From: Edward Z. Yang <ezyang@cs.stanford.edu>
Date: Fri, 11 Apr 2014 01:04:30 +0000 (-0700)
Subject: WordPress 3.8.2
X-Git-Tag: wordpress-3.8.2
X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/commitdiff_plain/refs/tags/wordpress-3.8.2?hp=78ff9d91a14da1f53bd3f1ffcab1264d92359b72

WordPress 3.8.2

Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>
---

diff --git a/readme.html b/readme.html
index ac85e53c..35172352 100644
--- a/readme.html
+++ b/readme.html
@@ -9,7 +9,7 @@
 <body>
 <h1 id="logo">
 	<a href="http://wordpress.org/"><img alt="WordPress" src="wp-admin/images/wordpress-logo.png" /></a>
-	<br /> Version 3.8.1
+	<br /> Version 3.8.2
 </h1>
 <p style="text-align: center">Semantic Personal Publishing Platform</p>
 
diff --git a/wp-admin/about.php b/wp-admin/about.php
index 86018503..aa8a1069 100644
--- a/wp-admin/about.php
+++ b/wp-admin/about.php
@@ -39,7 +39,11 @@ include( ABSPATH . 'wp-admin/admin-header.php' );
 </h2>
 
 <div class="changelog point-releases">
-	<h3><?php echo _n( 'Maintenance Release', 'Maintenance Releases', 1 ); ?></h3>
+	<h3><?php echo _n( 'Maintenance and Security Release', 'Maintenance and Security Releases', 2 ); ?></h3>
+	<p><?php printf( _n( '<strong>Version %1$s</strong> addressed some security issues and fixed %2$s bug.',
+         '<strong>Version %1$s</strong> addressed some security issues and fixed %2$s bugs.', 9 ), '3.8.2', number_format_i18n( 9 ) ); ?>
+		<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'http://codex.wordpress.org/Version_3.8.2' ); ?>
+ 	</p>
 	<p><?php printf( _n( '<strong>Version %1$s</strong> addressed %2$s bug.',
 		'<strong>Version %1$s</strong> addressed %2$s bugs.', 31 ), '3.8.1', number_format_i18n( 31 ) ); ?>
 		<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'http://codex.wordpress.org/Version_3.8.1' ); ?>
diff --git a/wp-admin/includes/class-wp-posts-list-table.php b/wp-admin/includes/class-wp-posts-list-table.php
index 24536187..50054111 100644
--- a/wp-admin/includes/class-wp-posts-list-table.php
+++ b/wp-admin/includes/class-wp-posts-list-table.php
@@ -839,7 +839,7 @@ class WP_Posts_List_Table extends WP_List_Table {
 	<?php if ( !$bulk ) echo $authors_dropdown;
 	endif; // post_type_supports author
 
-	if ( !$bulk ) :
+	if ( !$bulk && $can_publish ) :
 	?>
 
 			<div class="inline-edit-group">
diff --git a/wp-admin/includes/class-wp-upgrader.php b/wp-admin/includes/class-wp-upgrader.php
index 1d35c248..af00d4ae 100644
--- a/wp-admin/includes/class-wp-upgrader.php
+++ b/wp-admin/includes/class-wp-upgrader.php
@@ -1871,18 +1871,21 @@ class WP_Automatic_Updater {
 		if ( ! $this->should_update( $type, $item, $context ) )
 			return false;
 
+		$upgrader_item = $item;
 		switch ( $type ) {
 			case 'core':
 				$skin->feedback( __( 'Updating to WordPress %s' ), $item->version );
 				$item_name = sprintf( __( 'WordPress %s' ), $item->version );
 				break;
 			case 'theme':
-				$theme = wp_get_theme( $item );
+				$upgrader_item = $item->theme;
+				$theme = wp_get_theme( $upgrader_item );
 				$item_name = $theme->Get( 'Name' );
 				$skin->feedback( __( 'Updating theme: %s' ), $item_name );
 				break;
 			case 'plugin':
-				$plugin_data = get_plugin_data( $context . '/' . $item );
+				$upgrader_item = $item->plugin;
+				$plugin_data = get_plugin_data( $context . '/' . $upgrader_item );
 				$item_name = $plugin_data['Name'];
 				$skin->feedback( __( 'Updating plugin: %s' ), $item_name );
 				break;
@@ -1894,7 +1897,7 @@ class WP_Automatic_Updater {
 		}
 
 		// Boom, This sites about to get a whole new splash of paint!
-		$upgrade_result = $upgrader->upgrade( $item, array(
+		$upgrade_result = $upgrader->upgrade( $upgrader_item, array(
 			'clear_update_cache' => false,
 			'pre_check_md5'      => false, /* always use partial builds if possible for core updates */
 			'attempt_rollback'   => true, /* only available for core updates */
@@ -1968,7 +1971,7 @@ class WP_Automatic_Updater {
 		wp_update_plugins(); // Check for Plugin updates
 		$plugin_updates = get_site_transient( 'update_plugins' );
 		if ( $plugin_updates && !empty( $plugin_updates->response ) ) {
-			foreach ( array_keys( $plugin_updates->response ) as $plugin ) {
+			foreach ( $plugin_updates->response as $plugin ) {
 				$this->update( 'plugin', $plugin );
 			}
 			// Force refresh of plugin update information
@@ -1979,8 +1982,8 @@ class WP_Automatic_Updater {
 		wp_update_themes();  // Check for Theme updates
 		$theme_updates = get_site_transient( 'update_themes' );
 		if ( $theme_updates && !empty( $theme_updates->response ) ) {
-			foreach ( array_keys( $theme_updates->response ) as $theme ) {
-				$this->update( 'theme', $theme );
+			foreach ( $theme_updates->response as $theme ) {
+				$this->update( 'theme', (object) $theme );
 			}
 			// Force refresh of theme update information
 			wp_clean_themes_cache();
@@ -1995,8 +1998,21 @@ class WP_Automatic_Updater {
 
 		// Clean up, and check for any pending translations
 		// (Core_Upgrader checks for core updates)
-		wp_update_themes();  // Check for Theme updates
-		wp_update_plugins(); // Check for Plugin updates
+		$theme_stats = array();
+		if ( isset( $this->update_results['theme'] ) ) {
+			foreach ( $this->update_results['theme'] as $upgrade ) {
+				$theme_stats[ $upgrade->item->theme ] = ( true === $upgrade->result );
+			}
+		}
+		wp_update_themes( $theme_stats );  // Check for Theme updates
+
+		$plugin_stats = array();
+		if ( isset( $this->update_results['plugin'] ) ) {
+			foreach ( $this->update_results['plugin'] as $upgrade ) {
+				$plugin_stats[ $upgrade->item->plugin ] = ( true === $upgrade->result );
+			}
+		}
+		wp_update_plugins( $plugin_stats ); // Check for Plugin updates
 
 		// Finally, Process any new translations
 		$language_updates = wp_get_translation_updates();
diff --git a/wp-admin/includes/post.php b/wp-admin/includes/post.php
index 983e4e70..bd624979 100644
--- a/wp-admin/includes/post.php
+++ b/wp-admin/includes/post.php
@@ -100,6 +100,10 @@ function _wp_translate_postdata( $update = false, $post_data = null ) {
 		$post_id = false;
 	$previous_status = $post_id ? get_post_field( 'post_status', $post_id ) : false;
 
+	if ( isset( $post_data['post_status'] ) && 'private' == $post_data['post_status'] && ! current_user_can( $ptype->cap->publish_posts ) ) {
+		$post_data['post_status'] = $previous_status ? $previous_status : 'pending';
+	}
+
 	$published_statuses = array( 'publish', 'future' );
 
 	// Posts 'submitted for approval' present are submitted to $_POST the same as if they were being published.
@@ -111,6 +115,10 @@ function _wp_translate_postdata( $update = false, $post_data = null ) {
 	if ( ! isset($post_data['post_status']) )
 		$post_data['post_status'] = $previous_status;
 
+	if ( isset( $post_data['post_password'] ) && ! current_user_can( $ptype->cap->publish_posts ) ) {
+		unset( $post_data['post_password'] );
+	}
+
 	if (!isset( $post_data['comment_status'] ))
 		$post_data['comment_status'] = 'closed';
 
