <?php comment_date(); ?></p>
 <?php comment_text() ?>
 <p><?php
-echo '<a href="post.php?action=editcomment&amp;comment='.$comment->comment_ID.'">' . __('Edit') . '</a> | ';?>
+echo '<a href="comment.php?action=editcomment&amp;comment='.$comment->comment_ID.'">' . __('Edit') . '</a> | ';?>
 <a href="<?php echo get_permalink($comment->comment_post_ID); ?>"><?php _e('View Post') ?></a> | 
 <?php 
 echo " <a href=\"post.php?action=deletecomment&amp;p=".$comment->comment_post_ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . sprintf(__("You are about to delete this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), wp_specialchars($comment->comment_author, 1)) . "' );\">" . __('Delete just this comment') . "</a> | "; ?>  <?php _e('Bulk action:') ?>
diff --git a/wp-inst/wp-admin/post-new.php b/wp-inst/wp-admin/post-new.php
index b0dc1b6..76713cd 100644
--- a/wp-inst/wp-admin/post-new.php
+++ b/wp-inst/wp-admin/post-new.php
@@ -58,11 +58,11 @@ include('edit-form-advanced.php');
 <?php
 if ($is_NS4 || $is_gecko) {
 ?>
-<a href="javascript:if(navigator.userAgent.indexOf('Safari') >= 0){Q=getSelection();}else{Q=document.selection?document.selection.createRange().text:document.getSelection();}location.href='<?php echo get_settings('siteurl') ?>/wp-admin/post.php?text='+encodeURIComponent(Q)+'&amp;popupurl='+encodeURIComponent(location.href)+'&amp;popuptitle='+encodeURIComponent(document.title);"><?php printf(__('Press It - %s'), wp_specialchars(get_settings('blogname'))); ?></a> 
+<a href="javascript:if(navigator.userAgent.indexOf('Safari') >= 0){Q=getSelection();}else{Q=document.selection?document.selection.createRange().text:document.getSelection();}location.href='<?php echo get_settings('siteurl') ?>/wp-admin/post-new.php?text='+encodeURIComponent(Q)+'&amp;popupurl='+encodeURIComponent(location.href)+'&amp;popuptitle='+encodeURIComponent(document.title);"><?php printf(__('Press It - %s'), wp_specialchars(get_settings('blogname'))); ?></a> 
 <?php
 } else if ($is_winIE) {
 ?>
-<a href="javascript:Q='';if(top.frames.length==0)Q=document.selection.createRange().text;location.href='<?php echo get_settings('siteurl') ?>/wp-admin/post.php?text='+encodeURIComponent(Q)+'&amp;popupurl='+encodeURIComponent(location.href)+'&amp;popuptitle='+encodeURIComponent(document.title);"><?php printf(__('Press it - %s'), get_settings('blogname')); ?></a>
+<a href="javascript:Q='';if(top.frames.length==0)Q=document.selection.createRange().text;location.href='<?php echo get_settings('siteurl') ?>/wp-admin/post-new.php?text='+encodeURIComponent(Q)+'&amp;popupurl='+encodeURIComponent(location.href)+'&amp;popuptitle='+encodeURIComponent(document.title);"><?php printf(__('Press it - %s'), get_settings('blogname')); ?></a>
 <script type="text/javascript">
 <!--
 function oneclickbookmarklet(blah) {
@@ -77,7 +77,7 @@ window.open ("profile.php?action=IErightclick", "oneclickbookmarklet", "width=50
 <?php
 } else if ($is_opera) {
 ?>
-<a href="javascript:location.href='<?php echo get_settings('siteurl'); ?>/wp-admin/post.php?popupurl='+escape(location.href)+'&popuptitle='+escape(document.title);"><?php printf(__('Press it - %s'), get_settings('blogname')); ?></a> 
+<a href="javascript:location.href='<?php echo get_settings('siteurl'); ?>/wp-admin/post-new.php?popupurl='+escape(location.href)+'&popuptitle='+escape(document.title);"><?php printf(__('Press it - %s'), get_settings('blogname')); ?></a> 
 <?php
 } else if ($is_macIE) {
 ?>
diff --git a/wp-inst/wp-admin/post.php b/wp-inst/wp-admin/post.php
index 9139584..0ea17be 100644
--- a/wp-inst/wp-admin/post.php
+++ b/wp-inst/wp-admin/post.php
@@ -23,7 +23,8 @@ $action = "delete";
 
 switch($action) {
 case 'post':
-
+	check_admin_referer();
+	
 	$post_ID = write_post();
 
 	// Redirect.
@@ -76,6 +77,8 @@ case 'edit':
 	break;
 
 case 'editattachment':
+	check_admin_referer();
+
 	$post_id = (int) $_POST['post_ID'];
 
