Oops. Personal debug code that slipped in.

git-svn-id: http://svn.automattic.com/wordpress/branches/2.3@7587 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Sanitize "cat" query var and cast to int before looking for a category template
2008-04-02 13:19:00 +00:00 · 2008-04-02 13:15:21 +00:00 · 2008-02-27 21:22:25 +00:00 · 2008-02-27 21:19:59 +00:00 · 2008-02-13 18:17:47 +00:00 · 2008-02-13 17:53:52 +00:00
385 changed files with 72076 additions and 32163 deletions
--- a/index.php
+++ b/index.php
@@ -1,4 +1,4 @@
-<?php 
+<?php
 /* Short and sweet */
 define('WP_USE_THEMES', true);
 require('./wp-blog-header.php');
--- a/readme.html
+++ b/readme.html
@@ -1,112 +1,83 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-<title>WordPress &rsaquo; ReadMe</title>
-<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-<style type="text/css" media="screen">
-	<!--
-	html {
-		background: #eee;
-	}
-	body {
-		background: #fff;
-		color: #000;
-		font-family: Georgia, "Times New Roman", Times, serif;
-		margin-left: 25%;
-		margin-right: 25%;
-		padding: .2em 2em;
-	}
-	
-	h1 {
-		color: #006;
-		font-size: 18px;
-		font-weight: lighter;
-	}
-	
-	h2 {
-		font-size: 16px;
-	}
-	
-	p, li, dt {
-		line-height: 140%;
-		padding-bottom: 2px;
-	}
-
-	ul, ol {
-		padding: 5px 5px 5px 20px;
-	}
-	-->
-	</style>
+	<title>WordPress &rsaquo; ReadMe</title>
+	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+	<link rel="stylesheet" href="wp-admin/css/install.css" type="text/css" />
 </head>
 <body>
-<h1 style="text-align: center"><img alt="WordPress" src="http://wordpress.org/images/wordpress.gif" /> <br />
-	Version 2.0</h1>
-<p style="text-align: center"> Semantic Personal Publishing Platform </p>
+<h1 id="logo" style="text-align: center">
+	<img alt="WordPress" src="wp-admin/images/wordpress-logo.png" />
+	<br /> Version 2.3
+</h1>
+<p style="text-align: center">Semantic Personal Publishing Platform</p>
+
 <h1>First Things First</h1>
 <p>Welcome. WordPress is a very special project to me. Every developer and contributor adds something unique to the mix, and together we create something beautiful that I'm proud to be a part of. Thousands of hours have gone into WordPress, and we're dedicated to making it better every day. Thank you for making it part of your world.</p>
-<p style="text-align: right;">&#8212; Matt Mullenweg </p>
+<p style="text-align: right;">&#8212; Matt Mullenweg</p>

-<h1 id="installation">Installation: Famous 5-minute install</h1>
+<h1>Installation: Famous 5-minute install</h1>
 <ol>
-	<li>Unzip the package in an empty directory</li>
-	<li>Open up <code>wp-config-sample.php</code> with a text editor like WordPad or similar and fill in your database connection details</li>
-	<li>Save the file as <code>wp-config.php</code> </li>
+	<li>Unzip the package in an empty directory.</li>
+	<li>Open up <code>wp-config-sample.php</code> with a text editor like WordPad or similar and fill in your database connection details.</li>
+	<li>Save the file as <code>wp-config.php</code></li>
 	<li>Upload everything.</li>
-	<li>Open <span class="file"><a href="wp-admin/install.php">/wp-admin/install.php</a></span> in your browser. This should setup the tables needed for your blog. If there is an error, double check your <span class="file">wp-config.php</span> file, and try again. If it fails again, please go to the <a href="http://wordpress.org/support/">support forums</a> with as much data as you can gather. </li>
+	<li>Open <span class="file"><a href="wp-admin/install.php">/wp-admin/install.php</a></span> in your browser. This should setup the tables needed for your blog. If there is an error, double check your <span class="file">wp-config.php</span> file, and try again. If it fails again, please go to the <a href="http://wordpress.org/support/">support forums</a> with as much data as you can gather.</li>
 	<li><strong>Note the password given to you.</strong></li>
 	<li> The install script should then send you to the <a href="wp-login.php">login page</a>. Sign in with the username <code>admin</code> and the password generated during the installation. You can then click on 'Profile' to change the password.</li>
 </ol>

 <h1>Upgrading</h1>
 <p>Before you upgrade anything, make sure you have backup copies of any files you may have modified such as <code>index.php</code>.</p>
-<h2>Upgrading from any previous WordPress to 2.0:</h2>
+<h2>Upgrading from any previous WordPress to 2.3:</h2>
 <ol>
-	<li>Delete your old WP files, saving ones you've modified </li>
-	<li>Upload the new files</li>
-	<li>Point your browser to <span class="file"><a href="wp-admin/upgrade.php">/wp-admin/upgrade.php</a></span></li>
+	<li>Delete your old WP files, saving ones you've modified.</li>
+	<li>Upload the new files.</li>
+	<li>Point your browser to <span class="file"><a href="wp-admin/upgrade.php">/wp-admin/upgrade.php</a>.</span></li>
 	<li>You wanted more, perhaps? That's it!</li>
 </ol>
 <h2>Template Changes</h2>
 <p>If you have customized your templates you will probably have to make some changes to them. If you're converting your 1.2 or earlier templates, <a href="http://codex.wordpress.org/Upgrade_1.2_to_1.5">we've created a special guide for you</a>. </p>
+
 <h1>Online Resources</h1>
 <p>If you have any questions that aren't addressed in this document, please take advantage of WordPress' numerous online resources:</p>
 <dl>
 	<dt><a href="http://codex.wordpress.org/">The WordPress Codex </a></dt>
-	<dd>The Codex is the encyclopedia of all things WordPress. It is the most comprehensive source of information for WordPress available. </dd>
+		<dd>The Codex is the encyclopedia of all things WordPress. It is the most comprehensive source of information for WordPress available.</dd>
 	<dt><a href="http://wordpress.org/development/">The Development Blog</a></dt>
-	<dd>This is where you'll find the latest updates and news related to WordPress. Bookmark and check often. </dd>
+		<dd>This is where you'll find the latest updates and news related to WordPress. Bookmark and check often.</dd>
 	<dt><a href="http://planet.wordpress.org/">WordPress Planet </a></dt>
-	<dd>The WordPress Planet is a news aggregator that brings together posts from WordPress blogs around the web. </dd>
+		<dd>The WordPress Planet is a news aggregator that brings together posts from WordPress blogs around the web.</dd>
 	<dt><a href="http://wordpress.org/support/">WordPress Support Forums</a></dt>
-	<dd>If you've looked everywhere and still can't find an answer, the support forums are very active and have a large community ready to help. To help them help you be sure to use a descriptive thread title and describe your question in as much detail as possible. </dd>
+		<dd>If you've looked everywhere and still can't find an answer, the support forums are very active and have a large community ready to help. To help them help you be sure to use a descriptive thread title and describe your question in as much detail as possible.</dd>
 	<dt><a href="http://codex.wordpress.org/IRC">WordPress IRC Channel</a></dt>
-	<dd>Finally, there is an online chat channel that is used for discussion amoung people who use WordPress and occasionally support topics. The above wiki page should point you in the right direction. (irc.freenode.net #wordpresss) </dd>
+		<dd>Finally, there is an online chat channel that is used for discussion among people who use WordPress and occasionally support topics. The above wiki page should point you in the right direction. (<a href="irc://irc.freenode.net/wordpress">irc.freenode.net #wordpress</a>)</dd>
 </dl>