@@ -170,6 +178,14 @@ function edit_post( $post_data = null ) {
 	$post_data['post_type'] = $post->post_type;
 	$post_data['post_mime_type'] = $post->post_mime_type;
 
+	if ( ! empty( $post_data['post_status'] ) ) {
+		$post_data['post_status'] = sanitize_key( $post_data['post_status'] );
+
+		if ( 'inherit' == $post_data['post_status'] ) {
+			unset( $post_data['post_status'] );
+		}
+	}
+
 	$ptype = get_post_type_object($post_data['post_type']);
 	if ( !current_user_can( 'edit_post', $post_ID ) ) {
 		if ( 'page' == $post_data['post_type'] )
@@ -187,9 +203,6 @@ function edit_post( $post_data = null ) {
 			_wp_upgrade_revisions_of_post( $post, wp_get_post_revisions( $post_ID ) );
 	}
 
-	$post_data = _wp_translate_postdata( true, $post_data );
-	if ( is_wp_error($post_data) )
-		wp_die( $post_data->get_error_message() );
 	if ( ( empty( $post_data['action'] ) || 'autosave' != $post_data['action'] ) && 'auto-draft' == $post_data['post_status'] ) {
 		$post_data['post_status'] = 'draft';
 	}
@@ -210,6 +223,10 @@ function edit_post( $post_data = null ) {
 		}
 	}
 
+	$post_data = _wp_translate_postdata( true, $post_data );
+	if ( is_wp_error($post_data) )
+		wp_die( $post_data->get_error_message() );
+
 	// Post Formats
 	if ( isset( $post_data['post_format'] ) )
 		set_post_format( $post_ID, $post_data['post_format'] );
@@ -332,6 +349,14 @@ function bulk_edit_posts( $post_data = null ) {
 	}
 	unset($post_data['_status']);
 
+	if ( ! empty( $post_data['post_status'] ) ) {
+		$post_data['post_status'] = sanitize_key( $post_data['post_status'] );
+
+		if ( 'inherit' == $post_data['post_status'] ) {
+			unset( $post_data['post_status'] );
+		}
+	}
+
 	$post_IDs = array_map( 'intval', (array) $post_data['post'] );
 
 	$reset = array(
@@ -422,11 +447,26 @@ function bulk_edit_posts( $post_data = null ) {
 			unset( $post_data['tax_input']['category'] );
 		}
 
+		$post_data['post_type'] = $post->post_type;
 		$post_data['post_mime_type'] = $post->post_mime_type;
 		$post_data['guid'] = $post->guid;
 
+		foreach ( array( 'comment_status', 'ping_status', 'post_author' ) as $field ) {
+			if ( ! isset( $post_data[ $field ] ) ) {
+				$post_data[ $field ] = $post->$field;
+			}
+		}
+
 		$post_data['ID'] = $post_ID;
-		$updated[] = wp_update_post( $post_data );
+		$post_data['post_ID'] = $post_ID;
+
+		$translated_post_data = _wp_translate_postdata( true, $post_data );
+		if ( is_wp_error( $translated_post_data ) ) {
+			$skipped[] = $post_ID;
+			continue;
+		}
+
+		$updated[] = wp_update_post( $translated_post_data );
 
 		if ( isset( $post_data['sticky'] ) && current_user_can( $ptype->cap->edit_others_posts ) ) {
 			if ( 'sticky' == $post_data['sticky'] )
@@ -569,10 +609,6 @@ function wp_write_post() {
 	if ( isset( $_POST['post_ID'] ) )
 		return edit_post();
 
-	$translated = _wp_translate_postdata( false );
-	if ( is_wp_error($translated) )
-		return $translated;
-
 	if ( isset($_POST['visibility']) ) {
 		switch ( $_POST['visibility'] ) {
 			case 'public' :
@@ -589,6 +625,10 @@ function wp_write_post() {
 		}
 	}
 
+	$translated = _wp_translate_postdata( false );
+	if ( is_wp_error($translated) )
+		return $translated;
+
 	// Create the post.
 	$post_ID = wp_insert_post( $_POST );
 	if ( is_wp_error( $post_ID ) )
diff --git a/wp-admin/themes.php b/wp-admin/themes.php
index 448931d1..d4a65e7e 100644
--- a/wp-admin/themes.php
+++ b/wp-admin/themes.php
@@ -142,7 +142,7 @@ endif;
 $ct = wp_get_theme();
 
 if ( $ct->errors() && ( ! is_multisite() || current_user_can( 'manage_network_themes' ) ) ) {
-	echo '<p class="error-message">' . sprintf( __( 'ERROR: %s' ), $ct->errors()->get_error_message() ) . '</p>';
+	echo '<div class="error"><p>' . sprintf( __( 'ERROR: %s' ), $ct->errors()->get_error_message() ) . '</p></div>';
 }
 
 /*
@@ -312,9 +312,9 @@ if ( ! is_multisite() && current_user_can('edit_themes') && $broken_themes = wp_
 	<div class="theme-backdrop"></div>
 	<div class="theme-wrap">
 		<div class="theme-header">
-			<button alt="<?php _e( 'Show previous theme' ); ?>" class="left dashicons dashicons-no"></button>
-			<button alt="<?php _e( 'Show next theme' ); ?>" class="right dashicons dashicons-no"></button>
-			<button alt="<?php _e( 'Close overlay' ); ?>" class="close dashicons dashicons-no"></button>
+			<button class="left dashicons dashicons-no"><span class="screen-reader-text"><?php _e( 'Show previous theme' ); ?></span></button>
+			<button class="right dashicons dashicons-no"><span class="screen-reader-text"><?php _e( 'Show next theme' ); ?></span></button>
+			<button class="close dashicons dashicons-no"><span class="screen-reader-text"><?php _e( 'Close overlay' ); ?></span></button>
 		</div>
 		<div class="theme-about">
 			<div class="theme-screenshots">
diff --git a/wp-content/plugins/akismet/admin.php b/wp-content/plugins/akismet/admin.php
index f8071916..56d8c92d 100644
--- a/wp-content/plugins/akismet/admin.php
+++ b/wp-content/plugins/akismet/admin.php
@@ -39,13 +39,20 @@ function akismet_load_js_and_css() {
 		'plugins_page_akismet-key-config', 
 		'jetpack_page_akismet-key-config',
 	) ) ) {
-		wp_register_style( 'akismet.css', AKISMET_PLUGIN_URL . 'akismet.css', array(), '2.5.9' );
+		wp_register_style( 'akismet.css', AKISMET_PLUGIN_URL . 'akismet.css', array(), AKISMET_VERSION );
 		wp_enqueue_style( 'akismet.css');
 	
-		wp_register_script( 'akismet.js', AKISMET_PLUGIN_URL . 'akismet.js', array('jquery'), '2.5.9' );
+		wp_register_script( 'akismet.js', AKISMET_PLUGIN_URL . 'akismet.js', array('jquery'), AKISMET_VERSION );
 		wp_enqueue_script( 'akismet.js' );
 		wp_localize_script( 'akismet.js', 'WPAkismet', array(
-			'comment_author_url_nonce' => wp_create_nonce( 'comment_author_url_nonce' )
+			'comment_author_url_nonce' => wp_create_nonce( 'comment_author_url_nonce' ),
+			'strings' => array(
+				'Remove this URL' => __( 'Remove this URL' ),
+				'Removing...' => __( 'Removing...' ),
+				'URL removed' => __( 'URL removed' ),
+				'(undo)' => __( '(undo)' ),
+				'Re-adding...' => __( 'Re-adding...' ),
+			)
 		) );
 	}
 }
@@ -335,11 +342,7 @@ function akismet_stats() {
 	$path = plugin_basename(__FILE__);
 	echo '<h3>' . _x( 'Spam', 'comments' ) . '</h3>';
 	global $submenu;
-	if ( isset( $submenu['edit-comments.php'] ) )
-		$link = 'edit-comments.php';
-	else
-		$link = 'edit.php';
-	echo '<p>'.sprintf( _n( '<a href="%1$s">Akismet</a> has protected your site from <a href="%2$s">%3$s spam comments</a>.', '<a href="%1$s">Akismet</a> has protected your site from <a href="%2$s">%3$s spam comments</a>.', $count ), 'http://akismet.com/?return=true', clean_url("$link?page=akismet-admin"), number_format_i18n($count) ).'</p>';
+	echo '<p>'.sprintf( _n( '<a href="%1$s">Akismet</a> has protected your site from <a href="%2$s">%3$s spam comments</a>.', '<a href="%1$s">Akismet</a> has protected your site from <a href="%2$s">%3$s spam comments</a>.', $count ), 'http://akismet.com/?return=true', esc_url( add_query_arg( array( 'page' => 'akismet-admin' ), admin_url( isset( $submenu['edit-comments.php'] ) ? 'edit-comments.php' : 'edit.php' ) ) ), number_format_i18n($count) ).'</p>';
 }
 add_action('activity_box_end', 'akismet_stats');
 
