<body>
<h1 id="logo">
<a href="http://wordpress.org/"><img alt="WordPress" src="wp-admin/images/wordpress-logo.png" width="250" height="68" /></a>
- <br /> Version 3.1.3
+ <br /> Version 3.1.4
</h1>
<p style="text-align: center">Semantic Personal Publishing Platform</p>
'post_content' => $url,
'post_mime_type' => $type,
'guid' => $url,
- 'context' => 'custom-header');
+ 'context' => 'custom-header'
+ );
// Save the data
$id = wp_insert_attachment($object, $file);
function WP_User_Search ($search_term = '', $page = '', $role = '') {
_deprecated_function( __FUNCTION__, '3.1', 'WP_User_Query' );
- $this->search_term = $search_term;
+ $this->search_term = stripslashes( $search_term );
$this->raw_page = ( '' == $page ) ? false : (int) $page;
$this->page = (int) ( '' == $page ) ? 1 : $page;
$this->role = $role;
$searches = array();
$search_sql = 'AND (';
foreach ( array('user_login', 'user_nicename', 'user_email', 'user_url', 'display_name') as $col )
- $searches[] = $col . " LIKE '%$this->search_term%'";
+ $searches[] = $wpdb->prepare( $col . ' LIKE %s', '%' . like_escape($this->search_term) . '%' );
$search_sql .= implode(' OR ', $searches);
$search_sql .= ')';
}
'post_content' => $content,
), $post_data );
+ // This should never be set as it would then overwrite an existing attachment.
+ if ( isset( $attachment['ID'] ) )
+ unset( $attachment['ID'] );
+
// Save the data
$id = wp_insert_attachment($attachment, $file, $post_id);
if ( !is_wp_error($id) ) {
'post_content' => $content,
), $post_data );
+ // This should never be set as it would then overwrite an existing attachment.
+ if ( isset( $attachment['ID'] ) )
+ unset( $attachment['ID'] );
+
// Save the attachment metadata
$id = wp_insert_attachment($attachment, $file, $post_id);
if ( !is_wp_error($id) )
if ( !empty($_POST['attachments']) ) foreach ( $_POST['attachments'] as $attachment_id => $attachment ) {
$post = $_post = get_post($attachment_id, ARRAY_A);
+ $post_type_object = get_post_type_object( $post[ 'post_type' ] );
+
+ if ( !current_user_can( $post_type_object->cap->edit_post, $attachment_id ) )
+ continue;
+
if ( isset($attachment['post_content']) )
$post['post_content'] = $attachment['post_content'];
if ( isset($attachment['post_title']) )
if ( empty($post_data) )
$post_data = &$_POST;
+ // Clear out any data in internal vars.
+ unset( $post_data['filter'] );
+
$post_ID = (int) $post_data['post_ID'];
$post = get_post( $post_ID );
$post_data['post_type'] = $post->post_type;
continue;
}
- $tax_names = get_object_taxonomies( get_post($post_ID) );
+ $post = get_post( $post_ID );
+ $tax_names = get_object_taxonomies( $post );
foreach ( $tax_names as $tax_name ) {
$taxonomy_obj = get_taxonomy($tax_name);
if ( isset( $tax_input[$tax_name]) && current_user_can( $taxonomy_obj->cap->assign_terms ) )
unset( $post_data['tax_input']['category'] );
}
+ $post_data['post_mime_type'] = $post->post_mime_type;
+ $post_data['guid'] = $post->guid;
+
$post_data['ID'] = $post_ID;
$updated[] = wp_update_post( $post_data );
$_POST['post_mime_type'] = '';
+ // Clear out any data in internal vars.
+ unset( $_POST['filter'] );
+
// Check for autosave collisions
// Does this need to be updated? ~ Mark
$temp_id = false;
}
}
+ // Edit don't write if we have a post id.