-<h1 id="requirements">System Recommendations</h1>
+<h1>System Recommendations</h1>
 <ul>
-	<li>PHP version <strong>4.1</strong> or higher</li>
-	<li>MySQL version <strong>3.23.23</strong> or higher</li>
+	<li>PHP version <strong>4.2</strong> or higher.</li>
+	<li>MySQL version <strong>4.0</strong> or higher.</li>
 	<li>... and a link to <a href="http://wordpress.org/">http://wordpress.org</a> on your site.</li>
 </ul>
-<p>WordPress is the official continuation of <a href="http://cafelog.com/">b2/caf&eacute;log</a>, which came from Michel V. The work has been continued by the <a href="http://wordpress.org/about/">WordPress developers</a>. If you would like to support WordPress, please consider <a href="http://wordpress.org/donate/">donating</a>. </p>
+<p>WordPress is the official continuation of <a href="http://cafelog.com/">b2/caf&eacute;log</a>, which came from Michel V. The work has been continued by the <a href="http://wordpress.org/about/">WordPress developers</a>. If you would like to support WordPress, please consider <a href="http://wordpress.org/donate/">donating</a>.</p>

 <h1>Upgrading from another system</h1>
-<p>WordPress can <a href="http://codex.wordpress.org/Importing_from_other_blogging_software">import from a number of systems</a>. First you need to get WordPress installed and working as described above.</p>
+<p>WordPress can <a href="http://codex.wordpress.org/Importing_Content">import from a number of systems</a>. First you need to get WordPress installed and working as described above.</p>

-<h1 id="templates">XML-RPC Interface</h1>
-<p>You can now post to your WordPress blog with tools like <a href="http://ecto.kung-foo.tv/">Ecto</a>, <a href="http://blogbuddy.sourceforge.net">BlogBuddy</a>, <a href="http://bloggar.com/">Bloggar</a>, <a href="http://www.ubique.ch/wapblogger/">WapBlogger</a> (post from your Wap cellphone!), <a href="http://radio.userland.com">Radio Userland</a> (which means you can use Radio's email-to-blog feature), <a href="http://www.zempt.com/">Zempt</a>, <a href="http://www.newzcrawler.com/">NewzCrawler</a>, and other tools that support the Blogging APIs! :) You can read more about <a href="http://codex.wordpress.org/XML-RPC_Support">XML-RPC support on the Codex</a>.</p>
+<h1>XML-RPC and Atom Interface</h1>
+<p>You can now post to your WordPress blog with tools like <a href="http://windowslivewriter.spaces.live.com/">Windows Live Writer</a>, <a href="http://ecto.kung-foo.tv/">Ecto</a>, <a href="http://bloggar.com/">Bloggar</a>, <a href="http://radio.userland.com">Radio Userland</a> (which means you can use Radio's email-to-blog feature), <a href="http://www.newzcrawler.com/">NewzCrawler</a>, and other tools that support the Blogging APIs! :) You can read more about <a href="http://codex.wordpress.org/XML-RPC_Support">XML-RPC support on the Codex</a>.</p>

 <h1>Post via Email</h1>
-<p>You can post from an email client! To set this up go to your &quot;Writing&quot; options screen and fill in the connection details for your secret POP3 account. Then you need to set up <code>wp-mail.php</code> to execute periodically to check the mailbox for new posts. You can do it with Cron-jobs, or if your host doesn't support it you can look into the various website-monitoring services, and make them check your <code>wp-mail.php</code> URL. </p>
-<p> Posting is easy: Any email sent to the address you specify will be posted, with the subject as the title. It is best to keep the address dicrete. The script will <i>delete</i> emails that are successfully posted. </p>
-<h1 id="roles">User Roles </h1>
+<p>You can post from an email client! To set this up go to your &quot;Writing&quot; options screen and fill in the connection details for your secret POP3 account. Then you need to set up <code>wp-mail.php</code> to execute periodically to check the mailbox for new posts. You can do it with Cron-jobs, or if your host doesn't support it you can look into the various website-monitoring services, and make them check your <code>wp-mail.php</code> URL.</p>
+<p>Posting is easy: Any email sent to the address you specify will be posted, with the subject as the title. It is best to keep the address dicrete. The script will <i>delete</i> emails that are successfully posted.</p>

+<h1>User Roles</h1>
 <p>We've eliminated user levels in order to make way for the much more flexible roles system introduced in 2.0. You can <a href="http://codex.wordpress.org/Roles_and_Capabilities">read more about Roles and Capabilities on the Codex</a>.</p>

 <h1> Final notes</h1>
 <ul>
-	<li>If you have any suggestions, ideas, comments, or if you (gasp!) found a bug, join us in the <a href="http://wordpress.org/support/">Support Forums</a></li>
+	<li>If you have any suggestions, ideas, comments, or if you (gasp!) found a bug, join us in the <a href="http://wordpress.org/support/">Support Forums</a>.</li>
 	<li>WordPress now has a robust plugin API that makes extending the code easy. If you are a developer interested in utilizing this see the <a href="http://codex.wordpress.org/Plugin_API">plugin documentation in the Codex</a>. In most all cases you shouldn't modify any of the core code.</li>
 </ul>