@@ -546,11 +549,11 @@ function akismet_rightnow() {
 	global $submenu, $wp_db_version;
 
 	if ( 8645 < $wp_db_version  ) // 2.7
-		$link = 'edit-comments.php?comment_status=spam';
+		$link = add_query_arg( array( 'comment_status' => 'spam' ), admin_url( 'edit-comments.php' ) );
 	elseif ( isset( $submenu['edit-comments.php'] ) )
-		$link = 'edit-comments.php?page=akismet-admin';
+		$link = add_query_arg( array( 'page' => 'akismet-admin' ), admin_url( 'edit-comments.php' ) );
 	else
-		$link = 'edit.php?page=akismet-admin';
+		$link = add_query_arg( array( 'page' => 'akismet-admin' ), admin_url( 'edit.php' ) );
 
 	if ( $count = get_option('akismet_spam_count') ) {
 		$intro = sprintf( _n(
@@ -581,14 +584,17 @@ add_action('rightnow_end', 'akismet_rightnow');
 
 
 // For WP >= 2.5
-function akismet_check_for_spam_button($comment_status) {
+function akismet_check_for_spam_button( $comment_status ) {
 	if ( 'approved' == $comment_status )
 		return;
+		
 	if ( function_exists('plugins_url') )
-		$link = 'admin.php?action=akismet_recheck_queue';
+		$link = add_query_arg( array( 'action' => 'akismet_recheck_queue' ), admin_url( 'admin.php' ) );
 	else
-		$link = 'edit-comments.php?page=akismet-admin&amp;recheckqueue=true&amp;noheader=true';
-	echo "</div><div class='alignleft'><a class='button-secondary checkforspam' href='$link'>" . __('Check for Spam') . "</a>";
+		$link = add_query_arg( array( 'page' => 'akismet-admin', 'recheckqueue' => 'true', 'noheader' => 'true' ), admin_url( 'edit-comments.php' ) );	
+		
+	echo '</div><div class="alignleft"><a class="button-secondary checkforspam" href="' . $link . '">' . esc_html__('Check for Spam') . '</a>';
+	echo '<img src="' . esc_url( admin_url( 'images/wpspin_light.gif' ) ) . '" class="checkforspam-spinner" />';
 }
 add_action('manage_comments_nav', 'akismet_check_for_spam_button');
 
@@ -771,8 +777,12 @@ function akismet_recheck_queue() {
 
 	if ( ! ( isset( $_GET['recheckqueue'] ) || ( isset( $_REQUEST['action'] ) && 'akismet_recheck_queue' == $_REQUEST['action'] ) ) )
 		return;
-		
-	$moderation = $wpdb->get_results( "SELECT * FROM $wpdb->comments WHERE comment_approved = '0'", ARRAY_A );
+					
+	$paginate = ''; 
+	if ( isset( $_POST['limit'] ) && isset( $_POST['offset'] ) ) { 
+		$paginate = $wpdb->prepare( " LIMIT %d OFFSET %d", array( $_POST['limit'], $_POST['offset'] ) ); 
+ 	} 
+ 	$moderation = $wpdb->get_results( "SELECT * FROM {$wpdb->comments} WHERE comment_approved = '0'{$paginate}", ARRAY_A );
 	foreach ( (array) $moderation as $c ) {
 		$c['user_ip']    = $c['comment_author_IP'];
 		$c['user_agent'] = $c['comment_agent'];
@@ -780,7 +790,7 @@ function akismet_recheck_queue() {
 		$c['blog']       = get_bloginfo('url');
 		$c['blog_lang']  = get_locale();
 		$c['blog_charset'] = get_option('blog_charset');
-		$c['permalink']  = get_permalink($c['comment_post_ID']);
+		$c['permalink']    = get_permalink($c['comment_post_ID']);
 
 		$c['user_role'] = '';
 		if ( isset( $c['user_ID'] ) )
@@ -815,12 +825,20 @@ function akismet_recheck_queue() {
 
 		delete_comment_meta( $c['comment_ID'], 'akismet_rechecking' );
 	}
-	$redirect_to = isset( $_SERVER['HTTP_REFERER'] ) ? $_SERVER['HTTP_REFERER'] : admin_url( 'edit-comments.php' );
-	wp_safe_redirect( $redirect_to );
-	exit;
+	if ( defined( 'DOING_AJAX' ) && DOING_AJAX ) { 
+ 		wp_send_json( array( 
+ 			'processed' => count((array) $moderation), 
+ 		)); 
+ 	} 
+ 	else { 
+ 		$redirect_to = isset( $_SERVER['HTTP_REFERER'] ) ? $_SERVER['HTTP_REFERER'] : admin_url( 'edit-comments.php' ); 
+ 		wp_safe_redirect( $redirect_to ); 
+ 		exit; 
+ 	}
 }
 
 add_action('admin_action_akismet_recheck_queue', 'akismet_recheck_queue');
+add_action('wp_ajax_akismet_recheck_queue', 'akismet_recheck_queue');
 