+ if ( isset( $_POST['ID'] ) ) {
+ $_POST['post_ID'] = $_POST['ID'];
+ unset ( $_POST['ID'] );
+ }
+ if ( isset( $_POST['post_ID'] ) ) {
+ return edit_post();
+ }
+
$translated = _wp_translate_postdata( false );
if ( is_wp_error($translated) )
return $translated;
$q['cat'] = isset( $q['cat'] ) ? (int) $q['cat'] : 0;
$q['post_type'] = 'attachment';
$post_type = get_post_type_object( 'attachment' );
- $states = array( 'inherit' );
+ $states = 'inherit';
if ( current_user_can( $post_type->cap->read_private_posts ) )
- $states[] = 'private';
+ $states .= ',private';
$q['post_status'] = isset( $q['status'] ) && 'trash' == $q['status'] ? 'trash' : $states;
$media_per_page = (int) get_user_option( 'upload_per_page' );
$mysql_version = $wpdb->db_version();
$required_php_version = '4.3';
$required_mysql_version = '4.1.2';
- $wp_version = '3.1.3';
+ $wp_version = '3.1.4';
$php_compat = version_compare( $php_version, $required_php_version, '>=' );
$mysql_compat = version_compare( $mysql_version, $required_mysql_version, '>=' ) || file_exists( WP_CONTENT_DIR . '/db.php' );
}
}
- $(document).ready( function() {
+ $(document).ready(function() {
$('#pass1').val('').keyup( check_pass_strength );
$('#pass2').val('').keyup( check_pass_strength );
$('#pass-strength-result').show();
- $('.color-palette').click(function(){$(this).siblings('input[name=admin_color]').attr('checked', 'checked')});
- $('#nickname').blur(function(){
- var str = $(this).val() || $('#user_login').val();
- var select = $('#display_name');
- var sel = select.children('option:selected').attr('id');
- select.children('#display_nickname').remove();
- if ( ! select.children('option[value=' + str + ']').length )
- select.append('<option id="display_nickname" value="' + str + '">' + str + '</option>');
- $('#'+sel).attr('selected', 'selected');
- });
- $('#first_name, #last_name').blur(function(){
- var select = $('#display_name');
- var first = $('#first_name').val(), last = $('#last_name').val();
- var sel = select.children('option:selected').attr('id');
- $('#display_firstname, #display_lastname, #display_firstlast, #display_lastfirst').remove();
- if ( first && ! select.children('option[value=' + first + ']').length )
- select.append('<option id="display_firstname" value="' + first + '">' + first + '</option>');
- if ( last && ! select.children('option[value=' + last + ']').length )
- select.append('<option id="display_lastname" value="' + last + '">' + last + '</option>');
- if ( first && last ) {
- if ( ! select.children('option[value=' + first + ' ' + last + ']').length )
- select.append('<option id="display_firstlast" value="' + first + ' ' + last + '">' + first + ' ' + last + '</option>');
- if ( ! select.children('option[value=' + last + ' ' + first + ']').length )
- select.append('<option id="display_lastfirst" value="' + last + ' ' + first + '">' + last + ' ' + first + '</option>');
+ $('.color-palette').click(function(){$(this).siblings('input[name="admin_color"]').prop('checked', true)});
+ $('#first_name, #last_name, #nickname').blur(function(){
+ var select = $('#display_name'), current = select.find('option:selected').attr('id'), dub = [],
+ inputs = {
+ display_nickname : $('#nickname').val(),
+ display_username : $('#user_login').val(),
+ display_firstname : $('#first_name').val(),
+ display_lastname : $('#last_name').val()
+ };
+
+ if ( inputs.display_firstname && inputs.display_lastname ) {
+ inputs['display_firstlast'] = inputs.display_firstname + ' ' + inputs.display_lastname;
+ inputs['display_lastfirst'] = inputs.display_lastname + ' ' + inputs.display_firstname;
}
- $('#'+sel).attr('selected', 'selected');
+
+ $('option', select).remove();
+ $.each(inputs, function( id, value ) {
+ var val = value.replace(/<\/?[a-z][^>]*>/gi, '');
+
+ if ( inputs[id].length && $.inArray( val, dub ) == -1 ) {
+ dub.push(val);
+ $('<option />', {
+ 'id': id,
+ 'text': val,
+ 'selected': (id == current)
+ }).appendTo( select );
+ }
+ });
});
- });
+ });
})(jQuery);
-(function(a){function b(){var e=a("#pass1").val(),d=a("#user_login").val(),c=a("#pass2").val(),f;a("#pass-strength-result").removeClass("short bad good strong");if(!e){a("#pass-strength-result").html(pwsL10n.empty);return}f=passwordStrength(e,d,c);switch(f){case 2:a("#pass-strength-result").addClass("bad").html(pwsL10n.bad);break;case 3:a("#pass-strength-result").addClass("good").html(pwsL10n.good);break;case 4:a("#pass-strength-result").addClass("strong").html(pwsL10n.strong);break;case 5:a("#pass-strength-result").addClass("short").html(pwsL10n.mismatch);break;default:a("#pass-strength-result").addClass("short").html(pwsL10n["short"])}}a(document).ready(function(){a("#pass1").val("").keyup(b);a("#pass2").val("").keyup(b);a("#pass-strength-result").show();a(".color-palette").click(function(){a(this).siblings("input[name=admin_color]").attr("checked","checked")});a("#nickname").blur(function(){var