@@ -117,4 +88,4 @@
 <p>WordPress is released under the <abbr title="GNU Public License">GPL</abbr> (see <a href="license.txt">license.txt</a>).</p>

 </body>
-</html>
+</html>
--- a/wp-admin/admin-ajax.php
+++ b/wp-admin/admin-ajax.php
@@ -0,0 +1,320 @@
+<?php
+require_once('../wp-config.php');
+require_once('includes/admin.php');
+
+define('DOING_AJAX', true);
+
+check_ajax_referer();
+if ( !is_user_logged_in() )
+	die('-1');
+
+function get_out_now() { exit; }
+add_action( 'shutdown', 'get_out_now', -1 );
+
+function wp_ajax_meta_row( $pid, $mid, $key, $value ) {
+	$value = attribute_escape($value);
+	$key_js = addslashes(wp_specialchars($key, 'double'));
+	$key = attribute_escape($key);
+	$r .= "<tr id='meta-$mid'><td valign='top'>";
+	$r .= "<input name='meta[$mid][key]' tabindex='6' onkeypress='return killSubmit(\"theList.ajaxUpdater(&#039;meta&#039;,&#039;meta-$mid&#039;);\",event);' type='text' size='20' value='$key' />";
+	$r .= "</td><td><textarea name='meta[$mid][value]' tabindex='6' rows='2' cols='30'>$value</textarea></td><td align='center'>";
+	$r .= "<input name='updatemeta' type='button' class='updatemeta' tabindex='6' value='".attribute_escape(__('Update'))."' onclick='return theList.ajaxUpdater(&#039;meta&#039;,&#039;meta-$mid&#039;);' /><br />";
+	$r .= "<input name='deletemeta[$mid]' type='submit' onclick=\"return deleteSomething( 'meta', $mid, '";
+	$r .= js_escape(sprintf(__("You are about to delete the '%s' custom field on this post.\n'OK' to delete, 'Cancel' to stop."), $key_js));
+	$r .= "' );\" class='deletemeta' tabindex='6' value='".attribute_escape(__('Delete'))."' /></td></tr>";
+	return $r;
+}
+
+$id = (int) $_POST['id'];
+switch ( $_POST['action'] ) :
+case 'delete-comment' :
+	if ( !$comment = get_comment( $id ) )
+		die('0');
+	if ( !current_user_can( 'edit_post', $comment->comment_post_ID ) )
+		die('-1');
+
+	if ( wp_delete_comment( $comment->comment_ID ) )
+		die('1');
+	else	die('0');
+	break;
+case 'delete-comment-as-spam' :
+	if ( !$comment = get_comment( $id ) )
+		die('0');
+	if ( !current_user_can( 'edit_post', $comment->comment_post_ID ) )
+		die('-1');
+
+	if ( wp_set_comment_status( $comment->comment_ID, 'spam' ) )
+		die('1');
+	else	die('0');
+	break;
+case 'delete-cat' :
+	if ( !current_user_can( 'manage_categories' ) )
+		die('-1');
+
+	if ( wp_delete_category( $id ) )
+		die('1');
+	else	die('0');
+	break;
+case 'delete-link' :
+	if ( !current_user_can( 'manage_links' ) )
+		die('-1');
+
+	if ( wp_delete_link( $id ) )
+		die('1');
+	else	die('0');
+	break;
+case 'delete-meta' :
+	if ( !$meta = get_post_meta_by_id( $id ) )
+		die('0');
+	if ( !current_user_can( 'edit_post', $meta->post_id ) )
+		die('-1');
+	if ( delete_meta( $meta->meta_id ) )
+		die('1');
+	die('0');
+	break;
+case 'delete-post' :
+	if ( !current_user_can( 'delete_post', $id ) )
+		die('-1');
+
+	if ( wp_delete_post( $id ) )
+		die('1');
+	else	die('0');
+	break;
+case 'delete-page' :
+	if ( !current_user_can( 'delete_page', $id ) )
+		die('-1');
+
+	if ( wp_delete_post( $id ) )
+		die('1');
+	else	die('0');
+	break;
+case 'dim-comment' :
+	if ( !$comment = get_comment( $id ) )
+		die('0');
+	if ( !current_user_can( 'edit_post', $comment->comment_post_ID ) )
+		die('-1');
+	if ( !current_user_can( 'moderate_comments' ) )
+		die('-1');
+
+	if ( 'unapproved' == wp_get_comment_status($comment->comment_ID) ) {
+		if ( wp_set_comment_status( $comment->comment_ID, 'approve' ) )
+			die('1');
+	} else {
+		if ( wp_set_comment_status( $comment->comment_ID, 'hold' ) )
+			die('1');
+	}
+	die('0');
+	break;
+case 'add-category' : // On the Fly
+	if ( !current_user_can( 'manage_categories' ) )
+		die('-1');
+	$names = explode(',', $_POST['newcat']);
+	$x = new WP_Ajax_Response();
+	foreach ( $names as $cat_name ) {
+		$cat_name = trim($cat_name);
+		if ( !$category_nicename = sanitize_title($cat_name) )
+			die('0');
+		if ( !$cat_id = category_exists( $cat_name ) )
+			$cat_id = wp_create_category( $cat_name );
+		$cat_name = wp_specialchars(stripslashes($cat_name));
+		$x->add( array(
+			'what' => 'category',
+			'id' => $cat_id,
+			'data' => "<li id='category-$cat_id'><label for='in-category-$cat_id' class='selectit'><input value='$cat_id' type='checkbox' checked='checked' name='post_category[]' id='in-category-$cat_id'/> $cat_name</label></li>"
+		) );
+	}
+	$x->send();
+	break;
+case 'add-link-category' : // On the Fly
+	if ( !current_user_can( 'manage_categories' ) )
+		die('-1');
+	$names = explode(',', $_POST['newcat']);
+	$x = new WP_Ajax_Response();
+	foreach ( $names as $cat_name ) {
+		$cat_name = trim($cat_name);
+		if ( !$slug = sanitize_title($cat_name) )
+			die('0');
+		if ( !$cat_id = is_term( $cat_name, 'link_category' ) ) {
+			$cat_id = wp_insert_term( $cat_name, 'link_category' );
+			$cat_id = $cat_id['term_id'];
+		}
+		$cat_name = wp_specialchars(stripslashes($cat_name));
+		$x->add( array(
+			'what' => 'link-category',
+			'id' => $cat_id,