 // Adds an 'x' link next to author URLs, clicking will remove the author URL and show an undo link
 function akismet_remove_comment_author_url() {
diff --git a/wp-content/plugins/akismet/akismet.css b/wp-content/plugins/akismet/akismet.css
index e96bc8a5..5126449d 100644
--- a/wp-content/plugins/akismet/akismet.css
+++ b/wp-content/plugins/akismet/akismet.css
@@ -1 +1 @@
-#submitted-on{position:relative}#the-comment-list .author .akismet-user-comment-count{display:inline}#the-comment-list .author a span{text-decoration:none;color:#999}#the-comment-list .remove_url{margin-left:3px;color:#999;padding:2px 3px 2px 0}#the-comment-list .remove_url:hover{color:#A7301F;font-weight:bold;padding:2px 2px 2px 0}#dashboard_recent_comments .akismet-status{display:none}.akismet-status{float:right}.akismet-status a{color:#AAA;font-style:italic}span.comment-link a{text-decoration:underline}span.comment-link:after{content:" "attr(title) " ";color:#aaa;text-decoration:none}.mshot-arrow{width:0;height:0;border-top:10px solid transparent;border-bottom:10px solid transparent;border-right:10px solid #5C5C5C;position:absolute;left:-6px;top:91px}.mshot-container{background:#5C5C5C;position:absolute;top:-94px;padding:7px;width:450px;height:338px;z-index:20000;-moz-border-radius:6px;border-radius:6px;-webkit-border-radius:6px}h2.ak-header{padding-left:38px;background:url('img/logo.png') no-repeat 0 9px;margin-bottom:14px;line-height:32px}.key-status{padding:0.4em 1em;color:#fff;font-weight:bold;text-align:center;-webkit-border-radius:3px;border-radius:3px;border-width:1px;border-style:solid;max-width:23.3em}input#key{width:25.3em !important}input#key.valid{border-color:#4F800D}input#key.invalid,input#key.failed{border-color:#888}.key-status.under-input{margin-top:-5px;padding-bottom:0px}.key-status.invalid,.key-status.failed{background-color:#888}.key-status.valid{background-color:#4F800D}.key-status.some{background-color:#993300}.key-status.empty{display:none}table.network-status th,table.network-status td{padding:0.4em;margin:0;text-align:center}table.network-status{border-color:#dfdfdf;border-width:0 0 1px 1px;border-style:solid;border-spacing:0;width:25.6em}table.network-status th,table.network-status td{border-color:#dfdfdf;border-width:1px 1px 0 0;border-style:solid;margin:0;border-spacing:0}table.network-status td.key-status{border-radius:0px;-webkit-border-radius:0px}
\ No newline at end of file
+#submitted-on{position:relative}#the-comment-list .author .akismet-user-comment-count{display:inline}#the-comment-list .author a span{text-decoration:none;color:#999}#the-comment-list .remove_url{margin-left:3px;color:#999;padding:2px 3px 2px 0}#the-comment-list .remove_url:hover{color:#A7301F;font-weight:bold;padding:2px 2px 2px 0}#dashboard_recent_comments .akismet-status{display:none}.akismet-status{float:right}.akismet-status a{color:#AAA;font-style:italic}span.comment-link a{text-decoration:underline}span.comment-link:after{content:" "attr(title) " ";color:#aaa;text-decoration:none}.mshot-arrow{width:0;height:0;border-top:10px solid transparent;border-bottom:10px solid transparent;border-right:10px solid #5C5C5C;position:absolute;left:-6px;top:91px}.mshot-container{background:#5C5C5C;position:absolute;top:-94px;padding:7px;width:450px;height:338px;z-index:20000;-moz-border-radius:6px;border-radius:6px;-webkit-border-radius:6px}h2.ak-header{padding-left:38px;background:url('img/logo.png') no-repeat 0 9px;margin-bottom:14px;line-height:32px}.key-status{padding:0.4em 1em;color:#fff;font-weight:bold;text-align:center;-webkit-border-radius:3px;border-radius:3px;border-width:1px;border-style:solid;max-width:23.3em}input#key{width:25.3em !important}input#key.valid{border-color:#4F800D}input#key.invalid,input#key.failed{border-color:#888}.key-status.under-input{margin-top:-5px;padding-bottom:0px}.key-status.invalid,.key-status.failed{background-color:#888}.key-status.valid{background-color:#4F800D}.key-status.some{background-color:#993300}.key-status.empty{display:none}table.network-status th,table.network-status td{padding:0.4em;margin:0;text-align:center}table.network-status{border-color:#dfdfdf;border-width:0 0 1px 1px;border-style:solid;border-spacing:0;width:25.6em}table.network-status th,table.network-status td{border-color:#dfdfdf;border-width:1px 1px 0 0;border-style:solid;margin:0;border-spacing:0}table.network-status td.key-status{border-radius:0px;-webkit-border-radius:0px}.checkforspam{display:inline-block !important;}.checkforspam-spinner{display:none;margin-top:10px;}
\ No newline at end of file
diff --git a/wp-content/plugins/akismet/akismet.js b/wp-content/plugins/akismet/akismet.js
index f3da8fd6..2db61ebf 100644
--- a/wp-content/plugins/akismet/akismet.js
+++ b/wp-content/plugins/akismet/akismet.js
@@ -1,114 +1,154 @@
-jQuery(document).ready(function () {
-	jQuery( '.switch-have-key' ).click( function() {
-		var no_key = jQuery( this ).parents().find('div.no-key');		
-		var have_key = jQuery( this ).parents().find('div.have-key');
+jQuery( function ( $ ) {
+	$( '.switch-have-key' ).click( function() {
+		var no_key = $( this ).parents().find('div.no-key');		
+		var have_key = $( this ).parents().find('div.have-key');
 		
 		no_key.addClass( 'hidden' );
 		have_key.removeClass( 'hidden' );		
 		
 		return false;
 	});
-	jQuery( 'p.need-key a' ).click( function(){
+	$( 'p.need-key a' ).click( function(){
 		document.akismet_activate.submit();
 	});
-	jQuery('.akismet-status').each(function () {
-		var thisId = jQuery(this).attr('commentid');
-		jQuery(this).prependTo('#comment-' + thisId + ' .column-comment div:first-child');
+	$('.akismet-status').each(function () {
+		var thisId = $(this).attr('commentid');
+		$(this).prependTo('#comment-' + thisId + ' .column-comment div:first-child');
 	});
-	jQuery('.akismet-user-comment-count').each(function () {
-		var thisId = jQuery(this).attr('commentid');
-		jQuery(this).insertAfter('#comment-' + thisId + ' .author strong:first').show();
+	$('.akismet-user-comment-count').each(function () {
+		var thisId = $(this).attr('commentid');
+		$(this).insertAfter('#comment-' + thisId + ' .author strong:first').show();
 	});
-	jQuery('#the-comment-list tr.comment .column-author a[title ^= "http://"]').each(function () {
- 		var thisTitle = jQuery(this).attr('title');
- 		    thisCommentId = jQuery(this).parents('tr:first').attr('id').split("-");
+	$('#the-comment-list').find('tr.comment, tr[id ^= "comment-"]').find('.column-author a[title ^= "http://"]').each(function () {
+ 		var thisTitle = $(this).attr('title');
+ 		    thisCommentId = $(this).parents('tr:first').attr('id').split("-");
  		
- 		jQuery(this).attr("id", "author_comment_url_"+ thisCommentId[1]);
+ 		$(this).attr("id", "author_comment_url_"+ thisCommentId[1]);
  		
  		if (thisTitle) {
- 			jQuery(this).after(' <a href="#" class="remove_url" commentid="'+ thisCommentId[1] +'" title="Remove this URL">x</a>');
+ 			$(this).after(
+				$( '<a href="#" class="remove_url">x</a>' )
+					.attr( 'commentid', thisCommentId[1] )
+					.attr( 'title', WPAkismet.strings['Remove this URL'] )
+			);
  		}
  	});
- 	jQuery('.remove_url').live('click', function () {
- 		var thisId = jQuery(this).attr('commentid');
+ 	$('.remove_url').live('click', function () {
+ 		var thisId = $(this).attr('commentid');
  		var data = {
  			action: 'comment_author_deurl',
 			_wpnonce: WPAkismet.comment_author_url_nonce,
  			id: thisId
  		};
- 		jQuery.ajax({
+ 		$.ajax({
 		    url: ajaxurl,
 		    type: 'POST',
 		    data: data,
 		    beforeSend: function () {
 		        // Removes "x" link
-	 			jQuery("a[commentid='"+ thisId +"']").hide();
+	 			$("a[commentid='"+ thisId +"']").hide();
 	 			// Show temp status
-		        jQuery("#author_comment_url_"+ thisId).html('<span>Removing...</span>');
+		        $("#author_comment_url_"+ thisId).html( $( '<span/>' ).text( WPAkismet.strings['Removing...'] ) );
 		    },
 		    success: function (response) {
 		        if (response) {
 	 				// Show status/undo link
-	 				jQuery("#author_comment_url_"+ thisId).attr('cid', thisId).addClass('akismet_undo_link_removal').html('<span>URL removed (</span>undo<span>)</span>');
-	 			}
+	 				$("#author_comment_url_"+ thisId)
+						.attr('cid', thisId)
+						.addClass('akismet_undo_link_removal')
+						.html(
+							$( '<span/>' ).text( WPAkismet.strings['URL removed'] )
+						)
+						.append( ' ' )
+						.append(
+							$( '<span/>' )
+								.text( WPAkismet.strings['(undo)'] )
+								.addClass( 'akismet-span-link' )
+						);
+				}
 		    }
 		});
 
  		return false;
  	});
- 	jQuery('.akismet_undo_link_removal').live('click', function () {
- 		var thisId = jQuery(this).attr('cid');
-		var thisUrl = jQuery(this).attr('href').replace("http://www.", "").replace("http://", "");
+ 	$('.akismet_undo_link_removal').live('click', function () {
+ 		var thisId = $(this).attr('cid');
+		var thisUrl = $(this).attr('href').replace("http://www.", "").replace("http://", "");
  		var data = {
  			action: 'comment_author_reurl',
 			_wpnonce: WPAkismet.comment_author_url_nonce,
  			id: thisId,
  			url: thisUrl
  		};
-		jQuery.ajax({
+		$.ajax({
 		    url: ajaxurl,
 		    type: 'POST',
 		    data: data,
 		    beforeSend: function () {
 	 			// Show temp status
-		        jQuery("#author_comment_url_"+ thisId).html('<span>Re-adding…</span>');
+		        $("#author_comment_url_"+ thisId).html( $( '<span/>' ).text( WPAkismet.strings['Re-adding...'] ) );
 		    },
 		    success: function (response) {
 		        if (response) {
 	 				// Add "x" link
-					jQuery("a[commentid='"+ thisId +"']").show();
+					$("a[commentid='"+ thisId +"']").show();
 					// Show link
-					jQuery("#author_comment_url_"+ thisId).removeClass('akismet_undo_link_removal').html(thisUrl);
+					$("#author_comment_url_"+ thisId).removeClass('akismet_undo_link_removal').html(thisUrl);
 	 			}
 		    }
 		});
  		
