require_once( dirname( dirname( __FILE__ ) ) . '/wp-load.php' );
/** Load WordPress Administration Upgrade API */
-require_once( dirname( __FILE__ ) . '/includes/upgrade.php' );
+require_once( ABSPATH . 'wp-admin/includes/upgrade.php' );
/** Load wpdb */
-require_once(dirname(dirname(__FILE__)) . '/wp-includes/wp-db.php');
+require_once( ABSPATH . 'wp-includes/wp-db.php' );
$step = isset( $_GET['step'] ) ? (int) $_GET['step'] : 0;
?>
</head>
<body class="wp-core-ui<?php if ( is_rtl() ) echo ' rtl'; ?>">
-<h1 id="logo"><a href="<?php esc_attr_e( 'http://wordpress.org/' ); ?>"><?php _e( 'WordPress' ); ?></a></h1>
+<h1 id="logo"><a href="<?php echo esc_url( __( 'http://wordpress.org/' ) ); ?>"><?php _e( 'WordPress' ); ?></a></h1>
<?php
} // end display_header()
if ( ! empty( $_POST ) )
$blog_public = isset( $_POST['blog_public'] );
- $weblog_title = isset( $_POST['weblog_title'] ) ? trim( stripslashes( $_POST['weblog_title'] ) ) : '';
- $user_name = isset($_POST['user_name']) ? trim( stripslashes( $_POST['user_name'] ) ) : 'admin';
- $admin_password = isset($_POST['admin_password']) ? trim( stripslashes( $_POST['admin_password'] ) ) : '';
- $admin_email = isset( $_POST['admin_email'] ) ? trim( stripslashes( $_POST['admin_email'] ) ) : '';
+ $weblog_title = isset( $_POST['weblog_title'] ) ? trim( wp_unslash( $_POST['weblog_title'] ) ) : '';
+ $user_name = isset($_POST['user_name']) ? trim( wp_unslash( $_POST['user_name'] ) ) : '';
+ $admin_password = isset($_POST['admin_password']) ? trim( wp_unslash( $_POST['admin_password'] ) ) : '';
+ $admin_email = isset( $_POST['admin_email'] ) ? trim( wp_unslash( $_POST['admin_email'] ) ) : '';
if ( ! is_null( $error ) ) {
?>
-<p class="message"><?php printf( __( '<strong>ERROR</strong>: %s' ), $error ); ?></p>
+<p class="message"><?php echo $error; ?></p>
<?php } ?>
<form id="setup" method="post" action="install.php?step=2">
<table class="form-table">
<td><input name="weblog_title" type="text" id="weblog_title" size="25" value="<?php echo esc_attr( $weblog_title ); ?>" /></td>
</tr>
<tr>
- <th scope="row"><label for="user_name"><?php _e('Username'); ?></label></th>
+ <th scope="row"><label for="user_login"><?php _e('Username'); ?></label></th>
<td>
<?php
if ( $user_table ) {
display_header();
// Fill in the data we gathered
- $weblog_title = isset( $_POST['weblog_title'] ) ? trim( stripslashes( $_POST['weblog_title'] ) ) : '';
- $user_name = isset($_POST['user_name']) ? trim( stripslashes( $_POST['user_name'] ) ) : 'admin';
- $admin_password = isset($_POST['admin_password']) ? $_POST['admin_password'] : '';
- $admin_password_check = isset($_POST['admin_password2']) ? $_POST['admin_password2'] : '';
- $admin_email = isset( $_POST['admin_email'] ) ?trim( stripslashes( $_POST['admin_email'] ) ) : '';
+ $weblog_title = isset( $_POST['weblog_title'] ) ? trim( wp_unslash( $_POST['weblog_title'] ) ) : '';
+ $user_name = isset($_POST['user_name']) ? trim( wp_unslash( $_POST['user_name'] ) ) : '';
+ $admin_password = isset($_POST['admin_password']) ? wp_unslash( $_POST['admin_password'] ) : '';
+ $admin_password_check = isset($_POST['admin_password2']) ? wp_unslash( $_POST['admin_password2'] ) : '';
+ $admin_email = isset( $_POST['admin_email'] ) ?trim( wp_unslash( $_POST['admin_email'] ) ) : '';
$public = isset( $_POST['blog_public'] ) ? (int) $_POST['blog_public'] : 0;
// check e-mail address
$error = false;
if ( empty( $user_name ) ) {
// TODO: poka-yoke
- display_setup_form( __('you must provide a valid username.') );
+ display_setup_form( __( 'Please provide a valid username.' ) );
$error = true;
} elseif ( $user_name != sanitize_user( $user_name, true ) ) {
- display_setup_form( __('the username you provided has invalid characters.') );
+ display_setup_form( __( 'The username you provided has invalid characters.' ) );
$error = true;
} elseif ( $admin_password != $admin_password_check ) {
// TODO: poka-yoke
- display_setup_form( __( 'your passwords do not match. Please try again' ) );
+ display_setup_form( __( 'Your passwords do not match. Please try again.' ) );
$error = true;
} else if ( empty( $admin_email ) ) {
// TODO: poka-yoke
- display_setup_form( __( 'you must provide an e-mail address.' ) );
+ display_setup_form( __( 'You must provide an email address.' ) );
$error = true;
} elseif ( ! is_email( $admin_email ) ) {
// TODO: poka-yoke
- display_setup_form( __( 'that isn’t a valid e-mail address. E-mail addresses look like: <code>username@example.com</code>' ) );
+ display_setup_form( __( 'Sorry, that isn’t a valid email address. Email addresses look like <code>username@example.com</code>.' ) );
$error = true;
}
scripts.mit.edu / autoinstalls / wordpress.git / blobdiff