+			'data' => "<li id='link-category-$cat_id'><label for='in-link-category-$cat_id' class='selectit'><input value='$cat_id' type='checkbox' checked='checked' name='link_category[]' id='in-link-category-$cat_id'/> $cat_name</label></li>"
+		) );
+	}
+	$x->send();
+	break;
+case 'add-cat' : // From Manage->Categories
+	if ( !current_user_can( 'manage_categories' ) )
+		die('-1');
+	if ( !$cat = wp_insert_category( $_POST ) )
+		die('0');
+	if ( !$cat = get_category( $cat ) )
+		die('0');
+	$level = 0;
+	$cat_full_name = $cat->cat_name;
+	$_cat = $cat;
+	while ( $_cat->category_parent ) {
+		$_cat = get_category( $_cat->category_parent );
+		$cat_full_name = $_cat->cat_name . ' &#8212; ' . $cat_full_name;
+		$level++;
+	}
+	$cat_full_name = attribute_escape($cat_full_name);
+
+	$x = new WP_Ajax_Response( array(
+		'what' => 'cat',
+		'id' => $cat->cat_ID,
+		'data' => _cat_row( $cat, $level, $cat_full_name ),
+		'supplemental' => array('name' => $cat_full_name, 'show-link' => sprintf(__( 'Category <a href="#%s">%s</a> added' ), "cat-$cat->cat_ID", $cat_full_name))
+	) );
+	$x->send();
+	break;
+case 'add-comment' :
+	if ( !current_user_can( 'edit_post', $id ) )
+		die('-1');
+	$search = isset($_POST['s']) ? $_POST['s'] : false;
+	$start = isset($_POST['page']) ? intval($_POST['page']) * 25 : 25;
+
+	list($comments, $total) = _wp_get_comment_list( $search, $start, 1 );
+
+	if ( !$comments )
+		die('1');
+	$x = new WP_Ajax_Response();
+	foreach ( (array) $comments as $comment ) {
+		get_comment( $comment );
+		ob_start();
+			_wp_comment_list_item( $comment->comment_ID );
+			$comment_list_item = ob_get_contents();
+		ob_end_clean();
+		$x->add( array(
+			'what' => 'comment',
+			'id' => $comment->comment_ID,
+			'data' => $comment_list_item
+		) );
+	}
+	$x->send();
+	break;
+case 'add-meta' :
+	if ( !current_user_can( 'edit_post', $id ) )
+		die('-1');
+	if ( $id < 0 ) {
+		$now = current_time('timestamp', 1);
+		if ( $pid = wp_insert_post( array(
+			'post_title' => sprintf('Draft created on %s at %s', date(get_option('date_format'), $now), date(get_option('time_format'), $now))
+		) ) ) {
+			if ( is_wp_error( $pid ) )
+				return $pid;
+			$mid = add_meta( $pid );
+		}
+		else
+			die('0');
+	} else if ( !$mid = add_meta( $id ) ) {
+		die('0');
+	}
+
+	$meta = get_post_meta_by_id( $mid );
+	$key = $meta->meta_key;
+	$value = $meta->meta_value;
+	$pid = (int) $meta->post_id;
+
+	$x = new WP_Ajax_Response( array(
+		'what' => 'meta',
+		'id' => $mid,
+		'data' => wp_ajax_meta_row( $pid, $mid, $key, $value ),
+		'supplemental' => array('postid' => $pid)
+	) );
+	$x->send();
+	break;
+case 'update-meta' :
+	$mid = (int) array_pop(array_keys($_POST['meta']));
+	$key = $_POST['meta'][$mid]['key'];
+	$value = $_POST['meta'][$mid]['value'];
+	if ( !$meta = get_post_meta_by_id( $mid ) )
+		die('0'); // if meta doesn't exist
+	if ( !current_user_can( 'edit_post', $meta->post_id ) )
+		die('-1');
+	if ( $u = update_meta( $mid, $key, $value ) ) {
+		$key = stripslashes($key);
+		$value = stripslashes($value);
+		$x = new WP_Ajax_Response( array(
+			'what' => 'meta',
+			'id' => $mid,
+			'data' => wp_ajax_meta_row( $meta->post_id, $mid, $key, $value ),
+			'supplemental' => array('postid' => $meta->post_id)
+		) );
+		$x->send();
+	}
+	die('1'); // We know meta exists; we also know it's unchanged (or DB error, in which case there are bigger problems).
+	break;
+case 'add-user' :
+	if ( !current_user_can('edit_users') )
+		die('-1');
+	require_once(ABSPATH . WPINC . '/registration.php');
+	if ( !$user_id = add_user() )
+		die('0');
+	elseif ( is_wp_error( $user_id ) ) {
+		foreach( $user_id->get_error_messages() as $message )
+			echo "<p>$message<p>";
+		exit;
+	}
+	$user_object = new WP_User( $user_id );
+	$x = new WP_Ajax_Response( array(
+		'what' => 'user',
+		'id' => $user_id,
+		'data' => user_row( $user_object ),
+		'supplemental' => array('show-link' => sprintf(__( 'User <a href="#%s">%s</a> added' ), "user-$user_id", $user_object->user_login))
+	) );
+	$x->send();
+	break;
+case 'autosave' : // The name of this action is hardcoded in edit_post()
+	$_POST['post_content'] = $_POST['content'];
+	$_POST['post_excerpt'] = $_POST['excerpt'];
+	$_POST['post_status'] = 'draft';
+	$_POST['post_category'] = explode(",", $_POST['catslist']);
+	if($_POST['post_type'] == 'page' || empty($_POST['post_category']))
+		unset($_POST['post_category']);
+
+	if($_POST['post_ID'] < 0) {
+		$_POST['temp_ID'] = $_POST['post_ID'];
+		$id = wp_write_post();
+		if( is_wp_error($id) )
+			die($id->get_error_message());
+		else
+			die("$id");
+	} else {
+		$post_ID = (int) $_POST['post_ID'];
+		$_POST['ID'] = $post_ID;
+		$post = get_post($post_ID);
+		if ( 'page' == $post->post_type ) {
+			if ( !current_user_can('edit_page', $post_ID) )
+				die(__('You are not allowed to edit this page.'));
+		} else {
+			if ( !current_user_can('edit_post', $post_ID) )
+				die(__('You are not allowed to edit this post.'));
+		}
+		wp_update_post($_POST);
+	}
+	die('0');
+break;
+case 'autosave-generate-nonces' :
+	$ID = (int) $_POST['post_ID'];
+	if($_POST['post_type'] == 'post') {
+		if(current_user_can('edit_post', $ID))
