Wordpress 2.5.1

[autoinstalls/wordpress.git] / wp-includes / update.php

diff --git a/wp-includes/update.php b/wp-includes/update.php
index 53f79590e08e3bacb4e31fc84e9b1c3e2bdc5699..297bcbdeb3cf8308c966f4afbfa6d39bd160e466 100644 (file)
--- a/wp-includes/update.php
+++ b/wp-includes/update.php
@@ -1,7 +1,23 @@
 <?php
+/**
+ * A simple set of functions to check our version 1.0 update service
+ *
+ * @package WordPress
+ * @since 2.3
+ */
 
-// A simple set of functions to check our version 1.0 update service
-
+/**
+ * wp_version_check() - Check WordPress version against the newest version.
+ *
+ * The WordPress version, PHP version, and Locale is sent. Checks against the WordPress server at
+ * api.wordpress.org server. Will only check if PHP has fsockopen enabled and WordPress isn't installing.
+ *
+ * @package WordPress
+ * @since 2.3
+ * @uses $wp_version Used to check against the newest WordPress version.
+ *
+ * @return mixed Returns null if update is unsupported. Returns false if check is too soon.
+ */
 function wp_version_check() {
        if ( !function_exists('fsockopen') || strpos($_SERVER['PHP_SELF'], 'install.php') !== false || defined('WP_INSTALLING') )
                return;
@@ -23,7 +39,7 @@ function wp_version_check() {
        $new_option->last_checked = time(); // this gets set whether we get a response or not, so if something is down or misconfigured it won't delay the page load for more than 3 seconds, twice a day
        $new_option->version_checked = $wp_version;
 
-       $http_request  = "GET /core/version-check/1.0/?version=$wp_version&php=$php_version&locale=$locale HTTP/1.0\r\n";
+       $http_request  = "GET /core/version-check/1.1/?version=$wp_version&php=$php_version&locale=$locale HTTP/1.0\r\n";
        $http_request .= "Host: api.wordpress.org\r\n";
        $http_request .= 'Content-Type: application/x-www-form-urlencoded; charset=' . get_option('blog_charset') . "\r\n";
        $http_request .= 'User-Agent: WordPress/' . $wp_version . '; ' . get_bloginfo('url') . "\r\n";
@@ -37,14 +53,19 @@ function wp_version_check() {
                fclose( $fs );
 
                $response = explode("\r\n\r\n", $response, 2);
+               if ( !preg_match( '|HTTP/.*? 200|', $response[0] ) )
+                       return false;
+
                $body = trim( $response[1] );
                $body = str_replace(array("\r\n", "\r"), "\n", $body);
 
                $returns = explode("\n", $body);
 
-               $new_option->response = $returns[0];
+               $new_option->response = attribute_escape( $returns[0] );
                if ( isset( $returns[1] ) )
-                       $new_option->url = $returns[1];
+                       $new_option->url = clean_url( $returns[1] );
+               if ( isset( $returns[2] ) )
+                       $new_option->current = attribute_escape( $returns[2] );
        }
        update_option( 'update_core', $new_option );
 }