e=a(this).val()||a("#user_login").val();var c=a("#display_name");var d=c.children("option:selected").attr("id");c.children("#display_nickname").remove();if(!c.children("option[value="+e+"]").length){c.append('<option id="display_nickname" value="'+e+'">'+e+"</option>")}a("#"+d).attr("selected","selected")});a("#first_name, #last_name").blur(function(){var c=a("#display_name");var f=a("#first_name").val(),d=a("#last_name").val();var e=c.children("option:selected").attr("id");a("#display_firstname, #display_lastname, #display_firstlast, #display_lastfirst").remove();if(f&&!c.children("option[value="+f+"]").length){c.append('<option id="display_firstname" value="'+f+'">'+f+"</option>")}if(d&&!c.children("option[value="+d+"]").length){c.append('<option id="display_lastname" value="'+d+'">'+d+"</option>")}if(f&&d){if(!c.children("option[value="+f+" "+d+"]").length){c.append('<option id="display_firstlast" value="'+f+" "+d+'">'+f+" "+d+"</option>")}if(!c.children("option[value="+d+" "+f+"]").length){c.append('<option id="display_lastfirst" value="'+d+" "+f+'">'+d+" "+f+"</option>")}}a("#"+e).attr("selected","selected")})})})(jQuery);
\ No newline at end of file
+(function(a){function b(){var e=a("#pass1").val(),d=a("#user_login").val(),c=a("#pass2").val(),f;a("#pass-strength-result").removeClass("short bad good strong");if(!e){a("#pass-strength-result").html(pwsL10n.empty);return}f=passwordStrength(e,d,c);switch(f){case 2:a("#pass-strength-result").addClass("bad").html(pwsL10n.bad);break;case 3:a("#pass-strength-result").addClass("good").html(pwsL10n.good);break;case 4:a("#pass-strength-result").addClass("strong").html(pwsL10n.strong);break;case 5:a("#pass-strength-result").addClass("short").html(pwsL10n.mismatch);break;default:a("#pass-strength-result").addClass("short").html(pwsL10n["short"])}}a(document).ready(function(){a("#pass1").val("").keyup(b);a("#pass2").val("").keyup(b);a("#pass-strength-result").show();a(".color-palette").click(function(){a(this).siblings('input[name="admin_color"]').prop("checked",true)});a("#first_name, #last_name, #nickname").blur(function(){var c=a("#display_name"),e=c.find("option:selected").attr("id"),f=[],d={display_nickname:a("#nickname").val(),display_username:a("#user_login").val(),display_firstname:a("#first_name").val(),display_lastname:a("#last_name").val()};if(d.display_firstname&&d.display_lastname){d.display_firstlast=d.display_firstname+" "+d.display_lastname;d.display_lastfirst=d.display_lastname+" "+d.display_firstname}a("option",c).remove();a.each(d,function(i,g){var h=g.replace(/<\/?[a-z][^>]*>/gi,"");if(d[i].length&&a.inArray(h,f)==-1){f.push(h);a("<option />",{id:i,text:h,selected:(i==e)}).appendTo(c)}})})})})(jQuery);
\ No newline at end of file
$new_admin_email = get_option( 'new_admin_email' );
if ( $new_admin_email && $new_admin_email != get_option('admin_email') ) : ?>
<div class="updated inline">
-<p><?php printf( __('There is a pending change of the admin e-mail to <code>%1$s</code>. <a href="%2$s">Cancel</a>'), $new_admin_email, esc_url( admin_url( 'options.php?dismiss=new_admin_email' ) ) ); ?></p>
+<p><?php printf( __('There is a pending change of the admin e-mail to <code>%1$s</code>. <a href="%2$s">Cancel</a>'), esc_html( $new_admin_email ), esc_url( admin_url( 'options.php?dismiss=new_admin_email' ) ) ); ?></p>
</div>
<?php endif; ?>
</td>
msgstr ""
"Project-Id-Version: Twenty Ten 1.2\n"
"Report-Msgid-Bugs-To: http://wordpress.org/tag/twentyten\n"
-"POT-Creation-Date: 2011-02-22 08:27:35+00:00\n"
+"POT-Creation-Date: 2011-06-13 13:27:47+00:00\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
msgid "Return to %s"
msgstr ""
+#. translators: %s - title of parent post
#: loop-attachment.php:23
msgid "<span class=\"meta-nav\">←</span> %s"
msgstr ""
msgid "Primary Navigation"
msgstr ""
+#. translators: header image description
#: functions.php:140
msgid "Berries"
msgstr ""
+#. translators: header image description
#: functions.php:146
msgid "Cherry Blossoms"
msgstr ""
+#. translators: header image description
#: functions.php:152
msgid "Concave"
msgstr ""
+#. translators: header image description
#: functions.php:158
msgid "Fern"
msgstr ""
+#. translators: header image description
#: functions.php:164
msgid "Forest Floor"
msgstr ""
+#. translators: header image description
#: functions.php:170
msgid "Inkwell"
msgstr ""
+#. translators: header image description
#: functions.php:176
msgid "Path"
msgstr ""
+#. translators: header image description
#: functions.php:182
msgid "Sunset"
msgstr ""
msgid "Your comment is awaiting moderation."