  		return false;
  	});
- 	jQuery('a[id^="author_comment_url"]').mouseover(function () {
+	$('a[id^="author_comment_url"], tr.pingback td.column-author a:first-of-type').mouseover(function () {
 		var wpcomProtocol = ( 'https:' === location.protocol ) ? 'https://' : 'http://';
 		// Need to determine size of author column
-		var thisParentWidth = jQuery(this).parent().width();
+		var thisParentWidth = $(this).parent().width();
 		// It changes based on if there is a gravatar present
-		thisParentWidth = (jQuery(this).parent().find('.grav-hijack').length) ? thisParentWidth - 42 + 'px' : thisParentWidth + 'px';
-		if (jQuery(this).find('.mShot').length == 0 && !jQuery(this).hasClass('akismet_undo_link_removal')) {
-			var thisId = jQuery(this).attr('id').replace('author_comment_url_', '');
-			jQuery('.widefat td').css('overflow', 'visible');
-			jQuery(this).css('position', 'relative');
-			var thisHref = jQuery.URLEncode(jQuery(this).attr('href'));
-			jQuery(this).append('<div class="mShot mshot-container" style="left: '+thisParentWidth+'"><div class="mshot-arrow"></div><img src="'+wpcomProtocol+'s0.wordpress.com/mshots/v1/'+thisHref+'?w=450" width="450" class="mshot-image_'+thisId+'" style="margin: 0;" /></div>');
+		thisParentWidth = ($(this).parent().find('.grav-hijack').length) ? thisParentWidth - 42 + 'px' : thisParentWidth + 'px';
+		if ($(this).find('.mShot').length == 0 && !$(this).hasClass('akismet_undo_link_removal')) {
+			var self = $( this );
+			$('.widefat td').css('overflow', 'visible');
+			$(this).css('position', 'relative');
+			var thisHref = $.URLEncode( $(this).attr('href') );
+			$(this).append('<div class="mShot mshot-container" style="left: '+thisParentWidth+'"><div class="mshot-arrow"></div><img src="//s0.wordpress.com/mshots/v1/'+thisHref+'?w=450" width="450" class="mshot-image" style="margin: 0;" /></div>');
 			setTimeout(function () {
-				jQuery('.mshot-image_'+thisId).attr('src', wpcomProtocol+'s0.wordpress.com/mshots/v1/'+thisHref+'?w=450&r=2');
+				self.find( '.mshot-image' ).attr('src', '//s0.wordpress.com/mshots/v1/'+thisHref+'?w=450&r=2');
 			}, 6000);
 			setTimeout(function () {
-				jQuery('.mshot-image_'+thisId).attr('src', wpcomProtocol+'s0.wordpress.com/mshots/v1/'+thisHref+'?w=450&r=3');
+				self.find( '.mshot-image' ).attr('src', '//s0.wordpress.com/mshots/v1/'+thisHref+'?w=450&r=3');
 			}, 12000);
 		} else {
-			jQuery(this).find('.mShot').css('left', thisParentWidth).show();
+			$(this).find('.mShot').css('left', thisParentWidth).show();
 		}
 	}).mouseout(function () {
-		jQuery(this).find('.mShot').hide();
+		$(this).find('.mShot').hide();
 	});
+	$('.checkforspam:not(.button-disabled)').click( function(e) { 
+ 	    $('.checkforspam:not(.button-disabled)').addClass('button-disabled'); 
+ 		$('.checkforspam-spinner').show(); 
+ 		akismet_check_for_spam(0, 100); 
+ 		e.preventDefault(); 
+ 	});
+	
+	function akismet_check_for_spam(offset, limit) { 
+		$.post( 
+			ajaxurl, 
+			{ 
+				'action': 'akismet_recheck_queue', 
+				'offset': offset, 
+				'limit': limit 
+			}, 
+			function(result) { 
+				if (result.processed < limit) { 
+					window.location.reload(); 
+				} 
+				else { 
+					akismet_check_for_spam(offset + limit, limit); 
+				} 
+			} 
+		); 
+	}
 });
 // URL encode plugin
 jQuery.extend({URLEncode:function(c){var o='';var x=0;c=c.toString();var r=/(^[a-zA-Z0-9_.]*)/;
@@ -117,10 +157,3 @@ jQuery.extend({URLEncode:function(c){var o='';var x=0;c=c.toString();var r=/(^[a
     }else{if(c[x]==' ')o+='+';else{var d=c.charCodeAt(x);var h=d.toString(16);
     o+='%'+(h.length<2?'0':'')+h.toUpperCase();}x++;}}return o;}
 });
-// Preload mshot images after everything else has loaded
-jQuery(window).load(function() {
-	var wpcomProtocol = ( 'https:' === location.protocol ) ? 'https://' : 'http://';
-	jQuery('a[id^="author_comment_url"]').each(function () {
-		jQuery.get(wpcomProtocol+'s0.wordpress.com/mshots/v1/'+jQuery.URLEncode(jQuery(this).attr('href'))+'?w=450');
-	});
-});
diff --git a/wp-content/plugins/akismet/akismet.php b/wp-content/plugins/akismet/akismet.php
index 919ea0e7..4fff8bb6 100644
--- a/wp-content/plugins/akismet/akismet.php
+++ b/wp-content/plugins/akismet/akismet.php
@@ -6,7 +6,7 @@
 Plugin Name: Akismet
 Plugin URI: http://akismet.com/?return=true
 Description: Used by millions, Akismet is quite possibly the best way in the world to <strong>protect your blog from comment and trackback spam</strong>. It keeps your site protected from spam even while you sleep. To get started: 1) Click the "Activate" link to the left of this description, 2) <a href="http://akismet.com/get/?return=true">Sign up for an Akismet API key</a>, and 3) Go to your Akismet configuration page, and save your API key.
-Version: 2.5.9
+Version: 2.6.0
 Author: Automattic
 Author URI: http://automattic.com/wordpress-plugins/
 License: GPLv2 or later
@@ -34,8 +34,9 @@ if ( !function_exists( 'add_action' ) ) {
 	exit;
 }
 
-define('AKISMET_VERSION', '2.5.9');
+define('AKISMET_VERSION', '2.6.0');
 define('AKISMET_PLUGIN_URL', plugin_dir_url( __FILE__ ));
+define('AKISMET_DELETE_LIMIT', 10000);
 
 /** If you hardcode a WP.com API key here, all key config screens will be hidden */
 if ( defined('WPCOM_API_KEY') )
@@ -197,17 +198,26 @@ function akismet_http_post($request, $host, $path, $port = 80, $ip=null) {
 
 // filter handler used to return a spam result to pre_comment_approved
 function akismet_result_spam( $approved ) {
+	static $just_once = false;
+	if ( $just_once )
+		return $approved;
+		
 	// bump the counter here instead of when the filter is added to reduce the possibility of overcounting
 	if ( $incr = apply_filters('akismet_spam_count_incr', 1) )
 		update_option( 'akismet_spam_count', get_option('akismet_spam_count') + $incr );
+		
 	// this is a one-shot deal
-	remove_filter( 'pre_comment_approved', 'akismet_result_spam' );
+	$just_once = true;
 	return 'spam';
 }
 
 function akismet_result_hold( $approved ) {
+	static $just_once = false;
+	if ( $just_once )
+		return $approved;
+		
 	// once only
-	remove_filter( 'pre_comment_approved', 'akismet_result_hold' );
+	$just_once = true;
 	return '0';
 }
 
@@ -321,7 +331,7 @@ function akismet_auto_check_comment( $commentdata ) {
 	global $akismet_api_host, $akismet_api_port, $akismet_last_comment;
 
