no follow callback

git-svn-id: http://svn.automattic.com/wordpress/branches/2.2@6106 1a063a9b-81f0-0310-95a4-ce76da25c4cd

index.php

@@ -1,4 +1,4 @@
-<?php 
+<?php
 /* Short and sweet */
 define('WP_USE_THEMES', true);
 require('./wp-blog-header.php');

readme.html

@@ -1,118 +1,83 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-<title>WordPress &rsaquo; ReadMe</title>
-<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-<style type="text/css" media="screen">
-	<!--
-	html {
-		background: #eee;
-	}
-	body {
-		background: #fff;
-		color: #000;
-		font-family: Georgia, "Times New Roman", Times, serif;
-		margin-left: 25%;
-		margin-right: 25%;
-		padding: .2em 2em;
-	}
-	
-	h1 {
-		color: #006;
-		font-size: 18px;
-		font-weight: lighter;
-	}
-	
-	h2 {
-		font-size: 16px;
-	}
-	
-	p, li, dt {
-		line-height: 140%;
-		padding-bottom: 2px;
-	}
-
-	ul, ol {
-		padding: 5px 5px 5px 20px;
-	}
-	-->
-	</style>
+	<title>WordPress &rsaquo; ReadMe</title>
+	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+	<link rel="stylesheet" href="wp-admin/install.css" type="text/css" />
 </head>
 <body>
-<h1 style="text-align: center"><img alt="WordPress" src="http://wordpress.org/images/wordpress.gif" /> <br />
-	Version 1.5.1</h1>
-<p style="text-align: center"> Semantic Personal Publishing Platform </p>
+<h1 id="logo" style="text-align: center">
+	<img alt="WordPress" src="wp-admin/images/wordpress-logo.png" />
+	<br /> Version 2.2
+</h1>
+<p style="text-align: center">Semantic Personal Publishing Platform</p>
+
 <h1>First Things First</h1>
 <p>Welcome. WordPress is a very special project to me. Every developer and contributor adds something unique to the mix, and together we create something beautiful that I'm proud to be a part of. Thousands of hours have gone into WordPress, and we're dedicated to making it better every day. Thank you for making it part of your world.</p>
-<p style="text-align: right;">&#8212; Matt Mullenweg </p>
+<p style="text-align: right;">&#8212; Matt Mullenweg</p>
 
-<h1 id="installation">Installation: Famous 5-minute install</h1>
+<h1>Installation: Famous 5-minute install</h1>
 <ol>
-	<li>Unzip the package in an empty directory</li>
-	<li>Open up <code>wp-config-sample.php</code> with a text editor like WordPad or similar and fill in your database connection details</li>
-	<li>Save the file as <code>wp-config.php</code> </li>
+	<li>Unzip the package in an empty directory.</li>
+	<li>Open up <code>wp-config-sample.php</code> with a text editor like WordPad or similar and fill in your database connection details.</li>
+	<li>Save the file as <code>wp-config.php</code></li>
 	<li>Upload everything.</li>
-	<li>Launch <span class="file"><a href="wp-admin/install.php">/wp-admin/install.php</a></span> in your browser. This should setup the tables needed for your blog. If there is an error, double check your <span class="file">wp-config.php</span> file, and try again. If it fails again, please go to the <a href="http://wordpress.org/support/">support forums</a> with as much data as you can gather. </li>
+	<li>Open <span class="file"><a href="wp-admin/install.php">/wp-admin/install.php</a></span> in your browser. This should setup the tables needed for your blog. If there is an error, double check your <span class="file">wp-config.php</span> file, and try again. If it fails again, please go to the <a href="http://wordpress.org/support/">support forums</a> with as much data as you can gather.</li>
 	<li><strong>Note the password given to you.</strong></li>
 	<li> The install script should then send you to the <a href="wp-login.php">login page</a>. Sign in with the username <code>admin</code> and the password generated during the installation. You can then click on 'Profile' to change the password.</li>
 </ol>
 
 <h1>Upgrading</h1>
 <p>Before you upgrade anything, make sure you have backup copies of any files you may have modified such as <code>index.php</code>.</p>
-<h2>Upgrading from any previous WordPress to 1.5:</h2>
+<h2>Upgrading from any previous WordPress to 2.2:</h2>
 <ol>
-	<li>Delete your old WP files, saving ones you've modified </li>
-	<li>Upload the new files</li>
-	<li>Point your browser to <span class="file"><a href="wp-admin/upgrade.php">/wp-admin/upgrade.php</a></span></li>
+	<li>Delete your old WP files, saving ones you've modified.</li>
+	<li>Upload the new files.</li>
+	<li>Point your browser to <span class="file"><a href="wp-admin/upgrade.php">/wp-admin/upgrade.php</a>.</span></li>
 	<li>You wanted more, perhaps? That's it!</li>
 </ol>
 <h2>Template Changes</h2>
 <p>If you have customized your templates you will probably have to make some changes to them. If you're converting your 1.2 or earlier templates, <a href="http://codex.wordpress.org/Upgrade_1.2_to_1.5">we've created a special guide for you</a>. </p>
+
 <h1>Online Resources</h1>
 <p>If you have any questions that aren't addressed in this document, please take advantage of WordPress' numerous online resources:</p>
 <dl>
 	<dt><a href="http://codex.wordpress.org/">The WordPress Codex </a></dt>
-	<dd>The Codex is the encyclopedia of all things WordPress. It is the most comprehensive source of information for WordPress available. </dd>
+		<dd>The Codex is the encyclopedia of all things WordPress. It is the most comprehensive source of information for WordPress available.</dd>
 	<dt><a href="http://wordpress.org/development/">The Development Blog</a></dt>
-	<dd>This is where you'll find the latest updates and news related to WordPress. Bookmark and check often. </dd>
+		<dd>This is where you'll find the latest updates and news related to WordPress. Bookmark and check often.</dd>
 	<dt><a href="http://planet.wordpress.org/">WordPress Planet </a></dt>
-	<dd>The WordPress Planet is a news aggregator that brings together posts from WordPress blogs around the web. </dd>
+		<dd>The WordPress Planet is a news aggregator that brings together posts from WordPress blogs around the web.</dd>
 	<dt><a href="http://wordpress.org/support/">WordPress Support Forums</a></dt>
-	<dd>If you've looked everywhere and still can't find an answer, the support forums are very active and have a large community ready to help. To help them help you be sure to use a descriptive thread title and describe your question in as much detail as possible. </dd>
+		<dd>If you've looked everywhere and still can't find an answer, the support forums are very active and have a large community ready to help. To help them help you be sure to use a descriptive thread title and describe your question in as much detail as possible.</dd>
 	<dt><a href="http://codex.wordpress.org/IRC">WordPress IRC Channel</a></dt>
-	<dd>Finally, there is an online chat channel that is used for discussion amoung people who use WordPress and occasionally support topics. The above wiki page should point you in the right direction. (irc.freenode.net #wordpresss) </dd>
+		<dd>Finally, there is an online chat channel that is used for discussion among people who use WordPress and occasionally support topics. The above wiki page should point you in the right direction. (<a href="irc://irc.freenode.net/wordpress">irc.freenode.net #wordpress</a>)</dd>
 </dl>
 
-<h1 id="requirements">System Recommendations</h1>
+<h1>System Recommendations</h1>
 <ul>
-	<li>PHP version <strong>4.1</strong> or higher</li>
-	<li>MySQL version <strong>3.23.23</strong> or higher</li>
-	<li>... and a link to <a href="http://wordpress.org">http://wordpress.org</a> on your site.</li>
+	<li>PHP version <strong>4.2</strong> or higher.</li>
+	<li>MySQL version <strong>4.0</strong> or higher.</li>
+	<li>... and a link to <a href="http://wordpress.org/">http://wordpress.org</a> on your site.</li>
 </ul>
-<p>WordPress is the official continuation of <a href="http://cafelog.com/">b2/caf&eacute;log</a>, which came from Michel V. The work has been continued by the <a href="http://wordpress.org/about/">WordPress developers</a>. If you would like to support WordPress, please consider <a href="http://wordpress.org/donate/">donating</a>. </p>
+<p>WordPress is the official continuation of <a href="http://cafelog.com/">b2/caf&eacute;log</a>, which came from Michel V. The work has been continued by the <a href="http://wordpress.org/about/">WordPress developers</a>. If you would like to support WordPress, please consider <a href="http://wordpress.org/donate/">donating</a>.</p>
 
 <h1>Upgrading from another system</h1>
-<p>WordPress can <a href="http://codex.wordpress.org/Importing_from_other_blogging_software">import from a number of systems</a>. First you need to get WordPress installed and working as described above.</p>
+<p>WordPress can <a href="http://codex.wordpress.org/Importing_Content">import from a number of systems</a>. First you need to get WordPress installed and working as described above.</p>
 
-<h1 id="templates">XML-RPC Interface</h1>
-<p>You can now post to your WordPress blog with tools like <a href="http://ecto.kung-foo.tv/">Ecto</a>, <a href="http://blogbuddy.sourceforge.net">BlogBuddy</a>, <a href="http://bloggar.com/">Bloggar</a>, <a href="http://www.ubique.ch/wapblogger/">WapBlogger</a> (post from your Wap cellphone!), <a href="http://radio.userland.com">Radio Userland</a> (which means you can use Radio's email-to-blog feature), <a href="http://www.zempt.com/">Zempt</a>, <a href="http://www.newzcrawler.com/">NewzCrawler</a>, and other tools that support the Blogging APIs! :) You can read more about <a href="http://codex.wordpress.org/XML-RPC_Support">XML-RPC support on the Codex</a>.</p>
+<h1>XML-RPC and Atom Interface</h1>
+<p>You can now post to your WordPress blog with tools like <a href="http://windowslivewriter.spaces.live.com/">Windows Live Writer</a>, <a href="http://ecto.kung-foo.tv/">Ecto</a>, <a href="http://bloggar.com/">Bloggar</a>, <a href="http://radio.userland.com">Radio Userland</a> (which means you can use Radio's email-to-blog feature), <a href="http://www.newzcrawler.com/">NewzCrawler</a>, and other tools that support the Blogging APIs! :) You can read more about <a href="http://codex.wordpress.org/XML-RPC_Support">XML-RPC support on the Codex</a>.</p>
 
 <h1>Post via Email</h1>
-<p>You can post from an email client! To set this up go to your &quot;Writing&quot; options screen and fill in the connection details for your secret POP3 account. Then you need to set up <code>wp-mail.php</code> to execute periodically to check the mailbox for new posts. You can do it with Cron-jobs, or if your host doesn't support it you can look into the various website-monitoring services, and make them check your <code>wp-mail.php</code> URL. </p>
-<p> Posting is easy: Any email sent to the address you specify will be posted, with the subject as the title. It is best to keep the address dicrete. The script will <i>delete</i> emails that are successfully posted. </p>
-<h1 id="notes">User Levels </h1>
-<p>You may allow or disallow user registration in your <a href="wp-admin/options-general.php">General options</a>. If &quot;new users can blog&quot; is disabled you must first raise the level of a newly registered user to allow them to post. Click the plus sign next to their name on the <a href="wp-admin/users.php">Users</a> page. </p>
-<h2>User Levels</h2>
-<ul>
-	<li>0 - New User </li>
-	<li>1 - User can post, edit, and delete their own posts.</li>
-	<li>5+ - Admin; can post, edit, delete other people's posts, and change the options.</li>
-	<li>Any user whose level is higher than 1, can edit and delete the posts and change the level of lower users. Example: a level 2 user is not an admin, but can edit the posts of level 1 users, and up the level of a new user from 0 to 1.</li>
-</ul>
-<p>Usually you want to have a team of level 1 users except for you.</p>
+<p>You can post from an email client! To set this up go to your &quot;Writing&quot; options screen and fill in the connection details for your secret POP3 account. Then you need to set up <code>wp-mail.php</code> to execute periodically to check the mailbox for new posts. You can do it with Cron-jobs, or if your host doesn't support it you can look into the various website-monitoring services, and make them check your <code>wp-mail.php</code> URL.</p>
+<p>Posting is easy: Any email sent to the address you specify will be posted, with the subject as the title. It is best to keep the address dicrete. The script will <i>delete</i> emails that are successfully posted.</p>
+
+<h1>User Roles</h1>
+<p>We've eliminated user levels in order to make way for the much more flexible roles system introduced in 2.0. You can <a href="http://codex.wordpress.org/Roles_and_Capabilities">read more about Roles and Capabilities on the Codex</a>.</p>
+
 <h1> Final notes</h1>
 <ul>
-	<li>If you have any suggestions, ideas, comments, or if you (gasp!) found a bug, join us in the <a href="http://wordpress.org/support/">Support Forums</a></li>
+	<li>If you have any suggestions, ideas, comments, or if you (gasp!) found a bug, join us in the <a href="http://wordpress.org/support/">Support Forums</a>.</li>
 	<li>WordPress now has a robust plugin API that makes extending the code easy. If you are a developer interested in utilizing this see the <a href="http://codex.wordpress.org/Plugin_API">plugin documentation in the Codex</a>. In most all cases you shouldn't modify any of the core code.</li>
 </ul>
 
@@ -123,4 +88,4 @@
 <p>WordPress is released under the <abbr title="GNU Public License">GPL</abbr> (see <a href="license.txt">license.txt</a>).</p>
 
 </body>
-</html>
+</html>

wp-admin/admin-ajax.php

@@ -0,0 +1,296 @@
+<?php
+require_once('../wp-config.php');
+require_once('admin-functions.php');
+require_once('admin-db.php');
+
+define('DOING_AJAX', true);
+
+check_ajax_referer();
+if ( !is_user_logged_in() )
+	die('-1');
+
+function get_out_now() { exit; }
+add_action( 'shutdown', 'get_out_now', -1 );
+
+function wp_ajax_meta_row( $pid, $mid, $key, $value ) {
+	$value = attribute_escape($value);
+	$key_js = addslashes(wp_specialchars($key, 'double'));
+	$key = attribute_escape($key);
+	$r .= "<tr id='meta-$mid'><td valign='top'>";
+	$r .= "<input name='meta[$mid][key]' tabindex='6' onkeypress='return killSubmit(\"theList.ajaxUpdater(&#039;meta&#039;,&#039;meta-$mid&#039;);\",event);' type='text' size='20' value='$key' />";
+	$r .= "</td><td><textarea name='meta[$mid][value]' tabindex='6' rows='2' cols='30'>$value</textarea></td><td align='center'>";
+	$r .= "<input name='updatemeta' type='button' class='updatemeta' tabindex='6' value='".attribute_escape(__('Update'))."' onclick='return theList.ajaxUpdater(&#039;meta&#039;,&#039;meta-$mid&#039;);' /><br />";
+	$r .= "<input name='deletemeta[$mid]' type='submit' onclick=\"return deleteSomething( 'meta', $mid, '";
+	$r .= js_escape(sprintf(__("You are about to delete the '%s' custom field on this post.\n'OK' to delete, 'Cancel' to stop."), $key_js));
+	$r .= "' );\" class='deletemeta' tabindex='6' value='".attribute_escape(__('Delete'))."' /></td></tr>";
+	return $r;
+}
+
+$id = (int) $_POST['id'];
+switch ( $_POST['action'] ) :
+case 'delete-comment' :
+	if ( !$comment = get_comment( $id ) )
+		die('0');
+	if ( !current_user_can( 'edit_post', $comment->comment_post_ID ) )
+		die('-1');
+
+	if ( wp_delete_comment( $comment->comment_ID ) )
+		die('1');
+	else	die('0');
+	break;
+case 'delete-comment-as-spam' :
+	if ( !$comment = get_comment( $id ) )
+		die('0');
+	if ( !current_user_can( 'edit_post', $comment->comment_post_ID ) )
+		die('-1');
+
+	if ( wp_set_comment_status( $comment->comment_ID, 'spam' ) )
+		die('1');
+	else	die('0');
+	break;
+case 'delete-cat' :
+	if ( !current_user_can( 'manage_categories' ) )
+		die('-1');
+
+	if ( wp_delete_category( $id ) )
+		die('1');
+	else	die('0');
+	break;
+case 'delete-link' :
+	if ( !current_user_can( 'manage_links' ) )
+		die('-1');
+
+	if ( wp_delete_link( $id ) )
+		die('1');
+	else	die('0');
+	break;
+case 'delete-meta' :
+	if ( !$meta = get_post_meta_by_id( $id ) )
+		die('0');
+	if ( !current_user_can( 'edit_post', $meta->post_id ) )
+		die('-1');
+	if ( delete_meta( $meta->meta_id ) )
+		die('1');
+	die('0');
+	break;
+case 'delete-post' :
+	if ( !current_user_can( 'delete_post', $id ) )
+		die('-1');
+
+	if ( wp_delete_post( $id ) )
+		die('1');
+	else	die('0');
+	break;
+case 'delete-page' :
+	if ( !current_user_can( 'delete_page', $id ) )
+		die('-1');
+
+	if ( wp_delete_post( $id ) )
+		die('1');
+	else	die('0');
+	break;
+case 'dim-comment' :
+	if ( !$comment = get_comment( $id ) )
+		die('0');
+	if ( !current_user_can( 'edit_post', $comment->comment_post_ID ) )
+		die('-1');
+	if ( !current_user_can( 'moderate_comments' ) )
+		die('-1');
+
+	if ( 'unapproved' == wp_get_comment_status($comment->comment_ID) ) {
+		if ( wp_set_comment_status( $comment->comment_ID, 'approve' ) )
+			die('1');
+	} else {
+		if ( wp_set_comment_status( $comment->comment_ID, 'hold' ) )
+			die('1');
+	}
+	die('0');
+	break;
+case 'add-category' : // On the Fly
+	if ( !current_user_can( 'manage_categories' ) )
+		die('-1');
+	$names = explode(',', $_POST['newcat']);
+	$x = new WP_Ajax_Response();
+	foreach ( $names as $cat_name ) {
+		$cat_name = trim($cat_name);
+		if ( !$category_nicename = sanitize_title($cat_name) )
+			die('0');
+		if ( !$cat_id = category_exists( $cat_name ) )
+			$cat_id = wp_create_category( $cat_name );
+		$cat_name = wp_specialchars(stripslashes($cat_name));
+		$x->add( array(
+			'what' => 'category',
+			'id' => $cat_id,
+			'data' => "<li id='category-$cat_id'><label for='in-category-$cat_id' class='selectit'><input value='$cat_id' type='checkbox' checked='checked' name='post_category[]' id='in-category-$cat_id'/> $cat_name</label></li>"
+		) );
+	}
+	$x->send();
+	break;
+case 'add-cat' : // From Manage->Categories
+	if ( !current_user_can( 'manage_categories' ) )
+		die('-1');
+	if ( !$cat = wp_insert_category( $_POST ) )
+		die('0');
+	if ( !$cat = get_category( $cat ) )
+		die('0');
+	$level = 0;
+	$cat_full_name = $cat->cat_name;
+	$_cat = $cat;
+	while ( $_cat->category_parent ) {
+		$_cat = get_category( $_cat->category_parent );
+		$cat_full_name = $_cat->cat_name . ' &#8212; ' . $cat_full_name;
+		$level++;
+	}
+	$cat_full_name = attribute_escape($cat_full_name);
+
+	$x = new WP_Ajax_Response( array(
+		'what' => 'cat',
+		'id' => $cat->cat_ID,
+		'data' => _cat_row( $cat, $level, $cat_full_name ),
+		'supplemental' => array('name' => $cat_full_name, 'show-link' => sprintf(__( 'Category <a href="#%s">%s</a> added' ), "cat-$cat->cat_ID", $cat_full_name))
+	) );
+	$x->send();
+	break;
+case 'add-comment' :
+	if ( !current_user_can( 'edit_post', $id ) )
+		die('-1');
+	$search = isset($_POST['s']) ? $_POST['s'] : false;
+	$start = isset($_POST['page']) ? intval($_POST['page']) * 25 : 25;
+
+	list($comments, $total) = _wp_get_comment_list( $search, $start, 1 );
+
+	if ( !$comments )
+		die('1');
+	$x = new WP_Ajax_Response();
+	foreach ( (array) $comments as $comment ) {
+		get_comment( $comment );
+		ob_start();
+			_wp_comment_list_item( $comment->comment_ID );
+			$comment_list_item = ob_get_contents();
+		ob_end_clean();
+		$x->add( array(
+			'what' => 'comment',
+			'id' => $comment->comment_ID,
+			'data' => $comment_list_item
+		) );
+	}
+	$x->send();
+	break;
+case 'add-meta' :
+	if ( !current_user_can( 'edit_post', $id ) )
+		die('-1');
+	if ( $id < 0 ) {
+		$now = current_time('timestamp', 1);
+		if ( $pid = wp_insert_post( array(
+			'post_title' => sprintf('Draft created on %s at %s', date(get_option('date_format'), $now), date(get_option('time_format'), $now))
+		) ) )
+			$mid = add_meta( $pid );
+		else
+			die('0');
+	} else if ( !$mid = add_meta( $id ) ) {
+		die('0');
+	}
+
+	$meta = get_post_meta_by_id( $mid );
+	$key = $meta->meta_key;
+	$value = $meta->meta_value;
+	$pid = (int) $meta->post_id;
+
+	$x = new WP_Ajax_Response( array(
+		'what' => 'meta',
+		'id' => $mid,
+		'data' => wp_ajax_meta_row( $pid, $mid, $key, $value ),
+		'supplemental' => array('postid' => $pid)
+	) );
+	$x->send();
+	break;
+case 'update-meta' :
+	$mid = (int) array_pop(array_keys($_POST['meta']));
+	$key = $_POST['meta'][$mid]['key'];
+	$value = $_POST['meta'][$mid]['value'];
+	if ( !$meta = get_post_meta_by_id( $mid ) )
+		die('0'); // if meta doesn't exist
+	if ( !current_user_can( 'edit_post', $meta->post_id ) )
+		die('-1');
+	if ( $u = update_meta( $mid, $key, $value ) ) {
+		$key = stripslashes($key);
+		$value = stripslashes($value);
+		$x = new WP_Ajax_Response( array(
+			'what' => 'meta',
+			'id' => $mid,
+			'data' => wp_ajax_meta_row( $meta->post_id, $mid, $key, $value ),
+			'supplemental' => array('postid' => $meta->post_id)
+		) );
+		$x->send();
+	}
+	die('1'); // We know meta exists; we also know it's unchanged (or DB error, in which case there are bigger problems).
+	break;
+case 'add-user' :
+	if ( !current_user_can('edit_users') )
+		die('-1');
+	require_once(ABSPATH . WPINC . '/registration.php');
+	if ( !$user_id = add_user() )
+		die('0');
+	elseif ( is_wp_error( $user_id ) ) {
+		foreach( $user_id->get_error_messages() as $message )
+			echo "<p>$message<p>";
+		exit;
+	}
+	$user_object = new WP_User( $user_id );
+	$x = new WP_Ajax_Response( array(
+		'what' => 'user',
+		'id' => $user_id,
+		'data' => user_row( $user_object ),
+		'supplemental' => array('show-link' => sprintf(__( 'User <a href="#%s">%s</a> added' ), "user-$user_id", $user_object->user_login))
+	) );
+	$x->send();
+	break;
+case 'autosave' : // The name of this action is hardcoded in edit_post()
+	$_POST['post_content'] = $_POST['content'];
+	$_POST['post_excerpt'] = $_POST['excerpt'];
+	$_POST['post_status'] = 'draft';
+	$_POST['post_category'] = explode(",", $_POST['catslist']);
+	if($_POST['post_type'] == 'page' || empty($_POST['post_category']))
+		unset($_POST['post_category']);
+
+	if($_POST['post_ID'] < 0) {
+		$_POST['temp_ID'] = $_POST['post_ID'];
+		$id = wp_write_post();
+		if( is_wp_error($id) )
+			die($id->get_error_message());
+		else
+			die("$id");
+	} else {
+		$post_ID = (int) $_POST['post_ID'];
+		$_POST['ID'] = $post_ID;
+		$post = get_post($post_ID);
+		if ( 'page' == $post->post_type ) {
+			if ( !current_user_can('edit_page', $post_ID) )
+				die(__('You are not allowed to edit this page.'));
+		} else {
+			if ( !current_user_can('edit_post', $post_ID) )
+				die(__('You are not allowed to edit this post.'));
+		}
+		wp_update_post($_POST);
+	}
+	die('0');
+break;
+case 'autosave-generate-nonces' :
+	$ID = (int) $_POST['post_ID'];
+	if($_POST['post_type'] == 'post') {
+		if(current_user_can('edit_post', $ID))
+			die(wp_create_nonce('update-post_' . $ID));
+	}
+	if($_POST['post_type'] == 'page') {
+		if(current_user_can('edit_page', $ID)) {
+			die(wp_create_nonce('update-page_' . $ID));
+		}
+	}
+	die('0');
+break;
+default :
+	do_action( 'wp_ajax_' . $_POST['action'] );
+	die('0');
+	break;
+endswitch;
+?>

wp-admin/admin-db.php

@@ -0,0 +1,525 @@
+<?php
+
+function get_users_drafts( $user_id ) {
+	global $wpdb;
+	$user_id = (int) $user_id;
+	$query = "SELECT ID, post_title FROM $wpdb->posts WHERE post_type = 'post' AND post_status = 'draft' AND post_author = $user_id ORDER BY ID DESC";
+	$query = apply_filters('get_users_drafts', $query);
+	return $wpdb->get_results( $query );
+}
+
+function get_others_drafts( $user_id ) {
+	global $wpdb;
+	$user = get_userdata( $user_id );
+	$level_key = $wpdb->prefix . 'user_level';
+
+	$editable = get_editable_user_ids( $user_id );
+
+	if( !$editable ) {
+		$other_drafts = '';
+	} else {
+		$editable = join(',', $editable);
+		$other_drafts = $wpdb->get_results("SELECT ID, post_title FROM $wpdb->posts WHERE post_type = 'post' AND post_status = 'draft' AND post_author IN ($editable) AND post_author != '$user_id' ");
+	}
+
+	return apply_filters('get_others_drafts', $other_drafts);
+}
+
+function get_editable_authors( $user_id ) {
+	global $wpdb;
+
+	$editable = get_editable_user_ids( $user_id );
+
+	if( !$editable ) {
+		return false;
+	} else {
+		$editable = join(',', $editable);
+		$authors = $wpdb->get_results( "SELECT * FROM $wpdb->users WHERE ID IN ($editable) ORDER BY display_name" );
+	}
+
+	return apply_filters('get_editable_authors', $authors);
+}
+
+function get_editable_user_ids( $user_id, $exclude_zeros = true ) {
+	global $wpdb;
+
+	$user = new WP_User( $user_id );
+
+	if ( ! $user->has_cap('edit_others_posts') ) {
+		if ( $user->has_cap('edit_posts') || $exclude_zeros == false )
+			return array($user->id);
+		else
+			return false;
+	}
+
+	$level_key = $wpdb->prefix . 'user_level';
+
+	$query = "SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '$level_key'";
+	if ( $exclude_zeros )
+		$query .= " AND meta_value != '0'";
+
+	return $wpdb->get_col( $query );
+}
+
+function get_author_user_ids() {
+	global $wpdb;
+	$level_key = $wpdb->prefix . 'user_level';
+
+	$query = "SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '$level_key' AND meta_value != '0'";
+
+	return $wpdb->get_col( $query );
+}
+
+function get_nonauthor_user_ids() {
+	global $wpdb;
+	$level_key = $wpdb->prefix . 'user_level';
+
+	$query = "SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '$level_key' AND meta_value = '0'";
+
+	return $wpdb->get_col( $query );
+}
+
+function wp_insert_category($catarr) {
+	global $wpdb;
+
+	extract($catarr, EXTR_SKIP);
+
+	if( trim( $cat_name ) == '' )
+		return 0;
+
+	$cat_ID = (int) $cat_ID;
+
+	// Are we updating or creating?
+	if (!empty ($cat_ID))
+		$update = true;
+	else
+		$update = false;
+
+	$cat_name = apply_filters('pre_category_name', $cat_name);
+
+	if (empty ($category_nicename))
+		$category_nicename = sanitize_title($cat_name);
+	else
+		$category_nicename = sanitize_title($category_nicename);
+	$category_nicename = apply_filters('pre_category_nicename', $category_nicename);
+
+	if (empty ($category_description))
+		$category_description = '';
+	$category_description = apply_filters('pre_category_description', $category_description);
+
+	$category_parent = (int) $category_parent;
+	if ( empty($category_parent) || !get_category( $category_parent ) || ($cat_ID && cat_is_ancestor_of($cat_ID, $category_parent) ) )
+		$category_parent = 0;
+
+	if ( isset($posts_private) )
+		$posts_private = (int) $posts_private;
+	else
+		$posts_private = 0;
+
+	if ( isset($links_private) )
+		$links_private = (int) $links_private;
+	else
+		$links_private = 0;
+
+	if (!$update) {
+		$wpdb->query("INSERT INTO $wpdb->categories (cat_ID, cat_name, category_nicename, category_description, category_parent, links_private, posts_private) VALUES ('0', '$cat_name', '$category_nicename', '$category_description', '$category_parent', '$links_private', '$posts_private')");
+		$cat_ID = (int) $wpdb->insert_id;
+	} else {
+		$wpdb->query ("UPDATE $wpdb->categories SET cat_name = '$cat_name', category_nicename = '$category_nicename', category_description = '$category_description', category_parent = '$category_parent', links_private = '$links_private', posts_private = '$posts_private' WHERE cat_ID = '$cat_ID'");
+	}
+
+	if ( $category_nicename == '' ) {
+		$category_nicename = sanitize_title($cat_name, $cat_ID );
+		$wpdb->query( "UPDATE $wpdb->categories SET category_nicename = '$category_nicename' WHERE cat_ID = '$cat_ID'" );
+	}
+
+	// Keep in mind when using this filter and altering the cat_ID that the two queries above
+	// have already taken place with the OLD cat_ID
+	// Also note that you may have post2cat entries with the old cat_ID if this is an update
+
+	if ($update) {
+		do_action('edit_category', $cat_ID);
+	} else {
+		do_action('create_category', $cat_ID);
+		do_action('add_category', $cat_ID);
+	}
+
+	$cat_ID = apply_filters('cat_id_filter', $cat_ID, $update);
+
+	clean_category_cache($cat_ID);
+
+	if ($update)
+		do_action('edited_category', $cat_ID);
+	else
+		do_action('created_category', $cat_ID);
+	
+	return $cat_ID;
+}
+
+function wp_update_category($catarr) {
+	global $wpdb;
+
+	$cat_ID = (int) $catarr['cat_ID'];
+
+	if( $cat_ID == $catarr['category_parent'] )
+		return false;
+
+	// First, get all of the original fields
+	$category = get_category($cat_ID, ARRAY_A);
+
+	// Escape data pulled from DB.
+	$category = add_magic_quotes($category);
+
+	// Merge old and new fields with new fields overwriting old ones.
+	$catarr = array_merge($category, $catarr);
+
+	return wp_insert_category($catarr);
+}
+
+function wp_delete_category($cat_ID) {
+	global $wpdb;
+
+	$cat_ID = (int) $cat_ID;
+	$default_cat = get_option('default_category');
+	$default_link_cat = get_option('default_link_category');
+
+	// Don't delete either of the default cats
+	if ( $cat_ID == $default_cat || $cat_ID == $default_link_cat )
+		return 0;
+
+	$category = get_category($cat_ID);
+
+	$parent = $category->category_parent;
+
+	// Delete the category
+	if ( !$wpdb->query("DELETE FROM $wpdb->categories WHERE cat_ID = '$cat_ID'") )
+		return 0;
+
+	// Update children to point to new parent
+	$wpdb->query("UPDATE $wpdb->categories SET category_parent = '$parent' WHERE category_parent = '$cat_ID'");
+
+	// Only set posts and links to the default category if they're not in another category already
+	$posts = $wpdb->get_col("SELECT post_id FROM $wpdb->post2cat WHERE category_id='$cat_ID'");
+	foreach ( (array) $posts as $post_id ) {
+		$cats = wp_get_post_categories($post_id);
+		if ( 1 == count($cats) )
+			$cats = array($default_cat);
+		else
+			$cats = array_diff($cats, array($cat_ID));
+		wp_set_post_categories($post_id, $cats);
+	}
+
+	$links = $wpdb->get_col("SELECT link_id FROM $wpdb->link2cat WHERE category_id='$cat_ID'");
+	foreach ( (array) $links as $link_id ) {
+		$cats = wp_get_link_cats($link_id);
+		if ( 1 == count($cats) )
+			$cats = array($default_link_cat);
+		else
+			$cats = array_diff($cats, array($cat_ID));
+		wp_set_link_cats($link_id, $cats);
+	}
+
+	clean_category_cache($cat_ID);
+	do_action('delete_category', $cat_ID);
+	return 1;
+}
+
+function wp_create_category($cat_name) {
+	$cat_array = compact('cat_name');
+	return wp_insert_category($cat_array);
+}
+
+function wp_create_categories($categories, $post_id = '') {
+	$cat_ids = array ();
+	foreach ($categories as $category) {
+		if ($id = category_exists($category))
+			$cat_ids[] = $id;
+		else
+			if ($id = wp_create_category($category))
+				$cat_ids[] = $id;
+	}
+
+	if ($post_id)
+		wp_set_post_categories($post_id, $cat_ids);
+
+	return $cat_ids;
+}
+
+function category_exists($cat_name) {
+	global $wpdb;
+	if (!$category_nicename = sanitize_title($cat_name))
+		return 0;
+
+	return (int) $wpdb->get_var("SELECT cat_ID FROM $wpdb->categories WHERE category_nicename = '$category_nicename'");
+}
+
+function wp_delete_user($id, $reassign = 'novalue') {
+	global $wpdb;
+
+	$id = (int) $id;
+	$user = get_userdata($id);
+
+	if ($reassign == 'novalue') {
+		$post_ids = $wpdb->get_col("SELECT ID FROM $wpdb->posts WHERE post_author = $id");
+
+		if ($post_ids) {
+			foreach ($post_ids as $post_id)
+				wp_delete_post($post_id);
+		}
+
+		// Clean links
+		$wpdb->query("DELETE FROM $wpdb->links WHERE link_owner = $id");
+	} else {
+		$reassign = (int) $reassign;
+		$wpdb->query("UPDATE $wpdb->posts SET post_author = {$reassign} WHERE post_author = {$id}");
+		$wpdb->query("UPDATE $wpdb->links SET link_owner = {$reassign} WHERE link_owner = {$id}");
+	}
+
+	// FINALLY, delete user
+	do_action('delete_user', $id);
+
+	$wpdb->query("DELETE FROM $wpdb->users WHERE ID = $id");
+	$wpdb->query("DELETE FROM $wpdb->usermeta WHERE user_id = '$id'");
+
+	wp_cache_delete($id, 'users');
+	wp_cache_delete($user->user_login, 'userlogins');
+
+	return true;
+}
+
+function wp_revoke_user($id) {
+	$id = (int) $id;
+
+	$user = new WP_User($id);
+	$user->remove_all_caps();
+}
+
+function wp_insert_link($linkdata) {
+	global $wpdb, $current_user;
+
+	extract($linkdata, EXTR_SKIP);
+
+	$update = false;
+
+	if ( !empty($link_id) )
+		$update = true;
+
+	$link_id = (int) $link_id;
+
+	if( trim( $link_name ) == '' )
+		return 0;
+	$link_name = apply_filters('pre_link_name', $link_name);
+
+	if( trim( $link_url ) == '' )
+		return 0;
+	$link_url = apply_filters('pre_link_url', $link_url);
+
+	if ( empty($link_rating) )
+		$link_rating = 0;
+	else
+		$link_rating = (int) $link_rating;
+
+	if ( empty($link_image) )
+		$link_image = '';
+	$link_image = apply_filters('pre_link_image', $link_image);
+
+	if ( empty($link_target) )
+		$link_target = '';
+	$link_target = apply_filters('pre_link_target', $link_target);
+
+	if ( empty($link_visible) )
+		$link_visible = 'Y';
+	$link_visibile = preg_replace('/[^YNyn]/', '', $link_visible);
+
+	if ( empty($link_owner) )
+		$link_owner = $current_user->id;
+	else
+		$link_owner = (int) $link_owner;
+
+	if ( empty($link_notes) )
+		$link_notes = '';
+	$link_notes = apply_filters('pre_link_notes', $link_notes);
+
+	if ( empty($link_description) )
+		$link_description = '';
+	$link_description = apply_filters('pre_link_description', $link_description);
+
+	if ( empty($link_rss) )
+		$link_rss = '';
+	$link_rss = apply_filters('pre_link_rss', $link_rss);
+
+	if ( empty($link_rel) )
+		$link_rel = '';
+	$link_rel = apply_filters('pre_link_rel', $link_rel);
+
+	// Make sure we set a valid category
+	if (0 == count($link_category) || !is_array($link_category)) {
+		$link_category = array(get_option('default_link_category'));
+	}
+
+	if ( $update ) {
+		$wpdb->query("UPDATE $wpdb->links SET link_url='$link_url',
+			link_name='$link_name', link_image='$link_image',
+			link_target='$link_target',
+			link_visible='$link_visible', link_description='$link_description',
+			link_rating='$link_rating', link_rel='$link_rel',
+			link_notes='$link_notes', link_rss = '$link_rss'
+			WHERE link_id='$link_id'");
+	} else {
+		$wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_image, link_target, link_description, link_visible, link_owner, link_rating, link_rel, link_notes, link_rss) VALUES('$link_url','$link_name', '$link_image', '$link_target', '$link_description', '$link_visible', '$link_owner', '$link_rating', '$link_rel', '$link_notes', '$link_rss')");
+		$link_id = (int) $wpdb->insert_id;
+	}
+
+	wp_set_link_cats($link_id, $link_category);
+
+	if ( $update )
+		do_action('edit_link', $link_id);
+	else
+		do_action('add_link', $link_id);
+
+	return $link_id;
+}
+
+function wp_update_link($linkdata) {
+	global $wpdb;
+
+	$link_id = (int) $linkdata['link_id'];
+
+	$link = get_link($link_id, ARRAY_A);
+
+	// Escape data pulled from DB.
+	$link = add_magic_quotes($link);
+
+	// Passed link category list overwrites existing category list if not empty.
+	if ( isset($linkdata['link_category']) && is_array($linkdata['link_category'])
+			 && 0 != count($linkdata['link_category']) )
+		$link_cats = $linkdata['link_category'];
+	else
+		$link_cats = $link['link_category'];
+
+	// Merge old and new fields with new fields overwriting old ones.
+	$linkdata = array_merge($link, $linkdata);
+	$linkdata['link_category'] = $link_cats;
+
+	return wp_insert_link($linkdata);
+}
+
+function wp_delete_link($link_id) {
+	global $wpdb;
+
+	do_action('delete_link', $link_id);
+
+	$categories = wp_get_link_cats($link_id);
+	if( is_array( $categories ) ) {
+		foreach ( $categories as $category ) {
+			$wpdb->query("UPDATE $wpdb->categories SET link_count = link_count - 1 WHERE cat_ID = '$category'");
+			wp_cache_delete($category, 'category');
+			do_action('edit_category', $cat_id);
+		}
+	}
+
+	$wpdb->query("DELETE FROM $wpdb->link2cat WHERE link_id = '$link_id'");
+	$wpdb->query("DELETE FROM $wpdb->links WHERE link_id = '$link_id'");
+	
+	do_action('deleted_link', $link_id);
+
+	return true;
+}
+
+function wp_get_link_cats($link_ID = 0) {
+	global $wpdb;
+
+	$sql = "SELECT category_id
+		FROM $wpdb->link2cat
+		WHERE link_id = $link_ID
+		ORDER BY category_id";
+
+	$result = $wpdb->get_col($sql);
+
+	if ( !$result )
+		$result = array();
+
+	return array_unique($result);
+}
+
+function wp_set_link_cats($link_ID = 0, $link_categories = array()) {
+	global $wpdb;
+	// If $link_categories isn't already an array, make it one:
+	if (!is_array($link_categories) || 0 == count($link_categories))
+		$link_categories = array(get_option('default_link_category'));
+
+	$link_categories = array_unique($link_categories);
+
+	// First the old categories
+	$old_categories = $wpdb->get_col("
+		SELECT category_id
+		FROM $wpdb->link2cat
+		WHERE link_id = '$link_ID'");
+
+	if (!$old_categories) {
+		$old_categories = array();
+	} else {
+		$old_categories = array_unique($old_categories);
+	}
+
+	// Delete any?
+	$delete_cats = array_diff($old_categories,$link_categories);
+
+	if ($delete_cats) {
+		foreach ($delete_cats as $del) {
+			$del = (int) $del;
+			$wpdb->query("
+				DELETE FROM $wpdb->link2cat
+				WHERE category_id = '$del'
+					AND link_id = '$link_ID'
+				");
+		}
+	}
+
+	// Add any?
+	$add_cats = array_diff($link_categories, $old_categories);
+
+	if ($add_cats) {
+		foreach ($add_cats as $new_cat) {
+			$new_cat = (int) $new_cat;
+			if ( !empty($new_cat) )
+				$wpdb->query("
+					INSERT INTO $wpdb->link2cat (link_id, category_id)
+					VALUES ('$link_ID', '$new_cat')");
+		}
+	}
+
+	// Update category counts.
+	$all_affected_cats = array_unique(array_merge($link_categories, $old_categories));
+	foreach ( $all_affected_cats as $cat_id ) {
+		$count = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->link2cat, $wpdb->links WHERE $wpdb->links.link_id = $wpdb->link2cat.link_id AND category_id = '$cat_id'");
+		$wpdb->query("UPDATE $wpdb->categories SET link_count = '$count' WHERE cat_ID = '$cat_id'");
+		wp_cache_delete($cat_id, 'category');
+		do_action('edit_category', $cat_id);
+	}
+
+}	// wp_set_link_cats()
+
+function post_exists($title, $content = '', $post_date = '') {
+	global $wpdb;
+
+	if (!empty ($post_date))
+		$post_date = "AND post_date = '$post_date'";
+
+	if (!empty ($title))
+		return $wpdb->get_var("SELECT ID FROM $wpdb->posts WHERE post_title = '$title' $post_date");
+	else
+		if (!empty ($content))
+			return $wpdb->get_var("SELECT ID FROM $wpdb->posts WHERE post_content = '$content' $post_date");
+
+	return 0;
+}
+
+function comment_exists($comment_author, $comment_date) {
+	global $wpdb;
+
+	return $wpdb->get_var("SELECT comment_post_ID FROM $wpdb->comments
+			WHERE comment_author = '$comment_author' AND comment_date = '$comment_date'");
+}
+
+?>

wp-admin/admin-footer.php

@@ -1,13 +1,10 @@
 
-<div id="footer"><p><a href="http://wordpress.org/"><img src="../wp-images/wp-small.png" alt="WordPress" /></a><br />
-<?php bloginfo('version'); ?> <br /> 
-<a href="http://codex.wordpress.org/"><?php _e('Documentation'); ?></a> &#8212; <a href="http://wordpress.org/support/"><?php _e('Support Forums'); ?></a> <br />
-<?php printf(__('%s seconds'), number_format(timer_stop(), 2)); ?>
-</p>
-
+<div id="footer">
+<p class="logo"><a href="http://wordpress.org/" id="wordpress-logo"><img src="images/wordpress-logo.png" alt="WordPress" /></a></p>
+<p class="docs"><?php _e('<a href="http://codex.wordpress.org/">Documentation</a>'); ?> &#8212; <?php _e('<a href="http://wordpress.org/support/">Support Forums</a>'); ?><br />
+<?php bloginfo('version'); ?> &#8212; <?php printf(__('%s seconds'), timer_stop(0, 2)); ?></p>
 </div>
-
 <?php do_action('admin_footer', ''); ?>
-
+<script type="text/javascript">if(typeof wpOnload=='function')wpOnload();</script>
 </body>
 </html>

wp-admin/admin-header.php

@@ -1,93 +1,52 @@
-<?php 
+<?php
 @header('Content-type: ' . get_option('html_type') . '; charset=' . get_option('blog_charset'));
-if (!isset($_GET["page"])) require_once('admin.php'); ?>
-<?php get_admin_page_title(); ?>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-<head>
-<title><?php bloginfo('name') ?> &rsaquo; <?php echo $title; ?> &#8212; WordPress</title>
-<link rel="stylesheet" href="<?php echo get_settings('siteurl') ?>/wp-admin/wp-admin.css?version=<?php bloginfo('version'); ?>" type="text/css" />
-<meta http-equiv="Content-Type" content="<?php bloginfo('html_type'); ?>; charset=<?php echo get_settings('blog_charset'); ?>" />
+if (!isset($_GET["page"])) require_once('admin.php');
+if ( $editing ) {
+	wp_enqueue_script( array('dbx-admin-key?pagenow=' . attribute_escape($pagenow),'admin-custom-fields') );
+	if ( current_user_can('manage_categories') )
+		wp_enqueue_script( 'ajaxcat' );
+	if ( user_can_richedit() )
+		wp_enqueue_script( 'wp_tiny_mce' );
+}
 
+get_admin_page_title();
+
+?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" <?php do_action('admin_xml_ns'); ?> <?php language_attributes(); ?>>
+<head>
+<meta http-equiv="Content-Type" content="<?php bloginfo('html_type'); ?>; charset=<?php echo get_option('blog_charset'); ?>" />
+<title><?php bloginfo('name') ?> &rsaquo; <?php echo wp_specialchars( strip_tags( $title ) ); ?> &#8212; WordPress</title>
+<link rel="stylesheet" href="<?php echo get_option('siteurl') ?>/wp-admin/wp-admin.css?version=<?php bloginfo('version'); ?>" type="text/css" />
+<?php if ( ('rtl' == $wp_locale->text_direction) ) : ?>
+<link rel="stylesheet" href="<?php echo get_option('siteurl') ?>/wp-admin/rtl.css?version=<?php bloginfo('version'); ?>" type="text/css" />
+<?php endif; ?> 
 <script type="text/javascript">
 //<![CDATA[
-
-function customToggleLink() {
-	// TODO: Only show link if there's a hidden row
-	document.write('<small>(<a href="javascript:;" id="customtoggle" onclick="toggleHidden()"><?php _e('Show hidden'); ?></a>)</small>');
-	// TODO: Rotate link to say "show" or "hide"
-	// TODO: Use DOM
-}
-
-function toggleHidden() {
-	var allElements = document.getElementsByTagName('tr');
-	for (i = 0; i < allElements.length; i++) {
-		if ( allElements[i].className.indexOf('hidden') != -1 ) {
-			 allElements[i].className = allElements[i].className.replace('hidden', '');
-		}
-	}
-}
-
-<?php if ( isset($xfn) ) : ?>
-
-function GetElementsWithClassName(elementName, className) {
-	var allElements = document.getElementsByTagName(elementName);
-	var elemColl = new Array();
-	for (i = 0; i < allElements.length; i++) {
-		if (allElements[i].className == className) {
-			elemColl[elemColl.length] = allElements[i];
-		}
-	}
-	return elemColl;
-}
-
-function meChecked() {
-  var undefined;
-  var eMe = document.getElementById('me');
-  if (eMe == undefined) return false;
-  else return eMe.checked;
-}
-
-function upit() {
-	var isMe = meChecked(); //document.getElementById('me').checked;
-	var inputColl = GetElementsWithClassName('input', 'valinp');
-	var results = document.getElementById('rel');
-	var linkText, linkUrl, inputs = '';
-	for (i = 0; i < inputColl.length; i++) {
-		 inputColl[i].disabled = isMe;
-		 inputColl[i].parentNode.className = isMe ? 'disabled' : '';
-		 if (!isMe && inputColl[i].checked && inputColl[i].value != '') {
-			inputs += inputColl[i].value + ' ';
-				}
-		 }
-	inputs = inputs.substr(0,inputs.length - 1);
-	if (isMe) inputs='me';
-	results.value = inputs;
-	}
-
-function blurry() {
-	if (!document.getElementById) return;
-
-	var aInputs = document.getElementsByTagName('input');
-
-	for (var i = 0; i < aInputs.length; i++) {		
-		 aInputs[i].onclick = aInputs[i].onkeyup = upit;
-	}
-}
-
-window.onload = blurry;
-<?php endif; ?>
-
+function addLoadEvent(func) {if ( typeof wpOnload!='function'){wpOnload=func;}else{ var oldonload=wpOnload;wpOnload=function(){oldonload();func();}}}
 //]]>
 </script>
+<?php if ( ($parent_file != 'link-manager.php') && ($parent_file != 'options-general.php') ) : ?>
+<style type="text/css">* html { overflow-x: hidden; }</style>
+<?php endif;
+if ( isset($page_hook) )
+	do_action('admin_print_scripts-' . $page_hook);
+else if ( isset($plugin_page) )
+	do_action('admin_print_scripts-' . $plugin_page);
+do_action('admin_print_scripts');
 
-<?php do_action('admin_head', ''); ?>
+if ( isset($page_hook) )
+	do_action('admin_head-' . $page_hook);
+else if ( isset($plugin_page) )
+	do_action('admin_head-' . $plugin_page);
+do_action('admin_head');
+?>
 </head>
 <body>
-
 <div id="wphead">
-<h1><?php echo wptexturize(get_settings(('blogname'))); ?> <span>(<a href="<?php echo get_settings('home') . '/'; ?>"><?php _e('View site') ?> &raquo;</a>)</span></h1>
+<h1><?php bloginfo('name'); ?> <span>(<a href="<?php echo get_option('home') . '/'; ?>"><?php _e('View site &raquo;') ?></a>)</span></h1>
 </div>
+<div id="user_info"><p><?php printf(__('Howdy, <strong>%s</strong>.'), $user_identity) ?> [<a href="<?php echo get_option('siteurl'); ?>/wp-login.php?action=logout" title="<?php _e('Log out of this account') ?>"><?php _e('Sign Out'); ?></a>, <a href="profile.php"><?php _e('My Profile'); ?></a>] </p></div>
 
 <?php
 require(ABSPATH . '/wp-admin/menu-header.php');

wp-admin/admin.php

@@ -3,69 +3,105 @@ if ( defined('ABSPATH') )
 	require_once( ABSPATH . 'wp-config.php');
 else
     require_once('../wp-config.php');
-    
+
+if ( get_option('db_version') != $wp_db_version ) {
+	wp_redirect(get_option('siteurl') . '/wp-admin/upgrade.php?_wp_http_referer=' . urlencode(stripslashes($_SERVER['REQUEST_URI'])));
+	exit;
+}
+
 require_once(ABSPATH . 'wp-admin/admin-functions.php');
+require_once(ABSPATH . 'wp-admin/admin-db.php');
+require_once(ABSPATH . WPINC . '/registration.php');
+
 auth_redirect();
 
-header('Expires: Wed, 11 Jan 1984 05:00:00 GMT');
-header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
-header('Cache-Control: no-cache, must-revalidate, max-age=0');
-header('Pragma: no-cache');
+nocache_headers();
 
 update_category_cache();
 
-get_currentuserinfo();
+wp_get_current_user();
 
-$posts_per_page = get_settings('posts_per_page');
-$what_to_show = get_settings('what_to_show');
-$date_format = get_settings('date_format');
-$time_format = get_settings('time_format');
+$posts_per_page = get_option('posts_per_page');
+$what_to_show = get_option('what_to_show');
+$date_format = get_option('date_format');
+$time_format = get_option('time_format');
 
-$wpvarstoreset = array('profile','redirect','redirect_url','a','popuptitle','popupurl','text', 'trackback', 'pingback');
-for ($i=0; $i<count($wpvarstoreset); $i += 1) {
-    $wpvar = $wpvarstoreset[$i];
-    if (!isset($$wpvar)) {
-        if (empty($_POST["$wpvar"])) {
-            if (empty($_GET["$wpvar"])) {
-                $$wpvar = '';
-            } else {
-                $$wpvar = $_GET["$wpvar"];
-            }
-        } else {
-            $$wpvar = $_POST["$wpvar"];
-        }
-    }
+wp_reset_vars(array('profile', 'redirect', 'redirect_url', 'a', 'popuptitle', 'popupurl', 'text', 'trackback', 'pingback'));
+
+wp_enqueue_script( 'fat' );
+
+$editing = false;
+
+if (isset($_GET['page'])) {
+	$plugin_page = stripslashes($_GET['page']);
+	$plugin_page = plugin_basename($plugin_page);
 }
 
 require(ABSPATH . '/wp-admin/menu.php');
 
 // Handle plugin admin pages.
-if (isset($_GET['page'])) {
-	$plugin_page = plugin_basename($_GET['page']);
+if (isset($plugin_page)) {
 	$page_hook = get_plugin_page_hook($plugin_page, $pagenow);
 
 	if ( $page_hook ) {
+		do_action('load-' . $page_hook);
 		if (! isset($_GET['noheader']))
 			require_once(ABSPATH . '/wp-admin/admin-header.php');
-		
+
 		do_action($page_hook);
 	} else {
 		if ( validate_file($plugin_page) ) {
-			die(__('Invalid plugin page'));
+			wp_die(__('Invalid plugin page'));
 		}
-		
-		if (! file_exists(ABSPATH . "wp-content/plugins/$plugin_page"))
-			die(sprintf(__('Cannot load %s.'), $plugin_page));
+
+		if (! file_exists(ABSPATH . PLUGINDIR . "/$plugin_page"))
+			wp_die(sprintf(__('Cannot load %s.'), htmlentities($plugin_page)));
+
+		do_action('load-' . $plugin_page);
 
 		if (! isset($_GET['noheader']))
 			require_once(ABSPATH . '/wp-admin/admin-header.php');
-		
-		include(ABSPATH . "wp-content/plugins/$plugin_page");
+
+		include(ABSPATH . PLUGINDIR . "/$plugin_page");
 	}
-	
+
 	include(ABSPATH . 'wp-admin/admin-footer.php');
 
 	exit();
+} else if (isset($_GET['import'])) {
+
+	$importer = $_GET['import'];
+
+	if ( ! current_user_can('import') )
+		wp_die(__('You are not allowed to import.'));
+
+	if ( validate_file($importer) ) {
+		wp_die(__('Invalid importer.'));
+	}
+
+	if (! file_exists(ABSPATH . "wp-admin/import/$importer.php"))
+		wp_die(__('Cannot load importer.'));
+
+	include(ABSPATH . "wp-admin/import/$importer.php");
+
+	$parent_file = 'edit.php';
+	$submenu_file = 'import.php';
+	$title = __('Import');
+
+	if (! isset($_GET['noheader']))
+		require_once(ABSPATH . 'wp-admin/admin-header.php');
+
+	require_once(ABSPATH . 'wp-admin/upgrade-functions.php');
+
+	define('WP_IMPORTING', true);
+
+	call_user_func($wp_importers[$importer][2]);
+
+	include(ABSPATH . 'wp-admin/admin-footer.php');
+
+	exit();
+} else {
+	do_action("load-$pagenow");
 }
 
-?>
+?>

wp-admin/bookmarklet.php

@@ -2,11 +2,10 @@
 $mode = 'bookmarklet';
 require_once('admin.php');
 
-if ($user_level == 0)
-	die ("Cheatin' uh?");
-
-if ('b' == $a) {
+if ( ! current_user_can('edit_posts') )
+	wp_die(__('Cheatin’ uh?'));
 
+if ('b' == $a):
 ?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
@@ -19,40 +18,39 @@ window.close()
 <body></body>
 </html>
 <?php
-} else {
-	$popuptitle = wp_specialchars(stripslashes($popuptitle));
-	$text       = wp_specialchars(stripslashes(urldecode($text)));
-	
-	$popuptitle = funky_javascript_fix($popuptitle);
-	$text       = funky_javascript_fix($text);
-	
-	$post_title = wp_specialchars($_REQUEST['post_title']);
-	if (!empty($post_title)) {
-		$post_title =  stripslashes($post_title);
-	} else {
-		$post_title = $popuptitle;
-	}
-	
-	$edited_post_title = wp_specialchars($post_title);
+exit;
+endif;
 
-// $post_pingback needs to be set in any file that includes edit-form.php
-    $post_pingback = get_settings('default_pingback_flag');
-    
-    $content  = wp_specialchars($_REQUEST['content']);
-	$popupurl = wp_specialchars($_REQUEST['popupurl']);
-    if ( !empty($content) ) {
-        $content = wp_specialchars( stripslashes($_REQUEST['content']) );
-    } else {
-        $content = '<a href="'.$popupurl.'">'.$popuptitle.'</a>'."\n$text";
-    }
-    
-    /* /big funky fixes */
+$post = get_default_post_to_edit();
+
+$popuptitle = wp_specialchars(stripslashes($popuptitle));
+$text       = wp_specialchars(stripslashes(urldecode($text)));
+
+$popuptitle = funky_javascript_fix($popuptitle);
+$text       = funky_javascript_fix($text);
+
+$post_title = wp_specialchars($_REQUEST['post_title']);
+if (!empty($post_title))
+	$post->post_title =  stripslashes($post_title);
+else
+	$post->post_title = $popuptitle;
+
+
+$content  = wp_specialchars($_REQUEST['content']);
+$popupurl = clean_url($_REQUEST['popupurl']);
+if ( !empty($content) ) {
+	$post->post_content = wp_specialchars( stripslashes($_REQUEST['content']) );
+} else {
+	$post->post_content = '<a href="'.$popupurl.'">'.$popuptitle.'</a>'."\n$text";
+}
+
+/* /big funky fixes */
 
 ?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
 <title><?php bloginfo('name') ?> &rsaquo; Bookmarklet &#8212; WordPress</title>
-<meta http-equiv="Content-Type" content="<?php bloginfo('html_type'); ?>; charset=<?php echo get_settings('blog_charset'); ?>" />
+<meta http-equiv="Content-Type" content="<?php bloginfo('html_type'); ?>; charset=<?php echo get_option('blog_charset'); ?>" />
 <link rel="stylesheet" href="wp-admin.css" type="text/css" />
 
 <style type="text/css">
@@ -79,15 +77,15 @@ window.close()
 }
 
 #wpbookmarklet .wrap {
-    border: 0px;
+	border: 0px;
 }
 
 #wpbookmarklet #postdiv {
-    margin-bottom: 0.5em;
+	margin-bottom: 0.5em;
 }
 
 #wpbookmarklet #titlediv {
-    margin-bottom: 1em;
+	margin-bottom: 1em;
 }
 
 -->
@@ -103,6 +101,4 @@ window.close()
 <?php do_action('admin_footer', ''); ?>
 
 </body>
-</html><?php
-}
-?>
+</html>

wp-admin/cat.js

@@ -0,0 +1,10 @@
+addLoadEvent(function(){catList=new listMan('categorychecklist');catList.ajaxRespEl='jaxcat';catList.topAdder=1;catList.alt=0;catList.showLink=0;});
+addLoadEvent(newCatAddIn);
+function newCatAddIn() {
+	var jaxcat = $('jaxcat');
+	if ( !jaxcat )
+		return false;
+	Element.update(jaxcat,'<span id="ajaxcat"><input type="text" name="newcat" id="newcat" size="16" autocomplete="off"/><input type="button" name="Button" id="catadd" value="' + catL10n.add + '"/><input type="hidden"/><span id="howto">' + catL10n.how + '</span></span>');
+	$('newcat').onkeypress = function(e) { return killSubmit("catList.ajaxAdder('category','jaxcat');", e); };
+	$('catadd').onclick = function() { catList.ajaxAdder('category', 'jaxcat'); };
+}

wp-admin/categories.js

@@ -0,0 +1,16 @@
+addLoadEvent(function() {
+	if (!theList.theList) return false;
+	document.forms.addcat.submit.onclick = function(e) {return killSubmit('theList.ajaxAdder("cat", "addcat");', e); };
+	theList.addComplete = function(what, where, update, transport) {
+		var name = getNodeValue(transport.responseXML, 'name').unescapeHTML();
+		var id = transport.responseXML.getElementsByTagName(what)[0].getAttribute('id');
+		var options = document.forms['addcat'].category_parent.options;
+		options[options.length] = new Option(name, id);
+	};
+	theList.delComplete = function(what, id) {
+		var options = document.forms['addcat'].category_parent.options;
+		for ( var o = 0; o < options.length; o++ )
+			if ( id == options[o].value )
+				options[o] = null;
+	};
+});

wp-admin/categories.php

@@ -4,176 +4,120 @@ require_once('admin.php');
 $title = __('Categories');
 $parent_file = 'edit.php';
 
-$wpvarstoreset = array('action','cat');
-for ($i=0; $i<count($wpvarstoreset); $i += 1) {
-    $wpvar = $wpvarstoreset[$i];
-    if (!isset($$wpvar)) {
-        if (empty($_POST["$wpvar"])) {
-            if (empty($_GET["$wpvar"])) {
-                $$wpvar = '';
-            } else {
-                $$wpvar = $_GET["$wpvar"];
-            }
-        } else {
-            $$wpvar = $_POST["$wpvar"];
-        }
-    }
-}
+wp_reset_vars(array('action', 'cat'));
 
 switch($action) {
 
 case 'addcat':
-	if ($user_level < 3)
-		die (__('Cheatin&#8217; uh?'));
-	
-	$cat_name= wp_specialchars($_POST['cat_name']);
-	$id_result = $wpdb->get_row("SHOW TABLE STATUS LIKE '$wpdb->categories'");
-	$cat_ID = $id_result->Auto_increment;
-	$category_nicename = sanitize_title($cat_name, $cat_ID);
-	$category_description = $_POST['category_description'];
-	$cat = intval($_POST['cat']);
-	
-	$wpdb->query("INSERT INTO $wpdb->categories (cat_ID, cat_name, category_nicename, category_description, category_parent) VALUES ('0', '$cat_name', '$category_nicename', '$category_description', '$cat')");
-	
-	header('Location: categories.php?message=1#addcat');
+
+	check_admin_referer('add-category');
+
+	if ( !current_user_can('manage_categories') )
+		wp_die(__('Cheatin&#8217; uh?'));
+
+	if( wp_insert_category($_POST ) ) {
+		wp_redirect('categories.php?message=1#addcat');
+	} else {
+		wp_redirect('categories.php?message=4#addcat');
+	}
+	exit;
 break;
 
 case 'delete':
-
-	check_admin_referer();
-
 	$cat_ID = (int) $_GET['cat_ID'];
+	check_admin_referer('delete-category_' .  $cat_ID);
+
+	if ( !current_user_can('manage_categories') )
+		wp_die(__('Cheatin&#8217; uh?'));
+
 	$cat_name = get_catname($cat_ID);
-	$category = $wpdb->get_row("SELECT * FROM $wpdb->categories WHERE cat_ID = '$cat_ID'");
-	$cat_parent = $category->category_parent;
 
-	if ( 1 == $cat_ID )
-		die(sprintf(__("Can't delete the <strong>%s</strong> category: this is the default one"), $cat_name));
+	// Don't delete the default cats.
+    if ( $cat_ID == get_option('default_category') )
+		wp_die(sprintf(__("Can&#8217;t delete the <strong>%s</strong> category: this is the default one"), $cat_name));
 
-	if ( $user_level < 3 )
-		die (__('Cheatin&#8217; uh?'));
+    if ( $cat_ID == get_option('default_link_category') )
+		wp_die(sprintf(__("Can&#8217;t delete the <strong>%s</strong> category: this is the default one for links"), $cat_name));
 
-	$wpdb->query("DELETE FROM $wpdb->categories WHERE cat_ID = '$cat_ID'");
-	$wpdb->query("UPDATE $wpdb->categories SET category_parent = '$cat_parent' WHERE category_parent = '$cat_ID'");
-	// TODO: Only set categories to general if they're not in another category already
-	$wpdb->query("UPDATE $wpdb->post2cat SET category_id='1' WHERE category_id='$cat_ID'");
+	wp_delete_category($cat_ID);
 
-	header('Location: categories.php?message=2');
+	wp_redirect('categories.php?message=2');
+	exit;
 
 break;
 
 case 'edit':
 
-    require_once ('admin-header.php');
-    $cat_ID = (int) $_GET['cat_ID'];
-    $category = $wpdb->get_row("SELECT * FROM $wpdb->categories WHERE cat_ID = '$cat_ID'");
-    $cat_name = $category->cat_name;
-    ?>
-
-<div class="wrap">
- <h2><?php _e('Edit Category') ?></h2>
- <form name="editcat" action="categories.php" method="post">
-	  <table class="editform" width="100%" cellspacing="2" cellpadding="5">
-		<tr>
-		  <th width="33%" scope="row"><?php _e('Category name:') ?></th>
-		  <td width="67%"><input name="cat_name" type="text" value="<?php echo wp_specialchars($cat_name); ?>" size="40" /> <input type="hidden" name="action" value="editedcat" />
-<input type="hidden" name="cat_ID" value="<?php echo $cat_ID ?>" /></td>
-		</tr>
-		<tr>
-			<th scope="row"><?php _e('Category slug:') ?></th>
-			<td><input name="category_nicename" type="text" value="<?php echo wp_specialchars($category->category_nicename); ?>" size="40" /></td>
-		</tr>
-		<tr>
-			<th scope="row"><?php _e('Category parent:') ?></th>
-			<td>        
-			<select name='cat'>
-	  <option value='0' <?php if (!$category->category_parent) echo " selected='selected'"; ?>><?php _e('None') ?></option>
-	  <?php wp_dropdown_cats($category->cat_ID, $category->category_parent); ?>
-	  </select></td>
-		</tr>
-		<tr>
-			<th scope="row"><?php _e('Description:') ?></th>
-			<td><textarea name="category_description" rows="5" cols="50" style="width: 97%;"><?php echo wp_specialchars($category->category_description, 1); ?></textarea></td>
-		</tr>
-		</table>
-	  <p class="submit"><input type="submit" name="submit" value="<?php _e('Edit category') ?> &raquo;" /></p>
- </form>
- <p><a href="categories.php"><?php _e('&laquo; Return to category list'); ?></a></p>
-</div>
-    <?php
+	require_once ('admin-header.php');
+	$cat_ID = (int) $_GET['cat_ID'];
+	$category = get_category_to_edit($cat_ID);
+	include('edit-category-form.php');
 
 break;
 
 case 'editedcat':
-	if ($user_level < 3)
-		die (__('Cheatin&#8217; uh?'));
-	
-	$cat_name = wp_specialchars($_POST['cat_name']);
 	$cat_ID = (int) $_POST['cat_ID'];
-	$category_nicename = sanitize_title($_POST['category_nicename'], $cat_ID);
-	$category_description = $_POST['category_description'];
-	
-	$wpdb->query("UPDATE $wpdb->categories SET cat_name = '$cat_name', category_nicename = '$category_nicename', category_description = '$category_description', category_parent = '$cat' WHERE cat_ID = '$cat_ID'");
+	check_admin_referer('update-category_' . $cat_ID);
 
-	header('Location: categories.php?message=3');
+	if ( !current_user_can('manage_categories') )
+		wp_die(__('Cheatin&#8217; uh?'));
+
+	if ( wp_update_category($_POST) )
+		wp_redirect('categories.php?message=3'); 
+	else
+		wp_redirect('categories.php?message=5'); 
+
+	exit;
 break;
 
 default:
 
+wp_enqueue_script( 'admin-categories' );
 require_once ('admin-header.php');
 
 $messages[1] = __('Category added.');
 $messages[2] = __('Category deleted.');
 $messages[3] = __('Category updated.');
+$messages[4] = __('Category not added.');
+$messages[5] = __('Category not updated.');
 ?>
 
 <?php if (isset($_GET['message'])) : ?>
-<div class="updated"><p><?php echo $messages[$_GET['message']]; ?></p></div>
+<div id="message" class="updated fade"><p><?php echo $messages[$_GET['message']]; ?></p></div>
 <?php endif; ?>
 
 <div class="wrap">
-<?php if ( $user_level > 3 ) : ?>
+<?php if ( current_user_can('manage_categories') ) : ?>
 	<h2><?php printf(__('Categories (<a href="%s">add new</a>)'), '#addcat') ?> </h2>
 <?php else : ?>
 	<h2><?php _e('Categories') ?> </h2>
 <?php endif; ?>
-<table width="100%" cellpadding="3" cellspacing="3">
+<table class="widefat">
+	<thead>
 	<tr>
-		<th scope="col"><?php _e('ID') ?></th>
+		<th scope="col" style="text-align: center"><?php _e('ID') ?></th>
         <th scope="col"><?php _e('Name') ?></th>
         <th scope="col"><?php _e('Description') ?></th>
-        <th scope="col"><?php _e('# Posts') ?></th>
-        <th colspan="2"><?php _e('Action') ?></th>
+        <th scope="col" width="90" style="text-align: center"><?php _e('Posts') ?></th>
+        <th scope="col" width="90" style="text-align: center"><?php _e('Links') ?></th>
+        <th colspan="2" style="text-align: center"><?php _e('Action') ?></th>
 	</tr>
+	</thead>
+	<tbody id="the-list">
 <?php
 cat_rows();
 ?>
+	</tbody>
 </table>
 
 </div>
 
-<?php if ( $user_level > 3 ) : ?>
+<?php if ( current_user_can('manage_categories') ) : ?>
 <div class="wrap">
-    <p><?php printf(__('<strong>Note:</strong><br />Deleting a category does not delete posts from that category, it will just set them back to the default category <strong>%s</strong>.'), get_catname(1)) ?>
-  </p>
+<p><?php printf(__('<strong>Note:</strong><br />Deleting a category does not delete the posts and links in that category. Instead, posts that were only assigned to the deleted category are set to the category <strong>%s</strong> and links that were only assigned to the deleted category are set to <strong>%s</strong>.'), apply_filters('the_category', get_catname(get_option('default_category'))), apply_filters('the_category', get_catname(get_option('default_link_category')))) ?></p>
 </div>
 
-<div class="wrap">
-    <h2><?php _e('Add New Category') ?></h2>
-    <form name="addcat" id="addcat" action="categories.php" method="post">
-        
-        <p><?php _e('Name:') ?><br />
-        <input type="text" name="cat_name" value="" /></p>
-        <p><?php _e('Category parent:') ?><br />
-        <select name='cat' class='postform'>
-        <option value='0'><?php _e('None') ?></option>
-        <?php wp_dropdown_cats(0); ?>
-        </select></p>
-        <p><?php _e('Description: (optional)') ?> <br />
-        <textarea name="category_description" rows="5" cols="50" style="width: 97%;"></textarea></p>
-        <p class="submit"><input type="hidden" name="action" value="addcat" /><input type="submit" name="submit" value="<?php _e('Add Category &raquo;') ?>" /></p>
-    </form>
-</div>
+<?php include('edit-category-form.php'); ?>
 <?php endif; ?>
 
 <?php
@@ -181,4 +125,5 @@ break;
 }
 
 include('admin-footer.php');
+
 ?>

wp-admin/comment.php

@@ -0,0 +1,213 @@
+<?php
+require_once('admin.php');
+
+$parent_file = 'edit-comments.php';
+$submenu_file = 'edit-comments.php';
+
+wp_reset_vars(array('action'));
+
+if ( isset( $_POST['deletecomment'] ) )
+	$action = 'deletecomment';
+
+switch($action) {
+case 'editcomment':
+	$title = __('Edit Comment');
+
+	require_once ('admin-header.php');
+
+	$comment = (int) $_GET['c'];
+
+	if ( ! $comment = get_comment($comment) )
+		wp_die(__('Oops, no comment with this ID.').sprintf(' <a href="%s">'.__('Go back').'</a>!', 'javascript:history.go(-1)'));
+
+	if ( !current_user_can('edit_post', $comment->comment_post_ID) )
+		wp_die( __('You are not allowed to edit comments on this post.') );
+
+	$comment = get_comment_to_edit($comment);
+
+	include('edit-form-comment.php');
+
+	break;
+
+case 'cdc':
+case 'mac':
+
+	require_once('./admin-header.php');
+
+	$comment = (int) $_GET['c'];
+	$formaction = 'cdc' == $action ? 'deletecomment' : 'approvecomment';
+	$nonce_action = 'cdc' == $action ? 'delete-comment_' : 'approve-comment_';
+	$nonce_action .= $comment;
+
+	if ( ! $comment = get_comment_to_edit($comment) )
+		wp_die(__('Oops, no comment with this ID.').sprintf(' <a href="%s">'.__('Go back').'</a>!', 'edit.php'));
+
+	if ( !current_user_can('edit_post', $comment->comment_post_ID) )
+		wp_die( 'cdc' == $action ? __('You are not allowed to delete comments on this post.') : __('You are not allowed to edit comments on this post, so you cannot approve this comment.') );
+?>
+<div class='wrap'>
+
+<div class="narrow">
+<?php if ( 'spam' == $_GET['dt'] ) { ?>
+<p><?php echo '<strong>'.__('Caution:').'</strong> '.__('You are about to mark the following comment as spam:'); ?></p>
+<?php } elseif ( 'cdc' == $action ) { ?>
+<p><?php echo '<strong>'.__('Caution:').'</strong> '.__('You are about to delete the following comment:'); ?></p>
+<?php } else { ?>
+<p><?php echo '<strong>'.__('Caution:').'</strong> '.__('You are about to approve the following comment:'); ?></p>
+<?php } ?>
+
+<p><?php _e('Are you sure you want to do that?'); ?></p>
+
+<form action='<?php echo get_option('siteurl'); ?>/wp-admin/comment.php' method='get'>
+
+<table width="100%">
+<tr>
+<td><input type='button' value='<?php _e('No'); ?>' onclick="self.location='<?php echo get_option('siteurl'); ?>/wp-admin/edit-comments.php';" /></td>
+<td align="right"><input type='submit' value='<?php _e('Yes'); ?>' /></td>
+</tr>
+</table>
+
+<?php wp_nonce_field($nonce_action); ?>
+<input type='hidden' name='action' value='<?php echo $formaction; ?>' />
+<?php if ( 'spam' == $_GET['dt'] ) { ?>
+<input type='hidden' name='dt' value='spam' />
+<?php } ?>
+<input type='hidden' name='p' value='<?php echo $comment->comment_post_ID; ?>' />
+<input type='hidden' name='c' value='<?php echo $comment->comment_ID; ?>' />
+<input type='hidden' name='noredir' value='1' />
+</form>
+
+<table class="editform" cellpadding="5">
+<tr class="alt">
+<th scope="row"><?php _e('Author:'); ?></th>
+<td><?php echo $comment->comment_author; ?></td>
+</tr>
+<?php if ( $comment->comment_author_email ) { ?>
+<tr>
+<th scope="row"><?php _e('E-mail:'); ?></th>
+<td><?php echo $comment->comment_author_email; ?></td>
+</tr>
+<?php } ?>
+<?php if ( $comment->comment_author_url ) { ?>
+<tr>
+<th scope="row"><?php _e('URL:'); ?></th>
+<td><?php echo $comment->comment_author_url; ?></td>
+</tr>
+<?php } ?>
+<tr>
+<th scope="row" valign="top"><p><?php _e('Comment:'); ?></p></th>
+<td><?php echo $comment->comment_content; ?></td>
+</tr>
+</table>
+
+</div>
+</div>
+<?php
+	break;
+
+case 'deletecomment':
+	$comment = (int) $_REQUEST['c'];
+	check_admin_referer('delete-comment_' . $comment);
+
+	if ( isset($_REQUEST['noredir']) ) {
+		$noredir = true;
+	} else {
+		$noredir = false;
+	}
+
+	if ( ! $comment = get_comment($comment) )
+			 wp_die(__('Oops, no comment with this ID.').sprintf(' <a href="%s">'.__('Go back').'</a>!', 'edit-comments.php'));
+
+	if ( !current_user_can('edit_post', $comment->comment_post_ID) )
+		wp_die( __('You are not allowed to edit comments on this post.') );
+
+	if ( 'spam' == $_REQUEST['dt'] )
+		wp_set_comment_status($comment->comment_ID, 'spam');
+	else
+		wp_delete_comment($comment->comment_ID);
+
+	if ((wp_get_referer() != '') && (false == $noredir)) {
+		wp_redirect(wp_get_referer());
+	} else {
+		wp_redirect(get_option('siteurl') .'/wp-admin/edit-comments.php');
+	}
+	exit();
+	break;
+
+case 'unapprovecomment':
+	$comment = (int) $_GET['c'];
+	check_admin_referer('unapprove-comment_' . $comment);
+
+	if (isset($_GET['noredir'])) {
+		$noredir = true;
+	} else {
+		$noredir = false;
+	}
+
+	if ( ! $comment = get_comment($comment) )
+		wp_die(__('Oops, no comment with this ID.').sprintf(' <a href="%s">'.__('Go back').'</a>!', 'edit.php'));
+
+	if ( !current_user_can('edit_post', $comment->comment_post_ID) )
+		wp_die( __('You are not allowed to edit comments on this post, so you cannot disapprove this comment.') );
+
+	wp_set_comment_status($comment->comment_ID, "hold");
+
+	if ((wp_get_referer() != "") && (false == $noredir)) {
+		wp_redirect(wp_get_referer());
+	} else {
+		wp_redirect(get_option('siteurl') .'/wp-admin/edit.php?p='. (int) $comment->comment_post_ID.'&c=1#comments');
+	}
+	exit();
+	break;
+
+case 'approvecomment':
+	$comment = (int) $_GET['c'];
+	check_admin_referer('approve-comment_' . $comment);
+
+	if (isset($_GET['noredir'])) {
+		$noredir = true;
+	} else {
+		$noredir = false;
+	}
+
+	if ( ! $comment = get_comment($comment) )
+		wp_die(__('Oops, no comment with this ID.').sprintf(' <a href="%s">'.__('Go back').'</a>!', 'edit.php'));
+
+	if ( !current_user_can('edit_post', $comment->comment_post_ID) )
+		wp_die( __('You are not allowed to edit comments on this post, so you cannot approve this comment.') );
+
+	wp_set_comment_status($comment->comment_ID, "approve");
+	if (get_option("comments_notify") == true) {
+		wp_notify_postauthor($comment->comment_ID);
+	}
+
+
+	if ((wp_get_referer() != "") && (false == $noredir)) {
+		wp_redirect(wp_get_referer());
+	} else {
+		wp_redirect(get_option('siteurl') .'/wp-admin/edit.php?p='. (int) $comment->comment_post_ID.'&c=1#comments');
+	}
+	exit();
+	break;
+
+case 'editedcomment':
+
+	$comment_ID = (int) $_POST['comment_ID'];
+	$comment_post_ID = (int) $_POST['comment_post_id'];
+
+	check_admin_referer('update-comment_' . $comment_ID);
+
+	edit_comment();
+
+	$location = ( empty($_POST['referredby']) ? "edit.php?p=$comment_post_ID&c=1" : $_POST['referredby'] ) . '#comment-' . $comment_ID;
+	$location = apply_filters('comment_edit_redirect', $location, $comment_ID);
+	wp_redirect($location);
+	exit();
+	break;
+default:
+	break;
+} // end switch
+
+include('admin-footer.php');
+
+?>

wp-admin/custom-fields.js

@@ -0,0 +1,26 @@
+function customFieldsOnComplete( what, where, update, transport ) {
+	var pidEl = $('post_ID');
+	pidEl.name = 'post_ID';
+	pidEl.value = getNodeValue(transport.responseXML, 'postid');
+	var aEl = $('hiddenaction')
+	if ( aEl.value == 'post' ) aEl.value = 'postajaxpost';
+}
+addLoadEvent(customFieldsAddIn);
+function customFieldsAddIn() {
+	theList.showLink=0;
+	theList.addComplete = customFieldsOnComplete;
+	if (!theList.theList) return false;
+	inputs = theList.theList.getElementsByTagName('input');
+	for ( var i=0; i < inputs.length; i++ ) {
+		if ('text' == inputs[i].type) {
+			inputs[i].setAttribute('autocomplete', 'off');
+			inputs[i].onkeypress = function(e) {return killSubmit('theList.ajaxUpdater("meta", "meta-' + parseInt(this.name.slice(5),10) + '");', e); };
+		}
+		if ('updatemeta' == inputs[i].className) {
+			inputs[i].onclick = function(e) {return killSubmit('theList.ajaxUpdater("meta", "meta-' + parseInt(this.parentNode.parentNode.id.slice(5),10) + '");', e); };
+		}
+	}
+
+	$('metakeyinput').onkeypress = function(e) {return killSubmit('theList.inputData+="&id="+$("post_ID").value;theList.ajaxAdder("meta", "newmeta");', e); };
+	$('updatemetasub').onclick = function(e) {return killSubmit('theList.inputData+="&id="+$("post_ID").value;theList.ajaxAdder("meta", "newmeta");', e); };
+}

wp-admin/custom-header.php

@@ -0,0 +1,332 @@
+<?php
+
+class Custom_Image_Header {
+	var $admin_header_callback;
+
+	function Custom_Image_Header($admin_header_callback) {
+		$this->admin_header_callback = $admin_header_callback;
+	}
+
+	function init() {
+		$page = add_theme_page(__('Custom Image Header'), __('Custom Image Header'), 'edit_themes', 'custom-header', array(&$this, 'admin_page'));
+
+		add_action("admin_print_scripts-$page", array(&$this, 'js_includes'));
+		add_action("admin_head-$page", array(&$this, 'js'), 50);
+		add_action("admin_head-$page", $this->admin_header_callback, 51);
+	}
+
+	function js_includes() {
+		wp_enqueue_script('cropper');
+		wp_enqueue_script('colorpicker');
+	}
+
+	function js() {
+
+		if ( isset( $_POST['textcolor'] ) ) {
+			check_admin_referer('custom-header');
+			if ( 'blank' == $_POST['textcolor'] ) {
+				set_theme_mod('header_textcolor', 'blank');
+			} else {
+				$color = preg_replace('/[^0-9a-fA-F]/', '', $_POST['textcolor']);
+				if ( strlen($color) == 6 || strlen($color) == 3 )
+					set_theme_mod('header_textcolor', $color);
+			}
+		}
+		if ( isset($_POST['resetheader']) ) {
+			check_admin_referer('custom-header');
+			remove_theme_mods();
+		}
+	?>
+<script type="text/javascript">
+
+	function onEndCrop( coords, dimensions ) {
+		$( 'x1' ).value = coords.x1;
+		$( 'y1' ).value = coords.y1;
+		$( 'x2' ).value = coords.x2;
+		$( 'y2' ).value = coords.y2;
+		$( 'width' ).value = dimensions.width;
+		$( 'height' ).value = dimensions.height;
+	}
+
+	// with a supplied ratio
+	Event.observe(
+		window,
+		'load',
+		function() {
+			var xinit = <?php echo HEADER_IMAGE_WIDTH; ?>;
+			var yinit = <?php echo HEADER_IMAGE_HEIGHT; ?>;
+			var ratio = xinit / yinit;
+			var ximg = $('upload').width;
+			var yimg = $('upload').height;
+			if ( yimg < yinit || ximg < xinit ) {
+				if ( ximg / yimg > ratio ) {
+					yinit = yimg;
+					xinit = yinit * ratio;
+				} else {
+					xinit = ximg;
+					yinit = xinit / ratio;
+				}
+			}
+			new Cropper.Img(
+				'upload',
+				{
+					ratioDim: { x: xinit, y: yinit },
+					displayOnInit: true,
+					onEndCrop: onEndCrop
+				}
+			)
+		}
+	);
+
+	var cp = new ColorPicker();
+
+	function pickColor(color) {
+		$('name').style.color = color;
+		$('desc').style.color = color;
+		$('textcolor').value = color;
+	}
+	function PopupWindow_hidePopup(magicword) {
+		if ( magicword != 'prettyplease' )
+			return false;
+		if (this.divName != null) {
+			if (this.use_gebi) {
+				document.getElementById(this.divName).style.visibility = "hidden";
+			}
+			else if (this.use_css) {
+				document.all[this.divName].style.visibility = "hidden";
+			}
+			else if (this.use_layers) {
+				document.layers[this.divName].visibility = "hidden";
+			}
+		}
+		else {
+			if (this.popupWindow && !this.popupWindow.closed) {
+				this.popupWindow.close();
+				this.popupWindow = null;
+			}
+		}
+		return false;
+	}
+	function colorSelect(t,p) {
+		if ( cp.p == p && document.getElementById(cp.divName).style.visibility != "hidden" ) {
+			cp.hidePopup('prettyplease');
+		} else {
+			cp.p = p;
+			cp.select(t,p);
+		}
+	}
+	function colorDefault() {
+		pickColor('<?php echo HEADER_TEXTCOLOR; ?>');
+	}
+
+	function hide_text() {
+		$('name').style.display = 'none';
+		$('desc').style.display = 'none';
+		$('pickcolor').style.display = 'none';
+		$('defaultcolor').style.display = 'none';
+		$('textcolor').value = 'blank';
+		$('hidetext').value = '<?php _e('Show Text'); ?>';
+//		$('hidetext').onclick = 'show_text()';
+		Event.observe( $('hidetext'), 'click', show_text );
+	}
+
+	function show_text() {
+		$('name').style.display = 'block';
+		$('desc').style.display = 'block';
+		$('pickcolor').style.display = 'inline';
+		$('defaultcolor').style.display = 'inline';
+		$('textcolor').value = '<?php echo HEADER_TEXTCOLOR; ?>';
+		$('hidetext').value = '<?php _e('Hide Text'); ?>';
+		Event.stopObserving( $('hidetext'), 'click', show_text );
+		Event.observe( $('hidetext'), 'click', hide_text );
+	}
+
+	<?php if ( 'blank' == get_theme_mod('header_textcolor', HEADER_TEXTCOLOR) ) { ?>
+Event.observe( window, 'load', hide_text );
+	<?php } ?>
+
+</script>
+<?php
+	}
+
+	function step_1() {
+		if ( $_GET['updated'] ) { ?>
+<div id="message" class="updated fade">
+<p><?php _e('Header updated.') ?></p>
+</div>
+		<?php } ?>
+
+<div class="wrap">
+<h2><?php _e('Your Header Image'); ?></h2>
+<p><?php _e('This is your header image. You can change the text color or upload and crop a new image.'); ?></p>
+
+<div id="headimg" style="background: url(<?php clean_url(header_image()) ?>) no-repeat;">
+<h1><a onclick="return false;" href="<?php bloginfo('url'); ?>" title="<?php bloginfo('name'); ?>" id="name"><?php bloginfo('name'); ?></a></h1>
+<div id="desc"><?php bloginfo('description');?></div>
+</div>
+<?php if ( !defined( 'NO_HEADER_TEXT' ) ) { ?>
+<form method="post" action="<?php echo get_option('siteurl') ?>/wp-admin/themes.php?page=custom-header&amp;updated=true">
+<input type="button" value="<?php _e('Hide Text'); ?>" onclick="hide_text()" id="hidetext" />
+<input type="button" value="<?php _e('Select a Text Color'); ?>" onclick="colorSelect($('textcolor'), 'pickcolor')" id="pickcolor" /><input type="button" value="<?php _e('Use Original Color'); ?>" onclick="colorDefault()" id="defaultcolor" />
+<?php wp_nonce_field('custom-header') ?>
+<input type="hidden" name="textcolor" id="textcolor" value="#<?php attribute_escape(header_textcolor()) ?>" /><input name="submit" type="submit" value="<?php _e('Save Changes'); ?> &raquo;" /></form>
+<?php } ?>
+
+<div id="colorPickerDiv" style="z-index: 100;background:#eee;border:1px solid #ccc;position:absolute;visibility:hidden;"> </div>
+</div>
+<div class="wrap">
+<h2><?php _e('Upload New Header Image'); ?></h2><p><?php _e('Here you can upload a custom header image to be shown at the top of your blog instead of the default one. On the next screen you will be able to crop the image.'); ?></p>
+<p><?php printf(__('Images of exactly <strong>%1$d x %2$d pixels</strong> will be used as-is.'), HEADER_IMAGE_WIDTH, HEADER_IMAGE_HEIGHT); ?></p>
+
+<form enctype="multipart/form-data" id="uploadForm" method="POST" action="<?php echo attribute_escape(add_query_arg('step', 2)) ?>" style="margin: auto; width: 50%;">
+<label for="upload"><?php _e('Choose an image from your computer:'); ?></label><br /><input type="file" id="upload" name="import" />
+<input type="hidden" name="action" value="save" />
+<?php wp_nonce_field('custom-header') ?>
+<p class="submit">
+<input type="submit" value="<?php _e('Upload'); ?> &raquo;" />
+</p>
+</form>
+
+</div>
+
+		<?php if ( get_theme_mod('header_image') || get_theme_mod('header_textcolor') ) : ?>
+<div class="wrap">
+<h2><?php _e('Reset Header Image and Color'); ?></h2>
+<p><?php _e('This will restore the original header image and color. You will not be able to retrieve any customizations.') ?></p>
+<form method="post" action="<?php echo attribute_escape(add_query_arg('step', 1)) ?>">
+<?php wp_nonce_field('custom-header'); ?>
+<input type="submit" name="resetheader" value="<?php _e('Restore Original Header'); ?>" />
+</form>
+</div>
+		<?php endif;
+
+	}
+
+	function step_2() {
+		check_admin_referer('custom-header');
+		$overrides = array('test_form' => false);
+		$file = wp_handle_upload($_FILES['import'], $overrides);
+
+		if ( isset($file['error']) )
+		die( $file['error'] );
+
+		$url = $file['url'];
+		$file = $file['file'];
+		$filename = basename($file);
+
+		// Construct the object array
+		$object = array(
+		'post_title' => $filename,
+		'post_content' => $url,
+		'post_mime_type' => 'import',
+		'guid' => $url);
+
+		// Save the data
+		$id = wp_insert_attachment($object, $file);
+
+		$upload = array('file' => $file, 'id' => $id);
+
+		list($width, $height, $type, $attr) = getimagesize( $file );
+
+		if ( $width == HEADER_IMAGE_WIDTH && $height == HEADER_IMAGE_HEIGHT ) {
+			set_theme_mod('header_image', clean_url($url));
+			$header = apply_filters('wp_create_file_in_uploads', $file, $id); // For replication
+			return $this->finished();
+		} elseif ( $width > HEADER_IMAGE_WIDTH ) {
+			$oitar = $width / HEADER_IMAGE_WIDTH;
+			$image = wp_crop_image($file, 0, 0, $width, $height, HEADER_IMAGE_WIDTH, $height / $oitar, false, str_replace(basename($file), 'midsize-'.basename($file), $file));
+			$image = apply_filters('wp_create_file_in_uploads', $image, $id); // For replication
+
+			$url = str_replace(basename($url), basename($image), $url);
+			$width = $width / $oitar;
+			$height = $height / $oitar;
+		} else {
+			$oitar = 1;
+		}
+		?>
+
+<div class="wrap">
+
+<form method="POST" action="<?php echo attribute_escape(add_query_arg('step', 3)) ?>">
+
+<p><?php _e('Choose the part of the image you want to use as your header.'); ?></p>
+<div id="testWrap">
+<img src="<?php echo $url; ?>" id="upload" width="<?php echo $width; ?>" height="<?php echo $height; ?>" />
+</div>
+
+<p class="submit">
+<input type="hidden" name="x1" id="x1" />
+<input type="hidden" name="y1" id="y1" />
+<input type="hidden" name="x2" id="x2" />
+<input type="hidden" name="y2" id="y2" />
+<input type="hidden" name="width" id="width" />
+<input type="hidden" name="height" id="height" />
+<input type="hidden" name="attachment_id" id="attachment_id" value="<?php echo $id; ?>" />
+<input type="hidden" name="oitar" id="oitar" value="<?php echo $oitar; ?>" />
+<?php wp_nonce_field('custom-header') ?>
+<input type="submit" value="<?php _e('Crop Header &raquo;'); ?>" />
+</p>
+
+</form>
+</div>
+		<?php
+	}
+
+	function step_3() {
+		check_admin_referer('custom-header');
+		if ( $_POST['oitar'] > 1 ) {
+			$_POST['x1'] = $_POST['x1'] * $_POST['oitar'];
+			$_POST['y1'] = $_POST['y1'] * $_POST['oitar'];
+			$_POST['width'] = $_POST['width'] * $_POST['oitar'];
+			$_POST['height'] = $_POST['height'] * $_POST['oitar'];
+		}
+
+		$header = wp_crop_image($_POST['attachment_id'], $_POST['x1'], $_POST['y1'], $_POST['width'], $_POST['height'], HEADER_IMAGE_WIDTH, HEADER_IMAGE_HEIGHT);
+		$header = apply_filters('wp_create_file_in_uploads', $header); // For replication
+
+		$parent = get_post($_POST['attachment_id']);
+
+		$parent_url = $parent->guid;
+
+		$url = str_replace(basename($parent_url), basename($header), $parent_url);
+
+		set_theme_mod('header_image', $url);
+
+		// cleanup
+		$file = get_attached_file( $_POST['attachment_id'] );
+		$medium = str_replace(basename($file), 'midsize-'.basename($file), $file);
+		@unlink( apply_filters( 'wp_delete_file', $medium ) );
+		wp_delete_attachment( $_POST['attachment_id'] );
+
+		return $this->finished();
+	}
+
+	function finished() {
+		?>
+<div class="wrap">
+<h2><?php _e('Header complete!'); ?></h2>
+
+<p><?php _e('Visit your site and you should see the new header now.'); ?></p>
+
+</div>
+		<?php
+	}
+
+	function admin_page() {
+		if ( !isset( $_GET['step'] ) )
+			$step = 1;
+		else
+			$step = (int) $_GET['step'];
+
+		if ( 1 == $step ) {
+			$this->step_1();
+		} elseif ( 2 == $step ) {
+			$this->step_2();
+		} elseif ( 3 == $step ) {
+			$this->step_3();
+		}
+
+	}
+
+}
+?>

wp-admin/dbx-admin-key.js

@@ -0,0 +1,47 @@
+addLoadEvent( function() {var manager = new dbxManager( dbxL10n.manager );} );
+
+addLoadEvent( function()
+{
+	//create new docking boxes group
+	var meta = new dbxGroup(
+		'grabit', 		// container ID [/-_a-zA-Z0-9/]
+		'vertical', 		// orientation ['vertical'|'horizontal']
+		'10', 			// drag threshold ['n' pixels]
+		'no',			// restrict drag movement to container axis ['yes'|'no']
+		'10', 			// animate re-ordering [frames per transition, or '0' for no effect]
+		'yes', 			// include open/close toggle buttons ['yes'|'no']
+		'closed', 		// default state ['open'|'closed']
+		dbxL10n.open, 		// word for "open", as in "open this box"
+		dbxL10n.close, 		// word for "close", as in "close this box"
+		dbxL10n.moveMouse,	// sentence for "move this box" by mouse
+		dbxL10n.toggleMouse,	// pattern-match sentence for "(open|close) this box" by mouse
+		dbxL10n.moveKey,	// sentence for "move this box" by keyboard
+		dbxL10n.toggleKey,	// pattern-match sentence-fragment for "(open|close) this box" by keyboard
+		'%mytitle%  [%dbxtitle%]' // pattern-match syntax for title-attribute conflicts
+		);
+
+	// Boxes are closed by default. Open the Category box if the cookie isn't already set.
+	var catdiv = document.getElementById('categorydiv');
+	if ( catdiv ) {
+		var button = catdiv.getElementsByTagName('A')[0];
+		if ( dbx.cookiestate == null && /dbx\-toggle\-closed/.test(button.className) )
+			meta.toggleBoxState(button, true);
+	}
+
+	var advanced = new dbxGroup(
+		'advancedstuff',
+		'vertical',
+		'10',
+		'yes',			// restrict drag movement to container axis ['yes'|'no']
+		'10',
+		'yes',
+		'closed',
+		dbxL10n.open,
+		dbxL10n.close,
+		dbxL10n.moveMouse,
+		dbxL10n.toggleMouse,
+		dbxL10n.moveKey,
+		dbxL10n.toggleKey,
+		'%mytitle%  [%dbxtitle%]' // pattern-match syntax for title-attribute conflicts
+		);
+});

wp-admin/edit-category-form.php

@@ -0,0 +1,49 @@
+<?php
+if ( ! empty($cat_ID) ) {
+	$heading = __('Edit Category');
+	$submit_text = __('Edit Category &raquo;');
+	$form = '<form name="editcat" id="editcat" method="post" action="categories.php">';
+	$action = 'editedcat';
+	$nonce_action = 'update-category_' . $cat_ID;
+	do_action('edit_category_form_pre', $category);
+} else {
+	$heading = __('Add Category');
+	$submit_text = __('Add Category &raquo;');
+	$form = '<form name="addcat" id="addcat" method="post" action="categories.php">';
+	$action = 'addcat';
+	$nonce_action = 'add-category';
+	do_action('add_category_form_pre', $category);
+}
+?>
+
+<div class="wrap">
+<h2><?php echo $heading ?></h2>
+<div id="ajax-response"></div>
+<?php echo $form ?>
+<input type="hidden" name="action" value="<?php echo $action ?>" />
+<input type="hidden" name="cat_ID" value="<?php echo $category->cat_ID ?>" />
+<?php wp_nonce_field($nonce_action); ?>
+	<table class="editform" width="100%" cellspacing="2" cellpadding="5">
+		<tr>
+			<th width="33%" scope="row" valign="top"><label for="cat_name"><?php _e('Category name:') ?></label></th>
+			<td width="67%"><input name="cat_name" id="cat_name" type="text" value="<?php echo attribute_escape($category->cat_name); ?>" size="40" /></td>
+		</tr>
+		<tr>
+			<th scope="row" valign="top"><label for="category_nicename"><?php _e('Category slug:') ?></label></th>
+			<td><input name="category_nicename" id="category_nicename" type="text" value="<?php echo attribute_escape($category->category_nicename); ?>" size="40" /></td>
+		</tr>
+		<tr>
+			<th scope="row" valign="top"><label for="category_parent"><?php _e('Category parent:') ?></label></th>
+			<td>        
+	  			<?php wp_dropdown_categories('hide_empty=0&name=category_parent&orderby=name&selected=' . $category->category_parent . '&hierarchical=1&show_option_none=' . __('None')); ?>
+	  		</td>
+		</tr>
+		<tr>
+			<th scope="row" valign="top"><label for="category_description"><?php _e('Description: (optional)') ?></label></th>
+			<td><textarea name="category_description" id="category_description" rows="5" cols="50" style="width: 97%;"><?php echo wp_specialchars($category->category_description); ?></textarea></td>
+		</tr>
+	</table>
+<p class="submit"><input type="submit" name="submit" value="<?php echo $submit_text ?>" /></p>
+<?php do_action('edit_category_form', $category); ?>
+</form>
+</div>

wp-admin/edit-comments.js

@@ -0,0 +1,59 @@
+addLoadEvent(function() {
+	theCommentList = new listMan('the-comment-list');
+	if ( !theCommentList )
+		return false;
+
+	theExtraCommentList = new listMan('the-extra-comment-list');
+	if ( theExtraCommentList ) {
+		theExtraCommentList.showLink = 0;
+		theExtraCommentList.altOffset = 1;
+		if ( theExtraCommentList.theList && theExtraCommentList.theList.childNodes )
+			var commentNum = $A(theExtraCommentList.theList.childNodes).findAll( function(i) { return Element.visible(i) } ).length;
+		else
+			var commentNum = 0;
+		var urlQ   = document.location.href.split('?');
+		var params = urlQ[1] ? urlQ[1].toQueryParams() : [];
+		var search = params['s'] ? params['s'] : '';
+		var page   = params['apage'] ? params['apage'] : 1;
+	}
+
+	theCommentList.dimComplete = function(what,id,dimClass) {
+		var m = document.getElementById('awaitmod');
+		if ( document.getElementById(what + '-' + id).className.match(dimClass) )
+			m.innerHTML = parseInt(m.innerHTML,10) + 1;
+		else
+			m.innerHTML = parseInt(m.innerHTML,10) - 1;
+	}
+
+	theCommentList.delComplete = function(what,id) {
+		var m = document.getElementById('awaitmod');
+		what = what.split('-')[0];
+		if ( document.getElementById(what + '-' + id).className.match('unapproved') )
+			m.innerHTML = parseInt(m.innerHTML,10) - 1;
+		if ( theExtraCommentList && commentNum ) {
+			var theMover = theExtraCommentList.theList.childNodes[0];
+			Element.removeClassName(theMover,'alternate');
+			theCommentList.theList.appendChild(theMover);
+			theExtraCommentList.inputData += '&page=' + page;
+			if ( search )
+				theExtraCommentList.inputData += '&s=' + search; // trust the URL not the search box
+			theExtraCommentList.addComplete = function() {
+				if ( theExtraCommentList.theList.childNodes )
+					var commentNum = $A(theExtraCommentList.theList.childNodes).findAll( function(i) { return Element.visible(i) } ).length;
+				else
+					var commentNum = 0;
+			}
+			theExtraCommentList.ajaxAdder( 'comment', 'ajax-response' ); // Dummy Request
+		}
+	}
+
+	if ( theList ) // the post list: edit.php
+		theList.delComplete = function() {
+			var comments = document.getElementById('comments');
+			var commdel = encloseFunc(function(a){a.parentNode.removeChild(a);},comments);
+			var listdel = encloseFunc(function(a){a.parentNode.removeChild(a);},theCommentList.theList);
+			setTimeout(commdel,705);
+			setTimeout(listdel,705);
+		}
+});
+

wp-admin/edit-comments.php

@@ -2,11 +2,12 @@
 require_once('admin.php');
 
