X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/ff81ee6e8304a1982a3ec4f5b134764a29d502cf..cc7b1505cd9fafd87c3672f669e13e98b0c544f7:/wp-admin/admin-functions.php
diff --git a/wp-admin/admin-functions.php b/wp-admin/admin-functions.php
index 6afef35b..6b9be754 100644
--- a/wp-admin/admin-functions.php
+++ b/wp-admin/admin-functions.php
@@ -361,7 +361,7 @@ function edit_user($user_id = 0) {
if (isset ($_POST['pass2']))
$pass2 = $_POST['pass2'];
- if (isset ($_POST['role'])) {
+ if (isset ($_POST['role']) && current_user_can('edit_users')) {
if($user_id != $current_user->id || $wp_roles->role_objects[$_POST['role']]->has_cap('edit_users'))
$user->role = $_POST['role'];
}
@@ -523,7 +523,7 @@ function checked($checked, $current) {
function return_categories_list($parent = 0) {
global $wpdb;
- return $wpdb->get_col("SELECT cat_ID FROM $wpdb->categories WHERE category_parent = $parent ORDER BY category_count DESC LIMIT 100");
+ return $wpdb->get_col("SELECT cat_ID FROM $wpdb->categories WHERE category_parent = $parent ORDER BY category_count DESC");
}
function sort_cats($cat1, $cat2) {
@@ -597,9 +597,9 @@ function cat_rows($parent = 0, $level = 0, $categories = 0) {
if ( current_user_can('manage_categories') ) {
$edit = "".__('Edit')."";
$default_cat_id = get_option('default_category');
-
+
if ($category->cat_ID != $default_cat_id)
- $edit .= "
cat_ID, '".sprintf(__("You are about to delete the category "%s". All of its posts will go to the default category.\\n"OK" to delete, "Cancel" to stop."), wp_specialchars($category->cat_name, 1))."' );\" class='delete'>".__('Delete')."";
+ $edit .= " | cat_ID ) . "' onclick=\"return deleteSomething( 'cat', $category->cat_ID, '" . sprintf(__("You are about to delete the category "%s". All of its posts will go to the default category.\\n"OK" to delete, "Cancel" to stop."), js_escape($category->cat_name))."' );\" class='delete'>".__('Delete')."";
else
$edit .= " | ".__("Default");
}
@@ -643,7 +643,7 @@ function page_rows($parent = 0, $level = 0, $pages = 0) {
| post_modified); ?> |
|
" . __('Edit') . ""; } ?> |
- " . __('Delete') . ""; } ?> |
+ " . __('Delete') . ""; } ?> |
'.$plugin.'';
+ $plugin = ''.$plugin.'';
}
if ('' == $author_uri[1]) {
- $author = $author_name[1];
+ $author = trim($author_name[1]);
} else {
- $author = ''.$author_name[1].'';
+ $author = '' . trim($author_name[1]) . '';
}
return array ('Name' => $name, 'Title' => $plugin, 'Description' => $description, 'Author' => $author, 'Version' => $version, 'Template' => $template[1]);
@@ -1664,45 +1673,6 @@ function wp_handle_upload(&$file, $overrides = false) {
__("Missing a temporary folder."),
__("Failed to write file to disk."));
- // Accepted MIME types are set here as PCRE. Override with $override['mimes'].
- $mimes = apply_filters('upload_mimes', array (
- 'jpg|jpeg|jpe' => 'image/jpeg',
- 'gif' => 'image/gif',
- 'png' => 'image/png',
- 'bmp' => 'image/bmp',
- 'tif|tiff' => 'image/tiff',
- 'ico' => 'image/x-icon',
- 'asf|asx|wax|wmv|wmx' => 'video/asf',
- 'avi' => 'video/avi',
- 'mov|qt' => 'video/quicktime',
- 'mpeg|mpg|mpe' => 'video/mpeg',
- 'txt|c|cc|h' => 'text/plain',
- 'rtx' => 'text/richtext',
- 'css' => 'text/css',
- 'htm|html' => 'text/html',
- 'mp3|mp4' => 'audio/mpeg',
- 'ra|ram' => 'audio/x-realaudio',
- 'wav' => 'audio/wav',
- 'ogg' => 'audio/ogg',
- 'mid|midi' => 'audio/midi',
- 'wma' => 'audio/wma',
- 'rtf' => 'application/rtf',
- 'js' => 'application/javascript',
- 'pdf' => 'application/pdf',
- 'doc' => 'application/msword',
- 'pot|pps|ppt' => 'application/vnd.ms-powerpoint',
- 'wri' => 'application/vnd.ms-write',
- 'xla|xls|xlt|xlw' => 'application/vnd.ms-excel',
- 'mdb' => 'application/vnd.ms-access',
- 'mpp' => 'application/vnd.ms-project',
- 'swf' => 'application/x-shockwave-flash',
- 'class' => 'application/java',
- 'tar' => 'application/x-tar',
- 'zip' => 'application/zip',
- 'gz|gzip' => 'application/x-gzip',
- 'exe' => 'application/x-msdownload'
- ));
-
// All tests are on by default. Most can be turned off by $override[{test_name}] = false;
$test_form = true;
$test_size = true;
@@ -1730,17 +1700,11 @@ function wp_handle_upload(&$file, $overrides = false) {
if (! @ is_uploaded_file($file['tmp_name']) )
return $upload_error_handler($file, __('Specified file failed upload test.'));
- // A correct MIME type will pass this test.
+ // A correct MIME type will pass this test. Override $mimes or use the upload_mimes filter.
if ( $test_type ) {
- $type = false;
- $ext = false;
- foreach ($mimes as $ext_preg => $mime_match) {
- $ext_preg = '![^.]\.(' . $ext_preg . ')$!i';
- if ( preg_match($ext_preg, $file['name'], $ext_matches) ) {
- $type = $mime_match;
- $ext = $ext_matches[1];
- }
- }
+ $wp_filetype = wp_check_filetype($file['name'], $mimes);
+
+ extract($wp_filetype);
if ( !$type || !$ext )
return $upload_error_handler($file, __('File type does not meet security guidelines. Try another.'));
@@ -1767,6 +1731,8 @@ function wp_handle_upload(&$file, $overrides = false) {
else
$filename = str_replace("$number$ext", ++$number . $ext, $filename);
}
+ $filename = str_replace($ext, '', $filename);
+ $filename = sanitize_title_with_dashes($filename) . $ext;
}
// Move the file to the uploads dir
@@ -1808,7 +1774,7 @@ o.action.value = 'view';
o.submit();
}
-