+			die(wp_create_nonce('update-post_' . $ID));
+	}
+	if($_POST['post_type'] == 'page') {
+		if(current_user_can('edit_page', $ID)) {
+			die(wp_create_nonce('update-page_' . $ID));
+		}
+	}
+	die('0');
+break;
+default :
+	do_action( 'wp_ajax_' . $_POST['action'] );
+	die('0');
+	break;
+endswitch;
+?>
--- a/wp-admin/admin-db.php
+++ b/wp-admin/admin-db.php
@@ -1,349 +0,0 @@
-<?php
-
-function get_users_drafts( $user_id ) {
-	global $wpdb;
-	$user_id = (int) $user_id;
-	$query = "SELECT ID, post_title FROM $wpdb->posts WHERE post_status = 'draft' AND post_author = $user_id ORDER BY ID DESC";
-	$query = apply_filters('get_users_drafts', $query);
-	return $wpdb->get_results( $query );
-}
-
-function get_others_drafts( $user_id ) {
-	global $wpdb;
-	$user = get_userdata( $user_id );
-	$level_key = $wpdb->prefix . 'user_level';
-
-	$editable = get_editable_user_ids( $user_id );
-	
-	if( !$editable ) {
-		$other_drafts = '';
-	} else {
-		$editable = join(',', $editable);
-		$other_drafts = $wpdb->get_results("SELECT ID, post_title FROM $wpdb->posts WHERE post_status = 'draft' AND post_author IN ($editable) AND post_author != '$user_id' ");
-	}
-
-	return apply_filters('get_others_drafts', $other_drafts);
-}
-
-function get_editable_authors( $user_id ) {
-	global $wpdb;
-
-	$editable = get_editable_user_ids( $user_id );
-
-	if( !$editable ) {
-		return false;
-	} else {
-		$editable = join(',', $editable);
-		$authors = $wpdb->get_results( "SELECT * FROM $wpdb->users WHERE ID IN ($editable)" );
-	}
-
-	return apply_filters('get_editable_authors', $authors);
-}
-
-function get_editable_user_ids( $user_id, $exclude_zeros = true ) {
-	global $wpdb;
-	
-	$user = new WP_User( $user_id );
-	
-	if ( ! $user->has_cap('edit_others_posts') ) {
-		if ( $user->has_cap('edit_posts') || $exclude_zeros == false )
-			return array($user->id);
-		else 
-			return false;
-	}
-
-	$level_key = $wpdb->prefix . 'user_level';
-
-	$query = "SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '$level_key'";
-	if ( $exclude_zeros )
-		$query .= " AND meta_value != '0'";
-		
-	return $wpdb->get_col( $query );
-}
-
-function get_author_user_ids() {
-	global $wpdb;
-	$level_key = $wpdb->prefix . 'user_level';
-
-	$query = "SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '$level_key' AND meta_value != '0'";
-
-	return $wpdb->get_col( $query );
-}
-
-function get_nonauthor_user_ids() {
-	global $wpdb;
-	$level_key = $wpdb->prefix . 'user_level';
-
-	$query = "SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '$level_key' AND meta_value = '0'";
-
-	return $wpdb->get_col( $query );
-}
-
-function wp_insert_category($catarr) {
-	global $wpdb;
-
-	extract($catarr);
-
-	$cat_ID = (int) $cat_ID;
-
-	// Are we updating or creating?
-	if (!empty ($cat_ID))
-		$update = true;
-	else
-		$update = false;
-
-	$cat_name = wp_specialchars($cat_name);
-
-	if (empty ($category_nicename))
-		$category_nicename = sanitize_title($cat_name);
-	else
-		$category_nicename = sanitize_title($category_nicename);
-
-	if (empty ($category_description))
-		$category_description = '';
-
-	if (empty ($category_parent))
-		$category_parent = 0;
-
-	if (!$update) {
-		$wpdb->query("INSERT INTO $wpdb->categories (cat_ID, cat_name, category_nicename, category_description, category_parent) VALUES ('0', '$cat_name', '$category_nicename', '$category_description', '$category_parent')");
-		$cat_ID = $wpdb->insert_id;
-	} else {
-		$wpdb->query ("UPDATE $wpdb->categories SET cat_name = '$cat_name', category_nicename = '$category_nicename', category_description = '$category_description', category_parent = '$category_parent' WHERE cat_ID = '$cat_ID'");
-	}
-	
-	if ( $category_nicename == '' ) {
-		$category_nicename = sanitize_title($cat_name, $cat_ID );
-		$wpdb->query( "UPDATE $wpdb->categories SET category_nicename = '$category_nicename' WHERE cat_ID = '$cat_ID'" );
-	}
-
-	wp_cache_delete($cat_ID, 'category');
-
-	if ($update) {
-		do_action('edit_category', $cat_ID);
-	} else {
-		wp_cache_delete('all_category_ids', 'category');
-		do_action('create_category', $cat_ID);
-		do_action('add_category', $cat_ID);
-	}
-
-	return $cat_ID;
-}
-
-function wp_update_category($catarr) {
-	global $wpdb;
-
-	$cat_ID = (int) $catarr['cat_ID'];
-
-	// First, get all of the original fields
-	$category = get_category($cat_ID, ARRAY_A);
-
-	// Escape data pulled from DB.
-	$category = add_magic_quotes($category);
-
-	// Merge old and new fields with new fields overwriting old ones.
-	$catarr = array_merge($category, $catarr);
-
-	return wp_insert_category($catarr);
-}
-
-function wp_delete_category($cat_ID) {
-	global $wpdb;
-
-	$cat_ID = (int) $cat_ID;
-
-	// Don't delete the default cat.
-	if (1 == $cat_ID)
-		return 0;
-
-	$category = get_category($cat_ID);
-
-	$parent = $category->category_parent;
-
-	// Delete the category.
-	$wpdb->query("DELETE FROM $wpdb->categories WHERE cat_ID = '$cat_ID'");
-
-	// Update children to point to new parent.
-	$wpdb->query("UPDATE $wpdb->categories SET category_parent = '$parent' WHERE category_parent = '$cat_ID'");
-