 	// Don't let these be changed
@@ -92,6 +95,8 @@ case 'editattachment':
 		add_post_meta($post_id, '_wp_attachment_metadata', $newmeta);
 
 case 'editpost':
+	check_admin_referer();
+	
 	$post_ID = edit_post();
 
 	if ($_POST['save']) {
@@ -107,7 +112,7 @@ case 'editpost':
 	} elseif ($action == 'editattachment') {
 		$location = 'attachments.php';
 	} else {
-		$location = 'post.php';
+		$location = 'post-new.php';
 	}
 	header ('Location: ' . $location); // Send user on their way while we keep working
 
diff --git a/wp-inst/wp-admin/user-edit.php b/wp-inst/wp-admin/user-edit.php
index ebb6cfd..5966f1a 100644
--- a/wp-inst/wp-admin/user-edit.php
+++ b/wp-inst/wp-admin/user-edit.php
@@ -38,6 +38,8 @@ break;
 
 case 'update':
 
+check_admin_referer();
+
 $errors = array();
 
 if (!current_user_can('edit_users'))
diff --git a/wp-inst/wp-includes/classes.php b/wp-inst/wp-includes/classes.php
index ba7988a..03d74bb 100644
--- a/wp-inst/wp-includes/classes.php
+++ b/wp-inst/wp-includes/classes.php
@@ -635,7 +635,7 @@ class WP_Query {
 		$this->posts = $wpdb->get_results($this->request);
 
 		// Check post status to determine if post should be displayed.
-		if ($this->is_single || $this->is_page) {
+		if ( !empty($this->posts) && ($this->is_single || $this->is_page) ) {
 			$status = get_post_status($this->posts[0]);
 			//$type = get_post_type($this->posts[0]);
 			if ( ('publish' != $status) ) {
@@ -1587,7 +1587,6 @@ class WP {
 	}
 
 	function send_headers() {
-		global $current_user;
 		@header('X-Pingback: '. get_bloginfo('pingback_url'));
 		if ( is_user_logged_in() )
 			nocache_headers();
diff --git a/wp-inst/wp-includes/kses.php b/wp-inst/wp-includes/kses.php
index b371c0f..5b34efe 100644
--- a/wp-inst/wp-includes/kses.php
+++ b/wp-inst/wp-includes/kses.php
@@ -44,6 +44,10 @@ if (!CUSTOM_TAGS) {
 			'value' => array ()),
 		'caption' => array (
 			'align' => array ()),
+		'cite' => array (
+			'dir' => array(),
+			'lang' => array(),
+			'title' => array ()),
 		'code' => array (),
 		'col' => array (
 			'align' => array (),
@@ -767,7 +771,7 @@ function wp_kses_decode_entities($string)
 
 function wp_filter_kses($data) {
 	global $allowedtags;
-	return wp_kses($data, $allowedtags);
+	return addslashes( wp_kses(stripslashes( $data ), $allowedtags) );
 }
 
 function wp_filter_post_kses($data) {
@@ -775,21 +779,41 @@ function wp_filter_post_kses($data) {
 	return addslashes ( wp_kses(stripslashes( $data ), $allowedposttags) );
 }
 
+function wp_filter_nohtml_kses($data) {
+	return addslashes ( wp_kses(stripslashes( $data ), array()) );
+}
+
 function kses_init_filters() {
-		add_filter('pre_comment_author', 'wp_filter_kses');
-		add_filter('pre_comment_content', 'wp_filter_kses');
-		add_filter('content_save_pre', 'wp_filter_post_kses');
-		add_filter('title_save_pre', 'wp_filter_kses');
-		add_action('admin_notices', 'wp_kses_show_message');
+	// Normal filtering.
+	add_filter('pre_comment_content', 'wp_filter_kses');
+	add_filter('title_save_pre', 'wp_filter_kses');
+
+	// Post filtering
+	add_filter('content_save_pre', 'wp_filter_post_kses');
+	add_filter('pre_comment_author', 'wp_filter_kses');
+	add_action('admin_notices', 'wp_kses_show_message');
 }
+
+function kses_remove_filters() {
+	// Normal filtering.
+	remove_filter('pre_comment_content', 'wp_filter_kses');
+	remove_filter('title_save_pre', 'wp_filter_kses');
+
+	// Post filtering
+	remove_filter('content_save_pre', 'wp_filter_post_kses');
+}
+
 function wp_filter_post_display_kses($data) {
 	global $allowedposttags;
-	return wp_kses( $data, $allowedposttags);
+	return addslashes( wp_kses(stripslashes( $data ), $allowedtags) );
 }
 
 function kses_init() {
+	kses_remove_filters();
 
