X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/7688c6ba71852cd89123b62b2d57683535e4702a..refs/tags/wordpress-2.9:/wp-settings.php

diff --git a/wp-settings.php b/wp-settings.php
index a930dddf..9ab9a690 100644
--- a/wp-settings.php
+++ b/wp-settings.php
@@ -1,5 +1,33 @@
 <?php
-// Turn register globals off
+/**
+ * Used to setup and fix common variables and include
+ * the WordPress procedural and class library.
+ *
+ * You should not have to change this file and allows
+ * for some configuration in wp-config.php.
+ *
+ * @package WordPress
+ */
+
+if ( !defined('WP_MEMORY_LIMIT') )
+	define('WP_MEMORY_LIMIT', '32M');
+
+if ( function_exists('memory_get_usage') && ( (int) @ini_get('memory_limit') < abs(intval(WP_MEMORY_LIMIT)) ) )
+	@ini_set('memory_limit', WP_MEMORY_LIMIT);
+
+set_magic_quotes_runtime(0);
+@ini_set('magic_quotes_sybase', 0);
+
+if ( function_exists('date_default_timezone_set') )
+	date_default_timezone_set('UTC');
+
+/**
+ * Turn register globals off.
+ *
+ * @access private
+ * @since 2.1.0
+ * @return null Will return null if register_globals PHP directive was disabled
+ */
 function wp_unregister_GLOBALS() {
 	if ( !ini_get('register_globals') )
 		return;
@@ -20,13 +48,20 @@ function wp_unregister_GLOBALS() {
 
 wp_unregister_GLOBALS();
 
-unset( $wp_filter, $cache_userdata, $cache_lastcommentmodified, $cache_lastpostdate, $cache_settings, $category_cache, $cache_categories );
+unset( $wp_filter, $cache_lastcommentmodified, $cache_lastpostdate );
 
+/**
+ * The $blog_id global, which you can change in the config allows you to create a simple
+ * multiple blog installation using just one WordPress and changing $blog_id around.
+ *
+ * @global int $blog_id
+ * @since 2.0.0
+ */
 if ( ! isset($blog_id) )
 	$blog_id = 1;
 
-// Fix for IIS, which doesn't set REQUEST_URI
-if ( empty( $_SERVER['REQUEST_URI'] ) ) {
+// Fix for IIS when running with PHP ISAPI
+if ( empty( $_SERVER['REQUEST_URI'] ) || ( php_sapi_name() != 'cgi-fcgi' && preg_match( '/^Microsoft-IIS\//', $_SERVER['SERVER_SOFTWARE'] ) ) ) {
 
 	// IIS Mod-Rewrite
 	if (isset($_SERVER['HTTP_X_ORIGINAL_URL'])) {
@@ -36,15 +71,19 @@ if ( empty( $_SERVER['REQUEST_URI'] ) ) {
 	else if (isset($_SERVER['HTTP_X_REWRITE_URL'])) {
 		$_SERVER['REQUEST_URI'] = $_SERVER['HTTP_X_REWRITE_URL'];
 	}
-	else {
-		// If root then simulate that no script-name was specified
-		if (empty($_SERVER['PATH_INFO']))
-			$_SERVER['REQUEST_URI'] = substr($_SERVER['SCRIPT_NAME'], 0, strrpos($_SERVER['SCRIPT_NAME'], '/')) . '/';
-		elseif ( $_SERVER['PATH_INFO'] == $_SERVER['SCRIPT_NAME'] )
-			// Some IIS + PHP configurations puts the script-name in the path-info (No need to append it twice)
-			$_SERVER['REQUEST_URI'] = $_SERVER['PATH_INFO'];
-		else
-			$_SERVER['REQUEST_URI'] = $_SERVER['SCRIPT_NAME'] . $_SERVER['PATH_INFO'];
+	else
+	{
+		// Use ORIG_PATH_INFO if there is no PATH_INFO
+		if ( !isset($_SERVER['PATH_INFO']) && isset($_SERVER['ORIG_PATH_INFO']) )
+			$_SERVER['PATH_INFO'] = $_SERVER['ORIG_PATH_INFO'];
+
+		// Some IIS + PHP configurations puts the script-name in the path-info (No need to append it twice)
+		if ( isset($_SERVER['PATH_INFO']) ) {
+			if ( $_SERVER['PATH_INFO'] == $_SERVER['SCRIPT_NAME'] )
+				$_SERVER['REQUEST_URI'] = $_SERVER['PATH_INFO'];
+			else
+				$_SERVER['REQUEST_URI'] = $_SERVER['SCRIPT_NAME'] . $_SERVER['PATH_INFO'];
+		}
 