-	// TODO: Only set categories to general if they're not in another category already
-	$wpdb->query("UPDATE $wpdb->post2cat SET category_id='1' WHERE category_id='$cat_ID'");
-
-	wp_cache_delete($cat_ID, 'category');
-	wp_cache_delete('all_category_ids', 'category');
-
-	do_action('delete_category', $cat_ID);
-
-	return 1;
-}
-
-function wp_create_category($cat_name) {
-	$cat_array = compact('cat_name');
-	return wp_insert_category($cat_array);
-}
-
-function wp_create_categories($categories, $post_id = '') {
-	$cat_ids = array ();
-	foreach ($categories as $category) {
-		if ($id = category_exists($category))
-			$cat_ids[] = $id;
-		else
-			if ($id = wp_create_category($category))
-				$cat_ids[] = $id;
-	}
-
-	if ($post_id)
-		wp_set_post_cats('', $post_id, $cat_ids);
-
-	return $cat_ids;
-}
-
-function category_exists($cat_name) {
-	global $wpdb;
-	if (!$category_nicename = sanitize_title($cat_name))
-		return 0;
-
-	return $wpdb->get_var("SELECT cat_ID FROM $wpdb->categories WHERE category_nicename = '$category_nicename'");
-}
-
-function wp_delete_user($id, $reassign = 'novalue') {
-	global $wpdb;
-
-	$id = (int) $id;
-	$user = get_userdata($id);
-
-	if ($reassign == 'novalue') {
-		$post_ids = $wpdb->get_col("SELECT ID FROM $wpdb->posts WHERE post_author = $id");
-
-		if ($post_ids) {
-			foreach ($post_ids as $post_id)
-				wp_delete_post($post_id);
-		}
-
-		// Clean links
-		$wpdb->query("DELETE FROM $wpdb->links WHERE link_owner = $id");
-	} else {
-		$reassign = (int) $reassign;
-		$wpdb->query("UPDATE $wpdb->posts SET post_author = {$reassign} WHERE post_author = {$id}");
-		$wpdb->query("UPDATE $wpdb->links SET link_owner = {$reassign} WHERE link_owner = {$id}");
-	}
-
-	// FINALLY, delete user
-	$wpdb->query("DELETE FROM $wpdb->users WHERE ID = $id");
-	$wpdb->query("DELETE FROM $wpdb->usermeta WHERE user_id = '$id'");
-
-	wp_cache_delete($id, 'users');
-	wp_cache_delete($user->user_login, 'userlogins');
-
-	do_action('delete_user', $id);
-
-	return true;
-}
-
-function get_link($link_id, $output = OBJECT) {
-	global $wpdb;
-	
-	$link = $wpdb->get_row("SELECT * FROM $wpdb->links WHERE link_id = '$link_id'");
-
-	if ( $output == OBJECT ) {
-		return $link;
-	} elseif ( $output == ARRAY_A ) {
-		return get_object_vars($link);
-	} elseif ( $output == ARRAY_N ) {
-		return array_values(get_object_vars($link));
-	} else {
-		return $link;
-	}
-}
-
-function wp_insert_link($linkdata) {
-	global $wpdb, $current_user;
-	
-	extract($linkdata);
-
-	$update = false;
-	if ( !empty($link_id) )
-		$update = true;
-
-	if ( empty($link_rating) )
-		$link_rating = 0;	
-
-	if ( empty($link_target) )
-		$link_target = '';	
-
-	if ( empty($link_visible) )
-		$link_visible = 'Y';
-		
-	if ( empty($link_owner) )
-		$link_owner = $current_user->id;
-
-	if ( empty($link_notes) )
-		$link_notes = '';
-
-	if ( $update ) {
-		$wpdb->query("UPDATE $wpdb->links SET link_url='$link_url',
-			link_name='$link_name', link_image='$link_image',
-			link_target='$link_target', link_category='$link_category',
-			link_visible='$link_visible', link_description='$link_description',
-			link_rating='$link_rating', link_rel='$link_rel',
-			link_notes='$link_notes', link_rss = '$link_rss'
-			WHERE link_id='$link_id'");
-	} else {
-		$wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_image, link_target, link_category, link_description, link_visible, link_owner, link_rating, link_rel, link_notes, link_rss) VALUES('$link_url','$link_name', '$link_image', '$link_target', '$link_category', '$link_description', '$link_visible', '$link_owner', '$link_rating', '$link_rel', '$link_notes', '$link_rss')");
-		$link_id = $wpdb->insert_id;
-	}
-	
-	if ( $update )
-		do_action('edit_link', $link_id);
-	else
-		do_action('add_link', $link_id);
-
-	return $link_id;
-}
-
-function wp_update_link($linkdata) {
-	global $wpdb;
-
-	$link_id = (int) $linkdata['link_id'];
-	
-	$link = get_link($link_id, ARRAY_A);
-	
-	// Escape data pulled from DB.
-	$link = add_magic_quotes($link);
-	
-	// Merge old and new fields with new fields overwriting old ones.
-	$linkdata = array_merge($link, $linkdata);
-
-	return wp_insert_link($linkdata);
-}
-
-function wp_delete_link($link_id) {
-	global $wpdb;
-
-	do_action('delete_link', $link_id);
-	return $wpdb->query("DELETE FROM $wpdb->links WHERE link_id = '$link_id'");	
-}
-
-function post_exists($title, $content = '', $post_date = '') {
-	global $wpdb;
-
-	if (!empty ($post_date))
-		$post_date = "AND post_date = '$post_date'";
-
-	if (!empty ($title))
-		return $wpdb->get_var("SELECT ID FROM $wpdb->posts WHERE post_title = '$title' $post_date");
-	else
-		if (!empty ($content))
-			return $wpdb->get_var("SELECT ID FROM $wpdb->posts WHERE post_content = '$content' $post_date");
-
-	return 0;
-}
-
-function comment_exists($comment_author, $comment_date) {
-	global $wpdb;
-
-	return $wpdb->get_var("SELECT comment_post_ID FROM $wpdb->comments
-			WHERE comment_author = '$comment_author' AND comment_date = '$comment_date'");
-}
-
-?>
--- a/wp-admin/admin-footer.php
+++ b/wp-admin/admin-footer.php
@@ -1,19 +1,13 @@