 $title = __('Edit Comments');
-$parent_file = 'edit.php';
+$parent_file = 'edit-comments.php';
+wp_enqueue_script( 'admin-comments' );
 
 require_once('admin-header.php');
 if (empty($_GET['mode'])) $mode = 'view';
-else $mode = wp_specialchars($_GET['mode'], 1);
+else $mode = attribute_escape($_GET['mode']);
 ?>
 
 <script type="text/javascript">
@@ -22,139 +23,165 @@ function checkAll(form)
 		}
 	}
 }
+
+function getNumChecked(form)
+{
+	var num = 0;
+	for (i = 0, n = form.elements.length; i < n; i++) {
+		if(form.elements[i].type == "checkbox") {
+			if(form.elements[i].checked == true)
+				num++;
+		}
+	}
+	return num;
+}
 //-->
 </script>
 <div class="wrap">
 <h2><?php _e('Comments'); ?></h2>
-<form name="searchform" action="" method="get"> 
+<form name="searchform" action="" method="get" id="editcomments"> 
   <fieldset> 
   <legend><?php _e('Show Comments That Contain...') ?></legend> 
-  <input type="text" name="s" value="<?php if (isset($_GET['s'])) echo wp_specialchars($_GET['s'], 1); ?>" size="17" /> 
+  <input type="text" name="s" value="<?php if (isset($_GET['s'])) echo attribute_escape($_GET['s']); ?>" size="17" /> 
   <input type="submit" name="submit" value="<?php _e('Search') ?>"  />  
   <input type="hidden" name="mode" value="<?php echo $mode; ?>" />
-  <?php _e('(Searches within comment text, e-mail, URI, and IP address.)') ?>
+  <?php _e('(Searches within comment text, e-mail, URL, and IP address.)') ?>
   </fieldset> 
 </form>
 <p><a href="?mode=view"><?php _e('View Mode') ?></a> | <a href="?mode=edit"><?php _e('Mass Edit Mode') ?></a></p>
 <?php
 if ( !empty( $_POST['delete_comments'] ) ) :
+	check_admin_referer('bulk-comments');
+
 	$i = 0;
 	foreach ($_POST['delete_comments'] as $comment) : // Check the permissions on each
 		$comment = (int) $comment;
-		$post_id = $wpdb->get_var("SELECT comment_post_ID FROM $wpdb->comments WHERE comment_ID = $comment");
-		$authordata = get_userdata( $wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = $post_id") );
-		if ( user_can_delete_post_comments($user_ID, $post_id) ) :
-			$wpdb->query("DELETE FROM $wpdb->comments WHERE comment_ID = $comment");
+		$post_id = (int) $wpdb->get_var("SELECT comment_post_ID FROM $wpdb->comments WHERE comment_ID = $comment");
+		// $authordata = get_userdata( $wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = $post_id") );
+		if ( current_user_can('edit_post', $post_id) ) {
+			if ( !empty( $_POST['spam_button'] ) )
+				wp_set_comment_status($comment, 'spam');
+			else
+				wp_set_comment_status($comment, 'delete');
 			++$i;
-		endif;
+		}
 	endforeach;
-	echo "<div class='wrap'><p>" . sprintf(__('%s comments deleted.'), $i) . "</p></div>";
+	echo '<div style="background-color: rgb(207, 235, 247);" id="message" class="updated fade"><p>';
+	if ( !empty( $_POST['spam_button'] ) ) {
+		printf(__ngettext('%s comment marked as spam', '%s comments marked as spam.', $i), $i);
+	} else {
+		printf(__ngettext('%s comment deleted.', '%s comments deleted.', $i), $i);
+	}
+	echo '</p></div>';
 endif;
 
-if (isset($_GET['s'])) {
-	$s = $wpdb->escape($_GET['s']);
-	$comments = $wpdb->get_results("SELECT * FROM $wpdb->comments  WHERE
-		(comment_author LIKE '%$s%' OR
-		comment_author_email LIKE '%$s%' OR
-		comment_author_url LIKE ('%$s%') OR
-		comment_author_IP LIKE ('%$s%') OR
-		comment_content LIKE ('%$s%') ) AND
-		comment_approved != 'spam'
-		ORDER BY comment_date DESC");
-} else {
-	if ( isset($_GET['offset']) )
-		$offset = (int) $_GET['offset'] * 20;
-	else
-		$offset = 0;
+if ( isset( $_GET['apage'] ) )
+	$page = abs( (int) $_GET['apage'] );
+else
+	$page = 1;
+
+$start = $offset = ( $page - 1 ) * 20;
+
+list($_comments, $total) = _wp_get_comment_list( isset($_GET['s']) ? $_GET['s'] : false, $start, 25 ); // Grab a few extra
+
+$comments = array_slice($_comments, 0, 20);
+$extra_comments = array_slice($_comments, 20);
+
+$page_links = paginate_links( array(
+	'base' => add_query_arg( 'apage', '%#%' ), 
+	'format' => '',
+	'total' => ceil($total / 20),
+	'current' => $page
+));
+
+if ( $page_links )
+	echo "<p class='pagenav'>$page_links</p>";
 
-	$comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_approved = '0' OR comment_approved = '1' ORDER BY comment_date DESC LIMIT $offset,20");
-}
 if ('view' == $mode) {
 	if ($comments) {
-		if ($offset)
-			$start = " start='$offset'";
-		else
-			$start = '';
+		$offset = $offset + 1;
+		$start = " start='$offset'";
 
-		echo "<ol class='commentlist' $start>";
+		echo "<ol id='the-comment-list' class='commentlist' $start>\n";
 		$i = 0;
-		foreach ($comments as $comment) {
-		++$i; $class = '';
-		$authordata = get_userdata($wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = $comment->comment_post_ID"));
-			$comment_status = wp_get_comment_status($comment->comment_ID);
-			if ('unapproved' == $comment_status) 
-				$class .= ' unapproved';
-			if ($i % 2)
-				$class .= ' alternate';
-			echo "<li class='$class'>";
-?>		
-        <p><strong><?php _e('Name:') ?></strong> <?php comment_author() ?> <?php if ($comment->comment_author_email) { ?>| <strong><?php _e('E-mail:') ?></strong> <?php comment_author_email_link() ?> <?php } if ($comment->comment_author_url) { ?> | <strong><?php _e('URI:') ?></strong> <?php comment_author_url_link() ?> <?php } ?>| <strong><?php _e('IP:') ?></strong> <a href="http://ws.arin.net/cgi-bin/whois.pl?queryinput=<?php comment_author_IP() ?>"><?php comment_author_IP() ?></a></p>
-		
-		<?php comment_text() ?>
+		foreach ( $comments as $comment ) {
+			get_comment( $comment ); // Cache it
+			_wp_comment_list_item( $comment->comment_ID, ++$i );
+		}
+		echo "</ol>\n\n";
 
-        <p><?php _e('Posted'); echo ' '; comment_date('M j, g:i A');  
-			if ( user_can_edit_post_comments($user_ID, $comment->comment_post_ID) ) {
-				echo " | <a href=\"post.php?action=editcomment&amp;comment=".$comment->comment_ID."\">" . __('Edit Comment') . "</a>";
-			}
-			if ( user_can_delete_post_comments($user_ID, $comment->comment_post_ID) ) {
-				echo " | <a href=\"post.php?action=deletecomment&amp;p=".$comment->comment_post_ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return confirm('" . sprintf(__("You are about to delete this comment by \'%s\'\\n  \'Cancel\' to stop, \'OK\' to delete."), $comment->comment_author) . "')\">" . __('Delete Comment') . "</a> &#8212; ";
-			} // end if any comments to show
-			// Get post title
-			if ( user_can_edit_post($user_ID, $comment->comment_post_ID) ) {
-				$post_title = $wpdb->get_var("SELECT post_title FROM $wpdb->posts WHERE ID = $comment->comment_post_ID");
-				$post_title = ('' == $post_title) ? "# $comment->comment_post_ID" : $post_title;
-				?> <a href="post.php?action=edit&amp;post=<?php echo $comment->comment_post_ID; ?>"><?php printf(__('Edit Post &#8220;%s&#8221;'), stripslashes($post_title)); ?></a>
-				<?php } ?>
-			 | <a href="<?php echo get_permalink($comment->comment_post_ID); ?>"><?php _e('View Post') ?></a></p>
-		</li>
+if ( $extra_comments ) : ?>
+<div id="extra-comments" style="display:none">
+<ul id="the-extra-comment-list" class="commentlist">
+<?php
+	foreach ( $extra_comments as $comment ) {
+		get_comment( $comment ); // Cache it
+		_wp_comment_list_item( $comment->comment_ID, ++$i );
+	}
+?>
+</ul>
+</div>
+<?php endif; // $extra_comments ?>
 
-<?php } // end foreach ?>
-</ol>
+<div id="ajax-response"></div>
 
 <?php
-	} else {
+	} else { //no comments to show
 
 		?>
 		<p>
-        <strong><?php _e('No comments found.') ?></strong></p>
-		
+			<strong><?php _e('No comments found.') ?></strong></p>
+
 		<?php
 	} // end if ($comments)
 } elseif ('edit' == $mode) {
 
 	if ($comments) {
-		echo '<form name="deletecomments" id="deletecomments" action="" method="post"> 
-		<table width="100%" cellpadding="3" cellspacing="3">
+		echo '<form name="deletecomments" id="deletecomments" action="" method="post"> ';
+		wp_nonce_field('bulk-comments');
+		echo '<table class="widefat">
+<thead>
   <tr>
-    <th scope="col">*</th>
+    <th scope="col" style="text-align: center"><input type="checkbox" onclick="checkAll(document.getElementById(\'deletecomments\'));" /></th>
     <th scope="col">' .  __('Name') . '</th>
     <th scope="col">' .  __('E-mail') . '</th>
     <th scope="col">' . __('IP') . '</th>
     <th scope="col">' . __('Comment Excerpt') . '</th>
-	<th scope="col" colspan="3">' .  __('Actions') . '</th>
-  </tr>';
+	<th scope="col" colspan="3" style="text-align: center">' .  __('Actions') . '</th>
+  </tr>
+</thead>';
 		foreach ($comments as $comment) {
 		$authordata = get_userdata($wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = $comment->comment_post_ID"));
+		$comment_status = wp_get_comment_status($comment->comment_ID);
 		$class = ('alternate' == $class) ? '' : 'alternate';
+		$class .= ('unapproved' == $comment_status) ? ' unapproved' : '';
 ?>
-  <tr class='<?php echo $class; ?>'>
-    <td><?php if (user_can_delete_post_comments($user_ID, $comment->comment_post_ID) ) { ?><input type="checkbox" name="delete_comments[]" value="<?php echo $comment->comment_ID; ?>" /><?php } ?></td>
+  <tr id="comment-<?php echo $comment->comment_ID; ?>" class='<?php echo $class; ?>'>
+    <td><?php if ( current_user_can('edit_post', $comment->comment_post_ID) ) { ?><input type="checkbox" name="delete_comments[]" value="<?php echo $comment->comment_ID; ?>" /><?php } ?></td>
     <td><?php comment_author_link() ?></td>
     <td><?php comment_author_email_link() ?></td>
     <td><a href="http://ws.arin.net/cgi-bin/whois.pl?queryinput=<?php comment_author_IP() ?>"><?php comment_author_IP() ?></a></td>
     <td><?php comment_excerpt(); ?></td>
-    <td><a href="<?php echo get_permalink($comment->comment_post_ID); ?>#comment-<?php comment_ID() ?>" class="edit"><?php _e('View') ?></a></td>
-    <td><?php if ( user_can_edit_post_comments($user_ID, $comment->comment_post_ID) ) {
-	echo "<a href='post.php?action=editcomment&amp;comment=$comment->comment_ID' class='edit'>" .  __('Edit') . "</a>"; } ?></td>
-    <td><?php if ( user_can_delete_post_comments($user_ID, $comment->comment_post_ID) ) {
-            echo "<a href=\"post.php?action=deletecomment&amp;p=".$comment->comment_post_ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return confirm('" . sprintf(__("You are about to delete this comment by \'%s\'\\n  \'Cancel\' to stop, \'OK\' to delete."), $comment->comment_author) . "')\"    class='delete'>" . __('Delete') . "</a>"; } ?></td>
+    <td>
+    	<?php if ('unapproved' == $comment_status) { ?>
+    		(Unapproved)
+    	<?php } else { ?>
+    		<a href="<?php echo get_permalink($comment->comment_post_ID); ?>#comment-<?php comment_ID() ?>" class="edit"><?php _e('View') ?></a>
+    	<?php } ?>
+    </td>
+    <td><?php if ( current_user_can('edit_post', $comment->comment_post_ID) ) {
+	echo "<a href='comment.php?action=editcomment&amp;c=$comment->comment_ID' class='edit'>" .  __('Edit') . "</a>"; } ?></td>
+    <td><?php if ( current_user_can('edit_post', $comment->comment_post_ID) ) {
+		echo "<a href=\"comment.php?action=deletecomment&amp;p=".$comment->comment_post_ID."&amp;c=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to delete this comment by '%s'. \n  'Cancel' to stop, 'OK' to delete."), $comment->comment_author ))  . "', theCommentList );\" class='delete'>" . __('Delete') . "</a> ";
+		} ?></td>
   </tr>
 		<?php 
 		} // end foreach
 	?></table>
-    <p><a href="javascript:;" onclick="checkAll(document.getElementById('deletecomments')); return false; "><?php _e('Invert Checkbox Selection') ?></a></p>
-            <p class="submit"><input type="submit" name="Submit" value="<?php _e('Delete Checked Comments') ?> &raquo;" onclick="return confirm('<?php _e("You are about to delete these comments permanently \\n  \'Cancel\' to stop, \'OK\' to delete.") ?>')" />	</p>
+<p class="submit"><input type="submit" name="delete_button" class="delete" value="<?php _e('Delete Checked Comments &raquo;') ?>" onclick="var numchecked = getNumChecked(document.getElementById('deletecomments')); if(numchecked < 1) { alert('<?php echo js_escape(__("Please select some comments to delete")); ?>'); return false } return confirm('<?php echo sprintf(js_escape(__("You are about to delete %s comments permanently \n  'Cancel' to stop, 'OK' to delete.")), "' + numchecked + '"); ?>')" />
+			<input type="submit" name="spam_button" value="<?php _e('Mark Checked Comments as Spam &raquo;') ?>" onclick="var numchecked = getNumChecked(document.getElementById('deletecomments')); if(numchecked < 1) { alert('<?php echo js_escape(__("Please select some comments to mark as spam")); ?>'); return false } return confirm('<?php echo sprintf(js_escape(__("You are about to mark %s comments as spam \n  'Cancel' to stop, 'OK' to mark as spam.")), "' + numchecked + '"); ?>')" /></p>
   </form>
+<div id="ajax-response"></div>
 <?php
 	} else {
 ?>
@@ -164,8 +191,12 @@ if ('view' == $mode) {
 <?php
 	} // end if ($comments)
 }
-	?>
+
+if ( $page_links )
+	echo "<p class='pagenav'>$page_links</p>";
+
+?>
 
 </div>
 
-<?php include('admin-footer.php'); ?>
+<?php include('admin-footer.php'); ?>

wp-admin/edit-form-advanced.php

@@ -1,206 +1,264 @@
 <?php
+if ( isset($_GET['message']) )
+	  $_GET['message'] = (int) $_GET['message'];
 $messages[1] = __('Post updated');
 $messages[2] = __('Custom field updated');
 $messages[3] = __('Custom field deleted.');
 ?>
 <?php if (isset($_GET['message'])) : ?>
-<div class="updated"><p><?php echo $messages[$_GET['message']]; ?></p></div>
+<div id="message" class="updated fade"><p><?php echo wp_specialchars($messages[$_GET['message']]); ?></p></div>
 <?php endif; ?>
 
 <form name="post" action="post.php" method="post" id="post">
+<?php if ( (isset($mode) && 'bookmarklet' == $mode) || isset($_GET['popupurl']) ): ?>
+<input type="hidden" name="mode" value="bookmarklet" />
+<?php endif; ?>
 
 <div class="wrap">
-<h2><?php _e('Write Post'); ?></h2>
 <?php
 
 if (0 == $post_ID) {
 	$form_action = 'post';
+	$temp_ID = -1 * time(); // don't change this formula without looking at wp_write_post()
+	$form_extra = "<input type='hidden' id='post_ID' name='temp_ID' value='$temp_ID' />";
+	wp_nonce_field('add-post');
 } else {
+	$post_ID = (int) $post_ID;
 	$form_action = 'editpost';
-	$form_extra = "<input type='hidden' name='post_ID' value='$post_ID' />";
+	$form_extra = "<input type='hidden' id='post_ID' name='post_ID' value='$post_ID' />";
+	wp_nonce_field('update-post_' .  $post_ID);
 }
 
-$form_pingback = '<input type="hidden" name="post_pingback" value="' . get_option('default_pingback_flag') . '" id="post_pingback" />';
+$form_pingback = '<input type="hidden" name="post_pingback" value="' . (int) get_option('default_pingback_flag') . '" id="post_pingback" />';
 
-$form_prevstatus = '<input type="hidden" name="prev_status" value="'.$post_status.'" />';
+$form_prevstatus = '<input type="hidden" name="prev_status" value="' . attribute_escape( $post->post_status ) . '" />';
 
-$form_trackback = '<input type="text" name="trackback_url" style="width: 415px" id="trackback" tabindex="7" value="'. str_replace("\n", ' ', $to_ping) .'" />';
+$form_trackback = '<input type="text" name="trackback_url" style="width: 415px" id="trackback" tabindex="7" value="'. attribute_escape( str_replace("\n", ' ', $post->to_ping) ) .'" />';
 
-if ('' != $pinged) {
-	$pings .= '<p>'. __('Already pinged:') . '</p><ul>';
-	$already_pinged = explode("\n", trim($pinged));
+if ('' != $post->pinged) {
+	$pings = '<p>'. __('Already pinged:') . '</p><ul>';
+	$already_pinged = explode("\n", trim($post->pinged));
 	foreach ($already_pinged as $pinged_url) {
-		$pings .= "\n\t<li>$pinged_url</li>";
+		$pings .= "\n\t<li>" . wp_specialchars($pinged_url) . "</li>";
 	}
 	$pings .= '</ul>';
 }
 
-$saveasdraft = '<input name="save" type="submit" id="save" tabindex="6" value="' . __('Save and Continue Editing') . '" />';
+$saveasdraft = '<input name="save" type="submit" id="save" tabindex="3" value="' . attribute_escape( __('Save and Continue Editing') ) . '" />';
 
-if (empty($post_status)) $post_status = 'draft';
+if (empty($post->post_status)) $post->post_status = 'draft';
 
 ?>
 
-<input type="hidden" name="user_ID" value="<?php echo $user_ID ?>" />
-<input type="hidden" name="action" value="<?php echo $form_action ?>" />
-<input type="hidden" name="post_author" value="<?php echo $post_author ?>" />
+<input type="hidden" name="user_ID" value="<?php echo (int) $user_ID ?>" />
+<input type="hidden" id="hiddenaction" name="action" value="<?php echo $form_action ?>" />
+<input type="hidden" id="originalaction" name="originalaction" value="<?php echo $form_action ?>" />
+<input type="hidden" name="post_author" value="<?php echo attribute_escape( $post->post_author ); ?>" />
+<input type="hidden" id="post_type" name="post_type" value="post" />
 
 <?php echo $form_extra ?>
 <?php if (isset($_GET['message']) && 2 > $_GET['message']) : ?>
 <script type="text/javascript">
-<!--
 function focusit() {
 	// focus on first input field
 	document.post.title.focus();
 }
-window.onload = focusit;
-//-->
+addLoadEvent(focusit);
 </script>
 <?php endif; ?>
 <div id="poststuff">
-    <fieldset id="titlediv">
-      <legend><a href="http://wordpress.org/docs/reference/post/#title" title="<?php _e('Help on titles') ?>"><?php _e('Title') ?></a></legend> 
-	  <div><input type="text" name="post_title" size="30" tabindex="1" value="<?php echo $edited_post_title; ?>" id="title" /></div>
-    </fieldset>
 
-    <fieldset id="categorydiv">
-      <legend><a href="http://wordpress.org/docs/reference/post/#category" title="<?php _e('Help on categories') ?>"><?php _e('Categories') ?></a></legend> 
-	  <div><?php dropdown_categories(get_settings('default_category')); ?></div>
-    </fieldset>
+<div id="moremeta">
+<div id="grabit" class="dbx-group">
 
-    <fieldset id="commentstatusdiv">
-      <legend><a href="http://wordpress.org/docs/reference/post/#comments" title="<?php _e('Help on comment status') ?>"><?php _e('Discussion') ?></a></legend> 
-	  <div>
-	  <input name="advanced_view" type="hidden" value="1" />
-	  <label for="comment_status" class="selectit">
-	      <input name="comment_status" type="checkbox" id="comment_status" value="open" <?php checked($comment_status, 'open'); ?> />
-         <?php _e('Allow Comments') ?></label> 
-		 <label for="ping_status" class="selectit"><input name="ping_status" type="checkbox" id="ping_status" value="open" <?php checked($ping_status, 'open'); ?> /> <?php _e('Allow Pings') ?></label>
+<fieldset id="categorydiv" class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Categories') ?></h3>
+<div class="dbx-content">
+<p id="jaxcat"></p>
+<ul id="categorychecklist"><?php dropdown_categories(); ?></ul></div>
+</fieldset>
+
+<fieldset id="commentstatusdiv" class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Discussion') ?></h3>
+<div class="dbx-content">
+<input name="advanced_view" type="hidden" value="1" />
+<label for="comment_status" class="selectit">
+<input name="comment_status" type="checkbox" id="comment_status" value="open" <?php checked($post->comment_status, 'open'); ?> />
+<?php _e('Allow Comments') ?></label> 
+<label for="ping_status" class="selectit"><input name="ping_status" type="checkbox" id="ping_status" value="open" <?php checked($post->ping_status, 'open'); ?> /> <?php _e('Allow Pings') ?></label>
 </div>
 </fieldset>
-    <fieldset id="postpassworddiv">
-      <legend><a href="http://wordpress.org/docs/reference/post/#post_password" title="<?php _e('Help on post password') ?>"><?php _e('Post Password') ?></a></legend> 
-	  <div><input name="post_password" type="text" size="13" id="post_password" value="<?php echo $post_password ?>" /></div>
-    </fieldset>
 
-<br />
-<fieldset id="postexcerpt">
-<legend><a href="http://wordpress.org/docs/reference/post/#excerpt" title="<?php _e('Help with excerpts') ?>"><?php _e('Excerpt') ?></a></legend>
-<div><textarea rows="1" cols="40" name="excerpt" tabindex="4" id="excerpt"><?php echo $excerpt ?></textarea></div>
+<fieldset id="passworddiv" class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Post Password') ?></h3> 
+<div class="dbx-content"><input name="post_password" type="text" size="13" id="post_password" value="<?php echo attribute_escape( $post->post_password ); ?>" /></div>
 </fieldset>
-<fieldset id="postdiv">
-       <legend><a href="http://wordpress.org/docs/reference/post/#post" title="<?php _e('Help with post field') ?>"><?php _e('Post') ?></a></legend>
-<?php the_quicktags(); ?>
-<?php
- $rows = get_settings('default_post_edit_rows');
- if (($rows < 3) || ($rows > 100)) {
-     $rows = 10;
- }
-?>
-<div><textarea rows="<?php echo $rows; ?>" cols="40" name="content" tabindex="5" id="content"><?php echo $content ?></textarea></div>
+
+<fieldset id="slugdiv" class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Post Slug') ?></h3> 
+<div class="dbx-content"><input name="post_name" type="text" size="13" id="post_name" value="<?php echo attribute_escape( $post->post_name ); ?>" /></div>
 </fieldset>
-<?php
+
+<fieldset id="poststatusdiv" class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Post Status') ?></h3> 
+<div class="dbx-content"><?php if ( current_user_can('publish_posts') ) : ?>
+<label for="post_status_publish" class="selectit"><input id="post_status_publish" name="post_status" type="radio" value="publish" <?php checked($post->post_status, 'publish'); checked($post->post_status, 'future'); ?> /> <?php _e('Published') ?></label>
+<?php endif; ?>
+	  <label for="post_status_draft" class="selectit"><input id="post_status_draft" name="post_status" type="radio" value="draft" <?php checked($post->post_status, 'draft'); ?> /> <?php _e('Draft') ?></label>
+	  <label for="post_status_private" class="selectit"><input id="post_status_private" name="post_status" type="radio" value="private" <?php checked($post->post_status, 'private'); ?> /> <?php _e('Private') ?></label></div>
+</fieldset>
+
+<?php if ( current_user_can('edit_posts') ) : ?>
+<fieldset id="posttimestampdiv" class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Post Timestamp'); ?></h3>
+<div class="dbx-content"><?php touch_time(($action == 'edit')); ?></div>
+</fieldset>
+<?php endif; ?>
+
+<?php 
+$authors = get_editable_authors( $current_user->id ); // TODO: ROLE SYSTEM
+if ( $authors && count( $authors ) > 1 ) :
 ?>
-<script type="text/javascript">
-<!--
-edCanvas = document.getElementById('content');
-//-->
-</script>
+<fieldset id="authordiv" class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Post Author'); ?></h3>
+<div class="dbx-content">
+<select name="post_author_override" id="post_author_override">
+<?php
+foreach ($authors as $o) :
+$o = get_userdata( $o->ID );
+if ( $post->post_author == $o->ID || ( empty($post_ID) && $user_ID == $o->ID ) ) $selected = 'selected="selected"';
+else $selected = '';
+echo "<option value='" . (int) $o->ID . "' $selected>" . wp_specialchars( $o->display_name ) . "</option>";
+endforeach;
+?>
+</select>
+</div>
+</fieldset>
+<?php endif; ?>
+
+<?php do_action('dbx_post_sidebar'); ?>
+
+</div>
+</div>
+
+<fieldset id="titlediv">
+	<legend><?php _e('Title') ?></legend>
+	<div><input type="text" name="post_title" size="30" tabindex="1" value="<?php echo attribute_escape($post->post_title); ?>" id="title" /></div>
+</fieldset>
+
+<fieldset id="<?php echo user_can_richedit() ? 'postdivrich' : 'postdiv'; ?>">
+<legend><?php _e('Post') ?>
+
+<?php if ( 'publish' == $post->post_status ) { ?>
+<a href="<?php echo clean_url(get_permalink($post->ID)); ?>" class="view-link" target="_blank"><?php _e('View &raquo;'); ?></a>
+<?php } elseif ( 'edit' == $action ) { ?>
+<a href="<?php echo clean_url(apply_filters('preview_post_link', add_query_arg('preview', 'true', get_permalink($post->ID)))); ?>" class="view-link" target="_blank"><?php _e('Preview &raquo;'); ?></a>
+<?php } ?>
+</legend>
+
+	<?php the_editor($post->post_content); ?>
+</fieldset>
 
 <?php echo $form_pingback ?>
 <?php echo $form_prevstatus ?>
 
 
-<p class="submit"><?php echo $saveasdraft; ?> <input type="submit" name="submit" value="<?php _e('Save') ?>" style="font-weight: bold;" tabindex="6" /> 
+<p class="submit">
+<span id="autosave"></span>
+<?php echo $saveasdraft; ?>
+<input type="submit" name="submit" value="<?php _e('Save') ?>" style="font-weight: bold;" tabindex="4" /> 
 <?php 
-if ('publish' != $post_status || 0 == $post_ID) {
+if ('publish' != $post->post_status || 0 == $post_ID) {
 ?>
-<?php if ( user_can_create_post($user_ID) ) : ?>
-	<input name="publish" type="submit" id="publish" tabindex="10" value="<?php _e('Publish') ?>" /> 
+<?php if ( current_user_can('publish_posts') ) : ?>
+	<input name="publish" type="submit" id="publish" tabindex="5" accesskey="p" value="<?php _e('Publish'); ?>" /> 
 <?php endif; ?>
 <?php
 }
 ?>
-	<input name="referredby" type="hidden" id="referredby" value="<?php echo wp_specialchars($_SERVER['HTTP_REFERER']); ?>" />
-</p>
+<input name="referredby" type="hidden" id="referredby" value="<?php 
+if ( !empty($_REQUEST['popupurl']) )
+	echo clean_url(stripslashes($_REQUEST['popupurl']));
+else if ( url_to_postid(wp_get_referer()) == $post_ID )
+	echo 'redo';
+else
+	echo clean_url(stripslashes(wp_get_referer()));
+?>" /></p>
 
-<?php do_action('edit_form_advanced', ''); ?>
-</div>
+<?php do_action('edit_form_advanced'); ?>
 
-</div>
-
-<div class="wrap">
-<h2><?php _e('Advanced'); ?></h2>
-
-<table width="100%" cellspacing="2" cellpadding="5" class="editform">
-	<tr>
-		<th scope="row" valign="top"><?php _e('Post Status') ?>:</th>
-		<td><?php if ( user_can_create_post($user_ID) ) : ?>
-<label for="post_status_publish" class="selectit"><input id="post_status_publish" name="post_status" type="radio" value="publish" <?php checked($post_status, 'publish'); ?> /> <?php _e('Published') ?></label><br />
-<?php endif; ?>
-	  <label for="post_status_draft" class="selectit"><input id="post_status_draft" name="post_status" type="radio" value="draft" <?php checked($post_status, 'draft'); ?> /> <?php _e('Draft') ?></label><br />
-	  <label for="post_status_private" class="selectit"><input id="post_status_private" name="post_status" type="radio" value="private" <?php checked($post_status, 'private'); ?> /> <?php _e('Private') ?></label></td>
-	</tr>
-	<tr>
-		<th scope="row" valign="top"><?php _e('Send trackbacks to'); ?>:</th>
-		<td><?php echo $form_trackback; ?> <br />
-		<?php _e('Separate multiple URIs with spaces'); ?></td>
-	</tr>
-	<tr valign="top">
-		<th scope="row" width="25%"><?php _e('Post slug') ?>:</th>
-		<td><input name="post_name" type="text" size="25" id="post_name" value="<?php echo $post_name ?>" /></td>
-	</tr>
-<?php if ($user_level > 7 && $users = $wpdb->get_results("SELECT ID, user_login, user_firstname, user_lastname FROM $wpdb->users WHERE user_level <= $user_level AND user_level > 0") ) : ?>
-	<tr>
-		<th scope="row"><?php _e('Post author'); ?>:</th>
-		<td>
-		<select name="post_author_override" id="post_author_override">
-		<?php 
-		foreach ($users as $o) :
-			if ( $post_author == $o->ID || ( empty($post_ID) && $user_ID == $o->ID ) ) $selected = 'selected="selected"';
-			else $selected = '';
-			echo "<option value='$o->ID' $selected>$o->user_login ($o->user_firstname $o->user_lastname)</option>";
-		endforeach;
-		?>
-		</select>
-		</td>
-	</tr>
-<?php endif; ?>
-<?php if ($user_level > 4) : ?>
-	<tr>
-		<th scope="row"><?php _e('Edit time'); ?>:</th>
-		<td><?php touch_time(($action == 'edit')); ?></td>
-	</tr>
-<?php endif; ?>
-<?php if ('edit' == $action) : ?>
-	<tr>
-		<th scope="row"><?php _e('Delete'); ?>:</th>
-		<td>
-		<input name="deletepost" class="button" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this post') ?>" <?php echo "onclick=\"return confirm('" . sprintf(__("You are about to delete this post \'%s\'\\n  \'Cancel\' to stop, \'OK\' to delete."), addslashes($edited_post_title) ) . "')\""; ?> />
-</td>
-<?php endif; ?>
-	</tr>
-</table>
-
-<fieldset id="postcustom">
-<legend><?php _e('Custom Fields') ?></legend>
-<div id="postcustomstuff">
-<?php 
-if($metadata = has_meta($post_ID)) {
-?>
-<?php
-	list_meta($metadata); 
-?>
 <?php
+if (current_user_can('upload_files')) {
+	$uploading_iframe_ID = (int) (0 == $post_ID ? $temp_ID : $post_ID);
+	$uploading_iframe_src = wp_nonce_url("upload.php?style=inline&amp;tab=upload&amp;post_id=$uploading_iframe_ID", 'inlineuploading');
+	$uploading_iframe_src = apply_filters('uploading_iframe_src', $uploading_iframe_src);
+	if ( false != $uploading_iframe_src )
+		echo '<iframe id="uploading" frameborder="0" src="' . $uploading_iframe_src . '">' . __('This feature requires iframe support.') . '</iframe>';
 }
-	meta_form();
 ?>
+
+<div id="advancedstuff" class="dbx-group" >
+
+<div class="dbx-b-ox-wrapper">
+<fieldset id="postexcerpt" class="dbx-box">
+<div class="dbx-h-andle-wrapper">
+<h3 class="dbx-handle"><?php _e('Optional Excerpt') ?></h3>
+</div>
+<div class="dbx-c-ontent-wrapper">
+<div class="dbx-content"><textarea rows="1" cols="40" name="excerpt" tabindex="6" id="excerpt"><?php echo $post->post_excerpt ?></textarea></div>
 </div>
 </fieldset>
-<?php 
-if ('' != $pinged)
+</div>
+
+<div class="dbx-b-ox-wrapper">
+<fieldset id="trackbacksdiv" class="dbx-box">
+<div class="dbx-h-andle-wrapper">
+<h3 class="dbx-handle"><?php _e('Trackbacks') ?></h3>
+</div>
+<div class="dbx-c-ontent-wrapper">
+<div class="dbx-content"><?php _e('Send trackbacks to:'); ?> <?php echo $form_trackback; ?> (<?php _e('Separate multiple URLs with spaces'); ?>)
+<?php
+if ( ! empty($pings) )
 	echo $pings;
 ?>
 </div>
+</div>
+</fieldset>
+</div>
 
-</form>
+<div class="dbx-b-ox-wrapper">
+<fieldset id="postcustom" class="dbx-box">
+<div class="dbx-h-andle-wrapper">
+<h3 class="dbx-handle"><?php _e('Custom Fields') ?></h3>
+</div>
+<div class="dbx-c-ontent-wrapper">
+<div id="postcustomstuff" class="dbx-content">
+<table cellpadding="3">
+<?php
+$metadata = has_meta($post_ID);
+list_meta($metadata);
+?>
+
+</table>
+<?php
+	meta_form();
+?>
+<div id="ajax-response"></div>
+</div>
+</div>
+</fieldset>
+</div>
+
+<?php do_action('dbx_post_advanced'); ?>
+
+</div>
+
+<?php if ('edit' == $action) : $delete_nonce = wp_create_nonce( 'delete-post_' . $post_ID ); ?>
+<input name="deletepost" class="button delete" type="submit" id="deletepost" tabindex="10" value="<?php echo ( 'draft' == $post->post_status ) ? __('Delete this draft') : __('Delete this post'); ?>" <?php echo "onclick=\"if ( confirm('" . js_escape(sprintf( ('draft' == $post->post_status) ? __("You are about to delete this draft '%s'\n  'Cancel' to stop, 'OK' to delete.") : __("You are about to delete this post '%s'\n  'Cancel' to stop, 'OK' to delete."), $post->post_title )) . "') ) { document.forms.post._wpnonce.value = '$delete_nonce'; return true;}return false;\""; ?> />
+<?php endif; ?>
+
+</div>
+
+</div>
+
+</form>

wp-admin/edit-form-comment.php

@@ -1,61 +1,48 @@
 <?php
 $submitbutton_text = __('Edit Comment &raquo;');
-$toprow_title = sprintf(__('Editing Comment # %s'), $commentdata['comment_ID']);
+$toprow_title = sprintf(__('Editing Comment # %s'), $comment->comment_ID);
 $form_action = 'editedcomment';
-$form_extra = "' />\n<input type='hidden' name='comment_ID' value='$comment' />\n<input type='hidden' name='comment_post_ID' value='".$commentdata["comment_post_ID"];
+$form_extra = "' />\n<input type='hidden' name='comment_ID' value='" . $comment->comment_ID . "' />\n<input type='hidden' name='comment_post_ID' value='" . $comment->comment_post_ID;
 ?>
 
-<form name="post" action="post.php" method="post" id="post">
+<form name="post" action="comment.php" method="post" id="post">
+<?php wp_nonce_field('update-comment_' . $comment->comment_ID) ?>
 <div class="wrap">
-<input type="hidden" name="user_ID" value="<?php echo $user_ID ?>" />
+<input type="hidden" name="user_ID" value="<?php echo (int) $user_ID ?>" />
 <input type="hidden" name="action" value='<?php echo $form_action . $form_extra ?>' />
 
 <script type="text/javascript">
-function focusit() {
-	// focus on first input field
+function focusit() { // focus on first input field
 	document.post.name.focus();
 }
-window.onload = focusit;
+addLoadEvent(focusit);
 </script>
 <fieldset id="namediv">
-    <legend><?php _e('Name:') ?></legend>
+    <legend><label for="name"><?php _e('Name:') ?></label></legend>
 	<div>
-	  <input type="text" name="newcomment_author" size="22" value="<?php echo format_to_edit($commentdata['comment_author']) ?>" tabindex="1" id="name" />
+	  <input type="text" name="newcomment_author" size="25" value="<?php echo attribute_escape( $comment->comment_author ); ?>" tabindex="1" id="name" />
     </div>
 </fieldset>
 <fieldset id="emaildiv">
-        <legend><?php _e('E-mail:') ?></legend>
+        <legend><label for="email"><?php _e('E-mail:') ?></label></legend>
 		<div>
-		  <input type="text" name="newcomment_author_email" size="30" value="<?php echo format_to_edit($commentdata['comment_author_email']) ?>" tabindex="2" id="email" />
+		  <input type="text" name="newcomment_author_email" size="20" value="<?php echo attribute_escape( $comment->comment_author_email ); ?>" tabindex="2" id="email" />
     </div>
 </fieldset>
 <fieldset id="uridiv">
-        <legend><?php _e('URI:') ?></legend>
+        <legend><label for="newcomment_author_url"><?php _e('URL:') ?></label></legend>
 		<div>
-		  <input type="text" name="newcomment_author_url" size="35" value="<?php echo format_to_edit($commentdata['comment_author_url']) ?>" tabindex="3" id="URL" />
+		  <input type="text" id="newcomment_author_url" name="newcomment_author_url" size="35" value="<?php echo attribute_escape( $comment->comment_author_url ); ?>" tabindex="3" />
     </div>
 </fieldset>
 
 <fieldset style="clear: both;">
         <legend><?php _e('Comment') ?></legend>
-<?php the_quicktags(); ?>
-<?php
- $rows = get_settings('default_post_edit_rows');
- if (($rows < 3) || ($rows > 100)) {
-     $rows = 10;
- }
-?>
-<div><textarea rows="<?php echo $rows; ?>" cols="40" name="content" tabindex="4" id="content" style="width: 99%"><?php echo $content ?></textarea></div>
+	<?php the_editor($comment->comment_content, 'content', 'newcomment_author_url'); ?>
 </fieldset>
 
-<script type="text/javascript">
-<!--
-edCanvas = document.getElementById('content');
-//-->
-</script>
-
 <p class="submit"><input type="submit" name="editcomment" id="editcomment" value="<?php echo $submitbutton_text ?>" style="font-weight: bold;" tabindex="6" />
-  <input name="referredby" type="hidden" id="referredby" value="<?php echo $_SERVER['HTTP_REFERER']; ?>" />
+  <input name="referredby" type="hidden" id="referredby" value="<?php echo wp_get_referer(); ?>" />
 </p>
 
 </div>
@@ -66,21 +53,25 @@ edCanvas = document.getElementById('content');
 <table width="100%" cellspacing="2" cellpadding="5" class="editform">
 	<tr>
 		<th scope="row" valign="top"><?php _e('Comment Status') ?>:</th>
-		<td><label for="comment_status_approved" class="selectit"><input id="comment_status_approved" name="comment_status" type="radio" value="1" <?php checked($comment_status, '1'); ?> /> <?php _e('Approved') ?></label><br />
-	  <label for="comment_status_moderated" class="selectit"><input id="comment_status_moderated" name="comment_status" type="radio" value="0" <?php checked($comment_status, '0'); ?> /> <?php _e('Moderated') ?></label><br />
-	  <label for="comment_status_spam" class="selectit"><input id="comment_status_spam" name="comment_status" type="radio" value="spam" <?php checked($comment_status, 'spam'); ?> /> <?php _e('Spam') ?></label></td>
+		<td><label for="comment_status_approved" class="selectit"><input id="comment_status_approved" name="comment_status" type="radio" value="1" <?php checked($comment->comment_approved, '1'); ?> /> <?php _e('Approved') ?></label><br />
+		<label for="comment_status_moderated" class="selectit"><input id="comment_status_moderated" name="comment_status" type="radio" value="0" <?php checked($comment->comment_approved, '0'); ?> /> <?php _e('Moderated') ?></label><br />
+		<label for="comment_status_spam" class="selectit"><input id="comment_status_spam" name="comment_status" type="radio" value="spam" <?php checked($comment->comment_approved, 'spam'); ?> /> <?php _e('Spam') ?></label></td>
 	</tr>
 
-<?php if ($user_level > 4) : ?>
+<?php if ( current_user_can('edit_posts') ) : ?>
 	<tr>
-		<th scope="row"><?php _e('Edit time'); ?>:</th>
-		<td><?php touch_time(('editcomment' == $action), 0); ?></td>
+		<th scope="row" valign="top"><?php _e('Edit time'); ?>:</th>
+		<td><?php touch_time(('editcomment' == $action), 0); ?> </td>
 	</tr>
 <?php endif; ?>
 
 	<tr>
-		<th scope="row"><?php _e('Delete'); ?>:</th>
-		<td><p><a class="delete" href="post.php?action=confirmdeletecomment&amp;noredir=true&amp;comment=<?php echo $commentdata['comment_ID']; ?>&amp;p=<?php echo $commentdata['comment_post_ID']; ?>"><?php _e('Delete comment') ?></a></p></td>
+		<th scope="row" valign="top"><?php _e('Delete'); $delete_nonce = wp_create_nonce( 'delete-comment_' . $comment->comment_ID ); ?>:</th>
+		<td><input name="deletecomment" class="button delete" type="submit" id="deletecomment" tabindex="10" value="<?php _e('Delete this comment') ?>" <?php echo "onclick=\"if ( confirm('" . js_escape(__("You are about to delete this comment. \n  'Cancel' to stop, 'OK' to delete.")) . "') ) { document.forms.post._wpnonce.value = '$delete_nonce'; return true; } return false;\""; ?> /> 
+		<input type="hidden" name="c" value="<?php echo $comment->comment_ID ?>" />
+		<input type="hidden" name="p" value="<?php echo $comment->comment_post_ID ?>" />
+		<input type="hidden" name="noredir" value="1" />
+	</td>
 	</tr>
 </table>
 

wp-admin/edit-form.php

@@ -6,28 +6,27 @@
 <?php if (isset($mode) && 'bookmarklet' == $mode) : ?>
 <input type="hidden" name="mode" value="bookmarklet" />
 <?php endif; ?>
-<input type="hidden" name="user_ID" value="<?php echo $user_ID ?>" />
+<input type="hidden" name="user_ID" value="<?php echo (int) $user_ID ?>" />
 <input type="hidden" name="action" value='post' />
 
 <script type="text/javascript">
 <!--
-function focusit() {
-	// focus on first input field
+function focusit() { // focus on first input field
 	document.getElementById('title').focus();
 }
-window.onload = focusit;
+addLoadEvent(focusit);
 //-->
 </script>
 
 <div id="poststuff">
     <fieldset id="titlediv">
       <legend><a href="http://wordpress.org/docs/reference/post/#title" title="<?php _e('Help on titles') ?>"><?php _e('Title') ?></a></legend> 
-	  <div><input type="text" name="post_title" size="30" tabindex="1" value="<?php echo $edited_post_title; ?>" id="title" /></div>
+	  <div><input type="text" name="post_title" size="30" tabindex="1" value="<?php echo attribute_escape( $post->post_title ); ?>" id="title" /></div>
     </fieldset>
 
     <fieldset id="categorydiv">
       <legend><a href="http://wordpress.org/docs/reference/post/#category" title="<?php _e('Help on categories') ?>"><?php _e('Categories') ?></a></legend> 
-	  <div><?php dropdown_categories($default_post_cat); ?></div>
+	  <div><?php dropdown_categories($post->post_category); ?></div>
     </fieldset>
 
 <br />
@@ -35,12 +34,12 @@ window.onload = focusit;
     <legend><a href="http://wordpress.org/docs/reference/post/#post" title="<?php _e('Help with post field') ?>"><?php _e('Post') ?></a></legend>
 <?php the_quicktags(); ?>
 <?php
- $rows = get_settings('default_post_edit_rows');
+ $rows = get_option('default_post_edit_rows');
  if (($rows < 3) || ($rows > 100)) {
      $rows = 10;
  }
 ?>
-<div><textarea rows="<?php echo $rows; ?>" cols="40" name="content" tabindex="4" id="content"><?php echo $content ?></textarea></div>
+<div><textarea rows="<?php echo $rows; ?>" cols="40" name="content" tabindex="4" id="content"><?php echo $post->post_content ?></textarea></div>
 </fieldset>
 
 
@@ -50,22 +49,22 @@ edCanvas = document.getElementById('content');
 //-->
 </script>
 
-<input type="hidden" name="post_pingback" value="<?php echo get_option('default_pingback_flag') ?>" id="post_pingback" />
+<input type="hidden" name="post_pingback" value="<?php echo (int) get_option('default_pingback_flag') ?>" id="post_pingback" />
 
-<p><label for="trackback"> <?php printf(__('<a href="%s" title="Help on trackbacks"><strong>TrackBack</strong> a <abbr title="Universal Resource Identifier">URI</abbr></a>:</label> (Separate multiple <abbr title="Universal Resource Identifier">URI</abbr>s with spaces.)<br />'), 'http://wordpress.org/docs/reference/post/#trackback') ?>
+<p><label for="trackback"> <?php printf(__('<a href="%s" title="Help on trackbacks"><strong>TrackBack</strong> a <abbr title="Universal Resource Locator">URL</abbr></a>:</label> (Separate multiple <abbr title="Universal Resource Locator">URL</abbr>s with spaces.)'), 'http://wordpress.org/docs/reference/post/#trackback'); echo '<br />'; ?>
 	<input type="text" name="trackback_url" style="width: 360px" id="trackback" tabindex="7" /></p>
 
-<p class="submit"><input name="saveasdraft" type="submit" id="saveasdraft" tabindex="9" value="<?php _e('Save as Draft') ?>" /> 
-  <input name="saveasprivate" type="submit" id="saveasprivate" tabindex="10" value="<?php _e('Save as Private') ?>" />
+<p class="submit"><input name="saveasdraft" type="submit" id="saveasdraft" tabindex="9" value="<?php _e('Save as Draft') ?>" />
+	<input name="saveasprivate" type="submit" id="saveasprivate" tabindex="10" value="<?php _e('Save as Private') ?>" />
 
-	 <?php if ( user_can_create_post($user_ID) ) : ?>
-  <input name="publish" type="submit" id="publish" tabindex="6" style="font-weight: bold;" value="<?php _e('Publish') ?>" /> 
+	 <?php if ( current_user_can('edit_posts') ) : ?>
+	<input name="publish" type="submit" id="publish" tabindex="6" style="font-weight: bold;" value="<?php _e('Publish') ?>" />
 <?php endif; ?>
 
 <?php if ('bookmarklet' != $mode) {
-      echo '<input name="advanced" type="submit" id="advancededit" tabindex="7" value="' .  __('Advanced Editing &raquo;') . '" />';
-  } ?>
-  <input name="referredby" type="hidden" id="referredby" value="<?php if (isset($_SERVER['HTTP_REFERER'])) echo urlencode($_SERVER['HTTP_REFERER']); ?>" />
+		echo '<input name="advanced" type="submit" id="advancededit" tabindex="7" value="' .  __('Advanced Editing &raquo;') . '" />';
+	} ?>
+	<input name="referredby" type="hidden" id="referredby" value="<?php if ( $refby = wp_get_referer() ) echo urlencode($refby); ?>" />
 </p>
 
 <?php do_action('simple_edit_form', ''); ?>

wp-admin/edit-link-form.php

@@ -0,0 +1,257 @@
+<?php
+if ( ! empty($link_id) ) {
+	$heading = __('Edit Link');
+	$submit_text = __('Save Changes &raquo;');
+	$form = '<form name="editlink" id="editlink" method="post" action="link.php">';
+	$nonce_action = 'update-bookmark_' . $link_id;
+} else {
+	$heading = __('Add Link');
+	$submit_text = __('Add Link &raquo;');
+	$form = '<form name="addlink" id="addlink" method="post" action="link.php">';
+	$nonce_action = 'add-bookmark';
+}
+
+function xfn_check($class, $value = '', $type = 'check') {
+	global $link;
+
+	$link_rel = $link->link_rel;
+	$rels = preg_split('/\s+/', $link_rel);
+
+	if ('' != $value && in_array($value, $rels) ) {
+		echo ' checked="checked"';
+	}
+
+	if ('' == $value) {
+		if ('family' == $class && strpos($link_rel, 'child') === false && strpos($link_rel, 'parent') === false && strpos($link_rel, 'sibling') === false && strpos($link_rel, 'spouse') === false && strpos($link_rel, 'kin') === false) echo ' checked="checked"';
+		if ('friendship' == $class && strpos($link_rel, 'friend') === false && strpos($link_rel, 'acquaintance') === false && strpos($link_rel, 'contact') === false) echo ' checked="checked"';
+		if ('geographical' == $class && strpos($link_rel, 'co-resident') === false && strpos($link_rel, 'neighbor') === false) echo ' checked="checked"';
+		if ('identity' == $class && in_array('me', $rels) ) echo ' checked="checked"';
+	}
+}
+?>
+
+<div class="wrap">
+<h2><?php echo $heading ?></h2>
+<?php echo $form ?>
+<?php wp_nonce_field($nonce_action); ?>
+
+<div id="poststuff">
+<div id="moremeta">
+<div id="grabit" class="dbx-group">
+
+<fieldset id="categorydiv" class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Categories') ?></h3>
+<div class="dbx-content">
+<p id="jaxcat"></p>
+<ul id="categorychecklist"><?php dropdown_link_categories(get_option('default_link_category')); ?></ul>
+</div>
+</fieldset>
+
+<fieldset class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Target') ?></h3>
+<div class="dbx-content">
+<label for="link_target_blank" class="selectit">
+<input id="link_target_blank" type="radio" name="link_target" value="_blank" <?php echo(($link->link_target == '_blank') ? 'checked="checked"' : ''); ?> />
+<code>_blank</code></label>
+<label for="link_target_top" class="selectit">
+<input id="link_target_top" type="radio" name="link_target" value="_top" <?php echo(($link->link_target == '_top') ? 'checked="checked"' : ''); ?> />
+<code>_top</code></label>
+<label for="link_target_none" class="selectit">
+<input id="link_target_none" type="radio" name="link_target" value="" <?php echo(($link->link_target == '') ? 'checked="checked"' : ''); ?> />
+<?php _e('none') ?></label>
+</div>
+</fieldset>
+
+<fieldset class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Visible') ?></h3>
+<div class="dbx-content">
+<label for="link_visible_yes" class="selectit">
+<input id="link_visible_yes" type="radio" name="link_visible" <?php if ($link->link_visible == 'Y') echo "checked='checked'"; ?> value="Y" />
+<?php _e('Yes') ?></label>
+<label for="link_visible_no" class="selectit">
+<input id="link_visible_no" type="radio" name="link_visible" <?php if ($link->link_visible == 'N') echo "checked='checked'"; ?> value="N" />
+<?php _e('No') ?></label>
+</div>
+</fieldset>
+
+</div>
+</div>
+
+<table class="editform" width="100%" cellspacing="2" cellpadding="5">
+<tr>
+<th scope="row" valign="top"><label for="link_name"><?php _e('Name:') ?></label></th>
+<td><input type="text" name="link_name" value="<?php echo $link->link_name; ?>" style="width: 95%" /></td>
+</tr>
+<tr>
+<th width="20%" scope="row" valign="top"><label for="link_url"><?php _e('Address:') ?></label></th>
+<td width="80%"><input type="text" name="link_url" value="<?php echo $link->link_url; if ( empty( $link->link_url ) ) echo 'http://'; ?>" style="width: 95%" /></td>
+</tr>
+<tr>
+<th scope="row" valign="top"><label for="link_description"><?php _e('Description:') ?></label></th>
+<td><input type="text" name="link_description" value="<?php echo $link->link_description; ?>" style="width: 95%" /></td>
+</tr>
+</table>
+
+<p class="submit">
+<input type="submit" name="submit" value="<?php echo $submit_text ?>" />
+</p>
+
+<div id="advancedstuff" class="dbx-group" >
+
+<fieldset id="xfn" class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Link Relationship (XFN)') ?></h3>
+<div class="dbx-content">
+<table class="editform" width="100%" cellspacing="2" cellpadding="5">
+	<tr>
+		<th width="20%" scope="row"><?php _e('rel:') ?></th>
+		<td width="80%"><input type="text" name="link_rel" id="link_rel" size="50" value="<?php echo $link->link_rel; ?>" /></td>
+	</tr>
+	<tr>
+		<th scope="row"><?php _e('<a href="http://gmpg.org/xfn/">XFN</a> Creator:') ?></th>
+		<td>
+			<table cellpadding="3" cellspacing="5">
+				<tr>
+					<th scope="row"> <?php _e('identity') ?> </th>
+					<td>
+						<label for="me">
+						<input type="checkbox" name="identity" value="me" id="me" <?php xfn_check('identity', 'me'); ?> />
+						<?php _e('another web address of mine') ?></label>
+					</td>
+				</tr>
+				<tr>
+					<th scope="row"> <?php _e('friendship') ?> </th>
+					<td>
+						<label for="contact">
+						<input class="valinp" type="radio" name="friendship" value="contact" id="contact" <?php xfn_check('friendship', 'contact', 'radio'); ?> /> <?php _e('contact') ?></label>
+						<label for="acquaintance">
+						<input class="valinp" type="radio" name="friendship" value="acquaintance" id="acquaintance" <?php xfn_check('friendship', 'acquaintance', 'radio'); ?> />  <?php _e('acquaintance') ?></label>
+						<label for="friend">
+						<input class="valinp" type="radio" name="friendship" value="friend" id="friend" <?php xfn_check('friendship', 'friend', 'radio'); ?> /> <?php _e('friend') ?></label>
+						<label for="friendship">
+						<input name="friendship" type="radio" class="valinp" value="" id="friendship" <?php xfn_check('friendship', '', 'radio'); ?> /> <?php _e('none') ?></label>
+					</td>
+				</tr>
+				<tr>
+					<th scope="row"> <?php _e('physical') ?> </th>
+					<td>
+						<label for="met">
+						<input class="valinp" type="checkbox" name="physical" value="met" id="met" <?php xfn_check('physical', 'met'); ?> />
+						<?php _e('met') ?></label>
+					</td>
+				</tr>
+				<tr>
+					<th scope="row"> <?php _e('professional') ?> </th>
+					<td>
+						<label for="co-worker">
+						<input class="valinp" type="checkbox" name="professional" value="co-worker" id="co-worker" <?php xfn_check('professional', 'co-worker'); ?> />
+						<?php _e('co-worker') ?></label>
+						<label for="colleague">
+						<input class="valinp" type="checkbox" name="professional" value="colleague" id="colleague" <?php xfn_check('professional', 'colleague'); ?> />
+						<?php _e('colleague') ?></label>
+					</td>
+				</tr>
+				<tr>
+					<th scope="row"> <?php _e('geographical') ?> </th>
+					<td>
+						<label for="co-resident">
+						<input class="valinp" type="radio" name="geographical" value="co-resident" id="co-resident" <?php xfn_check('geographical', 'co-resident', 'radio'); ?> />
+						<?php _e('co-resident') ?></label>
+						<label for="neighbor">
+						<input class="valinp" type="radio" name="geographical" value="neighbor" id="neighbor" <?php xfn_check('geographical', 'neighbor', 'radio'); ?> />
+						<?php _e('neighbor') ?></label>
+						<label for="geographical">
+						<input class="valinp" type="radio" name="geographical" value="" id="geographical" <?php xfn_check('geographical', '', 'radio'); ?> />
+						<?php _e('none') ?></label>
+					</td>
+				</tr>
+				<tr>
+					<th scope="row"> <?php _e('family') ?> </th>
+					<td>
+						<label for="child">
+						<input class="valinp" type="radio" name="family" value="child" id="child" <?php xfn_check('family', 'child', 'radio'); ?>  />
+						<?php _e('child') ?></label>
+						<label for="kin">
+						<input class="valinp" type="radio" name="family" value="kin" id="kin" <?php xfn_check('family', 'kin', 'radio'); ?>  />
+						<?php _e('kin') ?></label>
+						<label for="parent">
+						<input class="valinp" type="radio" name="family" value="parent" id="parent" <?php xfn_check('family', 'parent', 'radio'); ?> />
+						<?php _e('parent') ?></label>
+						<label for="sibling">
+						<input class="valinp" type="radio" name="family" value="sibling" id="sibling" <?php xfn_check('family', 'sibling', 'radio'); ?> />
+						<?php _e('sibling') ?></label>
+						<label for="spouse">
+						<input class="valinp" type="radio" name="family" value="spouse" id="spouse" <?php xfn_check('family', 'spouse', 'radio'); ?> />
+						<?php _e('spouse') ?></label>
+						<label for="family">
+						<input class="valinp" type="radio" name="family" value="" id="family" <?php xfn_check('family', '', 'radio'); ?> />
+						<?php _e('none') ?></label>
+					</td>
+				</tr>
+				<tr>
+					<th scope="row"> <?php _e('romantic') ?> </th>
+					<td>
+						<label for="muse">
+						<input class="valinp" type="checkbox" name="romantic" value="muse" id="muse" <?php xfn_check('romantic', 'muse'); ?> />
+						<?php _e('muse') ?></label>
+						<label for="crush">
+						<input class="valinp" type="checkbox" name="romantic" value="crush" id="crush" <?php xfn_check('romantic', 'crush'); ?> />
+						<?php _e('crush') ?></label>
+						<label for="date">
+						<input class="valinp" type="checkbox" name="romantic" value="date" id="date" <?php xfn_check('romantic', 'date'); ?> />
+						<?php _e('date') ?></label>
+						<label for="romantic">
+						<input class="valinp" type="checkbox" name="romantic" value="sweetheart" id="romantic" <?php xfn_check('romantic', 'sweetheart'); ?> />
+						<?php _e('sweetheart') ?></label>
+					</td>
+				</tr>
+			</table>
+		</td>
+	</tr>
+</table>
+</div>
+</fieldset>
+
+<fieldset id="advanced" class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Advanced') ?></h3>
+<div class="dbx-content">
+<table class="editform" width="100%" cellspacing="2" cellpadding="5">
+	<tr>
+		<th width="20%" scope="row"><?php _e('Image Address:') ?></th>
+		<td width="80%"><input type="text" name="link_image" size="50" value="<?php echo $link->link_image; ?>" style="width: 95%" /></td>
+	</tr>
+	<tr>
+		<th scope="row"><?php _e('RSS Address:') ?> </th>
+		<td><input name="link_rss" type="text" id="rss_uri" value="<?php echo $link->link_rss; ?>" size="50" style="width: 95%" /></td>
+	</tr>
+	<tr>
+		<th scope="row"><?php _e('Notes:') ?></th>
+		<td><textarea name="link_notes" cols="50" rows="10" style="width: 95%"><?php echo $link->link_notes; ?></textarea></td>
+	</tr>
+	<tr>
+		<th scope="row"><?php _e('Rating:') ?></th>
+		<td><select name="link_rating" size="1">
+		<?php
+			for ($r = 0; $r < 10; $r++) {
+				echo('            <option value="'.$r.'" ');
+				if ($link->link_rating == $r)
+					echo 'selected="selected"';
+				echo('>'.$r.'</option>');
+			}
+		?></select>&nbsp;<?php _e('(Leave at 0 for no rating.)') ?>
+		</td>
+	</tr>
+</table>
+</fieldset>
+</div>
+
+<?php if ( $link_id ) : ?>
+<input type="hidden" name="action" value="save" />
+<input type="hidden" name="link_id" value="<?php echo (int) $link_id; ?>" />
+<input type="hidden" name="order_by" value="<?php echo attribute_escape($order_by); ?>" />
+<input type="hidden" name="cat_id" value="<?php echo (int) $cat_id ?>" />
+<?php else: ?>
+<input type="hidden" name="action" value="add" />
+<?php endif; ?>
+</div>
+</form>
+</div>

wp-admin/edit-page-form.php

@@ -1,159 +1,209 @@
 
 <div class="wrap">
-<h2><?php _e('Write Page'); ?></h2>
+<h2 id="write-post"><?php _e('Write Page'); ?></h2>
 <?php
+
 if (0 == $post_ID) {
 	$form_action = 'post';
-	$form_extra = '';
+	$nonce_action = 'add-page';
+	$temp_ID = -1 * time(); // don't change this formula without looking at wp_write_post()
+	$form_extra = "<input type='hidden' id='post_ID' name='temp_ID' value='$temp_ID' />";
 } else {
+	$post_ID = (int) $post_ID;
 	$form_action = 'editpost';
-	$form_extra = "<input type='hidden' name='post_ID' value='$post_ID' />";
+	$nonce_action = 'update-page_' . $post_ID;
+	$form_extra = "<input type='hidden' id='post_ID' name='post_ID' value='$post_ID' />";
 }
 
-$sendto = $_SERVER['HTTP_REFERER'];
+$temp_ID = (int) $temp_ID;
+$user_ID = (int) $user_ID;
+
+$sendto = clean_url(stripslashes(wp_get_referer()));
 
 if ( 0 != $post_ID && $sendto == get_permalink($post_ID) )
- 	$sendto = 'redo';
-$sendto = wp_specialchars( $sendto );
-
+	$sendto = 'redo';
 ?>
 
-<form name="post" action="post.php" method="post" id="post">
+<form name="post" action="page.php" method="post" id="post">
 
 <?php
+wp_nonce_field($nonce_action);
+
 if (isset($mode) && 'bookmarklet' == $mode) {
-    echo '<input type="hidden" name="mode" value="bookmarklet" />';
+	echo '<input type="hidden" name="mode" value="bookmarklet" />';
 }
 ?>
 <input type="hidden" name="user_ID" value="<?php echo $user_ID ?>" />
-<input type="hidden" name="action" value='<?php echo $form_action ?>' />
+<input type="hidden" id="hiddenaction" name="action" value='<?php echo $form_action ?>' />
+<input type="hidden" id="originalaction" name="originalaction" value="<?php echo $form_action ?>" />
 <?php echo $form_extra ?>
-<input type="hidden" name="post_status" value="static" />
+<input type="hidden" id="post_type" name="post_type" value="page" />
 
 <script type="text/javascript">
-<!--
-function focusit() {
-	// focus on first input field
+// <![CDATA[
+function focusit() { // focus on first input field
 	document.post.title.focus();
 }
-window.onload = focusit;
-//-->
+addLoadEvent(focusit);
+// ]]>
 </script>
-    <fieldset id="titlediv">
-      <legend><?php _e('Page Title') ?></legend> 
- 	  <div><input type="text" name="post_title" size="30" tabindex="1" value="<?php echo $edited_post_title; ?>" id="title" /></div>
-    </fieldset>
-<fieldset id="commentstatusdiv">
-      <legend><?php _e('Discussion') ?></legend> 
-	  <div>
-	  <input name="advanced_view" type="hidden" value="1" />
-	  <label for="comment_status" class="selectit">
-	      <input name="comment_status" type="checkbox" id="comment_status" value="open" <?php checked($comment_status, 'open'); ?> />
-         <?php _e('Allow Comments') ?></label> 
-		 <label for="ping_status" class="selectit"><input name="ping_status" type="checkbox" id="ping_status" value="open" <?php checked($ping_status, 'open'); ?> /> <?php _e('Allow Pings') ?></label>
-	</div>
+<div id="poststuff">
+
+<div id="moremeta">
+<div id="grabit" class="dbx-group">
+<fieldset id="commentstatusdiv" class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Discussion') ?></h3>
+<div class="dbx-content">
+<input name="advanced_view" type="hidden" value="1" />
+<label for="comment_status" class="selectit">
+<input name="comment_status" type="checkbox" id="comment_status" value="open" <?php checked($post->comment_status, 'open'); ?> />
+<?php _e('Allow Comments') ?></label>
+<label for="ping_status" class="selectit"><input name="ping_status" type="checkbox" id="ping_status" value="open" <?php checked($post->ping_status, 'open'); ?> /> <?php _e('Allow Pings') ?></label>
+</div>
 </fieldset>
-    <fieldset id="postpassworddiv">
-      <legend><?php _e('Page Password') ?></legend> 
-	  <div><input name="post_password" type="text" size="13" id="post_password" value="<?php echo $post_password ?>" /></div>
-    </fieldset>
-    <fieldset id="pageparent">
-      <legend><?php _e('Page Parent') ?></legend> 
-	  <div><select name="parent_id">
-	  <option value='0'><?php _e('Main Page (no parent)'); ?></option>
-			<?php parent_dropdown($post_parent); ?>
-        </select>
-	  </div>
-    </fieldset>
-<fieldset id="postdiv">
-    <legend><?php _e('Page Content') ?></legend>
-<?php the_quicktags(); ?>
+
+<fieldset class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Page Status') ?></h3>
+<div class="dbx-content"><?php if ( current_user_can('publish_pages') ) : ?>
+<label for="post_status_publish" class="selectit"><input id="post_status_publish" name="post_status" type="radio" value="publish" <?php checked($post->post_status, 'publish'); checked($post->post_status, 'future'); ?> /> <?php _e('Published') ?></label>
+<?php endif; ?>
+	  <label for="post_status_draft" class="selectit"><input id="post_status_draft" name="post_status" type="radio" value="draft" <?php checked($post->post_status, 'draft'); ?> /> <?php _e('Draft') ?></label>
+	  <label for="post_status_private" class="selectit"><input id="post_status_private" name="post_status" type="radio" value="private" <?php checked($post->post_status, 'private'); ?> /> <?php _e('Private') ?></label></div>
+</fieldset>
+
+<fieldset id="passworddiv" class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Page Password') ?></h3>
+<div class="dbx-content"><input name="post_password" type="text" size="13" id="post_password" value="<?php echo attribute_escape( $post->post_password ); ?>" /></div>
+</fieldset>
+
+<fieldset id="pageparent" class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Page Parent') ?></h3>
+<div class="dbx-content"><p><select name="parent_id">
+<option value='0'><?php _e('Main Page (no parent)'); ?></option>
+<?php parent_dropdown($post->post_parent); ?>
+</select></p>
+</div>
+</fieldset>
+
+<?php if ( 0 != count( get_page_templates() ) ) { ?>
+<fieldset id="pagetemplate" class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Page Template') ?></h3>
+<div class="dbx-content"><p><select name="page_template">
+		<option value='default'><?php _e('Default Template'); ?></option>
+		<?php page_template_dropdown($post->page_template); ?>
+		</select></p>
+</div>
+</fieldset>
+<?php } ?>
+
+<fieldset id="slugdiv" class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Page Slug') ?></h3>
+<div class="dbx-content"><input name="post_name" type="text" size="13" id="post_name" value="<?php echo attribute_escape( $post->post_name ); ?>" /></div>
+</fieldset>
+
+<?php if ( $authors = get_editable_authors( $current_user->id ) ) : // TODO: ROLE SYSTEM ?>
+<fieldset id="authordiv" class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Page Author'); ?></h3>
+<div class="dbx-content">
+<select name="post_author_override" id="post_author_override">
 <?php
- $rows = get_settings('default_post_edit_rows');
- if (($rows < 3) || ($rows > 100)) {
-     $rows = 10;
- }
+foreach ($authors as $o) :
+$o = get_userdata( $o->ID );
+if ( $post->post_author == $o->ID || ( empty($post_ID) && $user_ID == $o->ID ) ) $selected = 'selected="selected"';
+else $selected = '';
+$o->ID = (int) $o->ID;
+$o->display_name = wp_specialchars( $o->display_name );
+echo "<option value='$o->ID' $selected>$o->display_name</option>";
+endforeach;
 ?>
-<div><textarea rows="<?php echo $rows; ?>" cols="40" name="content" tabindex="4" id="content"><?php echo $content ?></textarea></div>
+</select>
+</div>
+</fieldset>
+<?php endif; ?>
+
+<fieldset id="pageorder" class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Page Order') ?></h3>
+<div class="dbx-content"><p><input name="menu_order" type="text" size="4" id="menu_order" value="<?php echo $post->menu_order ?>" /></p></div>
+</fieldset>
+
+<?php do_action('dbx_page_sidebar'); ?>
+
+</div>
+</div>
+
+<fieldset id="titlediv">
+  <legend><?php _e('Page Title') ?></legend>
+  <div><input type="text" name="post_title" size="30" tabindex="1" value="<?php echo attribute_escape( $post->post_title ); ?>" id="title" /></div>
 </fieldset>
 
 
-<script type="text/javascript">
-<!--
-edCanvas = document.getElementById('content');
-//-->
-</script>
+<fieldset id="<?php echo user_can_richedit() ? 'postdivrich' : 'postdiv'; ?>">
+<legend><?php _e('Page Content') ?>
+
+<?php if ( 'publish' == $post->post_status ) { ?>
+<a href="<?php echo clean_url(get_permalink($post->ID)); ?>" style="position: absolute; right: 2em; margin-right: 19em; text-decoration: underline;" target="_blank"><?php _e('View &raquo;'); ?></a>
+<?php } elseif ( 'edit' == $action ) { ?>
+<a href="<?php echo clean_url(apply_filters('preview_post_link', add_query_arg('preview', 'true', get_permalink($post->ID)))); ?>" style="position: absolute; right: 2em; margin-right: 19em; text-decoration: underline;" target="_blank"><?php _e('Preview &raquo;'); ?></a>
+<?php } ?>
+</legend>
+	<?php the_editor($post->post_content); ?>
+</fieldset>
 
 <p class="submit">
-  <input name="savepage" type="submit" id="savepage" tabindex="6" value="<?php $post_ID ? _e('Edit Page') :_e('Create New Page') ?> &raquo;" /> 
-  <input name="referredby" type="hidden" id="referredby" value="<?php echo $sendto; ?>" />
+<span id="autosave"></span>
+<input name="save" type="submit" id="save" tabindex="3" value="<?php _e('Save and Continue Editing'); ?>" />
+<input type="submit" name="submit" value="<?php _e('Save') ?>" style="font-weight: bold;" tabindex="4" />
+<?php
+if ('publish' != $post->post_status || 0 == $post_ID):
+?>
+<?php if ( current_user_can('publish_pages') ) : ?>
+	<input name="publish" type="submit" id="publish" tabindex="5" accesskey="p" value="<?php _e('Publish') ?>" />
+<?php endif; endif;?>
+<input name="referredby" type="hidden" id="referredby" value="<?php echo $sendto; ?>" />
 </p>
 
-<fieldset id="pageoptions">
-	 <legend><?php _e('Page Options') ?></legend> 
-<table width="100%" cellspacing="2" cellpadding="5" class="editform">
-<?php if ( 0 != count( get_page_templates() ) ) { ?>
-	<tr valign="top">
-		<th scope="row" width="30%"><?php _e('Page Template:') ?></th>
-		<td><div><select name="page_template">
-		<option value='default'><?php _e('Default Template'); ?></option>
-		<?php page_template_dropdown($page_template); ?>
-		</select>
-		
-		</div>
-		</td>
-	</tr>
-<?php } ?>
-	<tr valign="top">
-		<th scope="row" width="30%"><?php _e('Page slug') ?>:</th>
-		<td><input name="post_name" type="text" size="25" id="post_name" value="<?php echo $post_name ?>" /></td>
-	</tr>
-<?php if ($user_level > 7 && $users = $wpdb->get_results("SELECT ID, user_login, user_firstname, user_lastname FROM $wpdb->users WHERE user_level <= $user_level AND user_level > 0") ) : ?>
-	<tr>
-		<th scope="row" width="30%"><?php _e('Page owner'); ?>:</th>
-		<td>
-		<select name="post_author" id="post_author">
-		<?php 
-		foreach ($users as $o) :
-			if ( $post_author == $o->ID ) $selected = 'selected="selected"';
-			else $selected = '';
-			echo "<option value='$o->ID' $selected>$o->user_login ($o->user_firstname $o->user_lastname)</option>";
-		endforeach;
-		?>
-		</select>
-		</td>
-	</tr>
-<?php endif; ?>
-	<tr>
-		<th scope="row" width="25%"><?php _e('Page Order') ?>:</th>
-		<td><input name="menu_order" type="text" size="4" id="menu_order" value="<?php echo $menu_order ?>" /></td>
-	</tr>
-	<tr>
-		<th scope="row"><?php _e('Delete'); ?>:</th>
-		<td><?php if ('edit' == $action) : ?>
-		<input name="deletepost" class="delete" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this page') ?>" <?php echo "onclick=\"return confirm('" . sprintf(__("You are about to delete this page \'%s\'\\n  \'Cancel\' to stop, \'OK\' to delete."), addslashes($edited_post_title) ) . "')\""; ?> />
-<?php endif; ?></td>
-	</tr>
-</table>
-</fieldset>
+<?php do_action('edit_page_form'); ?>
 
-<fieldset id="postcustom">
-<legend><?php _e('Custom Fields') ?> <script type="text/javascript">customToggleLink();</script></legend>
-<div id="postcustomstuff">
-<?php 
-if($metadata = has_meta($post_ID)) {
-?>
-<?php
-	list_meta($metadata); 
-?>
 <?php
+if (current_user_can('upload_files')) {
+	$uploading_iframe_ID = (0 == $post_ID ? $temp_ID : $post_ID);
+	$uploading_iframe_src = wp_nonce_url("upload.php?style=inline&amp;tab=upload&amp;post_id=$uploading_iframe_ID", 'inlineuploading');
+	$uploading_iframe_src = apply_filters('uploading_iframe_src', $uploading_iframe_src);
+	if ( false != $uploading_iframe_src )
+		echo '<iframe id="uploading" frameborder="0" src="' . $uploading_iframe_src . '">' . __('This feature requires iframe support.') . '</iframe>';
 }
+?>
+
+<div id="advancedstuff" class="dbx-group">
+
+<fieldset id="postcustom" class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Custom Fields') ?></h3>
+<div id="postcustomstuff" class="dbx-content">
+<table cellpadding="3">
+<?php
+$metadata = has_meta($post_ID);
+list_meta($metadata);
+?>
+
+</table>
+<?php
 	meta_form();
 ?>
 </div>
+<div id="ajax-response"></div>
 </fieldset>
 
-<?php do_action('edit_page_form', ''); ?>
+<?php do_action('dbx_page_advanced'); ?>
+
+</div>
+
+<?php if ('edit' == $action) :
+	$delete_nonce = wp_create_nonce( 'delete-page_' . $post_ID );
+	if ( current_user_can('delete_page', $post->ID) ) ?>
+		<input name="deletepost" class="button delete" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this page') ?>" <?php echo "onclick=\"if ( confirm('" . js_escape(sprintf(__("You are about to delete this page '%s'\n  'Cancel' to stop, 'OK' to delete."), $post->post_title )) . "') ) { document.forms.post._wpnonce.value = '$delete_nonce'; return true;}return false;\""; ?> />
+<?php endif; ?>
+</div>
+
 </form>
 
 </div>

wp-admin/edit-pages.php

@@ -2,50 +2,61 @@
 require_once('admin.php');
 $title = __('Pages');
 $parent_file = 'edit.php';
+wp_enqueue_script( 'listman' );
 require_once('admin-header.php');
-
-get_currentuserinfo();
 ?>
 
 <div class="wrap">
 <h2><?php _e('Page Management'); ?></h2>
+<p><?php _e('Pages are like posts except they live outside of the normal blog chronology and can be hierarchical. You can use pages to organize and manage any amount of content.'); ?> <a href="page-new.php"><?php _e('Create a new page &raquo;'); ?></a></p>
+
+<form name="searchform" action="" method="get">
+	<fieldset>
+	<legend><?php _e('Search Pages&hellip;') ?></legend>
+	<input type="text" name="s" value="<?php if (isset($_GET['s'])) echo attribute_escape($_GET['s']); ?>" size="17" />
+	<input type="submit" name="submit" value="<?php _e('Search') ?>"  />
+	</fieldset>
+</form>
 
 <?php
-if (isset($user_ID) && ('' != intval($user_ID))) {
-	$posts = $wpdb->get_results("
-	SELECT $wpdb->posts.*, $wpdb->users.user_level FROM $wpdb->posts
-	INNER JOIN $wpdb->users ON ($wpdb->posts.post_author = $wpdb->users.ID)
-	WHERE $wpdb->posts.post_status = 'static'
-	AND ($wpdb->users.user_level < $user_level OR $wpdb->posts.post_author = $user_ID)
-	");
-} else {
-    $posts = $wpdb->get_results("SELECT * FROM $wpdb->posts WHERE post_status = 'static'");
-}
+wp('post_type=page&orderby=menu_order&what_to_show=posts&posts_per_page=-1&posts_per_archive_page=-1&order=asc');
+
+if ( $_GET['s'] )
+	$all = false;
+else
+	$all = true;
 
 if ($posts) {
 ?>
-<table width="100%" cellpadding="3" cellspacing="3"> 
-  <tr> 
-    <th scope="col"><?php _e('ID') ?></th> 
-    <th scope="col"><?php _e('Title') ?></th> 
+<table class="widefat"> 
+  <thead>
+  <tr>
+    <th scope="col" style="text-align: center"><?php _e('ID') ?></th>
+    <th scope="col"><?php _e('Title') ?></th>
     <th scope="col"><?php _e('Owner') ?></th>
 	<th scope="col"><?php _e('Updated') ?></th>
-	<th scope="col"></th> 
-    <th scope="col"></th> 
-    <th scope="col"></th> 
-  </tr> 
-<?php page_rows(); ?>
-</table> 
+	<th scope="col" colspan="3" style="text-align: center"><?php _e('Action'); ?></th>
+  </tr>
+  </thead>
+  <tbody id="the-list">
+<?php
+page_rows(0, 0, $posts, $all);
+?>
+  </tbody>
+</table>
+
+<div id="ajax-response"></div>
+
 <?php
 } else {
 ?>
 <p><?php _e('No pages yet.') ?></p>
 <?php
 } // end if ($posts)
-?> 
-<p><?php _e('Pages are like posts except they live outside of the normal blog chronology. You can use pages to organize and manage any amount of content.'); ?></p>
-<h3><a href="page-new.php"><?php _e('Create New Page'); ?> &raquo;</a></h3>
-</div> 
+?>
 
+<h3><a href="page-new.php"><?php _e('Create New Page &raquo;'); ?></a></h3>
 
-<?php include('admin-footer.php'); ?> 
+</div>
+
+<?php include('admin-footer.php'); ?>

wp-admin/edit.php

@@ -3,60 +3,49 @@ require_once('admin.php');
 
 $title = __('Posts');
 $parent_file = 'edit.php';
+wp_enqueue_script( 1 == $_GET['c'] ? 'admin-comments' : 'listman' );
 require_once('admin-header.php');
 
 $_GET['m'] = (int) $_GET['m'];
 
-get_currentuserinfo();
-
-$drafts = $wpdb->get_results("SELECT ID, post_title FROM $wpdb->posts WHERE post_status = 'draft' AND post_author = $user_ID");
-if (1 < $user_level) {
-	$editable = $wpdb->get_col("SELECT ID FROM $wpdb->users WHERE user_level <= '$user_level' AND ID != $user_ID");
-	if( is_array( $editable ) == false )
-			$other_drafts = '';
-	else {
-		$editable = join(',', $editable);
-		$other_drafts = $wpdb->get_results("SELECT ID, post_title FROM $wpdb->posts WHERE post_status = 'draft' AND post_author IN ($editable) ");
-	}
-} else {
-	$other_drafts = false;
-}
+$drafts = get_users_drafts( $user_ID );
+$other_drafts = get_others_drafts( $user_ID);
 
 if ($drafts || $other_drafts) {
-?> 
+?>
 <div class="wrap">
 <?php if ($drafts) { ?>
-    <p><strong><?php _e('Your Drafts:') ?></strong> 
-    <?php
+	<p><strong><?php _e('Your Drafts:') ?></strong>
+	<?php
 	$i = 0;
 	foreach ($drafts as $draft) {
 		if (0 != $i)
 			echo ', ';
-		$draft->post_title = stripslashes($draft->post_title);
+		$draft->post_title = apply_filters('the_title', stripslashes($draft->post_title));
 		if ($draft->post_title == '')
 			$draft->post_title = sprintf(__('Post #%s'), $draft->ID);
 		echo "<a href='post.php?action=edit&amp;post=$draft->ID' title='" . __('Edit this draft') . "'>$draft->post_title</a>";
 		++$i;
 		}
-	?> 
-    .</p> 
+	?>
+.</p>
 <?php } ?>
 
-<?php if ($other_drafts) { ?> 
-    <p><strong><?php _e('Other&#8217;s Drafts:') ?></strong> 
-    <?php
+<?php if ($other_drafts) { ?>
+	<p><strong><?php _e('Other&#8217;s Drafts:') ?></strong>
+	<?php
 	$i = 0;
 	foreach ($other_drafts as $draft) {
 		if (0 != $i)
 			echo ', ';
-		$draft->post_title = stripslashes($draft->post_title);
+		$draft->post_title = apply_filters('the_title', stripslashes($draft->post_title));
 		if ($draft->post_title == '')
 			$draft->post_title = sprintf(__('Post #%s'), $draft->ID);
 		echo "<a href='post.php?action=edit&amp;post=$draft->ID' title='" . __('Edit this draft') . "'>$draft->post_title</a>";
 		++$i;
 		}
-	?> 
-    .</p> 
+	?>
+	.</p>
 
 <?php } ?>
 
@@ -66,18 +55,17 @@ if ($drafts || $other_drafts) {
 <div class="wrap">
 <h2>
 <?php
-$what_to_show = 'posts';
-$posts_per_page = 15;
-$posts_per_archive_page = -1;
 
-include(ABSPATH.'wp-blog-header.php');
+wp('what_to_show=posts&posts_per_page=15&posts_per_archive_page=-1');
 
 if ( is_month() ) {
 	single_month_title(' ');
 } elseif ( is_search() ) {
 	printf(__('Search for &#8220;%s&#8221;'), wp_specialchars($_GET['s']) );
 } else {
-	if ( ! is_paged() || get_query_var('paged') == 1 )
+	if ( is_single() )
+		printf(__('Comments on %s'), apply_filters( "the_title", $post->post_title));
+	elseif ( ! is_paged() || get_query_var('paged') == 1 )
 		_e('Last 15 Posts');
 	else
 		_e('Previous Posts');
@@ -85,51 +73,66 @@ if ( is_month() ) {
 ?>
 </h2>
 
-<form name="searchform" action="" method="get" style="float: left; width: 16em; margin-right: 3em;"> 
+<form name="searchform" id="searchform" action="" method="get">
   <fieldset> 
   <legend><?php _e('Search Posts&hellip;') ?></legend> 
-  <input type="text" name="s" value="<?php if (isset($s)) echo wp_specialchars($s, 1); ?>" size="17" /> 
-  <input type="submit" name="submit" value="<?php _e('Search') ?>"  /> 
+  <input type="text" name="s" value="<?php if (isset($s)) echo attribute_escape($s); ?>" size="17" /> 
+  <input type="submit" name="submit" value="<?php _e('Search') ?>" class="button" /> 
   </fieldset>
 </form>
 
-<form name="viewarc" action="" method="get" style="float: left; width: 20em; margin-bottom: 1em;">
+<?php $arc_result = $wpdb->get_results("SELECT DISTINCT YEAR(post_date) AS yyear, MONTH(post_date) AS mmonth FROM $wpdb->posts WHERE post_type = 'post' ORDER BY post_date DESC");
+
+if ( count($arc_result) ) { ?>
+
+<form name="viewarc" id="viewarc" action="" method="get">
 	<fieldset>
 	<legend><?php _e('Browse Month&hellip;') ?></legend>
-    <select name='m'>
+	<select name='m'>
 	<?php
-		$arc_result=$wpdb->get_results("SELECT DISTINCT YEAR(post_date) AS yyear, MONTH(post_date) AS mmonth FROM $wpdb->posts ORDER BY post_date DESC");
-		foreach ($arc_result as $arc_row) {			
-			$arc_year  = $arc_row->yyear;
-			$arc_month = $arc_row->mmonth;
-			
-			if( isset($_GET['m']) && $arc_year . zeroise($arc_month, 2) == (int) $_GET['m'] )
+		foreach ($arc_result as $arc_row) {
+			if ( $arc_row->yyear == 0 )
+				continue;
+			$arc_row->mmonth = zeroise($arc_row->mmonth, 2);
+
+			if( isset($_GET['m']) && $arc_row->yyear . $arc_row->mmonth == (int) $_GET['m'] )
 				$default = 'selected="selected"';
 			else
 				$default = null;
-			
-			echo "<option $default value=\"" . $arc_year.zeroise($arc_month, 2) . '">';
-			echo $month[zeroise($arc_month, 2)] . " $arc_year";
+
+			echo "<option $default value='$arc_row->yyear$arc_row->mmonth'>";
+			echo $wp_locale->get_month($arc_row->mmonth) . " $arc_row->yyear";
 			echo "</option>\n";
 		}
 	?>
 	</select>
-		<input type="submit" name="submit" value="<?php _e('Show Month') ?>"  /> 
+		<input type="submit" name="submit" value="<?php _e('Show Month') ?>" class="button" /> 
 	</fieldset>
 </form>
 
+<?php } ?>
+
+<form name="viewcat" id="viewcat" action="" method="get">
+	<fieldset>
+	<legend><?php _e('Browse Category&hellip;') ?></legend>
+	<?php wp_dropdown_categories('show_option_all='.__('All').'&hide_empty=1&hierarchical=1&show_count=1&selected='.$cat);?>
+	<input type="submit" name="submit" value="<?php _e('Show Category') ?>" class="button" /> 
+	</fieldset>
+</form>
+
+<?php do_action('restrict_manage_posts'); ?>
+
 <br style="clear:both;" />
 
 <?php
-
 // define the columns to display, the syntax is 'internal name' => 'display name'
 $posts_columns = array(
-  'id'         => __('ID'),
-  'date'       => __('When'),
-  'title'      => __('Title'),
-  'categories' => __('Categories'),
-  'comments'   => __('Comments'),
-  'author'     => __('Author')
+	'id'         => '<div style="text-align: center">' . __('ID') . '</div>',
+	'date'       => __('When'),
+	'title'      => __('Title'),
+	'categories' => __('Categories'),
+	'comments'   => '<div style="text-align: center">' . __('Comments') . '</div>',
+	'author'     => __('Author')
 );
 $posts_columns = apply_filters('manage_posts_columns', $posts_columns);
 
@@ -140,7 +143,8 @@ $posts_columns['control_delete'] = '';
 
 ?>
 
-<table width="100%" cellpadding="3" cellspacing="3"> 
+<table class="widefat">
+	<thead>
 	<tr>
 
 <?php foreach($posts_columns as $column_display_name) { ?>
@@ -148,29 +152,32 @@ $posts_columns['control_delete'] = '';
 <?php } ?>
 
 	</tr>
+	</thead>
+	<tbody id="the-list">
 <?php
 if ($posts) {
 $bgcolor = '';
-foreach ($posts as $post) { start_wp();
+while (have_posts()) : the_post();
+add_filter('the_title','wp_specialchars');
 $class = ('alternate' == $class) ? '' : 'alternate';
-?> 
-	<tr class='<?php echo $class; ?>'>
+?>
+	<tr id='post-<?php echo $id; ?>' class='<?php echo $class; ?>'>
 
 <?php
 
 foreach($posts_columns as $column_name=>$column_display_name) {
 
 	switch($column_name) {
-	
+
 	case 'id':
 		?>
-		<th scope="row"><?php echo $id ?></th>
+		<th scope="row" style="text-align: center"><?php echo $id ?></th>
 		<?php
 		break;
 
 	case 'date':
 		?>
-		<td><?php the_time('Y-m-d \<\b\r \/\> g:i:s a'); ?></td>
+		<td><?php if ( '0000-00-00 00:00:00' ==$post->post_modified ) _e('Unpublished'); else the_time(__('Y-m-d \<\b\r \/\> g:i:s a')); ?></td>
 		<?php
 		break;
 	case 'title':
@@ -188,9 +195,9 @@ foreach($posts_columns as $column_name=>$column_display_name) {
 
 	case 'comments':
 		?>
-		<td><a href="edit.php?p=<?php echo $id ?>&amp;c=1"> 
-      <?php comments_number(__('0'), __('1'), __('%')) ?> 
-      </a></td>
+		<td style="text-align: center">
+			<?php comments_number(__('0'), "<a href='edit.php?p=$id&amp;c=1'>" . __('1') . '</a>', "<a href='edit.php?p=$id&amp;c=1'>" . __('%') . '</a>') ?>
+			</td>
 		<?php
 		break;
 
@@ -208,13 +215,13 @@ foreach($posts_columns as $column_name=>$column_display_name) {
 
 	case 'control_edit':
 		?>
-		<td><?php if ( user_can_edit_post($user_ID,$post->ID) ) { echo "<a href='post.php?action=edit&amp;post=$id' class='edit'>" . __('Edit') . "</a>"; } ?></td>
+		<td><?php if ( current_user_can('edit_post',$post->ID) ) { echo "<a href='post.php?action=edit&amp;post=$id' class='edit'>" . __('Edit') . "</a>"; } ?></td>
 		<?php
 		break;
 
 	case 'control_delete':
 		?>
-		<td><?php if ( user_can_edit_post($user_ID,$post->ID) ) { echo "<a href='post.php?action=delete&amp;post=$id' class='delete' onclick=\"return confirm('" . sprintf(__("You are about to delete this post \'%s\'\\n  \'OK\' to delete, \'Cancel\' to stop."), wp_specialchars(get_the_title('', ''), 1) ) . "')\">" . __('Delete') . "</a>"; } ?></td>
+		<td><?php if ( current_user_can('delete_post',$post->ID) ) { echo "<a href='" . wp_nonce_url("post.php?action=delete&amp;post=$id", 'delete-post_' . $post->ID) . "' class='delete' onclick=\"return deleteSomething( 'post', " . $id . ", '" . js_escape(sprintf(__("You are about to delete this post '%s'.\n'OK' to delete, 'Cancel' to stop."), get_the_title())) . "' );\">" . __('Delete') . "</a>"; } ?></td>
 		<?php
 		break;
 
@@ -228,7 +235,7 @@ foreach($posts_columns as $column_name=>$column_display_name) {
 ?>
 	</tr> 
 <?php
-}
+endwhile;
 } else {
 ?>
   <tr style='background-color: <?php echo $bgcolor; ?>'> 
@@ -236,8 +243,11 @@ foreach($posts_columns as $column_name=>$column_display_name) {
   </tr> 
 <?php
 } // end if ($posts)
-?> 
-</table> 
+?>
+	</tbody>
+</table>
+
+<div id="ajax-response"></div>
 
 <div class="navigation">
 <div class="alignleft"><?php next_posts_link(__('&laquo; Previous Entries')) ?></div>
@@ -249,53 +259,48 @@ if ( 1 == count($posts) ) {
 
 	$comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = $id AND comment_approved != 'spam' ORDER BY comment_date");
 	if ($comments) {
-	?> 
-<h3><?php _e('Comments') ?></h3> 
-<ol id="comments"> 
+	?>
+<h3 id="comments"><?php _e('Comments') ?></h3>
+<ol id="the-comment-list" class="commentlist">
 <?php
+$i = 0;
 foreach ($comments as $comment) {
-$comment_status = wp_get_comment_status($comment->comment_ID);
-?> 
 
-<li <?php if ("unapproved" == $comment_status) echo "class='unapproved'"; ?> >
-  <?php comment_date('Y-n-j') ?> 
-  @
-  <?php comment_time('g:m:s a') ?> 
-  <?php 
-			if (($user_level > $authordata->user_level) or ($user_login == $authordata->user_login)) {
-				echo "[ <a href=\"post.php?action=editcomment&amp;comment=".$comment->comment_ID."\">" .  __('Edit') . "</a>";
-				echo " - <a href=\"post.php?action=deletecomment&amp;p=".$post->ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return confirm('" . sprintf(__("You are about to delete this comment by \'%s\'\\n  \'OK\' to delete, \'Cancel\' to stop."), $comment->comment_author) . "')\">" . __('Delete') . "</a> ";
-				if ( ('none' != $comment_status) && ($user_level >= 3) ) {
-					if ('approved' == wp_get_comment_status($comment->comment_ID)) {
-						echo " - <a href=\"post.php?action=unapprovecomment&amp;p=".$post->ID."&amp;comment=".$comment->comment_ID."\">" . __('Unapprove') . "</a> ";
-					} else {
-						echo " - <a href=\"post.php?action=approvecomment&amp;p=".$post->ID."&amp;comment=".$comment->comment_ID."\">" . __('Approve') . "</a> ";
-					}
-				}
-				echo "]";
-			} // end if any comments to show
-			?> 
-  <br /> 
-  <strong> 
-  <?php comment_author() ?> 
-  (
-  <?php comment_author_email_link() ?> 
-  /
-  <?php comment_author_url_link() ?> 
-  )</strong> (IP:
-  <?php comment_author_IP() ?> 
-  )
-  <?php comment_text() ?> 
+		++$i; $class = '';
+		$authordata = get_userdata($wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = $comment->comment_post_ID"));
+			$comment_status = wp_get_comment_status($comment->comment_ID);
+			if ('unapproved' == $comment_status)
+				$class .= ' unapproved';
+			if ($i % 2)
+				$class .= ' alternate';
+			echo "<li id='comment-$comment->comment_ID' class='$class'>";
+?>
+<p><strong><?php comment_author() ?></strong> <?php if ($comment->comment_author_email) { ?>| <?php comment_author_email_link() ?> <?php } if ($comment->comment_author_url && 'http://' != $comment->comment_author_url) { ?> | <?php comment_author_url_link() ?> <?php } ?>| <?php _e('IP:') ?> <a href="http://ws.arin.net/cgi-bin/whois.pl?queryinput=<?php comment_author_IP() ?>"><?php comment_author_IP() ?></a></p>
+
+<?php comment_text() ?>
+
+<p><?php comment_date(__('M j, g:i A'));  ?> &#8212; [
+<?php
+if ( current_user_can('edit_post', $comment->comment_post_ID) ) {
+	echo " <a href='comment.php?action=editcomment&amp;c=".$comment->comment_ID."'>" .  __('Edit') . '</a>';
+	echo ' | <a href="' . wp_nonce_url('comment.php?action=deletecomment&amp;p=' . $comment->comment_post_ID . '&amp;c=' . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . '" onclick="return deleteSomething( \'comment\', ' . $comment->comment_ID . ', \'' . js_escape(sprintf(__("You are about to delete this comment by '%s'.\n'Cancel' to stop, 'OK' to delete."), $comment->comment_author)) . "', theCommentList );\">" . __('Delete') . '</a> ';
+	if ( ('none' != $comment_status) && ( current_user_can('moderate_comments') ) ) {
+		echo '<span class="unapprove"> | <a href="' . wp_nonce_url('comment.php?action=unapprovecomment&amp;p=' . $comment->comment_post_ID . '&amp;c=' . $comment->comment_ID, 'unapprove-comment_' . $comment->comment_ID) . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\', theCommentList );">' . __('Unapprove') . '</a> </span>';
+		echo '<span class="approve"> | <a href="' . wp_nonce_url('comment.php?action=approvecomment&amp;p=' . $comment->comment_post_ID . '&amp;c=' . $comment->comment_ID, 'approve-comment_' . $comment->comment_ID) . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\', theCommentList );">' . __('Approve') . '</a> </span>';
+	}
+	echo " | <a href=\"" . wp_nonce_url("comment.php?action=deletecomment&amp;dt=spam&amp;p=" . $comment->comment_post_ID . "&amp;c=" . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . "\" onclick=\"return deleteSomething( 'comment-as-spam', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to mark as spam this comment by '%s'.\n'Cancel' to stop, 'OK' to mark as spam."), $comment->comment_author))  . "', theCommentList );\">" . __('Spam') . "</a> ";
+}
+?>
+</p>
+		</li>
 