 	$comment = $commentdata;
-	$comment['user_ip']    = $_SERVER['REMOTE_ADDR'];
+	$comment['user_ip']    = akismet_get_ip_address();
 	$comment['user_agent'] = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : null; 
 	$comment['referrer']   = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : null;
 	$comment['blog']       = get_option('home');
@@ -422,58 +432,70 @@ function akismet_auto_check_comment( $commentdata ) {
 
 add_action('preprocess_comment', 'akismet_auto_check_comment', 1);
 
+function akismet_get_ip_address() {
+	foreach( array( 'HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR' ) as $key ) {
+		if ( array_key_exists( $key, $_SERVER ) === true ) {
+			foreach ( explode( ',', $_SERVER[$key] ) as $ip ) {
+				$ip = trim($ip); 
+	
+				if ( filter_var( $ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) !== false ) {
+					return $ip;
+				}
+			}
+		}
+	}
+	return null;
+}
+
 function akismet_delete_old() {
 	global $wpdb;
-	$now_gmt = current_time('mysql', 1);
-	$comment_ids = $wpdb->get_col("SELECT comment_id FROM $wpdb->comments WHERE DATE_SUB('$now_gmt', INTERVAL 15 DAY) > comment_date_gmt AND comment_approved = 'spam'");
-	if ( empty( $comment_ids ) )
-		return;
+	
+	while( $comment_ids = $wpdb->get_col( $wpdb->prepare( "SELECT comment_id FROM {$wpdb->comments} WHERE DATE_SUB(NOW(), INTERVAL 15 DAY) > comment_date_gmt AND comment_approved = 'spam' LIMIT %d", defined( 'AKISMET_DELETE_LIMIT' ) ? AKISMET_DELETE_LIMIT : 10000 ) ) ) {
+		if ( empty( $comment_ids ) )
+			return;
 		
-	$comma_comment_ids = implode( ', ', array_map('intval', $comment_ids) );
+		$wpdb->queries = array();
 
-	do_action( 'delete_comment', $comment_ids );
-	$wpdb->query("DELETE FROM $wpdb->comments WHERE comment_id IN ( $comma_comment_ids )");
-	$wpdb->query("DELETE FROM $wpdb->commentmeta WHERE comment_id IN ( $comma_comment_ids )");
-	clean_comment_cache( $comment_ids );
-	$n = mt_rand(1, 5000);
-	if ( apply_filters('akismet_optimize_table', ($n == 11)) ) // lucky number
-		$wpdb->query("OPTIMIZE TABLE $wpdb->comments");
+		do_action( 'delete_comment', $comment_ids );
+		
+		$comma_comment_ids = implode( ', ', array_map('intval', $comment_ids) );
+	
+		$wpdb->query("DELETE FROM {$wpdb->comments} WHERE comment_id IN ( $comma_comment_ids )");
+		$wpdb->query("DELETE FROM {$wpdb->commentmeta} WHERE comment_id IN ( $comma_comment_ids )");
+		
+		clean_comment_cache( $comment_ids );
+	}
 
+	if ( apply_filters( 'akismet_optimize_table', ( mt_rand(1, 5000) == 11) ) ) // lucky number
+		$wpdb->query("OPTIMIZE TABLE {$wpdb->comments}");
 }
 
 function akismet_delete_old_metadata() { 
 	global $wpdb; 
 
-	$now_gmt = current_time( 'mysql', 1 ); 
 	$interval = apply_filters( 'akismet_delete_commentmeta_interval', 15 );
 
 	# enfore a minimum of 1 day
 	$interval = absint( $interval );
-	if ( $interval < 1 ) {
-		return;
-	}
+	if ( $interval < 1 )
+		$interval = 1;
 
 	// akismet_as_submitted meta values are large, so expire them 
 	// after $interval days regardless of the comment status 
-	while ( TRUE ) {
-		$comment_ids = $wpdb->get_col( "SELECT $wpdb->comments.comment_id FROM $wpdb->commentmeta INNER JOIN $wpdb->comments USING(comment_id) WHERE meta_key = 'akismet_as_submitted' AND DATE_SUB('$now_gmt', INTERVAL {$interval} DAY) > comment_date_gmt LIMIT 10000" ); 
-
-		if ( empty( $comment_ids ) ) {
-			return; 
-		}
-
+	while ( $comment_ids = $wpdb->get_col( $wpdb->prepare( "SELECT m.comment_id FROM {$wpdb->commentmeta} as m INNER JOIN {$wpdb->comments} as c USING(comment_id) WHERE m.meta_key = 'akismet_as_submitted' AND DATE_SUB(NOW(), INTERVAL %d DAY) > c.comment_date_gmt LIMIT 10000", $interval ) ) ) {	
+		if ( empty( $comment_ids ) )
+			return;
+		
+		$wpdb->queries = array();
+		
 		foreach ( $comment_ids as $comment_id ) {
 			delete_comment_meta( $comment_id, 'akismet_as_submitted' );
 		}
 	}
-
-	/*
-	$n = mt_rand( 1, 5000 ); 
-	if ( apply_filters( 'akismet_optimize_table', ( $n == 11 ), 'commentmeta' ) ) { // lucky number 
-		$wpdb->query( "OPTIMIZE TABLE $wpdb->commentmeta" ); 
-	}
-	*/
-} 
+	
+	if ( apply_filters( 'akismet_optimize_table', ( mt_rand(1, 5000) == 11) ) ) // lucky number
+		$wpdb->query("OPTIMIZE TABLE {$wpdb->comments}");
+}
 
 add_action('akismet_scheduled_delete', 'akismet_delete_old');
 add_action('akismet_scheduled_delete', 'akismet_delete_old_metadata'); 
@@ -588,6 +610,71 @@ $akismet_comment_nonce_option = apply_filters( 'akismet_comment_nonce', get_opti
 if ( $akismet_comment_nonce_option == 'true' || $akismet_comment_nonce_option == '' )
 	add_action( 'comment_form', 'akismet_add_comment_nonce' );
 
+function akismet_pingback_forwarded_for( $r, $url ) {
+	static $urls = array();
+	
+	// Call this with $r == null to prime the callback to add headers on a specific URL
+	if ( is_null( $r ) && !in_array( $url, $urls ) ) {
+		$urls[] = $url;
+	}
+
+	// Add X-Pingback-Forwarded-For header, but only for requests to a specific URL (the apparent pingback source)
+	if ( is_array( $r ) && is_array( $r['headers'] ) && !isset( $r['headers']['X-Pingback-Forwarded-For'] ) && in_array( $url, $urls ) ) {
+		$remote_ip = preg_replace( '/[^a-fx0-9:.,]/i', '', $_SERVER['REMOTE_ADDR'] );
+		
+		// Note: this assumes REMOTE_ADDR is correct, and it may not be if a reverse proxy or CDN is in use
+		$r['headers']['X-Pingback-Forwarded-For'] = $remote_ip;
+
+		// Also identify the request as a pingback verification in the UA string so it appears in logs
+		$r['user-agent'] .= '; verifying pingback from ' . $remote_ip;
+	}
+
+	return $r;
+}
+
+function akismet_pre_check_pingback( $method ) {
+	
+	if ( $method !== 'pingback.ping' )
+		return;
+
+	global $wp_xmlrpc_server;
+	
+	if ( !is_object( $wp_xmlrpc_server ) )
+		return false;
+	
+	// Lame: tightly coupled with the IXR class.
+	$args = $wp_xmlrpc_server->message->params;
+	
+	if ( !empty( $args[1] ) ) {
+		$post_id = url_to_postid( $args[1] );
+
+		// If this gets through the pre-check, make sure we properly identify the outbound request as a pingback verification
+		akismet_pingback_forwarded_for( null, $args[0] );
+		add_filter( 'http_request_args', 'akismet_pingback_forwarded_for', 10, 2 );
+
+		$comment = array(
+			'comment_author_url' => $args[0],
+			'comment_post_ID' => $post_id,
+			'comment_author' => '',
+			'comment_author_email' => '',
+			'comment_content' => '',
+			'comment_type' => 'pingback',
+			'akismet_pre_check' => '1',
+			'comment_pingback_target' => $args[1],
+		);
+
+		$comment = akismet_auto_check_comment( $comment );
+
+		if ( isset( $comment['akismet_result'] ) && 'true' == $comment['akismet_result'] ) {
+			// Lame: tightly coupled with the IXR classes. Unfortunately the action provides no context and no way to return anything.
+			$wp_xmlrpc_server->error( new IXR_Error( 0, 'Invalid discovery target' ) );
+		}
+	}
+}
+
+// Run this early in the pingback call, before doing a remote fetch of the source uri
+add_action( 'xmlrpc_call', 'akismet_pre_check_pingback' );
+
 global $wp_version;
 if ( '3.0.5' == $wp_version ) { 
 	remove_filter( 'comment_text', 'wp_kses_data' ); 
diff --git a/wp-content/plugins/akismet/readme.txt b/wp-content/plugins/akismet/readme.txt
index d0094d20..fca32ab7 100644
--- a/wp-content/plugins/akismet/readme.txt
+++ b/wp-content/plugins/akismet/readme.txt
@@ -2,8 +2,8 @@
 Contributors: matt, ryan, andy, mdawaffe, tellyworth, josephscott, lessbloat, eoigal, automattic
 Tags: akismet, comments, spam
 Requires at least: 3.0
-Tested up to: 3.6
-Stable tag: 2.5.9
+Tested up to: 3.8.1
+Stable tag: 2.6.0
 License: GPLv2 or later
 