-<div id="footer"><p><a href="http://wordpress.org/" id="wordpress-logo"><img src="images/wordpress-logo.png" alt="WordPress" /></a></p>
-<p>
-<a href="http://codex.wordpress.org/"><?php _e('Documentation'); ?></a> &#8212; <a href="http://wordpress.org/support/"><?php _e('Support Forums'); ?></a> <br />
-<?php bloginfo('version'); ?> &#8212; <?php printf(__('%s seconds'), number_format(timer_stop(), 2)); ?>
-</p>
+<div id="footer">
+<p><?php

+$upgrade = apply_filters( 'update_footer', '' );
+echo __('Thank you for creating with <a href="http://wordpress.org/">WordPress</a>').' | '.__('<a href="http://codex.wordpress.org/">Documentation</a>').' | '.__('<a href="http://wordpress.org/support/forum/4">Feedback</a>').' '.$upgrade;
+
+?></p>
 </div>
 <?php do_action('admin_footer', ''); ?>
 <script type="text/javascript">if(typeof wpOnload=='function')wpOnload();</script>
-
-<?php
-if ( (substr(php_sapi_name(), 0, 3) == 'cgi') && spawn_pinger() ) {
-	echo '<iframe id="pingcheck" src="' . get_settings('siteurl') .'/wp-admin/execute-pings.php?time=' . time() . '" style="border:none;width:1px;height:1px;"></iframe>';
-}
-?>
-
 </body>
 </html>
--- a/wp-admin/admin-functions.php
+++ b/wp-admin/admin-functions.php
--- a/wp-admin/admin-header.php
+++ b/wp-admin/admin-header.php
@@ -1,71 +1,54 @@
-<?php 
-@header('Content-type: ' . get_option('html_type') . '; charset=' . get_option('blog_charset'));
+<?php
+@header('Content-Type: ' . get_option('html_type') . '; charset=' . get_option('blog_charset'));
 if (!isset($_GET["page"])) require_once('admin.php');
 if ( $editing ) {
-	$dbx_js = true;
-	$cat_js = true;
+	wp_enqueue_script( array('dbx-admin-key?pagenow=' . attribute_escape($pagenow),'admin-custom-fields') );
+	if ( current_user_can('manage_categories') )
+		wp_enqueue_script( 'ajaxcat' );
+	if ( user_can_richedit() )
+		wp_enqueue_script( 'wp_tiny_mce' );
 }
-if ( $list_js || $cat_js )
-	$sack_js = true;
+
+get_admin_page_title();
+
 ?>
-<?php get_admin_page_title(); ?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
+<html xmlns="http://www.w3.org/1999/xhtml" <?php do_action('admin_xml_ns'); ?> <?php language_attributes(); ?>>
 <head>
-<meta http-equiv="Content-Type" content="<?php bloginfo('html_type'); ?>; charset=<?php echo get_settings('blog_charset'); ?>" />
-<title><?php bloginfo('name') ?> &rsaquo; <?php echo $title; ?> &#8212; WordPress</title>
-<link rel="stylesheet" href="<?php echo get_settings('siteurl') ?>/wp-admin/wp-admin.css?version=<?php bloginfo('version'); ?>" type="text/css" />
+<meta http-equiv="Content-Type" content="<?php bloginfo('html_type'); ?>; charset=<?php echo get_option('blog_charset'); ?>" />
+<title><?php bloginfo('name') ?> &rsaquo; <?php echo wp_specialchars( strip_tags( $title ) ); ?> &#8212; WordPress</title>
+<?php wp_admin_css(); ?>
 <script type="text/javascript">
 //<![CDATA[
 function addLoadEvent(func) {if ( typeof wpOnload!='function'){wpOnload=func;}else{ var oldonload=wpOnload;wpOnload=function(){oldonload();func();}}}
 //]]>
 </script>
-<script type="text/javascript" src="../wp-includes/js/fat.js"></script>
-<?php if ( $xfn_js ) { ?>
-<script type="text/javascript" src="xfn.js"></script>
-<?php } ?>
-<?php if ( $sack_js ) { ?>
-<script type="text/javascript" src="../wp-includes/js/tw-sack.js"></script>
-<?php } ?>
-<?php if ( $list_js ) { ?>
-<script type="text/javascript" src="list-manipulation.js"></script>
-<?php } ?>
-<?php if ( $dbx_js ) { ?>
-<script type="text/javascript" src="../wp-includes/js/dbx.js"></script>
-<script type="text/javascript">
-//<![CDATA[
-addLoadEvent( function() {
-<?php switch ( $pagenow ) : case 'post.php' : ?>
-var manager = new dbxManager('postmeta');
-<?php break; case 'page-new.php' : ?>
-var manager = new dbxManager('pagemeta');
-<?php break; endswitch; ?>
-});
-//]]>
-</script>
-<script type="text/javascript" src="../wp-includes/js/dbx-key.js"></script>
-<?php } ?>
-<?php if ( $editing && user_can_richedit() ) { ?>
-<script type="text/javascript" src="../wp-includes/js/tinymce/tiny_mce_gzip.php?ver=20051211"></script>
-<?php } ?>
-<?php if ( $cat_js ) { ?>
-<script type="text/javascript" src="cat-js.php"></script>
-<?php } ?>
 <?php if ( ($parent_file != 'link-manager.php') && ($parent_file != 'options-general.php') ) : ?>
 <style type="text/css">* html { overflow-x: hidden; }</style>
-<?php endif; ?>
-<?php do_action('admin_head'); ?>
+<?php endif;
+if ( isset($page_hook) )
+	do_action('admin_print_scripts-' . $page_hook);
+else if ( isset($plugin_page) )
+	do_action('admin_print_scripts-' . $plugin_page);
+do_action('admin_print_scripts');
+
+if ( isset($page_hook) )
+	do_action('admin_head-' . $page_hook);
+else if ( isset($plugin_page) )
+	do_action('admin_head-' . $plugin_page);
+do_action('admin_head');
+?>
 </head>
-<body>
+<body class="wp-admin <?php echo apply_filters( 'admin_body_class', '' ); ?>">
 <div id="wphead">
-<h1><?php echo wptexturize(get_settings(('blogname'))); ?> <span>(<a href="<?php echo get_settings('home') . '/'; ?>"><?php _e('View site') ?> &raquo;</a>)</span></h1>
+<h1><?php bloginfo('name'); ?> <span id="viewsite">(<a href="<?php echo get_option('home') . '/'; ?>"><?php _e('View site &raquo;') ?></a>)</span></h1>
 </div>
-<div id="user_info"><p><?php printf(__('Howdy, <strong>%s</strong>.'), $user_identity) ?> [<a href="<?php echo get_settings('siteurl'); ?>/wp-login.php?action=logout" title="<?php _e('Log out of this account') ?>"><?php _e('Sign Out'); ?></a>, <a href="profile.php"><?php _e('My Account'); ?></a>] </p></div>
+<div id="user_info"><p><?php printf(__('Howdy, <strong>%s</strong>.'), $user_identity) ?> [<a href="<?php echo get_option('siteurl'); ?>/wp-login.php?action=logout" title="<?php _e('Log out of this account') ?>"><?php _e('Sign Out'); ?></a>, <a href="profile.php"><?php _e('My Profile'); ?></a>] </p></div>