-</li> 
-<!-- /comment --> 
 <?php //end of the loop, don't delete
 		} // end foreach
 	echo '</ol>';
 	}//end if comments
 	?>
-<?php } ?> 
-</div> 
-<?php 
+<?php } ?>
+</div>
+<?php
  include('admin-footer.php');
-?> 
+?>

wp-admin/export.php

@@ -0,0 +1,227 @@
+<?php
+require_once ('admin.php');
+$title = __('Export');
+$parent_file = 'edit.php';
+
+if ( isset( $_GET['download'] ) )
+	export_wp();
+
+require_once ('admin-header.php');
+?>
+
+<div class="wrap">
+<h2><?php _e('Export'); ?></h2>
+<div class="narrow">
+<p><?php _e('When you click the button below WordPress will create an XML file for you to save to your computer.'); ?></p>
+<p><?php _e('This format, which we call WordPress eXtended RSS or WXR, will contain your posts, comments, custom fields, and categories.'); ?></p>
+<p><?php _e('Once you&#8217;ve saved the download file, you can use the Import function on another WordPress blog to import this blog.'); ?></p>
+<form action="" method="get">
+<h3><?php _e('Optional options'); ?></h3>
+
+<table>
+<tr>
+<th><?php _e('Restrict Author:'); ?></th>
+<td>
+<select name="author">
+<option value="all" selected="selected"><?php _e('All'); ?></option>
+<?php
+$authors = $wpdb->get_col( "SELECT post_author FROM $wpdb->posts GROUP BY post_author" );  
+foreach ( $authors as $id ) {
+	$o = get_userdata( $id );
+	echo "<option value='$o->ID'>$o->display_name</option>";
+}
+?>
+</select>
+</td>
+</tr>
+</table>
+<p class="submit"><input type="submit" name="submit" value="<?php _e('Download Export File'); ?> &raquo;" />
+<input type="hidden" name="download" value="true" />
+</p>
+</form>
+</div>
+</div>
+
+<?php
+
+function export_wp() {
+global $wpdb, $posts, $post;
+
+$filename = 'wordpress.' . date('Y-m-d') . '.xml';
+
+header('Content-Description: File Transfer');
+header("Content-Disposition: attachment; filename=$filename");
+header('Content-type: text/xml; charset=' . get_option('blog_charset'), true);
+
+$where = '';
+if ( isset( $_GET['author'] ) && $_GET['author'] != 'all' ) {
+	$author_id = (int) $_GET['author'];
+	$where = " WHERE post_author = '$author_id' ";
+}
+
+$posts = $wpdb->get_results("SELECT * FROM $wpdb->posts $where ORDER BY post_date_gmt ASC");
+
+$categories = (array) $wpdb->get_results("SELECT cat_ID, cat_name, category_nicename, category_description, category_parent, posts_private, links_private FROM $wpdb->categories LEFT JOIN $wpdb->post2cat ON (category_id = cat_id) LEFT JOIN $wpdb->posts ON (post_id <=> id) $where GROUP BY cat_id");
+
+function wxr_missing_parents($categories) {
+	if ( !is_array($categories) || empty($categories) )
+		return array();
+
+	foreach ( $categories as $category )
+		$parents[$category->cat_ID] = $category->category_parent;
+
+	$parents = array_unique(array_diff($parents, array_keys($parents)));
+
+	if ( $zero = array_search('0', $parents) )
+		unset($parents[$zero]);
+
+	return $parents;
+}
+
+while ( $parents = wxr_missing_parents($categories) ) {
+	$found_parents = $wpdb->get_results("SELECT cat_ID, cat_name, category_nicename, category_description, category_parent, posts_private, links_private FROM $wpdb->categories WHERE cat_ID IN (" . join(', ', $parents) . ")");
+	if ( is_array($found_parents) && count($found_parents) )
+		$categories = array_merge($categories, $found_parents);
+	else
+		break;
+}
+
+// Put them in order to be inserted with no child going before its parent
+$pass = 0;
+$passes = 1000 + count($categories);
+while ( ( $cat = array_shift($categories) ) && ++$pass < $passes ) {
+	if ( $cat->category_parent == 0 || isset($cats[$cat->category_parent]) ) {
+		$cats[$cat->cat_ID] = $cat;
+	} else {
+		$categories[] = $cat;
+	}
+}
+unset($categories);
+
+function wxr_cdata($str) {
+	if ( seems_utf8($str) == false )
+		$str = utf8_encode($str);
+
+	// $str = ent2ncr(wp_specialchars($str));
+
+	$str = "<![CDATA[$str" . ( ( substr($str, -1) == ']' ) ? ' ' : '') . "]]>";
+
+	return $str;
+}
+
+function wxr_cat_name($c) {
+	if ( empty($c->cat_name) )
+		return;
+
+	echo '<wp:cat_name>' . wxr_cdata($c->cat_name) . '</wp:cat_name>';
+}
+
+function wxr_category_description($c) {
+	if ( empty($c->category_description) )
+		return;
+
+	echo '<wp:category_description>' . wxr_cdata($c->category_description) . '</wp:category_description>';
+}
+
+print '<?xml version="1.0" encoding="' . get_bloginfo('charset') . '"?' . ">\n";
+
+?>
+
+<!--
+	This is a WordPress eXtended RSS file generated by WordPress as an export of 
+	your blog. It contains information about your blog's posts, comments, and 
+	categories. You may use this file to transfer that content from one site to 
+	another. This file is not intended to serve as a complete backup of your 
+	blog.
+	
+	To import this information into a WordPress blog follow these steps:
+	
+	1.	Log into that blog as an administrator.
+	2.	Go to Manage > Import in the blog's admin.
+	3.	Choose "WordPress" from the list of importers.
+	4.	Upload this file using the form provided on that page.
+	5.	You will first be asked to map the authors in this export file to users 
+		on the blog. For each author, you may choose to map an existing user on 
+		the blog or to create a new user.
+	6.	WordPress will then import each of the posts, comments, and categories 
+		contained in this file onto your blog.
+-->
+
+<!-- generator="wordpress/<?php bloginfo_rss('version') ?>" created="<?php echo date('Y-m-d H:i'); ?>"-->
+<rss version="2.0"
+	xmlns:content="http://purl.org/rss/1.0/modules/content/"
+	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
+	xmlns:dc="http://purl.org/dc/elements/1.1/"
+	xmlns:wp="http://wordpress.org/export/1.0/"
+>
+
+<channel>
+	<title><?php bloginfo_rss('name'); ?></title>
+	<link><?php bloginfo_rss('url') ?></link>
+	<description><?php bloginfo_rss("description") ?></description>
+	<pubDate><?php echo mysql2date('D, d M Y H:i:s +0000', get_lastpostmodified('GMT'), false); ?></pubDate>
+	<generator>http://wordpress.org/?v=<?php bloginfo_rss('version'); ?></generator>
+	<language><?php echo get_option('rss_language'); ?></language>
+<?php if ( $cats ) : foreach ( $cats as $c ) : ?>
+	<wp:category><wp:category_nicename><?php echo $c->category_nicename; ?></wp:category_nicename><wp:category_parent><?php echo $c->category_parent ? $cats[$c->category_parent]->cat_name : ''; ?></wp:category_parent><wp:posts_private><?php echo $c->posts_private ? '1' : '0'; ?></wp:posts_private><wp:links_private><?php echo $c->links_private ? '1' : '0'; ?></wp:links_private><?php wxr_cat_name($c); ?><?php wxr_category_description($c); ?></wp:category>
+<?php endforeach; endif; ?>
+	<?php do_action('rss2_head'); ?>
+	<?php if ($posts) { foreach ($posts as $post) { start_wp(); ?>
+<item>
+<title><?php the_title_rss() ?></title>
+<link><?php permalink_single_rss() ?></link>
+<pubDate><?php echo mysql2date('D, d M Y H:i:s +0000', get_post_time('Y-m-d H:i:s', true), false); ?></pubDate>
+<dc:creator><?php the_author() ?></dc:creator>
+<?php the_category_rss() ?>
+
+<guid isPermaLink="false"><?php the_guid(); ?></guid>
+<description></description>
+<content:encoded><![CDATA[<?php echo $post->post_content ?>]]></content:encoded>
+<wp:post_id><?php echo $post->ID; ?></wp:post_id>
+<wp:post_date><?php echo $post->post_date; ?></wp:post_date>
+<wp:post_date_gmt><?php echo $post->post_date_gmt; ?></wp:post_date_gmt>
+<wp:comment_status><?php echo $post->comment_status; ?></wp:comment_status>
+<wp:ping_status><?php echo $post->ping_status; ?></wp:ping_status>
+<wp:post_name><?php echo $post->post_name; ?></wp:post_name>
+<wp:status><?php echo $post->post_status; ?></wp:status>
+<wp:post_parent><?php echo $post->post_parent; ?></wp:post_parent>
+<wp:menu_order><?php echo $post->menu_order; ?></wp:menu_order>
+<wp:post_type><?php echo $post->post_type; ?></wp:post_type>
+<?php
+$postmeta = $wpdb->get_results("SELECT * FROM $wpdb->postmeta WHERE post_id = $post->ID");
+if ( $postmeta ) {
+?>
+<?php foreach( $postmeta as $meta ) { ?>
+<wp:postmeta>
+<wp:meta_key><?php echo $meta->meta_key; ?></wp:meta_key>
+<wp:meta_value><?Php echo $meta->meta_value; ?></wp:meta_value>
+</wp:postmeta>
+<?php } ?>
+<?php } ?>
+<?php
+$comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = $post->ID");
+if ( $comments ) { foreach ( $comments as $c ) { ?>
+<wp:comment>
+<wp:comment_id><?php echo $c->comment_ID; ?></wp:comment_id>
+<wp:comment_author><?php echo $c->comment_author; ?></wp:comment_author>
+<wp:comment_author_email><?php echo $c->comment_author_email; ?></wp:comment_author_email>
+<wp:comment_author_url><?php echo $c->comment_author_url; ?></wp:comment_author_url>
+<wp:comment_author_IP><?php echo $c->comment_author_IP; ?></wp:comment_author_IP>
+<wp:comment_date><?php echo $c->comment_date; ?></wp:comment_date>
+<wp:comment_date_gmt><?php echo $c->comment_date_gmt; ?></wp:comment_date_gmt>
+<wp:comment_content><?php echo $c->comment_content; ?></wp:comment_content>
+<wp:comment_approved><?php echo $c->comment_approved; ?></wp:comment_approved>
+<wp:comment_type><?php echo $c->comment_type; ?></wp:comment_type>
+<wp:comment_parent><?php echo $c->comment_parent; ?></wp:comment_parent>
+</wp:comment>
+<?php } } ?>
+	</item>
+<?php } } ?>
+</channel>
+</rss>
+<?php
+	die();
+}
+
+include ('admin-footer.php');
+?>

wp-admin/import-b2.php

@@ -1,247 +0,0 @@
-<?php
-if (!file_exists('../wp-config.php')) die("There doesn't seem to be a wp-config.php file. Double check that you updated wp-config-sample.php with the proper database connection information and renamed it to wp-config.php.");
-require_once('../wp-config.php');
-require('upgrade-functions.php');
-$step = $_GET['step'];
-if (!$step) $step = 0;
-header( 'Content-Type: text/html; charset=utf-8' );
-?>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-	<title>WordPress &#8212; b2 Conversion</title>
-	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-	<style media="screen" type="text/css">
-	body {
-		font-family: Georgia, "Times New Roman", Times, serif;
-		margin-left: 15%;
-		margin-right: 15%;
-	}
-	#logo {
-		margin: 0;
-		padding: 0;
-		background-image: url(http://wordpress.org/images/wordpress.gif);
-		background-repeat: no-repeat;
-		height: 60px;
-		border-bottom: 4px solid #333;
-	}
-	#logo a {
-		display: block;
-		height: 60px;
-	}
-	#logo a span {
-		display: none;
-	}
-	p, li {
-		line-height: 140%;
-	}
-	</style>
-</head>
-<body>
-<h1 id="logo"><a href="http://wordpress.org"><span>WordPress</span></a></h1>
-<?php
-switch($step) {
-
-	case 0:
-?>
-<p>Welcome to WordPress. Since you&#8217;re upgrading from b2 everything should be relatively 
-  familiar to you. Here are some notes on upgrading:</p>
-<ul>
-  <li>If you&#8217;re using an older version of b2, it's probably a good idea to upgrade 
-    to at least .61 before making the leap to WordPress.</li>
-  <li>The templates are so much better, and there is so much more going on than 
-    before it&#8217;s probably worth it to start from scratch and work back to your 
-    design.</li>
-  <li>You need to transfer some of your settings from your old <code>b2config.php</code>
-    to <code>wp-config.php</code> file.</li>
-  <li>WordPress issues should be discussed in our <a href="http://wordpress.org/support/">support 
-    forums</a>.</li>
-  <li><strong>Back up</strong> your database before you do anything. Yes, you.</li>
-</ul>
-<p>Have you looked at the <a href="../readme.html">readme</a>? If 
-  you&#8217;re all ready, <a href="import-b2.php?step=1">let&#8217;s go</a>!</p>
-<?php
-	break;
-	
-	case 1:
-?>
-<h1>Step 1</h1>
-<p>Okay first we&#8217;re going to set up the links database. This will allow you to host your own blogroll, complete with Weblogs.com updates.</p>
-<?php
-
-$got_links = false;
-$got_cats = false;
-$got_row = false;
-?>
-<p>Installing WP-Links.</p>
-<p>Checking for tables...</p>
-<?php
-$result = mysql_list_tables(DB_NAME);
-if (!$result) {
-    print "DB Error, could not list tables\n";
-    print 'MySQL Error: ' . mysql_error();
-    exit;
-}
-
-while ($row = mysql_fetch_row($result)) {
-    if ($row[0] == $wpdb->links)
-        $got_links = true;
-    if ($row[0] == $wpdb->linkcategories)
-        $got_cats = true;
-    //print "Table: $row[0]<br />\n";
-}
-if (!$got_cats) {
-    echo "<p>Can't find table '$wpdb->linkcategories', gonna create it...</p>\n";
-    $sql = "CREATE TABLE $wpdb->linkcategories ( " .
-           " cat_id int(11) NOT NULL auto_increment, " .
-           " cat_name tinytext NOT NULL, ".
-           " auto_toggle enum ('Y','N') NOT NULL default 'N', ".
-           " PRIMARY KEY (cat_id) ".
-           ") ";
-    $result = mysql_query($sql) or print ("Can't create the table '$wpdb->linkcategories' in the database.<br />" . $sql . "<br />" . mysql_error());
-    if ($result != false) {
-        echo "<p>Table '$wpdb->linkcategories' created OK</p>\n";
-        $got_cats = true;
-    }
-} else {
-    echo "<p>Found table '$wpdb->linkcategories', don't need to create it...</p>\n";
-        $got_cats = true;
-}
-if (!$got_links) {
-    echo "<p>Can't find '$wpdb->links', gonna create it...</p>\n";
-    $sql = "CREATE TABLE $wpdb->links ( " .
-           " link_id int(11) NOT NULL auto_increment,           " .
-           " link_url varchar(255) NOT NULL default '',         " .
-           " link_name varchar(255) NOT NULL default '',        " .
-           " link_image varchar(255) NOT NULL default '',       " .
-           " link_target varchar(25) NOT NULL default '',       " .
-           " link_category int(11) NOT NULL default 0,          " .
-           " link_description varchar(255) NOT NULL default '', " .
-           " link_visible enum ('Y','N') NOT NULL default 'Y',  " .
-           " link_owner int NOT NULL DEFAULT '1',               " .
-           " link_rating int NOT NULL DEFAULT '0',              " .
-           " link_updated DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00', " .
-           " link_rel varchar(255) NOT NULL default '',         " .
-           " link_notes MEDIUMTEXT NOT NULL default '',         " .
-           " PRIMARY KEY (link_id)                              " .
-           ") ";
-    $result = mysql_query($sql) or print ("Can't create the table '$wpdb->links' in the database.<br />" . $sql . "<br />" . mysql_error());
-	$links = mysql_query("INSERT INTO $wpdb->links VALUES ('', 'http://wordpress.org/', 'WordPress', '', '', 1, '', 'Y', 1, 0, '0000-00-00 00:00:00', '');");
-	$links = mysql_query("INSERT INTO $wpdb->links VALUES ('', 'http://photomatt.net/', 'Matt', '', '', 1, '', 'Y', 1, 0, '0000-00-00 00:00:00', '');");
-	$links = mysql_query("INSERT INTO $wpdb->links VALUES ('', 'http://zed1.com/b2/', 'Mike', '', '', 1, '', 'Y', 1, 0, '0000-00-00 00:00:00', '');");
-
-    if ($result != false) {
-        echo "<p>Table '$wpdb->links' created OK</p>\n";
-        $got_links = true;
-    }
-} else {
-    echo "<p>Found table '$wpdb->links', don't need to create it...</p>\n";
-    echo "<p>... may need to update it though. Looking for column link_updated...</p>\n";
-    $query = "SELECT link_updated FROM $wpdb->links LIMIT 1";
-    $q = @mysql_query($query);
-    if ($q != false) {
-        if ($row = mysql_fetch_object($q)) {
-            echo "<p>You have  column link_updated. Good!</p>\n";
-        }
-    } else {
-        $query = "ALTER TABLE $wpdb->links ADD COLUMN link_updated DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00'";
-        $q = mysql_query($query) or mysql_doh("Doh, couldn't add column.", $query, mysql_error());
-        echo "<p>Added column link_updated...</p>\n";
-    }
-    echo "<p>Looking for column link_rel...</p>\n";
-    $query = "SELECT link_rel FROM $wpdb->links LIMIT 1";
-    $q = @mysql_query($query);
-    if ($q != false) {
-        if ($row = mysql_fetch_object($q)) {
-            echo "<p>You have column link_rel. Good!</p>\n";
-        }
-    } else {
-        $query = "ALTER TABLE $wpdb->links ADD COLUMN link_rel varchar(255) NOT NULL DEFAULT '' ";
-        $q = mysql_query($query) or mysql_doh("Doh, couldn't add column.", $query, mysql_error());
-        echo "<p>Added column link_rel...</p>\n";
-    }
-    $got_links = true;
-}
-
-if ($got_links && $got_cats) {
-    echo "<p>Looking for category 1...</p>\n";
-    $sql = "SELECT * FROM $wpdb->linkcategories WHERE cat_id=1 ";
-    $result = mysql_query($sql) or print ("Can't query '$wpdb->linkcategories'.<br />" . $sql . "<br />" . mysql_error());
-    if ($result != false) {
-        if ($row = mysql_fetch_object($result)) {
-            echo "<p>You have at least 1 category. Good!</p>\n";
-            $got_row = true;
-        } else {
-            echo "<p>Gonna insert category 1...</p>\n";
-            $sql = "INSERT INTO $wpdb->linkcategories (cat_id, cat_name) VALUES (1, 'General')";
-            $result = mysql_query($sql) or print ("Can't query insert category.<br />" . $sql . "<br />" . mysql_error());
-            if ($result != false) {
-                echo "<p>Inserted category Ok</p>\n";
-                $got_row = true;
-            }
-        }
-    }
-}
-
-if ($got_row) {
-    echo "<p>All done!</p>\n";
-}
-?>
-<p>Did you defeat the boss monster at the end? Good, then you&#8217;re ready for 
-  <a href="import-b2.php?step=2">Step 2</a>.</p>
-<?php
-	break;
-	case 2:
-?>
-<h1>Step 2</h1>
-<p>First we&#8217;re going to add excerpt, post, and password functionality...</p>
-
-<?php
-
-$query = "ALTER TABLE $wpdb->posts ADD COLUMN post_excerpt text NOT NULL;";
-$q = $wpdb->query($query);
-// 0.71 mods
-$query = "ALTER TABLE $wpdb->posts ADD post_status ENUM('publish','draft','private') NOT NULL,
-ADD comment_status ENUM('open','closed') NOT NULL,
-ADD ping_status ENUM('open','closed') NOT NULL,
-ADD post_password varchar(20) NOT NULL;";
-$q = $wpdb->query($query);
-?>
-
-<p>That went well! Now let's clean up the b2 database structure a bit...</p>
-
-<?php
-$query = "ALTER TABLE $wpdb->posts DROP INDEX ID";
-
-$q = $wpdb->query($query);
-
-?>
-
-<p>One down, two to go...</p>
-
-
-<p>So far so good.</p>
-<?php
-
-$query="ALTER TABLE $wpdb->posts DROP post_karma";
-$q = $wpdb->query($query);
-flush();
-?>
-
-<p>Almost there...</p>
-
-<?php
-
-$query = "ALTER TABLE $wpdb->users DROP INDEX ID";
-
-$q = $wpdb->query($query);
-upgrade_all();
-?>
-
-<p>Welcome to the family. <a href="../">Have fun</a>!</p>
-  <?php
-	break;
-}
-?>
-
-</body>
-</html>

wp-admin/import-blogger.php

@@ -1,221 +0,0 @@
-<?php
-
-$wpvarstoreset = array('action');
-for ($i=0; $i<count($wpvarstoreset); $i += 1) {
-	$wpvar = $wpvarstoreset[$i];
-	if (!isset($$wpvar)) {
-		if (empty($_POST["$wpvar"])) {
-			if (empty($_GET["$wpvar"])) {
-				$$wpvar = '';
-			} else {
-				$$wpvar = $_GET["$wpvar"];
-			}
-		} else {
-			$$wpvar = $_POST["$wpvar"];
-		}
-	}
-}
-require_once('../wp-config.php');
-require('upgrade-functions.php');
-header( 'Content-Type: text/html; charset=utf-8' );
-switch ($action) {
-
-case "step1":
-?>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
-	<title>Blogger to WordPress - Converting...</title>
-	<link rel="stylesheet" href="wp-admin.css" type="text/css">
-</head>
-<body>
-<div class="wrap">
-<h1>Blogger to <img src="../wp-images/wpminilogo.png" width="50" height="50" border="0" alt="WordPress" align="top" /></h1>
-<p>The importer is running...</p>
-<ul>
-	<li>Importing posts and users
-		<ul><?php
-
-	for($bgy=1999; $bgy<=(date('Y')); $bgy++) {
-		for($bgm=1; $bgm<13; $bgm++) {
-
-		$bgmm = zeroise($bgm,2);
-	
-		$archivefile = "../$bgy"."_"."$bgmm"."_01_wordpress.php";
-		
-		if (file_exists($archivefile)) {
-
-			$f = fopen($archivefile,"r");
-			$archive = fread($f, filesize($archivefile));
-			fclose($f);
-			echo "<li>$bgy/$bgmm ";
-
-			$posts = explode('<wordpresspost>', $archive);
-
-			for ($i = 1; $i < count($posts); $i = $i + 1) {
-
-			$postinfo = explode('|||', $posts[$i]);
-			$post_date = $postinfo[0];
-			$post_content = $postinfo[2];
-			// Don't try to re-use the original numbers
-			// because the new, longer numbers are too
-			// big to handle as ints.
-			//$post_number = $postinfo[3];
-			$post_title = $postinfo[4];
-
-			$post_author = trim(addslashes($postinfo[1]));
-			// we'll check the author is registered already
-			$user = $wpdb->get_row("SELECT * FROM $wpdb->users WHERE user_login = '$post_author'");
-			if (!$user) { // seems s/he's not, so let's register
-				$user_ip = '127.0.0.1';
-				$user_domain = 'localhost';
-				$user_browser = 'server';
-				$user_joindate = '1979-06-06 00:41:00'; // that's my birthdate (gmt+1) - I could choose any other date. You could change the date too. Just remember the year must be >=1970 or the world would just randomly fall on your head (everything might look fine, and then blam! major headache!)
-				$user_login = addslashes($post_author);
-				$pass1 = addslashes('password');
-				$user_nickname = addslashes($post_author);
-				$user_email = addslashes('user@wordpress.org');
-				$user_url = addslashes('');
-				$user_joindate = addslashes($user_joindate);
-				$result = $wpdb->query("
-				INSERT INTO $wpdb->users (
-					user_login,
-					user_pass,
-					user_nickname,
-					user_email,
-					user_url,
-					user_ip,
-					user_domain,
-					user_browser,
-					user_registered,
-					user_level,
-					user_idmode
-				) VALUES (
-					'$user_login',
-					'$pass1',
-					'$user_nickname',
-					'$user_email',
-					'$user_url',
-					'$user_ip',
-					'$user_domain',
-					'$user_browser',
-					'$user_joindate',
-					'1',
-					'nickname'
-				)");
-
-				echo ": Registered user <strong>$user_login</strong>";
-			}
-
-			$post_author_ID = $wpdb->get_var("SELECT ID FROM $wpdb->users WHERE user_login = '$post_author'");
-
-			$post_date = explode(' ', $post_date);
-			$post_date_Ymd = explode('/', $post_date[0]);
-			$postyear = $post_date_Ymd[2];
-			$postmonth = zeroise($post_date_Ymd[0], 2);
-			$postday = zeroise($post_date_Ymd[1], 2);
-			$post_date_His = explode(':', $post_date[1]);
-			$posthour = zeroise($post_date_His[0], 2);
-			$postminute = zeroise($post_date_His[1], 2);
-			$postsecond = zeroise($post_date_His[2], 2);
-
-			if (($post_date[2] == 'PM') && ($posthour != '12'))
-				$posthour = $posthour + 12;
-			else if (($post_date[2] == 'AM') && ($posthour == '12'))
-				$posthour = '00';
-
-			$post_date = "$postyear-$postmonth-$postday $posthour:$postminute:$postsecond";
-
-			$post_content = addslashes($post_content);
-			$post_content = str_replace('<br>', '<br />', $post_content); // the XHTML touch... ;)
-			
-			$post_title = addslashes($post_title);
-			
-			// Quick-n-dirty check for dups:
-			$dupcheck = $wpdb->get_results("SELECT ID,post_date,post_title FROM $wpdb->posts WHERE post_date='$post_date' AND post_title='$post_title' LIMIT 1",ARRAY_A);
-			if ($dupcheck[0]['ID']) {
-				print "<br />\nSkipping duplicate post, ID = '" . $dupcheck[0]['ID'] . "'<br />\n";
-				print "Timestamp: " . $post_date . "<br />\n";
-				print "Post Title: '" . stripslashes($post_title) . "'<br />\n";
-				continue;
-			}
-
-			$result = $wpdb->query("
-			INSERT INTO $wpdb->posts 
-				(post_author,post_date,post_content,post_title,post_category)
-			VALUES 
-				('$post_author_ID','$post_date','$post_content','$post_title','1')
-			");
-
-
-			} echo '... <strong>Done</strong></li>';
-			
-		}}
-	}
-
-	upgrade_all();
-	?>
-</ul>
-<strong>Done</strong>
-</li>
-</ul>
-<p>&nbsp;</p>
-<p>Completed Blogger to WordPress import!</p>
-<p>Now you can go and <a href="../wp-login.php">log in</a>, have fun!</p>
-</div>
-</body>
-</html>
-	<?php
-	break;
-
-default:
-
-	?>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
-	<title>Blogger to WordPress Import Utility</title>
-	<link rel="stylesheet" href="wp-admin.css" type="text/css">
-</head>
-
-<body>
-<div class="wrap">
-<h1>Blogger to <img src="../wp-images/wpminilogo.png" width="50" height="50" border="0" alt="WordPress" align="top" /></h1>
-<p>This is a basic Blogger to WordPress import script.</p>
-<p>What it does:</p>
-<ul>
-	<li>Parses your archives to retrieve your blogger posts.</li>
-	<li>Adds an author whenever it sees a new nickname, all authors are imported at level 1, with a default profile and the password 'password'</li>
-</ul>
-<p>What it does not:</p>
-<ul>
-	<li>It sucks at making coffee.</li>
-	<li>It always forgets to call back.</li>
-</ul>
-
-<h2>First step: Install WordPress</h2>
-<p>Install the WordPress blog as explained in the <a href="../readme.html">read me</a>, then immediately come back here.</p>
-
-<h3>Second step: let's play with Blogger</h3>
-<p>Log into your Blogger account.<br />
-Go to the Settings, and make Blogger publish your files in the directory where your WordPress resides. Change the Date/Time format to be mm/dd/yyyy hh:mm:ss AM/PM (the first choice in the dropdown menu). In Archives: set the frequency to 'monthly' and the archive filename to 'wordpress.php' (without the quotes), set the ftp archive path to make Blogger publish the archives in your WordPress directory. Click 'save changes'.<br />
-Go to the Templates. Replace your existing template with this line (copy and paste):
-<blockquote>&lt;Blogger>&lt;wordpresspost>&lt;$BlogItemDateTime$>|||&lt;$BlogItemAuthorNickname$>|||&lt;$BlogItemBody$>|||&lt;$BlogItemNumber$>|||&lt;$BlogItemSubject$>&lt;/Blogger></blockquote>
-Go to the Archives, and click 'republish all'.<br />
-Check in your FTP that you've got the archive files published. They should look like this example: <code>2001_10_01_wordpress.php</code>. If they aren't there, redo the republish process.</p>
-<p>You're done with the hard part. :)</p>
-
-<form name="stepOne" method="get">
-<input type="hidden" name="action" value="step1" />
-<h3>Third step: w00t, let's click OK:</h3>
-<p>When you're ready, click OK to start importing: <input type="submit" name="submit" value="OK" /><br /><br />
-<i>Note: the script might take some time, like 1 second for 100 entries
-imported. DO NOT STOP IT or else you won't have a complete import.</i></p>
-</form>
-</div>
-</body>
-</html>
-	<?php
-	break;
-
-}
-
-?>

wp-admin/import-greymatter.php

@@ -1,322 +0,0 @@
-<?php
-if (!file_exists('../wp-config.php')) die("There doesn't seem to be a wp-config.php file. You must install WordPress before you import any entries.");
-
-require_once('../wp-config.php');
-require('upgrade-functions.php');
-
-$wpvarstoreset = array('action', 'gmpath', 'archivespath', 'lastentry');
-for ($i=0; $i<count($wpvarstoreset); $i += 1) {
-	$wpvar = $wpvarstoreset[$i];
-	if (!isset($$wpvar)) {
-		if (empty($_POST["$wpvar"])) {
-			if (empty($_GET["$wpvar"])) {
-				$$wpvar = '';
-			} else {
-				$$wpvar = $_GET["$wpvar"];
-			}
-		} else {
-			$$wpvar = $_POST["$wpvar"];
-		}
-	}
-}
-
-header( 'Content-Type: text/html; charset=utf-8' );
-?>
-
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-<title>WordPress &rsaquo; Import from GreyMatter</title>
-<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-<style media="screen" type="text/css">
-	body {
-		font-family: Georgia, "Times New Roman", Times, serif;
-		margin-left: 20%;
-		margin-right: 20%;
-	}
-	#logo {
-		margin: 0;
-		padding: 0;
-		background-image: url(http://wordpress.org/images/logo.png);
-		background-repeat: no-repeat;
-		height: 60px;
-		border-bottom: 4px solid #333;
-	}
-	#logo a {
-		display: block;
-		text-decoration: none;
-		text-indent: -100em;
-		height: 60px;
-	}
-	p {
-		line-height: 140%;
-	}
-	#authors li 	{
-		padding:3px;
-		border: 1px solid #ccc;
-		width: 40%;
-		margin-bottom:2px;
-	}
-	</style>
-</head><body> 
-<h1 id="logo"><a href="http://wordpress.org">WordPress</a></h1> 
-
-<?php
-switch ($action) {
-
-case "step1":
-
-	function gm2autobr($string) { // transforms GM's |*| into wp's <br />\n
-		$string = str_replace("|*|","<br />\n",$string);
-		return($string);
-	}
-
-	if (!@chdir($archivespath))
-		die("Wrong path, $archivespath\ndoesn't exist\non the server");
-
-	if (!@chdir($gmpath))
-		die("Wrong path, $gmpath\ndoesn't exist\non the server");
-?>
-
-<p>The importer is running...</p>
-<ul>
-<li>importing users... <ul><?php
-
-	chdir($gmpath);
-	$userbase = file("gm-authors.cgi");
-
-	foreach($userbase as $user) {
-		$userdata=explode("|", $user);
-
-		$user_ip="127.0.0.1";
-		$user_domain="localhost";
-		$user_browser="server";
-
-		$s=$userdata[4];
-		$user_joindate=substr($s,6,4)."-".substr($s,0,2)."-".substr($s,3,2)." 00:00:00";
-
-		$user_login=addslashes($userdata[0]);
-		$pass1=addslashes($userdata[1]);
-		$user_nickname=addslashes($userdata[0]);
-		$user_email=addslashes($userdata[2]);
-		$user_url=addslashes($userdata[3]);
-		$user_joindate=addslashes($user_joindate);
-
-		$loginthere = $wpdb->get_var("SELECT user_login FROM $wpdb->users WHERE user_login = '$user_login'");
-		if ($loginthere) {
-			echo "<li>user <i>$user_login</i>... <b>Already exists</b></li>";
-			continue;
-		}
-
-		$query = "INSERT INTO $wpdb->users (user_login,user_pass,user_nickname,user_email,user_url,user_ip,user_domain,user_browser,user_registered,user_level,user_idmode) VALUES ('$user_login','$pass1','$user_nickname','$user_email','$user_url','$user_ip','$user_domain','$user_browser','$user_joindate','1','nickname')";
-		$result = $wpdb->query($query);
-		if ($result==false) {
-			die ("<strong>ERROR</strong>: couldn't register an user!");
-		}
-		echo "<li>user <i>$user_login</i>... <b>Done</b></li>";
-
-	}
-
-?></ul><b>Done</b></li>
-<li>importing posts, comments, and karma...<br /><ul><?php
-
-	chdir($archivespath);
-	
-	for($i = 0; $i <= $lastentry; $i = $i + 1) {
-		
-		$entryfile = "";
-		
-		if ($i<10000000) {
-			$entryfile .= "0";
-			if ($i<1000000) {
-				$entryfile .= "0";
-				if ($i<100000) {
-					$entryfile .= "0";
-					if ($i<10000) {
-						$entryfile .= "0";
-						if ($i<1000) {
-							$entryfile .= "0";
-							if ($i<100) {
-								$entryfile .= "0";
-								if ($i<10) {
-									$entryfile .= "0";
-		}}}}}}}
-
-		$entryfile .= "$i";
-
-		if (is_file($entryfile.".cgi")) {
-
-			$entry=file($entryfile.".cgi");
-			echo "<li>entry # $entryfile ";
-			$postinfo=explode("|",$entry[0]);
-			$postmaincontent=gm2autobr($entry[2]);
-			$postmorecontent=gm2autobr($entry[3]);
-
-			$post_author=trim(addslashes($postinfo[1]));
-			// we'll check the author is registered, or if it's a deleted author
-			$sql = "SELECT * FROM $wpdb->users WHERE user_login = '$post_author'";
-			$result = $wpdb->query($sql);
-			if (! $result) { // if deleted from GM, we register the author as a level 0 user in wp
-				$user_ip="127.0.0.1";
-				$user_domain="localhost";
-				$user_browser="server";
-				$user_joindate="1979-06-06 00:41:00";
-				$user_login=addslashes($post_author);
-				$pass1=addslashes("password");
-				$user_nickname=addslashes($post_author);
-				$user_email=addslashes("user@deleted.com");
-				$user_url=addslashes("");
-				$user_joindate=addslashes($user_joindate);
-				$query = "INSERT INTO $wpdb->users (user_login,user_pass,user_nickname,user_email,user_url,user_ip,user_domain,user_browser,user_registered,user_level,user_idmode) VALUES ('$user_login','$pass1','$user_nickname','$user_email','$user_url','$user_ip','$user_domain','$user_browser','$user_joindate','0','nickname')";
-				$result = $wpdb->query($query);
-				if ($result==false) {
-					die ("<strong>ERROR</strong>: couldn't register an user!");
-				}
-				echo ": registered deleted user <i>$user_login</i> at level 0 ";
-			}
-
-			$sql = "SELECT ID FROM $wpdb->users WHERE user_login = '$post_author'";
-			$post_author_ID = $wpdb->get_var($sql);
-
-			$post_title=gm2autobr($postinfo[2]);
-			$post_title=addslashes($post_title);
-
-			$postyear=$postinfo[6];
-			$postmonth=zeroise($postinfo[4],2);
-			$postday=zeroise($postinfo[5],2);
-			$posthour=zeroise($postinfo[7],2);
-			$postminute=zeroise($postinfo[8],2);
-			$postsecond=zeroise($postinfo[9],2);
-
-			if (($postinfo[10]=="PM") && ($posthour!="12"))
-				$posthour=$posthour+12;
-
-			$post_date="$postyear-$postmonth-$postday $posthour:$postminute:$postsecond";
-
-			$post_content=$postmaincontent;
-			if (strlen($postmorecontent)>3)
-				$post_content .= "<!--more--><br /><br />".$postmorecontent;
-			$post_content=addslashes($post_content);
-
-			$post_karma=$postinfo[12];
-
-			$query = "INSERT INTO $wpdb->posts (post_author,post_date,post_content,post_title) VALUES ('$post_author_ID','$post_date','$post_content','$post_title')";
-			$result = $wpdb->query($query);
-
-			if (!$result)
-				die ("Error in posting...");
-			
-			$query = "SELECT ID FROM $wpdb->posts ORDER BY ID DESC LIMIT 1";
-			$post_ID = $wpdb->get_var($query);
-
-			// Grab a default category.
-			$post_category = $wpdb->get_var("SELECT cat_ID FROM $wpdb->categories LIMIT 1");
-
-			// Update the post2cat table.
-			$exists = $wpdb->get_row("SELECT * FROM $wpdb->post2cat WHERE post_id = $post_ID AND category_id = $post_category");
-			  
-			if (!$exists) {
-			  $wpdb->query("
-					INSERT INTO $wpdb->post2cat
-					(post_id, category_id)
-					VALUES
-					($post_ID, $post_category)
-					");
-			}
-
-			$c=count($entry);
-			if ($c>4) {
-				for ($j=4;$j<$c;$j++) {
-					$entry[$j]=gm2autobr($entry[$j]);
-					$commentinfo=explode("|",$entry[$j]);
-					$comment_post_ID=$post_ID;
-					$comment_author=addslashes($commentinfo[0]);
-					$comment_author_email=addslashes($commentinfo[2]);
-					$comment_author_url=addslashes($commentinfo[3]);
-					$comment_author_IP=addslashes($commentinfo[1]);
-
-					$commentyear=$commentinfo[7];
-					$commentmonth=zeroise($commentinfo[5],2);
-					$commentday=zeroise($commentinfo[6],2);
-					$commenthour=zeroise($commentinfo[8],2);
-					$commentminute=zeroise($commentinfo[9],2);
-					$commentsecond=zeroise($commentinfo[10],2);
-					if (($commentinfo[11]=="PM") && ($commenthour!="12"))
-						$commenthour=$commenthour+12;
-					$comment_date="$commentyear-$commentmonth-$commentday $commenthour:$commentminute:$commentsecond";
-
-					$comment_content=addslashes($commentinfo[12]);
-
-					$sql3 = "INSERT INTO $wpdb->comments (comment_post_ID,comment_author,comment_author_email,comment_author_url,comment_author_IP,comment_date,comment_content) VALUES ('$comment_post_ID','$comment_author','$comment_author_email','$comment_author_url','$comment_author_IP','$comment_date','$comment_content')";
-					$result3 = $wpdb->query($sql3);
-					if (!$result3)
-						die ("There is an error with the database, it can't store your comment..");
-				}
-				$comments=$c-4;
-				echo ": imported $comments comment";
-				if ($comments>1)
-					echo "s";
-			}
-			echo "... <b>Done</b></li>";
-		}
-	} 
-	upgrade_all();
-	?>
-</ul><b>Done</b></li></ul>
-<p>&nbsp;</p>
-<p>Completed GM 2 WordPress import !</p>
-<p>Now you can go and <a href="wp-login.php">log in</a>, have fun !</p>
-	<?php
-	break;
-
-default:
-?>
-
-<p>This is a basic GreyMatter to WordPress import script.</p>
-<p>What it does:</p>
-<ul>
-<li>parses gm-authors.cgi to import authors: everyone is imported at level 1</li>
-<li>parses the entries cgi files to import posts, comments, and karma on posts (although karma is not used on WordPress); if authors are found not to be in gm-authors.cgi, imports them at level 0</li>
-</ul>
-<p>What it does not:</p>
-<ul>
-<li>parse gm-counter.cgi (what's the use of that file ?), gm-banlist.cgi, gm-cplog.cgi (you can make a CP log hack if you really feel like it, but I question the need of a CP log)</li>
-<li>import gm-templates. you'll start with the basic template wp.php</li>
-<li>doesn't keep entries on top</li>
-</ul>
-
-<h3>First step: Install WordPress</h3>
-<p>Install the WordPress blog as explained in the <a href="../readme.html" target="_blank">ReadMe</a>, then immediately come back here.</p>
-
-<form name="stepOne" method="get">
-<input type="hidden" name="action" value="step1" />
-<h3>Second step: Provide GreyMatter details</h3>
-<table cellpadding="0">
-<tr>
-<td>Path to GM files:</td>
-<td><input type="text" style="width:300px" name="gmpath" value="/home/my/site/cgi-bin/greymatter/" /></td>
-</tr>
-<tr>
-<td>Path to GM entries:</td>
-<td><input type="text" style="width:300px" name="archivespath" value="/home/my/site/cgi-bin/greymatter/archives/" /></td>
-</tr>
-</table>
-
-<p>This importer will search for files 00000001.cgi to 000-whatever.cgi, so you need to enter the number of the last GM post here. (If you don't know that number, just log into your FTP and look it up in the entries' folder)</p>
-
-<table>
-<tr>
-<td>Last entry's number:</td>
-<td><input type="text" name="lastentry" value="00000001" /></td>
-</tr>
-</table>
-
-<p>When you're ready, click OK to start importing: <input type="submit" name="submit" value="OK" class="search" /></p>
-</form>
-
-</body>
-</html>
-	<?php
-	break;
-}
-
-?>

wp-admin/import-livejournal.php

@@ -1,124 +0,0 @@
-<?php
-define('XMLFILE', '');
-// Example:
-// define('XMLFILE', '/home/example/public_html/rss.xml');
-// or if it's in the same directory as import-rss.php
-// define('XMLFILE', 'rss.xml');
-
-$post_author = 1; // Author to import posts as author ID
-$timezone_offset = 0; // GMT offset of posts your importing
-
-
-$add_hours = intval($timezone_offset);
-$add_minutes = intval(60 * ($timezone_offset - $add_hours));
-
-if (!file_exists('../wp-config.php')) die("There doesn't seem to be a wp-config.php file. You must install WordPress before you import any entries.");
-require('../wp-config.php');
-
-$step = $_GET['step'];
-if (!$step) $step = 0;
-header( 'Content-Type: text/html; charset=utf-8' );
-?>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-<title>WordPress &rsaquo; Import from RSS</title>
-<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-<style media="screen" type="text/css">
-	body {
-		font-family: Georgia, "Times New Roman", Times, serif;
-		margin-left: 20%;
-		margin-right: 20%;
-	}
-	#logo {
-		margin: 0;
-		padding: 0;
-		background-image: url(http://wordpress.org/images/logo.png);
-		background-repeat: no-repeat;
-		height: 60px;
-		border-bottom: 4px solid #333;
-	}
-	#logo a {
-		display: block;
-		text-decoration: none;
-		text-indent: -100em;
-		height: 60px;
-	}
-	p {
-		line-height: 140%;
-	}
-	</style>
-</head><body> 
-<h1 id="logo"><a href="http://wordpress.org/">WordPress</a></h1> 
-<?php
-switch($step) {
-
-	case 0:
-?> 
-<p>Howdy! This importer allows you to extract posts from a LiveJournal XML export file. To get started you must edit the following line in this file (<code>import-livejournal.php</code>) </p>
-<p><code>define('XMLFILE', '');</code></p>
-<p>You want to define where the XML file we'll be working with is, for example: </p>
-<p><code>define('XMLFILE', '2002-04.xml');</code></p>
-<p>You have to do this manually for security reasons.</p>
-<p>If you've done that and you&#8217;re all ready, <a href="import-livejournal.php?step=1">let's go</a>!</p>
-<?php
-	break;
-	
-	case 1:
-if ('' != XMLFILE && !file_exists(XMLFILE)) die("The file you specified does not seem to exist. Please check the path you've given.");
-if ('' == XMLFILE) die("You must edit the XMLFILE line as described on the <a href='import-rss.php'>previous page</a> to continue.");
-
-// Bring in the data
-set_magic_quotes_runtime(0);
-$datalines = file(XMLFILE); // Read the file into an array
-$importdata = implode('', $datalines); // squish it
-$importdata = str_replace(array("\r\n", "\r"), "\n", $importdata);
-
-preg_match_all('|<entry>(.*?)</entry>|is', $importdata, $posts);
-$posts = $posts[1];
-
-echo '<ol>';
-foreach ($posts as $post) :
-$title = $date = $categories = $content = $post_id =  '';
-echo "<li>Importing post... ";
-
-preg_match('|<subject>(.*?)</subject>|is', $post, $title);
-$title = addslashes( trim($title[1]) );
-$post_name = sanitize_title($title);
-
-preg_match('|<eventtime>(.*?)</eventtime>|is', $post, $date);
-$date = strtotime($date[1]);
-
-$post_date = date('Y-m-d H:i:s', $date);
-
-
-preg_match('|<event>(.*?)</event>|is', $post, $content);
-$content = str_replace( array('<![CDATA[', ']]>'), '', addslashes( trim($content[1]) ) );
-
-// Now lets put it in the DB
-if ($wpdb->get_var("SELECT ID FROM $wpdb->posts WHERE post_title = '$title' AND post_date = '$post_date'")) :
-	echo 'Post already imported';
-else : 
-	
-	$wpdb->query("INSERT INTO $wpdb->posts 
-		(post_author, post_date, post_date_gmt, post_content, post_title,post_status, comment_status, ping_status, post_name)
-		VALUES 
-		('$post_author', '$post_date', DATE_ADD('$post_date', INTERVAL '$add_hours:$add_minutes' HOUR_MINUTE), '$content', '$title', 'publish', '$comment_status', '$ping_status', '$post_name')");
-	$post_id = $wpdb->get_var("SELECT ID FROM $wpdb->posts WHERE post_title = '$title' AND post_date = '$post_date'");
-	if (!$post_id) die("couldn't get post ID");
-	$exists = $wpdb->get_row("SELECT * FROM $wpdb->post2cat WHERE post_id = $post_id AND category_id = 1");
-	if (!$exists) $wpdb->query("INSERT INTO $wpdb->post2cat (post_id, category_id) VALUES ($post_id, 1) ");
-	echo 'Done!</li>';
-endif;
-
-
-endforeach;
-?>
-</ol>
-
-<h3>All done. <a href="../">Have fun!</a></h3>
-<?php
-	break;
-}
-?> 
-</body>
-</html>

wp-admin/import-mt.php

@@ -1,418 +0,0 @@
-<?php
-define('MTEXPORT', '');
-// enter the relative path of the import.txt file containing the mt entries. If the file is called import.txt and it is /wp-admin, then this line
-//should be define('MTEXPORT', 'import.txt');
-
-if (!file_exists('../wp-config.php')) die("There doesn't seem to be a wp-config.php file. You must install WordPress before you import any entries.");
-require('../wp-config.php');
-require ('upgrade-functions.php');
-$step = $_GET['step'];
-if (!$step) $step = 0;
-header( 'Content-Type: text/html; charset=utf-8' );
-?>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-<title>WordPress &rsaquo; Import from Movable Type</title>
-<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-<style media="screen" type="text/css">
-	body {
-		font-family: Georgia, "Times New Roman", Times, serif;
-		margin-left: 20%;
-		margin-right: 20%;
-	}
-	#logo {
-		margin: 0;
-		padding: 0;
-		background-image: url(http://wordpress.org/images/logo.png);
-		background-repeat: no-repeat;
-		height: 60px;
-		border-bottom: 4px solid #333;
-	}
-	#logo a {
-		display: block;
-		text-decoration: none;
-		text-indent: -100em;
-		height: 60px;
-	}
-	p {
-		line-height: 140%;
-	}
-	#authors li 	{
-		padding:3px;
-		border: 1px solid #ccc;
-		width: 40%;
-		margin-bottom:2px;
-	}
-	</style>
-</head><body> 
-<h1 id="logo"><a href="http://wordpress.org">WordPress</a></h1> 
-<?php
-switch($step) {
-
-	case 0:
-?> 
-<p>Howdy! We&#8217;re about to begin the process to import all of your Movable Type entries into WordPress. Before we get started, you need to edit this file (<code>import-mt.php</code>) and change one line so we know where to find your MT export file. To make this easy put the import file into the <code>wp-admin</code> directory. Look for the line that says:</p>
-<p><code>define('MTEXPORT', '');</code></p>
-<p>and change it to</p>
-<p><code>define('MTEXPORT', 'import.txt');</code></p>
-<p>You have to do this manually for security reasons.</p>
-<p>If you've done that and you&#8217;re all ready, <a href="import-mt.php?step=1">let's go</a>! Remember that the import process may take a minute or so if you have a large number of entries and comments. Think of all the rebuilding time you'll be saving once it's done. :)</p>
-<p>The importer is smart enough not to import duplicates, so you can run this multiple times without worry if&#8212;for whatever reason&#8212;it doesn't finish. If you get an <strong>out of memory</strong> error try splitting up the import file into pieces. </p>
-<?php
-	break;
-	
-	case 1:
-if ('' != MTEXPORT && !file_exists(MTEXPORT)) die("The file you specified does not seem to exist. Please check the path you've given.");
-if ('' == MTEXPORT) die("You must edit the MTEXPORT line as described on the <a href='import-mt.php'>previous page</a> to continue.");
-// Bring in the data
-set_magic_quotes_runtime(0);
-$importdata = file(MTEXPORT); // Read the file into an array
-$importdata = implode('', $importdata); // squish it
-$importdata = preg_replace("/(\r\n|\n|\r)/", "\n", $importdata);
-$importdata = preg_replace("/\n--------\n/", "--MT-ENTRY--\n", $importdata);
-$authors = array();
-$temp = array();
-$posts = explode("--MT-ENTRY--", $importdata);
-unset( $importdata ); // Free up memory
-
-function users_form($n) {
-	global $wpdb, $testing;
-	$users = $wpdb->get_results("SELECT * FROM $wpdb->users ORDER BY ID");
-	?><select name="userselect[<?php echo $n; ?>]">
-	<option value="#NONE#">- Select -</option>
-	<?php foreach($users as $user) {
-		echo '<option value="'.$user->user_login.'">'.$user->user_login.'</option>';
-		} ?>
-	</select>
-<?php }
-
-$i = -1;
-foreach ($posts as $post) { 
-	if ('' != trim($post)) {
-		++$i;
-		unset($post_categories);
-		preg_match("|AUTHOR:(.*)|", $post, $thematch);
-		$thematch = trim($thematch[1]);
-		array_push($temp,"$thematch"); //store the extracted author names in a temporary array
-		}
-	}//end of foreach
-//we need to find unique values of author names, while preserving the order, so this function emulates the unique_value(); php function, without the sorting.
-$authors[0] = array_shift($temp); 
-$y = count($temp) + 1;
-for ($x = 1; $x < $y; $x++) {
-	$next = array_shift($temp);
-	if (!(in_array($next,$authors))) array_push($authors, "$next");
-	}
-//by this point, we have all unique authors in the array $authors
-?><p><?php _e('To make it easier for you to edit and save the imported posts and drafts, you may want to change the name of the author of the posts. For example, you may want to import all the entries as <code>admin</code>s entries.'); ?></p>
-<p><?php _e('Below, you can see the names of the authors of the MovableType posts in <i>italics</i>. For each of these names, you can either pick an author in your WordPress installation from the menu, or enter a name for the author in the textbox.'); ?></p>
-<p><?php _e('If a new user is created by WordPress, the password will be set, by default, to "changeme". Quite suggestive, eh? ;)'); ?></p>
-	<?php
-	echo '<ol id="authors">';
-	echo '<form action="?step=2" method="post">';
-	$j = -1;
-	foreach ($authors as $author) {
-	++$j;
-	echo '<li><i>'.$author.'</i><br />'.'<input type="text" value="'.$author.'" name="'.'user[]'.'" maxlength="30">';
-	users_form($j);
-	echo '</li>';
-	}
-	echo '<input type="submit" value="Submit">'.'<br/>';
-	echo '</form>';
-	echo '</ol>';
-	
-	flush();
-
-	break;
-	
-	case 2:
-	$newauthornames = array();
-	$formnames = array();
-	$selectnames = array();
-	$mtnames = array();
-	foreach($_POST['user'] as $key => $line) { 
-	$newname = trim(stripslashes($line)); 
-	if ($newname == '') $newname = 'left_blank';//passing author names from step 1 to step 2 is accomplished by using POST. left_blank denotes an empty entry in the form.
-	array_push($formnames,"$newname");
-	}// $formnames is the array with the form entered names
-	foreach ($_POST['userselect'] as $user => $key) {
-	$selected = trim(stripslashes($key));
-	array_push($selectnames,"$selected");
-	}
-	$count = count($formnames);
-	for ($i = 0; $i < $count; $i++) {
-	if ( $selectnames[$i] != '#NONE#') {//if no name was selected from the select menu, use the name entered in the form
-	array_push($newauthornames,"$selectnames[$i]");
-	} 
-	else {
-	array_push($newauthornames,"$formnames[$i]");
-	}
-	}
-
-	$j = -1;
-	//function to check the authorname and do the mapping
-	function checkauthor($author) {
-	global $wpdb, $mtnames, $newauthornames, $j;//mtnames is an array with the names in the mt import file
-	$md5pass = md5(changeme);
-	if (!(in_array($author, $mtnames))) { //a new mt author name is found
-		++$j;
-		$mtnames[$j] = $author; //add that new mt author name to an array 
-		$user_id = $wpdb->get_var("SELECT ID FROM $wpdb->users WHERE user_login = '$newauthornames[$j]'"); //check if the new author name defined by the user is a pre-existing wp user
-		if (!$user_id) { //banging my head against the desk now. 
-			if ($newauthornames[$j] == 'left_blank') { //check if the user does not want to change the authorname
-				$wpdb->query("INSERT INTO $wpdb->users (user_level, user_login, user_pass, user_nickname) VALUES ('1', '$author', '$md5pass', '$author')"); // if user does not want to change, insert the authorname $author
-				$user_id = $wpdb->get_var("SELECT ID FROM $wpdb->users WHERE user_login = '$author'");
-				$newauthornames[$j] = $author; //now we have a name, in the place of left_blank.
-			} else {
-			$wpdb->query("INSERT INTO $wpdb->users (user_level, user_login, user_pass, user_nickname) VALUES ('1', '$newauthornames[$j]', '$md5pass', '$newauthornames[$j]')"); //if not left_blank, insert the user specified name
-			$user_id = $wpdb->get_var("SELECT ID FROM $wpdb->users WHERE user_login = '$newauthornames[$j]'");
-			}
-		} else return $user_id; // return pre-existing wp username if it exists
-    } else {
-    $key = array_search($author, $mtnames); //find the array key for $author in the $mtnames array
-    $user_id = $wpdb->get_var("SELECT ID FROM $wpdb->users WHERE user_login = '$newauthornames[$key]'");//use that key to get the value of the author's name from $newauthornames
-	}
-	return $user_id;
-}//function checkauthor ends here
-
-	//bring in the posts now
-set_magic_quotes_runtime(0);
-$importdata = file(MTEXPORT); // Read the file into an array
-$importdata = implode('', $importdata); // squish it
-$importdata = preg_replace("/(\r\n|\n|\r)/", "\n", $importdata);
-$importdata = preg_replace("/\n--------\n/", "--MT-ENTRY--", $importdata);
-$authors = array();
-$temp = array();
-$posts = explode("--MT-ENTRY--", $importdata);
-unset( $importdata ); // Free up memory
-
-$i = -1;
-echo "<ol>";
-foreach ($posts as $post) { if ('' != trim($post)) {
-	++$i;
-	unset($post_categories);
-	echo "<li>Processing post... ";
-
-	// Take the pings out first
-	preg_match("|(-----\n\nPING:.*)|s", $post, $pings);
-	$post = preg_replace("|(-----\n\nPING:.*)|s", '', $post);
-
-	// Then take the comments out
-	preg_match("|(-----\nCOMMENT:.*)|s", $post, $comments);
-	$post = preg_replace("|(-----\nCOMMENT:.*)|s", '', $post);
-	
-	// We ignore the keywords
-	$post = preg_replace("|(-----\nKEYWORDS:.*)|s", '', $post);
-	
-	// We want the excerpt
-	preg_match("|-----\nEXCERPT:(.*)|s", $post, $excerpt);
-	$excerpt = addslashes(trim($excerpt[1]));
-	$post = preg_replace("|(-----\nEXCERPT:.*)|s", '', $post);
-	
-	// We're going to put extended body into main body with a more tag
-	preg_match("|-----\nEXTENDED BODY:(.*)|s", $post, $extended);
-	$extended = trim($extended[1]);
-	if ('' != $extended) $extended = "\n<!--more-->\n$extended";
-	$post = preg_replace("|(-----\nEXTENDED BODY:.*)|s", '', $post);
-	
-	// Now for the main body
-	preg_match("|-----\nBODY:(.*)|s", $post, $body);
-	$body = trim($body[1]);
-	$post_content = addslashes($body . $extended);
-	$post = preg_replace("|(-----\nBODY:.*)|s", '', $post);
-	
-	// Grab the metadata from what's left
-	$metadata = explode("\n", $post);
-	foreach ($metadata as $line) {
-		preg_match("/^(.*?):(.*)/", $line, $token);
-		$key = trim($token[1]);
-		$value = trim($token[2]);
-		// Now we decide what it is and what to do with it
-        switch($key) {
-			case '':
-				break;
-            case 'AUTHOR':
-                $post_author = $value;
-                break;
-            case 'TITLE':
-                $post_title = addslashes($value);
-				echo '<i>'.stripslashes($post_title).'</i>... ';
-				$post_name = sanitize_title($post_title);
-                break;
-            case 'STATUS':
-                // "publish" and "draft" enumeration items match up; no change required
-                $post_status = $value;
-				if (empty($post_status)) $post_status = 'publish';
-                break;
-            case 'ALLOW COMMENTS':
-                $post_allow_comments = $value;
-                if ($post_allow_comments == 1) {
-                    $comment_status = 'open';
-                } else {
-                    $comment_status = 'closed';
-                }
-                break;
-            case 'CONVERT BREAKS':
-                $post_convert_breaks = $value;
-                break;
-            case 'ALLOW PINGS':
-                $post_allow_pings = trim($meta[2][0]);
-                if ($post_allow_pings == 1) {
-                    $post_allow_pings = 'open';
-                } else {
-                    $post_allow_pings = 'closed';
-                }
-                break;
-            case 'PRIMARY CATEGORY':
-				$post_categories[] = addslashes($value);
-                break;
-            case 'CATEGORY':    
-				$post_categories[] = addslashes($value);
-                break;
-			case 'DATE':
-				$post_date = strtotime($value);
-				$post_date = date('Y-m-d H:i:s', $post_date);
-				$post_date_gmt = get_gmt_from_date("$post_date");
-				break;
-			default:
-//				echo "\n$key: $value";
-				break;
-        } // end switch
-	} // End foreach
-
-	// Let's check to see if it's in already
-	if ($wpdb->get_var("SELECT ID FROM $wpdb->posts WHERE post_title = '$post_title' AND post_date = '$post_date'")) {
-		echo "Post already imported.";
-	} else {
-		$post_author = checkauthor($post_author);//just so that if a post already exists, new users are not created by checkauthor
-	    $wpdb->query("INSERT INTO $wpdb->posts (
-			post_author, post_date, post_date_gmt, post_content, post_title, post_excerpt,  post_status, comment_status, ping_status, post_name, post_modified, post_modified_gmt)
-			VALUES 
-			('$post_author', '$post_date', '$post_date_gmt', '$post_content', '$post_title', '$excerpt', '$post_status', '$comment_status', '$ping_status', '$post_name','$post_date', '$post_date_gmt')");
-		$post_id = $wpdb->get_var("SELECT ID FROM $wpdb->posts WHERE post_title = '$post_title' AND post_date = '$post_date'");
-		if (0 != count($post_categories)) {
-			foreach ($post_categories as $post_category) {
-			// See if the category exists yet
-			$cat_id = $wpdb->get_var("SELECT cat_ID from $wpdb->categories WHERE cat_name = '$post_category'");
-			if (!$cat_id && '' != trim($post_category)) {
-				$cat_nicename = sanitize_title($post_category);
-				$wpdb->query("INSERT INTO $wpdb->categories (cat_name, category_nicename) VALUES ('$post_category', '$cat_nicename')");
-				$cat_id = $wpdb->get_var("SELECT cat_ID from $wpdb->categories WHERE cat_name = '$post_category'");
-			}
-			if ('' == trim($post_category)) $cat_id = 1;
-			// Double check it's not there already
-			$exists = $wpdb->get_row("SELECT * FROM $wpdb->post2cat WHERE post_id = $post_id AND category_id = $cat_id");
-
-			 if (!$exists) { 
-				$wpdb->query("
-				INSERT INTO $wpdb->post2cat
-				(post_id, category_id)
-				VALUES
-				($post_id, $cat_id)
-				");
-			}
-		} // end category loop
-		} else {
-			$exists = $wpdb->get_row("SELECT * FROM $wpdb->post2cat WHERE post_id = $post_id AND category_id = 1");
-			if (!$exists) $wpdb->query("INSERT INTO $wpdb->post2cat (post_id, category_id) VALUES ($post_id, 1) ");
-		}
-		echo " Post imported successfully...";
-		// Now for comments
-		$comments = explode("-----\nCOMMENT:", $comments[0]);
-		foreach ($comments as $comment) {
-		if ('' != trim($comment)) {
-			// Author
-			preg_match("|AUTHOR:(.*)|", $comment, $comment_author);
-			$comment_author = addslashes(trim($comment_author[1]));
-			$comment = preg_replace('|(\n?AUTHOR:.*)|', '', $comment);
-
-			preg_match("|EMAIL:(.*)|", $comment, $comment_email);
-			$comment_email = addslashes(trim($comment_email[1]));
-			$comment = preg_replace('|(\n?EMAIL:.*)|', '', $comment);
-
-			preg_match("|IP:(.*)|", $comment, $comment_ip);
-			$comment_ip = trim($comment_ip[1]);
-			$comment = preg_replace('|(\n?IP:.*)|', '', $comment);
-
-			preg_match("|URL:(.*)|", $comment, $comment_url);
-			$comment_url = addslashes(trim($comment_url[1]));
-			$comment = preg_replace('|(\n?URL:.*)|', '', $comment);
-
-			preg_match("|DATE:(.*)|", $comment, $comment_date);
-			$comment_date = trim($comment_date[1]);
-			$comment_date = date('Y-m-d H:i:s', strtotime($comment_date));
-			$comment = preg_replace('|(\n?DATE:.*)|', '', $comment);
-
-			$comment_content = addslashes(trim($comment));
-			$comment_content = str_replace('-----', '', $comment_content);
-
-			// Check if it's already there
-			if (!$wpdb->get_row("SELECT * FROM $wpdb->comments WHERE comment_date = '$comment_date' AND comment_content = '$comment_content'")) {
-				$wpdb->query("INSERT INTO $wpdb->comments (comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_content, comment_approved)
-				VALUES
-				($post_id, '$comment_author', '$comment_email', '$comment_url', '$comment_ip', '$comment_date', '$comment_content', '1')");
-				echo " Comment added.";
-			}
-		}
-		}
-
-		// Finally the pings
-		// fix the double newline on the first one
-		$pings[0] = str_replace("-----\n\n", "-----\n", $pings[0]);
-		$pings = explode("-----\nPING:", $pings[0]);
-		foreach ($pings as $ping) {
-		if ('' != trim($ping)) {
-			// 'Author'
-			preg_match("|BLOG NAME:(.*)|", $ping, $comment_author);
-			$comment_author = addslashes(trim($comment_author[1]));
-			$ping = preg_replace('|(\n?BLOG NAME:.*)|', '', $ping);
-
-			$comment_email = '';
-
-			preg_match("|IP:(.*)|", $ping, $comment_ip);
-			$comment_ip = trim($comment_ip[1]);
-			$ping = preg_replace('|(\n?IP:.*)|', '', $ping);
-
-			preg_match("|URL:(.*)|", $ping, $comment_url);
-			$comment_url = addslashes(trim($comment_url[1]));
-			$ping = preg_replace('|(\n?URL:.*)|', '', $ping);
-
-			preg_match("|DATE:(.*)|", $ping, $comment_date);
-			$comment_date = trim($comment_date[1]);
-			$comment_date = date('Y-m-d H:i:s', strtotime($comment_date));
-			$ping = preg_replace('|(\n?DATE:.*)|', '', $ping);
-      
- 			preg_match("|TITLE:(.*)|", $ping, $ping_title);
-			$ping_title = addslashes(trim($ping_title[1]));
-			$ping = preg_replace('|(\n?TITLE:.*)|', '', $ping);
-
-			$comment_content = addslashes(trim($ping));
-			$comment_content = str_replace('-----', '', $comment_content);
-			
-			$comment_content = "<strong>$ping_title</strong>\n\n$comment_content";
-      
-			// Check if it's already there
-			if (!$wpdb->get_row("SELECT * FROM $wpdb->comments WHERE comment_date = '$comment_date' AND comment_content = '$comment_content'")) {
-				$wpdb->query("INSERT INTO $wpdb->comments (comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_content, comment_approved, comment_type)
-				VALUES
-				($post_id, '$comment_author', '$comment_email', '$comment_url', '$comment_ip', '$comment_date', '$comment_content', '1', 'trackback')");
-				echo " Comment added.";
-			}
-
-		}
-		}
-	}
-	echo "</li>";
-	flush();
-
-} }
-upgrade_all();
-?>
-</ol>
-<h3>All done. <a href="../">Have fun!</a></h3>
-<?php
-	break;
-}
-?> 
-</body>
-</html>

wp-admin/import-rss.php

@@ -1,191 +0,0 @@
-<?php
-define('RSSFILE', '');
-// Example:
-// define('RSSFILE', '/home/example/public_html/rss.xml');
-// or if it's in the same directory as import-rss.php
-// define('RSSFILE', 'rss.xml');
-
-$post_author = 1; // Author to import posts as author ID
-$timezone_offset = 0; // GMT offset of posts your importing
-
-function unhtmlentities($string) { // From php.net for < 4.3 compat
-   $trans_tbl = get_html_translation_table(HTML_ENTITIES);
-   $trans_tbl = array_flip($trans_tbl);
-   return strtr($string, $trans_tbl);
-}
-
-$add_hours = intval($timezone_offset);
-$add_minutes = intval(60 * ($timezone_offset - $add_hours));
-
-if (!file_exists('../wp-config.php')) die("There doesn't seem to be a wp-config.php file. You must install WordPress before you import any entries.");
-require('../wp-config.php');
-
-$step = $_GET['step'];
-if (!$step) $step = 0;
-header( 'Content-Type: text/html; charset=utf-8' );
-?>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-<title>WordPress &rsaquo; Import from RSS</title>
-<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-<style media="screen" type="text/css">
-	body {
-		font-family: Georgia, "Times New Roman", Times, serif;
-		margin-left: 20%;
-		margin-right: 20%;
-	}
-	#logo {
-		margin: 0;
-		padding: 0;
-		background-image: url(http://wordpress.org/images/logo.png);
-		background-repeat: no-repeat;
-		height: 60px;
-		border-bottom: 4px solid #333;
-	}
-	#logo a {
-		display: block;
-		text-decoration: none;
-		text-indent: -100em;
-		height: 60px;
-	}
-	p {
-		line-height: 140%;
-	}
-	</style>
-</head><body> 
-<h1 id="logo"><a href="http://wordpress.org/">WordPress</a></h1> 
-<?php
-switch($step) {
-
-	case 0:
-?> 
-<p>Howdy! This importer allows you to extract posts from any RSS 2.0 file into your blog. This is useful if you want to import your posts from a system that is not handled by a custom import tool. To get started you must edit the following line in this file (<code>import-rss.php</code>) </p>
-<p><code>define('RSSFILE', '');</code></p>
-<p>You want to define where the RSS file we'll be working with is, for example: </p>
-<p><code>define('RSSFILE', 'rss.xml');</code></p>
-<p>You have to do this manually for security reasons. When you're done reload this page and we'll take you to the next step.</p>
-<?php if ('' != RSSFILE) : ?>
-<h2 style="text-align: right;"><a href="import-rss.php?step=1">Begin RSS Import &raquo;</a></h2>
-<?php endif; ?>
-<?php
-	break;
-
-	case 1:
-
-// Bring in the data
-set_magic_quotes_runtime(0);
-$datalines = file(RSSFILE); // Read the file into an array
-$importdata = implode('', $datalines); // squish it
-$importdata = str_replace(array("\r\n", "\r"), "\n", $importdata);
-
-preg_match_all('|<item>(.*?)</item>|is', $importdata, $posts);
-$posts = $posts[1];
-
-echo '<ol>';
-foreach ($posts as $post) :
-$title = $date = $categories = $content = $post_id =  '';
-echo "<li>Importing post... ";
-
-preg_match('|<title>(.*?)</title>|is', $post, $title);
-$title = addslashes( trim($title[1]) );
-$post_name = sanitize_title($title);
-
-preg_match('|<pubdate>(.*?)</pubdate>|is', $post, $date);
-
-if ($date) :
-	$date = strtotime($date[1]);
-else : // if we don't already have something from pubDate
-	preg_match('|<dc:date>(.*?)</dc:date>|is', $post, $date);
-	$date = preg_replace('|([-+])([0-9]+):([0-9]+)$|', '\1\2\3', $date[1]);
-	$date = str_replace('T', ' ', $date);
-	$date = strtotime($date);
-endif;
-
-$post_date = gmdate('Y-m-d H:i:s', $date);
-
-preg_match_all('|<category>(.*?)</category>|is', $post, $categories);
-$categories = $categories[1];
-
-if (!$categories) :
-	preg_match_all('|<dc:subject>(.*?)</dc:subject>|is', $post, $categories);
-	$categories = $categories[1];
-endif;
-
-preg_match('|<guid.+?>(.*?)</guid>|is', $post, $guid);
-if ($guid) $guid = addslashes( trim($guid[1]) );
-else $guid = '';
-
-preg_match('|<content:encoded>(.*?)</content:encoded>|is', $post, $content);
-$content = str_replace( array('<![CDATA[', ']]>'), '', addslashes( trim($content[1]) ) );
-
-if (!$content) : // This is for feeds that put content in description
-	preg_match('|<description>(.*?)</description>|is', $post, $content);
-	$content = $wpdb->escape( unhtmlentities( trim($content[1]) ) );
-endif;
-
-// Clean up content
-$content = preg_replace('|<(/?[A-Z]+)|e', "'<' . strtolower('$1')", $content);
-$content = str_replace('<br>', '<br />', $content);
-$content = str_replace('<hr>', '<hr />', $content);
-
-// This can mess up on posts with no titles, but checking content is much slower
-// So we do it as a last resort
-if ('' == $title) : 
-	$dupe = $wpdb->get_var("SELECT ID FROM $wpdb->posts WHERE post_content = '$content' AND post_date = '$post_date'");
-else :
-	$dupe = $wpdb->get_var("SELECT ID FROM $wpdb->posts WHERE post_title = '$title' AND post_date = '$post_date'");
-endif;
-
-// Now lets put it in the DB
-if ($dupe) :
-	echo 'Post already imported';
-else : 
-	
-	$wpdb->query("INSERT INTO $wpdb->posts 
-		(post_author, post_date, post_date_gmt, post_content, post_title,post_status, comment_status, ping_status, post_name, guid)
-		VALUES 
-		('$post_author', '$post_date', DATE_ADD('$post_date', INTERVAL '$add_hours:$add_minutes' HOUR_MINUTE), '$content', '$title', 'publish', '$comment_status', '$ping_status', '$post_name', '$guid')");
-	$post_id = $wpdb->get_var("SELECT ID FROM $wpdb->posts WHERE post_title = '$title' AND post_date = '$post_date'");
-	if (!$post_id) die("couldn't get post ID");
-	if (0 != count($categories)) :
-		foreach ($categories as $post_category) :
-		$post_category = unhtmlentities($post_category);
-		// See if the category exists yet
-		$cat_id = $wpdb->get_var("SELECT cat_ID from $wpdb->categories WHERE cat_name = '$post_category'");
-		if (!$cat_id && '' != trim($post_category)) {
-			$cat_nicename = sanitize_title($post_category);
-			$wpdb->query("INSERT INTO $wpdb->categories (cat_name, category_nicename) VALUES ('$post_category', '$cat_nicename')");
-			$cat_id = $wpdb->get_var("SELECT cat_ID from $wpdb->categories WHERE cat_name = '$post_category'");
-		}
-		if ('' == trim($post_category)) $cat_id = 1;
-		// Double check it's not there already
-		$exists = $wpdb->get_row("SELECT * FROM $wpdb->post2cat WHERE post_id = $post_id AND category_id = $cat_id");
-	
-		 if (!$exists) { 
-			$wpdb->query("
-			INSERT INTO $wpdb->post2cat
-			(post_id, category_id)
-			VALUES
-			($post_id, $cat_id)
-			");
-			}
-	endforeach;
-	else:
-		$exists = $wpdb->get_row("SELECT * FROM $wpdb->post2cat WHERE post_id = $post_id AND category_id = 1");
-		if (!$exists) $wpdb->query("INSERT INTO $wpdb->post2cat (post_id, category_id) VALUES ($post_id, 1) ");
-	endif;
-	echo 'Done!</li>';
-endif;
-
-
-endforeach;
-?>
-</ol>
-
-<h3>All done. <a href="../">Have fun!</a></h3>
-<?php
-	break;
-}
-?> 
-</body>
-</html>

wp-admin/import-textpattern.php

@@ -1,138 +0,0 @@
-<?php
-
-// For security reasons, fill in the connection details to your Textpattern database below:
-
-$tp_database_name = 'textpattern';
-$tp_database_username = 'username';
-$tp_database_password = 'password';
-$tp_database_host = 'localhost';
-
-if (!file_exists('../wp-config.php')) die("There doesn't seem to be a wp-config.php file. Double check that you updated wp-config-sample.php with the proper database connection information and renamed it to wp-config.php.");
-require('../wp-config.php');
-require('upgrade-functions.php');
-
-$step = $_GET['step'];
-if (!$step) $step = 0;
-header( 'Content-Type: text/html; charset=utf-8' );
-?>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-<title>WordPress &rsaquo; Textpattern Import</title>
-<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-<style media="screen" type="text/css">
-	body {
-		font-family: Georgia, "Times New Roman", Times, serif;
-		margin-left: 15%;
-		margin-right: 15%;
-	}
-	#logo {
-		margin: 0;
-		padding: 0;
-		background-image: url(http://wordpress.org/images/wordpress.gif);
-		background-repeat: no-repeat;
-		height: 60px;
-		border-bottom: 4px solid #333;
-	}
-	#logo a {
-		display: block;
-		text-decoration: none;
-		text-indent: -100em;
-		height: 60px;
-	}
-	p {
-		line-height: 140%;
-	}
-	</style>
-</head><body> 
-<h1 id="logo"><a href="http://wordpress.org">WordPress</a></h1> 
-<?php
-switch($step) {
-
-	case 0:
-?> 
-<p>This script imports your entries from Textpattern into WordPress. It should be relatively painless, and we hope you're happy with the result.</p>
-<p>To run this, you first need to edit this file (<code>import-textpattern.php</code>) and enter your Textpattern database connection details. Let's check if the database connection information works...</p>
-<?php
-$connection = @mysql_connect($tp_database_host, $tp_database_username, $tp_database_password);
-$database = @mysql_select_db($tp_database_name);
-if ($connection && $database) {
-?>
-<p>Everything seems dandy so far, <a href="?step=1">let's get started</a>!</p>
-<?php
-} else {
-?>
-<p><em>It looks like your database information is incorrect. Please re-edit this file and double-check all the settings.</em></p>
-<?php
-}
-	break;
-	
-	case 1:
-?> 
-<h1>Step 1</h1> 
-<p>First let's get posts and comments.</p> 
-<?php
-// For people running this on .72
-$query = "ALTER TABLE `$wpdb->posts` ADD `post_name` VARCHAR(200) NOT NULL";
-maybe_add_column($wpdb->posts, 'post_name', $query);
-
-// Create post_name field
-$connection = @mysql_connect($tp_database_host, $tp_database_username, $tp_database_password);
-$database = @mysql_select_db($tp_database_name);
-
-// For now we're going to give everything the same author and same category
-$author = $wpdb->get_var("SELECT ID FROM $wpdb->users WHERE user_level = 10 LIMIT 1");
-$category = $wpdb->get_var("SELECT cat_ID FROM $wpdb->categories LIMIT 1");
-
-$posts = mysql_query('SELECT * FROM textpattern', $connection);
-
-while ($post = mysql_fetch_array($posts)) {
-	//  ID, AuthorID, LastMod, LastModID, Posted, Title, Body, Body_html, Abstract, Category1, Category2, Annotate, AnnotateInvite, Status, Listing1, Listing2, Section
-	$posted = $post['Posted'];
-	// 20030216162119
-	$year = substr($posted,0,4);
-	$month = substr($posted,4,2);
-	$day = substr($posted,6,2);
-	$hour = substr($posted,8,2);
-	$minute = substr($posted,10,2);
-	$second = substr($posted,12,2);
-	$timestamp = mktime($hour, $minute, $second, $month, $day, $year);
-	$posted = date('Y-m-d H:i:s', $timestamp);
-	
-	$content = addslashes($post['Body_html']);
-	$title = addslashes($post['Title']);
-	$post_name = sanitize_title($title);
-
-	$wpdb->query("INSERT INTO $wpdb->posts
-		(post_author, post_date, post_content, post_title, post_category, post_name, post_status)
-		VALUES
-		('$author', '$posted', '$content', '$title', '$category', '$post_name', 'publish')");
-
-	// Get wordpress post id
-	$wp_post_ID = $wpdb->get_var("SELECT ID FROM $wpdb->posts ORDER BY ID DESC LIMIT 1");
-	
-	// Now let's insert comments if there are any for the TP post
-	$tp_id = $post['ID'];
-	$comments = mysql_query("SELECT * FROM txp_Discuss WHERE parentid = $tp_id");
-	if ($comments) {
-		while($comment = mysql_fetch_object($comments)) {
-			//  discussid, parentid, name, email, web, ip, posted, message
-			// For some reason here "posted" is a real MySQL date, so we don't have to do anything about it
-			//  comment_post_ID  	 comment_author  	 comment_author_email  	 comment_author_url  	 comment_author_IP  	 comment_date  	 comment_content  	 comment_karma
-			$wpdb->query("INSERT INTO $wpdb->comments
-				(comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_content)
-				VALUES
-				($wp_post_ID, '$comment->name', '$comment->email', '$comment->web', '$comment->ip', '$comment->posted', '$comment->message')");
-		}
-	}
-}
-
-upgrade_all();
-?>
-<p><strong>All done.</strong> Wasn&#8217;t that fun? <a href="../">Have fun</a>.</p> 
-<?php
-break;
-}
-?> 
-
-</body>
-</html>

wp-admin/import.php

@@ -0,0 +1,63 @@
+<?php
+require_once ('admin.php');
+$title = __('Import');
+$parent_file = 'edit.php';
+require_once ('admin-header.php');
+?>
+
+<div class="wrap">
+<h2><?php _e('Import'); ?></h2>
+<p><?php _e('If you have posts or comments in another system, WordPress can import those into this blog. To get started, choose a system to import from below:'); ?></p>
+
+<?php
+
+// Load all importers so that they can register.
+$import_loc = 'wp-admin/import';
+$import_root = ABSPATH.$import_loc;
+$imports_dir = @ dir($import_root);
+if ($imports_dir) {
+	while (($file = $imports_dir->read()) !== false) {
+		if ($file{0} == '.') {
+			continue;
+		} elseif (substr($file, -4) == '.php') {
+			require_once($import_root . '/' . $file);
+		}
+	}
+}
+
+$importers = get_importers();
+
+if (empty ($importers)) {
+	echo '<p>'.__('No importers are available.').'</p>'; // TODO: make more helpful
+} else {
+?>
+<table class="widefat">
+
+<?php
+	$style = '';
+	foreach ($importers as $id => $data) {
+		$style = ('class="alternate"' == $style || 'class="alternate active"' == $style) ? '' : 'alternate';
+		$action = "<a href='admin.php?import=$id' title='".wptexturize(strip_tags($data[1]))."'>{$data[0]}</a>";
+
+		if ($style != '')
+			$style = 'class="'.$style.'"';
+		echo "
+			<tr $style>
+				<td class='import-system'>$action</td>
+				<td class='desc'>{$data[1]}</td>
+			</tr>";
+	}
+?>
+
+</table>
+<?php
+}
+?>
+
+</div>
+
+<?php
+
+include ('admin-footer.php');
+?>
+

wp-admin/import/blogware.php

@@ -0,0 +1,194 @@
+<?php
+
+/* By Shayne Sweeney - http://www.theshayne.com/ */
+
+class BW_Import {
+
+	var $file;
+
+	function header() {
+		echo '<div class="wrap">';
+		echo '<h2>'.__('Import Blogware').'</h2>';
+	}
+
+	function footer() {
+		echo '</div>';
+	}
+
+	function unhtmlentities($string) { // From php.net for < 4.3 compat
+		$trans_tbl = get_html_translation_table(HTML_ENTITIES);
+		$trans_tbl = array_flip($trans_tbl);
+		return strtr($string, $trans_tbl);
+	}
+
+	function greet() {
+		echo '<div class="narrow">';
+		echo '<p>'.__('Howdy! This importer allows you to extract posts from Blogware XML export file into your blog.  Pick a Blogware file to upload and click Import.').'</p>';
+		wp_import_upload_form("admin.php?import=blogware&amp;step=1");
+		echo '</div>';
+	}
+
+	function import_posts() {
+		global $wpdb, $current_user;
+
+		set_magic_quotes_runtime(0);
+		$importdata = file($this->file); // Read the file into an array
+		$importdata = implode('', $importdata); // squish it
+		$importdata = str_replace(array ("\r\n", "\r"), "\n", $importdata);
+
+		preg_match_all('|(<item[^>]+>(.*?)</item>)|is', $importdata, $posts);
+		$posts = $posts[1];
+		unset($importdata);
+		echo '<ol>';
+		foreach ($posts as $post) {
+			flush();
+			preg_match('|<item type=\"(.*?)\">|is', $post, $post_type);
+			$post_type = $post_type[1];
+			if($post_type == "photo") {
+				preg_match('|<photoFilename>(.*?)</photoFilename>|is', $post, $post_title);
+			} else {
+				preg_match('|<title>(.*?)</title>|is', $post, $post_title);
+			}
+			$post_title = $wpdb->escape(trim($post_title[1]));
+
+			preg_match('|<pubDate>(.*?)</pubDate>|is', $post, $post_date);
+			$post_date = strtotime($post_date[1]);
+			$post_date = gmdate('Y-m-d H:i:s', $post_date);
+
+			preg_match_all('|<category>(.*?)</category>|is', $post, $categories);
+			$categories = $categories[1];
+
+			$cat_index = 0;
+			foreach ($categories as $category) {
+				$categories[$cat_index] = $wpdb->escape($this->unhtmlentities($category));
+				$cat_index++;
+			}
+
+			if(strcasecmp($post_type, "photo") === 0) {
+				preg_match('|<sizedPhotoUrl>(.*?)</sizedPhotoUrl>|is', $post, $post_content);
+				$post_content = '<img src="'.trim($post_content[1]).'" />';
+				$post_content = $this->unhtmlentities($post_content);
+			} else {
+				preg_match('|<body>(.*?)</body>|is', $post, $post_content);
+				$post_content = str_replace(array ('<![CDATA[', ']]>'), '', trim($post_content[1]));
+				$post_content = $this->unhtmlentities($post_content);
+			}
+
+			// Clean up content
+			$post_content = preg_replace('|<(/?[A-Z]+)|e', "'<' . strtolower('$1')", $post_content);
+			$post_content = str_replace('<br>', '<br />', $post_content);
+			$post_content = str_replace('<hr>', '<hr />', $post_content);
+			$post_content = $wpdb->escape($post_content);
+
+			$post_author = $current_user->ID;
+			preg_match('|<postStatus>(.*?)</postStatus>|is', $post, $post_status);
+			$post_status = trim($post_status[1]);
+
+			echo '<li>';
+			if ($post_id = post_exists($post_title, $post_content, $post_date)) {
+				printf(__('Post <i>%s</i> already exists.'), stripslashes($post_title));
+			} else {
+				printf(__('Importing post <i>%s</i>...'), stripslashes($post_title));
+				$postdata = compact('post_author', 'post_date', 'post_content', 'post_title', 'post_status');
+				$post_id = wp_insert_post($postdata);
+				if (!$post_id) {
+					_e("Couldn't get post ID");
+					echo '</li>';
+					break;
+				}
+				if(0 != count($categories))
+					wp_create_categories($categories, $post_id);
+			}
+
+			preg_match_all('|<comment>(.*?)</comment>|is', $post, $comments);
+			$comments = $comments[1];
+
+			if ( $comments ) {
+				$comment_post_ID = (int) $post_id;
+				$num_comments = 0;
+				foreach ($comments as $comment) {
+					preg_match('|<body>(.*?)</body>|is', $comment, $comment_content);
+					$comment_content = str_replace(array ('<![CDATA[', ']]>'), '', trim($comment_content[1]));
+					$comment_content = $this->unhtmlentities($comment_content);
+
+					// Clean up content
+					$comment_content = preg_replace('|<(/?[A-Z]+)|e', "'<' . strtolower('$1')", $comment_content);
+					$comment_content = str_replace('<br>', '<br />', $comment_content);
+					$comment_content = str_replace('<hr>', '<hr />', $comment_content);
+					$comment_content = $wpdb->escape($comment_content);
+
+					preg_match('|<pubDate>(.*?)</pubDate>|is', $comment, $comment_date);
+					$comment_date = trim($comment_date[1]);
+					$comment_date = date('Y-m-d H:i:s', strtotime($comment_date));
+
+					preg_match('|<author>(.*?)</author>|is', $comment, $comment_author);
+					$comment_author = $wpdb->escape(trim($comment_author[1]));
+
+					$comment_author_email = NULL;
+
+					$comment_approved = 1;
+					// Check if it's already there
+					if (!comment_exists($comment_author, $comment_date)) {
+						$commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_date', 'comment_content', 'comment_approved');
+						$commentdata = wp_filter_comment($commentdata);
+						wp_insert_comment($commentdata);
+						$num_comments++;
+					}
+				}
+			}
+			if ( $num_comments ) {
+				echo ' ';
+				printf(__('(%s comments)'), $num_comments);
+			}
+			echo '</li>';
+			flush();
+			ob_flush();
+		}
+		echo '</ol>';
+	}
+
+	function import() {
+		$file = wp_import_handle_upload();
+		if ( isset($file['error']) ) {
+			echo $file['error'];
+			return;
+		}
+
+		$this->file = $file['file'];
+		$this->import_posts();
+		wp_import_cleanup($file['id']);
+
+		echo '<h3>';
+		printf(__('All done. <a href="%s">Have fun!</a>'), get_option('home'));
+		echo '</h3>';
+	}
+
+	function dispatch() {
+		if (empty ($_GET['step']))
+			$step = 0;
+		else
+			$step = (int) $_GET['step'];
+
+		$this->header();
+
+		switch ($step) {
+			case 0 :
+				$this->greet();
+				break;
+			case 1 :
+				$this->import();
+				break;
+		}
+
+		$this->footer();
+	}
+
+	function BW_Import() {
+		// Nothing.
+	}
+}
+
+$blogware_import = new BW_Import();
+
+register_importer('blogware', __('Blogware'), __('Import posts from Blogware'), array ($blogware_import, 'dispatch'));
+?>