 Akismet checks your comments against the Akismet web service to see if they look like spam or not.
@@ -31,6 +31,14 @@ Upload the Akismet plugin to your blog, Activate it, then enter your [Akismet.co
 
 == Changelog ==
 
+= 2.6.0 =
+* Add ajax paging to the check for spam button to handle large volumes of comments
+* Optimize javascript and add localization support 
+* Fix bug in link to spam comments from right now dashboard widget
+* Fix bug with deleting old comments to avoid timeouts dealing with large volumes of comments
+* Include X-Pingback-Forwarded-For header in outbound WordPress pingback verifications
+* Add pre-check for pingbacks, to stop spam before an outbound verification request is made
+
 = 2.5.9 =
 * Update 'Already have a key' link to redirect page rather than depend on javascript
 * Fix some non-translatable strings to be translatable
diff --git a/wp-content/themes/twentyfourteen/languages/twentyfourteen.pot b/wp-content/themes/twentyfourteen/languages/twentyfourteen.pot
index 58e61c9f..ad22e646 100644
--- a/wp-content/themes/twentyfourteen/languages/twentyfourteen.pot
+++ b/wp-content/themes/twentyfourteen/languages/twentyfourteen.pot
@@ -1,14 +1,14 @@
-# Copyright (C) 2013 the WordPress team
+# Copyright (C) 2014 the WordPress team
 # This file is distributed under the GNU General Public License v2 or later.
 msgid ""
 msgstr ""
 "Project-Id-Version: Twenty Fourteen 1.0\n"
 "Report-Msgid-Bugs-To: http://wordpress.org/tags/twentyfourteen\n"
-"POT-Creation-Date: 2013-12-12 05:25:07+00:00\n"
+"POT-Creation-Date: 2014-03-18 19:16:26+00:00\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
-"PO-Revision-Date: 2013-MO-DA HO:MI+ZONE\n"
+"PO-Revision-Date: 2014-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
 
diff --git a/wp-content/themes/twentythirteen/languages/twentythirteen.pot b/wp-content/themes/twentythirteen/languages/twentythirteen.pot
index 6f877365..9f56bcc6 100644
--- a/wp-content/themes/twentythirteen/languages/twentythirteen.pot
+++ b/wp-content/themes/twentythirteen/languages/twentythirteen.pot
@@ -1,14 +1,14 @@
-# Copyright (C) 2013 the WordPress team
+# Copyright (C) 2014 the WordPress team
 # This file is distributed under the GNU General Public License v2 or later.
 msgid ""
 msgstr ""
 "Project-Id-Version: Twenty Thirteen 1.1\n"
 "Report-Msgid-Bugs-To: http://wordpress.org/tags/twentythirteen\n"
-"POT-Creation-Date: 2013-10-24 20:32:06+00:00\n"
+"POT-Creation-Date: 2014-03-18 19:16:26+00:00\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
-"PO-Revision-Date: 2013-MO-DA HO:MI+ZONE\n"
+"PO-Revision-Date: 2014-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
 
diff --git a/wp-content/themes/twentytwelve/languages/twentytwelve.pot b/wp-content/themes/twentytwelve/languages/twentytwelve.pot
index a504372e..4f35f4ab 100644
--- a/wp-content/themes/twentytwelve/languages/twentytwelve.pot
+++ b/wp-content/themes/twentytwelve/languages/twentytwelve.pot
@@ -1,14 +1,14 @@
-# Copyright (C) 2013 the WordPress team
+# Copyright (C) 2014 the WordPress team
 # This file is distributed under the GNU General Public License v2 or later.
 msgid ""
 msgstr ""
 "Project-Id-Version: Twenty Twelve 1.3\n"
 "Report-Msgid-Bugs-To: http://wordpress.org/tags/twentytwelve\n"
-"POT-Creation-Date: 2013-10-24 20:32:05+00:00\n"
+"POT-Creation-Date: 2014-03-18 19:16:25+00:00\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
-"PO-Revision-Date: 2013-MO-DA HO:MI+ZONE\n"
+"PO-Revision-Date: 2014-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
 
diff --git a/wp-includes/bookmark.php b/wp-includes/bookmark.php
index af418167..86ea3d22 100644
--- a/wp-includes/bookmark.php
+++ b/wp-includes/bookmark.php
@@ -226,8 +226,8 @@ function get_bookmarks($args = '') {
 		$join = " INNER JOIN $wpdb->term_relationships AS tr ON ($wpdb->links.link_id = tr.object_id) INNER JOIN $wpdb->term_taxonomy as tt ON tt.term_taxonomy_id = tr.term_taxonomy_id";
 	}
 
-	if ( $show_updated && get_option('links_recently_updated_time') ) {
-		$recently_updated_test = ", IF (DATE_ADD(link_updated, INTERVAL " . get_option('links_recently_updated_time') . " MINUTE) >= NOW(), 1,0) as recently_updated ";
+	if ( $show_updated ) {
+		$recently_updated_test = ", IF (DATE_ADD(link_updated, INTERVAL 120 MINUTE) >= NOW(), 1,0) as recently_updated ";
 	} else {
 		$recently_updated_test = '';
 	}
diff --git a/wp-includes/class-wp-xmlrpc-server.php b/wp-includes/class-wp-xmlrpc-server.php
index 1ab005b8..255a29c4 100644
--- a/wp-includes/class-wp-xmlrpc-server.php
+++ b/wp-includes/class-wp-xmlrpc-server.php
@@ -5390,11 +5390,18 @@ class wp_xmlrpc_server extends IXR_Server {
 		// very stupid, but gives time to the 'from' server to publish !
 		sleep(1);
 
+		$remote_ip = preg_replace( '/[^0-9a-fA-F:., ]/', '', $_SERVER['REMOTE_ADDR'] );
+		$user_agent = apply_filters( 'http_headers_useragent', 'WordPress/' . $GLOBALS['wp_version'] . '; ' . get_bloginfo( 'url' ) );
+
 		// Let's check the remote site
 		$http_api_args = array(
 			'timeout' => 10,
 			'redirection' => 0,
 			'limit_response_size' => 153600, // 150 KB
+			'user-agent' => "$user_agent; verifying pingback from $remote_ip",
+			'headers' => array(
+				'X-Pingback-Forwarded-For' => $remote_ip,
+			),
 		);
 		$linea = wp_remote_retrieve_body( wp_safe_remote_get( $pagelinkedfrom, $http_api_args ) );
 
diff --git a/wp-includes/js/plupload/plupload.silverlight.xap b/wp-includes/js/plupload/plupload.silverlight.xap
index e1584d3b..20c8fd82 100644
Binary files a/wp-includes/js/plupload/plupload.silverlight.xap and b/wp-includes/js/plupload/plupload.silverlight.xap differ
diff --git a/wp-includes/pluggable.php b/wp-includes/pluggable.php
index aca94f36..d84cb0a2 100644
--- a/wp-includes/pluggable.php
+++ b/wp-includes/pluggable.php
@@ -543,7 +543,7 @@ function wp_validate_auth_cookie($cookie = '', $scheme = '') {
 	$key = wp_hash($username . $pass_frag . '|' . $expiration, $scheme);
 	$hash = hash_hmac('md5', $username . '|' . $expiration, $key);
 