 		// Append the query string if it exists and isn't null
 		if (isset($_SERVER['QUERY_STRING']) && !empty($_SERVER['QUERY_STRING'])) {
@@ -66,13 +105,56 @@ $PHP_SELF = $_SERVER['PHP_SELF'];
 if ( empty($PHP_SELF) )
 	$_SERVER['PHP_SELF'] = $PHP_SELF = preg_replace("/(\?.*)?$/",'',$_SERVER["REQUEST_URI"]);
 
-if ( version_compare( '4.2', phpversion(), '>' ) ) {
-	die( 'Your server is running PHP version ' . phpversion() . ' but WordPress requires at least 4.2.' );
+if ( version_compare( '4.3', phpversion(), '>' ) ) {
+	die( sprintf( /*WP_I18N_OLD_PHP*/'Your server is running PHP version %s but WordPress requires at least 4.3.'/*/WP_I18N_OLD_PHP*/, phpversion() ) );
 }
 
-if ( !extension_loaded('mysql') && !file_exists(ABSPATH . 'wp-content/db.php') )
-	die( 'Your PHP installation appears to be missing the MySQL which is required for WordPress.' );
+if ( !defined('WP_CONTENT_DIR') )
+	define( 'WP_CONTENT_DIR', ABSPATH . 'wp-content' ); // no trailing slash, full paths only - WP_CONTENT_URL is defined further down
+
+if ( file_exists(ABSPATH . '.maintenance') && !defined('WP_INSTALLING') ) {
+	include(ABSPATH . '.maintenance');
+	// If the $upgrading timestamp is older than 10 minutes, don't die.
+	if ( ( time() - $upgrading ) < 600 ) {
+		if ( file_exists( WP_CONTENT_DIR . '/maintenance.php' ) ) {
+			require_once( WP_CONTENT_DIR . '/maintenance.php' );
+			die();
+		}
+
+		$protocol = $_SERVER["SERVER_PROTOCOL"];
+		if ( 'HTTP/1.1' != $protocol && 'HTTP/1.0' != $protocol )
+			$protocol = 'HTTP/1.0';
+		header( "$protocol 503 Service Unavailable", true, 503 );
+		header( 'Content-Type: text/html; charset=utf-8' );
+		header( 'Retry-After: 600' );
+?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+	<title>Maintenance</title>
+
+</head>
+<body>
+	<h1>Briefly unavailable for scheduled maintenance. Check back in a minute.</h1>
+</body>
+</html>
+<?php
+		die();
+	}
+}
 
+if ( !extension_loaded('mysql') && !file_exists(WP_CONTENT_DIR . '/db.php') )
+	die( /*WP_I18N_OLD_MYSQL*/'Your PHP installation appears to be missing the MySQL extension which is required by WordPress.'/*/WP_I18N_OLD_MYSQL*/ );
+
+/**
+ * PHP 4 standard microtime start capture.
+ *
+ * @access private
+ * @since 0.71
+ * @global int $timestart Seconds and Microseconds added together from when function is called.
+ * @return bool Always returns true.
+ */
 function timer_start() {
 	global $timestart;
 	$mtime = explode(' ', microtime() );
@@ -81,6 +163,30 @@ function timer_start() {
 	return true;
 }
 