wp-admin/import/dotclear.php

@@ -0,0 +1,756 @@
+<?php
+/*
+ * DotClear import plugin
+ * by Thomas Quinot - http://thomas.quinot.org/
+ */
+
+/**
+	Add These Functions to make our lives easier
+**/
+if(!function_exists('get_catbynicename'))
+{
+	function get_catbynicename($category_nicename)
+	{
+	global $wpdb;
+
+	$cat_id -= 0; 	// force numeric
+	$name = $wpdb->get_var('SELECT cat_ID FROM '.$wpdb->categories.' WHERE category_nicename="'.$category_nicename.'"');
+
+	return $name;
+	}
+}
+
+if(!function_exists('get_comment_count'))
+{
+	function get_comment_count($post_ID)
+	{
+		global $wpdb;
+		return $wpdb->get_var('SELECT count(*) FROM '.$wpdb->comments.' WHERE comment_post_ID = '.$post_ID);
+	}
+}
+
+if(!function_exists('link_cat_exists'))
+{
+	function link_cat_exists($catname)
+	{
+		global $wpdb;
+		return $wpdb->get_var('SELECT cat_id FROM '.$wpdb->linkcategories.' WHERE cat_name = "'.$wpdb->escape($catname).'"');
+	}
+}
+
+if(!function_exists('link_exists'))
+{
+	function link_exists($linkname)
+	{
+		global $wpdb;
+		return $wpdb->get_var('SELECT link_id FROM '.$wpdb->links.' WHERE link_name = "'.$linkname.'"');
+	}
+}
+
+/*
+ Identify UTF-8 text
+ Taken from http://www.php.net/manual/fr/function.mb-detect-encoding.php#50087
+*/
+//
+//    utf8 encoding validation developed based on Wikipedia entry at:
+//    http://en.wikipedia.org/wiki/UTF-8
+//
+//    Implemented as a recursive descent parser based on a simple state machine
+//    copyright 2005 Maarten Meijer
+//
+//    This cries out for a C-implementation to be included in PHP core
+//
+
+function valid_1byte($char) {
+	if(!is_int($char)) return false;
+		return ($char & 0x80) == 0x00;
+}
+
+function valid_2byte($char) {
+	if(!is_int($char)) return false;
+		return ($char & 0xE0) == 0xC0;
+}
+
+function valid_3byte($char) {
+	if(!is_int($char)) return false;
+		return ($char & 0xF0) == 0xE0;
+}
+
+function valid_4byte($char) {
+	if(!is_int($char)) return false;
+		return ($char & 0xF8) == 0xF0;
+}
+
+function valid_nextbyte($char) {
+	if(!is_int($char)) return false;
+		return ($char & 0xC0) == 0x80;
+}
+
+function valid_utf8($string) {
+	$len = strlen($string);
+	$i = 0;
+	while( $i < $len ) {
+		$char = ord(substr($string, $i++, 1));
+		if(valid_1byte($char)) {    // continue
+			continue;
+		} else if(valid_2byte($char)) { // check 1 byte
+			if(!valid_nextbyte(ord(substr($string, $i++, 1))))
+				return false;
+		} else if(valid_3byte($char)) { // check 2 bytes
+			if(!valid_nextbyte(ord(substr($string, $i++, 1))))
+				return false;
+			if(!valid_nextbyte(ord(substr($string, $i++, 1))))
+				return false;
+		} else if(valid_4byte($char)) { // check 3 bytes
+			if(!valid_nextbyte(ord(substr($string, $i++, 1))))
+				return false;
+			if(!valid_nextbyte(ord(substr($string, $i++, 1))))
+				return false;
+			if(!valid_nextbyte(ord(substr($string, $i++, 1))))
+				return false;
+		} // goto next char
+	}
+	return true; // done
+}
+
+function csc ($s) {
+	if (valid_utf8 ($s)) {
+		return $s;
+	} else {
+		return iconv(get_option ("dccharset"),"UTF-8",$s);
+	}
+}
+
+function textconv ($s) {
+	return csc (preg_replace ('|(?<!<br />)\s*\n|', ' ', $s));
+}
+
+/**
+	The Main Importer Class
+**/
+class Dotclear_Import {
+
+	function header() 
+	{
+		echo '<div class="wrap">';
+		echo '<h2>'.__('Import DotClear').'</h2>';
+		echo '<p>'.__('Steps may take a few minutes depending on the size of your database. Please be patient.').'</p>';
+	}
+
+	function footer() 
+	{
+		echo '</div>';
+	}
+
+	function greet() 
+	{
+		echo '<div class="narrow"><p>'.__('Howdy! This importer allows you to extract posts from a DotClear database into your blog.  Mileage may vary.').'</p>';
+		echo '<p>'.__('Your DotClear Configuration settings are as follows:').'</p>';
+		echo '<form action="admin.php?import=dotclear&amp;step=1" method="post">';
+		wp_nonce_field('import-dotclear');
+		$this->db_form();
+		echo '<p class="submit"><input type="submit" name="submit" value="'.attribute_escape(__('Import Categories &raquo;')).'" /></p>';
+		echo '</form></div>';
+	}
+
+	function get_dc_cats()
+	{
+		global $wpdb;
+		// General Housekeeping
+		$dcdb = new wpdb(get_option('dcuser'), get_option('dcpass'), get_option('dcname'), get_option('dchost'));
+		set_magic_quotes_runtime(0);
+		$dbprefix = get_option('dcdbprefix');
+
+		// Get Categories
+		return $dcdb->get_results('SELECT * FROM '.$dbprefix.'categorie', ARRAY_A);
+	}
+
+	function get_dc_users()
+	{
+		global $wpdb;
+		// General Housekeeping
+		$dcdb = new wpdb(get_option('dcuser'), get_option('dcpass'), get_option('dcname'), get_option('dchost'));
+		set_magic_quotes_runtime(0);
+		$dbprefix = get_option('dcdbprefix');
+
+		// Get Users
+
+		return $dcdb->get_results('SELECT * FROM '.$dbprefix.'user', ARRAY_A);
+	}
+
+	function get_dc_posts()
+	{
+		// General Housekeeping
+		$dcdb = new wpdb(get_option('dcuser'), get_option('dcpass'), get_option('dcname'), get_option('dchost'));
+		set_magic_quotes_runtime(0);
+		$dbprefix = get_option('dcdbprefix');
+
+		// Get Posts
+		return $dcdb->get_results('SELECT '.$dbprefix.'post.*, '.$dbprefix.'categorie.cat_libelle_url AS post_cat_name
+						FROM '.$dbprefix.'post INNER JOIN '.$dbprefix.'categorie
+						ON '.$dbprefix.'post.cat_id = '.$dbprefix.'categorie.cat_id', ARRAY_A);
+	}
+
+	function get_dc_comments()
+	{
+		global $wpdb;
+		// General Housekeeping
+		$dcdb = new wpdb(get_option('dcuser'), get_option('dcpass'), get_option('dcname'), get_option('dchost'));
+		set_magic_quotes_runtime(0);
+		$dbprefix = get_option('dcdbprefix');
+
+		// Get Comments
+		return $dcdb->get_results('SELECT * FROM '.$dbprefix.'comment', ARRAY_A);
+	}
+
+	function get_dc_links()
+	{
+		//General Housekeeping
+		$dcdb = new wpdb(get_option('dcuser'), get_option('dcpass'), get_option('dcname'), get_option('dchost'));
+		set_magic_quotes_runtime(0);
+		$dbprefix = get_option('dcdbprefix');
+
+		return $dcdb->get_results('SELECT * FROM '.$dbprefix.'link ORDER BY position', ARRAY_A);
+	}
+
+	function cat2wp($categories='')
+	{
+		// General Housekeeping
+		global $wpdb;
+		$count = 0;
+		$dccat2wpcat = array();
+		// Do the Magic
+		if(is_array($categories))
+		{
+			echo '<p>'.__('Importing Categories...').'<br /><br /></p>';
+			foreach ($categories as $category)
+			{
+				$count++;
+				extract($category);
+
+				// Make Nice Variables
+				$name = $wpdb->escape($cat_libelle_url);
+				$title = $wpdb->escape(csc ($cat_libelle));
+				$desc = $wpdb->escape(csc ($cat_desc));
+
+				if($cinfo = category_exists($name))
+				{
+					$ret_id = wp_insert_category(array('cat_ID' => $cinfo, 'category_nicename' => $name, 'cat_name' => $title, 'category_description' => $desc));
+				}
+				else
+				{
+					$ret_id = wp_insert_category(array('category_nicename' => $name, 'cat_name' => $title, 'category_description' => $desc));
+				}
+				$dccat2wpcat[$id] = $ret_id;
+			}
+
+			// Store category translation for future use
+			add_option('dccat2wpcat',$dccat2wpcat);
+			echo '<p>'.sprintf(__('Done! <strong>%1$s</strong> categories imported.'), $count).'<br /><br /></p>';
+			return true;
+		}
+		echo __('No Categories to Import!');
+		return false;
+	}
+
+	function users2wp($users='')
+	{
+		// General Housekeeping
+		global $wpdb;
+		$count = 0;
+		$dcid2wpid = array();
+
+		// Midnight Mojo
+		if(is_array($users))
+		{
+			echo '<p>'.__('Importing Users...').'<br /><br /></p>';
+			foreach($users as $user)
+			{
+				$count++;
+				extract($user);
+
+				// Make Nice Variables
+				$name = $wpdb->escape(csc ($name));
+				$RealName = $wpdb->escape(csc ($user_pseudo));
+
+				if($uinfo = get_userdatabylogin($name))
+				{
+
+					$ret_id = wp_insert_user(array(
+								'ID'		=> $uinfo->ID,
+								'user_login'	=> $user_id,
+								'user_nicename'	=> $Realname,
+								'user_email'	=> $user_email,
+								'user_url'	=> 'http://',
+								'display_name'	=> $Realname)
+								);
+				}
+				else
+				{
+					$ret_id = wp_insert_user(array(
+								'user_login'	=> $user_id,
+								'user_nicename'	=> csc ($user_pseudo),
+								'user_email'	=> $user_email,
+								'user_url'	=> 'http://',
+								'display_name'	=> $Realname)
+								);
+				}
+				$dcid2wpid[$user_id] = $ret_id;
+
+				// Set DotClear-to-WordPress permissions translation
+
+				// Update Usermeta Data
+				$user = new WP_User($ret_id);
+				$wp_perms = $user_level + 1;
+				if(10 == $wp_perms) { $user->set_role('administrator'); }
+				else if(9  == $wp_perms) { $user->set_role('editor'); }
+				else if(5  <= $wp_perms) { $user->set_role('editor'); }
+				else if(4  <= $wp_perms) { $user->set_role('author'); }
+				else if(3  <= $wp_perms) { $user->set_role('contributor'); }
+				else if(2  <= $wp_perms) { $user->set_role('contributor'); }
+				else                     { $user->set_role('subscriber'); }
+
+				update_usermeta( $ret_id, 'wp_user_level', $wp_perms);
+				update_usermeta( $ret_id, 'rich_editing', 'false');
+				update_usermeta( $ret_id, 'first_name', csc ($user_prenom));
+				update_usermeta( $ret_id, 'last_name', csc ($user_nom));
+			}// End foreach($users as $user)
+
+			// Store id translation array for future use
+			add_option('dcid2wpid',$dcid2wpid);
+
+
+			echo '<p>'.sprintf(__('Done! <strong>%1$s</strong> users imported.'), $count).'<br /><br /></p>';
+			return true;
+		}// End if(is_array($users)
+
+		echo __('No Users to Import!');
+		return false;
+
+	}// End function user2wp()
+
+	function posts2wp($posts='')
+	{
+		// General Housekeeping
+		global $wpdb;
+		$count = 0;
+		$dcposts2wpposts = array();
+		$cats = array();
+
+		// Do the Magic
+		if(is_array($posts))
+		{
+			echo '<p>'.__('Importing Posts...').'<br /><br /></p>';
+			foreach($posts as $post)
+			{
+				$count++;
+				extract($post);
+
+				// Set DotClear-to-WordPress status translation
+				$stattrans = array(0 => 'draft', 1 => 'publish');
+				$comment_status_map = array (0 => 'closed', 1 => 'open');
+
+				//Can we do this more efficiently?
+				$uinfo = ( get_userdatabylogin( $user_id ) ) ? get_userdatabylogin( $user_id ) : 1;
+				$authorid = ( is_object( $uinfo ) ) ? $uinfo->ID : $uinfo ;
+
+				$Title = $wpdb->escape(csc ($post_titre));
+				$post_content = textconv ($post_content);
+				$post_excerpt = "";
+				if ($post_chapo != "") {
+					$post_excerpt = textconv ($post_chapo);
+					$post_content = $post_excerpt ."\n<!--more-->\n".$post_content;
+				}
+				$post_excerpt = $wpdb->escape ($post_excerpt);
+				$post_content = $wpdb->escape ($post_content);
+				$post_status = $stattrans[$post_pub];
+
+				// Import Post data into WordPress
+
+				if($pinfo = post_exists($Title,$post_content))
+				{
+					$ret_id = wp_insert_post(array(
+							'ID'			=> $pinfo,
+							'post_author'		=> $authorid,
+							'post_date'		=> $post_dt,
+							'post_date_gmt'		=> $post_dt,
+							'post_modified'		=> $post_upddt,
+							'post_modified_gmt'	=> $post_upddt,
+							'post_title'		=> $Title,
+							'post_content'		=> $post_content,
+							'post_excerpt'		=> $post_excerpt,
+							'post_status'		=> $post_status,
+							'post_name'		=> $post_titre_url,
+							'comment_status'	=> $comment_status_map[$post_open_comment],
+							'ping_status'		=> $comment_status_map[$post_open_tb],
+							'comment_count'		=> $post_nb_comment + $post_nb_trackback)
+							);
+				}
+				else
+				{
+					$ret_id = wp_insert_post(array(
+							'post_author'		=> $authorid,
+							'post_date'		=> $post_dt,
+							'post_date_gmt'		=> $post_dt,
+							'post_modified'		=> $post_modified_gmt,
+							'post_modified_gmt'	=> $post_modified_gmt,
+							'post_title'		=> $Title,
+							'post_content'		=> $post_content,
+							'post_excerpt'		=> $post_excerpt,
+							'post_status'		=> $post_status,
+							'post_name'		=> $post_titre_url,
+							'comment_status'	=> $comment_status_map[$post_open_comment],
+							'ping_status'		=> $comment_status_map[$post_open_tb],
+							'comment_count'		=> $post_nb_comment + $post_nb_trackback)
+							);
+				}
+				$dcposts2wpposts[$post_id] = $ret_id;
+
+				// Make Post-to-Category associations
+				$cats = array();
+				if($cat1 = get_catbynicename($post_cat_name)) { $cats[1] = $cat1; }
+
+				if(!empty($cats)) { wp_set_post_categories($ret_id, $cats); }
+			}
+		}
+		// Store ID translation for later use
+		add_option('dcposts2wpposts',$dcposts2wpposts);
+
+		echo '<p>'.sprintf(__('Done! <strong>%1$s</strong> posts imported.'), $count).'<br /><br /></p>';
+		return true;
+	}
+
+	function comments2wp($comments='')
+	{
+		// General Housekeeping
+		global $wpdb;
+		$count = 0;
+		$dccm2wpcm = array();
+		$postarr = get_option('dcposts2wpposts');
+
+		// Magic Mojo
+		if(is_array($comments))
+		{
+			echo '<p>'.__('Importing Comments...').'<br /><br /></p>';
+			foreach($comments as $comment)
+			{
+				$count++;
+				extract($comment);
+
+				// WordPressify Data
+				$comment_ID = (int) ltrim($comment_id, '0');
+				$comment_post_ID = (int) $postarr[$post_id];
+				$comment_approved = "$comment_pub";
+				$name = $wpdb->escape(csc ($comment_auteur));
+				$email = $wpdb->escape($comment_email);
+				$web = "http://".$wpdb->escape($comment_site);
+				$message = $wpdb->escape(textconv ($comment_content));
+
+				if($cinfo = comment_exists($name, $comment_dt))
+				{
+					// Update comments
+					$ret_id = wp_update_comment(array(
+							'comment_ID'		=> $cinfo,
+							'comment_post_ID'	=> $comment_post_ID,
+							'comment_author'	=> $name,
+							'comment_author_email'	=> $email,
+							'comment_author_url'	=> $web,
+							'comment_author_IP'	=> $comment_ip,
+							'comment_date'		=> $comment_dt,
+							'comment_date_gmt'	=> $comment_dt,
+							'comment_content'	=> $message,
+							'comment_approved'	=> $comment_approved)
+							);
+				}
+				else
+				{
+					// Insert comments
+					$ret_id = wp_insert_comment(array(
+							'comment_post_ID'	=> $comment_post_ID,
+							'comment_author'	=> $name,
+							'comment_author_email'	=> $email,
+							'comment_author_url'	=> $web,
+							'comment_author_IP'	=> $comment_ip,
+							'comment_date'		=> $comment_dt,
+							'comment_date_gmt'	=> $comment_dt,
+							'comment_content'	=> $message,
+							'comment_approved'	=> $comment_approved)
+							);
+				}
+				$dccm2wpcm[$comment_ID] = $ret_id;
+			}
+			// Store Comment ID translation for future use
+			add_option('dccm2wpcm', $dccm2wpcm);
+
+			// Associate newly formed categories with posts
+			get_comment_count($ret_id);
+
+
+			echo '<p>'.sprintf(__('Done! <strong>%1$s</strong> comments imported.'), $count).'<br /><br /></p>';
+			return true;
+		}
+		echo __('No Comments to Import!');
+		return false;
+	}
+
+	function links2wp($links='')
+	{
+		// General Housekeeping
+		global $wpdb;
+		$count = 0;
+
+		// Deal with the links
+		if(is_array($links))
+		{
+			echo '<p>'.__('Importing Links...').'<br /><br /></p>';
+			foreach($links as $link)
+			{
+				$count++;
+				extract($link);
+
+				if ($title != "") {
+					if ($cinfo = link_cat_exists (csc ($title))) {
+						$category = $cinfo;
+					} else {
+						$wpdb->query ("INSERT INTO $wpdb->linkcategories (cat_name) VALUES ('".
+							$wpdb->escape (csc ($title))."')");
+						$category = $wpdb->insert_id;
+					}
+				} else {
+					$linkname = $wpdb->escape(csc ($label));
+					$description = $wpdb->escape(csc ($title));
+
+					if($linfo = link_exists($linkname)) {
+						$ret_id = wp_insert_link(array(
+									'link_id'		=> $linfo,
+									'link_url'		=> $href,
+									'link_name'		=> $linkname,
+									'link_category'		=> $category,
+									'link_description'	=> $description)
+									);
+					} else {
+						$ret_id = wp_insert_link(array(
+									'link_url'		=> $url,
+									'link_name'		=> $linkname,
+									'link_category'		=> $category,
+									'link_description'	=> $description)
+									);
+					}
+					$dclinks2wplinks[$link_id] = $ret_id;
+				}
+			}
+			add_option('dclinks2wplinks',$dclinks2wplinks);
+			echo '<p>';
+			printf(__('Done! <strong>%s</strong> links or link categories imported'), $count);
+			echo '<br /><br /></p>';
+			return true;
+		}
+		echo __('No Links to Import!');
+		return false;
+	}
+
+	function import_categories()
+	{
+		// Category Import
+		$cats = $this->get_dc_cats();
+		$this->cat2wp($cats);
+		add_option('dc_cats', $cats);
+
+
+
+		echo '<form action="admin.php?import=dotclear&amp;step=2" method="post">';
+		wp_nonce_field('import-dotclear');
+		printf('<input type="submit" name="submit" value="%s" />', attribute_escape(__('Import Users')));
+		echo '</form>';
+
+	}
+
+	function import_users()
+	{
+		// User Import
+		$users = $this->get_dc_users();
+		$this->users2wp($users);
+
+		echo '<form action="admin.php?import=dotclear&amp;step=3" method="post">';
+		wp_nonce_field('import-dotclear');
+		printf('<input type="submit" name="submit" value="%s" />', attribute_escape(__('Import Posts')));
+		echo '</form>';
+	}
+
+	function import_posts()
+	{
+		// Post Import
+		$posts = $this->get_dc_posts();
+		$this->posts2wp($posts);
+
+		echo '<form action="admin.php?import=dotclear&amp;step=4" method="post">';
+		wp_nonce_field('import-dotclear');
+		printf('<input type="submit" name="submit" value="%s" />', attribute_escape(__('Import Comments')));
+		echo '</form>';
+	}
+
+	function import_comments()
+	{
+		// Comment Import
+		$comments = $this->get_dc_comments();
+		$this->comments2wp($comments);
+
+		echo '<form action="admin.php?import=dotclear&amp;step=5" method="post">';
+		wp_nonce_field('import-dotclear');
+		printf('<input type="submit" name="submit" value="%s" />', attribute_escape(__('Import Links')));
+		echo '</form>';
+	}
+
+	function import_links()
+	{
+		//Link Import
+		$links = $this->get_dc_links();
+		$this->links2wp($links);
+		add_option('dc_links', $links);
+
+		echo '<form action="admin.php?import=dotclear&amp;step=6" method="post">';
+		wp_nonce_field('import-dotclear');
+		printf('<input type="submit" name="submit" value="%s" />', attribute_escape(__('Finish')));
+		echo '</form>';
+	}
+
+	function cleanup_dcimport()
+	{
+		delete_option('dcdbprefix');
+		delete_option('dc_cats');
+		delete_option('dcid2wpid');
+		delete_option('dccat2wpcat');
+		delete_option('dcposts2wpposts');
+		delete_option('dccm2wpcm');
+		delete_option('dclinks2wplinks');
+		delete_option('dcuser');
+		delete_option('dcpass');
+		delete_option('dcname');
+		delete_option('dchost');
+		delete_option('dccharset');
+		$this->tips();
+	}
+
+	function tips()
+	{
+		echo '<p>'.__('Welcome to WordPress.  We hope (and expect!) that you will find this platform incredibly rewarding!  As a new WordPress user coming from DotClear, there are some things that we would like to point out.  Hopefully, they will help your transition go as smoothly as possible.').'</p>';
+		echo '<h3>'.__('Users').'</h3>';
+		echo '<p>'.sprintf(__('You have already setup WordPress and have been assigned an administrative login and password.  Forget it.  You didn\'t have that login in DotClear, why should you have it here?  Instead we have taken care to import all of your users into our system.  Unfortunately there is one downside.  Because both WordPress and DotClear uses a strong encryption hash with passwords, it is impossible to decrypt it and we are forced to assign temporary passwords to all your users.  <strong>Every user has the same username, but their passwords are reset to password123.</strong>  So <a href="%1$s">Login</a> and change it.'), '/wp-login.php').'</p>';
+		echo '<h3>'.__('Preserving Authors').'</h3>';
+		echo '<p>'.__('Secondly, we have attempted to preserve post authors.  If you are the only author or contributor to your blog, then you are safe.  In most cases, we are successful in this preservation endeavor.  However, if we cannot ascertain the name of the writer due to discrepancies between database tables, we assign it to you, the administrative user.').'</p>';
+		echo '<h3>'.__('Textile').'</h3>';
+		echo '<p>'.__('Also, since you\'re coming from DotClear, you probably have been using Textile to format your comments and posts.  If this is the case, we recommend downloading and installing <a href="http://www.huddledmasses.org/category/development/wordpress/textile/">Textile for WordPress</a>.  Trust me... You\'ll want it.').'</p>';
+		echo '<h3>'.__('WordPress Resources').'</h3>';
+		echo '<p>'.__('Finally, there are numerous WordPress resources around the internet.  Some of them are:').'</p>';
+		echo '<ul>';
+		echo '<li>'.__('<a href="http://www.wordpress.org">The official WordPress site</a>').'</li>';
+		echo '<li>'.__('<a href="http://wordpress.org/support/">The WordPress support forums</a>').'</li>';
+		echo '<li>'.__('<a href="http://codex.wordpress.org">The Codex (In other words, the WordPress Bible)</a>').'</li>';
+		echo '</ul>';
+		echo '<p>'.sprintf(__('That\'s it! What are you waiting for? Go <a href="%1$s">login</a>!'), '../wp-login.php').'</p>';
+	}
+
+	function db_form()
+	{
+		echo '<table class="editform">';
+		printf('<tr><th><label for="dbuser">%s</label></th><td><input type="text" name="dbuser" id="dbuser" /></td></tr>', __('DotClear Database User:'));
+		printf('<tr><th><label for="dbpass">%s</label></th><td><input type="password" name="dbpass" id="dbpass" /></td></tr>', __('DotClear Database Password:'));
+		printf('<tr><th><label for="dbname">%s</label></th><td><input type="text" name="dbname" id="dbname" /></td></tr>', __('DotClear Database Name:'));
+		printf('<tr><th><label for="dbhost">%s</label></th><td><input type="text" name="dbhost" nameid="dbhost" value="localhost" /></td></tr>', __('DotClear Database Host:'));
+		printf('<tr><th><label for="dbprefix">%s</label></th><td><input type="text" name="dbprefix" id="dbprefix" value="dc_"/></td></tr>', __('DotClear Table prefix:'));
+		printf('<tr><th><label for="dccharset">%s</label></th><td><input type="text" name="dccharset" id="dccharset" value="ISO-8859-15"/></td></tr>', __('Originating character set:'));
+		echo '</table>';
+	}
+
+	function dispatch()
+	{
+
+		if (empty ($_GET['step']))
+			$step = 0;
+		else
+			$step = (int) $_GET['step'];
+		$this->header();
+
+		if ( $step > 0 )
+		{
+			check_admin_referer('import-dotclear');
+
+			if($_POST['dbuser'])
+			{
+				if(get_option('dcuser'))
+					delete_option('dcuser');
+				add_option('dcuser', sanitize_user($_POST['dbuser'], true));
+			}
+			if($_POST['dbpass'])
+			{
+				if(get_option('dcpass'))
+					delete_option('dcpass');
+				add_option('dcpass', sanitize_user($_POST['dbpass'], true));
+			}
+
+			if($_POST['dbname'])
+			{
+				if(get_option('dcname'))
+					delete_option('dcname');
+				add_option('dcname', sanitize_user($_POST['dbname'], true));
+			}
+			if($_POST['dbhost'])
+			{
+				if(get_option('dchost'))
+					delete_option('dchost');
+				add_option('dchost', sanitize_user($_POST['dbhost'], true));
+			}
+			if($_POST['dccharset'])
+			{
+				if(get_option('dccharset'))
+					delete_option('dccharset');
+				add_option('dccharset', sanitize_user($_POST['dccharset'], true));
+			}
+			if($_POST['dbprefix'])
+			{
+				if(get_option('dcdbprefix'))
+					delete_option('dcdbprefix');
+				add_option('dcdbprefix', sanitize_user($_POST['dbprefix'], true));
+			}
+
+
+		}
+
+		switch ($step)
+		{
+			default:
+			case 0 :
+				$this->greet();
+				break;
+			case 1 :
+				$this->import_categories();
+				break;
+			case 2 :
+				$this->import_users();
+				break;
+			case 3 :
+				$this->import_posts();
+				break;
+			case 4 :
+				$this->import_comments();
+				break;
+			case 5 :
+				$this->import_links();
+				break;
+			case 6 :
+				$this->cleanup_dcimport();
+				break;
+		}
+
+		$this->footer();
+	}
+
+	function Dotclear_Import()
+	{
+		// Nothing.
+	}
+}
+
+$dc_import = new Dotclear_Import();
+register_importer('dotclear', __('DotClear'), __('Import categories, users, posts, comments, and links from a DotClear blog'), array ($dc_import, 'dispatch'));
+?>

wp-admin/import/greymatter.php

@@ -0,0 +1,317 @@
+<?php
+
+class GM_Import {
+
+	var $gmnames = array ();
+
+	function header() {
+		echo '<div class="wrap">';
+		echo '<h2>'.__('Import GreyMatter').'</h2>';
+	}
+
+	function footer() {
+		echo '</div>';
+	}
+
+	function greet() {
+		$this->header();
+?>
+<p><?php _e('This is a basic GreyMatter to WordPress import script.') ?></p>
+<p><?php _e('What it does:') ?></p>
+<ul>
+<li><?php _e('Parses gm-authors.cgi to import (new) authors. Everyone is imported at level 1.') ?></li>
+<li><?php _e('Parses the entries cgi files to import posts, comments, and karma on posts (although karma is not used on WordPress yet).<br />If authors are found not to be in gm-authors.cgi, imports them at level 0.') ?></li>
+<li><?php _e("Detects duplicate entries or comments. If you don't import everything the first time, or this import should fail in the middle, duplicate entries will not be made when you try again.") ?></li>
+</ul>
+<p><?php _e('What it does not:') ?></p>
+<ul>
+<li><?php _e('Parse gm-counter.cgi, gm-banlist.cgi, gm-cplog.cgi (you can make a CP log hack if you really feel like it, but I question the need of a CP log).') ?></li>
+<li><?php _e('Import gm-templates.') ?></li>
+<li><?php _e("Doesn't keep entries on top.")?></li>
+</ul>
+<p>&nbsp;</p>
+
+<form name="stepOne" method="get">
+<input type="hidden" name="import" value="greymatter" />
+<input type="hidden" name="step" value="1" />
+<?php wp_nonce_field('import-greymatter'); ?>
+<h3><?php _e('Second step: GreyMatter details:') ?></h3>
+<p><table cellpadding="0">
+<tr>
+<td><?php _e('Path to GM files:') ?></td>
+<td><input type="text" style="width:300px" name="gmpath" value="/home/my/site/cgi-bin/greymatter/" /></td>
+</tr>
+<tr>
+<td><?php _e('Path to GM entries:') ?></td>
+<td><input type="text" style="width:300px" name="archivespath" value="/home/my/site/cgi-bin/greymatter/archives/" /></td>
+</tr>
+<tr>
+<td colspan="2"><br /><?php _e("This importer will search for files 00000001.cgi to 000-whatever.cgi,<br />so you need to enter the number of the last GM post here.<br />(if you don't know that number, just log into your FTP and look it out<br />in the entries' folder)") ?></td>
+</tr>
+<tr>
+<td><?php _e("Last entry's number:") ?></td>
+<td><input type="text" name="lastentry" value="00000001" /></td>
+</tr>
+</table>
+</p>
+<p><?php _e("When you're ready, click OK to start importing: ") ?><input type="submit" name="submit" value="<?php _e('OK') ?>" class="search" /></p>
+</form>
+<p>&nbsp</p>
+<?php
+		$this->footer();
+	}
+
+
+
+	function gm2autobr($string) { // transforms GM's |*| into b2's <br />\n
+		$string = str_replace("|*|","<br />\n",$string);
+		return($string);
+	}
+
+	function import() {
+		global $wpdb;
+
+		$wpvarstoreset = array('gmpath', 'archivespath', 'lastentry');
+		for ($i=0; $i<count($wpvarstoreset); $i += 1) {
+			$wpvar = $wpvarstoreset[$i];
+			if (!isset($$wpvar)) {
+				if (empty($_POST["$wpvar"])) {
+					if (empty($_GET["$wpvar"])) {
+						$$wpvar = '';
+					} else {
+						$$wpvar = $_GET["$wpvar"];
+					}
+				} else {
+					$$wpvar = $_POST["$wpvar"];
+				}
+			}
+		}
+
+		if (!chdir($archivespath))
+			wp_die(__("Wrong path, the path to the GM entries does not exist on the server"));
+
+		if (!chdir($gmpath))
+			wp_die(__("Wrong path, the path to the GM files does not exist on the server"));
+
+		$lastentry = (int) $lastentry;
+
+		$this->header();
+?>
+<p><?php _e('The importer is running...') ?></p>
+<ul>
+<li><?php _e('importing users...') ?><ul><?php
+
+	chdir($gmpath);
+	$userbase = file("gm-authors.cgi");
+
+	foreach($userbase as $user) {
+		$userdata=explode("|", $user);
+
+		$user_ip="127.0.0.1";
+		$user_domain="localhost";
+		$user_browser="server";
+
+		$s=$userdata[4];
+		$user_joindate=substr($s,6,4)."-".substr($s,0,2)."-".substr($s,3,2)." 00:00:00";
+
+		$user_login=$wpdb->escape($userdata[0]);
+		$pass1=$wpdb->escape($userdata[1]);
+		$user_nickname=$wpdb->escape($userdata[0]);
+		$user_email=$wpdb->escape($userdata[2]);
+		$user_url=$wpdb->escape($userdata[3]);
+		$user_joindate=$wpdb->escape($user_joindate);
+
+		$user_id = username_exists($user_login);
+		if ($user_id) {
+			printf('<li>'.__('user %s').'<strong>'.__('Already exists').'</strong></li>', "<em>$user_login</em>");
+			$this->gmnames[$userdata[0]] = $user_id;
+			continue;
+		}
+
+		$user_info = array("user_login"=>"$user_login", "user_pass"=>"$pass1", "user_nickname"=>"$user_nickname", "user_email"=>"$user_email", "user_url"=>"$user_url", "user_ip"=>"$user_ip", "user_domain"=>"$user_domain", "user_browser"=>"$user_browser", "dateYMDhour"=>"$user_joindate", "user_level"=>"1", "user_idmode"=>"nickname");
+		$user_id = wp_insert_user($user_info);
+		$this->gmnames[$userdata[0]] = $user_id;
+
+		printf('<li>'.__('user %s...').' <strong>'.__('Done').'</strong></li>', "<em>$user_login</em>");
+	}
+
+?></ul><strong><?php _e('Done') ?></strong></li>
+<li><?php _e('importing posts, comments, and karma...') ?><br /><ul><?php
+
+	chdir($archivespath);
+
+	for($i = 0; $i <= $lastentry; $i = $i + 1) {
+
+		$entryfile = "";
+
+		if ($i<10000000) {
+			$entryfile .= "0";
+			if ($i<1000000) {
+				$entryfile .= "0";
+				if ($i<100000) {
+					$entryfile .= "0";
+					if ($i<10000) {
+						$entryfile .= "0";
+						if ($i<1000) {
+							$entryfile .= "0";
+							if ($i<100) {
+								$entryfile .= "0";
+								if ($i<10) {
+									$entryfile .= "0";
+		}}}}}}}
+
+		$entryfile .= "$i";
+
+		if (is_file($entryfile.".cgi")) {
+
+			$entry=file($entryfile.".cgi");
+			$postinfo=explode("|",$entry[0]);
+			$postmaincontent=$this->gm2autobr($entry[2]);
+			$postmorecontent=$this->gm2autobr($entry[3]);
+
+			$post_author=trim($wpdb->escape($postinfo[1]));
+
+			$post_title=$this->gm2autobr($postinfo[2]);
+			printf('<li>'.__('entry # %s : %s : by %s'), $entryfile, $post_title, $postinfo[1]);
+			$post_title=$wpdb->escape($post_title);
+
+			$postyear=$postinfo[6];
+			$postmonth=zeroise($postinfo[4],2);
+			$postday=zeroise($postinfo[5],2);
+			$posthour=zeroise($postinfo[7],2);
+			$postminute=zeroise($postinfo[8],2);
+			$postsecond=zeroise($postinfo[9],2);
+
+			if (($postinfo[10]=="PM") && ($posthour!="12"))
+				$posthour=$posthour+12;
+
+			$post_date="$postyear-$postmonth-$postday $posthour:$postminute:$postsecond";
+
+			$post_content=$postmaincontent;
+			if (strlen($postmorecontent)>3)
+				$post_content .= "<!--more--><br /><br />".$postmorecontent;
+			$post_content=$wpdb->escape($post_content);
+
+			$post_karma=$postinfo[12];
+
+			$post_status = 'publish'; //in greymatter, there are no drafts
+			$comment_status = 'open';
+			$ping_status = 'closed';
+
+			if ($post_ID = post_exists($post_title, '', $post_date)) {
+				echo ' ';
+				_e('(already exists)');
+			} else {
+				//just so that if a post already exists, new users are not created by checkauthor
+				// we'll check the author is registered, or if it's a deleted author
+				$user_id = username_exists($post_author);
+				if (!$user_id) {	// if deleted from GM, we register the author as a level 0 user
+					$user_ip="127.0.0.1";
+					$user_domain="localhost";
+					$user_browser="server";
+					$user_joindate="1979-06-06 00:41:00";
+					$user_login=$wpdb->escape($post_author);
+					$pass1=$wpdb->escape("password");
+					$user_nickname=$wpdb->escape($post_author);
+					$user_email=$wpdb->escape("user@deleted.com");
+					$user_url=$wpdb->escape("");
+					$user_joindate=$wpdb->escape($user_joindate);
+
+					$user_info = array("user_login"=>$user_login, "user_pass"=>$pass1, "user_nickname"=>$user_nickname, "user_email"=>$user_email, "user_url"=>$user_url, "user_ip"=>$user_ip, "user_domain"=>$user_domain, "user_browser"=>$user_browser, "dateYMDhour"=>$user_joindate, "user_level"=>0, "user_idmode"=>"nickname");
+					$user_id = wp_insert_user($user_info);
+					$this->gmnames[$postinfo[1]] = $user_id;
+
+					echo ': ';
+					printf(__('registered deleted user %s at level 0 '), "<em>$user_login</em>");
+				}
+
+				if (array_key_exists($postinfo[1], $this->gmnames)) {
+					$post_author = $this->gmnames[$postinfo[1]];
+				} else {
+					$post_author = $user_id;
+				}
+
+				$postdata = compact('post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_title', 'post_excerpt', 'post_status', 'comment_status', 'ping_status', 'post_modified', 'post_modified_gmt');
+				$post_ID = wp_insert_post($postdata);
+			}
+
+			$c=count($entry);
+			if ($c>4) {
+				$numAddedComments = 0;
+				$numComments = 0;
+				for ($j=4;$j<$c;$j++) {
+					$entry[$j]=$this->gm2autobr($entry[$j]);
+					$commentinfo=explode("|",$entry[$j]);
+					$comment_post_ID=$post_ID;
+					$comment_author=$wpdb->escape($commentinfo[0]);
+					$comment_author_email=$wpdb->escape($commentinfo[2]);
+					$comment_author_url=$wpdb->escape($commentinfo[3]);
+					$comment_author_IP=$wpdb->escape($commentinfo[1]);
+
+					$commentyear=$commentinfo[7];
+					$commentmonth=zeroise($commentinfo[5],2);
+					$commentday=zeroise($commentinfo[6],2);
+					$commenthour=zeroise($commentinfo[8],2);
+					$commentminute=zeroise($commentinfo[9],2);
+					$commentsecond=zeroise($commentinfo[10],2);
+					if (($commentinfo[11]=="PM") && ($commenthour!="12"))
+						$commenthour=$commenthour+12;
+					$comment_date="$commentyear-$commentmonth-$commentday $commenthour:$commentminute:$commentsecond";
+
+					$comment_content=$wpdb->escape($commentinfo[12]);
+
+					if (!comment_exists($comment_author, $comment_date)) {
+						$commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_url', 'comment_author_email', 'comment_author_IP', 'comment_date', 'comment_content', 'comment_approved');
+						$commentdata = wp_filter_comment($commentdata);
+						wp_insert_comment($commentdata);
+						$numAddedComments++;
+					}
+					$numComments++;
+				}
+				if ($numAddedComments > 0) {
+					echo ': ';
+					printf(__('imported %d comment(s)'), $numAddedComments);
+				}
+				$preExisting = $numComments - numAddedComments;
+				if ($preExisting > 0) {
+					echo ' ';
+					printf(__('ignored %d pre-existing comments'), $preExisting);
+				}
+			}
+			echo '... <strong>'.__('Done').'</strong></li>';
+		}
+	}
+	?>
+</ul><strong><?php _e('Done') ?></strong></li></ul>
+<p>&nbsp;</p>
+<p><?php _e('Completed GreyMatter import!') ?></p>
+<?php
+	$this->footer();
+	}
+
+	function dispatch() {
+		if (empty ($_GET['step']))
+			$step = 0;
+		else
+			$step = (int) $_GET['step'];
+
+		switch ($step) {
+			case 0 :
+				$this->greet();
+				break;
+			case 1:
+				check_admin_referer('import-greymatter');
+				$this->import();
+				break;
+		}
+	}
+
+	function GM_Import() {
+		// Nothing.
+	}
+}
+
+$gm_import = new GM_Import();
+
+register_importer('greymatter', __('GreyMatter'), __('Import users, posts, and comments from a Greymatter blog'), array ($gm_import, 'dispatch'));
+?>

wp-admin/import/livejournal.php

@@ -0,0 +1,172 @@
+<?php
+
+class LJ_Import {
+
+	var $file;
+
+	function header() {
+		echo '<div class="wrap">';
+		echo '<h2>'.__('Import LiveJournal').'</h2>';
+	}
+
+	function footer() {
+		echo '</div>';
+	}
+
+	function unhtmlentities($string) { // From php.net for < 4.3 compat
+		$trans_tbl = get_html_translation_table(HTML_ENTITIES);
+		$trans_tbl = array_flip($trans_tbl);
+		return strtr($string, $trans_tbl);
+	}
+
+	function greet() {
+		echo '<div class="narrow">';
+		echo '<p>'.__('Howdy! Upload your LiveJournal XML export file and we&#8217;ll import the posts into this blog.').'</p>';
+		echo '<p>'.__('Choose a LiveJournal XML file to upload, then click Upload file and import.').'</p>';
+		wp_import_upload_form("admin.php?import=livejournal&amp;step=1");
+		echo '</div>';
+	}
+
+	function import_posts() {
+		global $wpdb, $current_user;
+
+		set_magic_quotes_runtime(0);
+		$importdata = file($this->file); // Read the file into an array
+		$importdata = implode('', $importdata); // squish it
+		$importdata = str_replace(array ("\r\n", "\r"), "\n", $importdata);
+
+		preg_match_all('|<entry>(.*?)</entry>|is', $importdata, $posts);
+		$posts = $posts[1];
+		unset($importdata);
+		echo '<ol>';
+		foreach ($posts as $post) {
+			preg_match('|<subject>(.*?)</subject>|is', $post, $post_title);
+			$post_title = $wpdb->escape(trim($post_title[1]));
+			if ( empty($post_title) ) {
+				preg_match('|<itemid>(.*?)</itemid>|is', $post, $post_title);
+				$post_title = $wpdb->escape(trim($post_title[1]));
+			}
+
+			preg_match('|<eventtime>(.*?)</eventtime>|is', $post, $post_date);
+			$post_date = strtotime($post_date[1]);
+			$post_date = gmdate('Y-m-d H:i:s', $post_date);
+
+			preg_match('|<event>(.*?)</event>|is', $post, $post_content);
+			$post_content = str_replace(array ('<![CDATA[', ']]>'), '', trim($post_content[1]));
+			$post_content = $this->unhtmlentities($post_content);
+
+			// Clean up content
+			$post_content = preg_replace('|<(/?[A-Z]+)|e', "'<' . strtolower('$1')", $post_content);
+			$post_content = str_replace('<br>', '<br />', $post_content);
+			$post_content = str_replace('<hr>', '<hr />', $post_content);
+			$post_content = $wpdb->escape($post_content);
+
+			$post_author = $current_user->ID;
+			$post_status = 'publish';
+
+			echo '<li>';
+			if ($post_id = post_exists($post_title, $post_content, $post_date)) {
+				printf(__('Post <i>%s</i> already exists.'), stripslashes($post_title));
+			} else {
+				printf(__('Importing post <i>%s</i>...'), stripslashes($post_title));
+				$postdata = compact('post_author', 'post_date', 'post_content', 'post_title', 'post_status');
+				$post_id = wp_insert_post($postdata);
+				if (!$post_id) {
+					_e("Couldn't get post ID");
+					echo '</li>';
+					break;
+				}
+			}
+
+			preg_match_all('|<comment>(.*?)</comment>|is', $post, $comments);
+			$comments = $comments[1];
+
+			if ( $comments ) {
+				$comment_post_ID = (int) $post_id;
+				$num_comments = 0;
+				foreach ($comments as $comment) {
+					preg_match('|<event>(.*?)</event>|is', $comment, $comment_content);
+					$comment_content = str_replace(array ('<![CDATA[', ']]>'), '', trim($comment_content[1]));
+					$comment_content = $this->unhtmlentities($comment_content);
+
+					// Clean up content
+					$comment_content = preg_replace('|<(/?[A-Z]+)|e', "'<' . strtolower('$1')", $comment_content);
+					$comment_content = str_replace('<br>', '<br />', $comment_content);
+					$comment_content = str_replace('<hr>', '<hr />', $comment_content);
+					$comment_content = $wpdb->escape($comment_content);
+
+					preg_match('|<eventtime>(.*?)</eventtime>|is', $comment, $comment_date);
+					$comment_date = trim($comment_date[1]);
+					$comment_date = date('Y-m-d H:i:s', strtotime($comment_date));
+
+					preg_match('|<name>(.*?)</name>|is', $comment, $comment_author);
+					$comment_author = $wpdb->escape(trim($comment_author[1]));
+
+					preg_match('|<email>(.*?)</email>|is', $comment, $comment_author_email);
+					$comment_author_email = $wpdb->escape(trim($comment_author_email[1]));
+
+					$comment_approved = 1;
+					// Check if it's already there
+					if (!comment_exists($comment_author, $comment_date)) {
+						$commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_date', 'comment_content', 'comment_approved');
+						$commentdata = wp_filter_comment($commentdata);
+						wp_insert_comment($commentdata);
+						$num_comments++;
+					}
+				}
+			}
+			if ( $num_comments ) {
+				echo ' ';
+				printf(__('(%s comments)'), $num_comments);
+			}
+			echo '</li>';
+		}
+		echo '</ol>';
+	}
+
+	function import() {
+		$file = wp_import_handle_upload();
+		if ( isset($file['error']) ) {
+			echo $file['error'];
+			return;
+		}
+
+		$this->file = $file['file'];
+		$this->import_posts();
+		wp_import_cleanup($file['id']);
+
+		echo '<h3>';
+		printf(__('All done. <a href="%s">Have fun!</a>'), get_option('home'));
+		echo '</h3>';
+	}
+
+	function dispatch() {
+		if (empty ($_GET['step']))
+			$step = 0;
+		else
+			$step = (int) $_GET['step'];
+
+		$this->header();
+
+		switch ($step) {
+			case 0 :
+				$this->greet();
+				break;
+			case 1 :
+				check_admin_referer('import-upload');
+				$this->import();
+				break;
+		}
+
+		$this->footer();
+	}
+
+	function LJ_Import() {
+		// Nothing.
+	}
+}
+
+$livejournal_import = new LJ_Import();
+
+register_importer('livejournal', __('LiveJournal'), __('Import posts from a LiveJournal XML export file'), array ($livejournal_import, 'dispatch'));
+?>

wp-admin/import/mt.php

@@ -0,0 +1,439 @@
+<?php
+
+class MT_Import {
+
+	var $posts = array ();
+	var $file;
+	var $id;
+	var $mtnames = array ();
+	var $newauthornames = array ();
+	var $j = -1;
+
+	function header() {
+		echo '<div class="wrap">';
+		echo '<h2>'.__('Import Movable Type or TypePad').'</h2>';
+	}
+
+	function footer() {
+		echo '</div>';
+	}
+
+	function greet() {
+		$this->header();
+?>
+<div class="narrow">
+<p><?php _e('Howdy! We&#8217;re about to begin importing all of your Movable Type or Typepad entries into WordPress. To begin, choose a file to upload and click Upload file and import.'); ?></p>
+<?php wp_import_upload_form( add_query_arg('step', 1) ); ?>
+	<p><?php _e('The importer is smart enough not to import duplicates, so you can run this multiple times without worry if&#8212;for whatever reason&#8212;it doesn\'t finish. If you get an <strong>out of memory</strong> error try splitting up the import file into pieces.'); ?> </p>
+</div>
+<?php
+		$this->footer();
+	}
+
+	function users_form($n) {
+		global $wpdb, $testing;
+		$users = $wpdb->get_results("SELECT * FROM $wpdb->users ORDER BY ID");
+?><select name="userselect[<?php echo $n; ?>]">
+	<option value="#NONE#"><?php _e('- Select -') ?></option>
+	<?php
+
+
+		foreach ($users as $user) {
+			echo '<option value="'.$user->user_login.'">'.$user->user_login.'</option>';
+		}
+?>
+	</select>
+	<?php
+
+
+	}
+
+	//function to check the authorname and do the mapping
+	function checkauthor($author) {
+		global $wpdb;
+		//mtnames is an array with the names in the mt import file
+		$pass = 'changeme';
+		if (!(in_array($author, $this->mtnames))) { //a new mt author name is found
+			++ $this->j;
+			$this->mtnames[$this->j] = $author; //add that new mt author name to an array
+			$user_id = username_exists($this->newauthornames[$this->j]); //check if the new author name defined by the user is a pre-existing wp user
+			if (!$user_id) { //banging my head against the desk now.
+				if ($newauthornames[$this->j] == 'left_blank') { //check if the user does not want to change the authorname
+					$user_id = wp_create_user($author, $pass);
+					$this->newauthornames[$this->j] = $author; //now we have a name, in the place of left_blank.
+				} else {
+					$user_id = wp_create_user($this->newauthornames[$this->j], $pass);
+				}
+			} else {
+				return $user_id; // return pre-existing wp username if it exists
+			}
+		} else {
+			$key = array_search($author, $this->mtnames); //find the array key for $author in the $mtnames array
+			$user_id = username_exists($this->newauthornames[$key]); //use that key to get the value of the author's name from $newauthornames
+		}
+
+		return $user_id;
+	}
+
+	function get_entries() {
+		set_magic_quotes_runtime(0);
+		$importdata = file($this->file); // Read the file into an array
+		$importdata = implode('', $importdata); // squish it
+		$importdata = preg_replace("/(\r\n|\n|\r)/", "\n", $importdata);
+		$importdata = preg_replace("/\n--------\n/", "--MT-ENTRY--\n", $importdata);
+		$this->posts = explode("--MT-ENTRY--", $importdata);
+	}
+
+	function get_mt_authors() {
+		$temp = array ();
+		$i = -1;
+		foreach ($this->posts as $post) {
+			if ('' != trim($post)) {
+				++ $i;
+				preg_match("|AUTHOR:(.*)|", $post, $thematch);
+				$thematch = trim($thematch[1]);
+				array_push($temp, "$thematch"); //store the extracted author names in a temporary array
+			}
+		}
+
+		//we need to find unique values of author names, while preserving the order, so this function emulates the unique_value(); php function, without the sorting.
+		$authors[0] = array_shift($temp);
+		$y = count($temp) + 1;
+		for ($x = 1; $x < $y; $x ++) {
+			$next = array_shift($temp);
+			if (!(in_array($next, $authors)))
+				array_push($authors, "$next");
+		}
+
+		return $authors;
+	}
+
+	function get_authors_from_post() {
+		$formnames = array ();
+		$selectnames = array ();
+
+		foreach ($_POST['user'] as $key => $line) {
+			$newname = trim(stripslashes($line));
+			if ($newname == '')
+				$newname = 'left_blank'; //passing author names from step 1 to step 2 is accomplished by using POST. left_blank denotes an empty entry in the form.
+			array_push($formnames, "$newname");
+		} // $formnames is the array with the form entered names
+
+		foreach ($_POST['userselect'] as $user => $key) {
+			$selected = trim(stripslashes($key));
+			array_push($selectnames, "$selected");
+		}
+
+		$count = count($formnames);
+		for ($i = 0; $i < $count; $i ++) {
+			if ($selectnames[$i] != '#NONE#') { //if no name was selected from the select menu, use the name entered in the form
+				array_push($this->newauthornames, "$selectnames[$i]");
+			} else {
+				array_push($this->newauthornames, "$formnames[$i]");
+			}
+		}
+	}
+
+	function mt_authors_form() {
+?>
+<div class="wrap">
+<h2><?php _e('Assign Authors'); ?></h2>
+<p><?php _e('To make it easier for you to edit and save the imported posts and drafts, you may want to change the name of the author of the posts. For example, you may want to import all the entries as <code>admin</code>s entries.'); ?></p>
+<p><?php _e('Below, you can see the names of the authors of the MovableType posts in <i>italics</i>. For each of these names, you can either pick an author in your WordPress installation from the menu, or enter a name for the author in the textbox.'); ?></p>
+<p><?php _e('If a new user is created by WordPress, the password will be set, by default, to "changeme". Quite suggestive, eh? ;)'); ?></p>
+	<?php
+
+
+		$authors = $this->get_mt_authors();
+		echo '<ol id="authors">';
+		echo '<form action="?import=mt&amp;step=2&amp;id=' . $this->id . '" method="post">';
+		wp_nonce_field('import-mt');
+		$j = -1;
+		foreach ($authors as $author) {
+			++ $j;
+			echo '<li>'.__('Current author:').' <strong>'.$author.'</strong><br />'.sprintf(__('Create user %1$s or map to existing'), ' <input type="text" value="'.$author.'" name="'.'user[]'.'" maxlength="30"> <br />');
+			$this->users_form($j);
+			echo '</li>';
+		}
+
+		echo '<input type="submit" value="'.__('Submit').'">'.'<br/>';
+		echo '</form>';
+		echo '</ol></div>';
+
+	}
+
+	function select_authors() {
+		$file = wp_import_handle_upload();
+		if ( isset($file['error']) ) {
+			$this->header();
+			echo '<p>'.__('Sorry, there has been an error').'.</p>';
+			echo '<p><strong>' . $file['error'] . '</strong></p>';
+			$this->footer();
+			return;
+		}
+		$this->file = $file['file'];
+		$this->id = (int) $file['id'];
+
+		$this->get_entries();
+		$this->mt_authors_form();
+	}
+
+	function process_posts() {
+		global $wpdb;
+		$i = -1;
+		echo "<div class='wrap'><ol>";
+		foreach ($this->posts as $post) {
+			if ('' != trim($post)) {
+				++ $i;
+				unset ($post_categories);
+
+				// Take the pings out first
+				preg_match("|(-----\n\nPING:.*)|s", $post, $pings);
+				$post = preg_replace("|(-----\n\nPING:.*)|s", '', $post);
+
+				// Then take the comments out
+				preg_match("|(-----\nCOMMENT:.*)|s", $post, $comments);
+				$post = preg_replace("|(-----\nCOMMENT:.*)|s", '', $post);
+
+				// We ignore the keywords
+				$post = preg_replace("|(-----\nKEYWORDS:.*)|s", '', $post);
+
+				// We want the excerpt
+				preg_match("|-----\nEXCERPT:(.*)|s", $post, $excerpt);
+				$post_excerpt = $wpdb->escape(trim($excerpt[1]));
+				$post = preg_replace("|(-----\nEXCERPT:.*)|s", '', $post);
+
+				// We're going to put extended body into main body with a more tag
+				preg_match("|-----\nEXTENDED BODY:(.*)|s", $post, $extended);
+				$extended = trim($extended[1]);
+				if ('' != $extended)
+					$extended = "\n<!--more-->\n$extended";
+				$post = preg_replace("|(-----\nEXTENDED BODY:.*)|s", '', $post);
+
+				// Now for the main body
+				preg_match("|-----\nBODY:(.*)|s", $post, $body);
+				$body = trim($body[1]);
+				$post_content = $wpdb->escape($body.$extended);
+				$post = preg_replace("|(-----\nBODY:.*)|s", '', $post);
+
+				// Grab the metadata from what's left
+				$metadata = explode("\n", $post);
+				foreach ($metadata as $line) {
+					preg_match("/^(.*?):(.*)/", $line, $token);
+					$key = trim($token[1]);
+					$value = trim($token[2]);
+					// Now we decide what it is and what to do with it
+					switch ($key) {
+						case '' :
+							break;
+						case 'AUTHOR' :
+							$post_author = $value;
+							break;
+						case 'TITLE' :
+							$post_title = $wpdb->escape($value);
+							break;
+						case 'STATUS' :
+							// "publish" and "draft" enumeration items match up; no change required
+							$post_status = $value;
+							if (empty ($post_status))
+								$post_status = 'publish';
+							break;
+						case 'ALLOW COMMENTS' :
+							$post_allow_comments = $value;
+							if ($post_allow_comments == 1) {
+								$comment_status = 'open';
+							} else {
+								$comment_status = 'closed';
+							}
+							break;
+						case 'CONVERT BREAKS' :
+							$post_convert_breaks = $value;
+							break;
+						case 'ALLOW PINGS' :
+							$ping_status = trim($meta[2][0]);
+							if ($ping_status == 1) {
+								$ping_status = 'open';
+							} else {
+								$ping_status = 'closed';
+							}
+							break;
+						case 'PRIMARY CATEGORY' :
+							if (! empty ($value) )
+								$post_categories[] = $wpdb->escape($value);
+							break;
+						case 'CATEGORY' :
+							if (! empty ($value) )
+								$post_categories[] = $wpdb->escape($value);
+							break;
+						case 'DATE' :
+							$post_modified = strtotime($value);
+							$post_modified = date('Y-m-d H:i:s', $post_modified);
+							$post_modified_gmt = get_gmt_from_date("$post_modified");
+							$post_date = $post_modified;
+							$post_date_gmt = $post_modified_gmt;
+							break;
+						default :
+							// echo "\n$key: $value";
+							break;
+					} // end switch
+				} // End foreach
+
+				// Let's check to see if it's in already
+				if ($post_id = post_exists($post_title, '', $post_date)) {
+					echo '<li>';
+					printf(__('Post <i>%s</i> already exists.'), stripslashes($post_title));
+				} else {
+					echo '<li>';
+					printf(__('Importing post <i>%s</i>...'), stripslashes($post_title));
+
+					$post_author = $this->checkauthor($post_author); //just so that if a post already exists, new users are not created by checkauthor
+
+					$postdata = compact('post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_title', 'post_excerpt', 'post_status', 'comment_status', 'ping_status', 'post_modified', 'post_modified_gmt');
+					$post_id = wp_insert_post($postdata);
+					// Add categories.
+					if (0 != count($post_categories)) {
+						wp_create_categories($post_categories, $post_id);
+					}
+				}
+
+				$comment_post_ID = (int) $post_id;
+				$comment_approved = 1;
+
+				// Now for comments
+				$comments = explode("-----\nCOMMENT:", $comments[0]);
+				$num_comments = 0;
+				foreach ($comments as $comment) {
+					if ('' != trim($comment)) {
+						// Author
+						preg_match("|AUTHOR:(.*)|", $comment, $comment_author);
+						$comment_author = $wpdb->escape(trim($comment_author[1]));
+						$comment = preg_replace('|(\n?AUTHOR:.*)|', '', $comment);
+						preg_match("|EMAIL:(.*)|", $comment, $comment_author_email);
+						$comment_author_email = $wpdb->escape(trim($comment_author_email[1]));
+						$comment = preg_replace('|(\n?EMAIL:.*)|', '', $comment);
+
+						preg_match("|IP:(.*)|", $comment, $comment_author_IP);
+						$comment_author_IP = trim($comment_author_IP[1]);
+						$comment = preg_replace('|(\n?IP:.*)|', '', $comment);
+
+						preg_match("|URL:(.*)|", $comment, $comment_author_url);
+						$comment_author_url = $wpdb->escape(trim($comment_author_url[1]));
+						$comment = preg_replace('|(\n?URL:.*)|', '', $comment);
+
+						preg_match("|DATE:(.*)|", $comment, $comment_date);
+						$comment_date = trim($comment_date[1]);
+						$comment_date = date('Y-m-d H:i:s', strtotime($comment_date));
+						$comment = preg_replace('|(\n?DATE:.*)|', '', $comment);
+
+						$comment_content = $wpdb->escape(trim($comment));
+						$comment_content = str_replace('-----', '', $comment_content);
+						// Check if it's already there
+						if (!comment_exists($comment_author, $comment_date)) {
+							$commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_url', 'comment_author_email', 'comment_author_IP', 'comment_date', 'comment_content', 'comment_approved');
+							$commentdata = wp_filter_comment($commentdata);
+							wp_insert_comment($commentdata);
+							$num_comments++;
+						}
+					}
+				}
+				if ( $num_comments )
+					printf(' '.__('(%s comments)'), $num_comments);
+
+				// Finally the pings
+				// fix the double newline on the first one
+				$pings[0] = str_replace("-----\n\n", "-----\n", $pings[0]);
+				$pings = explode("-----\nPING:", $pings[0]);
+				$num_pings = 0;
+				foreach ($pings as $ping) {
+					if ('' != trim($ping)) {
+						// 'Author'
+						preg_match("|BLOG NAME:(.*)|", $ping, $comment_author);
+						$comment_author = $wpdb->escape(trim($comment_author[1]));
+						$ping = preg_replace('|(\n?BLOG NAME:.*)|', '', $ping);
+
+						preg_match("|IP:(.*)|", $ping, $comment_author_IP);
+						$comment_author_IP = trim($comment_author_IP[1]);
+						$ping = preg_replace('|(\n?IP:.*)|', '', $ping);
+
+						preg_match("|URL:(.*)|", $ping, $comment_author_url);
+						$comment_author_url = $wpdb->escape(trim($comment_author_url[1]));
+						$ping = preg_replace('|(\n?URL:.*)|', '', $ping);
+
+						preg_match("|DATE:(.*)|", $ping, $comment_date);
+						$comment_date = trim($comment_date[1]);
+						$comment_date = date('Y-m-d H:i:s', strtotime($comment_date));
+						$ping = preg_replace('|(\n?DATE:.*)|', '', $ping);
+
+						preg_match("|TITLE:(.*)|", $ping, $ping_title);
+						$ping_title = $wpdb->escape(trim($ping_title[1]));
+						$ping = preg_replace('|(\n?TITLE:.*)|', '', $ping);
+
+						$comment_content = $wpdb->escape(trim($ping));
+						$comment_content = str_replace('-----', '', $comment_content);
+
+						$comment_content = "<strong>$ping_title</strong>\n\n$comment_content";
+
+						$comment_type = 'trackback';
+
+						// Check if it's already there
+						if (!comment_exists($comment_author, $comment_date)) {
+							$commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_url', 'comment_author_email', 'comment_author_IP', 'comment_date', 'comment_content', 'comment_type', 'comment_approved');
+							$commentdata = wp_filter_comment($commentdata);
+							wp_insert_comment($commentdata);
+							$num_pings++;
+						}
+					}
+				}
+				if ( $num_pings )
+					printf(' '.__('(%s pings)'), $num_pings);
+
+				echo "</li>";
+			}
+		}
+
+		echo '</ol>';
+
+		wp_import_cleanup($this->id);
+
+		echo '<h3>'.sprintf(__('All done. <a href="%s">Have fun!</a>'), get_option('home')).'</h3></div>';
+	}
+
+	function import() {
+		$this->id = (int) $_GET['id'];
+
+		$this->file = get_attached_file($this->id);
+		$this->get_authors_from_post();
+		$this->get_entries();
+		$this->process_posts();
+	}
+
+	function dispatch() {
+		if (empty ($_GET['step']))
+			$step = 0;
+		else
+			$step = (int) $_GET['step'];
+
+		switch ($step) {
+			case 0 :
+				$this->greet();
+				break;
+			case 1 :
+				check_admin_referer('import-upload');
+				$this->select_authors();
+				break;
+			case 2:
+				check_admin_referer('import-mt');
+				$this->import();
+				break;
+		}
+	}
+
+	function MT_Import() {
+		// Nothing.
+	}
+}
+
+$mt_import = new MT_Import();
+
+register_importer('mt', __('Movable Type and TypePad'), __('Import posts and comments from a Movable Type or Typepad blog'), array ($mt_import, 'dispatch'));
+?>

wp-admin/import/rss.php

@@ -0,0 +1,175 @@
+<?php
+
+class RSS_Import {
+
+	var $posts = array ();
+	var $file;
+
+	function header() {
+		echo '<div class="wrap">';
+		echo '<h2>'.__('Import RSS').'</h2>';
+	}
+
+	function footer() {
+		echo '</div>';
+	}
+
+	function unhtmlentities($string) { // From php.net for < 4.3 compat
+		$trans_tbl = get_html_translation_table(HTML_ENTITIES);
+		$trans_tbl = array_flip($trans_tbl);
+		return strtr($string, $trans_tbl);
+	}
+
+	function greet() {
+		echo '<div class="narrow">';
+		echo '<p>'.__('Howdy! This importer allows you to extract posts from an RSS 2.0 file into your blog. This is useful if you want to import your posts from a system that is not handled by a custom import tool. Pick an RSS file to upload and click Import.').'</p>';
+		wp_import_upload_form("admin.php?import=rss&amp;step=1");
+		echo '</div>';
+	}
+
+	function get_posts() {
+		global $wpdb;
+
+		set_magic_quotes_runtime(0);
+		$datalines = file($this->file); // Read the file into an array
+		$importdata = implode('', $datalines); // squish it
+		$importdata = str_replace(array ("\r\n", "\r"), "\n", $importdata);
+
+		preg_match_all('|<item>(.*?)</item>|is', $importdata, $this->posts);
+		$this->posts = $this->posts[1];
+		$index = 0;
+		foreach ($this->posts as $post) {
+			preg_match('|<title>(.*?)</title>|is', $post, $post_title);
+			$post_title = str_replace(array('<![CDATA[', ']]>'), '', $wpdb->escape( trim($post_title[1]) ));
+
+			preg_match('|<pubdate>(.*?)</pubdate>|is', $post, $post_date_gmt);
+
+			if ($post_date_gmt) {
+				$post_date_gmt = strtotime($post_date_gmt[1]);
+			} else {
+				// if we don't already have something from pubDate
+				preg_match('|<dc:date>(.*?)</dc:date>|is', $post, $post_date_gmt);
+				$post_date_gmt = preg_replace('|([-+])([0-9]+):([0-9]+)$|', '\1\2\3', $post_date_gmt[1]);
+				$post_date_gmt = str_replace('T', ' ', $post_date_gmt);
+				$post_date_gmt = strtotime($post_date_gmt);
+			}
+
+			$post_date_gmt = gmdate('Y-m-d H:i:s', $post_date_gmt);
+			$post_date = get_date_from_gmt( $post_date_gmt );
+
+			preg_match_all('|<category>(.*?)</category>|is', $post, $categories);
+			$categories = $categories[1];
+
+			if (!$categories) {
+				preg_match_all('|<dc:subject>(.*?)</dc:subject>|is', $post, $categories);
+				$categories = $categories[1];
+			}
+
+			$cat_index = 0;
+			foreach ($categories as $category) {
+				$categories[$cat_index] = $wpdb->escape($this->unhtmlentities($category));
+				$cat_index++;
+			}
+
+			preg_match('|<guid.+?>(.*?)</guid>|is', $post, $guid);
+			if ($guid)
+				$guid = $wpdb->escape(trim($guid[1]));
+			else
+				$guid = '';
+
+			preg_match('|<content:encoded>(.*?)</content:encoded>|is', $post, $post_content);
+			$post_content = str_replace(array ('<![CDATA[', ']]>'), '', $wpdb->escape(trim($post_content[1])));
+
+			if (!$post_content) {
+				// This is for feeds that put content in description
+				preg_match('|<description>(.*?)</description>|is', $post, $post_content);
+				$post_content = $wpdb->escape($this->unhtmlentities(trim($post_content[1])));
+			}
+
+			// Clean up content
+			$post_content = preg_replace('|<(/?[A-Z]+)|e', "'<' . strtolower('$1')", $post_content);
+			$post_content = str_replace('<br>', '<br />', $post_content);
+			$post_content = str_replace('<hr>', '<hr />', $post_content);
+
+			$post_author = 1;
+			$post_status = 'publish';
+			$this->posts[$index] = compact('post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_title', 'post_status', 'guid', 'categories');
+			$index++;
+		}
+	}
+
+	function import_posts() {
+		echo '<ol>';
+
+		foreach ($this->posts as $post) {
+			echo "<li>".__('Importing post...');
+
+			extract($post);
+
+			if ($post_id = post_exists($post_title, $post_content, $post_date)) {
+				_e('Post already imported');
+			} else {
+				$post_id = wp_insert_post($post);
+				if (!$post_id) {
+					_e("Couldn't get post ID");
+					return;
+				}
+
+				if (0 != count($categories))
+					wp_create_categories($categories, $post_id);
+				_e('Done !');
+			}
+			echo '</li>';
+		}
+
+		echo '</ol>';
+
+	}
+
+	function import() {
+		$file = wp_import_handle_upload();
+		if ( isset($file['error']) ) {
+			echo $file['error'];
+			return;
+		}
+
+		$this->file = $file['file'];
+		$this->get_posts();
+		$this->import_posts();
+		wp_import_cleanup($file['id']);
+
+		echo '<h3>';
+		printf(__('All done. <a href="%s">Have fun!</a>'), get_option('home'));
+		echo '</h3>';
+	}
+
+	function dispatch() {
+		if (empty ($_GET['step']))
+			$step = 0;
+		else
+			$step = (int) $_GET['step'];
+
+		$this->header();
+
+		switch ($step) {
+			case 0 :
+				$this->greet();
+				break;
+			case 1 :
+				check_admin_referer('import-upload');
+				$this->import();
+				break;
+		}
+
+		$this->footer();
+	}
+
+	function RSS_Import() {
+		// Nothing.
+	}
+}
+
+$rss_import = new RSS_Import();
+
+register_importer('rss', __('RSS'), __('Import posts from an RSS feed'), array ($rss_import, 'dispatch'));
+?>

wp-admin/import/textpattern.php

@@ -0,0 +1,673 @@
+<?php
+/**
+	Add These Functions to make our lives easier
+**/
+if(!function_exists('get_catbynicename'))
+{
+	function get_catbynicename($category_nicename)
+	{
+	global $wpdb;
+
+	$cat_id -= 0; 	// force numeric
+	$name = $wpdb->get_var('SELECT cat_ID FROM '.$wpdb->categories.' WHERE category_nicename="'.$category_nicename.'"');
+
+	return $name;
+	}
+}
+
+if(!function_exists('get_comment_count'))
+{
+	function get_comment_count($post_ID)
+	{
+		global $wpdb;
+		return $wpdb->get_var('SELECT count(*) FROM '.$wpdb->comments.' WHERE comment_post_ID = '.$post_ID);
+	}
+}
+
+if(!function_exists('link_exists'))
+{
+	function link_exists($linkname)
+	{
+		global $wpdb;
+		return $wpdb->get_var('SELECT link_id FROM '.$wpdb->links.' WHERE link_name = "'.$wpdb->escape($linkname).'"');
+	}
+}
+
+/**
+	The Main Importer Class
+**/
+class Textpattern_Import {
+
+	function header() 
+	{
+		echo '<div class="wrap">';
+		echo '<h2>'.__('Import Textpattern').'</h2>';
+		echo '<p>'.__('Steps may take a few minutes depending on the size of your database. Please be patient.').'</p>';
+	}
+
+	function footer() 
+	{
+		echo '</div>';
+	}
+
+	function greet() {
+		echo '<div class="narrow">';
+		echo '<p>'.__('Howdy! This imports categories, users, posts, comments, and links from any Textpattern 4.0.2+ into this blog.').'</p>';
+		echo '<p>'.__('This has not been tested on previous versions of Textpattern.  Mileage may vary.').'</p>';
+		echo '<p>'.__('Your Textpattern Configuration settings are as follows:').'</p>';
+		echo '<form action="admin.php?import=textpattern&amp;step=1" method="post">';
+		wp_nonce_field('import-textpattern');
+		$this->db_form();
+		echo '<p class="submit"><input type="submit" name="submit" value="'.attribute_escape(__('Import Categories &raquo;')).'" /></p>';
+		echo '</form>';
+		echo '</div>';
+	}
+
+	function get_txp_cats()
+	{
+		global $wpdb;
+		// General Housekeeping
+		$txpdb = new wpdb(get_option('txpuser'), get_option('txppass'), get_option('txpname'), get_option('txphost'));
+		set_magic_quotes_runtime(0);
+		$prefix = get_option('tpre');
+
+		// Get Categories
+		return $txpdb->get_results('SELECT
+			id,
+			name,
+			title
+			FROM '.$prefix.'txp_category
+			WHERE type = "article"',
+			ARRAY_A);
+	}
+
+	function get_txp_users()
+	{
+		global $wpdb;
+		// General Housekeeping
+		$txpdb = new wpdb(get_option('txpuser'), get_option('txppass'), get_option('txpname'), get_option('txphost'));
+		set_magic_quotes_runtime(0);
+		$prefix = get_option('tpre');
+
+		// Get Users
+
+		return $txpdb->get_results('SELECT
+			user_id,
+			name,
+			RealName,
+			email,
+			privs
+			FROM '.$prefix.'txp_users', ARRAY_A);
+	}
+
+	function get_txp_posts()
+	{
+		// General Housekeeping
+		$txpdb = new wpdb(get_option('txpuser'), get_option('txppass'), get_option('txpname'), get_option('txphost'));
+		set_magic_quotes_runtime(0);
+		$prefix = get_option('tpre');
+
+		// Get Posts
+		return $txpdb->get_results('SELECT
+			ID,
+			Posted,
+			AuthorID,
+			LastMod,
+			Title,
+			Body,
+			Excerpt,
+			Category1,
+			Category2,
+			Status,
+			Keywords,
+			url_title,
+			comments_count
+			FROM '.$prefix.'textpattern
+			', ARRAY_A);
+	}
+
+	function get_txp_comments()
+	{
+		global $wpdb;
+		// General Housekeeping
+		$txpdb = new wpdb(get_option('txpuser'), get_option('txppass'), get_option('txpname'), get_option('txphost'));
+		set_magic_quotes_runtime(0);
+		$prefix = get_option('tpre');
+
+		// Get Comments
+		return $txpdb->get_results('SELECT * FROM '.$prefix.'txp_discuss', ARRAY_A);
+	}
+
+		function get_txp_links()
+	{
+		//General Housekeeping
+		$txpdb = new wpdb(get_option('txpuser'), get_option('txppass'), get_option('txpname'), get_option('txphost'));
+		set_magic_quotes_runtime(0);
+		$prefix = get_option('tpre');
+
+		return $txpdb->get_results('SELECT
+			id,
+			date,
+			category,
+			url,
+			linkname,
+			description
+			FROM '.$prefix.'txp_link',
+			ARRAY_A);
+	}
+
+	function cat2wp($categories='')
+	{
+		// General Housekeeping
+		global $wpdb;
+		$count = 0;
+		$txpcat2wpcat = array();
+		// Do the Magic
+		if(is_array($categories))
+		{
+			echo '<p>'.__('Importing Categories...').'<br /><br /></p>';
+			foreach ($categories as $category)
+			{
+				$count++;
+				extract($category);
+
+
+				// Make Nice Variables
+				$name = $wpdb->escape($name);
+				$title = $wpdb->escape($title);
+
+				if($cinfo = category_exists($name))
+				{
+					$ret_id = wp_insert_category(array('cat_ID' => $cinfo, 'category_nicename' => $name, 'cat_name' => $title));
+				}
+				else
+				{
+					$ret_id = wp_insert_category(array('category_nicename' => $name, 'cat_name' => $title));
+				}
+				$txpcat2wpcat[$id] = $ret_id;
+			}
+
+			// Store category translation for future use
+			add_option('txpcat2wpcat',$txpcat2wpcat);
+			echo '<p>'.sprintf(__('Done! <strong>%1$s</strong> categories imported.'), $count).'<br /><br /></p>';
+			return true;
+		}
+		echo __('No Categories to Import!');
+		return false;
+	}
+
+	function users2wp($users='')
+	{
+		// General Housekeeping
+		global $wpdb;
+		$count = 0;
+		$txpid2wpid = array();
+
+		// Midnight Mojo
+		if(is_array($users))
+		{
+			echo '<p>'.__('Importing Users...').'<br /><br /></p>';
+			foreach($users as $user)
+			{
+				$count++;
+				extract($user);
+
+				// Make Nice Variables
+				$name = $wpdb->escape($name);
+				$RealName = $wpdb->escape($RealName);
+
+				if($uinfo = get_userdatabylogin($name))
+				{
+
+					$ret_id = wp_insert_user(array(
+								'ID'			=> $uinfo->ID,
+								'user_login'	=> $name,
+								'user_nicename'	=> $RealName,
+								'user_email'	=> $email,
+								'user_url'		=> 'http://',
+								'display_name'	=> $name)
+								);
+				}
+				else
+				{
+					$ret_id = wp_insert_user(array(
+								'user_login'	=> $name,
+								'user_nicename'	=> $RealName,
+								'user_email'	=> $email,
+								'user_url'		=> 'http://',
+								'display_name'	=> $name)
+								);
+				}
+				$txpid2wpid[$user_id] = $ret_id;
+
+				// Set Textpattern-to-WordPress permissions translation
+				$transperms = array(1 => '10', 2 => '9', 3 => '5', 4 => '4', 5 => '3', 6 => '2', 7 => '0');
+
+				// Update Usermeta Data
+				$user = new WP_User($ret_id);
+				if('10' == $transperms[$privs]) { $user->set_role('administrator'); }
+				if('9'  == $transperms[$privs]) { $user->set_role('editor'); }
+				if('5'  == $transperms[$privs]) { $user->set_role('editor'); }
+				if('4'  == $transperms[$privs]) { $user->set_role('author'); }
+				if('3'  == $transperms[$privs]) { $user->set_role('contributor'); }
+				if('2'  == $transperms[$privs]) { $user->set_role('contributor'); }
+				if('0'  == $transperms[$privs]) { $user->set_role('subscriber'); }
+
+				update_usermeta( $ret_id, 'wp_user_level', $transperms[$privs] );
+				update_usermeta( $ret_id, 'rich_editing', 'false');
+			}// End foreach($users as $user)
+
+			// Store id translation array for future use
+			add_option('txpid2wpid',$txpid2wpid);
+
+
+			echo '<p>'.sprintf(__('Done! <strong>%1$s</strong> users imported.'), $count).'<br /><br /></p>';
+			return true;
+		}// End if(is_array($users)
+
+		echo __('No Users to Import!');
+		return false;
+
+	}// End function user2wp()
+
+	function posts2wp($posts='')
+	{
+		// General Housekeeping
+		global $wpdb;
+		$count = 0;
+		$txpposts2wpposts = array();
+		$cats = array();
+
+		// Do the Magic
+		if(is_array($posts))
+		{
+			echo '<p>'.__('Importing Posts...').'<br /><br /></p>';
+			foreach($posts as $post)
+			{
+				$count++;
+				extract($post);
+
+				// Set Textpattern-to-WordPress status translation
+				$stattrans = array(1 => 'draft', 2 => 'private', 3 => 'draft', 4 => 'publish', 5 => 'publish');
+
+				//Can we do this more efficiently?
+				$uinfo = ( get_userdatabylogin( $AuthorID ) ) ? get_userdatabylogin( $AuthorID ) : 1;
+				$authorid = ( is_object( $uinfo ) ) ? $uinfo->ID : $uinfo ;
+
+				$Title = $wpdb->escape($Title);
+				$Body = $wpdb->escape($Body);
+				$Excerpt = $wpdb->escape($Excerpt);
+				$post_status = $stattrans[$Status];
+
+				// Import Post data into WordPress
+
+				if($pinfo = post_exists($Title,$Body))
+				{
+					$ret_id = wp_insert_post(array(
+						'ID'				=> $pinfo,
+						'post_date'			=> $Posted,
+						'post_date_gmt'		=> $post_date_gmt,
+						'post_author'		=> $authorid,
+						'post_modified'		=> $LastMod,
+						'post_modified_gmt' => $post_modified_gmt,
+						'post_title'		=> $Title,
+						'post_content'		=> $Body,
+						'post_excerpt'		=> $Excerpt,
+						'post_status'		=> $post_status,
+						'post_name'			=> $url_title,
+						'comment_count'		=> $comments_count)
+						);
+				}
+				else
+				{
+					$ret_id = wp_insert_post(array(
+						'post_date'			=> $Posted,
+						'post_date_gmt'		=> $post_date_gmt,
+						'post_author'		=> $authorid,
+						'post_modified'		=> $LastMod,
+						'post_modified_gmt' => $post_modified_gmt,
+						'post_title'		=> $Title,
+						'post_content'		=> $Body,
+						'post_excerpt'		=> $Excerpt,
+						'post_status'		=> $post_status,
+						'post_name'			=> $url_title,
+						'comment_count'		=> $comments_count)
+						);
+				}
+				$txpposts2wpposts[$ID] = $ret_id;
+
+				// Make Post-to-Category associations
+				$cats = array();
+				if($cat1 = get_catbynicename($Category1)) { $cats[1] = $cat1; }
+				if($cat2 = get_catbynicename($Category2)) { $cats[2] = $cat2; }
+
+				if(!empty($cats)) { wp_set_post_categories($ret_id, $cats); }
+			}
+		}
+		// Store ID translation for later use
+		add_option('txpposts2wpposts',$txpposts2wpposts);
+
+		echo '<p>'.sprintf(__('Done! <strong>%1$s</strong> posts imported.'), $count).'<br /><br /></p>';
+		return true;
+	}
+
+	function comments2wp($comments='')
+	{
+		// General Housekeeping
+		global $wpdb;
+		$count = 0;
+		$txpcm2wpcm = array();
+		$postarr = get_option('txpposts2wpposts');
+
+		// Magic Mojo
+		if(is_array($comments))
+		{
+			echo '<p>'.__('Importing Comments...').'<br /><br /></p>';
+			foreach($comments as $comment)
+			{
+				$count++;
+				extract($comment);
+
+				// WordPressify Data
+				$comment_ID = ltrim($discussid, '0');
+				$comment_post_ID = $postarr[$parentid];
+				$comment_approved = (1 == $visible) ? 1 : 0;
+				$name = $wpdb->escape($name);
+				$email = $wpdb->escape($email);
+				$web = $wpdb->escape($web);
+				$message = $wpdb->escape($message);
+
+				if($cinfo = comment_exists($name, $posted))
+				{
+					// Update comments
+					$ret_id = wp_update_comment(array(
+						'comment_ID'			=> $cinfo,
+						'comment_post_ID'		=> $comment_post_ID,
+						'comment_author'		=> $name,
+						'comment_author_email'	=> $email,
+						'comment_author_url'	=> $web,
+						'comment_date'			=> $posted,
+						'comment_content'		=> $message,
+						'comment_approved'		=> $comment_approved)
+						);
+				}
+				else
+				{
+					// Insert comments
+					$ret_id = wp_insert_comment(array(
+						'comment_post_ID'		=> $comment_post_ID,
+						'comment_author'		=> $name,
+						'comment_author_email'	=> $email,
+						'comment_author_url'	=> $web,
+						'comment_author_IP'		=> $ip,
+						'comment_date'			=> $posted,
+						'comment_content'		=> $message,
+						'comment_approved'		=> $comment_approved)
+						);
+				}
+				$txpcm2wpcm[$comment_ID] = $ret_id;
+			}
+			// Store Comment ID translation for future use
+			add_option('txpcm2wpcm', $txpcm2wpcm);
+
+			// Associate newly formed categories with posts
+			get_comment_count($ret_id);
+
+
+			echo '<p>'.sprintf(__('Done! <strong>%1$s</strong> comments imported.'), $count).'<br /><br /></p>';
+			return true;
+		}
+		echo __('No Comments to Import!');
+		return false;
+	}
+
+	function links2wp($links='')
+	{
+		// General Housekeeping
+		global $wpdb;
+		$count = 0;
+
+		// Deal with the links
+		if(is_array($links))
+		{
+			echo '<p>'.__('Importing Links...').'<br /><br /></p>';
+			foreach($links as $link)
+			{
+				$count++;
+				extract($link);
+
+				// Make nice vars
+				$category = $wpdb->escape($category);
+				$linkname = $wpdb->escape($linkname);
+				$description = $wpdb->escape($description);
+
+				if($linfo = link_exists($linkname))
+				{
+					$ret_id = wp_insert_link(array(
+								'link_id'			=> $linfo,
+								'link_url'			=> $url,
+								'link_name'			=> $linkname,
+								'link_category'		=> $category,
+								'link_description'	=> $description,
+								'link_updated'		=> $date)
+								);
+				}
+				else
+				{
+					$ret_id = wp_insert_link(array(
+								'link_url'			=> $url,
+								'link_name'			=> $linkname,
+								'link_category'		=> $category,
+								'link_description'	=> $description,
+								'link_updated'		=> $date)
+								);
+				}
+				$txplinks2wplinks[$link_id] = $ret_id;
+			}
+			add_option('txplinks2wplinks',$txplinks2wplinks);
+			echo '<p>';
+			printf(__('Done! <strong>%s</strong> Links imported'), $count);
+			echo '<br /><br /></p>';
+			return true;
+		}
+		echo __('No Links to Import!');
+		return false;
+	}
+
+	function import_categories()
+	{
+		// Category Import
+		$cats = $this->get_txp_cats();
+		$this->cat2wp($cats);
+		add_option('txp_cats', $cats);
+
+
+
+		echo '<form action="admin.php?import=textpattern&amp;step=2" method="post">';
+		wp_nonce_field('import-textpattern');
+		printf('<input type="submit" name="submit" value="%s" />', attribute_escape(__('Import Users')));
+		echo '</form>';
+
+	}
+
+	function import_users()
+	{
+		// User Import
+		$users = $this->get_txp_users();
+		$this->users2wp($users);
+
+		echo '<form action="admin.php?import=textpattern&amp;step=3" method="post">';
+		wp_nonce_field('import-textpattern');
+		printf('<input type="submit" name="submit" value="%s" />', attribute_escape(__('Import Posts')));
+		echo '</form>';
+	}
+
+	function import_posts()
+	{
+		// Post Import
+		$posts = $this->get_txp_posts();
+		$this->posts2wp($posts);
+
+		echo '<form action="admin.php?import=textpattern&amp;step=4" method="post">';
+		wp_nonce_field('import-textpattern');
+		printf('<input type="submit" name="submit" value="%s" />', attribute_escape(__('Import Comments')));
+		echo '</form>';
+	}
+
+	function import_comments()
+	{
+		// Comment Import
+		$comments = $this->get_txp_comments();
+		$this->comments2wp($comments);
+
+		echo '<form action="admin.php?import=textpattern&amp;step=5" method="post">';
+		wp_nonce_field('import-textpattern');
+		printf('<input type="submit" name="submit" value="%s" />', attribute_escape(__('Import Links')));
+		echo '</form>';
+	}
+
+	function import_links()
+	{
+		//Link Import
+		$links = $this->get_txp_links();
+		$this->links2wp($links);
+		add_option('txp_links', $links);
+
+		echo '<form action="admin.php?import=textpattern&amp;step=6" method="post">';
+		wp_nonce_field('import-textpattern');
+		printf('<input type="submit" name="submit" value="%s" />', attribute_escape(__('Finish')));
+		echo '</form>';
+	}
+
+	function cleanup_txpimport()
+	{
+		delete_option('tpre');
+		delete_option('txp_cats');
+		delete_option('txpid2wpid');
+		delete_option('txpcat2wpcat');
+		delete_option('txpposts2wpposts');
+		delete_option('txpcm2wpcm');
+		delete_option('txplinks2wplinks');
+		delete_option('txpuser');
+		delete_option('txppass');
+		delete_option('txpname');
+		delete_option('txphost');
+		$this->tips();
+	}
+
+	function tips()
+	{
+		echo '<p>'.__('Welcome to WordPress.  We hope (and expect!) that you will find this platform incredibly rewarding!  As a new WordPress user coming from Textpattern, there are some things that we would like to point out.  Hopefully, they will help your transition go as smoothly as possible.').'</p>';
+		echo '<h3>'.__('Users').'</h3>';
+		echo '<p>'.sprintf(__('You have already setup WordPress and have been assigned an administrative login and password.  Forget it.  You didn\'t have that login in Textpattern, why should you have it here?  Instead we have taken care to import all of your users into our system.  Unfortunately there is one downside.  Because both WordPress and Textpattern uses a strong encryption hash with passwords, it is impossible to decrypt it and we are forced to assign temporary passwords to all your users.  <strong>Every user has the same username, but their passwords are reset to password123.</strong>  So <a href="%1$s">Login</a> and change it.'), '/wp-login.php').'</p>';
+		echo '<h3>'.__('Preserving Authors').'</h3>';
+		echo '<p>'.__('Secondly, we have attempted to preserve post authors.  If you are the only author or contributor to your blog, then you are safe.  In most cases, we are successful in this preservation endeavor.  However, if we cannot ascertain the name of the writer due to discrepancies between database tables, we assign it to you, the administrative user.').'</p>';
+		echo '<h3>'.__('Textile').'</h3>';
+		echo '<p>'.__('Also, since you\'re coming from Textpattern, you probably have been using Textile to format your comments and posts.  If this is the case, we recommend downloading and installing <a href="http://www.huddledmasses.org/category/development/wordpress/textile/">Textile for WordPress</a>.  Trust me... You\'ll want it.').'</p>';
+		echo '<h3>'.__('WordPress Resources').'</h3>';
+		echo '<p>'.__('Finally, there are numerous WordPress resources around the internet.  Some of them are:').'</p>';
+		echo '<ul>';
+		echo '<li>'.__('<a href="http://www.wordpress.org">The official WordPress site</a>').'</li>';
+		echo '<li>'.__('<a href="http://wordpress.org/support/">The WordPress support forums</a>').'</li>';
+		echo '<li>'.__('<a href="http://codex.wordpress.org">The Codex (In other words, the WordPress Bible)</a>').'</li>';
+		echo '</ul>';
+		echo '<p>'.sprintf(__('That\'s it! What are you waiting for? Go <a href="%1$s">login</a>!'), '/wp-login.php').'</p>';
+	}
+
+	function db_form()
+	{
+		echo '<table class="editform">';
+		printf('<tr><th scope="row"><label for="dbuser">%s</label></th><td><input type="text" name="dbuser" id="dbuser" /></td></tr>', __('Textpattern Database User:'));
+		printf('<tr><th scope="row"><label for="dbpass">%s</label></th><td><input type="password" name="dbpass" id="dbpass" /></td></tr>', __('Textpattern Database Password:'));
+		printf('<tr><th scope="row"><label for="dbname">%s</label></th><td><input type="text" id="dbname" name="dbname" /></td></tr>', __('Textpattern Database Name:'));
+		printf('<tr><th scope="row"><label for="dbhost">%s</label></th><td><input type="text" id="dbhost" name="dbhost" value="localhost" /></td></tr>', __('Textpattern Database Host:'));
+		printf('<tr><th scope="row"><label for="dbprefix">%s</label></th><td><input type="text" name="dbprefix" id="dbprefix"  /></td></tr>', __('Textpattern Table prefix (if any):'));
+		echo '</table>';
+	}
+
+	function dispatch()
+	{
+
+		if (empty ($_GET['step']))
+			$step = 0;
+		else
+			$step = (int) $_GET['step'];
+		$this->header();
+
+		if ( $step > 0 )
+		{
+			check_admin_referer('import-textpattern');
+
+			if($_POST['dbuser'])
+			{
+				if(get_option('txpuser'))
+					delete_option('txpuser');
+				add_option('txpuser', sanitize_user($_POST['dbuser'], true));
+			}
+			if($_POST['dbpass'])
+			{
+				if(get_option('txppass'))
+					delete_option('txppass');
+				add_option('txppass',  sanitize_user($_POST['dbpass'], true));
+			}
+
+			if($_POST['dbname'])
+			{
+				if(get_option('txpname'))
+					delete_option('txpname');
+				add_option('txpname',  sanitize_user($_POST['dbname'], true));
+			}
+			if($_POST['dbhost'])
+			{
+				if(get_option('txphost'))
+					delete_option('txphost');
+				add_option('txphost',  sanitize_user($_POST['dbhost'], true));
+			}
+			if($_POST['dbprefix'])
+			{
+				if(get_option('tpre'))
+					delete_option('tpre');
+				add_option('tpre',  sanitize_user($_POST['dbprefix']));
+			}
+
+
+		}
+
+		switch ($step)
+		{
+			default:
+			case 0 :
+				$this->greet();
+				break;
+			case 1 :
+				$this->import_categories();
+				break;
+			case 2 :
+				$this->import_users();
+				break;
+			case 3 :
+				$this->import_posts();
+				break;
+			case 4 :
+				$this->import_comments();
+				break;
+			case 5 :
+				$this->import_links();
+				break;
+			case 6 :
+				$this->cleanup_txpimport();
+				break;
+		}
+
+		$this->footer();
+	}
+
+	function Textpattern_Import()
+	{
+		// Nothing.
+	}
+}
+
+$txp_import = new Textpattern_Import();
+register_importer('textpattern', __('Textpattern'), __('Import categories, users, posts, comments, and links from a Textpattern blog'), array ($txp_import, 'dispatch'));
+?>

wp-admin/import/wordpress.php

@@ -0,0 +1,408 @@
+<?php
+
+class WP_Import {
+
+	var $posts = array ();
+	var $posts_processed = array ();
+    // Array of arrays. [[0] => XML fragment, [1] => New post ID]
+	var $file;
+	var $id;
+	var $mtnames = array ();
+	var $newauthornames = array ();
+	var $j = -1;
+
+	function header() {
+		echo '<div class="wrap">';
+		echo '<h2>'.__('Import WordPress').'</h2>';
+	}
+
+	function footer() {
+		echo '</div>';
+	}
+
+	function unhtmlentities($string) { // From php.net for < 4.3 compat
+		$trans_tbl = get_html_translation_table(HTML_ENTITIES);
+		$trans_tbl = array_flip($trans_tbl);
+		return strtr($string, $trans_tbl);
+	}
+
+	function greet() {
+		echo '<div class="narrow">';
+		echo '<p>'.__('Howdy! Upload your WordPress eXtended RSS (WXR) file and we&#8217;ll import the posts, comments, custom fields, and categories into this blog.').'</p>';
+		echo '<p>'.__('Choose a WordPress WXR file to upload, then click Upload file and import.').'</p>';
+		wp_import_upload_form("admin.php?import=wordpress&amp;step=1");
+		echo '</div>';
+	}
+
+	function get_tag( $string, $tag ) {
+		global $wpdb;
+		preg_match("|<$tag.*?>(.*?)</$tag>|is", $string, $return);
+		$return = preg_replace('|^<!\[CDATA\[(.*)\]\]>$|s', '$1', $return[1]);
+		$return = $wpdb->escape( trim( $return ) );
+		return $return;
+	}
+
+	function users_form($n) {
+		global $wpdb, $testing;
+		$users = $wpdb->get_results("SELECT * FROM $wpdb->users ORDER BY ID");
+?><select name="userselect[<?php echo $n; ?>]">
+	<option value="#NONE#">- Select -</option>
+	<?php
+		foreach ($users as $user) {
+			echo '<option value="'.$user->user_login.'">'.$user->user_login.'</option>';
+		}
+?>
+	</select>
+	<?php
+	}
+
+	//function to check the authorname and do the mapping
+	function checkauthor($author) {
+		global $wpdb;
+		//mtnames is an array with the names in the mt import file
+		$pass = 'changeme';
+		if (!(in_array($author, $this->mtnames))) { //a new mt author name is found
+			++ $this->j;
+			$this->mtnames[$this->j] = $author; //add that new mt author name to an array
+			$user_id = username_exists($this->newauthornames[$this->j]); //check if the new author name defined by the user is a pre-existing wp user
+			if (!$user_id) { //banging my head against the desk now.
+				if ($this->newauthornames[$this->j] == 'left_blank') { //check if the user does not want to change the authorname
+					$user_id = wp_create_user($author, $pass);
+					$this->newauthornames[$this->j] = $author; //now we have a name, in the place of left_blank.
+				} else {
+					$user_id = wp_create_user($this->newauthornames[$this->j], $pass);
+				}
+			} else {
+				return $user_id; // return pre-existing wp username if it exists
+			}
+		} else {
+			$key = array_search($author, $this->mtnames); //find the array key for $author in the $mtnames array
+			$user_id = username_exists($this->newauthornames[$key]); //use that key to get the value of the author's name from $newauthornames
+		}
+
+		return $user_id;
+	}
+
+	function get_entries() {
+		set_magic_quotes_runtime(0);
+		$importdata = array_map('rtrim', file($this->file)); // Read the file into an array
+
+		$this->posts = array();
+		$this->categories = array();
+		$num = 0;
+		$doing_entry = false;
+		foreach ($importdata as $importline) {
+			if ( false !== strpos($importline, '<wp:category>') ) {
+				preg_match('|<wp:category>(.*?)</wp:category>|is', $importline, $category);
+				$this->categories[] = $category[1];
+				continue;
+			}
+			if ( false !== strpos($importline, '<item>') ) {
+				$this->posts[$num] = '';
+				$doing_entry = true;
+				continue;	
+			}
+			if ( false !== strpos($importline, '</item>') ) {
+				$num++;
+				$doing_entry = false;
+				continue;	
+			}
+			if ( $doing_entry ) {
+				$this->posts[$num] .= $importline . "\n";
+			}
+		}
+
+		foreach ($this->posts as $post) {
+			$post_ID = (int) $this->get_tag( $post, 'wp:post_id' );
+			if ($post_ID) {
+				$this->posts_processed[$post_ID][0] = &$post;
+				$this->posts_processed[$post_ID][1] = 0;
+			}
+		}
+	}
+
+	function get_wp_authors() {
+		$temp = array ();
+		$i = -1;
+		foreach ($this->posts as $post) {
+			if ('' != trim($post)) {
+				++ $i;
+				$author = $this->get_tag( $post, 'dc:creator' );
+				array_push($temp, "$author"); //store the extracted author names in a temporary array
+			}
+		}
+
+		// We need to find unique values of author names, while preserving the order, so this function emulates the unique_value(); php function, without the sorting.
+		$authors[0] = array_shift($temp);
+		$y = count($temp) + 1;
+		for ($x = 1; $x < $y; $x ++) {
+			$next = array_shift($temp);
+			if (!(in_array($next, $authors)))
+				array_push($authors, "$next");
+		}
+
+		return $authors;
+	}
+
+	function get_authors_from_post() {
+		$formnames = array ();
+		$selectnames = array ();
+
+		foreach ($_POST['user'] as $key => $line) {
+			$newname = trim(stripslashes($line));
+			if ($newname == '')
+				$newname = 'left_blank'; //passing author names from step 1 to step 2 is accomplished by using POST. left_blank denotes an empty entry in the form.
+			array_push($formnames, "$newname");
+		} // $formnames is the array with the form entered names
+
+		foreach ($_POST['userselect'] as $user => $key) {
+			$selected = trim(stripslashes($key));
+			array_push($selectnames, "$selected");
+		}
+
+		$count = count($formnames);
+		for ($i = 0; $i < $count; $i ++) {
+			if ($selectnames[$i] != '#NONE#') { //if no name was selected from the select menu, use the name entered in the form
+				array_push($this->newauthornames, "$selectnames[$i]");
+			} else {
+				array_push($this->newauthornames, "$formnames[$i]");
+			}
+		}
+	}
+
+	function wp_authors_form() {
+?>
+<h2><?php _e('Assign Authors'); ?></h2>
+<p><?php _e('To make it easier for you to edit and save the imported posts and drafts, you may want to change the name of the author of the posts. For example, you may want to import all the entries as <code>admin</code>s entries.'); ?></p>
+<p><?php _e('If a new user is created by WordPress, the password will be set, by default, to "changeme". Quite suggestive, eh? ;)'); ?></p>
+	<?php
+
+
+		$authors = $this->get_wp_authors();
+		echo '<ol id="authors">';
+		echo '<form action="?import=wordpress&amp;step=2&amp;id=' . $this->id . '" method="post">';
+		wp_nonce_field('import-wordpress');
+		$j = -1;
+		foreach ($authors as $author) {
+			++ $j;
+			echo '<li>'.__('Current author:').' <strong>'.$author.'</strong><br />'.sprintf(__('Create user %1$s or map to existing'), ' <input type="text" value="'.$author.'" name="'.'user[]'.'" maxlength="30"> <br />');
+			$this->users_form($j);
+			echo '</li>';
+		}
+
+		echo '<input type="submit" value="Submit">'.'<br/>';
+		echo '</form>';
+		echo '</ol>';
+
+	}
+
+	function select_authors() {
+		$file = wp_import_handle_upload();
+		if ( isset($file['error']) ) {
+			echo '<p>'.__('Sorry, there has been an error.').'</p>';
+			echo '<p><strong>' . $file['error'] . '</strong></p>';
+			return;
+		}
+		$this->file = $file['file'];
+		$this->id = (int) $file['id'];
+
+		$this->get_entries();
+		$this->wp_authors_form();
+	}
+
+	function process_categories() {
+		global $wpdb;
+
+		$cat_names = (array) $wpdb->get_col("SELECT cat_name FROM $wpdb->categories");
+
+		while ( $c = array_shift($this->categories) ) {
+			$cat_name = trim($this->get_tag( $c, 'wp:cat_name' ));
+
+			// If the category exists we leave it alone
+			if ( in_array($cat_name, $cat_names) )
+				continue;
+
+			$category_nicename	= $this->get_tag( $c, 'wp:category_nicename' );
+			$posts_private		= (int) $this->get_tag( $c, 'wp:posts_private' );
+			$links_private		= (int) $this->get_tag( $c, 'wp:links_private' );
+
+			$parent = $this->get_tag( $c, 'wp:category_parent' );
+
+			if ( empty($parent) )
+				$category_parent = '0';
+			else
+				$category_parent = category_exists($parent);
+
+			$catarr = compact('category_nicename', 'category_parent', 'posts_private', 'links_private', 'posts_private', 'cat_name');
+
+			$cat_ID = wp_insert_category($catarr);
+		}
+	}
+
+	function process_posts() {
+		$i = -1;
+		echo '<ol>';
+
+		foreach ($this->posts as $post)
+			$this->process_post($post);
+
+		echo '</ol>';
+
+		wp_import_cleanup($this->id);
+
+		echo '<h3>'.sprintf(__('All done.').' <a href="%s">'.__('Have fun!').'</a>', get_option('home')).'</h3>';
+	}
+  
+	function process_post($post) {
+		global $wpdb;
+
+		$post_ID = (int) $this->get_tag( $post, 'wp:post_id' );
+  		if ( $post_ID && !empty($this->posts_processed[$post_ID][1]) ) // Processed already
+			return 0;
+      
+		// There are only ever one of these
+		$post_title     = $this->get_tag( $post, 'title' );
+		$post_date      = $this->get_tag( $post, 'wp:post_date' );
+		$post_date_gmt  = $this->get_tag( $post, 'wp:post_date_gmt' );
+		$comment_status = $this->get_tag( $post, 'wp:comment_status' );
+		$ping_status    = $this->get_tag( $post, 'wp:ping_status' );
+		$post_status    = $this->get_tag( $post, 'wp:status' );
+		$post_name      = $this->get_tag( $post, 'wp:post_name' );
+		$post_parent    = $this->get_tag( $post, 'wp:post_parent' );
+		$menu_order     = $this->get_tag( $post, 'wp:menu_order' );
+		$post_type      = $this->get_tag( $post, 'wp:post_type' );
+		$guid           = $this->get_tag( $post, 'guid' );
+		$post_author    = $this->get_tag( $post, 'dc:creator' );
+
+		$post_content = $this->get_tag( $post, 'content:encoded' );
+		$post_content = preg_replace('|<(/?[A-Z]+)|e', "'<' . strtolower('$1')", $post_content);
+		$post_content = str_replace('<br>', '<br />', $post_content);
+		$post_content = str_replace('<hr>', '<hr />', $post_content);
+
+		preg_match_all('|<category>(.*?)</category>|is', $post, $categories);
+		$categories = $categories[1];
+
+		$cat_index = 0;
+		foreach ($categories as $category) {
+			$categories[$cat_index] = $wpdb->escape($this->unhtmlentities(str_replace(array ('<![CDATA[', ']]>'), '', $category)));
+			$cat_index++;
+		}
+
+		if ($post_id = post_exists($post_title, '', $post_date)) {
+			echo '<li>';
+			printf(__('Post <i>%s</i> already exists.'), stripslashes($post_title));
+		} else {
+
+			// If it has parent, process parent first.
+			$post_parent = (int) $post_parent;
+			if ($parent = $this->posts_processed[$post_parent]) {
+				if (!$parent[1]) $this->process_post($parent[0]); // If not yet, process the parent first.
+				$post_parent = $parent[1]; // New ID of the parent;
+			}
+
+			echo '<li>';
+			printf(__('Importing post <i>%s</i>...'), stripslashes($post_title));
+
+			$post_author = $this->checkauthor($post_author); //just so that if a post already exists, new users are not created by checkauthor
+
+			$postdata = compact('post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_title', 'post_excerpt', 'post_status', 'post_name', 'comment_status', 'ping_status', 'post_modified', 'post_modified_gmt', 'guid', 'post_parent', 'menu_order', 'post_type');
+			$comment_post_ID = $post_id = wp_insert_post($postdata);
+
+			// Memorize old and new ID.
+			if ( $post_id && $post_ID && $this->posts_processed[$post_ID] )
+				$this->posts_processed[$post_ID][1] = $post_id; // New ID.
+			
+			// Add categories.
+			if (count($categories) > 0) {
+				$post_cats = array();
+				foreach ($categories as $category) {
+					$cat_ID = (int) $wpdb->get_var("SELECT cat_ID FROM $wpdb->categories WHERE cat_name = '$category'");
+					if ($cat_ID == 0) {
+						$cat_ID = wp_insert_category(array('cat_name' => $category));
+					}
+					$post_cats[] = $cat_ID;
+				}
+				wp_set_post_categories($post_id, $post_cats);
+			}	
+		}
+
+		// Now for comments
+		preg_match_all('|<wp:comment>(.*?)</wp:comment>|is', $post, $comments);
+		$comments = $comments[1];
+		$num_comments = 0;
+		if ( $comments) { foreach ($comments as $comment) {
+			$comment_author       = $this->get_tag( $comment, 'wp:comment_author');
+			$comment_author_email = $this->get_tag( $comment, 'wp:comment_author_email');
+			$comment_author_IP    = $this->get_tag( $comment, 'wp:comment_author_IP');
+			$comment_author_url   = $this->get_tag( $comment, 'wp:comment_author_url');
+			$comment_date         = $this->get_tag( $comment, 'wp:comment_date');
+			$comment_date_gmt     = $this->get_tag( $comment, 'wp:comment_date_gmt');
+			$comment_content      = $this->get_tag( $comment, 'wp:comment_content');
+			$comment_approved     = $this->get_tag( $comment, 'wp:comment_approved');
+			$comment_type         = $this->get_tag( $comment, 'wp:comment_type');
+			$comment_parent       = $this->get_tag( $comment, 'wp:comment_parent');
+
+			if ( !comment_exists($comment_author, $comment_date) ) {
+				$commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_url', 'comment_author_email', 'comment_author_IP', 'comment_date', 'comment_date_gmt', 'comment_content', 'comment_approved', 'comment_type', 'comment_parent');
+				wp_insert_comment($commentdata);
+				$num_comments++;
+			}
+		} }
+
+		if ( $num_comments )
+			printf(' '.__('(%s comments)'), $num_comments);
+
+		// Now for post meta
+		preg_match_all('|<wp:postmeta>(.*?)</wp:postmeta>|is', $post, $postmeta);
+		$postmeta = $postmeta[1];
+		if ( $postmeta) { foreach ($postmeta as $p) {
+			$key   = $this->get_tag( $p, 'wp:meta_key' );
+			$value = $this->get_tag( $p, 'wp:meta_value' );
+			$value = stripslashes($value); // add_post_meta() will escape.
+			add_post_meta( $post_id, $key, $value );
+		} }
+	}
+
+	function import() {
+		$this->id = (int) $_GET['id'];
+
+		$this->file = get_attached_file($this->id);
+		$this->get_authors_from_post();
+		$this->get_entries();
+		$this->process_categories();
+		$this->process_posts();
+	}
+
+	function dispatch() {
+		if (empty ($_GET['step']))
+			$step = 0;
+		else
+			$step = (int) $_GET['step'];
+
+		$this->header();
+		switch ($step) {
+			case 0 :
+				$this->greet();
+				break;
+			case 1 :
+				check_admin_referer('import-upload');
+				$this->select_authors();
+				break;
+			case 2:
+				check_admin_referer('import-wordpress');
+				$this->import();
+				break;
+		}
+		$this->footer();
+	}
+
+	function WP_Import() {
+		// Nothing.
+	}
+}
+
+$wp_import = new WP_Import();
+
+register_importer('wordpress', 'WordPress', __('Import <strong>posts, comments, custom fields, pages, and categories</strong> from a WordPress export file'), array ($wp_import, 'dispatch'));
+
+?>

wp-admin/index-extra.php

@@ -0,0 +1,69 @@
+<?php
+require_once('admin.php');
+require_once (ABSPATH . WPINC . '/rss.php');
+
+@header('Content-type: ' . get_option('html_type') . '; charset=' . get_option('blog_charset'));
+
+switch ( $_GET['jax'] ) {
+
+case 'incominglinks' :
+$rss = @fetch_rss('http://feeds.technorati.com/cosmos/rss/?url='. trailingslashit(get_option('home')) .'&partner=wordpress');
+if ( isset($rss->items) && 1 < count($rss->items) ) { // Technorati returns a 1-item feed when it has no results
+?>
+<h3><?php _e('Incoming Links'); ?> <cite><a href="http://www.technorati.com/search/<?php echo trailingslashit(get_option('home')); ?>?partner=wordpress"><?php _e('More &raquo;'); ?></a></cite></h3>
+<ul>
+<?php
+$rss->items = array_slice($rss->items, 0, 10);
+foreach ($rss->items as $item ) {
+?>
+	<li><a href="<?php echo wp_filter_kses($item['link']); ?>"><?php echo wptexturize(wp_specialchars($item['title'])); ?></a></li>
+<?php } ?>
+</ul>
+<?php
+}
+break;
+
+case 'devnews' :
+$rss = @fetch_rss('http://wordpress.org/development/feed/');
+if ( isset($rss->items) && 0 != count($rss->items) ) {
+?>
+<h3><?php _e('WordPress Development Blog'); ?></h3>
+<?php
+$rss->items = array_slice($rss->items, 0, 3);
+foreach ($rss->items as $item ) {
+?>
+<h4><a href='<?php echo wp_filter_kses($item['link']); ?>'><?php echo wp_specialchars($item['title']); ?></a> &#8212; <?php printf(__('%s ago'), human_time_diff(strtotime($item['pubdate'], time() ) ) ); ?></h4>
+<p><?php echo $item['description']; ?></p>
+<?php
+	}
+}
+?>
+
+<?php
+break;
+
+case 'planetnews' :
+$rss = @fetch_rss('http://planet.wordpress.org/feed/');
+if ( isset($rss->items) && 0 != count($rss->items) ) {
+?>
+<h3><?php _e('Other WordPress News'); ?></h3>
+<ul>
+<?php
+$rss->items = array_slice($rss->items, 0, 20);
+foreach ($rss->items as $item ) {
+$title = wp_specialchars($item['title']);
+$author = preg_replace( '|(.+?):.+|s', '$1', $item['title'] );
+$post = preg_replace( '|.+?:(.+)|s', '$1', $item['title'] );
+?>
+<li><a href='<?php echo wp_filter_kses($item['link']); ?>'><span class="post"><?php echo $post; ?></span><span class="hidden"> - </span><cite><?php echo $author; ?></cite></a></li>
+<?php
+	}
+?>
+</ul>
+<p class="readmore"><a href="http://planet.wordpress.org/"><?php _e('Read more'); ?> &raquo;</a></p>
+<?php
+}
+break;
+}
+
+?>

wp-admin/index.php

@@ -1,17 +1,67 @@
 <?php
 require_once('admin.php'); 
+
+function index_js() {
+?>
+<script type="text/javascript">
+Event.observe( window, 'load', dashboard_init, false );
+function dashboard_init() {
+	var update1 = new Ajax.Updater( 'incominglinks', 'index-extra.php?jax=incominglinks' );
+	var update2 = new Ajax.Updater( 'devnews', 'index-extra.php?jax=devnews' );
+	var update3 = new Ajax.Updater( 'planetnews', 'index-extra.php?jax=planetnews'	);
+}
+</script>
+<?php
+}
+add_action( 'admin_head', 'index_js' );
+wp_enqueue_script('prototype');
+wp_enqueue_script('interface');
+
 $title = __('Dashboard'); 
+$parent_file = 'index.php';
 require_once('admin-header.php');
-require_once (ABSPATH . WPINC . '/rss-functions.php');
 