-	if ( $hmac != $hash ) {
+	if ( hash_hmac( 'md5', $hmac, $key ) !== hash_hmac( 'md5', $hash, $key ) ) {
 		do_action('auth_cookie_bad_hash', $cookie_elements);
 		return false;
 	}
diff --git a/wp-includes/post-template.php b/wp-includes/post-template.php
index 522ad3e1..37290d5b 100644
--- a/wp-includes/post-template.php
+++ b/wp-includes/post-template.php
@@ -1248,8 +1248,7 @@ function get_the_password_form( $post = 0 ) {
 	$label = 'pwbox-' . ( empty($post->ID) ? rand() : $post->ID );
 	$output = '<form action="' . esc_url( site_url( 'wp-login.php?action=postpass', 'login_post' ) ) . '" class="post-password-form" method="post">
 	<p>' . __( 'This content is password protected. To view it please enter your password below:' ) . '</p>
-	<p><label for="' . $label . '">' . __( 'Password:' ) . ' <input name="post_password" id="' . $label . '" type="password" size="20" /></label> <input type="submit" name="Submit" value="' . esc_attr__( 'Submit' ) . '" /></p>
-	</form>
+	<p><label for="' . $label . '">' . __( 'Password:' ) . ' <input name="post_password" id="' . $label . '" type="password" size="20" /></label> <input type="submit" name="Submit" value="' . esc_attr__( 'Submit' ) . '" /></p></form>
 	';
 	return apply_filters( 'the_password_form', $output );
 }
@@ -1443,3 +1442,22 @@ function wp_list_post_revisions( $post_id = 0, $type = 'all' ) {
 	echo $rows;
 	echo "</ul>";
 }
+
+/**
+ * Dashboard CSS fixes for 3.8.2.
+ *
+ * This function cheaply fixes #WP27082 and #WP26910 in lieu of
+ * changing the massive wp-admin.css file in a point release.
+ * This lucky includes file was already receiving an update.
+ *
+ * @since 3.8.2
+ * @access private
+ */
+function wp_382_css_hotfix() {
+	echo '<style type="text/css">
+#activity-widget #the-comment-list .comment-item { position: relative; }
+.tagsdiv .newtag { padding: 6px 10px; height: auto; }
+</style>
+';
+}
+add_action( 'admin_print_styles', 'wp_382_css_hotfix', 30 );
diff --git a/wp-includes/query.php b/wp-includes/query.php
index 8bf292e1..446cebca 100644
--- a/wp-includes/query.php
+++ b/wp-includes/query.php
@@ -3273,7 +3273,11 @@ class WP_Query {
 					$term = get_term_by( 'slug', $this->get( 'category_name' ), 'category' );
 				}
 			} elseif ( $this->is_tag ) {
-				$term = get_term( $this->get( 'tag_id' ), 'post_tag' );
+				if ( $this->get( 'tag_id' ) ) {
+					$term = get_term( $this->get( 'tag_id' ), 'post_tag' );
+				} elseif ( $this->get( 'tag' ) ) {
+					$term = get_term_by( 'slug', $this->get( 'tag' ), 'post_tag' );
+				}
 			} else {
 				$tax_query_in_and = wp_list_filter( $this->tax_query->queries, array( 'operator' => 'NOT IN' ), 'NOT' );
 				$query = reset( $tax_query_in_and );
diff --git a/wp-includes/update.php b/wp-includes/update.php
index c670f9d0..ead8e398 100644
--- a/wp-includes/update.php
+++ b/wp-includes/update.php
@@ -168,9 +168,10 @@ function wp_version_check( $extra_stats = array(), $force_check = false ) {
  * @since 2.3.0
  * @uses $wp_version Used to notify the WordPress version.
  *
+ * @param array $extra_stats Extra statistics to report to the WordPress.org API.
  * @return mixed Returns null if update is unsupported. Returns false if check is too soon.
  */
-function wp_update_plugins() {
+function wp_update_plugins( $extra_stats = array() ) {
 	include ABSPATH . WPINC . '/version.php'; // include an unmodified $wp_version
 
 	if ( defined('WP_INSTALLING') )
@@ -209,7 +210,7 @@ function wp_update_plugins() {
 
 	$time_not_changed = isset( $current->last_checked ) && $timeout > ( time() - $current->last_checked );
 
-	if ( $time_not_changed ) {
+	if ( $time_not_changed && ! $extra_stats ) {
 		$plugin_changed = false;
 		foreach ( $plugins as $file => $p ) {
 			$new_option->checked[ $file ] = $p['Version'];
@@ -258,6 +259,10 @@ function wp_update_plugins() {
 		'user-agent' => 'WordPress/' . $wp_version . '; ' . get_bloginfo( 'url' )
 	);
 
+	if ( $extra_stats ) {
+		$options['body']['update_stats'] = json_encode( $extra_stats );
+	}
+
 	$url = $http_url = 'http://api.wordpress.org/plugins/update-check/1.1/';
 	if ( $ssl = wp_http_supports( array( 'ssl' ) ) )
 		$url = set_url_scheme( $url, 'https' );
@@ -299,9 +304,10 @@ function wp_update_plugins() {
  * @since 2.7.0
  * @uses $wp_version Used to notify the WordPress version.
  *
+ * @param array $extra_stats Extra statistics to report to the WordPress.org API.
  * @return mixed Returns null if update is unsupported. Returns false if check is too soon.
  */
-function wp_update_themes() {
+function wp_update_themes( $extra_stats = array() ) {
 	include ABSPATH . WPINC . '/version.php'; // include an unmodified $wp_version
 
 	if ( defined( 'WP_INSTALLING' ) )
@@ -351,7 +357,7 @@ function wp_update_themes() {
 
 	$time_not_changed = isset( $last_update->last_checked ) && $timeout > ( time() - $last_update->last_checked );
 
-	if ( $time_not_changed ) {
+	if ( $time_not_changed && ! $extra_stats ) {
 		$theme_changed = false;
 		foreach ( $checked as $slug => $v ) {
 			if ( !isset( $last_update->checked[ $slug ] ) || strval($last_update->checked[ $slug ]) !== strval($v) )
@@ -398,6 +404,10 @@ function wp_update_themes() {
 		'user-agent'	=> 'WordPress/' . $wp_version . '; ' . get_bloginfo( 'url' )
 	);
 
+	if ( $extra_stats ) {
+		$options['body']['update_stats'] = json_encode( $extra_stats );
+	}
+
 	$url = $http_url = 'http://api.wordpress.org/themes/update-check/1.1/';
 	if ( $ssl = wp_http_supports( array( 'ssl' ) ) )
 		$url = set_url_scheme( $url, 'https' );
@@ -610,14 +620,14 @@ add_action( 'load-update.php', 'wp_update_plugins' );
 add_action( 'load-update-core.php', 'wp_update_plugins' );
 add_action( 'admin_init', '_maybe_update_plugins' );
 add_action( 'wp_update_plugins', 'wp_update_plugins' );
-add_action( 'upgrader_process_complete', 'wp_update_plugins' );
+add_action( 'upgrader_process_complete', 'wp_update_plugins', 10, 0 );
 
 add_action( 'load-themes.php', 'wp_update_themes' );
 add_action( 'load-update.php', 'wp_update_themes' );
 add_action( 'load-update-core.php', 'wp_update_themes' );
 add_action( 'admin_init', '_maybe_update_themes' );
 add_action( 'wp_update_themes', 'wp_update_themes' );
-add_action( 'upgrader_process_complete', 'wp_update_themes' );
+add_action( 'upgrader_process_complete', 'wp_update_themes', 10, 0 );
 
 add_action( 'wp_maybe_auto_update', 'wp_maybe_auto_update' );
 
diff --git a/wp-includes/version.php b/wp-includes/version.php
index b9e99e27..b2496327 100644
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@@ -4,7 +4,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '3.8.1';
+$wp_version = '3.8.2';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.