+/**
+ * Return and/or display the time from the page start to when function is called.
+ *
+ * You can get the results and print them by doing:
+ * <code>
+ * $nTimePageTookToExecute = timer_stop();
+ * echo $nTimePageTookToExecute;
+ * </code>
+ *
+ * Or instead, you can do:
+ * <code>
+ * timer_stop(1);
+ * </code>
+ * which will do what the above does. If you need the result, you can assign it to a variable, but
+ * most cases, you only need to echo it.
+ *
+ * @since 0.71
+ * @global int $timestart Seconds and Microseconds added together from when timer_start() is called
+ * @global int $timeend  Seconds and Microseconds added together from when function is called
+ *
+ * @param int $display Use '0' or null to not echo anything and 1 to echo the total time
+ * @param int $precision The amount of digits from the right of the decimal to display. Default is 3.
+ * @return float The "second.microsecond" finished time calculation
+ */
 function timer_stop($display = 0, $precision = 3) { //if called like timer_stop(1), will echo $timetotal
 	global $timestart, $timeend;
 	$mtime = microtime();
@@ -95,74 +201,145 @@ function timer_stop($display = 0, $precision = 3) { //if called like timer_stop(
 }
 timer_start();
 
-// Change to E_ALL for development/debugging
-error_reporting(E_ALL ^ E_NOTICE);
+// Add define('WP_DEBUG', true); to wp-config.php to enable display of notices during development.
+if ( defined('WP_DEBUG') && WP_DEBUG ) {
+	if ( defined('E_DEPRECATED') )
+		error_reporting(E_ALL & ~E_DEPRECATED & ~E_STRICT);
+	else
+		error_reporting(E_ALL);
+	// Add define('WP_DEBUG_DISPLAY', false); to wp-config.php to use the globally configured setting for display_errors and not force it to On
+	if ( ! defined('WP_DEBUG_DISPLAY') || WP_DEBUG_DISPLAY )
+		ini_set('display_errors', 1);
+	// Add define('WP_DEBUG_LOG', true); to enable php debug logging to WP_CONTENT_DIR/debug.log
+	if ( defined('WP_DEBUG_LOG') && WP_DEBUG_LOG ) {
+		ini_set('log_errors', 1);
+		ini_set('error_log', WP_CONTENT_DIR . '/debug.log');
+	}
+} else {
+	define('WP_DEBUG', false);
+	if ( defined('E_RECOVERABLE_ERROR') )
+		error_reporting(E_ERROR | E_WARNING | E_PARSE | E_USER_ERROR | E_USER_WARNING | E_RECOVERABLE_ERROR);
+	else
+		error_reporting(E_ERROR | E_WARNING | E_PARSE | E_USER_ERROR | E_USER_WARNING);
+}
 
 // For an advanced caching plugin to use, static because you would only want one
-if ( defined('WP_CACHE') )
-	@include ABSPATH . 'wp-content/advanced-cache.php';
-
+if ( defined('WP_CACHE') && WP_CACHE )
+	@include WP_CONTENT_DIR . '/advanced-cache.php';
+
+/**
+ * Private
+ */ 
+if ( !defined('MEDIA_TRASH') )
+	define('MEDIA_TRASH', false);
+
+/**
+ * Stores the location of the WordPress directory of functions, classes, and core content.
+ *
+ * @since 1.0.0
+ */
 define('WPINC', 'wp-includes');
 
-if ( !defined('LANGDIR') ) {
-	if ( file_exists(ABSPATH . 'wp-content/languages') && @is_dir(ABSPATH . 'wp-content/languages') )
-		define('LANGDIR', 'wp-content/languages'); // no leading slash, no trailing slash
-	else
-		define('LANGDIR', WPINC . '/languages'); // no leading slash, no trailing slash
+if ( !defined('WP_LANG_DIR') ) {
+	/**
+	 * Stores the location of the language directory. First looks for language folder in WP_CONTENT_DIR
+	 * and uses that folder if it exists. Or it uses the "languages" folder in WPINC.
+	 *
+	 * @since 2.1.0
+	 */
+	if ( file_exists(WP_CONTENT_DIR . '/languages') && @is_dir(WP_CONTENT_DIR . '/languages') ) {
+		define('WP_LANG_DIR', WP_CONTENT_DIR . '/languages'); // no leading slash, no trailing slash, full path, not relative to ABSPATH
+		if (!defined('LANGDIR')) {
+			// Old static relative path maintained for limited backwards compatibility - won't work in some cases
+			define('LANGDIR', 'wp-content/languages');
+		}
+	} else {
+		define('WP_LANG_DIR', ABSPATH . WPINC . '/languages'); // no leading slash, no trailing slash, full path, not relative to ABSPATH
+		if (!defined('LANGDIR')) {
+			// Old relative path maintained for backwards compatibility
+			define('LANGDIR', WPINC . '/languages');
+		}
+	}
 }
 