 $today = current_time('mysql', 1);
 ?>
 
 <div class="wrap">
+
+<h2><?php _e('Welcome to WordPress'); ?></h2>
+
 <div id="zeitgeist">
 <h2><?php _e('Latest Activity'); ?></h2>
+
+<div id="incominglinks"></div>
+
 <?php
-if ( $recentposts = $wpdb->get_results("SELECT ID, post_title FROM $wpdb->posts WHERE post_status = 'publish' AND post_date_gmt < '$today' ORDER BY post_date DESC LIMIT 5") ) :
+$comments = $wpdb->get_results("SELECT comment_author, comment_author_url, comment_ID, comment_post_ID FROM $wpdb->comments WHERE comment_approved = '1' ORDER BY comment_date_gmt DESC LIMIT 5");
+$numcomments = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->comments WHERE comment_approved = '0'");
+
+if ( $comments || $numcomments ) :
+?>
+<div>
+<h3><?php _e('Comments'); ?> <a href="edit-comments.php" title="<?php _e('More comments...'); ?>">&raquo;</a></h3>
+
+<?php if ( $numcomments ) : ?>
+<p><strong><a href="moderation.php"><?php echo sprintf(__('Comments in moderation (%s)'), number_format($numcomments) ); ?> &raquo;</a></strong></p>
+<?php endif; ?>
+
+<ul>
+<?php
+if ( $comments ) {
+foreach ($comments as $comment) {
+	echo '<li>' . sprintf(__('%1$s on %2$s'), get_comment_author_link(), '<a href="'. get_permalink($comment->comment_post_ID) . '#comment-' . $comment->comment_ID . '">' . apply_filters('the_title', get_the_title($comment->comment_post_ID)) . '</a>');
+	edit_comment_link(__("Edit"), ' <small>(', ')</small>');
+	echo '</li>';
+}
+}
+?>
+</ul>
+</div>
+<?php endif; ?>
+
+<?php
+if ( $recentposts = $wpdb->get_results("SELECT ID, post_title FROM $wpdb->posts WHERE post_type = 'post' AND " . get_private_posts_cap_sql('post') . " AND post_date_gmt < '$today' ORDER BY post_date DESC LIMIT 5") ) :
 ?>
 <div>
 <h3><?php _e('Posts'); ?> <a href="edit.php" title="<?php _e('More posts...'); ?>">&raquo;</a></h3>
@@ -30,8 +80,8 @@ foreach ($recentposts as $post) {
 <?php endif; ?>
 
 <?php
-if ( $scheduled = $wpdb->get_results("SELECT ID, post_title, post_date_gmt FROM $wpdb->posts WHERE post_status = 'publish' AND post_date_gmt > '$today'") ) :
-?> 
+if ( $scheduled = $wpdb->get_results("SELECT ID, post_title, post_date_gmt FROM $wpdb->posts WHERE post_type = 'post' AND post_status = 'future' ORDER BY post_date ASC") ) :
+?>
 <div>
 <h3><?php _e('Scheduled Entries:') ?></h3>
 <ul>
@@ -41,133 +91,54 @@ foreach ($scheduled as $post) {
 		$post->post_title = sprintf(__('Post #%s'), $post->ID);
 	echo "<li>" . sprintf(__('%1$s in %2$s'), "<a href='post.php?action=edit&amp;post=$post->ID' title='" . __('Edit this post') . "'>$post->post_title</a>", human_time_diff( current_time('timestamp', 1), strtotime($post->post_date_gmt. ' GMT') ))  . "</li>";
 }
-?> 
-</ul>
-</div>
-<?php endif; ?>
-
-<?php
-if ( $comments = $wpdb->get_results("SELECT comment_author, comment_author_url, comment_ID, comment_post_ID FROM $wpdb->comments WHERE comment_approved = '1' ORDER BY comment_date_gmt DESC LIMIT 5") ) :
-?>
-<div>
-<h3><?php _e('Comments'); ?> <a href="edit-comments.php" title="<?php _e('More comments...'); ?>">&raquo;</a></h3>
-<ul>
-<?php 
-foreach ($comments as $comment) {
-	echo '<li>' . sprintf(__('%1$s on %2$s'), get_comment_author_link(), '<a href="'. get_permalink($comment->comment_post_ID) . '#comment-' . $comment->comment_ID . '">' . get_the_title($comment->comment_post_ID) . '</a>');
-	edit_comment_link(__("Edit"), ' <small>(', ')</small>'); 
-	echo '</li>';
-}
 ?>
 </ul>
-<?php 
-if ( $numcomments = $wpdb->get_var("SELECT COUNT(*) FROM $tablecomments WHERE comment_approved = '0'") ) :
-?>
-<p><strong><a href="moderation.php"><?php echo sprintf(__('There are comments in moderation (%s)'), number_format($numcomments) ); ?> &raquo;</a></strong></p>
-<?php endif; ?>
 </div>
-
 <?php endif; ?>
 
 <div>
 <h3><?php _e('Blog Stats'); ?></h3>
 <?php
-$numposts = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE post_status = 'publish'");
-if (0 < $numposts) $numposts = number_format($numposts); 
+$numposts = (int) $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE post_type = 'post' AND post_status = 'publish'");
+$numcomms = (int) $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->comments WHERE comment_approved = '1'");
+$numcats  = (int) $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->categories");
 
-$numcomms = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->comments WHERE comment_approved = '1'");
-if (0 < $numcomms) $numcomms = number_format($numcomms);
-
-$numcats = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->categories");
-if (0 < $numcats) $numcats = number_format($numcats);
+$post_str = sprintf(__ngettext('%1$s <a href="%2$s" title="Posts">post</a>', '%1$s <a href="%2$s" title="Posts">posts</a>', $numposts), number_format($numposts), 'edit.php');
+$comm_str = sprintf(__ngettext('%1$s <a href="%2$s" title="Comments">comment</a>', '%1$s <a href="%2$s" title="Comments">comments</a>', $numcomms), number_format($numcomms), 'edit-comments.php');
+$cat_str  = sprintf(__ngettext('%1$s <a href="%2$s" title="Categories">category</a>', '%1$s <a href="%2$s" title="Categories">categories</a>', $numcats), number_format($numcats), 'categories.php');
 ?>
-<p><?php printf(__('There are currently %1$s <a href="%2$s" title="Posts">posts</a> and %3$s <a href="%4$s" title="Comments">comments</a>, contained within %5$s <a href="%6$s" title="categories">categories</a>.'), $numposts, 'edit.php',  $numcomms, 'edit-comments.php', $numcats, 'categories.php'); ?></p>
+
+<p><?php printf(__('There are currently %1$s and %2$s, contained within %3$s.'), $post_str, $comm_str, $cat_str); ?></p>
 </div>
 
-<?php
-$rss = @fetch_rss('http://feeds.technorati.com/cosmos/rss/?url='. trailingslashit(get_option('home')) .'&partner=wordpress');
-if ( isset($rss->items) && 0 != count($rss->items) ) {
-?>
-<div id="incominglinks">
-<h3><?php _e('Incoming Links'); ?> <cite><a href="http://www.technorati.com/cosmos/search.html?url=<?php echo trailingslashit(get_option('home')); ?>&amp;partner=wordpress"><?php _e('More'); ?> &raquo;</a></cite></h3>
+<?php do_action('activity_box_end'); ?>
+</div>
+
+<p><?php _e('Use these links to get started:'); ?></p>
+
 <ul>
-<?php
-$rss->items = array_slice($rss->items, 0, 10);
-foreach ($rss->items as $item ) {
-?>
-	<li><a href="<?php echo wp_filter_kses($item['link']); ?>"><?php echo wp_specialchars($item['title']); ?></a></li>
-<?php } ?>
+<?php if ( current_user_can('edit_posts') ) : ?>
+	<li><a href="post-new.php"><?php _e('Write a post'); ?></a></li>
+<?php endif; ?>
+	<li><a href="profile.php"><?php _e('Update your profile or change your password'); ?></a></li>
+<?php if ( current_user_can('manage_links') ) : ?>
+	<li><a href="link-add.php"><?php _e('Add a link to your blogroll'); ?></a></li>
+<?php endif; ?>
+<?php if ( current_user_can('switch_themes') ) : ?>
+	<li><a href="themes.php"><?php _e('Change your site&#8217;s look or theme'); ?></a></li>
+<?php endif; ?>
 </ul>
-</div>
-<?php } ?>
+<p><?php _e("Need help with WordPress? Please see our <a href='http://codex.wordpress.org/'>documentation</a> or visit the <a href='http://wordpress.org/support/'>support forums</a>."); ?></p>
 
-</div>
+<div id="devnews"></div>
 
-<h2><?php _e('Dashboard'); ?></h2>
-<p><?php _e('Below is the latest news from the official WordPress development blog, click on a title to read the full entry.'); ?></p>
-<?php
-$rss = @fetch_rss('http://wordpress.org/development/feed/');
-if ( isset($rss->items) && 0 != count($rss->items) ) {
-?>
-<h3>WordPress Development Blog</h3>
-<?php
-$rss->items = array_slice($rss->items, 0, 3);
-foreach ($rss->items as $item ) {
-?>
-<h4><a href='<?php echo wp_filter_kses($item['link']); ?>'><?php echo wp_specialchars($item['title']); ?></a> &#8212; <?php echo human_time_diff( strtotime($item['pubdate'], time() ) ); ?> <?php _e('ago'); ?></h4>
-<p><?php echo $item['description']; ?></p>
-<?php
-	}
-}
-?>
+<div id="planetnews"></div>
 
-
-<?php
-$rss = @fetch_rss('http://planet.wordpress.org/feed/');
-if ( isset($rss->items) && 0 != count($rss->items) ) {
-?>
-<div id="planetnews">
-<h3><?php _e('Other WordPress News'); ?> <a href="http://planet.wordpress.org/"><?php _e('more'); ?> &raquo;</a></h3>
-<ul>
-<?php
-$rss->items = array_slice($rss->items, 0, 20);
-foreach ($rss->items as $item ) {
-?>
-<li><a href='<?php echo wp_filter_kses($item['link']); ?>'><?php echo wp_specialchars($item['title']); ?></a></li>
-<?php
-	}
-?>
-</ul>
-</div>
-<?php
-}
-?>
 <div style="clear: both">&nbsp;
 <br clear="all" />
 </div>
 </div>
-<?php
-$drafts = $wpdb->get_results("SELECT ID, post_title FROM $wpdb->posts WHERE post_status = 'draft' AND post_author = $user_ID");
-if ($drafts) {
-?>
-<div class="wrap">
 
-    <p><strong><?php _e('Your Drafts:') ?></strong> 
-    <?php
-	$i = 0;
-	foreach ($drafts as $draft) {
-		if (0 != $i)
-			echo ', ';
-		$draft->post_title = stripslashes($draft->post_title);
-		if ($draft->post_title == '')
-			$draft->post_title = sprintf(__('Post #%s'), $draft->ID);
-		echo "<a href='post.php?action=edit&amp;post=$draft->ID' title='" . __('Edit this draft') . "'>$draft->post_title</a>";
-		++$i;
-		}
-	?> 
-    .</p> 
-</div>
-<?php } ?>
 <?php
 require('./admin-footer.php');
-?>
+?>

wp-admin/install-helper.php

@@ -9,21 +9,21 @@ $debug = 0;
  **           false on error
  */
 function maybe_create_table($table_name, $create_ddl) {
-    global $wpdb;
-    foreach ($wpdb->get_col("SHOW TABLES",0) as $table ) {
-        if ($table == $table_name) {
-            return true;
-        }
-    }
-    //didn't find it try to create it.
-    $q = $wpdb->query($create_ddl);
-    // we cannot directly tell that whether this succeeded!
-    foreach ($wpdb->get_col("SHOW TABLES",0) as $table ) {
-        if ($table == $table_name) {
-            return true;
-        }
-    }
-    return false;
+	global $wpdb;
+	foreach ($wpdb->get_col("SHOW TABLES",0) as $table ) {
+		if ($table == $table_name) {
+			return true;
+		}
+	}
+	//didn't find it try to create it.
+	$q = $wpdb->query($create_ddl);
+	// we cannot directly tell that whether this succeeded!
+	foreach ($wpdb->get_col("SHOW TABLES",0) as $table ) {
+		if ($table == $table_name) {
+			return true;
+		}
+	}
+	return false;
 }
 
 /**
@@ -33,22 +33,22 @@ function maybe_create_table($table_name, $create_ddl) {
  **           false on error
  */
 function maybe_add_column($table_name, $column_name, $create_ddl) {
-    global $wpdb, $debug;
-    foreach ($wpdb->get_col("DESC $table_name",0) as $column ) {
-        if ($debug) echo("checking $column == $column_name<br />");
-        if ($column == $column_name) {
-            return true;
-        }
-    }
-    //didn't find it try to create it.
-    $q = $wpdb->query($create_ddl);
-    // we cannot directly tell that whether this succeeded!
-    foreach ($wpdb->get_col("DESC $table_name",0) as $column ) {
-        if ($column == $column_name) {
-            return true;
-        }
-    }
-    return false;
+	global $wpdb, $debug;
+	foreach ($wpdb->get_col("DESC $table_name",0) as $column ) {
+		if ($debug) echo("checking $column == $column_name<br />");
+			if ($column == $column_name) {
+				return true;
+			}
+	}
+	//didn't find it try to create it.
+	$q = $wpdb->query($create_ddl);
+	// we cannot directly tell that whether this succeeded!
+	foreach ($wpdb->get_col("DESC $table_name",0) as $column ) {
+		if ($column == $column_name) {
+			return true;
+		}
+	}
+	return false;
 }
 
 
@@ -59,21 +59,21 @@ function maybe_add_column($table_name, $column_name, $create_ddl) {
  **           false on error
  */
 function maybe_drop_column($table_name, $column_name, $drop_ddl) {
-    global $wpdb;
-    foreach ($wpdb->get_col("DESC $table_name",0) as $column ) {
-        if ($column == $column_name) {
-            //found it try to drop it.
-            $q = $wpdb->query($drop_ddl);
-            // we cannot directly tell that whether this succeeded!
-            foreach ($wpdb->get_col("DESC $table_name",0) as $column ) {
-                if ($column == $column_name) {
-                    return false;
-                }
-            }
-        }
-    }
-    // else didn't find it
-    return true;
+	global $wpdb;
+	foreach ($wpdb->get_col("DESC $table_name",0) as $column ) {
+		if ($column == $column_name) {
+			//found it try to drop it.
+			$q = $wpdb->query($drop_ddl);
+			// we cannot directly tell that whether this succeeded!
+			foreach ($wpdb->get_col("DESC $table_name",0) as $column ) {
+				if ($column == $column_name) {
+					return false;
+				}
+			}
+		}
+	}
+	// else didn't find it
+	return true;
 }
 
 
@@ -92,45 +92,45 @@ function maybe_drop_column($table_name, $column_name, $drop_ddl) {
  **      Extra
  */
 function check_column($table_name, $col_name, $col_type, $is_null = null, $key = null, $default = null, $extra = null) {
-    global $wpdb, $debug;
-    $diffs = 0;
-    $results = $wpdb->get_results("DESC $table_name");
-    
-    foreach ($results as $row ) {
-        if ($debug > 1) print_r($row);
-        if ($row->Field == $col_name) {
-            // got our column, check the params
-            if ($debug) echo ("checking $row->Type against $col_type\n");
-            if (($col_type != null) && ($row->Type != $col_type)) {
-                ++$diffs;
-            }
-            if (($is_null != null) && ($row->Null != $is_null)) {
-                ++$diffs;
-            }
-            if (($key != null) && ($row->Key  != $key)) {
-                ++$diffs;
-            }
-            if (($default != null) && ($row->Default != $default)) {
-                ++$diffs;
-            }
-            if (($extra != null) && ($row->Extra != $extra)) {
-                ++$diffs;
-            }
-            if ($diffs > 0) {
-                if ($debug) echo ("diffs = $diffs returning false\n");
-                return false;
-            }
-            return true;
-        } // end if found our column
-    }
-    return false;
+	global $wpdb, $debug;
+	$diffs = 0;
+	$results = $wpdb->get_results("DESC $table_name");
+
+	foreach ($results as $row ) {
+		if ($debug > 1) print_r($row);
+			if ($row->Field == $col_name) {
+				// got our column, check the params
+				if ($debug) echo ("checking $row->Type against $col_type\n");
+				if (($col_type != null) && ($row->Type != $col_type)) {
+					++$diffs;
+				}
+				if (($is_null != null) && ($row->Null != $is_null)) {
+					++$diffs;
+				}
+				if (($key != null) && ($row->Key  != $key)) {
+					++$diffs;
+				}
+				if (($default != null) && ($row->Default != $default)) {
+					++$diffs;
+				}
+				if (($extra != null) && ($row->Extra != $extra)) {
+					++$diffs;
+				}
+				if ($diffs > 0) {
+					if ($debug) echo ("diffs = $diffs returning false\n");
+					return false;
+				}
+				return true;
+			} // end if found our column
+	}
+	return false;
 }
-    
+
 /*
 echo "<p>testing</p>";
 echo "<pre>";
 
-//check_column('wp_links', 'link_description', 'mediumtext'); 
+//check_column('wp_links', 'link_description', 'mediumtext');
 //if (check_column($wpdb->comments, 'comment_author', 'tinytext'))
 //    echo "ok\n";
 $error_count = 0;
@@ -138,14 +138,14 @@ $tablename = $wpdb->links;
 // check the column
 if (!check_column($wpdb->links, 'link_description', 'varchar(255)'))
 {
-    $ddl = "ALTER TABLE $wpdb->links MODIFY COLUMN link_description varchar(255) NOT NULL DEFAULT '' ";
-    $q = $wpdb->query($ddl);
+	$ddl = "ALTER TABLE $wpdb->links MODIFY COLUMN link_description varchar(255) NOT NULL DEFAULT '' ";
+	$q = $wpdb->query($ddl);
 }
 if (check_column($wpdb->links, 'link_description', 'varchar(255)')) {
-    $res .= $tablename . ' - ok <br />';
+	$res .= $tablename . ' - ok <br />';
 } else {
-    $res .= 'There was a problem with ' . $tablename . '<br />';
-    ++$error_count;
+	$res .= 'There was a problem with ' . $tablename . '<br />';
+	++$error_count;
 }
 echo "</pre>";
 */

wp-admin/install-rtl.css

@@ -0,0 +1,15 @@
+body { font: 13px Tahoma, Georgia, "Times New Roman", Times, serif; }
+
+ul, ol { padding: 5px 20px 5px 5px; }
+
+h1, h2, h3 { font-family: "Times New Roman", Times, serif; font-weight: 700 }
+
+.step, th { text-align: left }
+
+input { font-family: "Times New Roman", Times, serif; padding: 1px }
+
+#logo {	background: url(../wp-content/plugins/WP-Jalali/wp-fa-logo.png) center right no-repeat;	text-align: left; }
+
+#admin_email {direction: ltr; text-align: left; }
+
+#footer { font-style: normal; }

wp-admin/install.css

@@ -0,0 +1,40 @@
+html { background: #eee; }
+
+body {
+	background: #fff;
+	color: #000;
+	font-family: Georgia, "Times New Roman", Times, serif;
+	margin-left: 20%;
+	margin-right: 20%;
+	padding: .2em 2em;
+}
+
+h1 {
+	color: #006;
+	font-size: 18px;
+	font-weight: lighter;
+}
+
+h2 { font-size: 16px; }
+
+p, li, dt {
+	line-height: 140%;
+	padding-bottom: 2px;
+}
+
+ul, ol { padding: 5px 5px 5px 20px; }
+
+#logo { margin-bottom: 2em; }
+
+.step a, .step input { font-size: 2em; }
+
+td input { font-size: 1.5em; }
+
+.step, th { text-align: right; }
+
+#footer {
+	text-align: center; 
+	border-top: 1px solid #ccc; 
+	padding-top: 1em; 
+	font-style: italic;
+}

wp-admin/install.php

@@ -1,13 +1,13 @@
 <?php
 define('WP_INSTALLING', true);
-if (!file_exists('../wp-config.php')) 
-    die("There doesn't seem to be a <code>wp-config.php</code> file. I need this before we can get started. Need more help? <a href='http://wordpress.org/docs/faq/#wp-config'>We got it</a>. You can <a href='setup-config.php'>create a <code>wp-config.php</code> file through a web interface</a>, but this doesn't work for all server setups. The safest way is to manually create the file.");
+if (!file_exists('../wp-config.php')) {
+  require_once('../wp-includes/functions.php');
+  wp_die("There doesn't seem to be a <code>wp-config.php</code> file. I need this before we can get started. Need more help? <a href='http://codex.wordpress.org/Editing_wp-config.php'>We got it</a>. You can <a href='setup-config.php'>create a <code>wp-config.php</code> file through a web interface</a>, but this doesn't work for all server setups. The safest way is to manually create the file.", "WordPress &rsaquo; Error");
+}
 
 require_once('../wp-config.php');
 require_once('./upgrade-functions.php');
 
-$guessurl = str_replace('/wp-admin/install.php?step=2', '', 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) );
-
 if (isset($_GET['step']))
 	$step = $_GET['step'];
 else
@@ -15,200 +15,96 @@ else
 header( 'Content-Type: text/html; charset=utf-8' );
 ?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
+<html xmlns="http://www.w3.org/1999/xhtml" <?php language_attributes(); ?>>
 <head>
-	<title><?php _e('WordPress &rsaquo; Installation'); ?></title>
 	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-	<style media="screen" type="text/css">
-	<!--
-	html {
-		background: #eee;
-	}
-	body {
-		background: #fff;
-		color: #000;
-		font-family: Georgia, "Times New Roman", Times, serif;
-		margin-left: 20%;
-		margin-right: 20%;
-		padding: .2em 2em;
-	}
-	
-	h1 {
-		color: #006;
-		font-size: 18px;
-		font-weight: lighter;
-	}
-	
-	h2 {
-		font-size: 16px;
-	}
-	
-	p, li, dt {
-		line-height: 140%;
-		padding-bottom: 2px;
-	}
-
-	ul, ol {
-		padding: 5px 5px 5px 20px;
-	}
-	#logo {
-		margin-bottom: 2em;
-	}
-	.step a, .step input {
-		font-size: 2em;
-	}
-	td input {
-		font-size: 1.5em;
-	}
-	.step, th {
-		text-align: right;
-	}
-	#footer {
-		text-align: center; 
-		border-top: 1px solid #ccc; 
-		padding-top: 1em; 
-		font-style: italic;
-	}
-	-->
-	</style>
+	<title><?php _e('WordPress &rsaquo; Installation'); ?></title>
+	<link rel="stylesheet" href="install.css?version=<?php bloginfo('version'); ?>" type="text/css" />
+	<?php if ( ('rtl' == $wp_locale->text_direction) ) : ?>
+	<link rel="stylesheet" href="install-rtl.css?version=<?php bloginfo('version'); ?>" type="text/css" />
+	<?php endif; ?>
 </head>
 <body>
-<h1 id="logo"><img alt="WordPress" src="http://static.wordpress.org/logo.png" /></h1>
+<h1 id="logo"><img alt="WordPress" src="images/wordpress-logo.png" /></h1>
 <?php
 // Let's check to make sure WP isn't already installed.
-$wpdb->hide_errors();
-$installed = $wpdb->get_results("SELECT * FROM $wpdb->users");
-if ($installed) die(__('<h1>Already Installed</h1><p>You appear to have already installed WordPress. To reinstall please clear your old database tables first.</p>') . '</body></html>');
-$wpdb->show_errors();
+if ( is_blog_installed() ) die('<h1>'.__('Already Installed').'</h1><p>'.__('You appear to have already installed WordPress. To reinstall please clear your old database tables first.').'</p></body></html>');
 
 switch($step) {
-
 	case 0:
 ?>
 <p><?php printf(__('Welcome to WordPress installation. We&#8217;re now going to go through a few steps to get you up and running with the latest in personal publishing platforms. You may want to peruse the <a href="%s">ReadMe documentation</a> at your leisure.'), '../readme.html'); ?></p>
-	<h2 class="step"><a href="install.php?step=1"><?php _e('First Step &raquo;'); ?></a></h2>
+<h2 class="step"><a href="install.php?step=1"><?php _e('First Step &raquo;'); ?></a></h2>
 <?php
-	break;
-
+		break;
 	case 1:
-
 ?>
 <h1><?php _e('First Step'); ?></h1>
 <p><?php _e("Before we begin we need a little bit of information. Don't worry, you can always change these later."); ?></p>
 
 <form id="setup" method="post" action="install.php?step=2">
-<table width="100%">
-<tr>
-<th width="33%"><?php _e('Weblog title:'); ?></th>
-<td><input name="weblog_title" type="text" id="weblog_title" size="25" /></td>
-</tr>
-<tr>
-<th><?php _e('Your e-mail:'); ?></th>
-	<td><input name="admin_email" type="text" id="admin_email" size="25" /></td>
-</tr>
-</table>
-<p><em><?php _e('Double-check that email address before continuing.'); ?></em></p>
-<h2 class="step">
-<input type="submit" name="Submit" value="<?php _e('Continue to Second Step &raquo;'); ?>" />
-</h2>
+	<table width="100%">
+		<tr>
+			<th width="33%"><?php _e('Weblog title:'); ?></th>
+			<td><input name="weblog_title" type="text" id="weblog_title" size="25" /></td>
+		</tr>
+		<tr>
+			<th><?php _e('Your e-mail:'); ?></th>
+			<td><input name="admin_email" type="text" id="admin_email" size="25" /></td>
+		</tr>
+		<tr>
+			<th scope="row"  valign="top"> <?php __('Privacy:'); ?></th>
+			<td><label><input type="checkbox" name="blog_public" value="1" checked="checked" /> <?php _e('I would like my blog to appear in search engines like Google and Technorati.'); ?></label></td>
+		</tr>
+	</table>
+	<p><em><?php _e('Double-check that email address before continuing.'); ?></em></p>
+	<h2 class="step"><input type="submit" name="Submit" value="<?php _e('Continue to Second Step &raquo;'); ?>" /></h2>
 </form>
 
 <?php
-	break;
+		break;
 	case 2:
+		// Fill in the data we gathered
+		$weblog_title = stripslashes($_POST['weblog_title']);
+		$admin_email = stripslashes($_POST['admin_email']);
+		$public = (int) $_POST['blog_public'];
+		// check e-mail address
+		if (empty($admin_email)) {
+			die(__("<strong>ERROR</strong>: please type your e-mail address"));
+		} else if (!is_email($admin_email)) {
+			die(__("<strong>ERROR</strong>: the e-mail address isn't correct"));
+		}
 
-// Fill in the data we gathered
-$weblog_title = $_POST['weblog_title'];
-$admin_email = $_POST['admin_email'];
-// check e-mail address
-if (empty($admin_email)) {
-	die (__("<strong>ERROR</strong>: please type your e-mail address"));
-} else if (!is_email($admin_email)) {
-	die (__("<strong>ERROR</strong>: the e-mail address isn't correct"));
-}
-	
 ?>
 <h1><?php _e('Second Step'); ?></h1>
 <p><?php _e('Now we&#8217;re going to create the database tables and fill them with some default data.'); ?></p>
 
 
 <?php
-flush();
-
-// Set everything up
-make_db_current_silent();
-populate_options();
-
-$wpdb->query("UPDATE $wpdb->options SET option_value = '$weblog_title' WHERE option_name = 'blogname'");
-$wpdb->query("UPDATE $wpdb->options SET option_value = '$admin_email' WHERE option_name = 'admin_email'");
-
-// Now drop in some default links
-$wpdb->query("INSERT INTO $wpdb->linkcategories (cat_id, cat_name) VALUES (1, '".addslashes(__('Blogroll'))."')");
-$wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss) VALUES ('http://blog.carthik.net/index.php', 'Carthik', 1, 'http://blog.carthik.net/feed/');");
-$wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss) VALUES ('http://blogs.linux.ie/xeer/', 'Donncha', 1, 'http://blogs.linux.ie/xeer/feed/');");
-$wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss) VALUES ('http://zengun.org/weblog/', 'Michel', 1, 'http://zengun.org/weblog/feed/');");
-$wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss) VALUES ('http://boren.nu/', 'Ryan', 1, 'http://boren.nu/feed/');");
-$wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss) VALUES ('http://photomatt.net/', 'Matt', 1, 'http://xml.photomatt.net/feed/');");
-$wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss) VALUES ('http://zed1.com/journalized/', 'Mike', 1, 'http://zed1.com/journalized/feed/');");
-$wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss) VALUES ('http://www.alexking.org/', 'Alex', 1, 'http://www.alexking.org/blog/wp-rss2.php');");
-$wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss) VALUES ('http://dougal.gunters.org/', 'Dougal', 1, 'http://dougal.gunters.org/feed/');");
-
-// Default category
-$wpdb->query("INSERT INTO $wpdb->categories (cat_ID, cat_name, category_nicename) VALUES ('0', '".addslashes(__('Uncategorized'))."', '".sanitize_title(__('Uncategorized'))."')");
-
-// First post
-$now = date('Y-m-d H:i:s');
-$now_gmt = gmdate('Y-m-d H:i:s');
-$wpdb->query("INSERT INTO $wpdb->posts (post_author, post_date, post_date_gmt, post_content, post_title, post_category, post_name, post_modified, post_modified_gmt) VALUES ('1', '$now', '$now_gmt', '".addslashes(__('Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!'))."', '".addslashes(__('Hello world!'))."', '0', '".addslashes(__('hello-world'))."', '$now', '$now_gmt')");
-
-$wpdb->query( "INSERT INTO $wpdb->post2cat (`rel_id`, `post_id`, `category_id`) VALUES (1, 1, 1)" );
-
-// Default comment
-$wpdb->query("INSERT INTO $wpdb->comments (comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content) VALUES ('1', '".addslashes(__('Mr WordPress'))."', '', 'http://wordpress.org', '127.0.0.1', '$now', '$now_gmt', '".addslashes(__('Hi, this is a comment.<br />To delete a comment, just log in, and view the posts\' comments, there you will have the option to edit or delete them.'))."')");
-
-// Set up admin user
-$random_password = substr(md5(uniqid(microtime())), 0, 6);
-$wpdb->query("INSERT INTO $wpdb->users (ID, user_login, user_pass, user_nickname, user_email, user_level, user_idmode, user_registered) VALUES ( '1', 'admin', MD5('$random_password'), '".addslashes(__('Administrator'))."', '$admin_email', '10', 'nickname', NOW() )");
-
-$message_headers = 'From: ' . stripslashes($_POST['weblog_title']) . ' <wordpress@' . $_SERVER['SERVER_NAME'] . '>';
-$message = sprintf(__("Your new WordPress blog has been successfully set up at:
-
-%1\$s
-
-You can log in to the administrator account with the following information:
-
-Username: admin
-Password: %2\$s
-
-We hope you enjoy your new weblog. Thanks!
-
---The WordPress Team
-http://wordpress.org/
-"), $guessurl, $random_password);
-
-@mail($admin_email, __('New WordPress Blog'), $message, $message_headers);
-
-upgrade_all();
+	$result = wp_install($weblog_title, 'admin', $admin_email, $public);
+	extract($result, EXTR_SKIP);
 ?>
 
 <p><em><?php _e('Finished!'); ?></em></p>
 
-<p><?php printf(__('Now you can <a href="%1$s">log in</a> with the <strong>username</strong> "<code>admin</code>" and <strong>password</strong> "<code>%2$s</code>".'), '../wp-login.php', $random_password); ?></p>
-<p><?php _e('<strong><em>Note that password</em></strong> carefully! It is a <em>random</em> password that was generated just for you. If you lose it, you will have to delete the tables from the database yourself, and re-install WordPress. So to review:'); ?>
-</p>
+<p><?php printf(__('Now you can <a href="%1$s">log in</a> with the <strong>username</strong> "<code>admin</code>" and <strong>password</strong> "<code>%2$s</code>".'), '../wp-login.php', $password); ?></p>
+<p><?php _e('<strong><em>Note that password</em></strong> carefully! It is a <em>random</em> password that was generated just for you. If you lose it, you will have to delete the tables from the database yourself, and re-install WordPress. So to review:'); ?></p>
+
 <dl>
-<dt><?php _e('Username'); ?></dt>
-<dd><code>admin</code></dd>
-<dt><?php _e('Password'); ?></dt>
-<dd><code><?php echo $random_password; ?></code></dd>
+	<dt><?php _e('Username'); ?></dt>
+		<dd><code>admin</code></dd>
+	<dt><?php _e('Password'); ?></dt>
+		<dd><code><?php echo $password; ?></code></dd>
 	<dt><?php _e('Login address'); ?></dt>
-<dd><a href="../wp-login.php">wp-login.php</a></dd>
+		<dd><a href="../wp-login.php">wp-login.php</a></dd>
 </dl>
 <p><?php _e('Were you expecting more steps? Sorry to disappoint. All done! :)'); ?></p>
+
 <?php
-	break;
+		break;
 }
 ?>
+
 <p id="footer"><?php _e('<a href="http://wordpress.org/">WordPress</a>, personal publishing platform.'); ?></p>
 </body>
-</html>
+</html>

wp-admin/link-add.php

@@ -5,266 +5,31 @@ $title = __('Add Link');
 $this_file = 'link-manager.php';
 $parent_file = 'link-manager.php';
 
-function category_dropdown($fieldname, $selected = 0) {
-	global $wpdb;
-	
-	$results = $wpdb->get_results("SELECT cat_id, cat_name, auto_toggle FROM $wpdb->linkcategories ORDER BY cat_id");
-	echo "\n<select name='$fieldname' size='1'>\n";
-	foreach ($results as $row) {
-		echo "\n\t<option value='$row->cat_id'";
-		if ($row->cat_id == $selected)
-			echo " selected='selected'";
-		echo ">$row->cat_id : " . wp_specialchars($row->cat_name);
-		if ($row->auto_toggle == 'Y')
-			echo ' (auto toggle)';
-		echo "</option>";
-	}
-	echo "\n</select>\n";
-}
 
-function xfn_check($class, $value = '', $type = 'check') {
-	global $link_rel;
-	$rels = preg_split('/\s+/', $link_rel);
+wp_reset_vars(array('action', 'cat_id', 'linkurl', 'name', 'image',
+	'description', 'visible', 'target', 'category', 'link_id',
+	'submit', 'order_by', 'links_show_cat_id', 'rating', 'rel',
+	'notes', 'linkcheck[]'));
 
-	if ('' != $value && in_array($value, $rels) ) {
-		echo ' checked="checked"';
-	}
-
-	if ('' == $value) {
-		if ('family' == $class && !strstr($link_rel, 'child') && !strstr($link_rel, 'parent') && !strstr($link_rel, 'sibling') && !strstr($link_rel, 'spouse') && !strstr($link_rel, 'kin')) echo ' checked="checked"';
-		if ('friendship' == $class && !strstr($link_rel, 'friend') && !strstr($link_rel, 'acquaintance') && !strstr($link_rel, 'contact') ) echo ' checked="checked"';
-		if ('geographical' == $class && !strstr($link_rel, 'co-resident') && !strstr($link_rel, 'neighbor') ) echo ' checked="checked"';
-		if ('identity' == $class && in_array('me', $rels) ) echo ' checked="checked"';
-	}
-}
-
-$wpvarstoreset = array('action', 'cat_id', 'linkurl', 'name', 'image',
-                       'description', 'visible', 'target', 'category', 'link_id',
-                       'submit', 'order_by', 'links_show_cat_id', 'rating', 'rel',
-                       'notes', 'linkcheck[]');
-for ($i=0; $i<count($wpvarstoreset); $i += 1) {
-    $wpvar = $wpvarstoreset[$i];
-    if (!isset($$wpvar)) {
-        if (empty($_POST["$wpvar"])) {
-            if (empty($_GET["$wpvar"])) {
-                $$wpvar = '';
-            } else {
-                $$wpvar = $_GET["$wpvar"];
-            }
-        } else {
-            $$wpvar = $_POST["$wpvar"];
-        }
-    }
-}
-$link_url = stripslashes($_GET['linkurl']);
-$link_name = htmlentities(stripslashes(urldecode($_GET['name'])));
-
-
-$xfn = true;
+wp_enqueue_script( array('xfn', 'dbx-admin-key?pagenow=link.php') );
+if ( current_user_can( 'manage_categories' ) )
+	wp_enqueue_script( 'ajaxcat' );
 require('admin-header.php');
 ?>
 
-<?php if ($_GET['added']) : ?>
-<div class="updated"><p><?php _e('Link added.'); ?></p></div>
+<?php if ($_GET['added'] && '' != $_POST['link_name']) : ?>
+<div id="message" class="updated fade"><p><?php _e('Link added.'); ?></p></div>
 <?php endif; ?>
-<div class="wrap">
-<h2><?php _e('<strong>Add</strong> a link:') ?></h2>
-     <form name="addlink" method="post" action="link-manager.php">
-<fieldset class="options">
-	<legend><?php _e('Basics') ?></legend>
-        <table class="editform" width="100%" cellspacing="2" cellpadding="5">
-         <tr>
-           <th width="33%" scope="row"><?php _e('URI:') ?></th>
-           <td width="67%"><input type="text" name="linkurl" value="<?php echo wp_specialchars($_GET['linkurl'], 1); ?>" style="width: 95%;" /></td>
-         </tr>
-         <tr>
-           <th scope="row"><?php _e('Link Name:') ?></th>
-           <td><input type="text" name="name" value="<?php echo wp_specialchars( urldecode($_GET['name']), 1 ); ?>" style="width: 95%" /></td>
-         </tr>
-         <tr>
-         	<th scope="row"><?php _e('Short description:') ?></th>
-         	<td><input type="text" name="description" value="" style="width: 95%" /></td>
-         	</tr>
-        <tr>
-           <th scope="row"><?php _e('Category:') ?></th>
-           <td><?php category_dropdown('category'); ?></td>
-         </tr>
-</table>
-</fieldset>
-       <p class="submit">
-         <input type="submit" name="submit" value="<?php _e('Add Link &raquo;') ?>" /> 
-       </p>
-	<fieldset class="options">
-	<legend><?php _e('Link Relationship (XFN)') ?></legend>
-        <table class="editform" width="100%" cellspacing="2" cellpadding="5">
-            <tr>
-                <th width="33%" scope="row"><?php _e('rel:') ?></th>
-            	<td width="67%"><input type="text" name="rel" id="rel" size="50" value="<?php echo $link_rel; ?>" /></td>
-           	</tr>
-            <tr>
-                <th scope="row"><?php _e('<a href="http://gmpg.org/xfn/">XFN</a> Creator:') ?></th>
-            	<td>
-					<table cellpadding="3" cellspacing="5">
-	          <tr>
-              <th scope="row"> <?php _e('identity') ?> </th>
-              <td>
-                <label for="me">
-                <input type="checkbox" name="identity" value="me" id="me" <?php xfn_check('identity', 'me'); ?> />
-          <?php _e('another web address of mine') ?></label>
-              </td>
-            </tr>
-            <tr>
-              <th scope="row"> <?php _e('friendship') ?> </th>
-              <td>
-			    <label for="contact">
-                <input class="valinp" type="radio" name="friendship" value="contact" id="contact" <?php xfn_check('friendship', 'contact', 'radio'); ?> /> <?php _e('contact') ?></label>
-                <label for="acquaintance">
-                <input class="valinp" type="radio" name="friendship" value="acquaintance" id="acquaintance" <?php xfn_check('friendship', 'acquaintance', 'radio'); ?> />  <?php _e('acquaintance') ?></label>
-                <label id="friend">
-                <input class="valinp" type="radio" name="friendship" value="friend" id="friend" <?php xfn_check('friendship', 'friend', 'radio'); ?> /> <?php _e('friend') ?></label>
-                <label for="friendship">
-                <input name="friendship" type="radio" class="valinp" value="" id="friendship" <?php xfn_check('friendship', '', 'radio'); ?> /> <?php _e('none') ?></label>
-              </td>
-            </tr>
-            <tr>
-              <th scope="row"> <?php _e('physical') ?> </th>
-              <td>
-                <label for="met">
-                <input class="valinp" type="checkbox" name="physical" value="met" id="met" <?php xfn_check('physical', 'met'); ?> />
-          <?php _e('met') ?></label>
-              </td>
-            </tr>
-            <tr>
-              <th scope="row"> <?php _e('professional') ?> </th>
-              <td>
-                <label for="co-worker">
-                <input class="valinp" type="checkbox" name="professional" value="co-worker" id="co-worker" <?php xfn_check('professional', 'co-worker'); ?> />
-          <?php _e('co-worker') ?></label>
-                <label for="colleague">
-                <input class="valinp" type="checkbox" name="professional" value="colleague" id="colleague" <?php xfn_check('professional', 'colleague'); ?> />
-          <?php _e('colleague') ?></label>
-              </td>
-            </tr>
-            <tr>
-              <th scope="row"> <?php _e('geographical') ?> </th>
-              <td>
-                <label for="co-resident">
-                <input class="valinp" type="radio" name="geographical" value="co-resident" id="co-resident" <?php xfn_check('geographical', 'co-resident', 'radio'); ?> />
-          <?php _e('co-resident') ?></label>
-                <label for="neighbor">
-                <input class="valinp" type="radio" name="geographical" value="neighbor" id="neighbor" <?php xfn_check('geographical', 'neighbor', 'radio'); ?> />
-          <?php _e('neighbor') ?></label>
-                <label for="geographical">
-                <input class="valinp" type="radio" name="geographical" value="" id="geographical" <?php xfn_check('geographical', '', 'radio'); ?> />
-          <?php _e('none') ?></label>
-              </td>
-            </tr>
-            <tr>
-              <th scope="row"> <?php _e('family'); ?> </th>
-              <td>
-                <label for="child">
-                <input class="valinp" type="radio" name="family" value="child" id="child" <?php xfn_check('family', 'child', 'radio'); ?>  />
-          <?php _e('child') ?></label>
-                <label for="kin">
-                <input class="valinp" type="radio" name="family" value="kin" id="kin" <?php xfn_check('family', 'kin', 'radio'); ?>  />
-          <?php _e('kin') ?></label>
-                <label for="parent">
-                <input class="valinp" type="radio" name="family" value="parent" id="parent" <?php xfn_check('family', 'parent', 'radio'); ?> />
-          <?php _e('parent') ?></label>
-                <label for="sibling">
-                <input class="valinp" type="radio" name="family" value="sibling" id="sibling" <?php xfn_check('family', 'sibling', 'radio'); ?> />
-          <?php _e('sibling') ?></label>
-                <label for="spouse">
-                <input class="valinp" type="radio" name="family" value="spouse" id="spouse" <?php xfn_check('family', 'spouse', 'radio'); ?> />
-          <?php _e('spouse') ?></label>
-                <label for="family">
-                <input class="valinp" type="radio" name="family" value="" id="family" <?php xfn_check('family', '', 'radio'); ?> />
-          <?php _e('none') ?></label>
-              </td>
-            </tr>
-            <tr>
-              <th scope="row"> <?php _e('romantic') ?> </th>
-              <td>
-                <label for="muse">
-                <input class="valinp" type="checkbox" name="romantic" value="muse" id="muse" <?php xfn_check('romantic', 'muse'); ?> />
-         <?php _e('muse') ?></label>
-                <label for="crush">
-                <input class="valinp" type="checkbox" name="romantic" value="crush" id="crush" <?php xfn_check('romantic', 'crush'); ?> />
-         <?php _e('crush') ?></label>
-                <label for="date">
-                <input class="valinp" type="checkbox" name="romantic" value="date" id="date" <?php xfn_check('romantic', 'date'); ?> />
-         <?php _e('date') ?></label>
-                <label for="romantic">
-                <input class="valinp" type="checkbox" name="romantic" value="sweetheart" id="romantic" <?php xfn_check('romantic', 'sweetheart'); ?> />
-         <?php _e('sweetheart') ?></label>
-              </td>
-            </tr>
-        </table>
-		  </td>
-           	</tr>
-</table>
-</fieldset>
-       <p class="submit">
-         <input type="submit" name="submit" value="<?php _e('Add Link &raquo;') ?>" /> 
-       </p>
-<fieldset class="options">
-	<legend><?php _e('Advanced') ?></legend>
-        <table class="editform" width="100%" cellspacing="2" cellpadding="5">
-         <tr>
-           <th width="33%" scope="row"><?php _e('Image URI:') ?></th>
-           <td width="67%"><input type="text" name="image" size="50" value="" style="width: 95%" /></td>
-         </tr>
-<tr>
-           <th scope="row"><?php _e('RSS URI:') ?> </th>
-           <td><input name="rss_uri" type="text" id="rss_uri" value="" size="50" style="width: 95%" /></td>
-         </tr>
-         <tr>
-           <th scope="row"><?php _e('Notes:') ?></th>
-           <td><textarea name="notes" cols="50" rows="10" style="width: 95%"></textarea></td>
-         </tr>
-         <tr>
-           <th scope="row"><?php _e('Rating:') ?></th>
-           <td><select name="rating" size="1">
-             <?php
-    for ($r = 0; $r < 10; $r++) {
-      echo('            <option value="'.$r.'">'.$r.'</option>');
-    }
+
+<?php
+	$link = get_default_link_to_edit();
+	include('edit-link-form.php');
 ?>
-           </select>
-           &nbsp;<?php _e('(Leave at 0 for no rating.)') ?> </td>
-         </tr>
-         <tr>
-           <th scope="row"><?php _e('Target') ?></th>
-           <td><label>
-             <input type="radio" name="target" value="_blank" />
-             <code>_blank</code></label>
-<br />
-<label><input type="radio" name="target" value="_top" />
-<code>_top</code></label>
-<br />
-<label><input type="radio" name="target" value="" checked="checked" />
-<?php _e('none') ?></label>
-<?php _e('(Note that the <code>target</code> attribute is illegal in XHTML 1.1 and 1.0 Strict.)') ?></td>
-         </tr>
-         <tr>
-           <th scope="row"><?php _e('Visible:') ?></th>
-           <td><label>
-             <input type="radio" name="visible" checked="checked" value="Y" />
-<?php _e('Yes') ?></label><br />
-<label><input type="radio" name="visible" value="N" /> <input type="hidden" name="action" value="Add" /> 
-<?php _e('No') ?></label></td>
-         </tr>
-</table>
-</fieldset>
 
-       <p class="submit">
-         <input type="submit" name="submit" value="<?php _e('Add Link &raquo;') ?>" /> 
-       </p>
-  </form>
-</div>
-
-<div class="wrap">
-<?php printf(__('<p>You can drag <a href="%s" title="Link add bookmarklet">Link This</a> to your toolbar and when you click it a window will pop up that will allow you to add whatever site you&#8217;re on to your links! Right now this only works on Mozilla or Netscape, but we&#8217;re working on it.</p>'), "javascript:void(linkmanpopup=window.open('" . get_settings('siteurl') . "/wp-admin/link-add.php?action=popup&amp;linkurl='+escape(location.href)+'&amp;name='+escape(document.title),'LinkManager','scrollbars=yes,width=750,height=550,left=15,top=15,status=yes,resizable=yes'));linkmanpopup.focus();window.focus();linkmanpopup.focus();") ?>
+<div id="wp-link-bookmarklet"  class="wrap">
+<h3><?php _e('Add Link Bookmarklet'); ?></h3>
+<p><?php _e('Right click on the following link and choose &#0147;Bookmark This Link...&#0148; or &#0147;Add to Favorites...&#0148; to create a Link This shortcut.'); ?></p>
+<?php printf('<p><a href="%s" title="'.__('Link add bookmarklet').'">'.__('Link This').'</a></p>', "javascript:void(linkmanpopup=window.open('" . get_option('siteurl') . "/wp-admin/link-add.php?action=popup&amp;linkurl='+escape(location.href)+'&amp;name='+escape(document.title),'LinkManager','scrollbars=yes,width=750,height=550,left=15,top=15,status=yes,resizable=yes'));linkmanpopup.focus();window.focus();linkmanpopup.focus();") ?>
 </div>
 
 <?php

wp-admin/link-categories.php

@@ -1,453 +0,0 @@
-<?php
-// Links
-// Copyright (C) 2002, 2003 Mike Little -- mike@zed1.com
-require_once('admin.php');
-$title = __('Link Categories');
-$this_file='link-categories.php';
-$parent_file = 'link-manager.php';
-
-$wpvarstoreset = array('action', 'cat', 'auto_toggle');
-for ($i=0; $i<count($wpvarstoreset); $i += 1) {
-    $wpvar = $wpvarstoreset[$i];
-    if (!isset($$wpvar)) {
-        if (empty($_POST["$wpvar"])) {
-            if (empty($_GET["$wpvar"])) {
-                $$wpvar = '';
-            } else {
-                $$wpvar = $_GET["$wpvar"];
-            }
-        } else {
-            $$wpvar = $_POST["$wpvar"];
-        }
-    }
-}
-
-switch ($action) {
-  case 'addcat':
-  {
-      if ($user_level < 5)
-          die (__("Cheatin' uh ?"));
-
-      $cat_name = wp_specialchars($_POST['cat_name']);
-      $auto_toggle = $_POST['auto_toggle'];
-      if ($auto_toggle != 'Y') {
-          $auto_toggle = 'N';
-      }
-
-      $show_images = $_POST['show_images'];
-      if ($show_images != 'Y') {
-          $show_images = 'N';
-      }
-
-      $show_description = $_POST['show_description'];
-      if ($show_description != 'Y') {
-          $show_description = 'N';
-      }
-
-      $show_rating = $_POST['show_rating'];
-      if ($show_rating != 'Y') {
-          $show_rating = 'N';
-      }
-
-      $show_updated = $_POST['show_updated'];
-      if ($show_updated != 'Y') {
-          $show_updated = 'N';
-      }
-
-      $sort_order = $_POST['sort_order'];
-
-      $sort_desc = $_POST['sort_desc'];
-      if ($sort_desc != 'Y') {
-          $sort_desc = 'N';
-      }
-      $text_before_link = addslashes($_POST['text_before_link']);
-      $text_after_link = addslashes($_POST['text_after_link']);
-      $text_after_all = addslashes($_POST['text_after_all']);
-
-      $list_limit = $_POST['list_limit'];
-      if ($list_limit == '')
-          $list_limit = -1;
-
-      $wpdb->query("INSERT INTO $wpdb->linkcategories (cat_id, cat_name, auto_toggle, show_images, show_description, \n" .
-             " show_rating, show_updated, sort_order, sort_desc, text_before_link, text_after_link, text_after_all, list_limit) \n" .
-             " VALUES ('0', '$cat_name', '$auto_toggle', '$show_images', '$show_description', \n" .
-             " '$show_rating', '$show_updated', '$sort_order', '$sort_desc', '$text_before_link', '$text_after_link', \n" .
-             " '$text_after_all', $list_limit)");
-
-      header('Location: link-categories.php');
-    break;
-  } // end addcat
-  case 'Delete':
-  {
-    $cat_id = (int) $_GET['cat_id'];
-    $cat_name=get_linkcatname($cat_id);
-
-    if ($cat_id=="1")
-        die(sprintf(__("Can't delete the <strong>%s</strong> link category: this is the default one"), $cat_name));
-
-    if ($user_level < 5)
-      die (__("Cheatin' uh ?"));
-
-    $wpdb->query("DELETE FROM $wpdb->linkcategories WHERE cat_id='$cat_id'");
-    $wpdb->query("UPDATE $wpdb->links SET link_category=1 WHERE link_category='$cat_id'");
-
-    header('Location: link-categories.php');
-    break;
-  } // end delete
-  case 'Edit':
-  {
-    include_once ('admin-header.php');
-    $cat_id = (int) $_GET['cat_id'];
-    $row = $wpdb->get_row("SELECT cat_id, cat_name, auto_toggle, show_images, show_description, "
-         . " show_rating, show_updated, sort_order, sort_desc, text_before_link, text_after_link, "
-         . " text_after_all, list_limit FROM $wpdb->linkcategories WHERE cat_id=$cat_id");
-    if ($row) {
-        if ($row->list_limit == -1) {
-            $row->list_limit = '';
-        }
-?>
-
-<div class="wrap">
-  <h2><?php printf(__('Edit &#8220%s&#8221; Category'), wp_specialchars($row->cat_name)); ?></h2>
-
-  <form name="editcat" method="post">
-      <input type="hidden" name="action" value="editedcat" />
-      <input type="hidden" name="cat_id" value="<?php echo $row->cat_id ?>" />
-<fieldset class="options">
-<legend><?php _e('Category Options') ?></legend>
-<table class="editform" width="100%" cellspacing="2" cellpadding="5">
-<tr>
-	<th width="33%" scope="row"><?php _e('Name:') ?></th>
-	<td width="67%"><input name="cat_name" type="text" value="<?php echo wp_specialchars($row->cat_name)?>" size="30" /></td>
-</tr>
-<tr>
-	<th scope="row"><?php _e('Show:') ?></th>
-        <td>
-            <label>
-            <input type="checkbox" name="show_images"  value="Y" <?php checked('Y', $row->show_images); ?> /> 
-            <?php _e('Image') ?></label> <br />
-            <label>
-            <input type="checkbox" name="show_description" value="Y" <?php checked('Y', $row->show_description); ?> /> 
-            <?php _e('Description') ?></label> 
-            <?php _e('(shown in <code>title</code> regardless)') ?><br />
-            <label>
-            <input type="checkbox" name="show_rating"  value="Y" <?php checked('Y', $row->show_rating); ?> /> 
-            <?php _e('Rating') ?></label> <br />
-            <label>
-            <input type="checkbox" name="show_updated" value="Y" <?php checked('Y', $row->show_updated); ?> /> 
-            <?php _e('Updated') ?></label>
-<?php _e('(shown in <code>title</code> regardless)') ?></td>
-</tr>
-<tr>
-	<th scope="row"><?php _e('Sort order:') ?></th>
-	<td>
-	<select name="sort_order" size="1">
-            <option value="name" <?php echo ($row->sort_order == 'name') ? 'selected="selected"' : ''?>><?php _e('Name') ?></option>
-            <option value="id"      <?php echo ($row->sort_order == 'id') ? 'selected' : ''?>><?php _e('Id') ?></option>
-            <option value="url"     <?php echo ($row->sort_order == 'url') ? 'selected' : ''?>><?php _e('URL') ?></option>
-            <option value="rating"  <?php echo ($row->sort_order == 'rating') ? 'selected' : ''?>><?php _e('Rating') ?></option>
-            <option value="updated" <?php echo ($row->sort_order == 'updated') ? 'selected' : ''?>><?php _e('Updated') ?></option>
-            <option value="rand"  <?php echo ($row->sort_order == 'rand') ? 'selected' : ''?>><?php _e('Random') ?></option>
-            <option value="length"  <?php echo ($row->sort_order == 'length') ? 'selected' : ''?>><?php _e('Name Length') ?></option>
-	</select>
-	<label>
-	<input type="checkbox" name="sort_desc" value="Y" <?php checked('Y', $row->sort_desc); ?> /> 
-	<?php _e('Descending') ?></label>
-	</td>
-</tr>
-<tr>
-	<th scope="row"><?php _e('Limit:') ?></th>
-	<td>
-	<input type="text" name="list_limit" size="5" value="<?php echo $row->list_limit ?>" /> 
-	<?php _e('(Leave empty for no limit to number of links shown)') ?>
-	</td>
-</tr>
-<tr>
-	<th scope="row"><?php _e('Toggle:') ?></th>
-	<td><label>
-		<input type="checkbox" name="auto_toggle"  value="Y" <?php checked('Y', $row->auto_toggle); ?> /> 
-		<?php _e('When new link is added toggle all others to be invisible') ?></label></td>
-</tr>
-
-</table>
-</fieldset>
-<fieldset class="options">
-<legend><?php _e('Formatting') ?></legend>
-<table class="editform" width="100%" cellspacing="2" cellpadding="5">
-<tr>
-	<th width="33%" scope="row"><?php _e('Before Link:') ?></th>
-	<td width="67%"><input type="text" name="text_before_link" size="45" value="<?php echo wp_specialchars($row->text_before_link)?>" /></td>
-</tr>
-<tr>
-<th scope="row"><?php _e('Between Link and Description:') ?></th>
-<td><input type="text" name="text_after_link" size="45" value="<?php echo wp_specialchars($row->text_after_link)?>" /></td>
-</tr>
-<tr>
-<th scope="row"><?php _e('After Link:') ?></th>
-<td><input type="text" name="text_after_all" size="45" value="<?php echo wp_specialchars($row->text_after_all)?>"/></td>
-</tr>
-</table>
-</fieldset>
-<p class="submit"><input type="submit" name="submit" value="<?php _e('Save Category Settings &raquo;') ?>" /></p>
-</form>
-
-</div>
-<?php
-    } // end if row
-    break;
-  } // end Edit
-  case "editedcat":
-  {
-    if ($user_level < 5)
-      die (__("Cheatin' uh ?"));
-
-    $submit=$_POST["submit"];
-    if (isset($submit)) {
-
-    $cat_id = (int)$_POST["cat_id"];
-
-    $cat_name= wp_specialchars($_POST["cat_name"]);
-    $auto_toggle = $_POST["auto_toggle"];
-    if ($auto_toggle != 'Y') {
-        $auto_toggle = 'N';
-    }
-
-    $show_images = $_POST["show_images"];
-    if ($show_images != 'Y') {
-        $show_images = 'N';
-    }
-
-    $show_description = $_POST["show_description"];
-    if ($show_description != 'Y') {
-        $show_description = 'N';
-    }
-
-    $show_rating = $_POST["show_rating"];
-    if ($show_rating != 'Y') {
-        $show_rating = 'N';
-    }
-
-    $show_updated = $_POST["show_updated"];
-    if ($show_updated != 'Y') {
-        $show_updated = 'N';
-    }
-
-    $sort_order = $_POST["sort_order"];
-
-    $sort_desc = $_POST["sort_desc"];
-    if ($sort_desc != 'Y') {
-        $sort_desc = 'N';
-    }
-    $text_before_link = addslashes($_POST["text_before_link"]);
-    $text_after_link = addslashes($_POST["text_after_link"]);
-    $text_after_all = addslashes($_POST["text_after_all"]);
-
-    $list_limit = $_POST["list_limit"];
-    if ($list_limit == '')
-        $list_limit = -1;
-
-    $wpdb->query("UPDATE $wpdb->linkcategories set
-            cat_name='$cat_name',
-            auto_toggle='$auto_toggle',
-            show_images='$show_images',
-            show_description='$show_description',
-            show_rating='$show_rating',
-            show_updated='$show_updated',
-            sort_order='$sort_order',
-            sort_desc='$sort_desc',
-            text_before_link='$text_before_link',
-            text_after_link='$text_after_link',
-            text_after_all='$text_after_all',
-            list_limit=$list_limit
-            WHERE cat_id=$cat_id
-            ");
-    } // end if save
-
-
-    header("Location: link-categories.php");
-    break;
-  } // end editcat
-  default:
-  {
-    include_once ("admin-header.php");
-    if ($user_level < 5) {
-      die(__("You have do not have sufficient permissions to edit the link categories for this blog. :)"));
-    }
-?>
-
-<div class="wrap">
-            <h2><?php _e('Link Categories:') ?></h2>
-            <table width="100%" cellpadding="5" cellspacing="0" border="0">
-              <tr>
- 	        <th rowspan="2" valign="bottom"><?php _e('Name') ?></th>
-                <th rowspan="2" valign="bottom"><?php _e('ID') ?></th>
-                <th rowspan="2" valign="bottom"><?php _e('Toggle?') ?></th>
-                <th colspan="4" valign="bottom" class="alternate"><?php _e('Show') ?></th>
-                <th rowspan="2" valign="bottom"><?php _e('Sort Order') ?></th>
-                <th rowspan="2" valign="bottom"><?php _e('Desc?') ?></th>
-                <th colspan="3" valign="bottom" class="alternate"><?php _e('Formatting') ?></th>
-                <th rowspan="2" valign="bottom"><?php _e('Limit') ?></th>
-                <th rowspan="2" colspan="2">&nbsp;</th>
-              </tr>
-              <tr>
-                <th valign="top"><?php _e('Images') ?></th>
-                <th valign="top"><?php _e('Description') ?></th>
-                <th valign="top"><?php _e('Rating') ?></th>
-                <th valign="top"><?php _e('Updated') ?></th>
-                <th valign="top"><?php _e('Before') ?></th>
-                <th valign="top"><?php _e('Between') ?></th>
-                <th valign="top"><?php _e('After') ?></th>
-              </tr>
-<?php
-$results = $wpdb->get_results("SELECT cat_id, cat_name, auto_toggle, show_images, show_description, "
-         . " show_rating, show_updated, sort_order, sort_desc, text_before_link, text_after_link, "
-         . " text_after_all, list_limit FROM $wpdb->linkcategories ORDER BY cat_id");
-$i = 1;
-foreach ($results as $row) {
-    if ($row->list_limit == -1) {
-        $row->list_limit = __('none');
-    }
-    $style = ($i % 2) ? ' class="alternate"' : '';
-    /*
-    	Manually internationalize every sort order option.
-    */
-    switch ($row->sort_order) {
-    	case 'name':
-    		$row->sort_order = __('name');
-    		break;
-    	case 'id':
-    		$row->sort_order = __('id');
-    		break;
-    	case 'url':
-    		$row->sort_order = __('url');
-    		break;
-    	case 'rating':
-    		$row->sort_order = __('rating');
-    		break;
-    	case 'updated':
-    		$row->sort_order = __('updated');
-    		break;
-    	case 'rand':
-    		$row->sort_order = __('rand');
-    		break;
-    	case 'length':
-    		$row->sort_order = __('length');
-    		break;
-    }
-?>
-              <tr valign="middle" align="center" <?php echo $style ?> style="border-bottom: 1px dotted #9C9A9C;">
-                <td><?php echo wp_specialchars($row->cat_name)?></td>
-				<td ><?php echo $row->cat_id?></td>
-                <td><?php echo $row->auto_toggle == 'Y' ? __('Yes') : __('No') ?></td>
-                <td><?php echo $row->show_images == 'Y' ? __('Yes') : __('No') ?></td>
-                <td><?php echo $row->show_description == 'Y' ? __('Yes') : __('No') ?></td>
-                <td><?php echo $row->show_rating == 'Y' ? __('Yes') : __('No') ?></td>
-                <td><?php echo $row->show_updated == 'Y' ? __('Yes') : __('No') ?></td>
-                <td><?php echo $row->sort_order ?></td>
-                <td><?php echo $row->sort_desc == 'Y' ? __('Yes') : __('No') ?></td>
-                <td nowrap="nowrap"><?php echo htmlentities($row->text_before_link)?>&nbsp;</td>
-                <td nowrap="nowrap"><?php echo htmlentities($row->text_after_link)?>&nbsp;</td>
-                <td nowrap="nowrap"><?php echo htmlentities($row->text_after_all)?></td>
-                <td><?php echo $row->list_limit ?></td>
-                <td><a href="link-categories.php?cat_id=<?php echo $row->cat_id?>&amp;action=Edit" class="edit"><?php _e('Edit') ?></a></td>
-                <td><a href="link-categories.php?cat_id=<?php echo $row->cat_id?>&amp;action=Delete" onclick="return confirm('<?php _e("You are about to delete this category.\\n  \'Cancel\' to stop, \'OK\' to delete.") ?>');" class="delete"><?php _e('Delete') ?></a></td>
-              </tr>
-<?php
-        ++$i;
-    }
-?>
-            </table>
-<p><?php _e('These are the defaults for when you call a link category with no additional arguments. All of these settings may be overwritten.') ?></p>
-
-</div>
-
-<div class="wrap">
-    <form name="addcat" method="post">
-      <input type="hidden" name="action" value="addcat" />
-	  <h2><?php _e('Add a Link Category:') ?></h2>
-<fieldset class="options">
-<legend><?php _e('Category Options') ?></legend>
-<table class="editform" width="100%" cellspacing="2" cellpadding="5">
-<tr>
-	<th width="33%" scope="row"><?php _e('Name:') ?></th>
-	<td width="67%"><input type="text" name="cat_name" size="30" /></td>
-</tr>
-<tr>
-	<th scope="row"><?php _e('Show:') ?></th>
-        <td>
-            <label>
-            <input type="checkbox" name="show_images"  value="Y" /> 
-            <?php _e('Image') ?></label> <br />
-            <label>
-            <input type="checkbox" name="show_description" value="Y" /> 
-            <?php _e('Description') ?></label> 
-            <?php _e('(shown in <code>title</code> regardless)') ?><br />
-            <label>
-            <input type="checkbox" name="show_rating"  value="Y" /> 
-            <?php _e('Rating') ?></label> <br />
-            <label>
-            <input type="checkbox" name="show_updated" value="Y" /> 
-            <?php _e('Updated') ?></label>
-<?php _e('(shown in <code>title</code> regardless)') ?></td>
-</tr>
-<tr>
-	<th scope="row"><?php _e('Sort order:') ?></th>
-	<td>
-	<select name="sort_order" size="1">
-	<option value="name"><?php _e('Name') ?></option>
-	<option value="id"><?php _e('Id') ?></option>
-	<option value="url"><?php _e('URL') ?></option>
-	<option value="rating"><?php _e('Rating') ?></option>
-	<option value="updated"><?php _e('Updated') ?></option>
-	<option value="rand"><?php _e('Random') ?></option>
-	</select>
-	<label>
-	<input type="checkbox" name="sort_desc" value="Y" /> 
-	<?php _e('Descending') ?></label>
-	</td>
-</tr>
-<tr>
-	<th scope="row"><?php _e('Limit:') ?></th>
-	<td>
-	<input type="text" name="list_limit" size="5" value="" /> <?php _e('(Leave empty for no limit to number of links shown)') ?>
-	</td>
-</tr>
-<tr>
-	<th scope="row"><?php _e('Toggle:') ?></th>
-	<td><label>
-		<input type="checkbox" name="auto_toggle"  value="Y" /> 
-		<?php _e('When new link is added toggle all others to be invisible') ?></label></td>
-</tr>
-
-</table>
-</fieldset>
-<fieldset class="options">
-<legend><?php _e('Formatting') ?></legend>
-<table class="editform" width="100%" cellspacing="2" cellpadding="5">
-<tr>
-	<th width="33%" scope="row"><?php _e('Before Link:') ?></th>
-	<td width="67%"><input type="text" name="text_before_link" size="45" value="&lt;li&gt;" /></td>
-</tr>
-<tr>
-<th scope="row"><?php _e('Between Link and Description:') ?></th>
-<td><input type="text" name="text_after_link" size="45" value="&lt;br /&gt;" /></td>
-</tr>
-<tr>
-<th scope="row"><?php _e('After Link:') ?></th>
-<td><input type="text" name="text_after_all" size="45" value="&lt;/li&gt;"/></td>
-</tr>
-</table>
-</fieldset>
-<p class="submit"><input type="submit" name="submit" value="<?php _e('Add Category &raquo;') ?>" /></p>
-  </form>
-</div>
-<div class="wrap">
-    <h3><?php _e('Note:') ?></h3>
-    <?php printf(__('<p>Deleting a link category does not delete links from that category.<br />It will just set them back to the default category <b>%s</b>.'), get_linkcatname(1)) ?></p>
-</div>
-<?php
-    break;
-  } // end default
-} // end case
-?>
-<?php include('admin-footer.php'); ?>

wp-admin/link-import.php

@@ -12,120 +12,126 @@ if (!$step) $step = 0;
 ?>
 <?php
 switch ($step) {
-    case 0:
-    {
-        include_once('admin-header.php');
-        if ($user_level < 5)
-            die (__("Cheatin&#8217; uh?"));
+	case 0: {
+		include_once('admin-header.php');
+		if ( !current_user_can('manage_links') )
+			wp_die(__('Cheatin&#8217; uh?'));
 
-        $opmltype = 'blogrolling'; // default.
+		$opmltype = 'blogrolling'; // default.
 ?>
 
 <div class="wrap">
 
-    <h2><?php _e('Import your blogroll from another system') ?> </h2>
-	<!-- <form name="blogroll" action="link-import.php" method="get"> -->
-	<form enctype="multipart/form-data" action="link-import.php" method="post" name="blogroll">
+<h2><?php _e('Import your blogroll from another system') ?> </h2>
+<form enctype="multipart/form-data" action="link-import.php" method="post" name="blogroll">
+<?php wp_nonce_field('import-bookmarks') ?>
 
-	<ol>
-    <li><?php _e('Go to <a href="http://www.blogrolling.com">Blogrolling.com</a> and sign in. Once you&#8217;ve done that, click on <strong>Get Code</strong>, and then look for the <strong><abbr title="Outline Processor Markup Language">OPML</abbr> code</strong>') ?>.</li>
-    <li><?php _e('Or go to <a href="http://blo.gs">Blo.gs</a> and sign in. Once you&#8217;ve done that in the \'Welcome Back\' box on the right, click on <strong>share</strong>, and then look for the <strong><abbr title="Outline Processor Markup Language">OPML</abbr> link</strong> (favorites.opml).') ?></li>
-    <li><?php _e('Select that text and copy it or copy the link/shortcut into the box below.') ?><br />
-       <input type="hidden" name="step" value="1" />
-       <?php _e('Your OPML URL:') ?> <input type="text" name="opml_url" size="65" />
-	</li>
-    <li>
-	   <?php _e('<strong>or</strong> you can upload an OPML file from your desktop aggregator:') ?><br />
-       <input type="hidden" name="MAX_FILE_SIZE" value="30000" />
-       <label><?php _e('Upload this file:') ?> <input name="userfile" type="file" /></label>
-    </li>
+<p><?php _e('If a program or website you use allows you to export your links or subscriptions as OPML you may import them here.'); ?></p>
+<div style="width: 70%; margin: auto; height: 8em;">
+<input type="hidden" name="step" value="1" />
+<input type="hidden" name="MAX_FILE_SIZE" value="30000" />
+<div style="width: 48%; float: left;">
+<h3><?php _e('Specify an OPML URL:'); ?></h3>
+<input type="text" name="opml_url" size="50" style="width: 90%;" value="http://" />
+</div>
 
-    <li><?php _e('Now select a category you want to put these links in.') ?><br />
-	<?php _e('Category:') ?> <select name="cat_id">
+<div style="width: 48%; float: left;">
+<h3><?php _e('Or choose from your local disk:'); ?></h3>
+<input id="userfile" name="userfile" type="file" size="30" />
+</div>
+
+</div>
+
+<p style="clear: both; margin-top: 1em;"><?php _e('Now select a category you want to put these links in.') ?><br />
+<?php _e('Category:') ?> <select name="cat_id">
 <?php
-	$categories = $wpdb->get_results("SELECT cat_id, cat_name, auto_toggle FROM $wpdb->linkcategories ORDER BY cat_id");
-	foreach ($categories as $category) {
+$categories = get_categories('hide_empty=0');
+foreach ($categories as $category) {
 ?>
-    <option value="<?php echo $category->cat_id; ?>"><?php echo $category->cat_id.': '.$category->cat_name; ?></option>
+<option value="<?php echo $category->cat_ID; ?>"><?php echo wp_specialchars(apply_filters('link_category', $category->cat_name)); ?></option>
 <?php
-        } // end foreach
+} // end foreach
 ?>
-    </select>
+</select></p>
 
-	</li>
-
-    <li><input type="submit" name="submit" value="<?php _e('Import!') ?>" /></li>
-	</ol>
-    </form>
+<p class="submit"><input type="submit" name="submit" value="<?php _e('Import OPML File &raquo;') ?>" /></p>
+</form>
 
 </div>
 <?php
-                break;
-            } // end case 0
+		break;
+	} // end case 0
 
-    case 1: {
-                include_once('admin-header.php');
-                if ($user_level < 5)
-                    die (__("Cheatin' uh ?"));
+	case 1: {
+		check_admin_referer('import-bookmarks');
+
+		include_once('admin-header.php');
+		if ( !current_user_can('manage_links') )
+			wp_die(__('Cheatin&#8217; uh?'));
 ?>
 <div class="wrap">
 
-     <h2><?php _e('Importing...') ?></h2>
+<h2><?php _e('Importing...') ?></h2>
 <?php
-                $cat_id = $_POST['cat_id'];
-                if (($cat_id == '') || ($cat_id == 0)) {
-                    $cat_id  = 1;
-                }
+		$cat_id = abs( (int) $_POST['cat_id'] );
+		if ( $cat_id < 1 )
+			$cat_id  = 1;
 
-                $opml_url = $_POST['opml_url'];
-                if (isset($opml_url) && $opml_url != '') {
-					$blogrolling = true;
-                }
-                else // try to get the upload file.
-				{
-					$uploaddir = get_settings('fileupload_realpath');
-					$uploadfile = $uploaddir.'/'.$_FILES['userfile']['name'];
+		$opml_url = $_POST['opml_url'];
+		if ( isset($opml_url) && $opml_url != '' && $opml_url != 'http://' ) {
+			$blogrolling = true;
+		} else { // try to get the upload file.
+			$overrides = array('test_form' => false, 'test_type' => false);
+			$file = wp_handle_upload($_FILES['userfile'], $overrides);
 
-					if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile))
-					{
-						//echo "Upload successful.";
-						$blogrolling = false;
-						$opml_url = $uploadfile;
-					} else {
-						echo __("Upload error");
-					}
-				}
+			if ( isset($file['error']) )
+				wp_die($file['error']);
 
-                if (isset($opml_url) && $opml_url != '') {
-                    $opml = implode('', file($opml_url));
-                    include_once('link-parse-opml.php');
+			$url = $file['url'];
+			$opml_url = $file['file'];
+			$blogrolling = false;
+		}
 
-                    $link_count = count($names);
-                    for ($i = 0; $i < $link_count; $i++) {
-                        if ('Last' == substr($titles[$i], 0, 4))
-                            $titles[$i] = '';
-                        if ('http' == substr($titles[$i], 0, 4))
-                            $titles[$i] = '';
-                        $query = "INSERT INTO $wpdb->links (link_url, link_name, link_target, link_category, link_description, link_owner, link_rss)
-                                VALUES('{$urls[$i]}', '".addslashes($names[$i])."', '', $cat_id, '".addslashes($descriptions[$i])."', $user_ID, '{$feeds[$i]}')\n";
-                        $result = $wpdb->query($query);
-                        echo sprintf(__("<p>Inserted <strong>%s</strong></p>"), $names[$i]);
-                    }
+		if ( isset($opml_url) && $opml_url != '' ) {
+			if ( $blogrolling === true ) {
+				$opml = wp_remote_fopen($opml_url);
+			} else {
+				$opml = file_get_contents($opml_url);
+			}
+			
+			include_once('link-parse-opml.php');
+
+			$link_count = count($names);
+			for ( $i = 0; $i < $link_count; $i++ ) {
+				if ('Last' == substr($titles[$i], 0, 4))
+					$titles[$i] = '';
+				if ( 'http' == substr($titles[$i], 0, 4) )
+					$titles[$i] = '';
+				$link = array( 'link_url' => $urls[$i], 'link_name' => $wpdb->escape($names[$i]), 'link_category' => array($cat_id), 'link_description' => $wpdb->escape($descriptions[$i]), 'link_owner' => $user_ID, 'link_rss' => $feeds[$i]);
+				wp_insert_link($link);
+				echo sprintf('<p>'.__('Inserted <strong>%s</strong>').'</p>', $names[$i]);
+			}
 ?>
-     <p><?php printf(__('Inserted %1$d links into category %2$s. All done! Go <a href="%3$s">manage those links</a>.'), $link_count, $cat_id, 'link-manager.php') ?></p>
-<?php
-                } // end if got url
-                else
-                {
-                    echo "<p>" . __("You need to supply your OPML url. Press back on your browser and try again") . "</p>\n";
-                } // end else
 
+<p><?php printf(__('Inserted %1$d links into category %2$s. All done! Go <a href="%3$s">manage those links</a>.'), $link_count, $cat_id, 'link-manager.php') ?></p>
+
+<?php
+} // end if got url
+else
+{
+	echo "<p>" . __("You need to supply your OPML url. Press back on your browser and try again") . "</p>\n";
+} // end else
+
+if ( ! $blogrolling )
+	apply_filters( 'wp_delete_file', $opml_url); 
+	@unlink($opml_url);
 ?>
 </div>
 <?php
-                break;
-            } // end case 1
+		break;
+	} // end case 1
 } // end switch
-?>
-</body>
-</html>
+
+include('admin-footer.php');
+
+?>

wp-admin/link-manager.php

@@ -1,561 +1,49 @@
 <?php
+
+
 // Links
 // Copyright (C) 2002, 2003 Mike Little -- mike@zed1.com
 
-require_once('admin.php');
+require_once ('admin.php');
 
-$title = __('Manage Links');
+wp_enqueue_script( 'listman' );
+
+wp_reset_vars(array('action', 'cat_id', 'linkurl', 'name', 'image', 'description', 'visible', 'target', 'category', 'link_id', 'submit', 'order_by', 'links_show_cat_id', 'rating', 'rel', 'notes', 'linkcheck[]'));
+
+if (empty ($cat_id))
+	$cat_id = 'all';
+
+if (empty ($order_by))
+	$order_by = 'order_name';
+
+$title = __('Manage Blogroll');
 $this_file = $parent_file = 'link-manager.php';
+include_once ("./admin-header.php");
 
-function xfn_check($class, $value = '', $type = 'check') {
-	global $link_rel;
-	$rels = preg_split('/\s+/', $link_rel);
+if (!current_user_can('manage_links'))
+	wp_die(__("You do not have sufficient permissions to edit the links for this blog."));
 
-	if ('' != $value && in_array($value, $rels) ) {
-		echo ' checked="checked"';
-	}
-
-	if ('' == $value) {
-		if ('family' == $class && !strstr($link_rel, 'child') && !strstr($link_rel, 'parent') && !strstr($link_rel, 'sibling') && !strstr($link_rel, 'spouse') && !strstr($link_rel, 'kin')) echo ' checked="checked"';
-		if ('friendship' == $class && !strstr($link_rel, 'friend') && !strstr($link_rel, 'acquaintance') && !strstr($link_rel, 'contact') ) echo ' checked="checked"';
-		if ('geographical' == $class && !strstr($link_rel, 'co-resident') && !strstr($link_rel, 'neighbor') ) echo ' checked="checked"';
-		if ('identity' == $class && in_array('me', $rels) ) echo ' checked="checked"';
-	}
+switch ($order_by) {
+	case 'order_id' :
+		$sqlorderby = 'id';
+		break;
+	case 'order_url' :
+		$sqlorderby = 'url';
+		break;
+	case 'order_desc' :
+		$sqlorderby = 'description';
+		break;
+	case 'order_owner' :
+		$sqlorderby = 'owner';
+		break;
+	case 'order_rating' :
+		$sqlorderby = 'rating';
+		break;
+	case 'order_name' :
+	default :
+		$sqlorderby = 'name';
+		break;
 }
-
-function category_dropdown($fieldname, $selected = 0) {
-	global $wpdb;
-	
-	$results = $wpdb->get_results("SELECT cat_id, cat_name, auto_toggle FROM $wpdb->linkcategories ORDER BY cat_id");
-	echo "\n<select name='$fieldname' size='1'>";
-	foreach ($results as $row) {
-		echo "\n\t<option value='$row->cat_id'";
-		if ($row->cat_id == $selected)
-			echo " selected='selected'";
-		echo ">$row->cat_id: ".wp_specialchars($row->cat_name);
-		if ('Y' == $row->auto_toggle)
-			echo ' (auto toggle)';
-		echo "</option>\n";
-	}
-	echo "\n</select>\n";
-}
-
-$wpvarstoreset = array('action','cat_id', 'linkurl', 'name', 'image',
-                       'description', 'visible', 'target', 'category', 'link_id',
-                       'submit', 'order_by', 'links_show_cat_id', 'rating', 'rel',
-                       'notes', 'linkcheck[]');
-
-for ($i=0; $i<count($wpvarstoreset); $i += 1) {
-    $wpvar = $wpvarstoreset[$i];
-    if (!isset($$wpvar)) {
-        if (empty($_POST["$wpvar"])) {
-            if (empty($_GET["$wpvar"])) {
-                $$wpvar = '';
-            } else {
-                $$wpvar = $_GET["$wpvar"];
-            }
-        } else {
-            $$wpvar = $_POST["$wpvar"];
-        }
-    }
-}
-
-$links_show_cat_id = $_COOKIE['links_show_cat_id_' . COOKIEHASH];
-$links_show_order = $_COOKIE['links_show_order_' . COOKIEHASH];
-
-if ('' != $_POST['assign']) $action = 'assign';
-if ('' != $_POST['visibility']) $action = 'visibility';
-if ('' != $_POST['move']) $action = 'move';
-if ('' != $_POST['linkcheck']) $linkcheck = $_POST[linkcheck];
-
-switch ($action) {
-  case 'assign':
-  {
-    check_admin_referer();
-
-    // check the current user's level first.
-    if ($user_level < 5)
-      die (__("Cheatin' uh ?"));
-
-    //for each link id (in $linkcheck[]): if the current user level >= the
-    //userlevel of the owner of the link then we can proceed.
-
-    if (count($linkcheck) == 0) {
-        header('Location: ' . $this_file);
-        exit;
-    }
-    $all_links = join(',', $linkcheck);
-    $results = $wpdb->get_results("SELECT link_id, link_owner, user_level FROM $wpdb->links LEFT JOIN $wpdb->users ON link_owner = ID WHERE link_id in ($all_links)");
-    foreach ($results as $row) {
-      if (($user_level >= $row->user_level)) { // ok to proceed
-        $ids_to_change[] = $row->link_id;
-      }
-    }
-
-    // should now have an array of links we can change
-    $all_links = join(',', $ids_to_change);
-    $q = $wpdb->query("update $wpdb->links SET link_owner='$newowner' WHERE link_id IN ($all_links)");
-
-    header('Location: ' . $this_file);
-    break;
-  }
-  case 'visibility':
-  {
-    check_admin_referer();
-
-    // check the current user's level first.
-    if ($user_level < 5)
-      die (__("Cheatin' uh ?"));
-
-    //for each link id (in $linkcheck[]): toggle the visibility
-    if (count($linkcheck) == 0) {
-        header('Location: ' . $this_file);
-        exit;
-    }
-    $all_links = join(',', $linkcheck);
-    $results = $wpdb->get_results("SELECT link_id, link_visible FROM $wpdb->links WHERE link_id in ($all_links)");
-    foreach ($results as $row) {
-        if ($row->link_visible == 'Y') { // ok to proceed
-            $ids_to_turnoff[] = $row->link_id;
-        } else {
-            $ids_to_turnon[] = $row->link_id;
-        }
-    }
-
-    // should now have two arrays of links to change
-    if (count($ids_to_turnoff)) {
-        $all_linksoff = join(',', $ids_to_turnoff);
-        $q = $wpdb->query("update $wpdb->links SET link_visible='N' WHERE link_id IN ($all_linksoff)");
-    }
-
-    if (count($ids_to_turnon)) {
-        $all_linkson = join(',', $ids_to_turnon);
-        $q = $wpdb->query("update $wpdb->links SET link_visible='Y' WHERE link_id IN ($all_linkson)");
-    }
-
-    header('Location: ' . $this_file);
-    break;
-  }
-  case 'move':
-  {
-    check_admin_referer();
-
-    // check the current user's level first.
-    if ($user_level < 5)
-      die (__("Cheatin' uh ?"));
-
-    //for each link id (in $linkcheck[]) change category to selected value
-    if (count($linkcheck) == 0) {
-        header('Location: ' . $this_file);
-        exit;
-    }
-    $all_links = join(',', $linkcheck);
-    // should now have an array of links we can change
-    $q = $wpdb->query("update $wpdb->links SET link_category='$category' WHERE link_id IN ($all_links)");
-
-    header('Location: ' . $this_file);
-    break;
-  }
-
-  case 'Add':
-  {
-    check_admin_referer();
-
-    $link_url = wp_specialchars($_POST['linkurl']);
-    $link_url = preg_match('/^(https?|ftps?|mailto|news|gopher):/is', $link_url) ? $link_url : 'http://' . $link_url; 
-    $link_name = wp_specialchars($_POST['name']);
-    $link_image = wp_specialchars($_POST['image']);
-    $link_target = $_POST['target'];
-    $link_category = $_POST['category'];
-    $link_description = $_POST['description'];
-    $link_visible = $_POST['visible'];
-    $link_rating = $_POST['rating'];
-    $link_rel = $_POST['rel'];
-    $link_notes = $_POST['notes'];
-	$link_rss_uri =  wp_specialchars($_POST['rss_uri']);
-    $auto_toggle = get_autotoggle($link_category);
-
-    if ($user_level < 5)
-      die (__("Cheatin' uh ?"));
-
-    // if we are in an auto toggle category and this one is visible then we
-    // need to make the others invisible before we add this new one.
-    if (($auto_toggle == 'Y') && ($link_visible == 'Y')) {
-      $wpdb->query("UPDATE $wpdb->links set link_visible = 'N' WHERE link_category = $link_category");
-    }
-    $wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_image, link_target, link_category, link_description, link_visible, link_owner, link_rating, link_rel, link_notes, link_rss) " .
-      " VALUES('" . $link_url . "','"
-           . $link_name . "', '"
-           . $link_image . "', '$link_target', $link_category, '"
-           . $link_description . "', '$link_visible', $user_ID, $link_rating, '" . $link_rel . "', '" . $link_notes . "', '$link_rss_uri')");
-
-    header('Location: ' . $_SERVER['HTTP_REFERER'] . '?added=true');
-    break;
-  } // end Add
-
-  case 'editlink':
-  {
-    if (isset($submit)) {
-
-      if (isset($links_show_cat_id) && ($links_show_cat_id != ''))
-        $cat_id = $links_show_cat_id;
-
-      if (!isset($cat_id) || ($cat_id == '')) {
-        if (!isset($links_show_cat_id) || ($links_show_cat_id == ''))
-          $cat_id = 'All';
-      }
-      $links_show_cat_id = $cat_id;
-
-      check_admin_referer();
-
-      $link_id = (int) $_POST['link_id'];
-      $link_url = wp_specialchars($_POST['linkurl']);
-      $link_url = preg_match('/^(https?|ftps?|mailto|news|gopher):/is', $link_url) ? $link_url : 'http://' . $link_url; 
-      $link_name = wp_specialchars($_POST['name']);
-      $link_image = wp_specialchars($_POST['image']);
-      $link_target = wp_specialchars($_POST['target']);
-      $link_category = $_POST['category'];
-      $link_description = $_POST['description'];
-      $link_visible = $_POST['visible'];
-      $link_rating = $_POST['rating'];
-      $link_rel = $_POST['rel'];
-      $link_notes = $_POST['notes'];
-	  $link_rss_uri =  $_POST['rss_uri'];
-      $auto_toggle = get_autotoggle($link_category);
-
-      if ($user_level < 5)
-        die (__("Cheatin' uh ?"));
-
-      // if we are in an auto toggle category and this one is visible then we
-      // need to make the others invisible before we update this one.
-      if (($auto_toggle == 'Y') && ($link_visible == 'Y')) {
-        $wpdb->query("UPDATE $wpdb->links set link_visible = 'N' WHERE link_category = $link_category");
-      }
-
-      $wpdb->query("UPDATE $wpdb->links SET link_url='" . $link_url . "',
-	  link_name='" . $link_name . "',\n link_image='" . $link_image . "',
-	  link_target='$link_target',\n link_category=$link_category,
-	  link_visible='$link_visible',\n link_description='" . $link_description . "',
-	  link_rating=$link_rating,
-	  link_rel='" . $link_rel . "',
-	  link_notes='" . $link_notes . "',
-	  link_rss = '$link_rss_uri'
-	  WHERE link_id=$link_id");
-    } // end if save
-    setcookie('links_show_cat_id_' . COOKIEHASH, $links_show_cat_id, time()+600);
-    wp_redirect($this_file);
-    break;
-  } // end Save
-
-  case 'Delete':
-  {
-    check_admin_referer();
-
-    $link_id = (int) $_GET['link_id'];
-
-    if ($user_level < 5)
-      die (__("Cheatin' uh ?"));
-
-    $wpdb->query("DELETE FROM $wpdb->links WHERE link_id = $link_id");
-
-    if (isset($links_show_cat_id) && ($links_show_cat_id != ''))
-        $cat_id = $links_show_cat_id;
-
-    if (!isset($cat_id) || ($cat_id == '')) {
-        if (!isset($links_show_cat_id) || ($links_show_cat_id == ''))
-        $cat_id = 'All';
-    }
-    $links_show_cat_id = $cat_id;
-    setcookie('links_show_cat_id_' . COOKIEHASH, $links_show_cat_id, time()+600);
-    wp_redirect($this_file);
-    break;
-  } // end Delete
-
-  case 'linkedit': {
-	$xfn = true;
-    include_once ('admin-header.php');
-    if ($user_level < 5)
-      die(__('You do not have sufficient permissions to edit the links for this blog.'));
-
-    $link_id = (int) $_GET['link_id'];
-    $row = $wpdb->get_row("SELECT * FROM $wpdb->links WHERE link_id = $link_id");
-
-    if ($row) {
-      $link_url = wp_specialchars($row->link_url, 1);
-      $link_name = wp_specialchars($row->link_name, 1);
-      $link_image = $row->link_image;
-      $link_target = $row->link_target;
-      $link_category = $row->link_category;
-      $link_description = wp_specialchars($row->link_description);
-      $link_visible = $row->link_visible;
-      $link_rating = $row->link_rating;
-      $link_rel = $row->link_rel;
-      $link_notes = wp_specialchars($row->link_notes);
-	  $link_rss_uri = wp_specialchars($row->link_rss);
-    } else {
-		die( __('Link not found.') ); 
-	}
-
-?>
-
-<div class="wrap"> 
-  <form action="" method="post" name="editlink" id="editlink"> 
-  <h2><?php _e('Edit a link:') ?></h2>
-<fieldset class="options">
-    <legend><?php _e('Basics') ?></legend>
-        <table class="editform" width="100%" cellspacing="2" cellpadding="5">
-         <tr>
-           <th width="33%" scope="row"><?php _e('URI:') ?></th>
-           <td width="67%"><input type="text" name="linkurl" value="<?php echo $link_url; ?>" style="width: 95%;" /></td>
-         </tr>
-         <tr>
-           <th scope="row"><?php _e('Link Name:') ?></th>
-           <td><input type="text" name="name" value="<?php echo $link_name; ?>" style="width: 95%" /></td>
-         </tr>
-         <tr>
-            <th scope="row"><?php _e('Short description:') ?></th>
-         	<td><input type="text" name="description" value="<?php echo $link_description; ?>" style="width: 95%" /></td>
-         	</tr>
-        <tr>
-           <th scope="row"><?php _e('Category:') ?></th>
-           <td><?php category_dropdown('category', $link_category); ?></td>
-         </tr>
-</table>
-</fieldset>
-       <p class="submit">
-       <input type="submit" name="submit" value="<?php _e('Save Changes &raquo;') ?>" />
-       </p>
-	<fieldset class="options">
-        <legend><?php _e('Link Relationship (XFN)') ?></legend>
-        <table class="editform" width="100%" cellspacing="2" cellpadding="5">
-            <tr>
-                <th width="33%" scope="row"><?php _e('rel:') ?></th>
-            	<td width="67%"><input type="text" name="rel" id="rel" size="50" value="<?php echo $link_rel; ?>" /></td>
-           	</tr>
-            <tr>
-                <th scope="row"><?php _e('<a href="http://gmpg.org/xfn/">XFN</a> Creator:') ?></th>
-            	<td>
-					<table cellpadding="3" cellspacing="5">
-	          <tr>
-              <th scope="row"> <?php _e('identity') ?> </th>
-              <td>
-                <label for="me">
-                <input type="checkbox" name="identity" value="me" id="me" <?php xfn_check('identity', 'me'); ?> />
-          <?php _e('another web address of mine') ?></label>
-              </td>
-            </tr>
-            <tr>
-              <th scope="row"> <?php _e('friendship') ?> </th>
-              <td>
-			    <label for="contact">
-                <input class="valinp" type="radio" name="friendship" value="contact" id="contact" <?php xfn_check('friendship', 'contact', 'radio'); ?> /> <?php _e('contact') ?></label>
-                <label for="acquaintance">
-                <input class="valinp" type="radio" name="friendship" value="acquaintance" id="acquaintance" <?php xfn_check('friendship', 'acquaintance', 'radio'); ?> />  <?php _e('acquaintance') ?></label>
-                <label id="friend">
-                <input class="valinp" type="radio" name="friendship" value="friend" id="friend" <?php xfn_check('friendship', 'friend', 'radio'); ?> /> <?php _e('friend') ?></label>
-                <label for="friendship">
-                <input name="friendship" type="radio" class="valinp" value="" id="friendship" <?php xfn_check('friendship', '', 'radio'); ?> /> <?php _e('none') ?></label>
-              </td>
-            </tr>
-            <tr>
-              <th scope="row"> <?php _e('physical') ?> </th>
-              <td>
-                <label for="met">
-                <input class="valinp" type="checkbox" name="physical" value="met" id="met" <?php xfn_check('physical', 'met'); ?> />
-          <?php _e('met') ?></label>
-              </td>
-            </tr>
-            <tr>
-              <th scope="row"> <?php _e('professional') ?> </th>
-              <td>
-                <label for="co-worker">
-                <input class="valinp" type="checkbox" name="professional" value="co-worker" id="co-worker" <?php xfn_check('professional', 'co-worker'); ?> />
-          <?php _e('co-worker') ?></label>
-                <label for="colleague">
-                <input class="valinp" type="checkbox" name="professional" value="colleague" id="colleague" <?php xfn_check('professional', 'colleague'); ?> />
-          <?php _e('colleague') ?></label>
-              </td>
-            </tr>
-            <tr>
-              <th scope="row"> <?php _e('geographical') ?> </th>
-              <td>
-                <label for="co-resident">
-                <input class="valinp" type="radio" name="geographical" value="co-resident" id="co-resident" <?php xfn_check('geographical', 'co-resident', 'radio'); ?> />
-          <?php _e('co-resident') ?></label>
-                <label for="neighbor">
-                <input class="valinp" type="radio" name="geographical" value="neighbor" id="neighbor" <?php xfn_check('geographical', 'neighbor', 'radio'); ?> />
-          <?php _e('neighbor') ?></label>
-                <label for="geographical">
-                <input class="valinp" type="radio" name="geographical" value="" id="geographical" <?php xfn_check('geographical', '', 'radio'); ?> />
-          <?php _e('none') ?></label>
-              </td>
-            </tr>
-            <tr>
-              <th scope="row"> <?php _e('family') ?> </th>
-              <td>
-                <label for="child">
-                <input class="valinp" type="radio" name="family" value="child" id="child" <?php xfn_check('family', 'child', 'radio'); ?>  />
-          <?php _e('child') ?></label>
-                <label for="kin">
-                <input class="valinp" type="radio" name="family" value="kin" id="kin" <?php xfn_check('family', 'kin', 'radio'); ?>  />
-          <?php _e('kin') ?></label>
-                <label for="parent">
-                <input class="valinp" type="radio" name="family" value="parent" id="parent" <?php xfn_check('family', 'parent', 'radio'); ?> />
-          <?php _e('parent') ?></label>
-                <label for="sibling">
-                <input class="valinp" type="radio" name="family" value="sibling" id="sibling" <?php xfn_check('family', 'sibling', 'radio'); ?> />
-          <?php _e('sibling') ?></label>
-                <label for="spouse">
-                <input class="valinp" type="radio" name="family" value="spouse" id="spouse" <?php xfn_check('family', 'spouse', 'radio'); ?> />
-          <?php _e('spouse') ?></label>
-                <label for="family">
-                <input class="valinp" type="radio" name="family" value="" id="family" <?php xfn_check('family', '', 'radio'); ?> />
-          <?php _e('none') ?></label>
-              </td>
-            </tr>
-            <tr>
-              <th scope="row"> <?php _e('romantic') ?> </th>
-              <td>
-                <label for="muse">
-                <input class="valinp" type="checkbox" name="romantic" value="muse" id="muse" <?php xfn_check('romantic', 'muse'); ?> />
-         <?php _e('muse') ?></label>
-                <label for="crush">
-                <input class="valinp" type="checkbox" name="romantic" value="crush" id="crush" <?php xfn_check('romantic', 'crush'); ?> />
-         <?php _e('crush') ?></label>
-                <label for="date">
-                <input class="valinp" type="checkbox" name="romantic" value="date" id="date" <?php xfn_check('romantic', 'date'); ?> />
-         <?php _e('date') ?></label>
-                <label for="romantic">
-                <input class="valinp" type="checkbox" name="romantic" value="sweetheart" id="romantic" <?php xfn_check('romantic', 'sweetheart'); ?> />
-         <?php _e('sweetheart') ?></label>
-              </td>
-            </tr>
-        </table>
-		  </td>
-           	</tr>
-</table>
-</fieldset>
-       <p class="submit">
-       <input type="submit" name="submit" value="<?php _e('Save Changes &raquo;') ?>" />
-       </p>
-<fieldset class="options">
-        <legend><?php _e('Advanced') ?></legend>
-        <table class="editform" width="100%" cellspacing="2" cellpadding="5">
-         <tr>
-           <th width="33%" scope="row"><?php _e('Image URI:') ?></th>
-           <td width="67%"><input type="text" name="image" size="50" value="<?php echo $link_image; ?>" style="width: 95%" /></td>
-         </tr>
-<tr>
-           <th scope="row"><?php _e('RSS URI:') ?> </th>
-           <td><input name="rss_uri" type="text" id="rss_uri" value="<?php echo $link_rss_uri; ?>" size="50" style="width: 95%" /></td>
-         </tr>
-         <tr>
-           <th scope="row"><?php _e('Notes:') ?></th>
-           <td><textarea name="notes" cols="50" rows="10" style="width: 95%"><?php echo $link_notes; ?></textarea></td>
-         </tr>
-         <tr>
-           <th scope="row"><?php _e('Rating:') ?></th>
-           <td><select name="rating" size="1">
-<?php
-    for ($r = 0; $r < 10; $r++) {
-      echo('            <option value="'.$r.'" ');
-      if ($link_rating == $r)
-        echo 'selected="selected"';
-      echo('>'.$r.'</option>');
-    }
-?>
-           </select>
-         &nbsp;<?php _e('(Leave at 0 for no rating.)') ?> </td>
-         </tr>
-         <tr>
-           <th scope="row"><?php _e('Target') ?></th>
-           <td><label>
-          <input type="radio" name="target" value="_blank"   <?php echo(($link_target == '_blank') ? 'checked="checked"' : ''); ?> />
-          <code>_blank</code></label><br />
-<label>
-<input type="radio" name="target" value="_top" <?php echo(($link_target == '_top') ? 'checked="checked"' : ''); ?> />
-<code>_top</code></label><br />
-<label>
-<input type="radio" name="target" value=""     <?php echo(($link_target == '') ? 'checked="checked"' : ''); ?> />
-<?php _e('none') ?></label><br />
-<?php _e('(Note that the <code>target</code> attribute is illegal in XHTML 1.1 and 1.0 Strict.)') ?></td>
-         </tr>
-         <tr>
-           <th scope="row"><?php _e('Visible:') ?></th>
-           <td><label>
-             <input type="radio" name="visible" <?php if ($link_visible == 'Y') echo "checked='checked'"; ?> value="Y" />
-<?php _e('Yes') ?></label><br /><label>
-<input type="radio" name="visible" <?php if ($link_visible == 'N') echo "checked='checked'"; ?> value="N" />
-<?php _e('No') ?></label></td>
-         </tr>
-</table>
-</fieldset>
-<p class="submit"><input type="submit" name="submit" value="<?php _e('Save Changes &raquo;') ?>" />
-          <input type="hidden" name="action" value="editlink" />
-          <input type="hidden" name="link_id" value="<?php echo (int) $link_id; ?>" />
-          <input type="hidden" name="order_by" value="<?php echo wp_specialchars($order_by, 1); ?>" />
-          <input type="hidden" name="cat_id" value="<?php echo (int) $cat_id ?>" /></p>
-  </form> 
-</div>
-<?php
-    break;
-  } // end linkedit
-  case __("Show"):
-  {
-    if (!isset($cat_id) || ($cat_id == '')) {
-        if (!isset($links_show_cat_id) || ($links_show_cat_id == ''))
-        $cat_id = 'All';
-    }
-    $links_show_cat_id = $cat_id;
-    if (!isset($order_by) || ($order_by == '')) {
-        if (!isset($links_show_order) || ($links_show_order == ''))
-        $order_by = 'order_name';
-    }
-    $links_show_order = $order_by;
-    //break; fall through
-  } // end Show
-  case "popup":
-  {
-    $link_url = stripslashes($_GET["linkurl"]);
-    $link_name = stripslashes($_GET["name"]);
-    //break; fall through
-  }
-  default:
-  {
-    if (isset($links_show_cat_id) && ($links_show_cat_id != ''))
-        $cat_id = $links_show_cat_id;
-
-    if (!isset($cat_id) || ($cat_id == '')) {
-        if (!isset($links_show_cat_id) || ($links_show_cat_id == ''))
-        $cat_id = 'All';
-    }
-    $links_show_cat_id = $cat_id;
-    if (isset($links_show_order) && ($links_show_order != ''))
-        $order_by = $links_show_order;
-
-    if (!isset($order_by) || ($order_by == ''))
-        $order_by = 'order_name';
-    $links_show_order = $order_by;
-
-    setcookie('links_show_cat_id_' . COOKIEHASH, $links_show_cat_id, time()+600);
-    setcookie('links_show_order_' . COOKIEHASH, $links_show_order, time()+600);
-    include_once ("./admin-header.php");
-    if ($user_level < 5) {
-      die(__("You do not have sufficient permissions to edit the links for this blog."));
-    }
-
-    switch ($order_by)
-    {
-        case 'order_id':     $sqlorderby = 'id';          break;
-        case 'order_url':    $sqlorderby = 'url';         break;
-        case 'order_desc':   $sqlorderby = 'description'; break;
-        case 'order_owner':  $sqlorderby = 'owner';       break;
-        case 'order_rating': $sqlorderby = 'rating';      break;
-        case 'order_name':
-        default:             $sqlorderby = 'name';        break;
-    }
-
-  if ($action != "popup") {
 ?>
 <script type="text/javascript">
 <!--
@@ -573,183 +61,145 @@ function checkAll(form)
 //-->
 </script>
 