-		kses_init_filters();
+	kses_init_filters();
 }
+
 add_action('init', 'kses_init');
+add_action('set_current_user', 'kses_init');
 ?>
diff --git a/wp-inst/wp-register.php b/wp-inst/wp-register.php
index e0c6c04..1a4dc78 100644
--- a/wp-inst/wp-register.php
+++ b/wp-inst/wp-register.php
@@ -25,10 +25,13 @@ case 'register':
 		$errors['user_email'] = __('<strong>ERROR</strong>: Please type your e-mail address.');
 	} else if (!is_email($user_email)) {
 		$errors['user_email'] = __('<strong>ERROR</strong>: The email address isn&#8217;t correct.');
+		$user_email = '';
 	}
 
-	if ( ! validate_username($user_login) )
+	if ( ! validate_username($user_login) ) {
 		$errors['user_login'] = __('<strong>ERROR</strong>: This username is invalid.  Please enter a valid username.');
+		$user_login = '';
+	}
 
 	if ( username_exists( $user_login ) )
 		$errors['user_login'] = __('<strong>ERROR</strong>: This username is already registered, please choose another one.');
@@ -65,9 +68,9 @@ case 'register':
 
 <div id="login"> 
 	<h2><?php _e('Registration Complete') ?></h2>
-	<p><?php printf(__('Username: %s'), "<strong>$user_login</strong>") ?><br />
+	<p><?php printf(__('Username: %s'), "<strong>" . wp_specialchars($user_login) . "</strong>") ?><br />
 	<?php printf(__('Password: %s'), '<strong>' . __('emailed to you') . '</strong>') ?> <br />
-	<?php printf(__('E-mail: %s'), "<strong>$user_email</strong>") ?></p>
+	<?php printf(__('E-mail: %s'), "<strong>" . wp_specialchars($user_email) . "</strong>") ?></p>
 	<p class="submit"><a href="wp-login.php"><?php _e('Login &raquo;'); ?></a></p>
 </div>
 </body>
@@ -108,8 +111,8 @@ default:
 <?php endif; ?>
 <form method="post" action="wp-register.php" id="registerform">
 	<p><input type="hidden" name="action" value="register" />
-	<label for="user_login"><?php _e('Username:') ?></label><br /> <input type="text" name="user_login" id="user_login" size="20" maxlength="20" value="<?php echo $user_login; ?>" /><br /></p>
-	<p><label for="user_email"><?php _e('E-mail:') ?></label><br /> <input type="text" name="user_email" id="user_email" size="25" maxlength="100" value="<?php echo $user_email; ?>" /></p>
+	<label for="user_login"><?php _e('Username:') ?></label><br /> <input type="text" name="user_login" id="user_login" size="20" maxlength="20" value="<?php echo wp_specialchars($user_login); ?>" /><br /></p>
+	<p><label for="user_email"><?php _e('E-mail:') ?></label><br /> <input type="text" name="user_email" id="user_email" size="25" maxlength="100" value="<?php echo wp_specialchars($user_email); ?>" /></p>
 	<p><?php _e('A password will be emailed to you.') ?></p>
 	<p class="submit"><input type="submit" value="<?php _e('Register &raquo;') ?>" id="submit" name="submit" /></p>
 </form>
diff --git a/wp-inst/wp-settings.php b/wp-inst/wp-settings.php
index c908c4d..ea85ae9 100644
--- a/wp-inst/wp-settings.php
+++ b/wp-inst/wp-settings.php
@@ -348,7 +348,6 @@ if ( get_magic_quotes_gpc() ) {
 	$_GET    = stripslashes_deep($_GET   );
 	$_POST   = stripslashes_deep($_POST  );
 	$_COOKIE = stripslashes_deep($_COOKIE);
-	$_SERVER = stripslashes_deep($_SERVER);
 }
 
 // Escape with wpdb.
diff --git a/wp-inst/wpmu-settings.php.dist b/wp-inst/wpmu-settings.php.dist
index 1dd9c1d..1e2e37e 100644
--- a/wp-inst/wpmu-settings.php.dist
+++ b/wp-inst/wpmu-settings.php.dist
@@ -4,7 +4,7 @@ if( defined( 'ABSPATH' ) == false )
 
 $base="BASE";
 
-if( isset( $_REQUEST[ 'wpblog' ] ) ) $wpblog = $_REQUEST[ 'wpblog' ];
+if( isset( $_REQUEST[ 'wpblog' ] ) ) $wpblog = addslashes( $_REQUEST[ 'wpblog' ] );
 
 if( isset( $wpblog ) == false )
 {
-- 
cgit