-if ( !defined('PLUGINDIR') )
-	define('PLUGINDIR', 'wp-content/plugins'); // no leading slash, no trailing slash
-
 require (ABSPATH . WPINC . '/compat.php');
 require (ABSPATH . WPINC . '/functions.php');
+require (ABSPATH . WPINC . '/classes.php');
 
-if ( file_exists(ABSPATH . 'wp-content/db.php') )
-	require_once (ABSPATH . 'wp-content/db.php');
-else
-	require_once (ABSPATH . WPINC . '/wp-db.php');
+require_wp_db();
 
 if ( !empty($wpdb->error) )
 	dead_db();
 
-// $table_prefix is deprecated as of 2.1
-$wpdb->prefix = $table_prefix;
-
-if ( preg_match('|[^a-z0-9_]|i', $wpdb->prefix) && !file_exists(ABSPATH . 'wp-content/db.php') )
-	wp_die("<strong>ERROR</strong>: <code>$table_prefix</code> in <code>wp-config.php</code> can only contain numbers, letters, and underscores.");
-
-// Table names
-$wpdb->posts          = $wpdb->prefix . 'posts';
-$wpdb->users          = $wpdb->prefix . 'users';
-$wpdb->categories     = $wpdb->prefix . 'categories';
-$wpdb->post2cat       = $wpdb->prefix . 'post2cat';
-$wpdb->comments       = $wpdb->prefix . 'comments';
-$wpdb->link2cat       = $wpdb->prefix . 'link2cat';
-$wpdb->links          = $wpdb->prefix . 'links';
-$wpdb->options        = $wpdb->prefix . 'options';
-$wpdb->postmeta       = $wpdb->prefix . 'postmeta';
-$wpdb->usermeta       = $wpdb->prefix . 'usermeta';
-$wpdb->terms          = $wpdb->prefix . 'terms';
-$wpdb->term_taxonomy  = $wpdb->prefix . 'term_taxonomy';
-$wpdb->term_relationships = $wpdb->prefix . 'term_relationships';
-
-if ( defined('CUSTOM_USER_TABLE') )
-	$wpdb->users = CUSTOM_USER_TABLE;
-if ( defined('CUSTOM_USER_META_TABLE') )
-	$wpdb->usermeta = CUSTOM_USER_META_TABLE;
-
-if ( file_exists(ABSPATH . 'wp-content/object-cache.php') )
-	require_once (ABSPATH . 'wp-content/object-cache.php');
-else
+/**
+ * Format specifiers for DB columns. Columns not listed here default to %s.
+ * @since 2.8.0
+ * @see wpdb:$field_types
+ * @see wpdb:prepare()
+ * @see wpdb:insert()
+ * @see wpdb:update()
+ */
+$wpdb->field_types = array( 'post_author' => '%d', 'post_parent' => '%d', 'menu_order' => '%d', 'term_id' => '%d', 'term_group' => '%d', 'term_taxonomy_id' => '%d',
+	'parent' => '%d', 'count' => '%d','object_id' => '%d', 'term_order' => '%d', 'ID' => '%d', 'commment_ID' => '%d', 'comment_post_ID' => '%d', 'comment_parent' => '%d',
+	'user_id' => '%d', 'link_id' => '%d', 'link_owner' => '%d', 'link_rating' => '%d', 'option_id' => '%d', 'blog_id' => '%d', 'meta_id' => '%d', 'post_id' => '%d',
+	'user_status' => '%d', 'umeta_id' => '%d', 'comment_karma' => '%d', 'comment_count' => '%d');
+
+$prefix = $wpdb->set_prefix($table_prefix);
+
+if ( is_wp_error($prefix) )
+	wp_die(/*WP_I18N_BAD_PREFIX*/'<strong>ERROR</strong>: <code>$table_prefix</code> in <code>wp-config.php</code> can only contain numbers, letters, and underscores.'/*/WP_I18N_BAD_PREFIX*/);
+
+/**
+ * Copy an object.
+ *
+ * Returns a cloned copy of an object.
+ *
+ * @since 2.7.0
+ *
+ * @param object $object The object to clone
+ * @return object The cloned object
+ */
+function wp_clone( $object ) {
+	static $can_clone;
+	if ( !isset( $can_clone ) ) {
+		$can_clone = version_compare( phpversion(), '5.0', '>=' );
+	}
+	return $can_clone ? clone( $object ) : $object;
+}
+
+/**
+ * Whether the current request is in WordPress admin Panel
+ *
+ * Does not inform on whether the user is an admin! Use capability checks to
+ * tell if the user should be accessing a section or not.
+ *
+ * @since 1.5.1
+ *
+ * @return bool True if inside WordPress administration pages.
+ */
+function is_admin() {
+	if ( defined('WP_ADMIN') )
+		return WP_ADMIN;
+	return false;
+}
+
+if ( file_exists(WP_CONTENT_DIR . '/object-cache.php') ) {
+	require_once (WP_CONTENT_DIR . '/object-cache.php');
+	$_wp_using_ext_object_cache = true;
+} else {
 	require_once (ABSPATH . WPINC . '/cache.php');
+	$_wp_using_ext_object_cache = false;
+}
 