-<div class="wrap">
-    <form name="cats" method="post" action="">
-    <table width="75%" cellpadding="3" cellspacing="3">
-      <tr>
-        <td>
-        <?php _e('<strong>Show</strong> links in category:'); ?><br />
-        </td>
-        <td>
-          <?php _e('<strong>Order</strong> by:');?>
-        </td>
-		<td>&nbsp;</td>
-      </tr>
-      <tr>
-        <td>
 <?php
-    $results = $wpdb->get_results("SELECT cat_id, cat_name, auto_toggle FROM $wpdb->linkcategories ORDER BY cat_id");
-    echo "        <select name=\"cat_id\">\n";
-    echo "          <option value=\"All\"";
-    if ($cat_id == 'All')
-      echo " selected='selected'";
-    echo "> " . __('All') . "</option>\n";
-    foreach ($results as $row) {
-      echo "          <option value=\"".$row->cat_id."\"";
-      if ($row->cat_id == $cat_id)
-        echo " selected='selected'";
-        echo ">".$row->cat_id.": ".wp_specialchars($row->cat_name);
-        if ($row->auto_toggle == 'Y')
-            echo ' (auto toggle)';
-        echo "</option>\n";
-    }
-    echo "        </select>\n";
+if ( isset($_GET['deleted']) ) {
+	echo '<div style="background-color: rgb(207, 235, 247);" id="message" class="updated fade"><p>';
+	$deleted = (int) $_GET['deleted'];
+	printf(__ngettext('%s link deleted.', '%s links deleted', $deleted), $deleted);
+	echo '</p></div>';
+}
 ?>
-        </td>
-        <td>
-          <select name="order_by">
-            <option value="order_id"     <?php if ($order_by == 'order_id')     echo " selected='selected'";?>><?php _e('Link ID') ?></option>
-            <option value="order_name"   <?php if ($order_by == 'order_name')   echo " selected='selected'";?>><?php _e('Name') ?></option>
-            <option value="order_url"    <?php if ($order_by == 'order_url')    echo " selected='selected'";?>><?php _e('URI') ?></option>
-            <option value="order_desc"   <?php if ($order_by == 'order_desc')   echo " selected='selected'";?>><?php _e('Description') ?></option>
-            <option value="order_owner"  <?php if ($order_by == 'order_owner')  echo " selected='selected'";?>><?php _e('Owner') ?></option>
-            <option value="order_rating" <?php if ($order_by == 'order_rating') echo " selected='selected'";?>><?php _e('Rating') ?></option>
-          </select>
-        </td>
-        <td>
-          <input type="submit" name="action" value="<?php _e('Show') ?>" />
-        </td>
-      </tr>
-    </table>
-    </form>
 
-</div>
-
-<form name="links" id="links" method="post" action="">
 <div class="wrap">
 
-    <input type="hidden" name="link_id" value="" />
-    <input type="hidden" name="action" value="" />
-    <input type="hidden" name="order_by" value="<?php echo wp_specialchars($order_by, 1); ?>" />
-    <input type="hidden" name="cat_id" value="<?php echo (int) $cat_id ?>" />
-  <table width="100%" cellpadding="3" cellspacing="3">
-    <tr>
-      <th width="15%"><?php _e('Name') ?></th>
-      <th><?php _e('URI') ?></th>
-      <th><?php _e('Category') ?></th>
-      <th><?php _e('rel') ?></th>
-      <th><?php _e('Image') ?></th>
-      <th><?php _e('Visible') ?></th>
-      <th colspan="2"><?php _e('Action') ?></th>
-      <th>&nbsp;</th>
-  </tr>
+<h2><?php _e('Blogroll Management'); ?></h2>
+<p><?php _e('Here you <a href="link-add.php">add links</a> to sites that you visit often and share them on your blog. When you have a list of links in your sidebar to other blogs, it&#8217;s called a &#8220;blogroll.&#8221;'); ?></p>
+<form id="cats" method="get" action="">
+<p><?php
+$categories = get_categories("hide_empty=1&type=link");
+$select_cat = "<select name=\"cat_id\">\n";
+$select_cat .= '<option value="all"'  . (($cat_id == 'all') ? " selected='selected'" : '') . '>' . __('All') . "</option>\n";
+foreach ((array) $categories as $cat)
+	$select_cat .= '<option value="' . $cat->cat_ID . '"' . (($cat->cat_ID == $cat_id) ? " selected='selected'" : '') . '>' . wp_specialchars(apply_filters('link_category', $cat->cat_name)) . "</option>\n";
+$select_cat .= "</select>\n";
+
+$select_order = "<select name=\"order_by\">\n";
+$select_order .= '<option value="order_id"' . (($order_by == 'order_id') ? " selected='selected'" : '') . '>' .  __('Link ID') . "</option>\n";
+$select_order .= '<option value="order_name"' . (($order_by == 'order_name') ? " selected='selected'" : '') . '>' .  __('Name') . "</option>\n";
+$select_order .= '<option value="order_url"' . (($order_by == 'order_url') ? " selected='selected'" : '') . '>' .  __('Address') . "</option>\n";
+$select_order .= '<option value="order_rating"' . (($order_by == 'order_rating') ? " selected='selected'" : '') . '>' .  __('Rating') . "</option>\n";
+$select_order .= "</select>\n";
+
+printf(__('Currently showing %1$s links ordered by %2$s'), $select_cat, $select_order);
+?>
+<input type="submit" name="action" value="<?php _e('Update &raquo;') ?>" /></p>
+</form>
 <?php
-    $sql = "SELECT link_url, link_name, link_image, link_description, link_visible,
-            link_category AS cat_id, cat_name AS category, $wpdb->users.user_login, link_id,
-            link_rating, link_rel, $wpdb->users.user_level
-            FROM $wpdb->links
-            LEFT JOIN $wpdb->linkcategories ON $wpdb->links.link_category = $wpdb->linkcategories.cat_id
-            LEFT JOIN $wpdb->users ON $wpdb->users.ID = $wpdb->links.link_owner ";
-
-    if (isset($cat_id) && ($cat_id != 'All')) {
-      $sql .= " WHERE link_category = $cat_id ";
-    }
-    $sql .= ' ORDER BY link_' . $sqlorderby;
-
-    // echo "$sql";
-    $links = $wpdb->get_results($sql);
-    if ($links) {
-        foreach ($links as $link) {
-      	    $link->link_name = wp_specialchars($link->link_name);
-      	    $link->link_category = wp_specialchars($link->link_category);
-      	    $link->link_description = wp_specialchars($link->link_description);
-            $link->link_url = wp_specialchars($link->link_url);
-            $short_url = str_replace('http://', '', $link->link_url);
-            $short_url = str_replace('www.', '', $short_url);
-            if ('/' == substr($short_url, -1))
-                $short_url = substr($short_url, 0, -1);
-            if (strlen($short_url) > 35)
-                $short_url =  substr($short_url, 0, 32).'...';
-
-            $image = ($link->link_image != null) ? __('Yes') : __('No');
-            $visible = ($link->link_visible == 'Y') ? __('Yes') : __('No');
-            ++$i;
-            $style = ($i % 2) ? ' class="alternate"' : '';
+$link_columns = array(
+	'name'       => '<th width="15%">' . __('Name') . '</th>',
+	'url'       => '<th>' . __('URL') . '</th>',
+	'categories' => '<th>' . __('Categories') . '</th>',
+	'rel'      => '<th style="text-align: center">' . __('rel') . '</th>',
+	'visible'   => '<th style="text-align: center">' . __('Visible') . '</th>',
+	'action'   => '<th colspan="2" style="text-align: center">' . __('Action') . '</th>',
+);
+$link_columns = apply_filters('manage_link_columns', $link_columns);
 ?>
-    <tr valign="middle" <?php echo $style; ?>>
-		<td><strong><?php echo $link->link_name; ?></strong><br />
-<?php			
-        echo sprintf(__('Description: %s'), $link->link_description) . "</td>";
-        echo "<td><a href=\"$link->link_url\" title=\"" . sprintf(__('Visit %s'), $link->link_name) . "\">$short_url</a></td>";
-        echo <<<LINKS
-        <td>$link->category</td>
-        <td>$link->link_rel</td>
-        <td align='center'>$image</td>
-        <td align='center'>$visible</td>
-LINKS;
-            $show_buttons = 1; // default
 
-            if ($link->user_level > $user_level) {
-              $show_buttons = 0;
-            }
-
-            if ($show_buttons) {
-        echo '<td><a href="link-manager.php?link_id=' . $link->link_id . '&amp;action=linkedit" class="edit">' . __('Edit') . '</a></td>';
-        echo '<td><a href="link-manager.php?link_id=' . $link->link_id . '&amp;action=Delete"' .  " onclick=\"return confirm('" . __("You are about to delete this link.\\n  \'Cancel\' to stop, \'OK\' to delete.") .  "');" . '" class="delete">' . __('Delete') . '</a></td>';
-        echo '<td><input type="checkbox" name="linkcheck[]" value="' . $link->link_id . '" /></td>';
-            } else {
-              echo "<td>&nbsp;</td><td>&nbsp;</td><td>&nbsp;</td>\n";
-            }
-		echo "\n\t</tr>";
-        }
-    }
+<?php
+if ( 'all' == $cat_id )
+	$cat_id = '';
+$links = get_bookmarks( "category=$cat_id&hide_invisible=0&orderby=$sqlorderby&hide_empty=0" );
+if ( $links ) {
 ?>
+
+<form id="links" method="post" action="link.php">
+<?php wp_nonce_field('bulk-bookmarks') ?>
+<input type="hidden" name="link_id" value="" />
+<input type="hidden" name="action" value="" />
+<input type="hidden" name="order_by" value="<?php echo attribute_escape($order_by); ?>" />
+<input type="hidden" name="cat_id" value="<?php echo (int) $cat_id ?>" />
+<table class="widefat">
+	<thead>
+	<tr>
+<?php foreach($link_columns as $column_display_name) {
+	echo $column_display_name;
+} ?>
+	<th style="text-align: center"><input type="checkbox" onclick="checkAll(document.getElementById('links'));" /></th>
+	</tr>
+	</thead>
+	<tbody id="the-list">
+<?php
+	foreach ($links as $link) {
+		$link->link_name = attribute_escape(apply_filters('link_title', $link->link_name));
+		$link->link_description = wp_specialchars(apply_filters('link_description', $link->link_description));
+		$link->link_url = clean_url($link->link_url);
+		$link->link_category = wp_get_link_cats($link->link_id);
+		$short_url = str_replace('http://', '', $link->link_url);
+		$short_url = str_replace('www.', '', $short_url);
+		if ('/' == substr($short_url, -1))
+			$short_url = substr($short_url, 0, -1);
+		if (strlen($short_url) > 35)
+			$short_url = substr($short_url, 0, 32).'...';
+
+		$visible = ($link->link_visible == 'Y') ? __('Yes') : __('No');
+		++ $i;
+		$style = ($i % 2) ? '' : ' class="alternate"';
+		?><tr id="link-<?php echo $link->link_id; ?>" valign="middle" <?php echo $style; ?>><?php
+		foreach($link_columns as $column_name=>$column_display_name) {
+			switch($column_name) {
+				case 'name':
+					?><td><strong><?php echo $link->link_name; ?></strong><br /><?php
+					echo $link->link_description . "</td>";
+					break;
+				case 'url':
+					echo "<td><a href='$link->link_url' title='".sprintf(__('Visit %s'), $link->link_name)."'>$short_url</a></td>";
+					break;
+				case 'categories':
+					?><td><?php
+					$cat_names = array();
+					foreach ($link->link_category as $category) {
+						$cat_name = get_the_category_by_ID($category);
+						$cat_name = wp_specialchars(apply_filters('link_category', $cat_name));
+						if ( $cat_id != $category )
+							$cat_name = "<a href='link-manager.php?cat_id=$category'>$cat_name</a>";
+						$cat_names[] = $cat_name;
+					}
+					echo implode(', ', $cat_names);
+					?> </td><?php
+					break;
+				case 'rel':
+					?><td><?php echo $link->link_rel; ?></td><?php
+					break;
+				case 'visible':
+					?><td align='center'><?php echo $visible; ?></td><?php
+					break;
+				case 'action':
+					echo '<td><a href="link.php?link_id='.$link->link_id.'&amp;action=edit" class="edit">'.__('Edit').'</a></td>';
+					echo '<td><a href="' . wp_nonce_url('link.php?link_id='.$link->link_id.'&amp;action=delete', 'delete-bookmark_' . $link->link_id ) . '"'." onclick=\"return deleteSomething( 'link', $link->link_id , '".js_escape(sprintf(__("You are about to delete the '%s' link to %s.\n'Cancel' to stop, 'OK' to delete."), $link->link_name, $link->link_url )).'\' );" class="delete">'.__('Delete').'</a></td>';
+					break;
+				default:
+					?>
+					<td><?php do_action('manage_link_custom_column', $column_name, $link->link_id); ?></td>
+					<?php
+					break;
+
+			}
+		}
+		echo '<td align="center"><input type="checkbox" name="linkcheck[]" value="'.$link->link_id.'" /></td>';
+		echo "\n    </tr>\n";
+	}
+?>
+	</tbody>
 </table>
 
-</div>
+<div id="ajax-response"></div>
 
-<div class="wrap">
-  <table width="100%" cellpadding="3" cellspacing="3">
-    <tr><th colspan="4"><?php _e('Manage Multiple Links:') ?></th></tr>
-    <tr><td colspan="4"><?php _e('Use the checkboxes on the right to select multiple links and choose an action below:') ?></td></tr>
-    <tr>
-        <td>
-          <?php _e('Assign ownership to:'); ?>
-<?php
-    $results = $wpdb->get_results("SELECT ID, user_login FROM $wpdb->users WHERE user_level > 0 ORDER BY ID");
-    echo "          <select name=\"newowner\" size=\"1\">\n";
-    foreach ($results as $row) {
-      echo "            <option value=\"".$row->ID."\"";
-      echo ">".$row->user_login;
-      echo "</option>\n";
-    }
-    echo "          </select>\n";
-?>
-        <input name="assign" type="submit" id="assign" value="<?php _e('Go') ?>" />
-        </td>
-        <td>
-          <input name="visibility" type="submit" id="visibility" value="<?php _e('Toggle Visibility') ?>" />
-        </td>
-        <td>
-          <?php _e('Move to category:'); category_dropdown('category'); ?> <input name="move" type="submit" id="move" value="<?php _e('Go') ?>" />
-        </td>
-        <td align="right">
-          <a href="#" onclick="checkAll(document.getElementById('links')); return false; "><?php _e('Toggle Checkboxes') ?></a>
-        </td>
-    </tr>
-</table>
-
-<?php
-  } // end if !popup
-?>
-</div>
+<p class="submit"><input type="submit" class="button" name="deletebookmarks" id="deletebookmarks" value="<?php _e('Delete Checked Links') ?> &raquo;" onclick="return confirm('<?php echo js_escape(__("You are about to delete these links permanently.\n'Cancel' to stop, 'OK' to delete.")); ?>')" /></p>
 </form>
 
+<?php } ?>
 
-<?php
-    break;
-  } // end default
-} // end case
-?>
+</div>
 
 <?php include('admin-footer.php'); ?>

wp-admin/link-parse-opml.php

@@ -4,12 +4,12 @@ require_once('../wp-config.php');
 // columns we wish to find are:  link_url, link_name, link_target, link_description
 // we need to map XML attribute names to our columns
 $opml_map = array('URL'         => 'link_url',
-                  'HTMLURL'     => 'link_url',
-                  'TEXT'        => 'link_name',
-                  'TITLE'       => 'link_name',
-                  'TARGET'      => 'link_target',
-                  'DESCRIPTION' => 'link_description',
-                  'XMLURL'      => 'link_rss'
+	'HTMLURL'     => 'link_url',
+	'TEXT'        => 'link_name',
+	'TITLE'       => 'link_name',
+	'TARGET'      => 'link_target',
+	'DESCRIPTION' => 'link_description',
+	'XMLURL'      => 'link_rss'
 );
 
 $map = $opml_map;
@@ -20,24 +20,24 @@ $map = $opml_map;
  **/
 function startElement($parser, $tagName, $attrs) {
 	global $updated_timestamp, $all_links, $map;
-    global $names, $urls, $targets, $descriptions, $feeds;
+	global $names, $urls, $targets, $descriptions, $feeds;
 
 	if ($tagName == 'OUTLINE') {
-        foreach (array_keys($map) as $key) {
-            if (isset($attrs[$key])) {
-                $$map[$key] = $attrs[$key];
-            }
-        }
+		foreach (array_keys($map) as $key) {
+			if (isset($attrs[$key])) {
+				$$map[$key] = $attrs[$key];
+			}
+		}
 
-        //echo("got data: link_url = [$link_url], link_name = [$link_name], link_target = [$link_target], link_description = [$link_description]<br />\n");
+		//echo("got data: link_url = [$link_url], link_name = [$link_name], link_target = [$link_target], link_description = [$link_description]<br />\n");
 
-        // save the data away.
-        $names[] = $link_name;
-        $urls[] = $link_url;
-        $targets[] = $link_target;
+		// save the data away.
+		$names[] = $link_name;
+		$urls[] = $link_url;
+		$targets[] = $link_target;
 		$feeds[] = $link_rss;
-        $descriptions[] = $link_description;
-    } // end if outline
+		$descriptions[] = $link_description;
+	} // end if outline
 }
 
 /**
@@ -55,11 +55,11 @@ $xml_parser = xml_parser_create();
 xml_set_element_handler($xml_parser, "startElement", "endElement");
 
 if (!xml_parse($xml_parser, $opml, true)) {
-    echo(sprintf("XML error: %s at line %d",
-                   xml_error_string(xml_get_error_code($xml_parser)),
-                   xml_get_current_line_number($xml_parser)));
+	echo(sprintf(__('XML error: %1$s at line %2$s'),
+	xml_error_string(xml_get_error_code($xml_parser)),
+	xml_get_current_line_number($xml_parser)));
 }
 
 // Free up memory used by the XML parser
 xml_parser_free($xml_parser);
-?>
+?>

wp-admin/link.php

@@ -0,0 +1,117 @@
+<?php
+require_once ('admin.php');
+
+wp_reset_vars(array('action', 'cat_id', 'linkurl', 'name', 'image', 'description', 'visible', 'target', 'category', 'link_id', 'submit', 'order_by', 'links_show_cat_id', 'rating', 'rel', 'notes', 'linkcheck[]'));
+
+if ('' != $_POST['deletebookmarks'])
+	$action = 'deletebookmarks';
+if ('' != $_POST['move'])
+	$action = 'move';
+if ('' != $_POST['linkcheck'])
+	$linkcheck = $_POST[linkcheck];
+
+$this_file = 'link-manager.php';
+
+switch ($action) {
+		case 'deletebookmarks' :
+		check_admin_referer('bulk-bookmarks');
+
+		// check the current user's level first.
+		if (!current_user_can('manage_links'))
+			wp_die(__('Cheatin&#8217; uh?'));
+
+		//for each link id (in $linkcheck[]) change category to selected value
+		if (count($linkcheck) == 0) {
+			wp_redirect($this_file);
+			exit;
+		}
+
+		$deleted = 0;
+		foreach ($linkcheck as $link_id) {
+			$link_id = (int) $link_id;
+
+			if ( wp_delete_link($link_id) )
+				$deleted++;
+		}
+
+		wp_redirect("$this_file?deleted=$deleted");
+		exit;
+		break;
+
+	case 'move' :
+		check_admin_referer('bulk-bookmarks');
+
+		// check the current user's level first.
+		if (!current_user_can('manage_links'))
+			wp_die(__('Cheatin&#8217; uh?'));
+
+		//for each link id (in $linkcheck[]) change category to selected value
+		if (count($linkcheck) == 0) {
+			wp_redirect($this_file);
+			exit;
+		}
+		$all_links = join(',', $linkcheck);
+		// should now have an array of links we can change
+		//$q = $wpdb->query("update $wpdb->links SET link_category='$category' WHERE link_id IN ($all_links)");
+
+		wp_redirect($this_file);
+		exit;
+		break;
+
+	case 'add' :
+		check_admin_referer('add-bookmark');
+
+		add_link();
+
+		wp_redirect(wp_get_referer().'?added=true');
+		exit;
+		break;
+
+	case 'save' :
+		$link_id = (int) $_POST['link_id'];
+		check_admin_referer('update-bookmark_' . $link_id);
+
+		edit_link($link_id);
+
+		wp_redirect($this_file);
+		exit;
+		break;
+
+	case 'delete' :
+		$link_id = (int) $_GET['link_id'];
+		check_admin_referer('delete-bookmark_' . $link_id);
+
+		if (!current_user_can('manage_links'))
+			wp_die(__('Cheatin&#8217; uh?'));
+
+		wp_delete_link($link_id);
+
+		wp_redirect($this_file);
+		exit;
+		break;
+
+	case 'edit' :
+		wp_enqueue_script( array('xfn', 'dbx-admin-key?pagenow=link.php') );
+		if ( current_user_can( 'manage_categories' ) )
+			wp_enqueue_script( 'ajaxcat' );
+		$parent_file = 'link-manager.php';
+		$submenu_file = 'link-manager.php';
+		$title = __('Edit Link');
+		include_once ('admin-header.php');
+		if (!current_user_can('manage_links'))
+			wp_die(__('You do not have sufficient permissions to edit the links for this blog.'));
+
+		$link_id = (int) $_GET['link_id'];
+
+		if (!$link = get_link_to_edit($link_id))
+			wp_die(__('Link not found.'));
+
+		include ('edit-link-form.php');
+		break;
+
+	default :
+		break;
+}
+
+include ('admin-footer.php');
+?>

wp-admin/menu-header.php

@@ -8,32 +8,36 @@ get_admin_page_parent();
 foreach ($menu as $item) {
 	$class = '';
 
-	// 0 = name, 1 = user_level, 2 = file
+	// 0 = name, 1 = capability, 2 = file
 	if (( strcmp($self, $item[2]) == 0 && empty($parent_file)) || ($parent_file && ($item[2] == $parent_file))) $class = ' class="current"';
-    
-	if ($user_level >= $item[1]) {
-		if ( file_exists(ABSPATH . "wp-content/plugins/{$item[2]}") )
-			echo "\n\t<li><a href='" . get_settings('siteurl') . "/wp-admin/admin.php?page={$item[2]}'$class>{$item[0]}</a></li>";			
+
+	if ( !empty($submenu[$item[2]]) ) {
+		$submenu[$item[2]] = array_values($submenu[$item[2]]);  // Re-index.
+		$menu_hook = get_plugin_page_hook($submenu[$item[2]][0][2], $item[2]);
+		if ( file_exists(ABSPATH . PLUGINDIR . "/{$submenu[$item[2]][0][2]}") || !empty($menu_hook))
+			echo "\n\t<li><a href='admin.php?page={$submenu[$item[2]][0][2]}'$class>{$item[0]}</a></li>";
 		else
-			echo "\n\t<li><a href='" . get_settings('siteurl') . "/wp-admin/{$item[2]}'$class>{$item[0]}</a></li>";
+			echo "\n\t<li><a href='{$submenu[$item[2]][0][2]}'$class>{$item[0]}</a></li>";
+	} else if ( current_user_can($item[1]) ) {
+		if ( file_exists(ABSPATH . PLUGINDIR . "/{$item[2]}") )
+			echo "\n\t<li><a href='admin.php?page={$item[2]}'$class>{$item[0]}</a></li>";
+		else
+			echo "\n\t<li><a href='{$item[2]}'$class>{$item[0]}</a></li>";
 	}
 }
 
 ?>
-	<li class="last"><a href="<?php echo get_settings('siteurl')
-	 ?>/wp-login.php?action=logout" title="<?php _e('Log out of this account') ?>"><?php printf(__('Logout (%s)'), $user_nickname) ?></a></li>
 </ul>
 
 <?php
 // Sub-menu
 if ( isset($submenu["$parent_file"]) ) :
 ?>
-<ul id="adminmenu2">
-<?php 
-foreach ($submenu["$parent_file"] as $item) : 
-	 if ($user_level < $item[1]) {
+<ul id="submenu">
+<?php
+foreach ($submenu["$parent_file"] as $item) :
+	 if ( !current_user_can($item[1]) )
 		 continue;
-	 }
 
 if ( isset($submenu_file) ) {
 	if ( $submenu_file == $item[2] ) $class = ' class="current"';
@@ -43,16 +47,26 @@ else $class = '';
 
 $menu_hook = get_plugin_page_hook($item[2], $parent_file);
 
-if (file_exists(ABSPATH . "wp-content/plugins/{$item[2]}") || ! empty($menu_hook)) {
+if (file_exists(ABSPATH . PLUGINDIR . "/{$item[2]}") || ! empty($menu_hook)) {
  	if ( 'admin.php' == $pagenow )
-		echo "\n\t<li><a href='" . get_settings('siteurl') . "/wp-admin/admin.php?page={$item[2]}'$class>{$item[0]}</a></li>";
+		echo "\n\t<li><a href='admin.php?page={$item[2]}'$class>{$item[0]}</a></li>";
 	else
-		echo "\n\t<li><a href='" . get_settings('siteurl') . "/wp-admin/{$parent_file}?page={$item[2]}'$class>{$item[0]}</a></li>";
+		echo "\n\t<li><a href='{$parent_file}?page={$item[2]}'$class>{$item[0]}</a></li>";
  } else {
-	echo "\n\t<li><a href='" . get_settings('siteurl') . "/wp-admin/{$item[2]}'$class>{$item[0]}</a></li>";
+	echo "\n\t<li><a href='{$item[2]}'$class>{$item[0]}</a></li>";
  }
 endforeach;
 ?>
 
 </ul>
-<?php endif; ?>
+<?php
+else :
+?>
+<div id="minisub"></div>
+<?php
+
+endif;
+
+do_action('admin_notices');
+
+?>

wp-admin/menu.php

@@ -4,60 +4,139 @@
 // Menu item name
 // The minimum level the user needs to access the item: between 0 and 10
 // The URL of the item's file
-$menu[0] = array(__('Dashboard'), 0, 'index.php');
-$menu[5] = array(__('Write'), 1, 'post.php');
-$menu[10] = array(__('Manage'), 1, 'edit.php');
-$menu[20] = array(__('Links'), 5, 'link-manager.php');
-$menu[25] = array(__('Presentation'), 8, 'themes.php');
-$menu[30] = array(__('Plugins'), 8, 'plugins.php');
-$menu[35] = array(__('Users'), 0, 'profile.php');
-$menu[40] = array(__('Options'), 6, 'options-general.php');
+$menu[0] = array(__('Dashboard'), 'read', 'index.php');
 
-if ( get_option('use_fileupload') )
-	$menu[45] = array(__('Upload'), get_settings('fileupload_minlevel'), 'upload.php');
+if (strpos($_SERVER['REQUEST_URI'], 'edit-pages.php') !== false)
+	$menu[5] = array(__('Write'), 'edit_pages', 'page-new.php');
+else
+	$menu[5] = array(__('Write'), 'edit_posts', 'post-new.php');
+if (strpos($_SERVER['REQUEST_URI'], 'page-new.php') !== false)
+	$menu[10] = array(__('Manage'), 'edit_pages', 'edit-pages.php');
+else
+	$menu[10] = array(__('Manage'), 'edit_posts', 'edit.php');
 
-$submenu['post.php'][5] = array(__('Write Post'), 1, 'post.php');
-$submenu['post.php'][10] = array(__('Write Page'), 5, 'page-new.php');
+$menu[15] = array(__('Comments'), 'edit_posts', 'edit-comments.php');
+$menu[20] = array(__('Blogroll'), 'manage_links', 'link-manager.php');
+$menu[25] = array(__('Presentation'), 'switch_themes', 'themes.php');
+$menu[30] = array(__('Plugins'), 'activate_plugins', 'plugins.php');
+if ( current_user_can('edit_users') )
+	$menu[35] = array(__('Users'), 'edit_users', 'users.php');
+else
+	$menu[35] = array(__('Profile'), 'read', 'profile.php');
+$menu[40] = array(__('Options'), 'manage_options', 'options-general.php');
 
-$submenu['edit.php'][5] = array(__('Posts'), 1, 'edit.php');
-$submenu['edit.php'][10] = array(__('Pages'), 5, 'edit-pages.php');
-$submenu['edit.php'][15] = array(__('Categories'), 1, 'categories.php');
-$submenu['edit.php'][20] = array(__('Comments'), 1, 'edit-comments.php');
+
+$_wp_real_parent_file['post.php'] = 'post-new.php'; // Back-compat
+$submenu['post-new.php'][5] = array(__('Write Post'), 'edit_posts', 'post-new.php');
+$submenu['post-new.php'][10] = array(__('Write Page'), 'edit_pages', 'page-new.php');
+
+$submenu['edit-comments.php'][5] = array(__('Comments'), 'edit_posts', 'edit-comments.php');
 $awaiting_mod = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->comments WHERE comment_approved = '0'");
-$submenu['edit.php'][25] = array(sprintf(__("Awaiting Moderation (%s)"), $awaiting_mod), 1, 'moderation.php');
-$submenu['edit.php'][30] = array(__('Files'), 8, 'templates.php');
+$submenu['edit-comments.php'][25] = array(sprintf(__("Awaiting Moderation (%s)"), "<span id='awaitmod'>$awaiting_mod</span>"), 'edit_posts', 'moderation.php');
 
-$submenu['link-manager.php'][5] = array(__('Manage Links'), 5, 'link-manager.php');
-$submenu['link-manager.php'][10] = array(__('Add Link'), 5, 'link-add.php');
-$submenu['link-manager.php'][15] = array(__('Link Categories'), 5, 'link-categories.php');
-$submenu['link-manager.php'][20] = array(__('Import Links'), 5, 'link-import.php');
 
-$submenu['profile.php'][5] = array(__('Your Profile'), 0, 'profile.php');
-$submenu['profile.php'][10] = array(__('Authors &amp; Users'), 5, 'users.php');
+$submenu['edit.php'][5] = array(__('Posts'), 'edit_posts', 'edit.php');
+$submenu['edit.php'][10] = array(__('Pages'), 'edit_pages', 'edit-pages.php');
+$submenu['edit.php'][12] = array(__('Uploads'), 'upload_files', 'upload.php');
+$submenu['edit.php'][15] = array(__('Categories'), 'manage_categories', 'categories.php');
+$submenu['edit.php'][30] = array(__('Files'), 'edit_files', 'templates.php');
+$submenu['edit.php'][35] = array(__('Import'), 'import', 'import.php');
+$submenu['edit.php'][40] = array(__('Export'), 'import', 'export.php');
 
-$submenu['options-general.php'][5] = array(__('General'), 6, 'options-general.php');
-$submenu['options-general.php'][10] = array(__('Writing'), 6, 'options-writing.php');
-$submenu['options-general.php'][15] = array(__('Reading'), 6, 'options-reading.php');
-$submenu['options-general.php'][20] = array(__('Discussion'), 6, 'options-discussion.php');
-$submenu['options-general.php'][25] = array(__('Permalinks'), 6, 'options-permalink.php');
-$submenu['options-general.php'][30] = array(__('Miscellaneous'), 6, 'options-misc.php');
+$submenu['link-manager.php'][5] = array(__('Manage Blogroll'), 'manage_links', 'link-manager.php');
+$submenu['link-manager.php'][10] = array(__('Add Link'), 'manage_links', 'link-add.php');
+$submenu['link-manager.php'][20] = array(__('Import Links'), 'manage_links', 'link-import.php');
 
-$submenu['plugins.php'][5] = array(__('Plugins'), 8, 'plugins.php');
-$submenu['plugins.php'][10] = array(__('Plugin Editor'), 8, 'plugin-editor.php');
+if ( current_user_can('edit_users') ) {
+	$_wp_real_parent_file['profile.php'] = 'users.php'; // Back-compat for plugins adding submenus to profile.php.
+	$submenu['users.php'][5] = array(__('Authors &amp; Users'), 'edit_users', 'users.php');
+	$submenu['users.php'][10] = array(__('Your Profile'), 'read', 'profile.php');
+} else {
+	$submenu['profile.php'][5] = array(__('Your Profile'), 'read', 'profile.php');
+}
 
-$submenu['themes.php'][5] = array(__('Themes'), 8, 'themes.php');
-$submenu['themes.php'][10] = array(__('Theme Editor'), 8, 'theme-editor.php');
+$submenu['options-general.php'][10] = array(__('General'), 'manage_options', 'options-general.php');
+$submenu['options-general.php'][15] = array(__('Writing'), 'manage_options', 'options-writing.php');
+$submenu['options-general.php'][20] = array(__('Reading'), 'manage_options', 'options-reading.php');
+$submenu['options-general.php'][25] = array(__('Discussion'), 'manage_options', 'options-discussion.php');
+$submenu['options-general.php'][30] = array(__('Privacy'), 'manage_options', 'options-privacy.php');
+$submenu['options-general.php'][35] = array(__('Permalinks'), 'manage_options', 'options-permalink.php');
+$submenu['options-general.php'][40] = array(__('Miscellaneous'), 'manage_options', 'options-misc.php');
+
+$submenu['plugins.php'][5] = array(__('Plugins'), 'activate_plugins', 'plugins.php');
+$submenu['plugins.php'][10] = array(__('Plugin Editor'), 'edit_plugins', 'plugin-editor.php');
+
+$submenu['themes.php'][5] = array(__('Themes'), 'switch_themes', 'themes.php');
+$submenu['themes.php'][10] = array(__('Theme Editor'), 'edit_themes', 'theme-editor.php');
+
+do_action('_admin_menu');
 
 // Create list of page plugin hook names.
 foreach ($menu as $menu_page) {
 	$admin_page_hooks[$menu_page[2]] = sanitize_title($menu_page[0]);
 }
 
+$_wp_submenu_nopriv = array();
+$_wp_menu_nopriv = array();
+// Loop over submenus and remove pages for which the user does not have privs.
+foreach ($submenu as $parent => $sub) {
+	foreach ($sub as $index => $data) {
+		if ( ! current_user_can($data[1]) ) {
+			unset($submenu[$parent][$index]);
+			$_wp_submenu_nopriv[$parent][$data[2]] = true;
+		}
+	}
+
+	if ( empty($submenu[$parent]) )
+		unset($submenu[$parent]);
+}
+
+// Loop over the top-level menu.
+// Menus for which the original parent is not acessible due to lack of privs will have the next
+// submenu in line be assigned as the new menu parent.
+foreach ( $menu as $id => $data ) {
+	if ( empty($submenu[$data[2]]) ) 
+		continue;
+	$subs = $submenu[$data[2]];
+	$first_sub = array_shift($subs);
+	$old_parent = $data[2];
+	$new_parent = $first_sub[2];
+	// If the first submenu is not the same as the assigned parent,
+	// make the first submenu the new parent.
+	if ( $new_parent != $old_parent ) {
+		$_wp_real_parent_file[$old_parent] = $new_parent;
+		$menu[$id][2] = $new_parent;
+
+		foreach ($submenu[$old_parent] as $index => $data) {
+			$submenu[$new_parent][$index] = $submenu[$old_parent][$index];
+			unset($submenu[$old_parent][$index]);
+		}
+		unset($submenu[$old_parent]);
+		$_wp_submenu_nopriv[$new_parent] = $_wp_submenu_nopriv[$old_parent];
+	}
+}
+
 do_action('admin_menu', '');
-ksort($menu); // make it all pretty
+
+// Remove menus that have no accessible submenus and require privs that the user does not have.
+// Run re-parent loop again.
+foreach ( $menu as $id => $data ) {
+	// If submenu is empty...
+	if ( empty($submenu[$data[2]]) ) {
+		// And user doesn't have privs, remove menu.
+		if ( ! current_user_can($data[1]) ) {
+			$_wp_menu_nopriv[$data[2]] = true;
+			unset($menu[$id]);
+		}
+	}
+}
+
+unset($id);
+
+uksort($menu, "strnatcasecmp"); // make it all pretty
 
 if (! user_can_access_admin_page()) {
-	die( __('You do not have sufficient permissions to access this page.') );
+	wp_die( __('You do not have sufficient permissions to access this page.') );
 }
 
 ?>

wp-admin/moderation.php

@@ -2,23 +2,10 @@
 require_once('admin.php');
 
 $title = __('Moderate comments');
-$parent_file = 'edit.php';
+$parent_file = 'edit-comments.php';
+wp_enqueue_script( 'admin-comments' );
 
-$wpvarstoreset = array('action', 'item_ignored', 'item_deleted', 'item_approved', 'item_spam', 'feelinglucky');
-for ($i=0; $i<count($wpvarstoreset); $i += 1) {
-	$wpvar = $wpvarstoreset[$i];
-	if (!isset($$wpvar)) {
-		if (empty($_POST["$wpvar"])) {
-			if (empty($_GET["$wpvar"])) {
-				$$wpvar = '';
-			} else {
-				$$wpvar = $_GET["$wpvar"];
-			}
-		} else {
-			$$wpvar = $_POST["$wpvar"];
-		}
-	}
-}
+wp_reset_vars(array('action', 'item_ignored', 'item_deleted', 'item_approved', 'item_spam', 'feelinglucky'));
 
 $comment = array();
 if (isset($_POST["comment"])) {
@@ -31,9 +18,10 @@ switch($action) {
 
 case 'update':
 
-	if ($user_level < 3) {
-		die(__('<p>Your level is not high enough to moderate comments.</p>'));
-	}
+	check_admin_referer('moderate-comments');
+
+	if ( !current_user_can('moderate_comments') )
+		wp_die(__('Your level is not high enough to moderate comments.'));
 
 	$item_ignored = 0;
 	$item_deleted = 0;
@@ -43,7 +31,7 @@ case 'update':
 	foreach($comment as $key => $value) {
 	if ($feelinglucky && 'later' == $value)
 		$value = 'delete';
-	    switch($value) {
+		switch($value) {
 			case 'later':
 				// do nothing with that comment
 				// wp_set_comment_status($key, "hold");
@@ -53,22 +41,22 @@ case 'update':
 				wp_set_comment_status($key, 'delete');
 				++$item_deleted;
 				break;
- 			case 'spam':
- 				wp_set_comment_status($key, 'spam');
- 				++$item_spam;
- 				break;
+			case 'spam':
+				wp_set_comment_status($key, 'spam');
+				++$item_spam;
+				break;
 			case 'approve':
 				wp_set_comment_status($key, 'approve');
-				if ( get_settings('comments_notify') == true ) {
+				if ( get_option('comments_notify') == true ) {
 					wp_notify_postauthor($key);
 				}
 				++$item_approved;
 				break;
-	    }
+		}
 	}
 
 	$file = basename(__FILE__);
-	header("Location: $file?ignored=$item_ignored&deleted=$item_deleted&approved=$item_approved&spam=$item_spam");
+	wp_redirect("$file?ignored=$item_ignored&deleted=$item_deleted&approved=$item_approved&spam=$item_spam");
 	exit();
 
 break;
@@ -78,48 +66,36 @@ default:
 require_once('admin-header.php');
 
 if ( isset($_GET['deleted']) || isset($_GET['approved']) || isset($_GET['ignored']) ) {
-	echo "<div class='updated'>\n<p>";
+	echo "<div id='moderated' class='updated fade'>\n<p>";
 	$approved = (int) $_GET['approved'];
 	$deleted  = (int) $_GET['deleted'];
 	$ignored  = (int) $_GET['ignored'];
 	$spam     = (int) $_GET['spam'];
 	if ($approved) {
-		if ('1' == $approved) {
-		 echo __("1 comment approved <br />") . "\n";
-		} else {
-		 echo sprintf(__("%s comments approved <br />"), $approved) . "\n";
-		}
+		printf(__ngettext('%s comment approved', '%s comments approved', $approved), $approved);
+		echo "<br/>\n";
 	}
 	if ($deleted) {
-		if ('1' == $deleted) {
-		echo __("1 comment deleted <br />") . "\n";
-		} else {
-		echo sprintf(__("%s comments deleted <br />"), $deleted) . "\n";
-		}
+		printf(__ngettext('%s comment deleted', '%s comments deleted', $deleted), $deleted);
+		echo "<br/>\n";
+	}
+	if ($spam) {
+		printf(__ngettext('%s comment marked as spam', '%s comments marked as spam', $spam), $spam);
+		echo "<br/>\n";
 	}
- 	if ($spam) {
- 		if ('1' == $spam) {
- 		echo __("1 comment marked as spam <br />") . "\n";
- 		} else {
- 		echo sprintf(__("%s comments marked as spam <br />"), $spam) . "\n";
- 		}
- 	}
 	if ($ignored) {
-		if ('1' == $ignored) {
-		echo __("1 comment unchanged <br />") . "\n";
-		} else {
-		echo sprintf(__("%s comments unchanged <br />"), $ignored) . "\n";
-		}
+		printf(__ngettext('%s comment unchanged', '%s comments unchanged', $ignored), $ignored);
+		echo "<br/>\n";
 	}
 	echo "</p></div>\n";
 }
 
 ?>
-	
+
 <div class="wrap">
 
 <?php
-if ($user_level > 3)
+if ( current_user_can('moderate_comments') )
 	$comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_approved = '0'");
 else
 	$comments = '';
@@ -130,38 +106,46 @@ if ($comments) {
 ?>
     <h2><?php _e('Moderation Queue') ?></h2>
     <form name="approval" action="moderation.php" method="post">
+    <?php wp_nonce_field('moderate-comments') ?>
     <input type="hidden" name="action" value="update" />
-    <ol id="comments" class="commentlist">
+    <ol id="the-comment-list" class="commentlist">
 <?php
 $i = 0;
     foreach($comments as $comment) {
 	++$i;
-	$comment_date = mysql2date(get_settings("date_format") . " @ " . get_settings("time_format"), $comment->comment_date);
+	$comment_date = mysql2date(get_option("date_format") . " @ " . get_option("time_format"), $comment->comment_date);
 	$post_title = $wpdb->get_var("SELECT post_title FROM $wpdb->posts WHERE ID='$comment->comment_post_ID'");
-	if ($i % 2) $class = 'class="alternate"';
-	else $class = '';
-	echo "\n\t<li id='comment-$comment->comment_ID' $class>"; 
+	if ($i % 2) $class = 'js-unapproved alternate';
+	else $class = 'js-unapproved';
+	echo "\n\t<li id='comment-$comment->comment_ID' class='$class'>"; 
 	?>
-			<p><strong><?php _e('Name:') ?></strong> <?php comment_author_link() ?> <?php if ($comment->comment_author_email) { ?>| <strong><?php _e('E-mail:') ?></strong> <?php comment_author_email_link() ?> <?php } if ($comment->comment_author_email) { ?> | <strong><?php _e('URI:') ?></strong> <?php comment_author_url_link() ?> <?php } ?>| <strong><?php _e('IP:') ?></strong> <a href="http://ws.arin.net/cgi-bin/whois.pl?queryinput=<?php comment_author_IP() ?>"><?php comment_author_IP() ?></a></p>
+	<p><strong><?php comment_author() ?></strong> <?php if ($comment->comment_author_email) { ?>| <?php comment_author_email_link() ?> <?php } if ($comment->comment_author_url && 'http://' != $comment->comment_author_url) { ?> | <?php comment_author_url_link() ?> <?php } ?>| <?php _e('IP:') ?> <a href="http://ws.arin.net/cgi-bin/whois.pl?queryinput=<?php comment_author_IP() ?>"><?php comment_author_IP() ?></a></p>
 <?php comment_text() ?>
-<p><?php
-echo '<a href="post.php?action=editcomment&amp;comment='.$comment->comment_ID.'">' . __('Edit') . '</a> | ';?>
-<a href="<?php echo get_permalink($comment->comment_post_ID); ?>"><?php _e('View Post') ?></a> | 
-<?php 
-echo " <a href=\"post.php?action=deletecomment&amp;p=".$comment->comment_post_ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return confirm('" . sprintf(__("You are about to delete this comment by \'%s\'\\n  \'Cancel\' to stop, \'OK\' to delete."), $comment->comment_author) . "')\">" . __('Delete just this comment') . "</a> | "; ?>  <?php _e('Bulk action:') ?>
-	<input type="radio" name="comment[<?php echo $comment->comment_ID; ?>]" id="comment[<?php echo $comment->comment_ID; ?>]-approve" value="approve" /> <label for="comment[<?php echo $comment->comment_ID; ?>]-approve"><?php _e('Approve') ?></label>
-	<input type="radio" name="comment[<?php echo $comment->comment_ID; ?>]" id="comment[<?php echo $comment->comment_ID; ?>]-spam" value="spam" /> <label for="comment[<?php echo $comment->comment_ID; ?>]-spam"><?php _e('Spam') ?></label>
-	<input type="radio" name="comment[<?php echo $comment->comment_ID; ?>]" id="comment[<?php echo $comment->comment_ID; ?>]-delete" value="delete" /> <label for="comment[<?php echo $comment->comment_ID; ?>]-delete"><?php _e('Delete') ?></label>
-	<input type="radio" name="comment[<?php echo $comment->comment_ID; ?>]" id="comment[<?php echo $comment->comment_ID; ?>]-nothing" value="later" checked="checked" /> <label for="comment[<?php echo $comment->comment_ID; ?>]-nothing"><?php _e('Defer until later') ?></label>
+<p><?php comment_date(__('M j, g:i A')); ?> &#8212; [ <?php
+echo '<a href="comment.php?action=editcomment&amp;c='.$comment->comment_ID.'">' . __('Edit') . '</a> | ';
+echo " <a href=\"post.php?action=deletecomment&amp;p=".$comment->comment_post_ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to delete this comment by '%s'.\n'Cancel' to stop, 'OK' to delete."), $comment->comment_author )) . "', theCommentList );\">" . __('Delete') . "</a> | "; ?>
+<?php
+$post = get_post($comment->comment_post_ID);
+$post_title = wp_specialchars( $post->post_title, 'double' );
+$post_title = ('' == $post_title) ? "# $comment->comment_post_ID" : $post_title;
+?>
+<a href="<?php echo get_permalink($comment->comment_post_ID); ?>" title="<?php echo $post_title; ?>"><?php _e('View Post') ?></a> ] &#8212;
+ <?php _e('Bulk action:') ?>
+	<input type="radio" name="comment[<?php echo $comment->comment_ID; ?>]" id="comment-<?php echo $comment->comment_ID; ?>-approve" value="approve" /> <label for="comment-<?php echo $comment->comment_ID; ?>-approve"><?php _e('Approve') ?></label> &nbsp;
+	<input type="radio" name="comment[<?php echo $comment->comment_ID; ?>]" id="comment-<?php echo $comment->comment_ID; ?>-spam" value="spam" /> <label for="comment-<?php echo $comment->comment_ID; ?>-spam"><?php _e('Spam') ?></label> &nbsp;
+	<input type="radio" name="comment[<?php echo $comment->comment_ID; ?>]" id="comment-<?php echo $comment->comment_ID; ?>-delete" value="delete" /> <label for="comment-<?php echo $comment->comment_ID; ?>-delete"><?php _e('Delete') ?></label> &nbsp;
+	<input type="radio" name="comment[<?php echo $comment->comment_ID; ?>]" id="comment-<?php echo $comment->comment_ID; ?>-nothing" value="later" checked="checked" /> <label for="comment-<?php echo $comment->comment_ID; ?>-nothing"><?php _e('Defer until later') ?></label>
 	</p>
 
 	</li>
 <?php
-    }
+	}
 ?>
-    </ol>
+	</ol>
 
-    <p class="submit"><input type="submit" name="submit" value="<?php _e('Moderate Comments &raquo;') ?>" /></p>
+<div id="ajax-response"></div>
+
+<p class="submit"><input type="submit" name="submit" value="<?php _e('Bulk Moderate Comments &raquo;') ?>" /></p>
 <script type="text/javascript">
 // <![CDATA[
 function markAllForDelete() {
@@ -201,11 +185,11 @@ document.write('<ul><li><a href="javascript:markAllForApprove()"><?php _e('Mark
 		<input name="feelinglucky" type="checkbox" id="feelinglucky" value="true" /> <label for="feelinglucky"><?php _e('Delete every comment marked "defer." <strong>Warning: This can&#8217;t be undone.</strong>'); ?></label>
 	</p>
 </noscript>
-    </form>
+</form>
 <?php
 } else {
-    // nothing to approve
-    echo __("<p>Currently there are no comments for you to moderate.</p>") . "\n";
+	// nothing to approve
+	echo '<p>'.__("Currently there are no comments for you to moderate.") . "</p>\n";
 }
 ?>
 
@@ -217,4 +201,6 @@ break;
 }
 
 
-include('admin-footer.php') ?>
+include('admin-footer.php');
+
+?>

wp-admin/options-discussion.php

@@ -5,96 +5,82 @@ $title = __('Discussion Options');
 $parent_file = 'options-general.php';
 
 include('admin-header.php');
-
-if ($action == 'retrospam') {
-	if ( $_GET['move'] == 'true' ) {
-		retrospam_mgr::move_spam( $_GET[ids] );
-	}
-	$retrospaminator = new retrospam_mgr();
-	$result = $retrospaminator->find_spam();
-	echo $retrospaminator->display_edit_form( $result );
-	include('./admin-footer.php');
-	exit;
-}
 ?>
 
 <div class="wrap"> 
-	<h2><?php _e('Discussion Options') ?></h2> 
-	<form name="form1" method="post" action="options.php"> 
-		<input type="hidden" name="action" value="update" /> 
-		<input type="hidden" name="page_options" value="'default_pingback_flag','default_ping_status','default_comment_status','comments_notify','moderation_notify','comment_moderation','require_name_email','comment_whitelist','comment_max_links','moderation_keys','blacklist_keys','open_proxy_check'" /> 
+<h2><?php _e('Discussion Options') ?></h2> 
+<form method="post" action="options.php"> 
+<?php wp_nonce_field('update-options') ?>
+<p class="submit"><input type="submit" name="Submit" value="<?php _e('Update Options &raquo;') ?>" /></p>
 <fieldset class="options">
-        <legend><?php _e('Usual settings for an article: <em>(These settings may be overridden for individual articles.)</em>') ?></legend> 
-		<ul> 
-			<li> 
-				<label for="default_pingback_flag"> 
-				<input name="default_pingback_flag" type="checkbox" id="default_pingback_flag" value="1" <?php checked('1', get_settings('default_pingback_flag')); ?> /> 
-            <?php _e('Attempt to notify any Weblogs linked to from the article (slows down posting.)') ?></label> 
-			</li> 
-			<li> 
-				<label for="default_ping_status"> 
-				<input name="default_ping_status" type="checkbox" id="default_ping_status" value="open" <?php checked('open', get_settings('default_ping_status')); ?> /> 
-            <?php _e('Allow link notifications from other Weblogs (pingbacks and trackbacks.)') ?></label> 
-			</li> 
-			<li> 
-				<label for="default_comment_status"> 
-				<input name="default_comment_status" type="checkbox" id="default_comment_status" value="open" <?php checked('open', get_settings('default_comment_status')); ?> /> 
-            <?php _e('Allow people to post comments on the article') ?></label> 
-			</li> 
-		</ul> 
+<legend><?php echo __('Usual settings for an article:').'<br /><small><em>('.__('These settings may be overridden for individual articles.').')</em></small>'; ?></legend> 
+<ul> 
+<li> 
+<label for="default_pingback_flag"> 
+<input name="default_pingback_flag" type="checkbox" id="default_pingback_flag" value="1" <?php checked('1', get_option('default_pingback_flag')); ?> /> 
+<?php _e('Attempt to notify any Weblogs linked to from the article (slows down posting.)') ?></label> 
+</li> 
+<li> 
+<label for="default_ping_status"> 
+<input name="default_ping_status" type="checkbox" id="default_ping_status" value="open" <?php checked('open', get_option('default_ping_status')); ?> /> 
+<?php _e('Allow link notifications from other Weblogs (pingbacks and trackbacks.)') ?></label> 
+</li> 
+<li> 
+<label for="default_comment_status"> 
+<input name="default_comment_status" type="checkbox" id="default_comment_status" value="open" <?php checked('open', get_option('default_comment_status')); ?> /> 
+<?php _e('Allow people to post comments on the article') ?></label> 
+</li> 
+</ul> 
 </fieldset>
 <fieldset class="options">
-        <legend><?php _e('E-mail me whenever:') ?></legend> 
-		<ul> 
-			<li> 
-				<label for="comments_notify"> 
-				<input name="comments_notify" type="checkbox" id="comments_notify" value="1" <?php checked('1', get_settings('comments_notify')); ?> /> 
-                <?php _e('Anyone posts a comment') ?> </label> 
-			</li> 
-			<li> 
-				<label for="moderation_notify"> 
-				<input name="moderation_notify" type="checkbox" id="moderation_notify" value="1" <?php checked('1', get_settings('moderation_notify')); ?> /> 
-				<?php _e('A comment is held for moderation') ?> </label> 
-			</li> 
-		</ul> 
+<legend><?php _e('E-mail me whenever:') ?></legend> 
+<ul> 
+<li> 
+<label for="comments_notify"> 
+<input name="comments_notify" type="checkbox" id="comments_notify" value="1" <?php checked('1', get_option('comments_notify')); ?> /> 
+<?php _e('Anyone posts a comment') ?> </label> 
+</li> 
+<li> 
+<label for="moderation_notify"> 
+<input name="moderation_notify" type="checkbox" id="moderation_notify" value="1" <?php checked('1', get_option('moderation_notify')); ?> /> 
+<?php _e('A comment is held for moderation') ?> </label> 
+</li> 
+</ul> 
 </fieldset>
 <fieldset class="options">
-        <legend><?php _e('Before a comment appears:') ?></legend> 
-		<ul>
-			<li>
-				<label for="comment_moderation"> 
-				<input name="comment_moderation" type="checkbox" id="comment_moderation" value="1" <?php checked('1', get_settings('comment_moderation')); ?> /> 
-				<?php _e('An administrator must approve the comment (regardless of any matches below)') ?> </label> 
-			</li> 
-			<li><label for="require_name_email"><input type="checkbox" name="require_name_email" id="require_name_email" value="1" <?php checked('1', get_settings('require_name_email')); ?> /> <?php _e('Comment author must fill out name and e-mail') ?></label></li> 
-			<li><label for="comment_whitelist"><input type="checkbox" name="comment_whitelist" id="comment_whitelist" value="1" <?php checked('1', get_settings('comment_whitelist')); ?> /> <?php _e('Comment author must have a previously approved comment') ?></label></li> 
-		</ul> 
+<legend><?php _e('Before a comment appears:') ?></legend> 
+<ul>
+<li>
+<label for="comment_moderation"> 
+<input name="comment_moderation" type="checkbox" id="comment_moderation" value="1" <?php checked('1', get_option('comment_moderation')); ?> /> 
+<?php _e('An administrator must always approve the comment') ?> </label> 
+</li> 
+<li><label for="require_name_email"><input type="checkbox" name="require_name_email" id="require_name_email" value="1" <?php checked('1', get_option('require_name_email')); ?> /> <?php _e('Comment author must fill out name and e-mail') ?></label></li> 
+<li><label for="comment_whitelist"><input type="checkbox" name="comment_whitelist" id="comment_whitelist" value="1" <?php checked('1', get_option('comment_whitelist')); ?> /> <?php _e('Comment author must have a previously approved comment') ?></label></li> 
+</ul> 
 </fieldset>
 <fieldset class="options">
-    <legend><?php _e('Comment Moderation') ?></legend>
-    <p><?php printf(__('Hold a comment in the queue if it contains more than %s links. (A common characteristic of comment spam is a large number of hyperlinks.)'), '<input name="comment_max_links" type="text" id="comment_max_links" size="3" value="' . get_settings('comment_max_links'). '" />' ) ?></p>
+<legend><?php _e('Comment Moderation') ?></legend>
+<p><?php printf(__('Hold a comment in the queue if it contains %s or more links. (A common characteristic of comment spam is a large number of hyperlinks.)'), '<input name="comment_max_links" type="text" id="comment_max_links" size="3" value="' . get_option('comment_max_links'). '" />' ) ?></p>
 
-    <p><?php _e('When a comment contains any of these words in its content, name, URI, e-mail, or IP, hold it in the moderation queue: (Separate multiple words with new lines.) <a href="http://codex.wordpress.org/Spam_Words">Common spam words</a>.') ?></p>
-		<p> 
-			<textarea name="moderation_keys" cols="60" rows="4" id="moderation_keys" style="width: 98%; font-size: 12px;" class="code"><?php form_option('moderation_keys'); ?></textarea> 
-		</p> 
-		<p>
-			<a id="retrospambutton" href="options-discussion.php?action=retrospam"><?php _e('Check past comments against moderation list'); ?></a>
- 		</p> 
+<p><?php _e('When a comment contains any of these words in its content, name, URL, e-mail, or IP, it will be held in the <a href="moderation.php">moderation queue</a>. One word or IP per line. It will match inside words, so "press" will match "WordPress".') ?></p>
+<p> 
+<textarea name="moderation_keys" cols="60" rows="4" id="moderation_keys" style="width: 98%; font-size: 12px;" class="code"><?php form_option('moderation_keys'); ?></textarea> 
+</p> 
 </fieldset>
 <fieldset class="options">
-    <legend><?php _e('Comment Blacklist') ?></legend>
-    <p><?php _e('This is a list of words that you want completely blacklisted from your blog. Be very careful what you add here, because if a comment matches something here it will be completely nuked and there will be no notification. Remember that partial words can match, so if there is any chance something here might match it would be better to put it in the moderation box above.') ?></p>
-		<p> 
-			<textarea name="blacklist_keys" cols="60" rows="4" id="blacklist_keys" style="width: 98%; font-size: 12px;" class="code"><?php form_option('blacklist_keys'); ?></textarea> 
-		</p>
-		<p><label for="open_proxy_check"> 
-				<input name="open_proxy_check" type="checkbox" id="open_proxy_check" value="1" <?php checked('1', get_settings('open_proxy_check')); ?> /> 
-            <?php _e('Blacklist comments from open and insecure proxies.') ?></label></p>
+<legend><?php _e('Comment Blacklist') ?></legend>
+<p><?php _e('When a comment contains any of these words in its content, name, URL, e-mail, or IP, it will be marked as spam. One word or IP per line. It will match inside words, so "press" will match "WordPress".') ?></p>
+<p> 
+<textarea name="blacklist_keys" cols="60" rows="4" id="blacklist_keys" style="width: 98%; font-size: 12px;" class="code"><?php form_option('blacklist_keys'); ?></textarea> 
+</p>
 </fieldset>
-		<p class="submit"> 
-    	<input type="submit" name="Submit" value="<?php _e('Update Options') ?>" /> 
-		</p> 
-	</form> 
+<p class="submit">
+<input type="hidden" name="action" value="update" /> 
+<input type="hidden" name="page_options" value="default_pingback_flag,default_ping_status,default_comment_status,comments_notify,moderation_notify,comment_moderation,require_name_email,comment_whitelist,comment_max_links,moderation_keys,blacklist_keys" /> 
+<input type="submit" name="Submit" value="<?php _e('Update Options &raquo;') ?>" /> 
+</p>
+</form>
 </div>
+
 <?php include('./admin-footer.php'); ?>

wp-admin/options-general.php

@@ -1,99 +1,106 @@
 <?php
-require_once('admin.php');
+require_once('./admin.php');
 
 $title = __('General Options');
 $parent_file = 'options-general.php';
 
-include('admin-header.php');
+include('./admin-header.php');
 ?>
  
-<div class="wrap"> 
-  <h2><?php _e('General Options') ?></h2> 
-  <form name="form1" method="post" action="options.php"> 
-    <input type="hidden" name="action" value="update" /> 
-	<input type="hidden" name="action" value="update" /> <input type="hidden" name="page_options" value="'blogname','blogdescription','siteurl','admin_email','users_can_register','gmt_offset','date_format','time_format','home','start_of_week','comment_registration'" /> 
-    <table width="100%" cellspacing="2" cellpadding="5" class="editform"> 
-      <tr valign="top"> 
-        <th width="33%" scope="row"><?php _e('Weblog title:') ?></th> 
-        <td><input name="blogname" type="text" id="blogname" value="<?php form_option('blogname'); ?>" size="40" /></td> 
-      </tr> 
-      <tr valign="top"> 
-        <th scope="row"><?php _e('Tagline:') ?></th> 
-        <td><input name="blogdescription" type="text" id="blogdescription" style="width: 95%" value="<?php form_option('blogdescription'); ?>" size="45" />
-        <br />
+<div class="wrap">
+<h2><?php _e('General Options') ?></h2>
+<form method="post" action="options.php"> 
+<?php wp_nonce_field('update-options') ?>
+<p class="submit"><input type="submit" name="Submit" value="<?php _e('Update Options &raquo;') ?>" /></p>
+<table class="optiontable"> 
+<tr valign="top"> 
+<th scope="row"><?php _e('Weblog title:') ?></th> 
+<td><input name="blogname" type="text" id="blogname" value="<?php form_option('blogname'); ?>" size="40" /></td> 
+</tr> 
+<tr valign="top"> 
+<th scope="row"><?php _e('Tagline:') ?></th> 
+<td><input name="blogdescription" type="text" id="blogdescription" style="width: 95%" value="<?php form_option('blogdescription'); ?>" size="45" />
+<br />
 <?php _e('In a few words, explain what this weblog is about.') ?></td> 
-      </tr> 
-      <tr valign="top"> 
-        <th scope="row"><?php _e('WordPress address (URI):') ?></th> 
-        <td><input name="siteurl" type="text" id="siteurl" value="<?php form_option('siteurl'); ?>" size="40" class="code" /></td> 
-      </tr> 
-      <tr valign="top">
-      	<th scope="row"><?php _e('Blog address (URI):') ?></th>
-      	<td><input name="home" type="text" id="home" value="<?php form_option('home'); ?>" size="40" class="code" /><br /><?php _e('If you want your blog homepage to be different than the directory you installed WordPress in, enter that address here. '); ?></td>
-      	</tr>
-      <tr valign="top"> 
-        <th scope="row"><?php _e('E-mail address:') ?> </th> 
-        <td><input name="admin_email" type="text" id="admin_email" value="<?php form_option('admin_email'); ?>" size="40" class="code" />
-        <br />
+</tr> 
+<tr valign="top"> 
+<th scope="row"><?php _e('WordPress address (URL):') ?></th> 
+<td><input name="siteurl" type="text" id="siteurl" value="<?php form_option('siteurl'); ?>" size="40" class="code<?php if ( defined( 'WP_SITEURL' ) ) : ?> disabled" disabled="disabled"<?php else: ?>"<?php endif; ?> /></td> 
+</tr> 
+<tr valign="top">
+<th scope="row"><?php _e('Blog address (URL):') ?></th>
+<td><input name="home" type="text" id="home" value="<?php form_option('home'); ?>" size="40" class="code<?php if ( defined( 'WP_HOME' ) ) : ?> disabled" disabled="disabled"<?php else: ?>"<?php endif; ?> /><br /><?php _e('Enter the address here if you want your blog homepage <a href="http://codex.wordpress.org/Giving_WordPress_Its_Own_Directory">to be different from the directory</a> you installed WordPress.'); ?></td>
+</tr>
+<tr valign="top"> 
+<th scope="row"><?php _e('E-mail address:') ?> </th> 
+<td><input name="admin_email" type="text" id="admin_email" value="<?php form_option('admin_email'); ?>" size="40" class="code" />
+<br />
 <?php _e('This address is used only for admin purposes.') ?></td> 
-      </tr>
-      <tr valign="top"> 
-        <th scope="row"><?php _e('Membership:') ?></th> 
-        <td> <label for="users_can_register"> 
-          <input name="users_can_register" type="checkbox" id="users_can_register" value="1" <?php checked('1', get_settings('users_can_register')); ?> /> 
-          <?php _e('Anyone can register') ?></label><br />
-		  <label for="comment_registration">
-			<input name="comment_registration" type="checkbox" id="comment_registration" value="1" <?php checked('1', get_settings('comment_registration')); ?> /> 
-				<?php _e('Users must be registered and logged in to comment') ?>
-			</label>
+</tr>
+<tr valign="top"> 
+<th scope="row"><?php _e('Membership:') ?></th> 
+<td> <label for="users_can_register"> 
+<input name="users_can_register" type="checkbox" id="users_can_register" value="1" <?php checked('1', get_option('users_can_register')); ?> /> 
+<?php _e('Anyone can register') ?></label><br />
+<label for="comment_registration">
+<input name="comment_registration" type="checkbox" id="comment_registration" value="1" <?php checked('1', get_option('comment_registration')); ?> /> 
+<?php _e('Users must be registered and logged in to comment') ?>
+</label>
 </td> 
-      </tr> 
-    </table> 
-    <fieldset class="options"> 
-    <legend><?php _e('Date and Time') ?></legend> 
-	    <table width="100%" cellspacing="2" cellpadding="5" class="editform"> 
-      <tr> 
-          <th scope="row" width="33%"><?php _e('<abbr title="Coordinated Universal Time">UTC</abbr> time is:') ?> </th> 
-        <td><code><?php echo gmdate('Y-m-d g:i:s a'); ?></code></td> 
-      </tr>
-      <tr>
-        <th scope="row"><?php _e('Times in the weblog should differ by:') ?> </th>
-        <td><input name="gmt_offset" type="text" id="gmt_offset" size="2" value="<?php form_option('gmt_offset'); ?>" /> 
-        <?php _e('hours') ?> </td>
-      </tr>
-      <tr>
-      	<th scope="row">&nbsp;</th>
-      	<td><?php _e('The following use the same syntax as the <a href="http://php.net/date">PHP <code>date()</code> function</a>. Save option to update sample output.') ?> </td>
-      	</tr>
-      <tr>
-      	<th scope="row"><?php _e('Default date format:') ?></th>
-      	<td><input name="date_format" type="text" id="date_format" size="30" value="<?php form_option('date_format'); ?>" /><br />
-<?php _e('Output:') ?> <strong><?php echo mysql2date(get_settings('date_format'), current_time('mysql')); ?></strong></td>
-      	</tr>
-      <tr>
-        <th scope="row"><?php _e('Default time format:') ?></th>
-      	<td><input name="time_format" type="text" id="time_format" size="30" value="<?php form_option('time_format'); ?>" /><br />
-<?php _e('Output:') ?> <strong><?php echo gmdate(get_settings('time_format'), current_time('timestamp')); ?></strong></td>
-      	</tr> 
-      <tr>
-        <th scope="row"><?php _e('Weeks in the calendar should start on:') ?></th>
-        <td><select name="start_of_week" id="start_of_week">
-	<?php
+</tr> 
+<tr valign="top"> 
+<th scope="row"><?php _e('New User Default Role:') ?></th> 
+<td><label for="default_role"> 
+<select name="default_role" id="default_role"><?php wp_dropdown_roles( get_option('default_role') ); ?></select></label>
+</td> 
+</tr> 
+</table> 
+<fieldset class="options"> 
+<legend><?php _e('Date and Time') ?></legend> 
+<table class="optiontable"> 
+<tr> 
+<th scope="row"><?php _e('<abbr title="Coordinated Universal Time">UTC</abbr> time is:') ?> </th> 
+<td><code><?php echo gmdate(__('Y-m-d g:i:s a')); ?></code></td> 
+</tr>
+<tr>
+<th scope="row"><?php _e('Times in the weblog should differ by:') ?> </th>
+<td><input name="gmt_offset" type="text" id="gmt_offset" size="2" value="<?php form_option('gmt_offset'); ?>" /> 
+<?php _e('hours') ?> (<?php _e('Your timezone offset, for example <code>-6</code> for Central Time.'); ?>)</td>
+</tr>
+<tr>
+<th scope="row"><?php _e('Default date format:') ?></th>
+<td><input name="date_format" type="text" id="date_format" size="30" value="<?php form_option('date_format'); ?>" /><br />
+<?php _e('Output:') ?> <strong><?php echo mysql2date(get_option('date_format'), current_time('mysql')); ?></strong></td>
+</tr>
+<tr>
+<th scope="row"><?php _e('Default time format:') ?></th>
+<td><input name="time_format" type="text" id="time_format" size="30" value="<?php form_option('time_format'); ?>" /><br />
+<?php _e('Output:') ?> <strong><?php echo gmdate(get_option('time_format'), current_time('timestamp')); ?></strong></td>
+</tr> 
+<tr>
+<th scope="row">&nbsp;</th>
+<td><?php _e('<a href="http://codex.wordpress.org/Formatting_Date_and_Time">Documentation on date formatting</a>. Click "Update options" to update sample output.') ?> </td>
+</tr>
+<tr>
+<th scope="row"><?php _e('Weeks in the calendar should start on:') ?></th>
+<td><select name="start_of_week" id="start_of_week">
+<?php
 for ($day_index = 0; $day_index <= 6; $day_index++) :
-	if ($day_index == get_settings('start_of_week')) $selected = " selected='selected'";
-	else $selected = '';
-echo "\n\t<option value='$day_index' $selected>$weekday[$day_index]</option>";
+	$selected = (get_option('start_of_week') == $day_index) ? 'selected="selected"' : '';
+	echo "\n\t<option value='$day_index' $selected>" . $wp_locale->get_weekday($day_index) . '</option>';
 endfor;
 ?>
 </select></td>
-       		</tr>
-
+</tr>
 </table>
+</fieldset> 
+
+<p class="submit"><input type="submit" name="Submit" value="<?php _e('Update Options &raquo;') ?>" />
+<input type="hidden" name="action" value="update" /> 
+<input type="hidden" name="page_options" value="<?php if ( ! defined( 'WP_SITEURL' ) ) echo 'siteurl,'; if ( ! defined( 'WP_HOME' ) ) echo 'home,'; ?>blogname,blogdescription,admin_email,users_can_register,gmt_offset,date_format,time_format,start_of_week,comment_registration,default_role" /> 
+</p>
+</form>
 
-    </fieldset> 
-    <p class="submit">
-      <input type="submit" name="Submit" value="<?php _e('Update Options') ?> &raquo;" />
-    </p>
-  </form> 
 </div> 
-<?php include("admin-footer.php") ?>
+
+<?php include('./admin-footer.php') ?>

wp-admin/options-head.php

@@ -1,24 +1,5 @@
-<?php
-
-$wpvarstoreset = array('action','standalone', 'option_group_id');
-for ($i=0; $i<count($wpvarstoreset); $i += 1) {
-	$wpvar = $wpvarstoreset[$i];
-	if (!isset($$wpvar)) {
-		if (empty($_POST["$wpvar"])) {
-			if (empty($_GET["$wpvar"])) {
-				$$wpvar = '';
-			} else {
-				$$wpvar = $_GET["$wpvar"];
-			}
-		} else {
-			$$wpvar = $_POST["$wpvar"];
-		}
-	}
-}
-?>
-
-<br clear="all" />
+<?php wp_reset_vars(array('action', 'standalone', 'option_group_id')); ?>
 
 <?php if (isset($_GET['updated'])) : ?>
-<div class="updated"><p><strong><?php _e('Options saved.') ?></strong></p></div>
+<div id="message" class="updated fade"><p><strong><?php _e('Options saved.') ?></strong></p></div>
 <?php endif; ?>

wp-admin/options-misc.php

@@ -7,66 +7,46 @@ $parent_file = 'options-general.php';
 include('admin-header.php');
 
 ?>
- 
-<div class="wrap"> 
-<h2><?php _e('Miscellaneous Options') ?></h2> 
-<form name="miscoptions" method="post" action="options.php"> 
-	<input type="hidden" name="action" value="update" />
-	<input type="hidden" name="page_options" value="'hack_file','use_fileupload','fileupload_realpath','fileupload_url','fileupload_allowedtypes','fileupload_maxk','fileupload_maxk','fileupload_minlevel','use_geo_positions','use_linksupdate'" /> 
-	<fieldset class="options">
-	<legend>
-	<input name="use_fileupload" type="checkbox" id="use_fileupload" value="1" <?php checked('1', get_settings('use_fileupload')); ?> />
-	<label for="use_fileupload"><?php _e('Allow File Uploads') ?></label></legend>
-	<table width="100%" cellspacing="2" cellpadding="5" class="editform"> 
-	<tr> 
-	<th width="33%" valign="top" scope="row"><?php _e('Destination directory:') ?> </th> 
-	<td>
-	<input name="fileupload_realpath" type="text" id="fileupload_realpath" value="<?php form_option('fileupload_realpath'); ?>" size="50" /><br />
-	<?php printf(__('Recommended: <code>%s</code>'), ABSPATH . 'wp-content') ?>
-	
-	</td> 
-	</tr> 
-	<tr>
-	<th valign="top" scope="row"><?php _e('URI of this directory:') ?> </th>
-	<td>          
-	<input name="fileupload_url" type="text" id="fileupload_url" value="<?php form_option('fileupload_url'); ?>" size="50" /><br />
-	<?php printf(__('Recommended: <code>%s</code>'), get_settings('siteurl') . '/wp-content') ?>
-	</td>
-	</tr>
-	<tr>
-	<th scope="row"><?php _e('Maximum size:') ?> </th>
-	<td><input name="fileupload_maxk" type="text" id="fileupload_maxk" value="<?php form_option('fileupload_maxk'); ?>" size="4" /> 
-	<?php _e('Kilobytes (KB)') ?></td>
-	</tr>
-	<tr>
-	<th valign="top" scope="row"><?php _e('Allowed file extensions:') ?></th>
-	<td><input name="fileupload_allowedtypes" type="text" id="fileupload_allowedtypes" value="<?php form_option('fileupload_allowedtypes'); ?>" size="40" />
-	<br />
-	<?php _e('Recommended: <code>jpg jpeg png gif</code>') ?></td>
-	</tr>
-	<tr>
-	<th scope="row"><?php _e('Minimum level to upload:') ?></th>
-	<td><select name="fileupload_minlevel" id="fileupload_minlevel">
-	<?php
-	for ($i = 1; $i < 11; $i++) {
-	if ($i == get_settings('fileupload_minlevel')) $selected = " selected='selected'";
-	else $selected = '';
-	echo "\n\t<option value='$i' $selected>$i</option>";
-	}
-	?>
-	</select></td>
-	</tr>
-	</table> 
-	</fieldset>
-	<p><input name="use_linksupdate" type="checkbox" id="use_linksupdate" value="1" <?php checked('1', get_settings('use_linksupdate')); ?> />
-	<label for="use_linksupdate"><?php _e('Track Links&#8217; Update Times') ?></label></p>
-	<p>
-	<label><input type="checkbox" name="hack_file" value="1" <?php checked('1', get_settings('hack_file')); ?> /> <?php _e('Use legacy <code>my-hacks.php</code> file support') ?></label>
-	</p>
-	<p class="submit">
-		<input type="submit" name="Submit" value="<?php _e('Update Options') ?> &raquo;" />
-	</p>
-</form> 
+
+<div class="wrap">
+<h2><?php _e('Miscellaneous Options') ?></h2>
+<form method="post" action="options.php">
+<?php wp_nonce_field('update-options') ?>
+<p class="submit"><input type="submit" name="Submit" value="<?php _e('Update Options &raquo;') ?>" /></p>
+<fieldset class="options">
+<legend><?php _e('Uploading'); ?></legend>
+<table class="editform optiontable">
+<tr valign="top">
+<th scope="row"><?php _e('Store uploads in this folder'); ?>:</th>
+<td><input name="upload_path" type="text" id="upload_path" class="code" value="<?php echo attribute_escape(str_replace(ABSPATH, '', get_option('upload_path'))); ?>" size="40" />
+<br />
+<?php _e('Default is <code>wp-content/uploads</code>'); ?>
+</td>
+</tr>
+<tr>
+<td></td>
+<td>
+<label for="uploads_use_yearmonth_folders">
+<input name="uploads_use_yearmonth_folders" type="checkbox" id="uploads_use_yearmonth_folders" value="1" <?php checked('1', get_option('uploads_use_yearmonth_folders')); ?> />
+<?php _e('Organize my uploads into month- and year-based folders'); ?>
+</label>
+</td>
+</tr>
+</table>
+</fieldset>
+
+<p><input name="use_linksupdate" type="checkbox" id="use_linksupdate" value="1" <?php checked('1', get_option('use_linksupdate')); ?> />
+<label for="use_linksupdate"><?php _e('Track Links&#8217; Update Times') ?></label></p>
+<p>
+<label><input type="checkbox" name="hack_file" value="1" <?php checked('1', get_option('hack_file')); ?> /> <?php _e('Use legacy <code>my-hacks.php</code> file support') ?></label>
+</p>
+
+<p class="submit">
+<input type="hidden" name="action" value="update" />
+<input type="hidden" name="page_options" value="hack_file,use_linksupdate,uploads_use_yearmonth_folders,upload_path" />
+<input type="submit" name="Submit" value="<?php _e('Update Options &raquo;') ?>" />
+</p>
+</form>
 </div>
 
 <?php include('./admin-footer.php'); ?>

wp-admin/options-permalink.php

@@ -4,18 +4,69 @@ require_once('admin.php');
 $title = __('Permalink Options');
 $parent_file = 'options-general.php';
 
+function add_js() {
+?>
+<script type="text/javascript">
+//<![CDATA[
+function GetElementsWithClassName(elementName, className) {
+var allElements = document.getElementsByTagName(elementName);
+var elemColl = new Array();
+for (i = 0; i < allElements.length; i++) {
+if (allElements[i].className == className) {
+elemColl[elemColl.length] = allElements[i];
+}
+}
+return elemColl;
+}
+
+function upit() {
+var inputColl = GetElementsWithClassName('input', 'tog');
+var structure = document.getElementById('permalink_structure');
+var inputs = '';
+for (i = 0; i < inputColl.length; i++) {
+if ( inputColl[i].checked && inputColl[i].value != '') {
+inputs += inputColl[i].value + ' ';
+}
+}
+inputs = inputs.substr(0,inputs.length - 1);
+if ( 'custom' != inputs )
+structure.value = inputs;
+}
+
+function blurry() {
+if (!document.getElementById) return;
+
+var structure = document.getElementById('permalink_structure');
+structure.onfocus = function () { document.getElementById('custom_selection').checked = 'checked'; }
+
+var aInputs = document.getElementsByTagName('input');
+
+for (var i = 0; i < aInputs.length; i++) {
+aInputs[i].onclick = aInputs[i].onkeyup = upit;
+}
+}
+
+window.onload = blurry;
+//]]>
+</script>
+<?php
+}
+add_filter('admin_head', 'add_js');
+
 include('admin-header.php');
 
 $home_path = get_home_path();
 
-if ( isset($_POST) ) {
+if ( isset($_POST['permalink_structure']) || isset($_POST['category_base']) ) {
+	check_admin_referer('update-permalink');
+
 	if ( isset($_POST['permalink_structure']) ) {
 		$permalink_structure = $_POST['permalink_structure'];
 		if (! empty($permalink_structure) )
 			$permalink_structure = preg_replace('#/+#', '/', '/' . $_POST['permalink_structure']);
 		$wp_rewrite->set_permalink_structure($permalink_structure);
 	}
-	
+
 	if ( isset($_POST['category_base']) ) {
 		$category_base = $_POST['category_base'];
 		if (! empty($category_base) )
@@ -23,11 +74,9 @@ if ( isset($_POST) ) {
 		$wp_rewrite->set_category_base($category_base);
 	}
 }
-	
-$permalink_structure = get_settings('permalink_structure');
-$category_base = get_settings('category_base');
 
-generate_page_rewrite_rules();
+$permalink_structure = get_option('permalink_structure');
+$category_base = get_option('category_base');
 
 if ( (!file_exists($home_path.'.htaccess') && is_writable($home_path)) || is_writable($home_path.'.htaccess') )
 	$writable = true;
@@ -39,11 +88,11 @@ if ($wp_rewrite->using_index_permalinks())
 else
 	$usingpi = false;
 
-save_mod_rewrite_rules();
+$wp_rewrite->flush_rules();
 ?>
 
 <?php if (isset($_POST['submit'])) : ?>
-<div class="updated"><p><?php
+<div id="message" class="updated fade"><p><?php
 if ($writable)
 	_e('Permalink structure updated.');
 else
@@ -52,60 +101,75 @@ else
 <?php endif; ?>
 
 <div class="wrap"> 
-  <h2><?php _e('Edit Permalink Structure') ?></h2> 
-  <p><?php _e('By default WordPress uses web URIs which have question marks and lots of numbers in them, however WordPress offers you the ability to create a custom URI structure for your permalinks and archives. This can improve the aesthetics, usability, and longevity of your links. A <a href="http://codex.wordpress.org/Using_Permalinks">number of tags are available</a>, and here are some examples to get you started.'); ?></p>
+  <h2><?php _e('Customize Permalink Structure') ?></h2> 
+<form name="form" action="options-permalink.php" method="post"> 
+<?php wp_nonce_field('update-permalink') ?>
+<p class="submit"><input type="submit" name="submit" value="<?php _e('Update Permalink Structure &raquo;') ?>" /></p>
+  <p><?php _e('By default WordPress uses web <abbr title="Universal Resource Locator">URL</abbr>s which have question marks and lots of numbers in them, however WordPress offers you the ability to create a custom URL structure for your permalinks and archives. This can improve the aesthetics, usability, and forward-compatibility of your links. A <a href="http://codex.wordpress.org/Using_Permalinks">number of tags are available</a>, and here are some examples to get you started.'); ?></p>
 
+<?php
+$prefix = '';
+
+if ( ! got_mod_rewrite() )
+	$prefix = '/index.php';
+
+$structures = array(
+	'',
+	$prefix . '/%year%/%monthnum%/%day%/%postname%/',
+	$prefix . '/archives/%post_id%'
+	);
+?>
+<h3><?php _e('Common options:'); ?></h3>
+<p>
+	<label>
+<input name="selection" type="radio" value="" class="tog" <?php checked('', $permalink_structure); ?> /> 
+<?php _e('Default'); ?><br /> <span> &raquo; <code><?php echo get_option('home'); ?>/?p=123</code></span>
+   </label>
+</p>
+<p>
+	<label>
+<input name="selection" type="radio" value="<?php echo $structures[1]; ?>" class="tog" <?php checked($structures[1], $permalink_structure); ?> /> 
+<?php _e('Date and name based'); ?><br /> <span> &raquo; <code><?php echo get_option('home') . $prefix . '/' . date('Y') . '/' . date('m') . '/' . date('d') . '/sample-post/'; ?></code></span>
+   </label>
+</p>
+<p>
+	<label>
+<input name="selection" type="radio" value="<?php echo $structures[2]; ?>" class="tog" <?php checked($structures[2], $permalink_structure); ?> /> 
+<?php _e('Numeric'); ?><br /> <span> &raquo; <code><?php echo get_option('home') . $prefix  ; ?>/archives/123</code></span>
+   </label>
+</p>
+<p>
+<label>
+<input name="selection" id="custom_selection" type="radio" value="custom" class="tog"
+<?php if ( !in_array($permalink_structure, $structures) ) { ?>
+checked="checked"
+<?php } ?>
+ />
+<?php _e('Custom, specify below'); ?>
+</label>
+<br />
+</p>
+<p id="customstructure"><?php _e('Custom structure'); ?>: <input name="permalink_structure" id="permalink_structure" type="text" class="code" style="width: 60%;" value="<?php echo attribute_escape($permalink_structure); ?>" size="50" /></p>
+
+<h3><?php _e('Optional'); ?></h3>
 <?php if ($is_apache) : ?>
-<dl>
-<dt><?php _e('Structure'); ?>: <code>/%year%/%monthnum%/%day%/%postname%/</code></dt>
-	<strong>
-	<dd><?php _e('Result'); ?>: <code><?php echo get_settings('home') . '/' . date('Y') . '/' . date('m') . '/' . date('d') . '/sample-post/'; ?></code></dd>
-	</strong>
-	<dt><?php _e('Structure'); ?>: <code>/archives/%post_id%</code></dt>
-	<strong>
-	<dd><?php _e('Result'); ?>: <code><?php echo get_settings('home'); ?>/archives/123</code></dd>
-	</strong>
-	<dt></dt>
-</dl>
-
-<p><?php _e('For the above to work you must have something called <code>mod_rewrite</code> installed on your server. (Ask your host.) If that isn&#8217;t available, you can prefix the structure with <code>/index.php/</code> . This is the recommend method if you are on any web server but Apache.'); ?></p>
-
+	<p><?php _e('If you like, you may enter a custom prefix for your category <abbr title="Universal Resource Locator">URL</abbr>s here. For example, <code>/taxonomy/tags</code> would make your category links like <code>http://example.org/taxonomy/tags/uncategorized/</code>. If you leave this blank the default will be used.') ?></p>
 <?php else : ?>
-<dl>
-<dt><?php _e('Structure'); ?>: <code>/index.php/%year%/%monthnum%/%day%/%postname%/</code></dt>
-	<strong>
-	<dd><?php _e('Result'); ?>: <code><?php echo get_settings('home') . '/index.php/' . date('Y') . '/' . date('m') . '/' . date('d') . '/sample-post/'; ?></code></dd>
-	</strong>
-	<dt><?php _e('Structure'); ?>: <code>/index.php/archives/%post_id%</code></dt>
-	<strong>
-	<dd><?php _e('Result'); ?>: <code><?php echo get_settings('home'); ?>/index.php/archives/123</code></dd>
-	</strong>
-	<dt></dt>
-</dl>
-<?php endif; ?>
-
-  <form name="form" action="options-permalink.php" method="post"> 
-    <p><?php _e('Use the template tags above to create a virtual site structure:') ?></p>
-    <p> 
-      <?php _e('Structure'); ?>: <input name="permalink_structure" type="text" class="code" style="width: 60%;" value="<?php echo $permalink_structure; ?>" size="50" /> 
-    </p> 
-<?php if ($is_apache) : ?>
-	<p><?php _e('If you like, you may enter a custom prefix for your category URIs here. For example, <code>/taxonomy/categorias</code> would make your category links like <code>http://example.org/taxonomy/categorias/uncategorized/</code>. If you leave this blank the default will be used.') ?></p>
-<?php else : ?>
-	<p><?php _e('If you like, you may enter a custom prefix for your category URIs here. For example, <code>/index.php/taxonomy/categorias</code> would make your category links like <code>http://example.org/index.php/taxonomy/categorias/uncategorized/</code>. If you leave this blank the default will be used.') ?></p>
+	<p><?php _e('If you like, you may enter a custom prefix for your category <abbr title="Universal Resource Locator">URL</abbr>s here. For example, <code>/index.php/taxonomy/tags</code> would make your category links like <code>http://example.org/index.php/taxonomy/tags/uncategorized/</code>. If you leave this blank the default will be used.') ?></p>
 <?php endif; ?>
 	<p> 
-  <?php _e('Category base'); ?>: <input name="category_base" type="text" class="code"  value="<?php echo $category_base; ?>" size="30" /> 
+  <?php _e('Category base'); ?>: <input name="category_base" type="text" class="code"  value="<?php echo attribute_escape($category_base); ?>" size="30" /> 
      </p> 
     <p class="submit"> 
       <input type="submit" name="submit" value="<?php _e('Update Permalink Structure &raquo;') ?>" /> 
     </p> 
   </form> 
 <?php if ( $permalink_structure && !$usingpi && !$writable ) : ?>
-  <p><?php _e('If your <code>.htaccess</code> was <a href="http://codex.wordpress.org/Make_a_Directory_Writable">writable</a> we could do this automatically, but it isn&#8217;t so these are the mod_rewrite rules you should have in your <code>.htaccess</code> file. Click in the field and press <kbd>CTRL + a</kbd> to select all.') ?></p>
+  <p><?php _e('If your <code>.htaccess</code> file were <a href="http://codex.wordpress.org/Make_a_Directory_Writable">writable</a>, we could do this automatically, but it isn&#8217;t so these are the mod_rewrite rules you should have in your <code>.htaccess</code> file. Click in the field and press <kbd>CTRL + a</kbd> to select all.') ?></p>
 <form action="options-permalink.php" method="post">
+<?php wp_nonce_field('update-permalink') ?>
    <p>
-<textarea rows="5" style="width: 98%;" name="rules"><?php echo $wp_rewrite->mod_rewrite_rules(); ?>
+<textarea rows="5" style="width: 98%;" name="rules"><?php echo wp_specialchars($wp_rewrite->mod_rewrite_rules()); ?>
 </textarea>
     </p>
 </form>
@@ -113,4 +177,4 @@ else
 
 </div>
 
-<?php require('./admin-footer.php'); ?>
+<?php require('./admin-footer.php'); ?>

wp-admin/options-privacy.php

@@ -0,0 +1,35 @@
+<?php
+require_once('./admin.php');
+
+$title = __('Privacy Options');
+$parent_file = 'options-general.php';
+
+include('./admin-header.php');
+?>
+
+<div class="wrap">
+<h2><?php _e('Privacy Options') ?></h2>
+<form method="post" action="options.php">
+<?php wp_nonce_field('update-options') ?>
+<table class="optiontable">
+<tr valign="top">
+<th scope="row"><?php _e('Blog visibility:') ?> </th>
+<td>
+<p><input id="blog-public" type="radio" name="blog_public" value="1" <?php checked('1', get_option('blog_public')); ?> />
+<label for="blog-public"><?php _e('I would like my blog to be visible to everyone, including search engines (like Google, Sphere, Technorati) and archivers');?></label></p>
+<p><input id="blog-norobots" type="radio" name="blog_public" value="0" <?php checked('0', get_option('blog_public')); ?> />
+<label for="blog-norobots"><?php _e('I would like to block search engines, but allow normal visitors'); ?></label></p>
+<?php do_action('blog_privacy_selector'); ?>
+</td>
+</tr>
+</table>
+
+<p class="submit"><input type="submit" name="Submit" value="<?php _e('Update Options &raquo;') ?>" />
+<input type="hidden" name="action" value="update" />
+<input type="hidden" name="page_options" value="blog_public" />
+</p>
+</form>
+
+</div>
+
+<?php include('./admin-footer.php') ?>

wp-admin/options-reading.php

@@ -9,55 +9,88 @@ include('admin-header.php');
 