msgstr ""
+#. translators: 1: date, 2: time
#: functions.php:340
msgid "%1$s at %2$s"
msgstr ""
$orderby = strtolower($orderby);
$length = '';
- switch ($orderby) {
+ switch ( $orderby ) {
case 'length':
$length = ", CHAR_LENGTH(link_name) AS length";
break;
case 'rand':
$orderby = 'rand()';
break;
+ case 'link_id':
+ $orderby = "$wpdb->links.link_id";
+ break;
default:
$orderparams = array();
- foreach ( explode(',', $orderby) as $ordparam )
- $orderparams[] = 'link_' . trim($ordparam);
+ foreach ( explode(',', $orderby) as $ordparam ) {
+ $ordparam = trim($ordparam);
+ if ( in_array( $ordparam, array( 'name', 'url', 'visible', 'rating', 'owner', 'updated' ) ) )
+ $orderparams[] = 'link_' . $ordparam;
+ }
$orderby = implode(',', $orderparams);
}
- if ( 'link_id' == $orderby )
- $orderby = "$wpdb->links.link_id";
+ if ( empty( $orderby ) )
+ $orderby = 'link_name';
+
+ $order = strtoupper( $order );
+ if ( '' !== $order && !in_array( $order, array( 'ASC', 'DESC' ) ) )
+ $order = 'ASC';
$visible = '';
if ( $hide_invisible )
add_settings_error('admin_email', 'invalid_admin_email', __('The email address entered did not appear to be a valid email address. Please enter a valid email address.'));
}
break;
-
+ case 'new_admin_email':
+ $value = sanitize_email($value);
+ if ( !is_email($value) ) {
+ $value = get_option( $option ); // Resets option to stored value in the case of failed sanitization
+ if ( function_exists('add_settings_error') )
+ add_settings_error('new_admin_email', 'invalid_admin_email', __('The email address entered did not appear to be a valid email address. Please enter a valid email address.'));
+ }
+ break;
case 'thumbnail_size_w':
case 'thumbnail_size_h':
case 'medium_size_w':
add_settings_error('home', 'invalid_home', __('The Site address you entered did not appear to be a valid URL. Please enter a valid URL.'));
}
break;
+ case 'WPLANG':
+ $allowed = get_available_languages();
+ if ( ! in_array( $value, $allowed ) && ! empty( $value ) )
+ $value = get_option( $option );
+ break;
default :
$value = apply_filters("sanitize_option_{$option}", $value, $option);
* @return string Sanitized mime type
*/
function sanitize_mime_type( $mime_type ) {
- $sani_mime_type = preg_replace( '/[^-*.a-zA-Z0-9\/]/', '', $mime_type );
+ $sani_mime_type = preg_replace( '/[^-+*.a-zA-Z0-9\/]/', '', $mime_type );
return apply_filters( 'sanitize_mime_type', $sani_mime_type, $mime_type );
}
'post_content' => '', 'post_title' => '');
$postarr = wp_parse_args($postarr, $defaults);
+
+ unset( $postarr[ 'filter' ] );
+
$postarr = sanitize_post($postarr, 'db');
// export array as variables
$where_post_type = $wpdb->prepare( "post_type = '%s' AND post_status = '%s'", $post_type, $post_status );
+ $orderby_array = array();
+ $allowed_keys = array('author', 'post_author', 'date', 'post_date', 'title', 'post_title', 'modified',
+ 'post_modified', 'modified_gmt', 'post_modified_gmt', 'menu_order', 'parent', 'post_parent',
+ 'ID', 'rand', 'comment_count');
+ foreach ( explode( ',', $sort_column ) as $orderby ) {
+ $orderby = trim( $orderby );
+ if ( !in_array( $orderby, $allowed_keys ) )
+ continue;
+
+ switch ( $orderby ) {
+ case 'menu_order':
+ break;
+ case 'ID':
+ $orderby = "$wpdb->posts.ID";
+ break;
+ case 'rand':
+ $orderby = 'RAND()';
+ break;
+ case 'comment_count':
+ $orderby = "$wpdb->posts.comment_count";
+ break;
+ default:
+ if ( 0 === strpos( $orderby, 'post_' ) )
+ $orderby = "$wpdb->posts." . $orderby;
+ else
+ $orderby = "$wpdb->posts.post_" . $orderby;
+ }
+
+ $orderby_array[] = $orderby;
+
+ }
+ $sort_column = ! empty( $orderby_array ) ? implode( ',', $orderby_array ) : "$wpdb->posts.post_title";
+
+ $sort_order = strtoupper( $sort_order );
+ if ( '' !== $sort_order && !in_array( $sort_order, array( 'ASC', 'DESC' ) ) )
+ $sort_order = 'ASC';
+
$query = "SELECT * FROM $wpdb->posts $join WHERE ($where_post_type) $where ";
$query .= $author_query;
$query .= " ORDER BY " . $sort_column . " " . $sort_order ;
if ( !empty($parent) )
$object['post_parent'] = $parent;
+ unset( $object[ 'filter' ] );
+
$object = sanitize_post($object, 'db');
// export array as variables
$qv['post_type'] = sanitize_key($qv['post_type']);
}
- if ( !empty($qv['post_status']) )
- $qv['post_status'] = preg_replace('|[^a-z0-9_,-]|', '', $qv['post_status']);
+ if ( ! empty( $qv['post_status'] ) ) {
+ if ( is_array( $qv['post_status'] ) )
+ $qv['post_status'] = array_map('sanitize_key', $qv['post_status']);
+ else
+ $qv['post_status'] = preg_replace('|[^a-z0-9_,-]|', '', $qv['post_status']);
+ }
if ( $this->is_posts_page && ( ! isset($qv['withcomments']) || ! $qv['withcomments'] ) )
$this->is_comment_feed = false;
$read_private_cap = 'read_private_' . $post_type_cap . 's';
}
- if ( isset($q['post_status']) && '' != $q['post_status'] ) {
+ if ( ! empty( $q['post_status'] ) ) {
$statuswheres = array();
- $q_status = explode(',', $q['post_status']);
+ $q_status = $q['post_status'];
+ if ( ! is_array( $q_status ) )
+ $q_status = explode(',', $q_status);
$r_status = array();
$p_status = array();
$e_status = array();
- if ( $q['post_status'] == 'any' ) {
+ if ( in_array('any', $q_status) ) {
foreach ( get_post_stati( array('exclude_from_search' => true) ) as $status )
$e_status[] = "$wpdb->posts.post_status <> '$status'";
} else {
'l10n_print_after' => 'try{convertEntities(pwsL10n);}catch(e){};'
) );
- $scripts->add( 'user-profile', "/wp-admin/js/user-profile$suffix.js", array( 'jquery', 'password-strength-meter' ), '20110113' );
+ $scripts->add( 'user-profile', "/wp-admin/js/user-profile$suffix.js", array( 'jquery', 'password-strength-meter' ), '20110628' );
$scripts->add_data( 'user-profile', 'group', 1 );
$scripts->add( 'admin-bar', "/wp-includes/js/admin-bar$suffix.js", false, '20110131' );
$orderby = '';
elseif ( empty($_orderby) || 'id' == $_orderby )
$orderby = 't.term_id';
+ else
+ $orderby = 't.name';
$orderby = apply_filters( 'get_terms_orderby', $orderby, $args );
else
$order = '';
+ $order = strtoupper( $order );
+ if ( '' !== $order && !in_array( $order, array( 'ASC', 'DESC' ) ) )
+ $order = 'ASC';
+
$where = "tt.taxonomy IN ('" . implode("', '", $taxonomies) . "')";
$inclusions = '';
if ( !empty($include) ) {
*
* @global string $wp_version
*/
-$wp_version = '3.1.3';
+$wp_version = '3.1.4';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
if ( is_multisite() ) {
if ( null === $blog_id )
$blog_id = $this->blogid;
+ $blog_id = (int) $blog_id;
if ( defined( 'MULTISITE' ) && ( 0 == $blog_id || 1 == $blog_id ) )
return $this->base_prefix;
else
// Find the blog locale.
$locale = get_locale();
$locale_file = WP_LANG_DIR . "/$locale.php";
-if ( is_readable( $locale_file ) )
+if ( ( 0 === validate_file( $locale ) ) && is_readable( $locale_file ) )
require( $locale_file );
unset($locale_file);