 wp_cache_init();
+if ( function_exists('wp_cache_add_global_groups') ) {
+	wp_cache_add_global_groups(array ('users', 'userlogins', 'usermeta', 'site-transient'));
+	wp_cache_add_non_persistent_groups(array( 'comment', 'counts', 'plugins' ));
+}
 
-require (ABSPATH . WPINC . '/classes.php');
 require (ABSPATH . WPINC . '/plugin.php');
 require (ABSPATH . WPINC . '/default-filters.php');
-include_once(ABSPATH . WPINC . '/streams.php');
-include_once(ABSPATH . WPINC . '/gettext.php');
+include_once(ABSPATH . WPINC . '/pomo/mo.php');
 require_once (ABSPATH . WPINC . '/l10n.php');
 
 if ( !is_blog_installed() && (strpos($_SERVER['PHP_SELF'], 'install.php') === false && !defined('WP_INSTALLING')) ) {
@@ -174,6 +351,7 @@ if ( !is_blog_installed() && (strpos($_SERVER['PHP_SELF'], 'install.php') === fa
 		$link = preg_replace('|/[^/]+?$|', '/', $_SERVER['PHP_SELF']) . 'wp-admin/install.php';
 	require_once(ABSPATH . WPINC . '/kses.php');
 	require_once(ABSPATH . WPINC . '/pluggable.php');
+	require_once(ABSPATH . WPINC . '/formatting.php');
 	wp_redirect($link);
 	die(); // have to die here ~ Mark
 }
@@ -183,6 +361,7 @@ require (ABSPATH . WPINC . '/capabilities.php');
 require (ABSPATH . WPINC . '/query.php');
 require (ABSPATH . WPINC . '/theme.php');
 require (ABSPATH . WPINC . '/user.php');
+require (ABSPATH . WPINC . '/meta.php');
 require (ABSPATH . WPINC . '/general-template.php');
 require (ABSPATH . WPINC . '/link-template.php');
 require (ABSPATH . WPINC . '/author-template.php');
@@ -204,51 +383,243 @@ require (ABSPATH . WPINC . '/script-loader.php');
 require (ABSPATH . WPINC . '/taxonomy.php');
 require (ABSPATH . WPINC . '/update.php');
 require (ABSPATH . WPINC . '/canonical.php');
-
-if (strpos($_SERVER['PHP_SELF'], 'install.php') === false) {
-    // Used to guarantee unique hash cookies
-    $cookiehash = md5(get_option('siteurl'));
-	define('COOKIEHASH', $cookiehash);
+require (ABSPATH . WPINC . '/shortcodes.php');
+require (ABSPATH . WPINC . '/media.php');
+require (ABSPATH . WPINC . '/http.php');
+require (ABSPATH . WPINC . '/widgets.php');
+
+if ( !defined('WP_CONTENT_URL') )
+	define( 'WP_CONTENT_URL', get_option('siteurl') . '/wp-content'); // full url - WP_CONTENT_DIR is defined further up
+
+/**
+ * Allows for the plugins directory to be moved from the default location.
+ *
+ * @since 2.6.0
+ */
+if ( !defined('WP_PLUGIN_DIR') )
+	define( 'WP_PLUGIN_DIR', WP_CONTENT_DIR . '/plugins' ); // full path, no trailing slash
+
+/**
+ * Allows for the plugins directory to be moved from the default location.
+ *
+ * @since 2.6.0
+ */
+if ( !defined('WP_PLUGIN_URL') )
+	define( 'WP_PLUGIN_URL', WP_CONTENT_URL . '/plugins' ); // full url, no trailing slash
+
+/**
+ * Allows for the plugins directory to be moved from the default location.
+ *
+ * @since 2.1.0
+ */
+if ( !defined('PLUGINDIR') )
+	define( 'PLUGINDIR', 'wp-content/plugins' ); // Relative to ABSPATH.  For back compat.
+
+/**
+ * Allows for the mu-plugins directory to be moved from the default location.
+ *
+ * @since 2.8.0
+ */
+if ( !defined('WPMU_PLUGIN_DIR') )
+	define( 'WPMU_PLUGIN_DIR', WP_CONTENT_DIR . '/mu-plugins' ); // full path, no trailing slash