 <div class="wrap"> 
 <h2><?php _e('Reading Options') ?></h2> 
-<form name="form1" method="post" action="options.php"> 
-	<input type="hidden" name="action" value="update" /> 
-	<input type="hidden" name="page_options" value="'posts_per_page','what_to_show','posts_per_rss','rss_use_excerpt','blog_charset','gzipcompression' " /> 
-	<fieldset class="options"> 
-	<legend><?php _e('Blog Pages') ?></legend> 
-	<table width="100%" cellspacing="2" cellpadding="5" class="editform"> 
-		<tr valign="top"> 
-		<th width="33%" scope="row"><?php _e('Show at most:') ?></th> 
-		<td>
-		<input name="posts_per_page" type="text" id="posts_per_page" value="<?php form_option('posts_per_page'); ?>" size="3" /> 
-		<select name="what_to_show" id="what_to_show" > 
-			<option value="days" <?php selected('days', get_settings('what_to_show')); ?>><?php _e('days') ?></option> 
-			<option value="posts" <?php selected('posts', get_settings('what_to_show')); ?>><?php _e('posts') ?></option> 
-		</select>
-		</td> 
-		</tr> 
-	</table> 
-	</fieldset> 
-
-	<fieldset class="options"> 
-	<legend><?php _e('Syndication Feeds') ?></legend> 
-	<table width="100%" cellspacing="2" cellpadding="5" class="editform"> 
-		<tr valign="top"> 
-		<th width="33%" scope="row"><?php _e('Show the most recent:') ?></th> 
-		<td><input name="posts_per_rss" type="text" id="posts_per_rss" value="<?php form_option('posts_per_rss'); ?>" size="3" /> <?php _e('posts') ?></td> 
-		</tr>
-		<tr valign="top">
-		<th scope="row"><?php _e('For each article, show:') ?> </th>
-		<td>
-		<label><input name="rss_use_excerpt"  type="radio" value="0" <?php checked(0, get_settings('rss_use_excerpt')); ?>  /> <?php _e('Full text') ?></label><br />
-		<label><input name="rss_use_excerpt" type="radio" value="1" <?php checked(1, get_settings('rss_use_excerpt')); ?> /> <?php _e('Summary') ?></label>
-		</td>
-		</tr> 
-	</table> 
-	</fieldset> 
-	<table width="100%" cellspacing="2" cellpadding="5" class="editform"> 
-		<tr valign="top"> 
-		<th width="33%" scope="row"><?php _e('Encoding for pages and feeds:') ?></th> 
-		<td><input name="blog_charset" type="text" id="blog_charset" value="<?php form_option('blog_charset'); ?>" size="20" class="code" /><br />
-		<?php _e('The character encoding you write your blog in (UTF-8 is <a href="http://developer.apple.com/documentation/macos8/TextIntlSvcs/TextEncodingConversionManager/TEC1.5/TEC.b0.html">recommended</a>)') ?></td> 
-		</tr>
-	</table> 
-	<p>
-		<label><input type="checkbox" name="gzipcompression" value="1" <?php checked('1', get_settings('gzipcompression')); ?> /> 
-		 <?php _e('WordPress should compress articles (gzip) if browsers ask for them') ?></label>
+<form name="form1" method="post" action="options.php">
+<?php wp_nonce_field('update-options') ?>
+<p class="submit"><input type="submit" name="Submit" value="<?php _e('Update Options &raquo;') ?>" /></p>
+<?php if ( get_pages() ): ?>
+<fieldset class="options"> 
+<legend><?php _e('Front Page') ?></legend> 
+<table width="100%" cellspacing="2" cellpadding="5" class="optiontable editform"> 
+<tr valign="top"> 
+<th width="33%" scope="row"><?php _e('Front page displays:')?></th> 
+<td>
+	<p><label>
+		<input name="show_on_front" type="radio" value="posts" class="tog" <?php checked('posts', get_option('show_on_front')); ?> /> 
+		<?php _e('Your latest posts'); ?>
+	</label>
 	</p>
-	<p class="submit"> 
-		<input type="submit" name="Submit" value="<?php _e('Update Options') ?> &raquo;" /> 
-	</p> 
+	<p><label>
+		<input name="show_on_front" type="radio" value="page" class="tog" <?php checked('page', get_option('show_on_front')); ?> /> 
+		<?php printf(__('A <a href="%s">static page</a> (select below)'), 'edit-pages.php'); ?>
+	</label>
+	</p>
+<ul>
+	<li><?php printf(__('Front page: %s'), wp_dropdown_pages("name=page_on_front&echo=0&show_option_none=".__('- Select -')."&selected=" . get_option('page_on_front'))); ?></li>
+	<li><?php printf(__('Posts page: %s'), wp_dropdown_pages("name=page_for_posts&echo=0&show_option_none=".__('- Select -')."&selected=" . get_option('page_for_posts'))); ?></li>
+</ul>
+<?php if ( 'page' == get_option('show_on_front') && get_option('page_for_posts') == get_option('page_on_front') ) : ?>
+<div id="front-page-warning" class="updated fade-ff0000">
+	<p>
+		<?php _e('<strong>Warning:</strong> these pages should not be the same!'); ?>
+	</p>
+</div>
+<?php endif; ?>
+</td> 
+</tr> 
+</table> 
+</fieldset>
+<?php endif; ?>
+
+<fieldset class="options"> 
+<legend><?php _e('Blog Pages') ?></legend> 
+<table width="100%" cellspacing="2" cellpadding="5" class="optiontable editform"> 
+<tr valign="top"> 
+<th width="33%" scope="row"><?php _e('Show at most:') ?></th> 
+<td>
+<input name="posts_per_page" type="text" id="posts_per_page" value="<?php form_option('posts_per_page'); ?>" size="3" /> <?php _e('posts') ?>
+</td> 
+</tr> 
+</table> 
+</fieldset> 
+
+<fieldset class="options"> 
+<legend><?php _e('Syndication Feeds') ?></legend> 
+<table width="100%" cellspacing="2" cellpadding="5" class="optiontable editform"> 
+<tr valign="top"> 
+<th width="33%" scope="row"><?php _e('Show the most recent:') ?></th> 
+<td><input name="posts_per_rss" type="text" id="posts_per_rss" value="<?php form_option('posts_per_rss'); ?>" size="3" /> <?php _e('posts') ?></td> 
+</tr>
+<tr valign="top">
+<th scope="row"><?php _e('For each article, show:') ?> </th>
+<td>
+<p><label><input name="rss_use_excerpt"  type="radio" value="0" <?php checked(0, get_option('rss_use_excerpt')); ?>	/> <?php _e('Full text') ?></label><br />
+<label><input name="rss_use_excerpt" type="radio" value="1" <?php checked(1, get_option('rss_use_excerpt')); ?> /> <?php _e('Summary') ?></label></p>
+<p><?php _e('Note: If you use the <code>&lt;!--more--&gt;</code> feature, it will cut off posts in RSS feeds.'); ?></p>
+</td>
+</tr> 
+</table> 
+</fieldset> 
+<table width="100%" cellspacing="2" cellpadding="5" class="optiontable editform"> 
+<tr valign="top"> 
+<th width="33%" scope="row"><?php _e('Encoding for pages and feeds:') ?></th> 
+<td><input name="blog_charset" type="text" id="blog_charset" value="<?php form_option('blog_charset'); ?>" size="20" class="code" /><br />
+<?php _e('The character encoding you write your blog in (UTF-8 is <a href="http://developer.apple.com/documentation/macos8/TextIntlSvcs/TextEncodingConversionManager/TEC1.5/TEC.b0.html">recommended</a>)') ?></td> 
+</tr>
+</table> 
+<p>
+<label><input type="checkbox" name="gzipcompression" value="1" <?php checked('1', get_option('gzipcompression')); ?> /> 
+<?php _e('WordPress should compress articles (gzip) if browsers ask for them') ?></label>
+</p>
+<p class="submit">
+<input type="hidden" name="action" value="update" /> 
+<input type="hidden" name="page_options" value="posts_per_page,posts_per_rss,rss_use_excerpt,blog_charset,gzipcompression,show_on_front,page_on_front,page_for_posts" /> 
+<input type="submit" name="Submit" value="<?php _e('Update Options &raquo;') ?>" /> 
+</p> 
 </form> 
 </div> 
 <?php include('./admin-footer.php'); ?>

wp-admin/options-writing.php

@@ -8,105 +8,113 @@ include('admin-header.php');
 ?>
 
 <div class="wrap"> 
-  <h2><?php _e('Writing Options') ?></h2> 
-  <form name="form1" method="post" action="options.php"> 
-    <input type="hidden" name="action" value="update" /> 
-    <input type="hidden" name="page_options" value="'default_post_edit_rows','use_smilies','use_balanceTags','advanced_edit','ping_sites','mailserver_url', 'mailserver_port','mailserver_login','mailserver_pass','default_category','default_email_category','new_users_can_blog'" /> 
-    <table width="100%" cellspacing="2" cellpadding="5" class="editform"> 
-      <tr valign="top">
-        <th scope="row"> <?php _e('When starting a post, show:') ?> </th>
-        <td><?php get_settings('advanced_edit') ?><label>
-          <input name="advanced_edit" type="radio" value="0" <?php checked('0', get_settings('advanced_edit')); ?> />
-<?php _e('Simple controls') ?></label>
-          <br />
-          <label for="advanced_edit">
-          <input name="advanced_edit" id="advanced_edit" type="radio" value="1" <?php checked('1', get_settings('advanced_edit')); ?> />
-<?php _e('Advanced controls') ?></label>
-		</td>
-      </tr>
-      <tr valign="top"> 
-        <th width="33%" scope="row"> <?php _e('Size of the writing box:') ?></th> 
-        <td><input name="default_post_edit_rows" type="text" id="default_post_edit_rows" value="<?php form_option('default_post_edit_rows'); ?>" size="2" style="width: 1.5em; " /> 
-         <?php _e('lines') ?></td> 
-      </tr> 
-      <tr valign="top">
-        <th scope="row"><?php _e('Formatting:') ?></th>
-        <td>          <label for="label">
-          <input name="use_smilies" type="checkbox" id="label" value="1" <?php checked('1', get_settings('use_smilies')); ?> />
-          <?php _e('Convert emoticons like <code>:-)</code> and <code>:-P</code> to graphics on display') ?></label> <br />          <label for="label2">
-  <input name="use_balanceTags" type="checkbox" id="label2" value="1" <?php checked('1', get_settings('use_balanceTags')); ?> />
-          <?php _e('WordPress should correct invalidly nested XHTML automatically') ?></label></td>
-      </tr>
-        	<tr valign="top">
-                <th scope="row"><?php _e('Default post category:') ?></th>
-        		<td><select name="default_category" id="default_category">
+<h2><?php _e('Writing Options') ?></h2> 
+<form method="post" action="options.php"> 
+<?php wp_nonce_field('update-options') ?>
+<p class="submit"><input type="submit" name="Submit" value="<?php _e('Update Options &raquo;') ?>" /></p>
+<table width="100%" cellspacing="2" cellpadding="5" class="optiontable editform"> 
+<tr valign="top"> 
+<th width="33%" scope="row"> <?php _e('Size of the post box:') ?></th> 
+<td><input name="default_post_edit_rows" type="text" id="default_post_edit_rows" value="<?php form_option('default_post_edit_rows'); ?>" size="2" style="width: 1.5em; " /> 
+<?php _e('lines') ?></td> 
+</tr> 
+<tr valign="top">
+<th scope="row"><?php _e('Formatting:') ?></th>
+<td>
+<label for="use_smilies">
+<input name="use_smilies" type="checkbox" id="use_smilies" value="1" <?php checked('1', get_option('use_smilies')); ?> />
+<?php _e('Convert emoticons like <code>:-)</code> and <code>:-P</code> to graphics on display') ?></label><br />
+<label for="use_balanceTags"><input name="use_balanceTags" type="checkbox" id="use_balanceTags" value="1" <?php checked('1', get_option('use_balanceTags')); ?> /> <?php _e('WordPress should correct invalidly nested XHTML automatically') ?></label>
+</td>
+</tr>
+<tr valign="top">
+<th scope="row"><?php _e('Default post category:') ?></th>
+<td><select name="default_category" id="default_category">
 <?php
 $categories = $wpdb->get_results("SELECT * FROM $wpdb->categories ORDER BY cat_name");
 foreach ($categories as $category) :
-if ($category->cat_ID == get_settings('default_category')) $selected = " selected='selected'";
-else $selected = '';
-	echo "\n\t<option value='$category->cat_ID' $selected>$category->cat_name</option>";
-endforeach;
-?>
-       			</select></td>
-	</tr>
-	<tr>
-        <th scope="row"><?php _e('Newly registered members:') ?></th> 
-        <td> <label for="new_users_can_blog0"><input name="new_users_can_blog" id="new_users_can_blog0" type="radio" value="0" <?php checked('0', get_settings('new_users_can_blog')); ?> /> <?php _e('Cannot write articles') ?></label><br />
-<label for="new_users_can_blog1"><input name="new_users_can_blog" id="new_users_can_blog1" type="radio" value="1" <?php checked('1', get_settings('new_users_can_blog')); ?> /> <?php _e('May submit drafts for review') ?></label><br />
-<label for="new_users_can_blog2"><input name="new_users_can_blog" id="new_users_can_blog2" type="radio" value="2" <?php checked('2', get_settings('new_users_can_blog')); ?> /> <?php _e('May publish articles') ?></label><br /></td> 
-	</tr> 
-</table>
-
-<fieldset class="options">
-	<legend><?php _e('Writing by e-mail') ?></legend>
-	<p><?php printf(__('To post to WordPress by e-mail you must set up a secret e-mail account with POP3 access. Any mail received at this address will be posted, so it&#8217;s a good idea to keep this address very secret. Here are three random strings you could use: <code>%s</code>, <code>%s</code>, <code>%s</code>.'), substr(md5(uniqid(microtime())),0,5), substr(md5(uniqid(microtime())),0,5), substr(md5(uniqid(microtime())),0,5)) ?></p>
-	
-	<table width="100%" cellspacing="2" cellpadding="5" class="editform">
-		<tr valign="top">
-			<th scope="row"><?php _e('Mail server:') ?></th>
-			<td><input name="mailserver_url" type="text" id="mailserver_url" value="<?php form_option('mailserver_url'); ?>" size="40" />
-			<label for="mailserver_port"><?php _e('Port:') ?></label> 
-			<input name="mailserver_port" type="text" id="mailserver_port" value="<?php form_option('mailserver_port'); ?>" size="6" />
-			</td>
-		</tr>
-		<tr valign="top">
-			<th width="33%" scope="row"><?php _e('Login name:') ?></th>
-			<td><input name="mailserver_login" type="text" id="mailserver_login" value="<?php form_option('mailserver_login'); ?>" size="40" /></td>
-		</tr>
-		<tr valign="top">
-			<th scope="row"><?php _e('Password:') ?></th>
-			<td>
-				<input name="mailserver_pass" type="text" id="mailserver_pass" value="<?php form_option('mailserver_pass'); ?>" size="40" />
-			</td>
-		</tr>
-		<tr valign="top">
-			<th scope="row"><?php _e('Default post by mail category:') ?></th>
-			<td><select name="default_email_category" id="default_email_category">
-<?php
-//Alreay have $categories from default_category
-foreach ($categories as $category) :
-if ($category->cat_ID == get_settings('default_email_category')) $selected = " selected='selected'";
+if ($category->cat_ID == get_option('default_category')) $selected = " selected='selected'";
 else $selected = '';
 echo "\n\t<option value='$category->cat_ID' $selected>$category->cat_name</option>";
 endforeach;
 ?>
-			</select></td>
-		</tr>
-	</table>
+</select></td>
+</tr>
+<tr valign="top">
+<th scope="row"><?php _e('Default link category:') ?></th>
+<td><select name="default_link_category" id="default_link_category">
+<?php
+foreach ($categories as $category) :
+if ($category->cat_ID == get_option('default_link_category')) $selected = " selected='selected'";
+else $selected = '';
+echo "\n\t<option value='$category->cat_ID' $selected>$category->cat_name</option>";
+endforeach;
+?>
+</select></td>
+</tr>
+</table>
+
+<fieldset class="options">
+<legend><?php _e('Post via e-mail') ?></legend>
+<p><?php printf(__('To post to WordPress by e-mail you must set up a secret e-mail account with POP3 access. Any mail received at this address will be posted, so it&#8217;s a good idea to keep this address very secret. Here are three random strings you could use: <code>%s</code>, <code>%s</code>, <code>%s</code>.'), substr(md5(uniqid(microtime())),0,5), substr(md5(uniqid(microtime())),0,5), substr(md5(uniqid(microtime())),0,5)) ?></p>
+
+<table width="100%" cellspacing="2" cellpadding="5" class="optiontable editform">
+<tr valign="top">
+<th scope="row"><?php _e('Mail server:') ?></th>
+<td><input name="mailserver_url" type="text" id="mailserver_url" value="<?php form_option('mailserver_url'); ?>" size="40" />
+<label for="mailserver_port"><?php _e('Port:') ?></label>
+<input name="mailserver_port" type="text" id="mailserver_port" value="<?php form_option('mailserver_port'); ?>" size="6" />
+</td>
+</tr>
+<tr valign="top">
+<th width="33%" scope="row"><?php _e('Login name:') ?></th>
+<td><input name="mailserver_login" type="text" id="mailserver_login" value="<?php form_option('mailserver_login'); ?>" size="40" /></td>
+</tr>
+<tr valign="top">
+<th scope="row"><?php _e('Password:') ?></th>
+<td>
+<input name="mailserver_pass" type="text" id="mailserver_pass" value="<?php form_option('mailserver_pass'); ?>" size="40" />
+</td>
+</tr>
+<tr valign="top">
+<th scope="row"><?php _e('Default mail category:') ?></th>
+<td><select name="default_email_category" id="default_email_category">
+<?php
+//Alreay have $categories from default_category
+foreach ($categories as $category) :
+if ($category->cat_ID == get_option('default_email_category')) $selected = " selected='selected'";
+else $selected = '';
+echo "\n\t<option value='$category->cat_ID' $selected>$category->cat_name</option>";
+endforeach;
+?>
+</select></td>
+</tr>
+</table>
 </fieldset>
 
 <fieldset class="options">
-	<legend><?php _e('Update Services') ?></legend>
-          <p><?php _e('When you publish a new post, WordPress automatically notifies the following site update services. For more about this, see <a href="http://codex.wordpress.org/Update_Services">Update Services</a> on the Codex. Separate multiple service URIs with line breaks.') ?></p>
-	
-	<textarea name="ping_sites" id="ping_sites" style="width: 98%;" rows="3" cols="50"><?php form_option('ping_sites'); ?></textarea>
+<legend><?php _e('Update Services') ?></legend>
+
+<?php if ( get_option('blog_public') ) : ?>
+
+<p><?php _e('When you publish a new post, WordPress automatically notifies the following site update services. For more about this, see <a href="http://codex.wordpress.org/Update_Services">Update Services</a> on the Codex. Separate multiple service <abbr title="Universal Resource Locator">URL</abbr>s with line breaks.') ?></p>
+
+<textarea name="ping_sites" id="ping_sites" style="width: 98%;" rows="3" cols="50"><?php form_option('ping_sites'); ?></textarea>
+
+<?php else : ?>
+
+	<p><?php printf(__('WordPress is not notifying any <a href="http://codex.wordpress.org/Update_Services">Update Services</a> because of your blog\'s <a href="%s">privacy settings</a>.'), 'options-privacy.php'); ?>
+
+<?php endif; ?>
+
 </fieldset>
 
-<p class="submit"> 
-	<input type="submit" name="Submit" value="<?php _e('Update Options') ?> &raquo;" /> 
+<p class="submit">
+<input type="hidden" name="action" value="update" />
+<input type="hidden" name="page_options" value="default_post_edit_rows,use_smilies,ping_sites,mailserver_url,mailserver_port,mailserver_login,mailserver_pass,default_category,default_email_category,use_balanceTags,default_link_category" />
+<input type="submit" name="Submit" value="<?php _e('Update Options &raquo;') ?>" />
 </p>
-</form> 
-</div> 
+</form>
+</div>
 
 <?php include('./admin-footer.php') ?>

wp-admin/options.php

@@ -5,111 +5,91 @@ $title = __('Options');
 $this_file = 'options.php';
 $parent_file = 'options-general.php';
 
-$wpvarstoreset = array('action');
-for ($i=0; $i<count($wpvarstoreset); $i += 1) {
-	$wpvar = $wpvarstoreset[$i];
-	if (!isset($$wpvar)) {
-		if (empty($_POST["$wpvar"])) {
-			if (empty($_GET["$wpvar"])) {
-				$$wpvar = '';
-			} else {
-				$$wpvar = $_GET["$wpvar"];
-			}
-		} else {
-			$$wpvar = $_POST["$wpvar"];
-		}
-	}
-}
+wp_reset_vars(array('action'));
 
-if ($user_level < 6)
-	die ( __('Cheatin&#8217; uh?') );
+if ( !current_user_can('manage_options') )
+	wp_die(__('Cheatin&#8217; uh?'));
 
 switch($action) {
 
 case 'update':
 	$any_changed = 0;
-    
-	if (!$_POST['page_options']) {
-		foreach ($_POST as $key => $value) {
-			$option_names[] = "'$key'";
+
+	check_admin_referer('update-options');
+
+	if ( !$_POST['page_options'] ) {
+		foreach ( (array) $_POST as $key => $value) {
+			if ( !in_array($key, array('_wpnonce', '_wp_http_referer')) )
+				$options[] = $key;
 		}
-		$option_names = implode(',', $option_names);
 	} else {
-		$option_names = stripslashes($_POST['page_options']);
+		$options = explode(',', stripslashes($_POST['page_options']));
 	}
 
-    $options = $wpdb->get_results("SELECT $wpdb->options.option_id, option_name, option_type, option_value, option_admin_level FROM $wpdb->options WHERE option_name IN ($option_names)");
-
-	// Save for later.
-	$old_siteurl = get_settings('siteurl');
-	$old_home = get_settings('home');
-
-// HACK
-// Options that if not there have 0 value but need to be something like "closed"
-    $nonbools = array('default_ping_status', 'default_comment_status');
-    if ($options) {
-        foreach ($options as $option) {
-            // should we even bother checking?
-            if ($user_level >= $option->option_admin_level) {
-                $old_val = $option->option_value;
-                $new_val = trim($_POST[$option->option_name]);
-                if( in_array($option->option_name, $nonbools) && ( $new_val == '0' || $new_val == '') )
-					$new_val = 'closed';
-                if ($new_val !== $old_val) {
-                    $result = $wpdb->query("UPDATE $wpdb->options SET option_value = '$new_val' WHERE option_name = '$option->option_name'");
-					$any_changed++;
-				}
-            }
-        }
-        unset($cache_settings); // so they will be re-read
-        get_settings('siteurl'); // make it happen now
-    } // end if options
+	if ($options) {
+		foreach ($options as $option) {
+			$option = trim($option);
+			$value = $_POST[$option];
+			if(!is_array($value))	$value = trim($value);
+			$value = stripslashes_deep($value);
+			update_option($option, $value);
+		}
+	}
     
-    if ($any_changed) {
-			// If siteurl or home changed, reset cookies.
-			if ( get_settings('siteurl') != $old_siteurl || get_settings('home') != $old_home ) {
-				// If home changed, write rewrite rules to new location.
-				save_mod_rewrite_rules();
-				// Get currently logged in user and password.
-				get_currentuserinfo();
-				// Clear cookies for old paths.
-				wp_clearcookie();
-				// Set cookies for new paths.
-				wp_setcookie($user_login, $user_pass_md5, true, get_settings('home'), get_settings('siteurl'));
-			}
-
-			//$message = sprintf(__('%d setting(s) saved... '), $any_changed);
-    }
-    
-		$referred = remove_query_arg('updated' , $_SERVER['HTTP_REFERER']);
-		$goback = add_query_arg('updated', 'true', $_SERVER['HTTP_REFERER']);
-		$goback = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $goback);
-		wp_redirect($goback);
+	$referred = remove_query_arg('updated' , wp_get_referer());
+	$goback = add_query_arg('updated', 'true', wp_get_referer());
+	$goback = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $goback);
+	wp_redirect($goback);
     break;
 
 default:
 	include('admin-header.php'); ?>
 
 <div class="wrap">
-  <h2><?php _e('All options'); ?></h2>
-  <form name="form" action="options.php" method="post">
+  <h2><?php _e('All Options'); ?></h2>
+  <form name="form" action="options.php" method="post" id="all-options">
+  <?php wp_nonce_field('update-options') ?>
   <input type="hidden" name="action" value="update" />
+	<p class="submit"><input type="submit" name="Update" value="<?php _e('Update Options &raquo;') ?>" /></p>
   <table width="98%">
 <?php
 $options = $wpdb->get_results("SELECT * FROM $wpdb->options ORDER BY option_name");
 
-foreach ($options as $option) :
-	$value = wp_specialchars($option->option_value);
+foreach ( (array) $options as $option) :
+	$disabled = '';
+	$option->option_name = attribute_escape($option->option_name);
+	if ( is_serialized($option->option_value) ) {
+		if ( is_serialized_string($option->option_value) ) {
+			// this is a serialized string, so we should display it
+			$value = maybe_unserialize($option->option_value);
+			$options_to_update[] = $option->option_name;
+			$class = 'all-options';
+		} else {
+			$value = 'SERIALIZED DATA';
+			$disabled = ' disabled="disabled"';
+			$class = 'all-options disabled';
+		}
+	} else {
+		$value = $option->option_value;
+		$options_to_update[] = $option->option_name;
+		$class = 'all-options';
+	}
 	echo "
 <tr>
 	<th scope='row'><label for='$option->option_name'>$option->option_name</label></th>
-	<td><input type='text' name='$option->option_name' id='$option->option_name' size='30' value='" . $value . "' /></td>
+<td>";
+
+	if (strpos($value, "\n") !== false) echo "<textarea class='$class' name='$option->option_name' id='$option->option_name' cols='30' rows='5'>" . wp_specialchars($value) . "</textarea>";
+	else echo "<input class='$class' type='text' name='$option->option_name' id='$option->option_name' size='30' value='" . attribute_escape($value) . "'$disabled />";
+
+	echo "</td>
 	<td>$option->option_description</td>
 </tr>";
 endforeach;
 ?>
   </table>
-<p class="submit"><input type="submit" name="Update" value="<?php _e('Update Settings &raquo;') ?>" /></p>
+<?php $options_to_update = implode(',', $options_to_update); ?>
+<p class="submit"><input type="hidden" name="page_options" value="<?php echo $options_to_update; ?>" /><input type="submit" name="Update" value="<?php _e('Update Options &raquo;') ?>" /></p>
   </form>
 </div>
 

wp-admin/page-new.php

@@ -1,30 +1,26 @@
 <?php
 require_once('admin.php');
 $title = __('New Page');
-$parent_file = 'post.php';
+$parent_file = 'post-new.php';
+$editing = true;
+wp_enqueue_script('prototype');
+wp_enqueue_script('interface');
+wp_enqueue_script('autosave');
 require_once('admin-header.php');
-
-get_currentuserinfo();
 ?>
 
-<?php if ( isset($_GET['saved']) ) : ?>
-<div class="updated"><p><strong><?php _e('Page saved.') ?> <a href="edit-pages.php"><?php _e('Manage pages'); ?> &raquo;</a></strong></p></div>
+<?php if ( (isset($_GET['posted']) && $_GET['posted'])  || isset($_GET['saved'])  ) : ?>
+<div id="message" class="updated fade"><p><strong><?php _e('Page saved.') ?></strong> <a href="edit-pages.php"><?php _e('Manage pages'); ?></a> | <a href="<?php echo get_page_link( isset($_GET['posted']) ? $_GET['posted'] : $_GET['saved'] ); ?>"><?php _e('View page') ; ?> &raquo;</a></p></div>
 <?php endif; ?>
 
 <?php
-if ($user_level > 0) {
+if ( current_user_can('edit_pages') ) {
 	$action = 'post';
-	get_currentuserinfo();
-	//set defaults
-	$post_status = 'static';
-	$comment_status = get_settings('default_comment_status');
-	$ping_status = get_settings('default_ping_status');
-	$post_pingback = get_settings('default_pingback_flag');
-	$post_parent = 0;
-	$page_template = 'default';
+	$post = get_default_post_to_edit();
+	$post->post_type = 'page';
 
 	include('edit-page-form.php');
 }
 ?>
 
-<?php include('admin-footer.php'); ?> 
+<?php include('admin-footer.php'); ?> 

wp-admin/page.php

@@ -0,0 +1,158 @@
+<?php
+require_once('admin.php');
+
+$parent_file = 'edit.php';
+$submenu_file = 'edit-pages.php';
+
+wp_reset_vars(array('action'));
+
+if (isset($_POST['deletepost'])) {
+$action = "delete";
+}
+
+switch($action) {
+case 'post':
+	check_admin_referer('add-page');
+	$page_ID = write_post();
+
+	// Redirect.
+	if (!empty($_POST['mode'])) {
+	switch($_POST['mode']) {
+		case 'bookmarklet':
+			$location = $_POST['referredby'];
+			break;
+		case 'sidebar':
+			$location = 'sidebar.php?a=b';
+			break;
+		default:
+			$location = 'page-new.php';
+			break;
+		}
+	} else {
+		$location = "page-new.php?posted=$page_ID";
+	}
+
+	if ( isset($_POST['save']) )
+		$location = "page.php?action=edit&post=$page_ID";
+
+	wp_redirect($location);
+	exit();
+	break;
+
+case 'edit':
+	$title = __('Edit');
+	$editing = true;
+	$page_ID = $post_ID = $p = (int) $_GET['post'];
+	$post = get_post_to_edit($page_ID);
+
+	if ( 'post' == $post->post_type ) {
+		wp_redirect("post.php?action=edit&post=$post_ID");
+		exit();
+	}
+
+	if($post->post_status == 'draft') {
+		wp_enqueue_script('prototype');
+		wp_enqueue_script('interface');
+		wp_enqueue_script('autosave');
+	}
+	require_once('admin-header.php');
+
+	if ( !current_user_can('edit_page', $page_ID) )
+		die ( __('You are not allowed to edit this page.') );
+
+	include('edit-page-form.php');
+	break;
+
+case 'editattachment':
+	$page_id = $post_ID = (int) $_POST['post_ID'];
+	check_admin_referer('update-attachment_' . $page_id);
+
+	// Don't let these be changed
+	unset($_POST['guid']);
+	$_POST['post_type'] = 'attachment';
+
+	// Update the thumbnail filename
+	$newmeta = wp_get_attachment_metadata( $page_id, true );
+	$newmeta['thumb'] = $_POST['thumb'];
+
+	wp_update_attachment_metadata( $newmeta );
+
+case 'editpost':
+	$page_ID = (int) $_POST['post_ID'];
+	check_admin_referer('update-page_' . $page_ID);
+
+	$page_ID = edit_post();
+
+	if ( 'post' == $_POST['originalaction'] ) {
+		if (!empty($_POST['mode'])) {
+		switch($_POST['mode']) {
+			case 'bookmarklet':
+				$location = $_POST['referredby'];
+				break;
+			case 'sidebar':
+				$location = 'sidebar.php?a=b';
+				break;
+			default:
+				$location = 'page-new.php';
+				break;
+			}
+		} else {
+			$location = "page-new.php?posted=$page_ID";
+		}
+
+		if ( isset($_POST['save']) )
+			$location = "page.php?action=edit&post=$page_ID";
+	} else {
+		if ($_POST['save']) {
+			$location = "page.php?action=edit&post=$page_ID";
+		} elseif ($_POST['updatemeta']) {
+			$location = wp_get_referer() . '&message=2#postcustom';
+		} elseif ($_POST['deletemeta']) {
+			$location = wp_get_referer() . '&message=3#postcustom';
+		} elseif (!empty($_POST['referredby']) && $_POST['referredby'] != wp_get_referer()) {
+			$location = $_POST['referredby'];
+			if ( $_POST['referredby'] == 'redo' )
+				$location = get_permalink( $page_ID );
+		} elseif ($action == 'editattachment') {
+			$location = 'attachments.php';
+		} else {
+			$location = 'page-new.php';
+		}
+	}
+	wp_redirect($location); // Send user on their way while we keep working
+
+	exit();
+	break;
+
+case 'delete':
+	$page_id = (isset($_GET['post']))  ? intval($_GET['post']) : intval($_POST['post_ID']);
+	check_admin_referer('delete-page_' .  $page_id);
+
+	$page = & get_post($page_id);
+
+	if ( !current_user_can('delete_page', $page_id) )
+		wp_die( __('You are not allowed to delete this page.') );
+
+	if ( $page->post_type == 'attachment' ) {
+		if ( ! wp_delete_attachment($page_id) )
+			wp_die( __('Error in deleting...') );
+	} else {
+		if ( !wp_delete_post($page_id) ) 
+			wp_die( __('Error in deleting...') );
+	}
+
+	$sendback = wp_get_referer();
+	if (strpos($sendback, 'page.php') !== false) $sendback = get_option('siteurl') .'/wp-admin/page.php';
+	elseif (strpos($sendback, 'attachments.php') !== false) $sendback = get_option('siteurl') .'/wp-admin/attachments.php';
+	$sendback = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $sendback);
+	wp_redirect($sendback);
+	exit();
+	break;
+
+default:
+	wp_redirect('edit-pages.php');
+	exit();
+	break;
+} // end switch
+include('admin-footer.php');
+?>

wp-admin/plugin-editor.php

@@ -4,21 +4,7 @@ require_once('admin.php');
 $title = __("Edit Plugins");
 $parent_file = 'plugins.php';
 
-$wpvarstoreset = array('action','redirect','profile','error','warning','a','file');
-for ($i=0; $i<count($wpvarstoreset); $i += 1) {
-	$wpvar = $wpvarstoreset[$i];
-	if (!isset($$wpvar)) {
-		if (empty($_POST["$wpvar"])) {
-			if (empty($_GET["$wpvar"])) {
-				$$wpvar = '';
-			} else {
-				$$wpvar = $_GET["$wpvar"];
-			}
-		} else {
-			$$wpvar = $_POST["$wpvar"];
-		}
-	}
-}
+wp_reset_vars(array('action', 'redirect', 'profile', 'error', 'warning', 'a', 'file'));
 
 $plugins = get_plugins();
 $plugin_files = array_keys($plugins);
@@ -28,24 +14,36 @@ if (empty($file)) {
 }
 
 $file = validate_file_to_edit($file, $plugin_files);
-$real_file = get_real_file_to_edit("wp-content/plugins/$file");
+$real_file = get_real_file_to_edit( PLUGINDIR . "/$file");
 
 switch($action) {
 
 case 'update':
 
-	if ($user_level < 5) {
-		die(__('<p>You have do not have sufficient permissions to edit templates for this blog.</p>'));
-	}
+	check_admin_referer('edit-plugin_' . $file);
+
+	if ( !current_user_can('edit_plugins') )
+		wp_die('<p>'.__('You do not have sufficient permissions to edit templates for this blog.').'</p>');
 
 	$newcontent = stripslashes($_POST['newcontent']);
 	if (is_writeable($real_file)) {
 		$f = fopen($real_file, 'w+');
 		fwrite($f, $newcontent);
 		fclose($f);
-		header("Location: plugin-editor.php?file=$file&a=te");
+
+		// Deactivate so we can test it.
+		$current = get_option('active_plugins');
+		if ( in_array($file, $current) || isset($_POST['phperror']) ) {
+			if ( in_array($file, $current) ) {
+				array_splice($current, array_search( $file, $current), 1 ); // Array-fu!
+				update_option('active_plugins', $current);
+			}
+			wp_redirect(add_query_arg('_wpnonce', wp_create_nonce('edit-plugin-test_' . $file), "plugin-editor.php?file=$file&liveupdate=1"));
+			exit();
+		}
+		wp_redirect("plugin-editor.php?file=$file&a=te");
 	} else {
-		header("Location: plugin-editor.php?file=$file");
+		wp_redirect("plugin-editor.php?file=$file");
 	}
 
 	exit();
@@ -53,17 +51,35 @@ case 'update':
 break;
 
 default:
-	
-	require_once('admin-header.php');
-	if ($user_level <= 5) {
-		die(__('<p>You have do not have sufficient permissions to edit plugins for this blog.</p>'));
+
+	if ( !current_user_can('edit_plugins') )
+		wp_die('<p>'.__('You do not have sufficient permissions to edit plugins for this blog.').'</p>');
+
+	if ( $_GET['liveupdate'] ) {
+		check_admin_referer('edit-plugin-test_' . $file);
+		$current = get_option('active_plugins');
+		$plugin = $file;
+		if ( validate_file($plugin) )
+			wp_die(__('Invalid plugin.'));
+		if ( ! file_exists(ABSPATH . PLUGINDIR . '/' . $plugin) )
+			wp_die(__('Plugin file does not exist.'));
+		if (!in_array($plugin, $current)) {
+			wp_redirect("plugin-editor.php?file=$file&phperror=1"); // we'll override this later if the plugin can be included without fatal error
+			@include(ABSPATH . PLUGINDIR . '/' . $plugin);
+			$current[] = $plugin;
+			sort($current);
+			update_option('active_plugins', $current);
+		}
+		wp_redirect("plugin-editor.php?file=$file&a=te");
 	}
 
-	update_recently_edited("wp-content/plugins/$file");
-	
+	require_once('admin-header.php');
+
+	update_recently_edited(PLUGINDIR . "/$file");
+
 	if (!is_file($real_file))
 		$error = 1;
-	
+
 	if (!$error) {
 		$f = fopen($real_file, 'r');
 		$content = fread($f, filesize($real_file));
@@ -72,14 +88,24 @@ default:
 
 	?>
 <?php if (isset($_GET['a'])) : ?>
- <div class="updated"><p><?php _e('File edited successfully.') ?></p></div>
+ <div id="message" class="updated fade"><p><?php _e('File edited successfully.') ?></p></div>
+<?php elseif (isset($_GET['phperror'])) : ?>
+ <div id="message" class="updated fade"><p><?php _e('This plugin has been deactivated because your changes resulted in a <strong>fatal error</strong>.') ?></p></div>
 <?php endif; ?>
- <div class="wrap"> 
-  <?php
-	if (is_writeable($real_file)) {
-		echo '<h2>' . sprintf(__('Editing <strong>%s</strong>'), $file) . '</h2>';
+ <div class="wrap">
+	<?php
+	if ( in_array($file, (array) get_option('active_plugins')) ) {
+		if (is_writeable($real_file)) {
+			echo '<h2>' . sprintf(__('Editing <strong>%s</strong> (active)'), $file) . '</h2>';
+		} else {
+		echo '<h2>' . sprintf(__('Browsing <strong>%s</strong> (active)'), $file) . '</h2>';
+		}
 	} else {
-		echo '<h2>' . sprintf(__('Browsing <strong>%s</strong>'), $file) . '</h2>';
+		if (is_writeable($real_file)) {
+			echo '<h2>' . sprintf(__('Editing <strong>%s</strong> (inactive)'), $file) . '</h2>';
+		} else {
+		echo '<h2>' . sprintf(__('Browsing <strong>%s</strong> (inactive)'), $file) . '</h2>';
+		}
 	}
 	?>
 	<div id="templateside">
@@ -88,37 +114,45 @@ default:
 <?php
 if ($plugin_files) :
 ?>
-  <ul>
-<?php foreach($plugin_files as $plugin_file) : ?>
+	<ul>
+	<?php foreach($plugin_files as $plugin_file) : ?>
 		 <li><a href="plugin-editor.php?file=<?php echo "$plugin_file"; ?>"><?php echo $plugins[$plugin_file]['Name']; ?></a></li>
-<?php endforeach; ?>
-  </ul>
+	<?php endforeach; ?>
+	</ul>
 <?php endif; ?>
 </div>
-	<?php	if (!$error) { ?> 
-  <form name="template" id="template" action="plugin-editor.php" method="post">
-		 <div><textarea cols="70" rows="25" name="newcontent" id="newcontent" tabindex="1"><?php echo $content ?></textarea> 
-     <input type="hidden" name="action" value="update" /> 
-     <input type="hidden" name="file" value="<?php echo $file ?>" /> 
+<?php	if (!$error) { ?>
+	<form name="template" id="template" action="plugin-editor.php" method="post">
+	<?php wp_nonce_field('edit-plugin_' . $file) ?>
+		<div><textarea cols="70" rows="25" name="newcontent" id="newcontent" tabindex="1"><?php echo $content ?></textarea>
+		<input type="hidden" name="action" value="update" />
+		<input type="hidden" name="file" value="<?php echo $file ?>" />
 		</div>
 <?php if ( is_writeable($real_file) ) : ?>
-     <p class="submit">
-<?php
-	echo "<input type='submit' name='submit' value='	" . __('Update File') . " &raquo;' tabindex='2' />";
-?>
-</p>
+	<?php if ( in_array($file, (array) get_option('active_plugins')) ) { ?>
+		<p><?php _e('<strong>Warning:</strong> Making changes to active plugins is not recommended.  If your changes cause a fatal error, the plugin will be automatically deactivated.'); ?></p>
+	<?php } ?>
+	<p class="submit">
+	<?php
+		if ( isset($_GET['phperror']) )
+			echo "<input type='hidden' name='phperror' value='1' /><input type='submit' name='submit' value='" . __('Update File and Attempt to Reactivate &raquo;') . "' tabindex='2' />";
+		else
+			echo "<input type='submit' name='submit' value='" . __('Update File &raquo;') . "' tabindex='2' />";
+	?>
+	</p>
 <?php else : ?>
-<p><em><?php _e('If this file was writable you could edit it.'); ?></em></p>
+	<p><em><?php _e('If this file were writable you could edit it.'); ?></em></p>
 <?php endif; ?>
-   </form> 
-  <?php
+ </form>
+<?php
 	} else {
 		echo '<div class="error"><p>' . __('Oops, no such file exists! Double check the name and try again, merci.') . '</p></div>';
 	}
-	?> 
-</div> 
+?>
+<div class="clear"> &nbsp; </div>
+</div>
 <?php
 break;
 }
 
-include("admin-footer.php") ?> 
+include("admin-footer.php") ?>

wp-admin/plugins.php

@@ -2,24 +2,45 @@
 require_once('admin.php');
 
 if ( isset($_GET['action']) ) {
-	check_admin_referer();
-
 	if ('activate' == $_GET['action']) {
-		$current = get_settings('active_plugins');
-		if (!in_array($_GET['plugin'], $current)) {
-			$current[] = trim( $_GET['plugin'] );
+		check_admin_referer('activate-plugin_' . $_GET['plugin']);
+		$current = get_option('active_plugins');
+		$plugin = trim($_GET['plugin']);
+		if ( validate_file($plugin) )
+			wp_die(__('Invalid plugin.'));
+		if ( ! file_exists(ABSPATH . PLUGINDIR . '/' . $plugin) )
+			wp_die(__('Plugin file does not exist.'));
+		if (!in_array($plugin, $current)) {
+			wp_redirect('plugins.php?error=true'); // we'll override this later if the plugin can be included without fatal error
+			ob_start();
+			@include(ABSPATH . PLUGINDIR . '/' . $plugin);
+			$current[] = $plugin;
+			sort($current);
+			update_option('active_plugins', $current);
+			do_action('activate_' . $plugin);
+			ob_end_clean();
 		}
-		sort($current);
-		update_option('active_plugins', $current);
-		header('Location: plugins.php?activate=true');
-	}
-	
-	if ('deactivate' == $_GET['action']) {
-		$current = get_settings('active_plugins');
+		wp_redirect('plugins.php?activate=true'); // overrides the ?error=true one above
+	} else if ('deactivate' == $_GET['action']) {
+		check_admin_referer('deactivate-plugin_' . $_GET['plugin']);
+		$current = get_option('active_plugins');
 		array_splice($current, array_search( $_GET['plugin'], $current), 1 ); // Array-fu!
 		update_option('active_plugins', $current);
-		header('Location: plugins.php?deactivate=true');
+		do_action('deactivate_' . trim( $_GET['plugin'] ));
+		wp_redirect('plugins.php?deactivate=true');
+	} elseif ($_GET['action'] == 'deactivate-all') {
+		check_admin_referer('deactivate-all');
+		$current = get_option('active_plugins');
+		
+		foreach ($current as $plugin) {
+			array_splice($current, array_search($plugin, $current), 1);
+			do_action('deactivate_' . $plugin);
+		}
+		
+		update_option('active_plugins', array());
+		wp_redirect('plugins.php?deactivate-all=true');
 	}
+	exit;
 }
 
 $title = __('Manage Plugins');
@@ -28,89 +49,122 @@ require_once('admin-header.php');
 // Clean up options
 // If any plugins don't exist, axe 'em
 
-$check_plugins = get_settings('active_plugins');
+$check_plugins = get_option('active_plugins');
 
 // Sanity check.  If the active plugin list is not an array, make it an
 // empty array.
 if ( !is_array($check_plugins) ) {
 	$check_plugins = array();
-	update_option('active_plugins', $check_plugins);	
+	update_option('active_plugins', $check_plugins);
 }
 
 // If a plugin file does not exist, remove it from the list of active
 // plugins.
 foreach ($check_plugins as $check_plugin) {
-	if (!file_exists(ABSPATH . 'wp-content/plugins/' . $check_plugin)) {
-			$current = get_settings('active_plugins');
-			unset($current[$_GET['plugin']]);
-			update_option('active_plugins', $current);
+	if (!file_exists(ABSPATH . PLUGINDIR . '/' . $check_plugin)) {
+			$current = get_option('active_plugins');
+			$key = array_search($check_plugin, $current);
+			if ( false !== $key && NULL !== $key ) {
+				unset($current[$key]);
+				update_option('active_plugins', $current);
+			}
 	}
 }
 ?>
 
-<?php if (isset($_GET['activate'])) : ?>
-<div class="updated"><p><?php _e('Plugin <strong>activated</strong>.') ?></p>
-</div>
-<?php endif; ?>
-<?php if (isset($_GET['deactivate'])) : ?>
-<div class="updated"><p><?php _e('Plugin <strong>deactivated</strong>.') ?></p>
-</div>
+<?php if ( isset($_GET['error']) ) : ?>
+	<div id="message" class="updated fade"><p><?php _e('Plugin could not be activated because it triggered a <strong>fatal error</strong>.') ?></p></div>
+<?php elseif ( isset($_GET['activate']) ) : ?>
+	<div id="message" class="updated fade"><p><?php _e('Plugin <strong>activated</strong>.') ?></p></div>
+<?php elseif ( isset($_GET['deactivate']) ) : ?>
+	<div id="message" class="updated fade"><p><?php _e('Plugin <strong>deactivated</strong>.') ?></p></div>
+<?php elseif (isset($_GET['deactivate-all'])) : ?>
+	<div id="message" class="updated fade"><p><?php _e('All plugins <strong>deactivated</strong>.'); ?></p></div>
 <?php endif; ?>
 
 <div class="wrap">
 <h2><?php _e('Plugin Management'); ?></h2>
-<p><?php _e('Plugins are files you usually download separately from WordPress that add functionality. To install a plugin you generally just need to put the plugin file into your <code>wp-content/plugins</code> directory. Once a plugin is installed, you may activate it or deactivate it here. If something goes wrong with a plugin and you can&#8217;t use WordPress, delete that plugin from the <code>wp-content/plugins</code> directory and it will be automatically deactivated.'); ?></p>
+<p><?php _e('Plugins extend and expand the functionality of WordPress. Once a plugin is installed, you may activate it or deactivate it here.'); ?></p>
 <?php
 
-if ( get_settings('active_plugins') )
-	$current_plugins = get_settings('active_plugins');
+if ( get_option('active_plugins') )
+	$current_plugins = get_option('active_plugins');
 
 $plugins = get_plugins();
 
 if (empty($plugins)) {
-	_e("<p>Couldn't open plugins directory or there are no plugins available.</p>"); // TODO: make more helpful
+	echo '<p>';
+	_e("Couldn&#8217;t open plugins directory or there are no plugins available."); // TODO: make more helpful
+	echo '</p>';
 } else {
 ?>
-<table width="100%" cellpadding="3" cellspacing="3">
+<table class="widefat plugins">
+	<thead>
 	<tr>
 		<th><?php _e('Plugin'); ?></th>
-		<th><?php _e('Version'); ?></th>
-		<th><?php _e('Author'); ?></th>
+		<th style="text-align: center"><?php _e('Version'); ?></th>
 		<th><?php _e('Description'); ?></th>
-		<th><?php _e('Action'); ?></th>
+		<th style="text-align: center"<?php if ( current_user_can('edit_plugins') ) echo ' colspan="2"'; ?>><?php _e('Action'); ?></th>
 	</tr>
+	</thead>
 <?php
 	$style = '';
+
 	foreach($plugins as $plugin_file => $plugin_data) {
 		$style = ('class="alternate"' == $style|| 'class="alternate active"' == $style) ? '' : 'alternate';
 
 		if (!empty($current_plugins) && in_array($plugin_file, $current_plugins)) {
-			$action = "<a href='plugins.php?action=deactivate&amp;plugin=$plugin_file' title='".__('Deactivate this plugin')."' class='delete'>".__('Deactivate')."</a>";
+			$toggle = "<a href='" . wp_nonce_url("plugins.php?action=deactivate&amp;plugin=$plugin_file", 'deactivate-plugin_' . $plugin_file) . "' title='".__('Deactivate this plugin')."' class='delete'>".__('Deactivate')."</a>";
 			$plugin_data['Title'] = "<strong>{$plugin_data['Title']}</strong>";
 			$style .= $style == 'alternate' ? ' active' : 'active';
 		} else {
-			$action = "<a href='plugins.php?action=activate&amp;plugin=$plugin_file' title='".__('Activate this plugin')."' class='edit'>".__('Activate')."</a>";
+			$toggle = "<a href='" . wp_nonce_url("plugins.php?action=activate&amp;plugin=$plugin_file", 'activate-plugin_' . $plugin_file) . "' title='".__('Activate this plugin')."' class='edit'>".__('Activate')."</a>";
 		}
-		$plugin_data['Description'] = wp_kses($plugin_data['Description'], array('a' => array('href' => array(),'title' => array()),'abbr' => array('title' => array()),'acronym' => array('title' => array()),'code' => array(),'em' => array(),'strong' => array()) ); ;
-		if ($style != '') $style = 'class="' . $style . '"';
+
+		$plugins_allowedtags = array('a' => array('href' => array(),'title' => array()),'abbr' => array('title' => array()),'acronym' => array('title' => array()),'code' => array(),'em' => array(),'strong' => array());
+
+		// Sanitize all displayed data
+		$plugin_data['Title']       = wp_kses($plugin_data['Title'], $plugins_allowedtags);
+		$plugin_data['Version']     = wp_kses($plugin_data['Version'], $plugins_allowedtags);
+		$plugin_data['Description'] = wp_kses($plugin_data['Description'], $plugins_allowedtags);
+		$plugin_data['Author']      = wp_kses($plugin_data['Author'], $plugins_allowedtags);
+
+		if ( $style != '' )
+			$style = 'class="' . $style . '"';
+		if ( is_writable(ABSPATH . PLUGINDIR . '/' . $plugin_file) )
+			$edit = "<a href='plugin-editor.php?file=$plugin_file' title='".__('Open this file in the Plugin Editor')."' class='edit'>".__('Edit')."</a>";
+		else
+			$edit = '';
+
 		echo "
 	<tr $style>
-		<td class=\"name\">{$plugin_data['Title']}</td>
-		<td class=\"vers\">{$plugin_data['Version']}</td>
-		<td class=\"auth\">{$plugin_data['Author']}</td>
-		<td class=\"desc\">{$plugin_data['Description']}</td>
-		<td class=\"togl\">$action</td>
+		<td class='name'>{$plugin_data['Title']}</td>
+		<td class='vers'>{$plugin_data['Version']}</td>
+		<td class='desc'><p>{$plugin_data['Description']} <cite>".sprintf(__('By %s'), $plugin_data['Author']).".</cite></p></td>
+		<td class='togl'>$toggle</td>";
+		if ( current_user_can('edit_plugins') )
+		echo "
+		<td>$edit</td>";
+		echo"
 	</tr>";
 	}
 ?>
 
+<tr>
+	<td colspan="3">&nbsp;</td>
+	<td colspan="2" style="width:12em;"><a href="<?php echo wp_nonce_url('plugins.php?action=deactivate-all', 'deactivate-all'); ?>" class="delete"><?php _e('Deactivate All Plugins'); ?></a></td>
+</tr>
+
 </table>
 <?php
 }
 ?>
 
+<p><?php printf(__('If something goes wrong with a plugin and you can&#8217;t use WordPress, delete or rename that file in the <code>%s</code> directory and it will be automatically deactivated.'), PLUGINDIR); ?></p>
+
 <h2><?php _e('Get More Plugins'); ?></h2>
-<p><?php _e('You can find additional plugins for your site in the <a href="http://wordpress.org/extend/plugins/">WordPress plugin directory</a>. To install a plugin you generally just need to upload the plugin file into your <code>wp-content/plugins</code> directory. Once a plugin is uploaded, you may activate it here.'); ?></p>
+<p><?php _e('You can find additional plugins for your site in the <a href="http://wordpress.org/extend/plugins/">WordPress plugin directory</a>.'); ?></p>
+<p><?php printf(__('To install a plugin you generally just need to upload the plugin file into your <code>%s</code> directory. Once a plugin is uploaded, you may activate it here.'), PLUGINDIR); ?></p>
 
 </div>
 

wp-admin/post-new.php

@@ -0,0 +1,97 @@
+<?php
+require_once('admin.php');
+$title = __('Create New Post');
+$parent_file = 'post-new.php';
+$editing = true;
+wp_enqueue_script('prototype');
+wp_enqueue_script('interface');
+wp_enqueue_script('autosave');
+require_once ('./admin-header.php');
+
+if ( ! current_user_can('edit_posts') ) { ?>
+<div class="wrap">
+<p><?php printf(__('Since you&#8217;re a newcomer, you&#8217;ll have to wait for an admin to raise your level to 1, in order to be authorized to post.<br />
+You can also <a href="mailto:%s?subject=Promotion?">e-mail the admin</a> to ask for a promotion.<br />
+When you&#8217;re promoted, just reload this page and you&#8217;ll be able to blog. :)'), get_option('admin_email')); ?>
+</p>
+</div>
+<?php
+	include('admin-footer.php');
+	exit();
+}
+
+if ( isset($_GET['posted']) && $_GET['posted'] ) : ?>
+<div id="message" class="updated fade"><p><strong><?php _e('Post saved.'); ?></strong> <a href="<?php echo get_permalink( $_GET['posted'] ); ?>"><?php _e('View post'); ?> &raquo;</a></p></div>
+<?php
+endif;
+
+if ( $drafts = get_users_drafts( $user_ID ) ) { ?>
+<div class="wrap">
+<p><strong><?php _e('Your Drafts:') ?></strong>
+<?php
+// Show drafts.
+	$num_drafts = count($drafts);
+	if ( $num_drafts > 15 ) $num_drafts = 15;
+	for ( $i = 0; $i < $num_drafts; $i++ ) {
+		$draft = $drafts[$i];
+		if ( 0 != $i )
+			echo ', ';
+		if ( empty($draft->post_title) )
+			$draft->post_title = sprintf(__('Post # %s'), $draft->ID);
+		echo "<a href='post.php?action=edit&amp;post=$draft->ID' title='" . __('Edit this draft') . "'>$draft->post_title</a>";
+	}
+
+	if ( 15 < count($drafts) ) { ?>
+		, <a href="edit.php"><?php echo sprintf(__('and %s more'), (count($drafts) - 15) ); ?> &raquo;</a>
+	<?php } ?>
+.</p>
+</div>
+<?php
+}
+
+// Show post form.
+$post = get_default_post_to_edit();
+include('edit-form-advanced.php');
+?>
+
+<?php if ( $is_NS4 || $is_gecko || $is_winIE ) { ?>
+<div id="wp-bookmarklet" class="wrap">
+<h3><?php _e('WordPress Bookmarklet'); ?></h3>
+<p><?php _e('Right click on the following link and choose "Add to favorites" to create a posting shortcut.'); ?></p>
+<p>
+
+<?php
+if ($is_NS4 || $is_gecko) {
+?>
+<a href="javascript:if(navigator.userAgent.indexOf('Safari') >= 0){Q=getSelection();}else{Q=document.selection?document.selection.createRange().text:document.getSelection();}location.href='<?php echo get_option('siteurl') ?>/wp-admin/post-new.php?text='+encodeURIComponent(Q)+'&amp;popupurl='+encodeURIComponent(location.href)+'&amp;popuptitle='+encodeURIComponent(document.title);"><?php printf(__('Press It - %s'), wp_specialchars(get_option('blogname'))); ?></a> 
+<?php
+} else if ($is_winIE) {
+?>
+<a href="javascript:Q='';if(top.frames.length==0)Q=document.selection.createRange().text;location.href='<?php echo get_option('siteurl') ?>/wp-admin/post-new.php?text='+encodeURIComponent(Q)+'&amp;popupurl='+encodeURIComponent(location.href)+'&amp;popuptitle='+encodeURIComponent(document.title);"><?php printf(__('Press it - %s'), get_option('blogname')); ?></a>
+<script type="text/javascript">
+<!--
+function oneclickbookmarklet(blah) {
+window.open ("profile.php?action=IErightclick", "oneclickbookmarklet", "width=500, height=450, location=0, menubar=0, resizable=0, scrollbars=1, status=1, titlebar=0, toolbar=0, screenX=120, left=120, screenY=120, top=120");
+}
+// -->
+</script>
+<br />
+<br />
+<?php _e('One-click bookmarklet:') ?><br />
+<a href="javascript:oneclickbookmarklet(0);"><?php _e('click here') ?></a> 
+<?php
+} else if ($is_opera) {
+?>
+<a href="javascript:location.href='<?php echo get_option('siteurl'); ?>/wp-admin/post-new.php?popupurl='+escape(location.href)+'&popuptitle='+escape(document.title);"><?php printf(__('Press it - %s'), get_option('blogname')); ?></a> 
+<?php
+} else if ($is_macIE) {
+?>
+<a href="javascript:Q='';location.href='<?php echo get_option('siteurl'); ?>/wp-admin/bookmarklet.php?text='+escape(document.getSelection())+'&popupurl='+escape(location.href)+'&popuptitle='+escape(document.title);"><?php printf(__('Press it - %s'), get_option('blogname')); ?></a> 
+<?php
+}
+?>
+</p>
+</div>
+<?php } ?>
+
+<?php include('admin-footer.php'); ?>

wp-admin/post.php

@@ -1,795 +1,170 @@
 <?php
 require_once('admin.php');
 
-$wpvarstoreset = array('action', 'safe_mode', 'withcomments', 'posts', 'content', 'edited_post_title', 'comment_error', 'profile', 'trackback_url', 'excerpt', 'showcomments', 'commentstart', 'commentend', 'commentorder' );
+$parent_file = 'edit.php';
+$submenu_file = 'edit.php';
 
-for ($i=0; $i<count($wpvarstoreset); $i += 1) {
-	$wpvar = $wpvarstoreset[$i];
-	if (!isset($$wpvar)) {
-		if (empty($_POST["$wpvar"])) {
-			if (empty($_GET["$wpvar"])) {
-				$$wpvar = '';
-			} else {
-			$$wpvar = $_GET["$wpvar"];
-			}
-		} else {
-			$$wpvar = $_POST["$wpvar"];
-		}
-	}
-}
+wp_reset_vars(array('action', 'safe_mode', 'withcomments', 'posts', 'content', 'edited_post_title', 'comment_error', 'profile', 'trackback_url', 'excerpt', 'showcomments', 'commentstart', 'commentend', 'commentorder'));
 
-if (isset($_POST['deletepost'])) {
-$action = "delete";
-}
-
-	// Fix submenu highlighting for pages.
-if (false !== strpos($_SERVER['HTTP_REFERER'], 'edit-pages.php')) $submenu_file = 'page-new.php';
-
-$editing = true;
+if ( isset( $_POST['deletepost'] ) )
+	$action = 'delete';
 
 switch($action) {
+case 'postajaxpost':
 case 'post':
+	$parent_file = 'post-new.php';
+	$submenu_file = 'post-new.php';
+	check_admin_referer('add-post');
 
-	if ( !user_can_create_draft($user_ID) )
-		die( __('You are not allowed to create posts or drafts on this blog.') );
-
-	$post_pingback = (int) $_POST['post_pingback'];
-	$content         = apply_filters('content_save_pre',  $_POST['content']);
-	$excerpt         = apply_filters('excerpt_save_pre',  $_POST['excerpt']);
-	$post_title      = apply_filters('title_save_pre',    $_POST['post_title']);
-	$post_categories = apply_filters('category_save_pre', $_POST['post_category']);
-	$post_status     = apply_filters('status_save_pre',   $_POST['post_status']);
-	$post_name       = apply_filters('name_save_pre',     $_POST['post_name']);
-	$post_parent = 0;
-	$menu_order  = 0;
-	
-
-	if ( isset($_POST['parent_id']) )
-		$post_parent = (int) $_POST['parent_id'];
-
-	if ( isset($_POST['menu_order']) )
-		$menu_order = (int) $_POST['menu_order'];
-
-	if (! empty($_POST['post_author_override'])) {
-		$post_author = (int) $_POST['post_author_override'];
-	} else if (! empty($_POST['post_author'])) {
-		$post_author = (int) $_POST['post_author'];
-	} else {
-		$post_author = (int) $_POST['user_ID'];
-	}
-	if ( !user_can_edit_user($user_ID, $post_author) )
-		die( __('You cannot post as this user.') );
-
-	if ( empty($post_status) )
-		$post_status = 'draft';
-	// Double-check
-	if ( 'publish' == $post_status && (!user_can_create_post($user_ID)) )
-		$post_status = 'draft';
-		
-	$comment_status = $_POST['comment_status'];
-	if ( empty($comment_status) ) {
-		if ( !isset($_POST['advanced_view']) )
-			$comment_status = get_option('default_comment_status');
-		else
-			$comment_status = 'closed';
-		}
-
-	$ping_status = $_POST['ping_status'];
-	if ( empty($ping_status) ) {
-		if ( !isset($_POST['advanced_view']) )
-			$ping_status = get_option('default_ping_status');			
-		else
-			$ping_status = 'closed';
-		}
-
-	$post_password = $_POST['post_password'];
-	
-	$trackback = $_POST['trackback_url'];
-	$trackback = preg_replace('|\s+|', "\n", $trackback);
-
-	if (user_can_set_post_date($user_ID) && (!empty($_POST['edit_date']))) {
-		$aa = $_POST['aa'];
-		$mm = $_POST['mm'];
-		$jj = $_POST['jj'];
-		$hh = $_POST['hh'];
-		$mn = $_POST['mn'];
-		$ss = $_POST['ss'];
-		$jj = ($jj > 31) ? 31 : $jj;
-		$hh = ($hh > 23) ? $hh - 24 : $hh;
-		$mn = ($mn > 59) ? $mn - 60 : $mn;
-		$ss = ($ss > 59) ? $ss - 60 : $ss;
-		$now = "$aa-$mm-$jj $hh:$mn:$ss";
-		$now_gmt = get_gmt_from_date("$aa-$mm-$jj $hh:$mn:$ss");
-	} else {
-		$now = current_time('mysql');
-		$now_gmt = current_time('mysql', 1);
-	}
-
-	// What to do based on which button they pressed
-	if ('' != $_POST['saveasdraft']) $post_status = 'draft';
-	if ('' != $_POST['saveasprivate']) $post_status = 'private';
-	if ('' != $_POST['publish']) $post_status = 'publish';
-	if ('' != $_POST['advanced']) $post_status = 'draft';
-	if ('' != $_POST['savepage']) $post_status = 'static';
-
-
-
-	$id_result = $wpdb->get_row("SHOW TABLE STATUS LIKE '$wpdb->posts'");
-	$post_ID = $id_result->Auto_increment;
-
-	if ( empty($post_name) ) {
-		if ( 'draft' != $post_status )
-			$post_name = sanitize_title($post_title, $post_ID);
-	} else {
-		$post_name = sanitize_title($post_name, $post_ID);
-	}
-
-	if ('publish' == $post_status) {
-		$post_name_check = $wpdb->get_var("SELECT post_name FROM $wpdb->posts WHERE post_name = '$post_name' AND post_status = 'publish' AND ID != '$post_ID' LIMIT 1");
-		if ($post_name_check) {
-			$suffix = 2;
-			while ($post_name_check) {
-				$alt_post_name = $post_name . "-$suffix";
-				$post_name_check = $wpdb->get_var("SELECT post_name FROM $wpdb->posts WHERE post_name = '$alt_post_name' AND post_status = 'publish' AND ID != '$post_ID' LIMIT 1");
-				$suffix++;
-			}
-			$post_name = $alt_post_name;
-		}
-	}
-
-	$postquery ="INSERT INTO $wpdb->posts
-			(ID, post_author, post_date, post_date_gmt, post_content, post_title, post_excerpt,  post_status, comment_status, ping_status, post_password, post_name, to_ping, post_modified, post_modified_gmt, post_parent, menu_order)
-			VALUES
-			('$post_ID', '$post_author', '$now', '$now_gmt', '$content', '$post_title', '$excerpt', '$post_status', '$comment_status', '$ping_status', '$post_password', '$post_name', '$trackback', '$now', '$now_gmt', '$post_parent', '$menu_order')
-			";
-
-	$result = $wpdb->query($postquery);
+	$post_ID = 'post' == $action ? write_post() : edit_post();
 
+	// Redirect.
 	if (!empty($_POST['mode'])) {
 	switch($_POST['mode']) {
 		case 'bookmarklet':
-			$location = 'bookmarklet.php?a=b';
+			$location = $_POST['referredby'];
 			break;
 		case 'sidebar':
 			$location = 'sidebar.php?a=b';
 			break;
 		default:
-			$location = 'post.php';
+			$location = 'post-new.php';
 			break;
 		}
 	} else {
-		$location = 'post.php?posted=true';
+		$location = "post-new.php?posted=$post_ID";
 	}
 
-	if ( 'static' == $_POST['post_status'] )
-		$location = "page-new.php?saved=true";
-
-	if ( '' != $_POST['advanced'] || isset($_POST['save']) )
+	if ( isset($_POST['save']) )
 		$location = "post.php?action=edit&post=$post_ID";
 
-	header("Location: $location"); // Send user on their way while we keep working
-
-	// Insert categories
-	// Check to make sure there is a category, if not just set it to some default
-	if (!$post_categories) $post_categories[] = get_option('default_category');
-	foreach ($post_categories as $post_category) {
-		// Double check it's not there already
-		$exists = $wpdb->get_row("SELECT * FROM $wpdb->post2cat WHERE post_id = $post_ID AND category_id = $post_category");
-
-		 if (!$exists) { 
-			$wpdb->query("
-			INSERT INTO $wpdb->post2cat
-			(post_id, category_id)
-			VALUES
-			($post_ID, $post_category)
-			");
-		}
-	}
-
-	add_meta($post_ID);
-
-	$wpdb->query("UPDATE $wpdb->posts SET guid = '" . get_permalink($post_ID) . "' WHERE ID = '$post_ID'");
-
-	do_action('save_post', $post_ID);
-
-	if ('publish' == $post_status) {
-		do_action('publish_post', $post_ID);
-		if ($post_pingback)
-			pingback($content, $post_ID);
-		do_enclose( $content, $post_ID );
-		do_trackbacks($post_ID);
-		
-	}
-
-	if ($post_status == 'static') {
-		generate_page_rewrite_rules();
-		add_post_meta($post_ID, '_wp_page_template',  $_POST['page_template'], true);
-	}
-
-	require_once('admin-header.php');
-
+	wp_redirect($location);
 	exit();
 	break;
 
 case 'edit':
 	$title = __('Edit');
+	$editing = true;
+	$post_ID = $p = (int) $_GET['post'];
+	$post = get_post($post_ID);
 
+	if ( 'page' == $post->post_type ) {
+		wp_redirect("page.php?action=edit&post=$post_ID");
+		exit();
+	}
+
+	if($post->post_status == 'draft') {
+		wp_enqueue_script('prototype');
+		wp_enqueue_script('autosave');
+	}
 	require_once('admin-header.php');
 
-	$post = $post_ID = $p = (int) $_GET['post'];
-
-	if ( !user_can_edit_post($user_ID, $post_ID) )
+	if ( !current_user_can('edit_post', $post_ID) )
 		die ( __('You are not allowed to edit this post.') );
-		
-	$postdata = &get_post($post_ID);
-	$content = $postdata->post_content;
-	$content = format_to_edit($content);
-	$content = apply_filters('content_edit_pre', $content);
-	$excerpt = $postdata->post_excerpt;
-	$excerpt = format_to_edit($excerpt);
-	$excerpt = apply_filters('excerpt_edit_pre', $excerpt);
-	$edited_post_title = format_to_edit($postdata->post_title);
-	$edited_post_title = apply_filters('title_edit_pre', $edited_post_title);
-	$post_status = $postdata->post_status;
-	$comment_status = $postdata->comment_status;
-	$ping_status = $postdata->ping_status;
-	$post_password = $postdata->post_password;
-	$to_ping = $postdata->to_ping;
-	$pinged = $postdata->pinged;
-	$post_name = $postdata->post_name;
-	$post_parent = $postdata->post_parent;
-	$post_author = $postdata->post_author;
-	$menu_order = $postdata->menu_order;
 
-	if( 'private' == $postdata->post_status && $postdata->post_author != $user_ID )
-		die ( __('You are not allowed to view other users\' private posts.') );
+	$post = get_post_to_edit($post_ID);
 
-	if ($post_status == 'static') {
-		$page_template = get_post_meta($post_ID, '_wp_page_template', true);
-		include('edit-page-form.php');
-	} else {
-		include('edit-form-advanced.php');
-	}
+	include('edit-form-advanced.php');
 
-	$post = &$postdata;
-	?>
-	<div id='preview' class='wrap'>
-	<h2><?php _e('Post Preview (updated when post is saved)'); ?></h2>
-	<h3 class="storytitle" id="post-<?php the_ID(); ?>"><a href="<?php the_permalink() ?>" rel="bookmark" title="<?php printf(__("Permanent Link: %s"), get_the_title()); ?>"><?php the_title(); ?></a></h3>
-	<div class="meta"><?php _e("Filed under:"); ?> <?php the_category(','); ?> &#8212; <?php the_author() ?> @ <?php the_time() ?></div>
-
-	<div class="storycontent">
-	<?php 
-	$content = apply_filters('the_content', $post->post_content);
-	echo $content;
-	?>
-	</div>
-	</div>
-	<?php
 	break;
 
+case 'editattachment':
+	$post_id = (int) $_POST['post_ID'];
+
+	check_admin_referer('update-attachment_' . $post_id);
+
+	// Don't let these be changed
+	unset($_POST['guid']);
+	$_POST['post_type'] = 'attachment';
+
+	// Update the thumbnail filename
+	$newmeta = wp_get_attachment_metadata( $post_id, true );
+	$newmeta['thumb'] = $_POST['thumb'];
+
+	wp_update_attachment_metadata( $post_id, $newmeta );
+
 case 'editpost':
-	// die(var_dump('<pre>', $_POST));
-	if (!isset($blog_ID)) {
-		$blog_ID = 1;
-	}
-	$post_ID = $_POST['post_ID'];
+	$post_ID = (int) $_POST['post_ID'];
+	check_admin_referer('update-post_' . $post_ID);
 
-	if (!user_can_edit_post($user_ID, $post_ID, $blog_ID))
-		die( __('You are not allowed to edit this post.') );
+	$post_ID = edit_post();
 
-	$post_categories = $_POST['post_category'];
-	if (!$post_categories) $post_categories[] = 1;
-	$content = apply_filters('content_save_pre', $_POST['content']);
-	$excerpt = apply_filters('excerpt_save_pre', $_POST['excerpt']);
-	$post_title = $_POST['post_title'];
-	$prev_status = $_POST['prev_status'];
-	$post_status = $_POST['post_status'];
-	$menu_order = (int) $_POST['menu_order'];
-	if (! empty($_POST['post_author_override'])) {
-		$post_author = (int) $_POST['post_author_override'];
-	} else if (! empty($_POST['post_author'])) {
-		$post_author = (int) $_POST['post_author'];
-	} else {
-		$post_author = (int) $_POST['user_ID'];
-	}
-	if ( !user_can_edit_user($user_ID, $post_author) )
-		die( __('You cannot post as this user.') );
-
-	$comment_status = $_POST['comment_status'];
-	if (empty($comment_status)) $comment_status = 'closed';
-	//if (!$_POST['comment_status']) $comment_status = get_settings('default_comment_status');
-
-	$ping_status = $_POST['ping_status'];
-	if (empty($ping_status)) $ping_status = 'closed';
-	//if (!$_POST['ping_status']) $ping_status = get_settings('default_ping_status');
-	$post_password = $_POST['post_password'];
-	$post_name = $_POST['post_name'];
-
-	$post_parent = 0;
-	if (isset($_POST['parent_id'])) {
-		$post_parent = $_POST['parent_id'];
-	}
-
-	$trackback = $_POST['trackback_url'];
-	// Format trackbacks
-	$trackback = preg_replace('|\s+|', '\n', $trackback);
-	
-	if (isset($_POST['publish'])) $post_status = 'publish';
-	// Double-check
-	if ( 'publish' == $post_status && (!user_can_create_post($user_ID)) )
-		$post_status = 'draft';
-
-	if ( empty($post_name) ) {
-		if ( 'draft' != $post_status )
-			$post_name = sanitize_title($post_title, $post_ID);
-	} else {
-		$post_name = sanitize_title($post_name, $post_ID);
-	}
-
-	if ('publish' == $post_status) {
-		$post_name_check = $wpdb->get_var("SELECT post_name FROM $wpdb->posts WHERE post_name = '$post_name' AND post_status = 'publish' AND ID != '$post_ID' LIMIT 1");
-		if ($post_name_check) {
-			$suffix = 2;
-			while ($post_name_check) {
-				$alt_post_name = $post_name . "-$suffix";
-				$post_name_check = $wpdb->get_var("SELECT post_name FROM $wpdb->posts WHERE post_name = '$alt_post_name' AND post_status = 'publish' AND ID != '$post_ID' LIMIT 1");
-				$suffix++;
+	if ( 'post' == $_POST['originalaction'] ) {
+		if (!empty($_POST['mode'])) {
+		switch($_POST['mode']) {
+			case 'bookmarklet':
+				$location = $_POST['referredby'];
+				break;
+			case 'sidebar':
+				$location = 'sidebar.php?a=b';
+				break;
+			default:
+				$location = 'post-new.php';
+				break;
 			}
-			$post_name = $alt_post_name;
+		} else {
+			$location = "post-new.php?posted=$post_ID";
+		}
+
+		if ( isset($_POST['save']) )
+			$location = "post.php?action=edit&post=$post_ID";
+	} else {
+		$referredby = '';
+		if ( !empty($_POST['referredby']) )
+			$referredby = preg_replace('|https?://[^/]+|i', '', $_POST['referredby']);
+		$referer = preg_replace('|https?://[^/]+|i', '', wp_get_referer());
+
+		if ($_POST['save']) {
+			$location = "post.php?action=edit&post=$post_ID";
+		} elseif ($_POST['updatemeta']) {
+			$location = wp_get_referer() . '&message=2#postcustom';
+		} elseif ($_POST['deletemeta']) {
+			$location = wp_get_referer() . '&message=3#postcustom';
+		} elseif (!empty($referredby) && $referredby != $referer) {
+			$location = $_POST['referredby'];
+			if ( $_POST['referredby'] == 'redo' )
+				$location = get_permalink( $post_ID );
+		} elseif ($action == 'editattachment') {
+			$location = 'attachments.php';
+		} else {
+			$location = 'post-new.php';
 		}
 	}
 
-	if (user_can_edit_post_date($user_ID, $post_ID) && (!empty($_POST['edit_date']))) {
-		$aa = $_POST['aa'];
-		$mm = $_POST['mm'];
-		$jj = $_POST['jj'];
-		$hh = $_POST['hh'];
-		$mn = $_POST['mn'];
-		$ss = $_POST['ss'];
-		$jj = ($jj > 31) ? 31 : $jj;
-		$hh = ($hh > 23) ? $hh - 24 : $hh;
-		$mn = ($mn > 59) ? $mn - 60 : $mn;
-		$ss = ($ss > 59) ? $ss - 60 : $ss;
-		$datemodif = ", post_date = '$aa-$mm-$jj $hh:$mn:$ss'";
-	$datemodif_gmt = ", post_date_gmt = '".get_gmt_from_date("$aa-$mm-$jj $hh:$mn:$ss")."'";
-	} else {
-		$datemodif = '';
-		$datemodif_gmt = '';
-	}
-
-	$now = current_time('mysql');
-	$now_gmt = current_time('mysql', 1);
-
-	$result = $wpdb->query("
-		UPDATE $wpdb->posts SET
-			post_content = '$content',
-			post_excerpt = '$excerpt',
-			post_title = '$post_title'"
-			.$datemodif_gmt
-			.$datemodif.",			
-			post_status = '$post_status',
-			comment_status = '$comment_status',
-			ping_status = '$ping_status',
-			post_author = '$post_author',
-			post_password = '$post_password',
-			post_name = '$post_name',
-			to_ping = '$trackback',
-			post_modified = '$now',
-			post_modified_gmt = '$now_gmt',
-			menu_order = '$menu_order',
-			post_parent = '$post_parent'
-		WHERE ID = $post_ID ");
-
-	if ($_POST['save']) {
-		$location = $_SERVER['HTTP_REFERER'];
-	} elseif ($_POST['updatemeta']) {
-		$location = $_SERVER['HTTP_REFERER'] . '&message=2#postcustom';
-	} elseif ($_POST['deletemeta']) {
-		$location = $_SERVER['HTTP_REFERER'] . '&message=3#postcustom';
-	} elseif (isset($_POST['referredby']) && $_POST['referredby'] != $_SERVER['HTTP_REFERER']) {
-		$location = $_POST['referredby'];
-		if ( $_POST['referredby'] == 'redo' )
-			$location = get_permalink( $post_ID );
-	} else {
-		$location = 'post.php';
-	}
-	header ('Location: ' . $location); // Send user on their way while we keep working
-
-	// Meta Stuff
-	if ($_POST['meta']) :
-		foreach ($_POST['meta'] as $key => $value) :
-			update_meta($key, $value['key'], $value['value']);
-		endforeach;
-	endif;
-
-	if ($_POST['deletemeta']) :
-		foreach ($_POST['deletemeta'] as $key => $value) :
-			delete_meta($key);
-		endforeach;
-	endif;
-
-	add_meta($post_ID);
-
-	// Now it's category time!
-	// First the old categories
-	$old_categories = $wpdb->get_col("SELECT category_id FROM $wpdb->post2cat WHERE post_id = $post_ID");
-	
-	// Delete any?
-	foreach ($old_categories as $old_cat) {
-		if (!in_array($old_cat, $post_categories)) // If a category was there before but isn't now
-			$wpdb->query("DELETE FROM $wpdb->post2cat WHERE category_id = $old_cat AND post_id = $post_ID LIMIT 1");
-	}
-	
-	// Add any?
-	foreach ($post_categories as $new_cat) {
-		if (!in_array($new_cat, $old_categories))
-			$wpdb->query("INSERT INTO $wpdb->post2cat (post_id, category_id) VALUES ($post_ID, $new_cat)");
-	}
-
-	if ($prev_status != 'publish' && $post_status == 'publish')
-		do_action('private_to_published', $post_ID);
-
-	do_action('edit_post', $post_ID);
-
-	if ($post_status == 'publish') {
-		do_action('publish_post', $post_ID);
-		do_trackbacks($post_ID);
-		do_enclose( $content, $post_ID );
-		if ( get_option('default_pingback_flag') )
-			pingback($content, $post_ID);
-	}
-
-	if ($post_status == 'static') {
-		generate_page_rewrite_rules();
-
-		if ( ! update_post_meta($post_ID, '_wp_page_template',  $_POST['page_template'])) {
-			add_post_meta($post_ID, '_wp_page_template',  $_POST['page_template'], true);
-		}
-	}
+	wp_redirect($location); // Send user on their way while we keep working
 
 	exit();
 	break;
 
 case 'delete':
-	check_admin_referer();
-
 	$post_id = (isset($_GET['post']))  ? intval($_GET['post']) : intval($_POST['post_ID']);
-	
-	if (!user_can_delete_post($user_ID, $post_id)) {
-		die( __('You are not allowed to delete this post.') );
+	check_admin_referer('delete-post_' . $post_id);
+
+	$post = & get_post($post_id);
+
+	if ( !current_user_can('delete_post', $post_id) )
+		wp_die( __('You are not allowed to delete this post.') );
+
+	if ( $post->post_type == 'attachment' ) {
+		if ( ! wp_delete_attachment($post_id) )
+			wp_die( __('Error in deleting...') );
+	} else {
+		if ( !wp_delete_post($post_id) ) 
+			wp_die( __('Error in deleting...') );
 	}
 
-	if (! wp_delete_post($post_id))
-		die( __('Error in deleting...') );
-
-	$sendback = $_SERVER['HTTP_REFERER'];
-	if (strstr($sendback, 'post.php')) $sendback = get_settings('siteurl') .'/wp-admin/post.php';
+	$sendback = wp_get_referer();
+	if (strpos($sendback, 'post.php') !== false) $sendback = get_option('siteurl') .'/wp-admin/post-new.php';
+	elseif (strpos($sendback, 'attachments.php') !== false) $sendback = get_option('siteurl') .'/wp-admin/attachments.php';
 	$sendback = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $sendback);
-	header ('Location: ' . $sendback);
-	generate_page_rewrite_rules();
-	do_action('delete_post', $post_id);
-	break;
-
-case 'editcomment':
-	$title = __('Edit Comment');
-	$parent_file = 'edit.php';
-	require_once ('admin-header.php');
-
-	get_currentuserinfo();
-
-	$comment = $_GET['comment'];
-	$commentdata = get_commentdata($comment, 1, true) or die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'javascript:history.go(-1)'));
-
-	if (!user_can_edit_post_comments($user_ID, $commentdata['comment_post_ID'])) {
-		die( __('You are not allowed to edit comments on this post.') );
-	}
-
-	$content = $commentdata['comment_content'];
-	$content = format_to_edit($content);
-	$content = apply_filters('comment_edit_pre', $content);
-	
-	$comment_status = $commentdata['comment_approved'];
-
-	include('edit-form-comment.php');
-
-	break;
-
-case 'confirmdeletecomment':
-
-	require_once('./admin-header.php');
-
-	$comment = $_GET['comment'];
-	$p = (int) $_GET['p'];
-	$commentdata = get_commentdata($comment, 1, true) or die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
-
-	if (!user_can_delete_post_comments($user_ID, $commentdata['comment_post_ID'])) {
-		die( __('You are not allowed to delete comments on this post.') );
-	}
-
-	echo "<div class=\"wrap\">\n";
-	echo "<p>" . __('<strong>Caution:</strong> You are about to delete the following comment:') . "</p>\n";
-	echo "<table border=\"0\">\n";
-	echo "<tr><td>" . __('Author:') . "</td><td>" . $commentdata["comment_author"] . "</td></tr>\n";
-	echo "<tr><td>" . __('E-mail:') . "</td><td>" . $commentdata["comment_author_email"] . "</td></tr>\n";
-	echo "<tr><td>". __('URL:') . "</td><td>" . $commentdata["comment_author_url"] . "</td></tr>\n";
-	echo "<tr><td>". __('Comment:') . "</td><td>" . stripslashes($commentdata["comment_content"]) . "</td></tr>\n";
-	echo "</table>\n";
-	echo "<p>" . __('Are you sure you want to do that?') . "</p>\n";
-
-	echo "<form action='".get_settings('siteurl')."/wp-admin/post.php' method='get'>\n";
-	echo "<input type=\"hidden\" name=\"action\" value=\"deletecomment\" />\n";
-	echo "<input type=\"hidden\" name=\"p\" value=\"$p\" />\n";
-	echo "<input type=\"hidden\" name=\"comment\" value=\"$comment\" />\n";
-	echo "<input type=\"hidden\" name=\"noredir\" value=\"1\" />\n";
-	echo "<input type=\"submit\" value=\"" . __('Yes') . "\" />";
-	echo "&nbsp;&nbsp;";
-	echo "<input type=\"button\" value=\"" . __('No') . "\" onclick=\"self.location='". get_settings('siteurl') ."/wp-admin/edit.php?p=$p&amp;c=1#comments';\" />\n";
-	echo "</form>\n";
-	echo "</div>\n";
-
-	break;
-
-case 'deletecomment':
-
-	check_admin_referer();
-
-	$comment = $_GET['comment'];
-	$p = $_GET['p'];
-	if (isset($_GET['noredir'])) {
-		$noredir = true;
-	} else {
-		$noredir = false;
-	}
-
-	$postdata = get_post($p) or die(sprintf(__('Oops, no post with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
-	$commentdata = get_commentdata($comment, 1, true) or die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'post.php'));
-
-	if (!user_can_delete_post_comments($user_ID, $commentdata['comment_post_ID'])) {
-		die( __('You are not allowed to edit comments on this post.') );
-	}
-
-	wp_set_comment_status($comment, "delete");
-	do_action('delete_comment', $comment);
-
-	if (($_SERVER['HTTP_REFERER'] != "") && (false == $noredir)) {
-		header('Location: ' . $_SERVER['HTTP_REFERER']);
-	} else {
-		header('Location: '. get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments');
-	}
-
-	break;
-
-case 'unapprovecomment':
-
-	require_once('./admin-header.php');
-
-	check_admin_referer();
-
-	$comment = $_GET['comment'];
-	$p = $_GET['p'];
-	if (isset($_GET['noredir'])) {
-		$noredir = true;
-	} else {
-		$noredir = false;
-	}
-
-	$commentdata = get_commentdata($comment) or die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
-
-	if (!user_can_edit_post_comments($user_ID, $commentdata['comment_post_ID'])) {
-		die( __('You are not allowed to edit comments on this post, so you cannot disapprove this comment.') );
-	}
-
-	wp_set_comment_status($comment, "hold");
-
-	if (($_SERVER['HTTP_REFERER'] != "") && (false == $noredir)) {
-		header('Location: ' . $_SERVER['HTTP_REFERER']);
-	} else {
-		header('Location: '. get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments');
-	}
-
-	break;
-
-case 'mailapprovecomment':
-
-	$comment = (int) $_GET['comment'];
-
-	$commentdata = get_commentdata($comment, 1, true) or die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
-
-	if (!user_can_edit_post_comments($user_ID, $commentdata['comment_post_ID'])) {
-		die( __('You are not allowed to edit comments on this post, so you cannot approve this comment.') );
-	}
-
-	if ('1' != $commentdata['comment_approved']) {
-		wp_set_comment_status($comment, 'approve');
-		if (true == get_option('comments_notify'))
-			wp_notify_postauthor($comment);
-	}
-
-	header('Location: ' . get_option('siteurl') . '/wp-admin/moderation.php?approved=1');
-
-	break;
-
-case 'approvecomment':
-
-	$comment = $_GET['comment'];
-	$p = $_GET['p'];
-	if (isset($_GET['noredir'])) {
-		$noredir = true;
-	} else {
-		$noredir = false;
-	}
-	$commentdata = get_commentdata($comment) or die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
-
-	if (!user_can_edit_post_comments($user_ID, $commentdata['comment_post_ID'])) {
-		die( __('You are not allowed to edit comments on this post, so you cannot approve this comment.') );
-	}
-
-	wp_set_comment_status($comment, "approve");
-	if (get_settings("comments_notify") == true) {
-		wp_notify_postauthor($comment);
-	}
-
-
-	if (($_SERVER['HTTP_REFERER'] != "") && (false == $noredir)) {
-		header('Location: ' . $_SERVER['HTTP_REFERER']);
-	} else {
-		header('Location: '. get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments');
-	}
-
-	break;
-
-case 'editedcomment':
-
-	$comment_ID = $_POST['comment_ID'];
-	$comment_post_ID = $_POST['comment_post_ID'];
-	$newcomment_author = $_POST['newcomment_author'];
-	$newcomment_author_email = $_POST['newcomment_author_email'];
-	$newcomment_author_url = $_POST['newcomment_author_url'];
-	$comment_status = $_POST['comment_status'];
-
-	if (!user_can_edit_post_comments($user_ID, $comment_post_ID)) {
-		die( __('You are not allowed to edit comments on this post, so you cannot edit this comment.') );
-	}
-
-	if (user_can_edit_post_date($user_ID, $post_ID) && (!empty($_POST['edit_date']))) {
-		$aa = $_POST['aa'];
-		$mm = $_POST['mm'];
-		$jj = $_POST['jj'];
-		$hh = $_POST['hh'];
-		$mn = $_POST['mn'];
-		$ss = $_POST['ss'];
-		$jj = ($jj > 31) ? 31 : $jj;
-		$hh = ($hh > 23) ? $hh - 24 : $hh;
-		$mn = ($mn > 59) ? $mn - 60 : $mn;
-		$ss = ($ss > 59) ? $ss - 60 : $ss;
-		$datemodif = ", comment_date = '$aa-$mm-$jj $hh:$mn:$ss'";
-	} else {
-		$datemodif = '';
-	}
-	$content = apply_filters('comment_save_pre', $_POST['content']);
-
-	$result = $wpdb->query("
-		UPDATE $wpdb->comments SET
-			comment_content = '$content',
-			comment_author = '$newcomment_author',
-			comment_author_email = '$newcomment_author_email',
-			comment_approved = '$comment_status',
-			comment_author_url = '$newcomment_author_url'".$datemodif."
-		WHERE comment_ID = $comment_ID"
-		);
-
-	$referredby = $_POST['referredby'];
-	if (!empty($referredby)) {
-		header('Location: ' . $referredby);
-	} else {
-		header ("Location: edit.php?p=$comment_post_ID&c=1#comments");
-	}
-	do_action('edit_comment', $comment_ID);
+	wp_redirect($sendback);
+	exit();
 	break;
 
 default:
-	$title = __('Create New Post');
-	require_once ('./admin-header.php');
-?>
-<?php if ( isset($_GET['posted']) ) : ?>
-<div class="updated"><p><?php printf(__('Post saved. <a href="%s">View site &raquo;</a>'), get_bloginfo('home')); ?></p></div>
-<?php endif; ?>
-<?php
-	if (user_can_create_draft($user_ID)) {
-		$action = 'post';
-		get_currentuserinfo();
-		$drafts = $wpdb->get_results("SELECT ID, post_title FROM $wpdb->posts WHERE post_status = 'draft' AND post_author = $user_ID");
-		if ($drafts) {
-			?>
-			<div class="wrap">
-			<p><strong><?php _e('Your Drafts:') ?></strong>
-			<?php
-			$i = 0;
-			foreach ($drafts as $draft) {
-				if (0 != $i)
-					echo ', ';
-				$draft->post_title = stripslashes($draft->post_title);
-				if ($draft->post_title == '')
-					$draft->post_title = sprintf(__('Post # %s'), $draft->ID);
-				echo "<a href='post.php?action=edit&amp;post=$draft->ID' title='" . __('Edit this draft') . "'>$draft->post_title</a>";
-				++$i;
-				}
-			?>.</p>
-			</div>
-			<?php
-		}
-		//set defaults
-		$post_status = 'draft';
-		$comment_status = get_settings('default_comment_status');
-		$ping_status = get_settings('default_ping_status');
-		$post_pingback = get_settings('default_pingback_flag');
-		$default_post_cat = get_settings('default_category');
-
-		$content = wp_specialchars($content);
-		$content = apply_filters('default_content', $content);
-		$edited_post_title = apply_filters('default_title', $edited_post_title);
-		$excerpt = apply_filters('default_excerpt', $excerpt);
-
-		if (get_settings('advanced_edit')) {
-			include('edit-form-advanced.php');
-		} else {
-			include('edit-form.php');
-		}
-?>
-<div class="wrap">
-<?php _e('<h3>WordPress bookmarklet</h3>
-<p>You can drag the following link to your links bar or add it to your bookmarks and when you "Press it" it will open up a popup window with information and a link to the site you&#8217;re currently browsing so you can make a quick post about it. Try it out:</p>') ?>
-<p>
-
-<?php
-$bookmarklet_height= (get_settings('use_trackback')) ? 480 : 440;
-
-if ($is_NS4 || $is_gecko) {
-?>
-<a href="javascript:if(navigator.userAgent.indexOf('Safari') >= 0){Q=getSelection();}else{Q=document.selection?document.selection.createRange().text:document.getSelection();}void(window.open('<?php echo get_settings('siteurl') ?>/wp-admin/bookmarklet.php?text='+encodeURIComponent(Q)+'&amp;popupurl='+encodeURIComponent(location.href)+'&amp;popuptitle='+encodeURIComponent(document.title),'<?php _e('WordPress bookmarklet') ?>','scrollbars=yes,width=600,height=460,left=100,top=150,status=yes'));"><?php printf(__('Press It - %s'), wp_specialchars(get_settings('blogname'))); ?></a> 
-<?php
-} else if ($is_winIE) {
-?>
-<a href="javascript:Q='';if(top.frames.length==0)Q=document.selection.createRange().text;void(btw=window.open('<?php echo get_settings('siteurl') ?>/wp-admin/bookmarklet.php?text='+encodeURIComponent(Q)+'<?php echo $bookmarklet_tbpb ?>&amp;popupurl='+encodeURIComponent(location.href)+'&amp;popuptitle='+encodeURIComponent(document.title),'bookmarklet','scrollbars=yes,width=600,height=<?php echo $bookmarklet_height ?>,left=100,top=150,status=yes'));btw.focus();"><?php printf(__('Press it - %s'), get_settings('blogname')); ?></a>
-<script type="text/javascript">
-<!--
-function oneclickbookmarklet(blah) {
-window.open ("profile.php?action=IErightclick", "oneclickbookmarklet", "width=500, height=450, location=0, menubar=0, resizable=0, scrollbars=1, status=1, titlebar=0, toolbar=0, screenX=120, left=120, screenY=120, top=120");
-}
-// -->
-</script>
-<br />
-<br />
-<?php _e('One-click bookmarklet:') ?><br />
-<a href="javascript:oneclickbookmarklet(0);"><?php _e('click here') ?></a> 
-<?php
-} else if ($is_opera) {
-?>
-<a href="javascript:void(window.open('<?php echo get_settings('siteurl'); ?>/wp-admin/bookmarklet.php?popupurl='+escape(location.href)+'&popuptitle='+escape(document.title)+'<?php echo $bookmarklet_tbpb ?>','bookmarklet','scrollbars=yes,width=600,height=<?php echo $bookmarklet_height ?>,left=100,top=150,status=yes'));"><?php printf(__('Press it - %s'), get_settings('blogname')); ?></a> 
-<?php
-} else if ($is_macIE) {
-?>
-<a href="javascript:Q='';if(top.frames.length==0);void(btw=window.open('<?php echo get_settings('siteurl'); ?>/wp-admin/bookmarklet.php?text='+escape(document.getSelection())+'&popupurl='+escape(location.href)+'&popuptitle='+escape(document.title)+'<?php echo $bookmarklet_tbpb ?>','bookmarklet','scrollbars=yes,width=600,height=<?php echo $bookmarklet_height ?>,left=100,top=150,status=yes'));btw.focus();"><?php printf(__('Press it - %s'), get_settings('blogname')); ?></a> 
-<?php
-}
-?>
-</p>
-</div>
-<?php
-} else {
-?>
-<div class="wrap">
-<p><?php printf(__('Since you&#8217;re a newcomer, you&#8217;ll have to wait for an admin to raise your level to 1, in order to be authorized to post.<br />
-You can also <a href="mailto:%s?subject=Promotion?">e-mail the admin</a> to ask for a promotion.<br />
-When you&#8217;re promoted, just reload this page and you&#8217;ll be able to blog. :)'), get_settings('admin_email')); ?>
-</p>
-</div>
-<?php
-}
-
+	wp_redirect('edit.php');
+	exit();
 	break;
 } // end switch
-/* </Edit> */
 include('admin-footer.php');
 ?>

wp-admin/profile-update.php

@@ -0,0 +1,30 @@
+<?php
+
+$parent_file = 'profile.php';
+$submenu_file = 'profile.php';
+require_once('admin.php');
+
+check_admin_referer('update-profile_' . $user_ID);
+
+if ( !$_POST )
+	wp_die( __('No post?') );
+
+$errors = edit_user($user_ID);
+
+if ( is_wp_error( $errors ) ) {
+	foreach( $errors->get_error_messages() as $message )
+		echo "$message<br />";
+	exit;
+}
+
+do_action('personal_options_update');
+
+if ( 'profile' == $_POST['from'] )
+	$to = 'profile.php?updated=true';
+else
+	$to = 'profile.php?updated=true';
+
+wp_redirect( $to );
+exit;
+
+?>

wp-admin/profile.php

@@ -1,282 +1,150 @@
-<?php 
+<?php
 require_once('admin.php');
 
-$title = 'Profile';
-$parent_file = 'profile.php';
+$title = __('Profile');
 
-$wpvarstoreset = array('action', 'profile', 'user');
-for ($i=0; $i<count($wpvarstoreset); $i += 1) {
-	$wpvar = $wpvarstoreset[$i];
-	if (!isset($$wpvar)) {
-		if (empty($_POST["$wpvar"])) {
-			if (empty($_GET["$wpvar"])) {
-				$$wpvar = '';
-			} else {
-				$$wpvar = $_GET["$wpvar"];
-			}
-		} else {
-			$$wpvar = $_POST["$wpvar"];
-		}
-	}
-}
-
-require_once('../wp-config.php');
-auth_redirect();
-switch($action) {
-
-case 'update':
-
-	get_currentuserinfo();
-
-	/* checking the nickname has been typed */
-	if (empty($_POST["newuser_nickname"])) {
-		die (__("<strong>ERROR</strong>: please enter your nickname (can be the same as your username)"));
-		return false;
-	}
-
-	/* if the ICQ UIN has been entered, check to see if it has only numbers */
-	if (!empty($_POST["newuser_icq"])) {
-		if ((ereg("^[0-9]+$",$_POST["newuser_icq"]))==false) {
-			die (__("<strong>ERROR</strong>: your ICQ UIN can only be a number, no letters allowed"));
-			return false;
-		}
-	}
-
-	/* checking e-mail address */
-	if (empty($_POST["newuser_email"])) {
-		die (__("<strong>ERROR</strong>: please type your e-mail address"));
-		return false;
-	} else if (!is_email($_POST["newuser_email"])) {
-		die (__("<strong>ERROR</strong>: the e-mail address isn't correct"));
-		return false;
-	}
-
-	$pass1 = $_POST["pass1"];
-	$pass2 = $_POST["pass2"];
-	do_action('check_passwords', array($user_login, &$pass1, &$pass2));
-
-	if ( '' == $pass1 ) {
-		if ( '' != $pass2 )
-			die (__("<strong>ERROR</strong>: you typed your new password only once. Go back to type it twice."));
-		$updatepassword = "";
-	} else {
-		if ('' == $pass2)
-			die (__("<strong>ERROR</strong>: you typed your new password only once. Go back to type it twice."));
-		if ( $pass1 != $pass2 )
-			die (__("<strong>ERROR</strong>: you typed two different passwords. Go back to correct that."));
-		$newuser_pass = $pass1;
-		$updatepassword = "user_pass=MD5('$newuser_pass'), ";
-		wp_clearcookie();
-		wp_setcookie($user_login, $newuser_pass);
-	}
-
-	$newuser_firstname = wp_specialchars($_POST['newuser_firstname']);
-	$newuser_lastname = wp_specialchars($_POST['newuser_lastname']);
-	$newuser_nickname = $_POST['newuser_nickname'];
-	$newuser_nicename = sanitize_title($newuser_nickname);
-	$newuser_icq = wp_specialchars($_POST['newuser_icq']);
-	$newuser_aim = wp_specialchars($_POST['newuser_aim']);
-	$newuser_msn = wp_specialchars($_POST['newuser_msn']);
-	$newuser_yim = wp_specialchars($_POST['newuser_yim']);
-	$newuser_email = wp_specialchars($_POST['newuser_email']);
-	$newuser_url = wp_specialchars($_POST['newuser_url']);
-	$newuser_url = preg_match('/^(https?|ftps?|mailto|news|gopher):/is', $newuser_url) ? $newuser_url : 'http://' . $newuser_url; 
-	$newuser_idmode = wp_specialchars($_POST['newuser_idmode']);
-	$user_description = $_POST['user_description'];
-
-	$result = $wpdb->query("UPDATE $wpdb->users SET user_firstname='$newuser_firstname', $updatepassword user_lastname='$newuser_lastname', user_nickname='$newuser_nickname', user_icq='$newuser_icq', user_email='$newuser_email', user_url='$newuser_url', user_aim='$newuser_aim', user_msn='$newuser_msn', user_yim='$newuser_yim', user_idmode='$newuser_idmode', user_description = '$user_description', user_nicename = '$newuser_nicename' WHERE ID = $user_ID");
-
-	wp_redirect('profile.php?updated=true');
-break;
-
-case 'IErightclick':
-
-	$bookmarklet_height= 550;
-
-	?>
-
-	<div class="menutop">&nbsp;IE one-click bookmarklet</div>
-
-	<table width="100%" cellpadding="20">
-	<tr><td>
-
-	<p>To have a one-click bookmarklet, just copy and paste this<br />into a new text file:</p>
-	<?php
-	$regedit = "REGEDIT4\r\n[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Post To &WP : ". get_settings('blogname') ."]\r\n@=\"javascript:doc=external.menuArguments.document;Q=doc.selection.createRange().text;void(btw=window.open('". get_settings('siteurl') ."/wp-admin/bookmarklet.php?text='+escape(Q)+'".$bookmarklet_tbpb."&popupurl='+escape(doc.location.href)+'&popuptitle='+escape(doc.title),'bookmarklet','scrollbars=no,width=480,height=".$bookmarklet_height.",left=100,top=150,status=yes'));btw.focus();\"\r\n\"contexts\"=hex:31\"";
-	?>
-	<pre style="margin: 20px; background-color: #cccccc; border: 1px dashed #333333; padding: 5px; font-size: 12px;"><?php echo $regedit; ?></pre>
-	<p>Save it as wordpress.reg, and double-click on this file in an Explorer<br />
-	window. Answer Yes to the question, and restart Internet Explorer.<br /><br />
-	That's it, you can now right-click in an IE window and select <br />
-	'Post to WP' to make the bookmarklet appear. :)</p>
-
-	<p align="center">
-	  <form>
-		<input class="search" type="button" value="1" name="Close this window" />
-	  </form>
-	</p>
-	</td></tr>
-	</table>
-	<?php
-
-break;
-
-
-default:
+if ( current_user_can('edit_users') )
+	$parent_file = 'users.php';
+else
 	$parent_file = 'profile.php';
-	include_once('admin-header.php');
-	$profiledata=get_userdata($user_ID);
+include_once('admin-header.php');
+$profileuser = get_user_to_edit($user_ID);
 