+
+/**
+ * Allows for the mu-plugins directory to be moved from the default location.
+ *
+ * @since 2.8.0
+ */
+if ( !defined('WPMU_PLUGIN_URL') )
+	define( 'WPMU_PLUGIN_URL', WP_CONTENT_URL . '/mu-plugins' ); // full url, no trailing slash
+
+/**
+ * Allows for the mu-plugins directory to be moved from the default location.
+ *
+ * @since 2.8.0
+ */
+if ( !defined( 'MUPLUGINDIR' ) )
+	define( 'MUPLUGINDIR', 'wp-content/mu-plugins' ); // Relative to ABSPATH.  For back compat.
+
+if ( is_dir( WPMU_PLUGIN_DIR ) ) {
+	if ( $dh = opendir( WPMU_PLUGIN_DIR ) ) {
+		while ( ( $plugin = readdir( $dh ) ) !== false ) {
+			if ( substr( $plugin, -4 ) == '.php' ) {
+				include_once( WPMU_PLUGIN_DIR . '/' . $plugin );
+			}
+		}
+	}
 }
-
+do_action('muplugins_loaded');
+
+/**
+ * Used to guarantee unique hash cookies
+ * @since 1.5
+ */
+define('COOKIEHASH', md5(get_option('siteurl')));
+
+/**
+ * Should be exactly the same as the default value of SECRET_KEY in wp-config-sample.php
+ * @since 2.5.0
+ */
+$wp_default_secret_key = 'put your unique phrase here';
+
+/**
+ * It is possible to define this in wp-config.php
+ * @since 2.0.0
+ */
 if ( !defined('USER_COOKIE') )
-	define('USER_COOKIE', 'wordpressuser_'. COOKIEHASH);
+	define('USER_COOKIE', 'wordpressuser_' . COOKIEHASH);
+
+/**
+ * It is possible to define this in wp-config.php
+ * @since 2.0.0
+ */
 if ( !defined('PASS_COOKIE') )
-	define('PASS_COOKIE', 'wordpresspass_'. COOKIEHASH);
+	define('PASS_COOKIE', 'wordpresspass_' . COOKIEHASH);
+
+/**
+ * It is possible to define this in wp-config.php
+ * @since 2.5.0
+ */
+if ( !defined('AUTH_COOKIE') )
+	define('AUTH_COOKIE', 'wordpress_' . COOKIEHASH);
+
+/**
+ * It is possible to define this in wp-config.php
+ * @since 2.6.0
+ */
+if ( !defined('SECURE_AUTH_COOKIE') )
+	define('SECURE_AUTH_COOKIE', 'wordpress_sec_' . COOKIEHASH);
+
+/**
+ * It is possible to define this in wp-config.php
+ * @since 2.6.0
+ */
+if ( !defined('LOGGED_IN_COOKIE') )
+	define('LOGGED_IN_COOKIE', 'wordpress_logged_in_' . COOKIEHASH);
+
+/**
+ * It is possible to define this in wp-config.php
+ * @since 2.3.0
+ */
 if ( !defined('TEST_COOKIE') )
 	define('TEST_COOKIE', 'wordpress_test_cookie');
+
+/**
+ * It is possible to define this in wp-config.php
+ * @since 1.2.0
+ */
 if ( !defined('COOKIEPATH') )
 	define('COOKIEPATH', preg_replace('|https?://[^/]+|i', '', get_option('home') . '/' ) );
+
+/**
+ * It is possible to define this in wp-config.php
+ * @since 1.5.0
+ */
 if ( !defined('SITECOOKIEPATH') )
 	define('SITECOOKIEPATH', preg_replace('|https?://[^/]+|i', '', get_option('siteurl') . '/' ) );
+
+/**
+ * It is possible to define this in wp-config.php
+ * @since 2.6.0
+ */
+if ( !defined('ADMIN_COOKIE_PATH') )
+	define( 'ADMIN_COOKIE_PATH', SITECOOKIEPATH . 'wp-admin' );
+
+/**
+ * It is possible to define this in wp-config.php
+ * @since 2.6.0
+ */
+if ( !defined('PLUGINS_COOKIE_PATH') )
+	define( 'PLUGINS_COOKIE_PATH', preg_replace('|https?://[^/]+|i', '', WP_PLUGIN_URL)  );
+
+/**
+ * It is possible to define this in wp-config.php
+ * @since 2.0.0
+ */
 if ( !defined('COOKIE_DOMAIN') )
 	define('COOKIE_DOMAIN', false);
 
+/**
+ * It is possible to define this in wp-config.php
+ * @since 2.6.0
+ */
+if ( !defined('FORCE_SSL_ADMIN') )
+	define('FORCE_SSL_ADMIN', false);
+force_ssl_admin(FORCE_SSL_ADMIN);
+
+/**
+ * It is possible to define this in wp-config.php
+ * @since 2.6.0
+ */
+if ( !defined('FORCE_SSL_LOGIN') )
+	define('FORCE_SSL_LOGIN', false);
+force_ssl_login(FORCE_SSL_LOGIN);
+
+/**
+ * It is possible to define this in wp-config.php
+ * @since 2.5.0
+ */
+if ( !defined( 'AUTOSAVE_INTERVAL' ) )
+	define( 'AUTOSAVE_INTERVAL', 60 );
+
+/**
+ * It is possible to define this in wp-config.php
+ * @since 2.9.0
+ */
+if ( !defined( 'EMPTY_TRASH_DAYS' ) )
+	define( 'EMPTY_TRASH_DAYS', 30 );
+
 require (ABSPATH . WPINC . '/vars.php');
 
+// make taxonomies available to plugins and themes
+// @plugin authors: warning: this gets registered again on the init hook
+create_initial_taxonomies();
+
 // Check for hacks file if the option is enabled
-if (get_option('hack_file')) {
-	if (file_exists(ABSPATH . 'my-hacks.php'))
+if ( get_option('hack_file') ) {
+	if ( file_exists(ABSPATH . 'my-hacks.php') )
 		require(ABSPATH . 'my-hacks.php');
 }
 
-if ( get_option('active_plugins') ) {
-	$current_plugins = get_option('active_plugins');
-	if ( is_array($current_plugins) ) {
-		foreach ($current_plugins as $plugin) {
-			if ('' != $plugin && file_exists(ABSPATH . PLUGINDIR . '/' . $plugin))
-				include_once(ABSPATH . PLUGINDIR . '/' . $plugin);
-		}
+$current_plugins = apply_filters( 'active_plugins', get_option( 'active_plugins' ) );
+if ( is_array($current_plugins) && !defined('WP_INSTALLING') ) {
+	foreach ( $current_plugins as $plugin ) {
+		// check the $plugin filename
+		// Validate plugin filename
+		if ( validate_file($plugin) // $plugin must validate as file
+			|| '.php' != substr($plugin, -4) // $plugin must end with '.php'
+			|| !file_exists(WP_PLUGIN_DIR . '/' . $plugin)	// $plugin must exist
+			)
+			continue;
+
+		include_once(WP_PLUGIN_DIR . '/' . $plugin);
 	}
+	unset($plugin);
 }
+unset($current_plugins);
 
 require (ABSPATH . WPINC . '/pluggable.php');
 