-	$bookmarklet_height= 440;
+$bookmarklet_height= 440;
+?>
 
-if (isset($updated)) { ?>
-<div class="updated">
+<?php if ( isset($_GET['updated']) ) { ?>
+<div id="message" class="updated fade">
 <p><strong><?php _e('Profile updated.') ?></strong></p>
 </div>
 <?php } ?>
-<div class="wrap">
-<h2><?php _e('Profile'); ?></h2>
-<form name="profile" id="profile" action="profile.php" method="post">
-	<p>
-    <input type="hidden" name="action" value="update" />
-    <input type="hidden" name="checkuser_id" value="<?php echo $user_ID ?>" />
-  </p>
 
-  <table width="99%"  border="0" cellspacing="2" cellpadding="3" class="editform">
-    <tr>
-      <th width="33%" scope="row"><?php _e('Username:') ?></th>
-      <td width="67%"><?php echo $profiledata->user_login; ?></td>
-    </tr>
-    <tr>
-      <th scope="row"><?php _e('Level:') ?></th>
-      <td><?php echo $profiledata->user_level; ?></td>
-    </tr>
-    <tr>
-      <th scope="row"><?php _e('Posts:') ?></th>
-      <td>    <?php
-	$posts = get_usernumposts($user_ID);
-	echo $posts;
-	?></td>
-    </tr>
-    <tr>
-      <th scope="row"><?php _e('First name:') ?></th>
-      <td><input type="text" name="newuser_firstname" id="newuser_firstname" value="<?php echo $profiledata->user_firstname ?>" /></td>
-    </tr>
-    <tr>
-      <th scope="row"><?php _e('Last name:') ?></th>
-      <td><input type="text" name="newuser_lastname" id="newuser_lastname2" value="<?php echo $profiledata->user_lastname ?>" /></td>
-    </tr>
-    <tr>
-      <th scope="row"><?php _e('Nickname:') ?></th>
-      <td><input type="text" name="newuser_nickname" id="newuser_nickname2" value="<?php echo $profiledata->user_nickname ?>" /></td>
-    </tr>
-    <tr>
-      <th scope="row"><?php _e('How to display name:') ?> </th>
-      <td><select name="newuser_idmode">
-        <option value="nickname"<?php
-	if ($profiledata->user_idmode == 'nickname')
-	echo ' selected="selected"'; ?>><?php echo $profiledata->user_nickname ?></option>
-        <option value="login"<?php
-	if ($profiledata->user_idmode=="login")
-	echo ' selected="selected"'; ?>><?php echo $profiledata->user_login ?></option>
-	<?php if ( !empty( $profiledata->user_firstname ) ) : ?>
-        <option value="firstname"<?php
-	if ($profiledata->user_idmode=="firstname")
-	echo ' selected="selected"'; ?>><?php echo $profiledata->user_firstname ?></option>
-	<?php endif; ?>
-	<?php if ( !empty( $profiledata->user_lastname ) ) : ?>
-        <option value="lastname"<?php
-	if ($profiledata->user_idmode=="lastname")
-	echo ' selected="selected"'; ?>><?php echo $profiledata->user_lastname ?></option>
-	<?php endif; ?>
-	<?php if ( !empty( $profiledata->user_firstname ) && !empty( $profiledata->user_lastname ) ) : ?>
-        <option value="namefl"<?php
-	if ($profiledata->user_idmode=="namefl")
-	echo ' selected="selected"'; ?>><?php echo $profiledata->user_firstname." ".$profiledata->user_lastname ?></option>
-	<?php endif; ?>
-	<?php if ( !empty( $profiledata->user_firstname ) && !empty( $profiledata->user_lastname ) ) : ?>
-        <option value="namelf"<?php
-	if ($profiledata->user_idmode=="namelf")
-	echo ' selected="selected"'; ?>><?php echo $profiledata->user_lastname." ".$profiledata->user_firstname ?></option>
-	<?php endif; ?>
-      </select>        </td>
-    </tr>
-    <tr>
-      <th scope="row"><?php _e('E-mail:') ?></th>
-      <td><input type="text" name="newuser_email" id="newuser_email2" value="<?php echo $profiledata->user_email ?>" /></td>
-    </tr>
-    <tr>
-      <th scope="row"><?php _e('Website:') ?></th>
-      <td><input type="text" name="newuser_url" id="newuser_url2" value="<?php echo $profiledata->user_url ?>" /></td>
-    </tr>
-    <tr>
-      <th scope="row"><?php _e('ICQ:') ?></th>
-      <td><input type="text" name="newuser_icq" id="newuser_icq2" value="<?php if ($profiledata->user_icq > 0) { echo $profiledata->user_icq; } ?>" /></td>
-    </tr>
-    <tr>
-      <th scope="row"><?php _e('AIM:') ?></th>
-      <td><input type="text" name="newuser_aim" id="newuser_aim2" value="<?php echo $profiledata->user_aim ?>" /></td>
-    </tr>
-    <tr>
-      <th scope="row"><?php _e('MSN IM:') ?> </th>
-      <td><input type="text" name="newuser_msn" id="newuser_msn2" value="<?php echo $profiledata->user_msn ?>" /></td>
-    </tr>
-    <tr>
-      <th scope="row"><?php _e('Yahoo IM:') ?> </th>
-      <td>        <input type="text" name="newuser_yim" id="newuser_yim2" value="<?php echo $profiledata->user_yim ?>" />      </td>
-    </tr>
-    <tr>
-      <th scope="row"><?php _e('Profile:') ?></th>
-      <td><textarea name="user_description" rows="5" id="textarea2" style="width: 99%; "><?php echo $profiledata->user_description ?></textarea></td>
-    </tr>
+<div class="wrap">
+<h2><?php _e('Your Profile and Personal Options'); ?></h2>
+<form name="profile" id="your-profile" action="profile-update.php" method="post">
+<?php wp_nonce_field('update-profile_' . $user_ID) ?>
+<p>
+<input type="hidden" name="from" value="profile" />
+<input type="hidden" name="checkuser_id" value="<?php echo $user_ID ?>" />
+</p>
+
+<h3><?php _e('Personal Options'); ?></h3>
+
+<?php if ( rich_edit_exists() ) : // don't bother showing the option if the editor has been removed ?>
+<p><label for="rich_editing"><input name="rich_editing" type="checkbox" id="rich_editing" value="true" <?php checked('true', get_user_option('rich_editing')); ?> />
+<?php _e('Use the visual editor when writing') ?></label></p>
+<?php endif; ?>
+
+<?php do_action('profile_personal_options'); ?>
+
+<p class="submit"><input type="submit" value="<?php _e('Update Profile &raquo;') ?>" name="submit" /></p>
+
+<fieldset>
+<legend><?php _e('Name'); ?></legend>
+<p><label><?php _e('Username: (no editing)'); ?><br />
+<input type="text" name="user_login" value="<?php echo $profileuser->user_login; ?>" disabled="disabled" />
+</label></p>
+
+<p><label><?php _e('First name:') ?><br />
+<input type="text" name="first_name" value="<?php echo $profileuser->first_name ?>" /></label></p>
+
+<p><label><?php _e('Last name:') ?><br />
+<input type="text" name="last_name"  value="<?php echo $profileuser->last_name ?>" /></label></p>
+
+<p><label><?php _e('Nickname:') ?><br />
+<input type="text" name="nickname" value="<?php echo $profileuser->nickname ?>" /></label></p>
+
+<p><label><?php _e('Display name publicly as:') ?> <br />
+<select name="display_name">
+<option value="<?php echo $profileuser->display_name; ?>"><?php echo $profileuser->display_name; ?></option>
+<option value="<?php echo $profileuser->nickname ?>"><?php echo $profileuser->nickname ?></option>
+<option value="<?php echo $profileuser->user_login ?>"><?php echo $profileuser->user_login ?></option>
+<?php if ( !empty( $profileuser->first_name ) ) : ?>
+<option value="<?php echo $profileuser->first_name ?>"><?php echo $profileuser->first_name ?></option>
+<?php endif; ?>
+<?php if ( !empty( $profileuser->last_name ) ) : ?>
+<option value="<?php echo $profileuser->last_name ?>"><?php echo $profileuser->last_name ?></option>
+<?php endif; ?>
+<?php if ( !empty( $profileuser->first_name ) && !empty( $profileuser->last_name ) ) : ?>
+<option value="<?php echo $profileuser->first_name." ".$profileuser->last_name ?>"><?php echo $profileuser->first_name." ".$profileuser->last_name ?></option>
+<option value="<?php echo $profileuser->last_name." ".$profileuser->first_name ?>"><?php echo $profileuser->last_name." ".$profileuser->first_name ?></option>
+<?php endif; ?>
+</select></label></p>
+</fieldset>
+
+<fieldset>
+<legend><?php _e('Contact Info'); ?></legend>
+
+<p><label><?php _e('E-mail: (required)') ?><br />
+<input type="text" name="email" value="<?php echo $profileuser->user_email ?>" /></label></p>
+
+<p><label><?php _e('Website:') ?><br />
+<input type="text" name="url" value="<?php echo $profileuser->user_url ?>" />
+</label></p>
+
+<p><label><?php _e('AIM:') ?><br />
+<input type="text" name="aim" value="<?php echo $profileuser->aim ?>" />
+</label></p>
+
+<p><label><?php _e('Yahoo IM:') ?><br />
+<input type="text" name="yim" value="<?php echo $profileuser->yim ?>" />
+</label></p>
+
+<p><label><?php _e('Jabber / Google Talk:') ?><br />
+<input type="text" name="jabber" value="<?php echo $profileuser->jabber ?>" /></label>
+</p>
+</fieldset>
+<br clear="all" />
+<fieldset>
+<legend><?php _e('About Yourself'); ?></legend>
+<p class="desc"><?php _e('Share a little biographical information. '); ?></p>
+<p><textarea name="description" rows="5" cols="30"><?php echo $profileuser->description ?></textarea></p>
+</fieldset>
+
 <?php
 $show_password_fields = apply_filters('show_password_fields', true);
 if ( $show_password_fields ) :
 ?>
-    <tr>
-      <th scope="row"><?php _e('New <strong>Password</strong> (Leave blank to stay the same.)') ?></th>
-      <td><input type="password" name="pass1" size="16" value="" />
-      	<br />
-        <input type="password" name="pass2" size="16" value="" /></td>
-    </tr>
+<fieldset>
+<legend><?php _e('Update Your Password'); ?></legend>
+<p class="desc"><?php _e('If you would like to change your password type a new one twice below. Otherwise leave this blank.'); ?></p>
+<p><label><?php _e('New Password:'); ?><br />
+<input type="password" name="pass1" size="16" value="" />
+</label></p>
+<p><label><?php _e('Type it one more time:'); ?><br />
+<input type="password" name="pass2" size="16" value="" />
+</label></p>
+</fieldset>
 <?php endif; ?>
+
+<?php do_action('show_user_profile'); ?>
+
+<br clear="all" />
+
+	<table width="99%"  border="0" cellspacing="2" cellpadding="3" class="editform">
+		<?php
+		if(count($profileuser->caps) > count($profileuser->roles)):
+		?>
+		<tr>
+			<th scope="row"><?php _e('Additional Capabilities:') ?></th>
+			<td><?php
+			$output = '';
+			foreach($profileuser->caps as $cap => $value) {
+				if(!$wp_roles->is_role($cap)) {
+					if($output != '') $output .= ', ';
+					$output .= $value ? $cap : "Denied: {$cap}";
+				}
+			}
+			echo $output;
+			?></td>
+    </tr>
+    <?php
+    endif;
+    ?>
   </table>
-  <p class="submit">
-    <input type="submit" value="<?php _e('Update Profile &raquo;') ?>" name="submit" />
-  </p>
+<p class="submit"><input type="submit" value="<?php _e('Update Profile &raquo;') ?>" name="submit" /></p>
 </form>
+
 </div>
 
-
-<?php if ($is_gecko && $profiledata->user_level != 0) { ?>
-<div class="wrap">
-    <script type="text/javascript">
-//<![CDATA[
-function addPanel()
-        {
-          if ((typeof window.sidebar == "object") && (typeof window.sidebar.addPanel == "function"))
-            window.sidebar.addPanel("WordPress Post: <?php echo get_settings('blogname'); ?>","<?php echo get_settings('siteurl'); ?>/wp-admin/sidebar.php","");
-          else
-            alert(<?php __("'No Sidebar found!  You must use Mozilla 0.9.4 or later!'") ?>);
-        }
-//]]>
-</script>
-    <strong><?php _e('SideBar') ?></strong><br />
-    <?php _e('Add the <a href="#" onclick="addPanel()">WordPress Sidebar</a>!') ?> 
-    <?php } elseif (($is_winIE) || ($is_macIE)) { ?>
-    <strong><?php _e('SideBar') ?></strong><br />
-    <?php __('Add this link to your favorites:') ?><br />
-<a href="javascript:Q='';if(top.frames.length==0)Q=document.selection.createRange().text;void(_search=open('<?php echo get_settings('siteurl');
-	 ?>/wp-admin/sidebar.php?text='+escape(Q)+'&popupurl='+escape(location.href)+'&popuptitle='+escape(document.title),'_search'))"><?php _e('WordPress Sidebar') ?></a>. 
-    
-</div>
-<?php } ?>
-</div>
-	<?php
-
-break;
-}
-
-/* </Profile | My Profile> */
-include('admin-footer.php');
- ?>
+<?php include('admin-footer.php'); ?>

wp-admin/rtl.css

@@ -0,0 +1,247 @@
+#viewarc, #viewcat, #namediv, #emaildiv, #uridiv, #planetnews li, #login ul li, #your-profile fieldset, #footer .logo, .alignleft .available-theme {
+	float: right;
+	}
+
+#templateside, .alignright {
+	float: left;
+	}
+
+#login #send, .readmore, .widefat th {
+	text-align: right;
+	}
+
+#postcustomsubmit, form#upload th, .submit, .editform th {
+	text-align: left;
+	}
+
+#devnews h4, #wphead h1, #your-profile legend, fieldset.options legend, #planetnews li .post {
+	font-family: Tahoma, Georgia, "Times New Roman", Times, serif;
+	}
+
+#wphead {
+	padding: .8em 2em .8em 19em;
+	}
+
+#wphead h1 {
+	font-size: 2.4em;
+	}
+
+#postdiv, #titlediv, #guiddiv, #tagdiv {
+	margin: 0 0 0 8px;
+	}
+
+#ed_toolbar input {
+	margin: 3px 0 2px 2px;
+	}
+
+#edButtons input, #edButtons input:active {
+	margin: 0px 0 -1px 2px;
+	}
+
+body, td {
+	font: 13px Tahoma, "Lucida Grande", "Lucida Sans Unicode", Verdana;
+	}
+
+h1, h2, h3, h4, h5 {
+	font-family: "Times New Roman", Times, serif;
+	}
+h3.dbx-handle {
+	font-family: tahoma, Verdana, Arial, Helvetica, sans-serif;
+	}
+
+textarea, input, select {
+	font:  13px Tahoma, Verdana, Arial, Helvetica, sans-serif;
+	}
+
+.quicktags, .search {
+	font: 12px Tahoma, Georgia, "Times New Roman", Times, serif;
+	}
+
+.updated, .confirm {
+	padding: 0 3em 0 1em;
+	}
+
+.submit input, .submit input:focus, .button, .button:focus {
+	border-left-color: #999;
+	border-right-color: #ccc;
+	}
+
+.submit input:active, .button:active {
+	border-left-color: #ccc;
+	border-right-color: #999;
+	}
+
+#adminmenu {
+	padding: .2em 2em .3em .2em;
+	height: 28px;
+	}
+
+#adminmenu a {
+	margin: 0 0 0 10px;
+	display: block;
+	float: right;
+	font: 700 16px/130% "Times New Roman", Times, serif;
+	}
+
+#adminmenu a.current {
+	border-right: 0;
+	border-left: 2px solid #4f96c8;
+	}
+
+#submenu, #minisub {
+	padding: 1px 3em 0 2em;
+	}
+
+#submenu {
+	height: 28px;
+	}
+
+#submenu a {
+	margin: 0 0 0 10px;
+	display: block;
+	float: right;
+	line-height: 155%;
+	}
+
+#submenu .current {
+	border-right: 0;
+	border-left: 2px solid #045290;
+	}
+
+#currenttheme img {
+	float: right;
+	margin-right: auto;
+	margin-left: 1em;
+	}
+
+#postdiv #quicktags {
+	padding-right: 0;
+	padding-left: 6px;
+	}
+
+.readmore {
+	margin-right: auto;
+	margin-left: 5em;
+	}
+
+#postexcerpt div, #attachmentlinks div {
+	margin-right: auto;
+	margin-left: 8px;
+	}
+
+* html #postexcerpt .dbx-toggle-open {
+	padding-right: 0;
+	padding-left: 8px;
+	}
+
+#searchform {
+	float: right;
+	margin-right: auto;
+	margin-left: 1em;
+	}
+
+#poststuff {
+	margin-right: auto;
+	margin-left: 16em;
+	}
+
+#template div {
+	margin-right: auto;
+	margin-left: 190px;
+	}
+
+* html #template div {
+	margin-right: auto;
+	margin-left: 0px;
+	}
+
+#user_info {
+	right: auto;
+	left: 1em;
+	}
+	
+#zeitgeist {
+	float: left;
+	margin-left: auto;
+	margin-right: 1em;
+	}
+
+#zeitgeist ul {
+	margin: 0 .6em .3em 0;
+	padding: 0 .6em 0 0;
+	}
+
+.wrap ul {
+	margin-left: 500px;
+	}
+
+#categorydiv ul {
+	margin-left: auto;
+	margin-right: 10px;
+	}
+
+#moremeta {
+	margin-right: 0;
+	margin-left: 15px;
+	right: auto;
+	left: 6%;
+	}
+	
+#moremeta .dbx-content {
+	background: url(images/box-butt.gif) no-repeat bottom left;
+	padding-right: 10px;
+	padding-left: 0;
+	text-align: right;
+	}
+	
+#moremeta .dbx-handle {
+	background: #2685af url(images/box-head.gif) no-repeat left;
+	margin-top: -2px;
+	}
+
+#moremeta .dbx-box {
+	background: url(images/box-bg.gif) repeat-y left;
+	padding-bottom: 0;
+	}
+
+a.dbx-toggle, a.dbx-toggle:visited {
+	right: auto;
+	left: 2px;
+	}
+
+
+#categorychecklist {
+	margin-right: auto;
+	margin-left: 6px;
+	}
+
+#ajax-response.alignleft {
+	margin-left: auto;
+	margin-right: 2em;
+	}
+
+#postdivrich #edButtons {
+	padding-left: 0;
+	padding-right: 3px;
+	}
+
+.page-numbers {
+	margin-right: auto;
+	margin-left: 3px;
+	}
+
+a.view-link {
+	right:auto;
+	left:5%;
+	margin-right:0;
+	margin-left:220px;
+	}
+#advancedstuff {
+	direction: ltr;
+	}
+#advancedstuff .dbx-handle {
+	text-align: right;
+	}
+#advancedstuff .dbx-content * {
+	direction: rtl;
+	}

wp-admin/setup-config.php

@@ -1,17 +1,18 @@
 <?php
 define('WP_INSTALLING', true);
 
-if (file_exists('../wp-config.php')) 
-	die("The file 'wp-config.php' already exists. If you need to reset any of the configuration items in this file, please delete it first. You may try <a href='install.php'>installing now</a>.");
-
 if (!file_exists('../wp-config-sample.php'))
-    die('Sorry, I need a wp-config-sample.php file to work from. Please re-upload this file from your WordPress installation.');
+	die('Sorry, I need a wp-config-sample.php file to work from. Please re-upload this file from your WordPress installation.');
+
 $configFile = file('../wp-config-sample.php');
 
 if (!is_writable('../')) die("Sorry, I can't write to the directory. You'll have to either change the permissions on your WordPress directory or create your wp-config.php manually.");
 
-$step = 0;
-if(isset($_GET['step'])) $step = $_GET['step'];
+
+if (isset($_GET['step']))
+	$step = $_GET['step'];
+else
+	$step = 0;
 header( 'Content-Type: text/html; charset=utf-8' );
 ?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
@@ -20,137 +21,168 @@ header( 'Content-Type: text/html; charset=utf-8' );
 <title>WordPress &rsaquo; Setup Configuration File</title>
 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
 <style media="screen" type="text/css">
-    <!--
+	<!--
+	html {
+		background: #eee;
+	}
 	body {
+		background: #fff;
+		color: #000;
 		font-family: Georgia, "Times New Roman", Times, serif;
-		margin-left: 15%;
-		margin-right: 15%;
+		margin-left: 20%;
+		margin-right: 20%;
+		padding: .2em 2em;
+	}
+
+	h1 {
+		color: #006;
+		font-size: 18px;
+		font-weight: lighter;
+	}
+
+	h2 {
+		font-size: 16px;
+	}
+
+	p, li, dt {
+		line-height: 140%;
+		padding-bottom: 2px;
+	}
+
+	ul, ol {
+		padding: 5px 5px 5px 20px;
 	}
 	#logo {
-		margin: 0;
-		padding: 0;
-		background-image: url(http://wordpress.org/images/logo.png);
-		background-repeat: no-repeat;
-		height: 60px;
-		border-bottom: 4px solid #333;
+		margin-bottom: 2em;
 	}
-	#logo a {
-		display: block;
-		height: 60px;
+	.step a, .step input {
+		font-size: 2em;
 	}
-	#logo a span {
-		display: none;
+	td input {
+		font-size: 1.5em;
 	}
-	p, li {
-		line-height: 140%;
+	.step, th {
+		text-align: right;
 	}
-    -->
+	#footer {
+		text-align: center;
+		border-top: 1px solid #ccc;
+		padding-top: 1em;
+		font-style: italic;
+	}
+	-->
 	</style>
 </head>
-<body> 
-<h1 id="logo"><a href="http://wordpress.org"><span>WordPress</span></a></h1> 
+<body>
+<h1 id="logo"><img alt="WordPress" src="images/wordpress-logo.png" /></h1>
 <?php
+// Check if wp-config.php has been created
+if (file_exists('../wp-config.php'))
+	die("<p>The file 'wp-config.php' already exists. If you need to reset any of the configuration items in this file, please delete it first. You may try <a href='install.php'>installing now</a>.</p></body></html>");
 
 switch($step) {
 	case 0:
-?> 
-<p>Welcome to WordPress. Before getting started, we need some information on the database. You will need to know the following items before proceeding.</p> 
-<ol> 
-  <li>Database name</li> 
-  <li>Database username</li> 
-  <li>Database password</li> 
-  <li>Database host</li> 
-  <li>Table prefix (if you want to run more than one WordPress in a single database) </li>
-</ol> 
+?>
+
+<p>Welcome to WordPress. Before getting started, we need some information on the database. You will need to know the following items before proceeding.</p>
+<ol>
+	<li>Database name</li>
+	<li>Database username</li>
+	<li>Database password</li>
+	<li>Database host</li>
+	<li>Table prefix (if you want to run more than one WordPress in a single database) </li>
+</ol>
 <p><strong>If for any reason this automatic file creation doesn't work, don't worry. All this does is fill in the database information to a configuration file. You may also simply open <code>wp-config-sample.php</code> in a text editor, fill in your information, and save it as <code>wp-config.php</code>. </strong></p>
 <p>In all likelihood, these items were supplied to you by your ISP. If you do not have this information, then you will need to contact them before you can continue. If you&#8217;re all ready, <a href="setup-config.php?step=1">let&#8217;s go</a>! </p>
 <?php
 	break;
 
 	case 1:
-	?> 
-</p> 
-<form method="post" action="setup-config.php?step=2"> 
-  <p>Below you should enter your database connection details. If you're not sure about these, contact your host. </p>
-  <table> 
-    <tr> 
-      <th scope="row">Database Name</th> 
-      <td><input name="dbname" type="text" size="45" value="wordpress" /></td> 
-      <td>The name of the database you want to run WP in. </td> 
-    </tr> 
-    <tr> 
-      <th scope="row">User Name</th> 
-      <td><input name="uname" type="text" size="45" value="username" /></td> 
-      <td>Your MySQL username</td> 
-    </tr> 
-    <tr> 
-      <th scope="row">Password</th> 
-      <td><input name="pwd" type="text" size="45" value="password" /></td> 
-      <td>...and MySQL password.</td> 
-    </tr> 
-    <tr> 
-      <th scope="row">Database Host</th> 
-      <td><input name="dbhost" type="text" size="45" value="localhost" /></td> 
-      <td>99% chance you won't need to change this value.</td> 
-    </tr>
-    <tr>
-      <th scope="row">Table Prefix</th>
-      <td><input name="prefix" type="text" id="prefix" value="wp_" size="45" /></td>
-      <td>If you want to run multiple WordPress installations in a single database, change this.</td>
-    </tr> 
-  </table> 
-  <input name="submit" type="submit" value="Submit" /> 
-</form> 
+	?>
+</p>
+<form method="post" action="setup-config.php?step=2">
+	<p>Below you should enter your database connection details. If you're not sure about these, contact your host. </p>
+	<table>
+		<tr>
+			<th scope="row">Database Name</th>
+			<td><input name="dbname" type="text" size="25" value="wordpress" /></td>
+			<td>The name of the database you want to run WP in. </td>
+		</tr>
+		<tr>
+			<th scope="row">User Name</th>
+			<td><input name="uname" type="text" size="25" value="username" /></td>
+			<td>Your MySQL username</td>
+		</tr>
+		<tr>
+			<th scope="row">Password</th>
+			<td><input name="pwd" type="text" size="25" value="password" /></td>
+			<td>...and MySQL password.</td>
+		</tr>
+		<tr>
+			<th scope="row">Database Host</th>
+			<td><input name="dbhost" type="text" size="25" value="localhost" /></td>
+			<td>99% chance you won't need to change this value.</td>
+		</tr>
+		<tr>
+			<th scope="row">Table Prefix</th>
+			<td><input name="prefix" type="text" id="prefix" value="wp_" size="25" /></td>
+			<td>If you want to run multiple WordPress installations in a single database, change this.</td>
+		</tr>
+	</table>
+	<h2 class="step">
+	<input name="submit" type="submit" value="Submit" />
+	</h2>
+</form>
 <?php
 	break;
-	
+
 	case 2:
-	$dbname = $_POST['dbname'];
-    $uname = $_POST['uname'];
-    $passwrd = $_POST['pwd'];
-    $dbhost = $_POST['dbhost'];
-	$prefix = $_POST['prefix'];
+	$dbname  = trim($_POST['dbname']);
+	$uname   = trim($_POST['uname']);
+	$passwrd = trim($_POST['pwd']);
+	$dbhost  = trim($_POST['dbhost']);
+	$prefix  = trim($_POST['prefix']);
 	if (empty($prefix)) $prefix = 'wp_';
 
-    // Test the db connection.
-    define('DB_NAME', $dbname);
-    define('DB_USER', $uname);
-    define('DB_PASSWORD', $passwrd);
-    define('DB_HOST', $dbhost);
+	// Test the db connection.
+	define('DB_NAME', $dbname);
+	define('DB_USER', $uname);
+	define('DB_PASSWORD', $passwrd);
+	define('DB_HOST', $dbhost);
 
-    // We'll fail here if the values are no good.
-    require_once('../wp-includes/wp-db.php');
+	// We'll fail here if the values are no good.
+	require_once('../wp-includes/wp-db.php');
 	$handle = fopen('../wp-config.php', 'w');
 
-    foreach ($configFile as $line_num => $line) {
-        switch (substr($line,0,16)) {
-            case "define('DB_NAME'":
-                fwrite($handle, str_replace("wordpress", $dbname, $line));
-                break;
-            case "define('DB_USER'":
-                fwrite($handle, str_replace("'username'", "'$uname'", $line));
-                break;
-            case "define('DB_PASSW":
-                fwrite($handle, str_replace("'password'", "'$passwrd'", $line));
-                break;
-            case "define('DB_HOST'":
-                fwrite($handle, str_replace("localhost", $dbhost, $line));
-                break;
+	foreach ($configFile as $line_num => $line) {
+		switch (substr($line,0,16)) {
+			case "define('DB_NAME'":
+				fwrite($handle, str_replace("putyourdbnamehere", $dbname, $line));
+				break;
+			case "define('DB_USER'":
+				fwrite($handle, str_replace("'usernamehere'", "'$uname'", $line));
+				break;
+			case "define('DB_PASSW":
+				fwrite($handle, str_replace("'yourpasswordhere'", "'$passwrd'", $line));
+				break;
+			case "define('DB_HOST'":
+				fwrite($handle, str_replace("localhost", $dbhost, $line));
+				break;
 			case '$table_prefix  =':
 				fwrite($handle, str_replace('wp_', $prefix, $line));
 				break;
-            default:
-                fwrite($handle, $line);
-        }
-    }
-    fclose($handle);
+			default:
+				fwrite($handle, $line);
+		}
+	}
+	fclose($handle);
 	chmod('../wp-config.php', 0666);
-?> 
-<p>All right sparky! You've made it through this part of the installation. WordPress can now communicate with your database. If you are ready, time now to <a href="install.php">run the install!</a></p> 
+?>
+<p>All right sparky! You've made it through this part of the installation. WordPress can now communicate with your database. If you are ready, time now to <a href="install.php">run the install!</a></p>
 <?php
 	break;
-
 }
-?> 
+?>
+<p id="footer"><a href="http://wordpress.org/">WordPress</a>, personal publishing platform.</p>
 </body>
 </html>

wp-admin/sidebar.php

@@ -3,10 +3,8 @@ $mode = 'sidebar';
 
 require_once('admin.php');
 
-get_currentuserinfo();
-
-if ($user_level == 0)
-	die ("Cheatin' uh ?");
+if ( ! current_user_can('edit_posts') )
+	wp_die(__('Cheatin’ uh?'));
 
 if ('b' == $_GET['a']) {
 
@@ -36,21 +34,21 @@ form {
 	padding: 3px;
 }
 .sidebar-categories {
-    display: block;
-    height: 6.6em;
-    overflow: auto;
-    background-color: #f4f4f4;
+	display: block;
+	height: 6.6em;
+	overflow: auto;
+	background-color: #f4f4f4;
 }
 .sidebar-categories label {
 	font-size: 10px;
-    display: block;
-    width: 90%;
+	display: block;
+	width: 90%;
 }
 </style>
 </head>
 <body id="sidebar">
-<h1 id="wphead"><a href="http://wordpress.org" rel="external">WordPress</a></h1>
-<form name="post" action="post.php" method="POST">
+<h1 id="wphead"><a href="http://wordpress.org/" rel="external">WordPress</a></h1>
+<form name="post" action="post.php" method="post">
 <div><input type="hidden" name="action" value="post" />
 <input type="hidden" name="user_ID" value="<?php echo $user_ID ?>" />
 <input type="hidden" name="mode" value="sidebar" />
@@ -67,9 +65,10 @@ Post:
 <textarea rows="8" cols="12" style="width: 100%" name="content" tabindex="2"></textarea>
 </p>
 <p>
-    <input name="saveasdraft" type="submit" id="saveasdraft" tabindex="9" value="Save as Draft" /> 
-    <input name="publish" type="submit" id="publish" tabindex="6" style="font-weight: bold;" value="Publish" /> 
-  
+	<input name="saveasdraft" type="submit" id="saveasdraft" tabindex="9" value="Save as Draft" />
+<?php if ( current_user_can('publish_posts') ) : ?>
+	<input name="publish" type="submit" id="publish" tabindex="6" style="font-weight: bold;" value="Publish" />
+<?php endif; ?>
 </p>
 </div>
 </form>

wp-admin/templates.php

@@ -3,21 +3,7 @@ require_once('admin.php');
 $title = __('Template & File Editing');
 $parent_file = 	'edit.php';
 
-$wpvarstoreset = array('action','redirect','profile','error','warning','a','file');
-for ($i=0; $i<count($wpvarstoreset); $i += 1) {
-	$wpvar = $wpvarstoreset[$i];
-	if (!isset($$wpvar)) {
-		if (empty($_POST["$wpvar"])) {
-			if (empty($_GET["$wpvar"])) {
-				$$wpvar = '';
-			} else {
-				$$wpvar = $_GET["$wpvar"];
-			}
-		} else {
-			$$wpvar = $_POST["$wpvar"];
-		}
-	}
-}
+wp_reset_vars(array('action', 'redirect', 'profile', 'error', 'warning', 'a', 'file'));
 
 $recents = get_option('recently_edited');
 
@@ -36,18 +22,23 @@ switch($action) {
 
 case 'update':
 
-	if ($user_level < 5) {
-		die(__('<p>You have do not have sufficient permissions to edit templates for this blog.</p>'));
-	}
+	check_admin_referer('edit-file_' . $file);
+
+	if ( ! current_user_can('edit_files') )
+		wp_die('<p>'.__('You do not have sufficient permissions to edit templates for this blog.').'</p>');
 
 	$newcontent = stripslashes($_POST['newcontent']);
 	if (is_writeable($real_file)) {
-		$f = fopen($real_file, 'w+');
-		fwrite($f, $newcontent);
-		fclose($f);
-		header("Location: templates.php?file=$file&a=te");
+		$f = @ fopen($real_file, 'w+');
+		if ( $f ) {
+			fwrite($f, $newcontent);
+			fclose($f);
+			wp_redirect("templates.php?file=$file&a=te");
+		} else {
+			wp_redirect("templates.php?file=$file&a=err");
+		}
 	} else {
-		header("Location: templates.php?file=$file");
+		wp_redirect("templates.php?file=$file&a=err");
 	}
 
 	exit();
@@ -57,28 +48,41 @@ break;
 default:
 
 	require_once('./admin-header.php');
-	if ( $user_level <= 5 )
-		die(__('<p>You have do not have sufficient permissions to edit templates for this blog.</p>'));
 
-	if ( strstr( $file, 'wp-config.php' ) )
-		die( __('<p>The config file cannot be edited or viewed through the web interface. Sorry!</p>') );
+	if ( ! current_user_can('edit_files') )
+		wp_die('<p>'.__('You do not have sufficient permissions to edit templates for this blog.').'</p>');
+
+	if (strpos($file, 'wp-config.php') !== false)
+	wp_die('<p>'.__('The config file cannot be edited or viewed through the web interface. Sorry!').'</p>');
 
 	update_recently_edited($file);
 
 	if (!is_file($real_file))
-		$error = 1;
-	
+		$error = true;
+
 	if (!$error) {
-		$f = fopen($real_file, 'r');
-		$content = fread($f, filesize($real_file));
-		$content = htmlspecialchars($content);
+		$f = @ fopen($real_file, 'r');
+		if ( $f ) {
+			if ( filesize($real_file ) > 0 ) {
+				$content = fread($f, filesize($real_file));
+				$content = htmlspecialchars($content);
+			} else {
+				$content = '';
+			}
+		} else {
+			$error = true;
+		}
 	}
 
 	?>
 <?php if (isset($_GET['a'])) : ?>
- <div class="updated"><p><?php _e('File edited successfully.') ?></p></div>
+	<?php if ( 'err' == $_GET['a'] ) : ?>
+ <div id="message" class="error"><p><?php _e('Could not save file.') ?></p></div>
+	<?php else: ?>
+ <div id="message" class="updated fade"><p><?php _e('File edited successfully.') ?></p></div>
+	<?php endif; ?>
 <?php endif; ?>
- <div class="wrap"> 
+ <div class="wrap">
 <?php
 if (is_writeable($real_file)) {
 	echo '<h2>' . sprintf(__('Editing <strong>%s</strong>'), wp_specialchars($file) ) . '</h2>';
@@ -87,14 +91,14 @@ if (is_writeable($real_file)) {
 }
 ?>
 <div id="templateside">
-<?php 
-if ( $recents ) : 
+<?php
+if ( $recents ) :
 ?>
 <h3><?php _e('Recent'); ?></h3>
 <?php
 echo '<ol>';
 foreach ($recents as $recent) :
-	echo "<li><a href='templates.php?file=$recent'>" . get_file_description(basename($recent)) . "</a></li>";
+	echo "<li><a href='templates.php?file=" . attribute_escape($recent) . "'>" . wp_specialchars(get_file_description(basename($recent))) . "</a></li>";
 endforeach;
 echo '</ol>';
 endif;
@@ -106,49 +110,51 @@ endif;
 	 if (file_exists(ABSPATH . $old_file))
 		 $common_files[] = $old_file;
  } ?>
-  <ul>
-	 <?php foreach ($common_files as $common_file) : ?>
-	  <li><a href="templates.php?file=<?php echo $common_file?>"><?php echo get_file_description($common_file); ?></a></li>
-	 <?php endforeach; ?>
-  </ul>
+<ul>
+	<?php foreach ($common_files as $common_file) : ?>
+		<li><a href="templates.php?file=<?php echo $common_file?>"><?php echo get_file_description($common_file); ?></a></li>
+	<?php endforeach; ?>
+</ul>
 </div>
 <?php if (!$error) { ?>
-  <form name="template" id="template" action="templates.php" method="post"> 
-     <div><textarea cols="70" rows="25" name="newcontent" id='newcontent' tabindex="1"><?php echo $content ?></textarea> 
-     <input type="hidden" name="action" value="update" /> 
-     <input type="hidden" name="file" value="<?php echo $file ?>" /> 
-</div>
+	<form name="template" id="template" action="templates.php" method="post">
+	<?php wp_nonce_field('edit-file_' . $file) ?>
+		<div><textarea cols="70" rows="25" name="newcontent" id='newcontent' tabindex="1"><?php echo $content ?></textarea>
+		<input type="hidden" name="action" value="update" />
+		<input type="hidden" name="file" value="<?php echo $file ?>" />
+		</div>
 <?php if ( is_writeable($real_file) ) : ?>
-     <p class="submit">
+	<p class="submit">
 <?php
-	echo "<input type='submit' name='submit' value='	" . __('Update File') . " &raquo;' tabindex='2' />";
+	echo "<input type='submit' name='submit' value='	" . __('Update File &raquo;') . "' tabindex='2' />";
 ?>
 </p>
 <?php else : ?>
-<p><em><?php _e('If this file was writable you could edit it.'); ?></em></p>
+<p><em><?php _e('If this file were writable you could edit it.'); ?></em></p>
 <?php endif; ?>
-   </form> 
-  <?php
+	</form>
+	<?php
 	} else {
 		echo '<div class="error"><p>' . __('Oops, no such file exists! Double check the name and try again, merci.') . '</p></div>';
 	}
 	?>
+<div class="clear"> &nbsp; </div>
 </div>
 <div class="wrap">
 <h2><?php _e('Other Files') ?></h2>
 
-  <p><?php _e('To edit a file, type its name here. You can edit any file <a href="http://codex.wordpress.org/Changing_File_Permissions" title="Read more about making files writable">writable by the server</a>, e.g. CHMOD 666.') ?></p> 
-  <form name="file" action="templates.php" method="get"> 
-    <input type="text" name="file" /> 
-    <input type="submit" name="submit"  value="<?php _e('Edit file &raquo;') ?>" /> 
-  </form> 
+	<p><?php _e('To edit a file, type its name here. You can edit any file <a href="http://codex.wordpress.org/Changing_File_Permissions" title="Read more about making files writable">writable by the server</a>, e.g. CHMOD 666.') ?></p>
+	<form name="file" action="templates.php" method="get">
+		<input type="text" name="file" />
+		<input type="submit" name="submit"  value="<?php _e('Edit file &raquo;') ?>" />
+	</form>
 
-  <p><?php _e('Note: of course, you can also edit the files/templates in your text editor of choice and upload them. This online editor is only meant to be used when you don&#8217;t have access to a text editor or FTP client.') ?></p>
-</div> 
+	<p><?php _e('Note: of course, you can also edit the files/templates in your text editor of choice and upload them. This online editor is only meant to be used when you don&#8217;t have access to a text editor or FTP client.') ?></p>
+</div>
 <?php
 
 break;
 }
 
 include("admin-footer.php");
-?>
+?>

wp-admin/theme-editor.php

@@ -4,21 +4,7 @@ require_once('admin.php');
 $title = __("Edit Themes");
 $parent_file = 'themes.php';
 
-$wpvarstoreset = array('action','redirect','profile','error','warning','a','file', 'theme');
-for ($i=0; $i<count($wpvarstoreset); $i += 1) {
-	$wpvar = $wpvarstoreset[$i];
-	if (!isset($$wpvar)) {
-		if (empty($_POST["$wpvar"])) {
-			if (empty($_GET["$wpvar"])) {
-				$$wpvar = '';
-			} else {
-				$$wpvar = $_GET["$wpvar"];
-			}
-		} else {
-			$$wpvar = $_POST["$wpvar"];
-		}
-	}
-}
+wp_reset_vars(array('action', 'redirect', 'profile', 'error', 'warning', 'a', 'file', 'theme'));
 
 $themes = get_themes();
 
@@ -30,7 +16,7 @@ if (empty($theme)) {
 
 
 if ( ! isset($themes[$theme]) )
-	die(__('The requested theme does not exist.'));
+	wp_die(__('The requested theme does not exist.'));
 
 $allowed_files = array_merge($themes[$theme]['Stylesheet Files'], $themes[$theme]['Template Files']);
 
@@ -41,13 +27,16 @@ if (empty($file)) {
 $file = validate_file_to_edit($file, $allowed_files);
 $real_file = get_real_file_to_edit($file);
 
+$file_show = basename( $file );
+
 switch($action) {
 
 case 'update':
 
-	if ($user_level < 5) {
-		die(__('<p>You have do not have sufficient permissions to edit templates for this blog.</p>'));
-	}
+	check_admin_referer('edit-theme_' . $file . $theme);
+
+	if ( !current_user_can('edit_themes') )
+		wp_die('<p>'.__('You do not have sufficient permissions to edit templates for this blog.').'</p>');
 
 	$newcontent = stripslashes($_POST['newcontent']);
 	$theme = urlencode($theme);
@@ -55,27 +44,31 @@ case 'update':
 		$f = fopen($real_file, 'w+');
 		fwrite($f, $newcontent);
 		fclose($f);
-		header("Location: theme-editor.php?file=$file&theme=$theme&a=te");
+		$location = "theme-editor.php?file=$file&theme=$theme&a=te";
 	} else {
-		header("Location: theme-editor.php?file=$file&theme=$theme");
+		$location = "theme-editor.php?file=$file&theme=$theme";
 	}
 
+	$location = wp_kses_no_null($location);
+	$strip = array('%0d', '%0a');
+	$location = str_replace($strip, '', $location);
+	header("Location: $location");
 	exit();
 
 break;
 
 default:
-	
+
+	if ( !current_user_can('edit_themes') )
+		wp_die('<p>'.__('You do not have sufficient permissions to edit themes for this blog.').'</p>');
+
 	require_once('admin-header.php');
-	if ($user_level <= 5) {
-		die(__('<p>You have do not have sufficient permissions to edit themes for this blog.</p>'));
-	}
 
 	update_recently_edited($file);
-	
+
 	if (!is_file($real_file))
 		$error = 1;
-	
+
 	if (!$error && filesize($real_file) > 0) {
 		$f = fopen($real_file, 'r');
 		$content = fread($f, filesize($real_file));
@@ -84,10 +77,10 @@ default:
 
 	?>
 <?php if (isset($_GET['a'])) : ?>
- <div class="updated"><p><?php _e('File edited successfully.') ?></p></div>
+ <div id="message" class="updated fade"><p><?php _e('File edited successfully.') ?></p></div>
 <?php endif; ?>
  <div class="wrap">
-  <form name="theme" action="theme-editor.php" method="post"> 
+	<form name="theme" action="theme-editor.php" method="post">
 		<?php _e('Select theme to edit:') ?>
 		<select name="theme" id="theme">
 	<?php
@@ -95,63 +88,65 @@ default:
 		$theme_name = $a_theme['Name'];
 		if ($theme_name == $theme) $selected = " selected='selected'";
 		else $selected = '';
-		$theme_name = wp_specialchars($theme_name, true);
+		$theme_name = attribute_escape($theme_name);
 		echo "\n\t<option value=\"$theme_name\" $selected>$theme_name</option>";
 	}
 ?>
  </select>
- <input type="submit" name="Submit" value="<?php _e('Select') ?> &raquo;" />
+ <input type="submit" name="Submit" value="<?php _e('Select &raquo;') ?>" class="button" />
  </form>
  </div>
 
  <div class="wrap"> 
   <?php
-	if (is_writeable($real_file)) {
-		echo '<h2>' . sprintf(__('Editing <code>%s</code>'), $file) . '</h2>';
+	if ( is_writeable($real_file) ) {
+		echo '<h2>' . sprintf(__('Editing <code>%s</code>'), $file_show) . '</h2>';
 	} else {
-		echo '<h2>' . sprintf(__('Browsing <code>%s</code>'), $file) . '</h2>';
+		echo '<h2>' . sprintf(__('Browsing <code>%s</code>'), $file_show) . '</h2>';
 	}
 	?>
 	<div id="templateside">
-  <h3><?php printf(__("<strong>'%s'</strong> theme files"), $theme) ?></h3>
+	<h3><?php printf(__("<strong>'%s'</strong> theme files"), $theme) ?></h3>
 
 <?php
 if ($allowed_files) :
 ?>
-  <ul>
+	<ul>
 <?php foreach($allowed_files as $allowed_file) : ?>
 		 <li><a href="theme-editor.php?file=<?php echo "$allowed_file"; ?>&amp;theme=<?php echo urlencode($theme) ?>"><?php echo get_file_description($allowed_file); ?></a></li>
 <?php endforeach; ?>
-  </ul>
+	</ul>
 <?php endif; ?>
-</div> 
+</div>
 	<?php
 	if (!$error) {
-	?> 
-  <form name="template" id="template" action="theme-editor.php" method="post">
-		 <div><textarea cols="70" rows="25" name="newcontent" id="newcontent" tabindex="1"><?php echo $content ?></textarea> 
-     <input type="hidden" name="action" value="update" /> 
-     <input type="hidden" name="file" value="<?php echo $file ?>" /> 
-     <input type="hidden" name="theme" value="<?php echo $theme ?>" />
+	?>
+	<form name="template" id="template" action="theme-editor.php" method="post">
+	<?php wp_nonce_field('edit-theme_' . $file . $theme) ?>
+		 <div><textarea cols="70" rows="25" name="newcontent" id="newcontent" tabindex="1"><?php echo $content ?></textarea>
+		 <input type="hidden" name="action" value="update" />
+		 <input type="hidden" name="file" value="<?php echo $file ?>" />
+		 <input type="hidden" name="theme" value="<?php echo $theme ?>" />
 		 </div>
 <?php if ( is_writeable($real_file) ) : ?>
-     <p class="submit">
+	<p class="submit">
 <?php
-	echo "<input type='submit' name='submit' value='	" . __('Update File') . " &raquo;' tabindex='2' />";
+	echo "<input type='submit' name='submit' value='	" . __('Update File &raquo;') . "' tabindex='2' />";
 ?>
 </p>
 <?php else : ?>
-<p><em><?php _e('If this file was writable you could edit it.'); ?></em></p>
+<p><em><?php _e('If this file were writable you could edit it.'); ?></em></p>
 <?php endif; ?>
-   </form> 
-  <?php
+	</form>
+	<?php
 	} else {
 		echo '<div class="error"><p>' . __('Oops, no such file exists! Double check the name and try again, merci.') . '</p></div>';
 	}
-	?> 
-</div> 
+	?>
+<div class="clear"> &nbsp; </div>
+</div>
 <?php
 break;
 }
 
-include("admin-footer.php") ?> 
+include("admin-footer.php") ?>

wp-admin/themes.php

@@ -2,115 +2,94 @@
 require_once('admin.php');
 
 if ( isset($_GET['action']) ) {
-	check_admin_referer();
+	check_admin_referer('switch-theme_' . $_GET['template']);
 
 	if ('activate' == $_GET['action']) {
-	  if (isset($_GET['template'])) {
-	    update_option('template', $_GET['template']);
-	  }
+		if ( isset($_GET['template']) )
+			update_option('template', $_GET['template']);
 
-	  if (isset($_GET['stylesheet'])) {
-	    update_option('stylesheet', $_GET['stylesheet']);
-	  }
+		if ( isset($_GET['stylesheet']) )
+			update_option('stylesheet', $_GET['stylesheet']);
 
 		do_action('switch_theme', get_current_theme());
 
-	  header('Location: themes.php?activated=true');
+		wp_redirect('themes.php?activated=true');
+		exit;
 	}
- }
+}
 
 $title = __('Manage Themes');
 $parent_file = 'themes.php';
 require_once('admin-header.php');
 ?>
+
 <?php if ( ! validate_current_theme() ) : ?>
-<div class="updated"><p><?php _e('The active theme is broken.  Reverting to the default theme.'); ?></p></div>
-<?php elseif ( isset($activated) ) : ?>
-<div class="updated"><p><?php _e('New theme activated'); ?></p></div>
+<div id="message1" class="updated fade"><p><?php _e('The active theme is broken.  Reverting to the default theme.'); ?></p></div>
+<?php elseif ( isset($_GET['activated']) ) : ?>
+<div id="message2" class="updated fade"><p><?php printf(__('New theme activated. <a href="%s">View site &raquo;</a>'), get_bloginfo('url') . '/'); ?></p></div>
 <?php endif; ?>
 
 <?php
 $themes = get_themes();
-$current_theme = get_current_theme();
-$current_title = $themes[$current_theme]['Title'];
-$current_version = $themes[$current_theme]['Version'];
-$current_parent_theme = $themes[$current_theme]['Parent Theme'];
-$current_template_dir = $themes[$current_theme]['Template Dir'];
-$current_stylesheet_dir = $themes[$current_theme]['Stylesheet Dir'];
-$current_template = $themes[$current_theme]['Template'];
-$current_stylesheet = $themes[$current_theme]['Stylesheet'];
+$ct = current_theme_info();
 ?>
 
 <div class="wrap">
 <h2><?php _e('Current Theme'); ?></h2>
 <div id="currenttheme">
-<h3><?php printf(__('%1$s %2$s by %3$s'), $current_title, $current_version, $themes[$current_theme]['Author']) ; ?></h3>
-<p><?php echo $themes[$current_theme]['Description']; ?></p>
-<?php if ($current_parent_theme) { ?>
-	<p><?php printf(__('The active theme is <strong>%1$s</strong>.  The template files are located in <code>%2$s</code>.  The stylesheet files are located in <code>%3$s</code>.  <strong>%4$s</strong> uses templates from <strong>%5$s</strong>.  Changes made to the templates will affect both themes.'), $current_theme, $current_template_dir, $current_stylesheet_dir, $current_theme, $current_parent_theme); ?></p>
+<?php if ( $ct->screenshot ) : ?>
+<img src="<?php echo get_option('siteurl') . '/' . $ct->stylesheet_dir . '/' . $ct->screenshot; ?>" alt="<?php _e('Current theme preview'); ?>" />
+<?php endif; ?>
+<h3><?php printf(__('%1$s %2$s by %3$s'), $ct->title, $ct->version, $ct->author) ; ?></h3>
+<p><?php echo $ct->description; ?></p>
+<?php if ($ct->parent_theme) { ?>
+	<p><?php printf(__('The template files are located in <code>%2$s</code>.  The stylesheet files are located in <code>%3$s</code>.  <strong>%4$s</strong> uses templates from <strong>%5$s</strong>.  Changes made to the templates will affect both themes.'), $ct->title, $ct->template_dir, $ct->stylesheet_dir, $ct->title, $ct->parent_theme); ?></p>
 <?php } else { ?>
-	<p><?php printf(__('The active theme is <strong>%1$s</strong>.  The template files are located in <code>%2$s</code>.  The stylesheet files are located in <code>%3$s</code>.'), $current_theme, $current_template_dir, $current_stylesheet_dir); ?></p>
+	<p><?php printf(__('All of this theme&#8217;s files are located in <code>%2$s</code>.'), $ct->title, $ct->template_dir, $ct->stylesheet_dir); ?></p>
 <?php } ?>
 </div>
 
-<h2><?php _e('Themes Available'); ?></h2>
+<h2><?php _e('Available Themes'); ?></h2>
 <?php if ( 1 < count($themes) ) { ?>
-<table width="100%" cellpadding="3" cellspacing="3">
-	<tr>
-		<th><?php _e('Name'); ?></th>
-		<th><?php _e('Author'); ?></th>
-		<th><?php _e('Description'); ?></th>
-		<th></th>
-	</tr>
+
 <?php
-	$style = '';
+$style = '';
 
-	$theme_names = array_keys($themes);
-	natcasesort($theme_names);
+$theme_names = array_keys($themes);
+natcasesort($theme_names);
 
-	foreach ($theme_names as $theme_name) {
-		$template = $themes[$theme_name]['Template'];
-		$stylesheet = $themes[$theme_name]['Stylesheet'];
-		$title = $themes[$theme_name]['Title'];
-		$version = $themes[$theme_name]['Version'];
-		$description = $themes[$theme_name]['Description'];
-		$author = $themes[$theme_name]['Author'];
-
-		if ($template == $current_template && $stylesheet == $current_stylesheet) {
-			$action = '<strong>' . __('Active Theme') . '</strong>';
-			$current = true;
-		} else {
-			$action = "<a href='themes.php?action=activate&amp;template=$template&amp;stylesheet=$stylesheet' title='" . __('Select this theme') . "' class='edit'>" . __('Select') . '</a>';
-			$current = false;
-		}
-
-		$style = ('class="alternate"' == $style|| 'class="alternate active"' == $style) ? '' : 'alternate';
-		if ($current) $style .= $style == 'alternate' ? ' active' : 'active';
-		if ($style != '') $style = 'class="' . $style . '"';
-
-		echo "
-	  <tr $style>";
-if ( $current )
-	echo "<td><strong>$title $version</strong></td>";
-else
-	echo "<td>$title $version</td>";
-echo "
-	     <td class=\"auth\">$author</td>
-	     <td class=\"desc\">$description</td>
-	     <td class=\"togl\">$action</td>
-	  </tr>";
-	}
+foreach ($theme_names as $theme_name) {
+	if ( $theme_name == $ct->name )
+		continue;
+	$template = $themes[$theme_name]['Template'];
+	$stylesheet = $themes[$theme_name]['Stylesheet'];
+	$title = $themes[$theme_name]['Title'];
+	$version = $themes[$theme_name]['Version'];
+	$description = $themes[$theme_name]['Description'];
+	$author = $themes[$theme_name]['Author'];
+	$screenshot = $themes[$theme_name]['Screenshot'];
+	$stylesheet_dir = $themes[$theme_name]['Stylesheet Dir'];
+	$activate_link = wp_nonce_url("themes.php?action=activate&amp;template=$template&amp;stylesheet=$stylesheet", 'switch-theme_' . $template);
 ?>
+<div class="available-theme">
+<h3><a href="<?php echo $activate_link; ?>"><?php echo "$title $version"; ?></a></h3>
 
-</table>
-<?php
-}
-?>
+<a href="<?php echo $activate_link; ?>" class="screenshot">
+<?php if ( $screenshot ) : ?>
+<img src="<?php echo get_option('siteurl') . '/' . $stylesheet_dir . '/' . $screenshot; ?>" alt="" />
+<?php endif; ?>
+</a>
+
+<p><?php echo $description; ?></p>
+</div>
+<?php } // end foreach theme_names ?>
+
+<?php } ?>
 
 <?php
 // List broken themes, if any.
 $broken_themes = get_broken_themes();
-if (count($broken_themes)) {
+if ( count($broken_themes) ) {
 ?>
 
 <h2><?php _e('Broken Themes'); ?></h2>
@@ -123,7 +102,7 @@ if (count($broken_themes)) {
 	</tr>
 <?php
 	$theme = '';
-	
+
 	$theme_names = array_keys($broken_themes);
 	natcasesort($theme_names);
 
@@ -133,10 +112,10 @@ if (count($broken_themes)) {
 
 		$theme = ('class="alternate"' == $theme) ? '' : 'class="alternate"';
 		echo "
-	  <tr $theme>
-	     <td>$title</td>
-	     <td>$description</td>
-	  </tr>";
+		<tr $theme>
+			 <td>$title</td>
+			 <td>$description</td>
+		</tr>";
 	}
 ?>
 </table>
@@ -145,10 +124,8 @@ if (count($broken_themes)) {
 ?>
 
 <h2><?php _e('Get More Themes'); ?></h2>
-<p><?php _e('You can find additional themes for your site in the <a href="http://wordpress.org/extend/themes/">WordPress theme directory</a>. To install a theme you generally just need to upload the theme folder into your <code>wp-content/themes</code> directory. Once a theme is uploaded, you may activate it here.'); ?></p>
+<p><?php _e('You can find additional themes for your site in the <a href="http://wordpress.org/extend/themes/">WordPress theme directory</a>. To install a theme you generally just need to upload the theme folder into your <code>wp-content/themes</code> directory. Once a theme is uploaded, you should see it on this page.'); ?></p>
 
 </div>
 
-<?php
-include('admin-footer.php');
-?>
+<?php require('admin-footer.php'); ?>

wp-admin/update-links.php

@@ -3,12 +3,12 @@ require_once( dirname( dirname(__FILE__) ) . '/wp-config.php');
 require_once( ABSPATH . 'wp-includes/class-snoopy.php');
 
 if ( !get_option('use_linksupdate') )
-	die('Feature disabled.');
+	wp_die(__('Feature disabled.'));
 
 $link_uris = $wpdb->get_col("SELECT link_url FROM $wpdb->links");
 
 if ( !$link_uris )
-	die('No links');
+	wp_die(__('No links'));
 
 $link_uris = urlencode( join( $link_uris, "\n" ) );
 
@@ -16,29 +16,29 @@ $query_string = "uris=$link_uris";
 
 $http_request  = "POST /updated-batch/ HTTP/1.0\r\n";
 $http_request .= "Host: api.pingomatic.com\r\n";
-$http_request .= 'Content-Type: application/x-www-form-urlencoded; charset='.get_settings('blog_charset')."\r\n";
+$http_request .= 'Content-Type: application/x-www-form-urlencoded; charset='.get_option('blog_charset')."\r\n";
 $http_request .= 'Content-Length: ' . strlen($query_string) . "\r\n";
 $http_request .= 'User-Agent: WordPress/' . $wp_version . "\r\n";
 $http_request .= "\r\n";
 $http_request .= $query_string;
 
 $response = '';
-if( false !== ( $fs = fsockopen('api.pingomatic.com', 80, $errno, $errstr, 5) ) ) {
+if ( false !== ( $fs = @fsockopen('api.pingomatic.com', 80, $errno, $errstr, 5) ) ) {
 	fwrite($fs, $http_request);
 	while ( !feof($fs) )
 		$response .= fgets($fs, 1160); // One TCP-IP packet
 	fclose($fs);
-    
+
 	$response = explode("\r\n\r\n", $response, 2);
 	$body = trim( $response[1] );
 	$body = str_replace(array("\r\n", "\r"), "\n", $body);
-    
+
 	$returns = explode("\n", $body);
-    
+
 	foreach ($returns as $return) :
-		$time = addslashes( substr($return, 0, 19) );
-		$uri = addslashes( preg_replace('/(.*?) | (.*?)/', '$2', $return) );
+		$time = $wpdb->escape( substr($return, 0, 19) );
+		$uri = $wpdb->escape( preg_replace('/(.*?) | (.*?)/', '$2', $return) );
 		$wpdb->query("UPDATE $wpdb->links SET link_updated = '$time' WHERE link_url = '$uri'");
 	endforeach;
 }
-?>
+?>

wp-admin/upgrade-functions.php

@@ -1,15 +1,195 @@
 <?php
 
+if ( file_exists(ABSPATH . 'wp-content/install.php') )
+	require (ABSPATH . 'wp-content/install.php');
 require_once(ABSPATH . '/wp-admin/admin-functions.php');
+require_once(ABSPATH . '/wp-admin/admin-db.php');
 require_once(ABSPATH . '/wp-admin/upgrade-schema.php');
+require_once(ABSPATH . WPINC . '/registration.php');
+
+if ( !function_exists('wp_install') ) :
+function wp_install($blog_title, $user_name, $user_email, $public, $meta='') {
+	global $wp_rewrite;
+
+	wp_check_mysql_version();
+	wp_cache_flush();
+	make_db_current_silent();
+	populate_options();
+	populate_roles();
+
+	update_option('blogname', $blog_title);
+	update_option('admin_email', $user_email);
+	update_option('blog_public', $public);
+	$schema = ( isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' ) ? 'https://' : 'http://';
+
+	if ( defined('WP_SITEURL') && '' != WP_SITEURL )
+		$guessurl = WP_SITEURL;
+	else
+		$guessurl = preg_replace('|/wp-admin/.*|i', '', $schema . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
+
+	update_option('siteurl', $guessurl);
+
+	// If not a public blog, don't ping.
+	if ( ! $public )
+		update_option('default_pingback_flag', 0);
+
+	// Create default user.  If the user already exists, the user tables are
+	// being shared among blogs.  Just set the role in that case.
+	$user_id = username_exists($user_name);
+	if ( !$user_id ) {
+		$random_password = substr(md5(uniqid(microtime())), 0, 6);
+		$user_id = wp_create_user($user_name, $random_password, $user_email);
+	} else {
+		$random_password = __('User already exists.  Password inherited.');
+	}
+
+	$user = new WP_User($user_id);
+	$user->set_role('administrator');
+
+	wp_install_defaults($user_id);
+
+	$wp_rewrite->flush_rules();
+
+	wp_new_blog_notification($blog_title, $guessurl, $user_id, $random_password);
+
+	wp_cache_flush();
+
+	return array('url' => $guessurl, 'user_id' => $user_id, 'password' => $random_password);
+}
+endif;
+
+if ( !function_exists('wp_install_defaults') ) :
+function wp_install_defaults($user_id) {
+	global $wpdb;
+
+	// Default category
+	$wpdb->query("INSERT INTO $wpdb->categories (cat_ID, cat_name, category_nicename, category_count, category_description) VALUES ('0', '".$wpdb->escape(__('Uncategorized'))."', '".sanitize_title(__('Uncategorized'))."', '1', '')");
+
+	// Default link category
+	$wpdb->query("INSERT INTO $wpdb->categories (cat_ID, cat_name, category_nicename, link_count, category_description) VALUES ('0', '".$wpdb->escape(__('Blogroll'))."', '".sanitize_title(__('Blogroll'))."', '7', '')");
+
+	// Now drop in some default links
+	$wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss, link_notes) VALUES ('http://inphotos.org/', 'Donncha', 0, 'http://inphotos.org/feed/', '');");
+	$wpdb->query( "INSERT INTO $wpdb->link2cat (`link_id`, `category_id`) VALUES (1, 2)" );
+
+	$wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss, link_notes) VALUES ('http://zengun.org/weblog/', 'Michel', 0, 'http://zengun.org/weblog/feed/', '');");
+	$wpdb->query( "INSERT INTO $wpdb->link2cat (`link_id`, `category_id`) VALUES (2, 2)" );
+
+	$wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss, link_notes) VALUES ('http://boren.nu/', 'Ryan', 0, 'http://boren.nu/feed/', '');");
+	$wpdb->query( "INSERT INTO $wpdb->link2cat (`link_id`, `category_id`) VALUES (3, 2)" );
+
+	$wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss, link_notes) VALUES ('http://photomatt.net/', 'Matt', 0, 'http://xml.photomatt.net/feed/', '');");
+	$wpdb->query( "INSERT INTO $wpdb->link2cat (`link_id`, `category_id`) VALUES (4, 2)" );
+
+	$wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss, link_notes) VALUES ('http://zed1.com/journalized/', 'Mike', 0, 'http://zed1.com/journalized/feed/', '');");
+	$wpdb->query( "INSERT INTO $wpdb->link2cat (`link_id`, `category_id`) VALUES (5, 2)" );
+
+	$wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss, link_notes) VALUES ('http://www.alexking.org/', 'Alex', 0, 'http://www.alexking.org/blog/wp-rss2.php', '');");
+	$wpdb->query( "INSERT INTO $wpdb->link2cat (`link_id`, `category_id`) VALUES (6, 2)" );
+
+	$wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss, link_notes) VALUES ('http://dougal.gunters.org/', 'Dougal', 0, 'http://dougal.gunters.org/feed/', '');");
+	$wpdb->query( "INSERT INTO $wpdb->link2cat (`link_id`, `category_id`) VALUES (7, 2)" );
+
+	// First post
+	$now = date('Y-m-d H:i:s');
+	$now_gmt = gmdate('Y-m-d H:i:s');
+	$wpdb->query("INSERT INTO $wpdb->posts (post_author, post_date, post_date_gmt, post_content, post_excerpt, post_title, post_category, post_name, post_modified, post_modified_gmt, comment_count, to_ping, pinged, post_content_filtered) VALUES ($user_id, '$now', '$now_gmt', '".$wpdb->escape(__('Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!'))."', '', '".$wpdb->escape(__('Hello world!'))."', '0', '".$wpdb->escape(__('hello-world'))."', '$now', '$now_gmt', '1', '', '', '')");
+
+	$wpdb->query( "INSERT INTO $wpdb->post2cat (`rel_id`, `post_id`, `category_id`) VALUES (1, 1, 1)" );
+
+	// Default comment
+	$wpdb->query("INSERT INTO $wpdb->comments (comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_date, comment_date_gmt, comment_content) VALUES ('1', '".$wpdb->escape(__('Mr WordPress'))."', '', 'http://wordpress.org/', '$now', '$now_gmt', '".$wpdb->escape(__('Hi, this is a comment.<br />To delete a comment, just log in and view the post&#039;s comments. There you will have the option to edit or delete them.'))."')");
+
+	// First Page
+	$wpdb->query("INSERT INTO $wpdb->posts (post_author, post_date, post_date_gmt, post_content, post_excerpt, post_title, post_category, post_name, post_modified, post_modified_gmt, post_status, post_type, to_ping, pinged, post_content_filtered) VALUES ($user_id, '$now', '$now_gmt', '".$wpdb->escape(__('This is an example of a WordPress page, you could edit this to put information about yourself or your site so readers know where you are coming from. You can create as many pages like this one or sub-pages as you like and manage all of your content inside of WordPress.'))."', '', '".$wpdb->escape(__('About'))."', '0', '".$wpdb->escape(__('about'))."', '$now', '$now_gmt', 'publish', 'page', '', '', '')");
+}
+endif;
+
+if ( !function_exists('wp_new_blog_notification') ) :
+function wp_new_blog_notification($blog_title, $blog_url, $user_id, $password) {
+	$user = new WP_User($user_id);
+	$email = $user->user_email;
+	$name = $user->user_login;
+	$message_headers = 'From: "' . $blog_title . '" <wordpress@' . $_SERVER['SERVER_NAME'] . '>';
+	$message = sprintf(__("Your new WordPress blog has been successfully set up at:
+
+%1\$s
+
+You can log in to the administrator account with the following information:
+
+Username: %2\$s
+Password: %3\$s
+
+We hope you enjoy your new weblog. Thanks!
+
+--The WordPress Team
+http://wordpress.org/
+"), $blog_url, $name, $password);
+
+	@wp_mail($email, __('New WordPress Blog'), $message, $message_headers);
+}
+endif;
+
+if ( !function_exists('wp_upgrade') ) :
+function wp_upgrade() {
+	global $wp_current_db_version, $wp_db_version;
+
+	$wp_current_db_version = __get_option('db_version');
+
+	// We are up-to-date.  Nothing to do.
+	if ( $wp_db_version == $wp_current_db_version )
+		return;
+
+	wp_check_mysql_version();
+	wp_cache_flush();
+	make_db_current_silent();
+	upgrade_all();
+	wp_cache_flush();
+}
+endif;
+
 // Functions to be called in install and upgrade scripts
 function upgrade_all() {
+	global $wp_current_db_version, $wp_db_version, $wp_rewrite;
+	$wp_current_db_version = __get_option('db_version');
+
+	// We are up-to-date.  Nothing to do.
+	if ( $wp_db_version == $wp_current_db_version )
+		return;
+
+	// If the version is not set in the DB, try to guess the version.
+	if ( empty($wp_current_db_version) ) {
+		$wp_current_db_version = 0;
+
+		// If the template option exists, we have 1.5.
+		$template = __get_option('template');
+		if ( !empty($template) )
+			$wp_current_db_version = 2541;
+	}
+
 	populate_options();
-	upgrade_100();
-	upgrade_101();
-	upgrade_110();
-	upgrade_130();
-	save_mod_rewrite_rules();
+
+	if ( $wp_current_db_version < 2541 ) {
+		upgrade_100();
+		upgrade_101();
+		upgrade_110();
+		upgrade_130();
+	}
+	
+	maybe_disable_automattic_widgets();
+
+	if ( $wp_current_db_version < 3308 )
+		upgrade_160();
+
+	if ( $wp_current_db_version < 4772 )
+		upgrade_210();
+
+	if ( $wp_current_db_version < 4351 )
+		upgrade_old_slugs();
+
+	$wp_rewrite->flush_rules();
+
+	update_option('db_version', $wp_db_version);
 }
 
 function upgrade_100() {
@@ -19,16 +199,16 @@ function upgrade_100() {
 	$posts = $wpdb->get_results("SELECT ID, post_title, post_name FROM $wpdb->posts WHERE post_name = ''");
 	if ($posts) {
 		foreach($posts as $post) {
-			if ('' == $post->post_name) { 
+			if ('' == $post->post_name) {
 				$newtitle = sanitize_title($post->post_title);
 				$wpdb->query("UPDATE $wpdb->posts SET post_name = '$newtitle' WHERE ID = '$post->ID'");
 			}
 		}
 	}
-	
+
 	$categories = $wpdb->get_results("SELECT cat_ID, cat_name, category_nicename FROM $wpdb->categories");
 	foreach ($categories as $category) {
-		if ('' == $category->category_nicename) { 
+		if ('' == $category->category_nicename) {
 			$newtitle = sanitize_title($category->cat_name);
 			$wpdb->query("UPDATE $wpdb->categories SET category_nicename = '$newtitle' WHERE cat_ID = '$category->cat_ID'");
 		}
@@ -48,7 +228,7 @@ function upgrade_100() {
 	else:
 		$catwhere = '';
 	endif;
-	
+
 	$allposts = $wpdb->get_results("SELECT ID, post_category FROM $wpdb->posts WHERE post_category != '0' $catwhere");
 	if ($allposts) :
 		foreach ($allposts as $post) {
@@ -81,12 +261,12 @@ function upgrade_101() {
 
 
 function upgrade_110() {
-  global $wpdb;
-	
-    // Set user_nicename.
+	global $wpdb;
+
+	// Set user_nicename.
 	$users = $wpdb->get_results("SELECT ID, user_nickname, user_nicename FROM $wpdb->users");
 	foreach ($users as $user) {
-		if ('' == $user->user_nicename) { 
+		if ('' == $user->user_nicename) {
 			$newname = sanitize_title($user->user_nickname);
 			$wpdb->query("UPDATE $wpdb->users SET user_nicename = '$newname' WHERE ID = '$user->ID'");
 		}
@@ -95,7 +275,7 @@ function upgrade_110() {
 	$users = $wpdb->get_results("SELECT ID, user_pass from $wpdb->users");
 	foreach ($users as $row) {
 		if (!preg_match('/^[A-Fa-f0-9]{32}$/', $row->user_pass)) {
-			   $wpdb->query('UPDATE '.$wpdb->users.' SET user_pass = MD5(\''.$row->user_pass.'\') WHERE ID = \''.$row->ID.'\'');
+			$wpdb->query('UPDATE '.$wpdb->users.' SET user_pass = MD5(\''.$row->user_pass.'\') WHERE ID = \''.$row->ID.'\'');
 		}
 	}
 
@@ -137,63 +317,63 @@ function upgrade_110() {
 }
 
 function upgrade_130() {
-    global $wpdb, $table_prefix;
+	global $wpdb;
 
-    // Remove extraneous backslashes.
+	// Remove extraneous backslashes.
 	$posts = $wpdb->get_results("SELECT ID, post_title, post_content, post_excerpt, guid, post_date, post_name, post_status, post_author FROM $wpdb->posts");
 	if ($posts) {
 		foreach($posts as $post) {
-            $post_content = addslashes(deslash($post->post_content));
-            $post_title = addslashes(deslash($post->post_title));
-            $post_excerpt = addslashes(deslash($post->post_excerpt));
+			$post_content = addslashes(deslash($post->post_content));
+			$post_title = addslashes(deslash($post->post_title));
+			$post_excerpt = addslashes(deslash($post->post_excerpt));
 			if ( empty($post->guid) )
 				$guid = get_permalink($post->ID);
 			else
 				$guid = $post->guid;
 
-            $wpdb->query("UPDATE $wpdb->posts SET post_title = '$post_title', post_content = '$post_content', post_excerpt = '$post_excerpt', guid = '$guid' WHERE ID = '$post->ID'");
+			$wpdb->query("UPDATE $wpdb->posts SET post_title = '$post_title', post_content = '$post_content', post_excerpt = '$post_excerpt', guid = '$guid' WHERE ID = '$post->ID'");
 		}
 	}
 
-    // Remove extraneous backslashes.
+	// Remove extraneous backslashes.
 	$comments = $wpdb->get_results("SELECT comment_ID, comment_author, comment_content FROM $wpdb->comments");
 	if ($comments) {
 		foreach($comments as $comment) {
-            $comment_content = addslashes(deslash($comment->comment_content));
-            $comment_author = addslashes(deslash($comment->comment_author));
-            $wpdb->query("UPDATE $wpdb->comments SET comment_content = '$comment_content', comment_author = '$comment_author' WHERE comment_ID = '$comment->comment_ID'");
+			$comment_content = addslashes(deslash($comment->comment_content));
+			$comment_author = addslashes(deslash($comment->comment_author));
+			$wpdb->query("UPDATE $wpdb->comments SET comment_content = '$comment_content', comment_author = '$comment_author' WHERE comment_ID = '$comment->comment_ID'");
 		}
 	}
 
-    // Remove extraneous backslashes.
+	// Remove extraneous backslashes.
 	$links = $wpdb->get_results("SELECT link_id, link_name, link_description FROM $wpdb->links");
 	if ($links) {
 		foreach($links as $link) {
-            $link_name = addslashes(deslash($link->link_name));
-            $link_description = addslashes(deslash($link->link_description));
-            $wpdb->query("UPDATE $wpdb->links SET link_name = '$link_name', link_description = '$link_description' WHERE link_id = '$link->link_id'");
+			$link_name = addslashes(deslash($link->link_name));
+			$link_description = addslashes(deslash($link->link_description));
+			$wpdb->query("UPDATE $wpdb->links SET link_name = '$link_name', link_description = '$link_description' WHERE link_id = '$link->link_id'");
 		}
 	}
 
-    // The "paged" option for what_to_show is no more.
-    if ($wpdb->get_var("SELECT option_value FROM $wpdb->options WHERE option_name = 'what_to_show'") == 'paged') {
-        $wpdb->query("UPDATE $wpdb->options SET option_value = 'posts' WHERE option_name = 'what_to_show'");
-    }
+	// The "paged" option for what_to_show is no more.
+	if ($wpdb->get_var("SELECT option_value FROM $wpdb->options WHERE option_name = 'what_to_show'") == 'paged') {
+		$wpdb->query("UPDATE $wpdb->options SET option_value = 'posts' WHERE option_name = 'what_to_show'");
+	}
 
-		$active_plugins = __get_option('active_plugins');
+	$active_plugins = __get_option('active_plugins');
 
-		// If plugins are not stored in an array, they're stored in the old
-		// newline separated format.  Convert to new format.
-		if ( !is_array( $active_plugins ) ) {
-			$active_plugins = explode("\n", trim($active_plugins));
-			update_option('active_plugins', $active_plugins);
-		}
+	// If plugins are not stored in an array, they're stored in the old
+	// newline separated format.  Convert to new format.
+	if ( !is_array( $active_plugins ) ) {
+		$active_plugins = explode("\n", trim($active_plugins));
+		update_option('active_plugins', $active_plugins);
+	}
 
 	// Obsolete tables
-	$wpdb->query('DROP TABLE IF EXISTS ' . $table_prefix . 'optionvalues');
-	$wpdb->query('DROP TABLE IF EXISTS ' . $table_prefix . 'optiontypes');
-	$wpdb->query('DROP TABLE IF EXISTS ' . $table_prefix . 'optiongroups');
-	$wpdb->query('DROP TABLE IF EXISTS ' . $table_prefix . 'optiongroup_options');
+	$wpdb->query('DROP TABLE IF EXISTS ' . $wpdb->prefix . 'optionvalues');
+	$wpdb->query('DROP TABLE IF EXISTS ' . $wpdb->prefix . 'optiontypes');
+	$wpdb->query('DROP TABLE IF EXISTS ' . $wpdb->prefix . 'optiongroups');
+	$wpdb->query('DROP TABLE IF EXISTS ' . $wpdb->prefix . 'optiongroup_options');
 
 	// Update comments table to use comment_type
 	$wpdb->query("UPDATE $wpdb->comments SET comment_type='trackback', comment_content = REPLACE(comment_content, '<trackback />', '') WHERE comment_content LIKE '<trackback />%'");
@@ -213,25 +393,206 @@ function upgrade_130() {
 	make_site_theme();
 }
 
+function upgrade_160() {
+	global $wpdb, $wp_current_db_version;
+
+	populate_roles_160();
+
+	$users = $wpdb->get_results("SELECT * FROM $wpdb->users");
+	foreach ( $users as $user ) :
+		if ( !empty( $user->user_firstname ) )
+			update_usermeta( $user->ID, 'first_name', $wpdb->escape($user->user_firstname) );
+		if ( !empty( $user->user_lastname ) )
+			update_usermeta( $user->ID, 'last_name', $wpdb->escape($user->user_lastname) );
+		if ( !empty( $user->user_nickname ) )
+			update_usermeta( $user->ID, 'nickname', $wpdb->escape($user->user_nickname) );
+		if ( !empty( $user->user_level ) )
+			update_usermeta( $user->ID, $wpdb->prefix . 'user_level', $user->user_level );
+		if ( !empty( $user->user_icq ) )
+			update_usermeta( $user->ID, 'icq', $wpdb->escape($user->user_icq) );
+		if ( !empty( $user->user_aim ) )
+			update_usermeta( $user->ID, 'aim', $wpdb->escape($user->user_aim) );
+		if ( !empty( $user->user_msn ) )
+			update_usermeta( $user->ID, 'msn', $wpdb->escape($user->user_msn) );
+		if ( !empty( $user->user_yim ) )
+			update_usermeta( $user->ID, 'yim', $wpdb->escape($user->user_icq) );
+		if ( !empty( $user->user_description ) )
+			update_usermeta( $user->ID, 'description', $wpdb->escape($user->user_description) );
+
+		if ( isset( $user->user_idmode ) ):
+			$idmode = $user->user_idmode;
+			if ($idmode == 'nickname') $id = $user->user_nickname;
+			if ($idmode == 'login') $id = $user->user_login;
+			if ($idmode == 'firstname') $id = $user->user_firstname;
+			if ($idmode == 'lastname') $id = $user->user_lastname;
+			if ($idmode == 'namefl') $id = $user->user_firstname.' '.$user->user_lastname;
+			if ($idmode == 'namelf') $id = $user->user_lastname.' '.$user->user_firstname;
+			if (!$idmode) $id = $user->user_nickname;
+			$id = $wpdb->escape( $id );
+			$wpdb->query("UPDATE $wpdb->users SET display_name = '$id' WHERE ID = '$user->ID'");
+		endif;
+
+		// FIXME: RESET_CAPS is temporary code to reset roles and caps if flag is set.
+		$caps = get_usermeta( $user->ID, $wpdb->prefix . 'capabilities');
+		if ( empty($caps) || defined('RESET_CAPS') ) {
+			$level = get_usermeta($user->ID, $wpdb->prefix . 'user_level');
+			$role = translate_level_to_role($level);
+			update_usermeta( $user->ID, $wpdb->prefix . 'capabilities', array($role => true) );
+		}
+
+	endforeach;
+	$old_user_fields = array( 'user_firstname', 'user_lastname', 'user_icq', 'user_aim', 'user_msn', 'user_yim', 'user_idmode', 'user_ip', 'user_domain', 'user_browser', 'user_description', 'user_nickname', 'user_level' );
+	$wpdb->hide_errors();
+	foreach ( $old_user_fields as $old )
+		$wpdb->query("ALTER TABLE $wpdb->users DROP $old");
+	$wpdb->show_errors();
+
+	if ( 0 == $wpdb->get_var("SELECT SUM(category_count) FROM $wpdb->categories") ) { // Create counts
+		$categories = $wpdb->get_col("SELECT cat_ID FROM $wpdb->categories");
+		foreach ( $categories as $cat_id ) {
+			$count = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->post2cat, $wpdb->posts WHERE $wpdb->posts.ID=$wpdb->post2cat.post_id AND post_status='publish' AND category_id = '$cat_id'");
+			$wpdb->query("UPDATE $wpdb->categories SET category_count = '$count' WHERE cat_ID = '$cat_id'");
+		}
+	}
+
+	// populate comment_count field of posts table
+	$comments = $wpdb->get_results( "SELECT comment_post_ID, COUNT(*) as c FROM $wpdb->comments WHERE comment_approved = '1' GROUP BY comment_post_ID" );
+	if( is_array( $comments ) ) {
+		foreach ($comments as $comment) {
+			$wpdb->query( "UPDATE $wpdb->posts SET comment_count = $comment->c WHERE ID = '$comment->comment_post_ID'" );
+		}
+	}
+
+	// Some alpha versions used a post status of object instead of attachment and put
+	// the mime type in post_type instead of post_mime_type.
+	if ( $wp_current_db_version > 2541 && $wp_current_db_version <= 3091 ) {
+		$objects = $wpdb->get_results("SELECT ID, post_type FROM $wpdb->posts WHERE post_status = 'object'");
+		foreach ($objects as $object) {
+			$wpdb->query("UPDATE $wpdb->posts SET post_status = 'attachment',
+			post_mime_type = '$object->post_type',
+			post_type = ''
+			WHERE ID = $object->ID");
+
+			$meta = get_post_meta($object->ID, 'imagedata', true);
+			if ( ! empty($meta['file']) )
+				update_attached_file( $object->ID, $meta['file'] );
+		}
+	}
+}
+
+function upgrade_210() {
+	global $wpdb, $wp_current_db_version;
+
+	if ( $wp_current_db_version < 3506 ) {
+		// Update status and type.
+		$posts = $wpdb->get_results("SELECT ID, post_status FROM $wpdb->posts");
+
+		if ( ! empty($posts) ) foreach ($posts as $post) {
+			$status = $post->post_status;
+			$type = 'post';
+
+			if ( 'static' == $status ) {
+				$status = 'publish';
+				$type = 'page';
+			} else if ( 'attachment' == $status ) {
+				$status = 'inherit';
+				$type = 'attachment';
+			}
+
+			$wpdb->query("UPDATE $wpdb->posts SET post_status = '$status', post_type = '$type' WHERE ID = '$post->ID'");
+		}
+	}
+
+	if ( $wp_current_db_version < 3845 ) {
+		populate_roles_210();
+	}
+
+	if ( $wp_current_db_version < 3531 ) {
+		// Give future posts a post_status of future.
+		$now = gmdate('Y-m-d H:i:59');
+		$wpdb->query ("UPDATE $wpdb->posts SET post_status = 'future' WHERE post_status = 'publish' AND post_date_gmt > '$now'");
+
+		$posts = $wpdb->get_results("SELECT ID, post_date FROM $wpdb->posts WHERE post_status ='future'");
+		if ( !empty($posts) )
+			foreach ( $posts as $post )
+				wp_schedule_single_event(mysql2date('U', $post->post_date), 'publish_future_post', array($post->ID));
+	}
+
+	if ( $wp_current_db_version < 3570 ) {
+		// Create categories for link categories if a category with the same
+		// name doesn't exist.  Create a map of link cat IDs to cat IDs.
+		$link_cat_id_map = array();
+		$link_cats = $wpdb->get_results("SELECT cat_id, cat_name FROM " . $wpdb->prefix . 'linkcategories');
+		foreach ( $link_cats as $link_cat) {
+			if ( $cat_id = category_exists($link_cat->cat_name) ) {
+				$link_cat_id_map[$link_cat->cat_id] = $cat_id;
+				$default_link_cat = $cat_id;
+			} else {
+				$link_cat_id_map[$link_cat->cat_id] = wp_create_category($link_cat->cat_name);
+				$default_link_cat = $link_cat_id_map[$link_cat->cat_id];
+			}
+		}
+
+		// Associate links to cats.
+		$links = $wpdb->get_results("SELECT link_id, link_category FROM $wpdb->links");
+		if ( !empty($links) ) foreach ( $links as $link ) {
+			if ( 0 == $link->link_category )
+				continue;
+			if ( ! isset($link_cat_id_map[$link->link_category]) )
+				continue;
+			$link_cat = $link_cat_id_map[$link->link_category];
+			$cat = $wpdb->get_row("SELECT * FROM $wpdb->link2cat WHERE link_id = '$link->link_id' AND category_id = '$link_cat'");
+			if ( !$cat ) {
+				$wpdb->query("INSERT INTO $wpdb->link2cat (link_id, category_id)
+					VALUES ('$link->link_id', '$link_cat')");
+			}
+		}
+
+		// Set default to the last category we grabbed during the upgrade loop.
+		update_option('default_link_category', $default_link_cat);
+
+		// Count links per category.
+		if ( 0 == $wpdb->get_var("SELECT SUM(link_count) FROM $wpdb->categories") ) {
+			$categories = $wpdb->get_col("SELECT cat_ID FROM $wpdb->categories");
+			foreach ( $categories as $cat_id ) {
+				$count = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->link2cat, $wpdb->links WHERE $wpdb->links.link_id = $wpdb->link2cat.link_id AND category_id = '$cat_id'");
+				$wpdb->query("UPDATE $wpdb->categories SET link_count = '$count' WHERE cat_ID = '$cat_id'");
+			}
+		}
+	}
+
+	if ( $wp_current_db_version < 4772 ) {
+		// Obsolete linkcategories table
+		$wpdb->query('DROP TABLE IF EXISTS ' . $wpdb->prefix . 'linkcategories');
+	}
+}
+
+function upgrade_old_slugs() {
+	// upgrade people who were using the Redirect Old Slugs plugin
+	global $wpdb;
+	$wpdb->query("UPDATE $wpdb->postmeta SET meta_key = '_wp_old_slug' WHERE meta_key = 'old_slug'");
+}
+
+
 // The functions we use to actually do stuff
 
 // General
 function maybe_create_table($table_name, $create_ddl) {
-    global $wpdb;
-    foreach ($wpdb->get_col("SHOW TABLES",0) as $table ) {
-        if ($table == $table_name) {
-            return true;
-        }
-    }
-    //didn't find it try to create it.
-    $q = $wpdb->query($create_ddl);
-    // we cannot directly tell that whether this succeeded!
-    foreach ($wpdb->get_col("SHOW TABLES",0) as $table ) {
-        if ($table == $table_name) {
-            return true;
-        }
-    }
-    return false;
+	global $wpdb;
+	foreach ($wpdb->get_col("SHOW TABLES",0) as $table ) {
+		if ($table == $table_name) {
+			return true;
+		}
+	}
+	//didn't find it try to create it.
+	$q = $wpdb->query($create_ddl);
+	// we cannot directly tell that whether this succeeded!
+	foreach ($wpdb->get_col("SHOW TABLES",0) as $table ) {
+		if ($table == $table_name) {
+			return true;
+		}
+	}
+	return false;
 }
 
 function drop_index($table, $index) {
@@ -260,22 +621,22 @@ function add_clean_index($table, $index) {
  **           false on error
  */
 function maybe_add_column($table_name, $column_name, $create_ddl) {
-    global $wpdb, $debug;
-    foreach ($wpdb->get_col("DESC $table_name", 0) as $column ) {
-        if ($debug) echo("checking $column == $column_name<br />");
-        if ($column == $column_name) {
-            return true;
-        }
-    }
-    //didn't find it try to create it.
-    $q = $wpdb->query($create_ddl);
-    // we cannot directly tell that whether this succeeded!
-    foreach ($wpdb->get_col("DESC $table_name", 0) as $column ) {
-        if ($column == $column_name) {
-            return true;
-        }
-    }
-    return false;
+	global $wpdb, $debug;
+	foreach ($wpdb->get_col("DESC $table_name", 0) as $column ) {
+		if ($debug) echo("checking $column == $column_name<br />");
+		if ($column == $column_name) {
+			return true;
+		}
+	}
+	//didn't find it try to create it.
+	$q = $wpdb->query($create_ddl);
+	// we cannot directly tell that whether this succeeded!
+	foreach ($wpdb->get_col("DESC $table_name", 0) as $column ) {
+		if ($column == $column_name) {
+			return true;
+		}
+	}
+	return false;
 }
 
 
@@ -284,7 +645,7 @@ function get_alloptions_110() {
 	global $wpdb;
 	if ($options = $wpdb->get_results("SELECT option_name, option_value FROM $wpdb->options")) {
 		foreach ($options as $option) {
-			// "When trying to design a foolproof system, 
+			// "When trying to design a foolproof system,
 			//  never underestimate the ingenuity of the fools :)" -- Dougal
 			if ('siteurl' == $option->option_name) $option->option_value = preg_replace('|/+$|', '', $option->option_value);
 			if ('home' == $option->option_name) $option->option_value = preg_replace('|/+$|', '', $option->option_value);
@@ -298,9 +659,23 @@ function get_alloptions_110() {
 // Version of get_option that is private to install/upgrade.
 function __get_option($setting) {
 	global $wpdb;
-
+	
+	if ( $setting == 'home' && defined( 'WP_HOME' ) ) {
+		return preg_replace( '|/+$|', '', constant( 'WP_HOME' ) );
+	}
+	
+	if ( $setting == 'siteurl' && defined( 'WP_SITEURL' ) ) {
+		return preg_replace( '|/+$|', '', constant( 'WP_SITEURL' ) );
+	}
+	
 	$option = $wpdb->get_var("SELECT option_value FROM $wpdb->options WHERE option_name = '$setting'");
 
+	if ( 'home' == $setting && '' == $option )
+		return __get_option('siteurl');
+
+	if ( 'siteurl' == $setting || 'home' == $setting || 'category_base' == $setting )
+		$option = preg_replace('|/+$|', '', $option);
+
 	@ $kellogs = unserialize($option);
 	if ($kellogs !== FALSE)
 		return $kellogs;
@@ -309,35 +684,35 @@ function __get_option($setting) {
 }
 
 function deslash($content) {
-    // Note: \\\ inside a regex denotes a single backslash.
+	// Note: \\\ inside a regex denotes a single backslash.
 
-    // Replace one or more backslashes followed by a single quote with
-    // a single quote.
-    $content = preg_replace("/\\\+'/", "'", $content);
+	// Replace one or more backslashes followed by a single quote with
+	// a single quote.
+	$content = preg_replace("/\\\+'/", "'", $content);
 
-    // Replace one or more backslashes followed by a double quote with
-    // a double quote.
-    $content = preg_replace('/\\\+"/', '"', $content);
+	// Replace one or more backslashes followed by a double quote with
+	// a double quote.
+	$content = preg_replace('/\\\+"/', '"', $content);
 
-    // Replace one or more backslashes with one backslash.
-    $content = preg_replace("/\\\+/", "\\", $content);
+	// Replace one or more backslashes with one backslash.
+	$content = preg_replace("/\\\+/", "\\", $content);
 
-    return $content;
+	return $content;
 }
 
 function dbDelta($queries, $execute = true) {
 	global $wpdb;
-	
+
 	// Seperate individual queries into an array
 	if( !is_array($queries) ) {
 		$queries = explode( ';', $queries );
 		if('' == $queries[count($queries) - 1]) array_pop($queries);
 	}
-	
+
 	$cqueries = array(); // Creation Queries
 	$iqueries = array(); // Insertion Queries
 	$for_update = array();
-	
+
 	// Create a tablename index for an array ($cqueries) of queries
 	foreach($queries as $qry) {
 		if(preg_match("|CREATE TABLE ([^ ]*)|", $qry, $matches)) {
@@ -356,7 +731,7 @@ function dbDelta($queries, $execute = true) {
 		else {
 			// Unrecognized query type
 		}
-	}	
+	}
 
 	// Check to see which tables and fields exist
 	if($tables = $wpdb->get_col('SHOW TABLES;')) {
@@ -375,13 +750,13 @@ function dbDelta($queries, $execute = true) {
 				$flds = explode("\n", $qryline);
 
 				//echo "<hr/><pre>\n".print_r(strtolower($table), true).":\n".print_r($cqueries, true)."</pre><hr/>";
-				
+
 				// For every field line specified in the query
 				foreach($flds as $fld) {
 					// Extract the field name
 					preg_match("|^([^ ]*)|", trim($fld), $fvals);
 					$fieldname = $fvals[1];
-					
+
 					// Verify the found field name
 					$validfield = true;
 					switch(strtolower($fieldname))
@@ -397,18 +772,18 @@ function dbDelta($queries, $execute = true) {
 						break;
 					}
 					$fld = trim($fld);
-					
+
 					// If it's a valid field, add it to the field array
 					if($validfield) {
 						$cfields[strtolower($fieldname)] = trim($fld, ", \n");
 					}
 				}
-				
+
 				// Fetch the table column structure from the database
 				$tablefields = $wpdb->get_results("DESCRIBE {$table};");
-								
+
 				// For every field in the table
-				foreach($tablefields as $tablefield) {				
+				foreach($tablefields as $tablefield) {
 					// If the table field exists in the field array...
 					if(array_key_exists(strtolower($tablefield->Field), $cfields)) {
 						// Get the field type from the query
@@ -421,7 +796,7 @@ function dbDelta($queries, $execute = true) {
 							$cqueries[] = "ALTER TABLE {$table} CHANGE COLUMN {$tablefield->Field} " . $cfields[strtolower($tablefield->Field)];
 							$for_update[$table.'.'.$tablefield->Field] = "Changed type of {$table}.{$tablefield->Field} from {$tablefield->Type} to {$fieldtype}";
 						}
-						
+
 						// Get the default value from the array
 							//echo "{$cfields[strtolower($tablefield->Field)]}<br>";
 						if(preg_match("| DEFAULT '(.*)'|i", $cfields[strtolower($tablefield->Field)], $matches)) {
@@ -448,11 +823,11 @@ function dbDelta($queries, $execute = true) {
 					$cqueries[] = "ALTER TABLE {$table} ADD COLUMN $fielddef";
 					$for_update[$table.'.'.$fieldname] = 'Added column '.$table.'.'.$fieldname;
 				}
-				
+
 				// Index stuff goes here
 				// Fetch the table index structure from the database
 				$tableindices = $wpdb->get_results("SHOW INDEX FROM {$table};");
-				
+
 				if($tableindices) {
 					// Clear the index array
 					unset($index_ary);
@@ -481,7 +856,7 @@ function dbDelta($queries, $execute = true) {
 						}
 						$index_columns = '';
 						// For each column in the index
-						foreach($index_data['columns'] as $column_data) {					
+						foreach($index_data['columns'] as $column_data) {
 							if($index_columns != '') $index_columns .= ',';
 							// Add the field to the column list string
 							$index_columns .= $column_data['fieldname'];
@@ -489,7 +864,7 @@ function dbDelta($queries, $execute = true) {
 								$index_columns .= '('.$column_data['subpart'].')';
 							}
 						}
-						// Add the column list to the index create string 
+						// Add the column list to the index create string
 						$index_string .= ' ('.$index_columns.')';
 
 						if(!(($aindex = array_search($index_string, $indices)) === false)) {
@@ -562,7 +937,7 @@ function make_site_theme_from_oldschool($theme_name, $template) {
 
 		if ($oldfile == 'index.php') { // Check to make sure it's not a new index
 			$index = implode('', file("$oldpath/$oldfile"));
-			if ( strstr( $index, 'WP_USE_THEMES' ) ) {
+			if (strpos($index, 'WP_USE_THEMES') !== false) {
 				if (! @copy(ABSPATH . 'wp-content/themes/default/index.php', "$site_dir/$newfile"))
 					return false;
 				continue; // Don't copy anything
@@ -634,12 +1009,12 @@ function make_site_theme_from_default($theme_name, $template) {
 		$f = fopen("$site_dir/style.css", 'w');
 
 		foreach ($stylelines as $line) {
-			if (strstr($line, "Theme Name:")) $line = "Theme Name: $theme_name";
-			elseif (strstr($line, "Theme URI:")) $line = "Theme URI: " . __get_option('siteurl');
-			elseif (strstr($line, "Description:")) $line = "Description: Your theme";
-			elseif (strstr($line, "Version:")) $line = "Version: 1";
-			elseif (strstr($line, "Author:")) $line = "Author: You";
-			fwrite($f, "{$line}\n");
+			if (strpos($line, 'Theme Name:') !== false) $line = 'Theme Name: ' . $theme_name;
+			elseif (strpos($line, 'Theme URI:') !== false) $line = 'Theme URI: ' . __get_option('url');
+			elseif (strpos($line, 'Description:') !== false) $line = 'Description: Your theme.';
+			elseif (strpos($line, 'Version:') !== false) $line = 'Version: 1';
+			elseif (strpos($line, 'Author:') !== false) $line = 'Author: You';
+			fwrite($f, $line . "\n");
 		}
 		fclose($f);
 	}
@@ -703,4 +1078,47 @@ function make_site_theme() {
 	}
 	return $template;
 }
+
+function translate_level_to_role($level) {
+	switch ($level) {
+	case 10:
+	case 9:
+	case 8:
+		return 'administrator';
+	case 7:
+	case 6:
+	case 5:
+		return 'editor';
+	case 4:
+	case 3:
+	case 2:
+		return 'author';
+	case 1:
+		return 'contributor';
+	case 0:
+		return 'subscriber';
+	}
+}
+
+function wp_check_mysql_version() {
+	global $wp_version;
+
+	// Make sure the server has MySQL 4.0
+	$mysql_version = preg_replace('|[^0-9\.]|', '', @mysql_get_server_info());
+	if ( version_compare($mysql_version, '4.0.0', '<') )
+		die(sprintf(__('<strong>ERROR</strong>: WordPress %s requires MySQL 4.0.0 or higher'), $wp_version));
+}
+
+function maybe_disable_automattic_widgets() {
+	$plugins = __get_option( 'active_plugins' );
+	
+	foreach ( (array) $plugins as $plugin ) {
+		if ( basename( $plugin ) == 'widgets.php' ) {
+			array_splice( $plugins, array_search( $plugin, $plugins ), 1 );
+			update_option( 'active_plugins', $plugins );
+			break;
+		}
+	}
+}
+
 ?>