+/*
+ * In most cases the default internal encoding is latin1, which is of no use,
+ * since we want to use the mb_ functions for utf-8 strings
+ */
+if (function_exists('mb_internal_encoding')) {
+	if (!@mb_internal_encoding(get_option('blog_charset')))
+		mb_internal_encoding('UTF-8');
+}
+
+
 if ( defined('WP_CACHE') && function_exists('wp_cache_postload') )
 	wp_cache_postload();
 
 do_action('plugins_loaded');
 
+$default_constants = array( 'WP_POST_REVISIONS' => true );
+foreach ( $default_constants as $c => $v )
+	@define( $c, $v ); // will fail if the constant is already defined
+unset($default_constants, $c, $v);
+
 // If already slashed, strip.
 if ( get_magic_quotes_gpc() ) {
 	$_GET    = stripslashes_deep($_GET   );
@@ -262,28 +633,81 @@ $_POST   = add_magic_quotes($_POST  );
 $_COOKIE = add_magic_quotes($_COOKIE);
 $_SERVER = add_magic_quotes($_SERVER);
 
+// Force REQUEST to be GET + POST.  If SERVER, COOKIE, or ENV are needed, use those superglobals directly.
+$_REQUEST = array_merge($_GET, $_POST);
+
 do_action('sanitize_comment_cookies');
 
+/**
+ * WordPress Query object
+ * @global object $wp_the_query
+ * @since 2.0.0
+ */
 $wp_the_query =& new WP_Query();
+
+/**
+ * Holds the reference to @see $wp_the_query
+ * Use this global for WordPress queries
+ * @global object $wp_query
+ * @since 1.5.0
+ */
 $wp_query     =& $wp_the_query;
+
+/**
+ * Holds the WordPress Rewrite object for creating pretty URLs
+ * @global object $wp_rewrite
+ * @since 1.5.0
+ */
 $wp_rewrite   =& new WP_Rewrite();
+
+/**
+ * WordPress Object
+ * @global object $wp
+ * @since 2.0.0
+ */
 $wp           =& new WP();
 
-validate_current_theme();
+/**
+ * WordPress Widget Factory Object
+ * @global object $wp_widget_factory
+ * @since 2.8.0
+ */
+$wp_widget_factory =& new WP_Widget_Factory();
+
+do_action('setup_theme');
+
+/**
+ * Web Path to the current active template directory
+ * @since 1.5.0
+ */
 define('TEMPLATEPATH', get_template_directory());
+
+/**
+ * Web Path to the current active template stylesheet directory
+ * @since 2.1.0
+ */
 define('STYLESHEETPATH', get_stylesheet_directory());
 
 // Load the default text localization domain.
 load_default_textdomain();
 
+/**
+ * The locale of the blog
+ * @since 1.5.0
+ */
 $locale = get_locale();
-$locale_file = ABSPATH . LANGDIR . "/$locale.php";
+$locale_file = WP_LANG_DIR . "/$locale.php";
 if ( is_readable($locale_file) )
 	require_once($locale_file);
 
 // Pull in locale data after loading text domain.
 require_once(ABSPATH . WPINC . '/locale.php');
 
+/**
+ * WordPress Locale object for loading locale domain date and various strings.
+ * @global object $wp_locale
+ * @since 2.1.0
+ */
 $wp_locale =& new WP_Locale();
 
 // Load functions for active theme.
@@ -292,12 +716,23 @@ if ( TEMPLATEPATH !== STYLESHEETPATH && file_exists(STYLESHEETPATH . '/functions
 if ( file_exists(TEMPLATEPATH . '/functions.php') )
 	include(TEMPLATEPATH . '/functions.php');
 
+// Load in support for template functions which the theme supports
+require_if_theme_supports( 'post-thumbnails', ABSPATH . WPINC . '/post-thumbnail-template.php' );
+
+/**
+ * Runs just before PHP shuts down execution.
+ *
+ * @access private
+ * @since 1.2.0
+ */
 function shutdown_action_hook() {
 	do_action('shutdown');
 	wp_cache_close();
 }
 register_shutdown_function('shutdown_action_hook');
 
+$wp->init();  // Sets up current user.
+
 // Everything is loaded and initialized.
 do_action('init');