 <?php
-require(ABSPATH . '/wp-admin/menu-header.php');
+require(ABSPATH . 'wp-admin/menu-header.php');

 if ( $parent_file == 'options-general.php' ) {
-	require(ABSPATH . '/wp-admin/options-head.php');
+	require(ABSPATH . 'wp-admin/options-head.php');
 }
 ?>
--- a/wp-admin/admin.php
+++ b/wp-admin/admin.php
@@ -1,15 +1,17 @@
 <?php
+define('WP_ADMIN', TRUE);
+
 if ( defined('ABSPATH') )
 	require_once( ABSPATH . 'wp-config.php');
 else
    require_once('../wp-config.php');

-if ( get_option('db_version') != $wp_db_version )
-	die (sprintf(__("Your database is out-of-date.  Please <a href='%s'>upgrade</a>."), get_option('siteurl') . '/wp-admin/upgrade.php'));
-    
-require_once(ABSPATH . 'wp-admin/admin-functions.php');
-require_once(ABSPATH . 'wp-admin/admin-db.php');
-require_once(ABSPATH . WPINC . '/registration-functions.php');
+if ( get_option('db_version') != $wp_db_version ) {
+	wp_redirect(get_option('siteurl') . '/wp-admin/upgrade.php?_wp_http_referer=' . urlencode(stripslashes($_SERVER['REQUEST_URI'])));
+	exit;
+}
+
+require_once(ABSPATH . 'wp-admin/includes/admin.php');

 auth_redirect();

@@ -17,90 +19,94 @@ nocache_headers();

 update_category_cache();

-get_currentuserinfo();
+wp_get_current_user();

-$posts_per_page = get_settings('posts_per_page');
-$what_to_show = get_settings('what_to_show');
-$date_format = get_settings('date_format');
-$time_format = get_settings('time_format');
+$posts_per_page = get_option('posts_per_page');
+$what_to_show = get_option('what_to_show');
+$date_format = get_option('date_format');
+$time_format = get_option('time_format');

-$wpvarstoreset = array('profile','redirect','redirect_url','a','popuptitle','popupurl','text', 'trackback', 'pingback');
-for ($i=0; $i<count($wpvarstoreset); $i += 1) {
-    $wpvar = $wpvarstoreset[$i];
-    if (!isset($$wpvar)) {
-        if (empty($_POST["$wpvar"])) {
-            if (empty($_GET["$wpvar"])) {
-                $$wpvar = '';
-            } else {
-                $$wpvar = $_GET["$wpvar"];
-            }
-        } else {
-            $$wpvar = $_POST["$wpvar"];
-        }
-    }
-}
+wp_reset_vars(array('profile', 'redirect', 'redirect_url', 'a', 'popuptitle', 'popupurl', 'text', 'trackback', 'pingback'));

-$xfn_js = $sack_js = $list_js = $cat_js = $dbx_js = $editing = false;
+wp_enqueue_script( 'fat' );

-require(ABSPATH . '/wp-admin/menu.php');
+$editing = false;

-// Handle plugin admin pages.
 if (isset($_GET['page'])) {
 	$plugin_page = stripslashes($_GET['page']);
 	$plugin_page = plugin_basename($plugin_page);
+}
+
+require(ABSPATH . 'wp-admin/menu.php');
+
+// Handle plugin admin pages.
+if (isset($plugin_page)) {
 	$page_hook = get_plugin_page_hook($plugin_page, $pagenow);

 	if ( $page_hook ) {
+		do_action('load-' . $page_hook);
 		if (! isset($_GET['noheader']))
-			require_once(ABSPATH . '/wp-admin/admin-header.php');
-		
+			require_once(ABSPATH . 'wp-admin/admin-header.php');
+
 		do_action($page_hook);
 	} else {
 		if ( validate_file($plugin_page) ) {
-			die(__('Invalid plugin page'));
+			wp_die(__('Invalid plugin page'));
 		}
-		
-		if (! file_exists(ABSPATH . "wp-content/plugins/$plugin_page"))
-			die(sprintf(__('Cannot load %s.'), $plugin_page));
+
+		if (! file_exists(ABSPATH . PLUGINDIR . "/$plugin_page"))
+			wp_die(sprintf(__('Cannot load %s.'), htmlentities($plugin_page)));
+
+		do_action('load-' . $plugin_page);

 		if (! isset($_GET['noheader']))
-			require_once(ABSPATH . '/wp-admin/admin-header.php');
-		
-		include(ABSPATH . "wp-content/plugins/$plugin_page");
+			require_once(ABSPATH . 'wp-admin/admin-header.php');
+
+		include(ABSPATH . PLUGINDIR . "/$plugin_page");
 	}
-	
+
 	include(ABSPATH . 'wp-admin/admin-footer.php');

 	exit();
 } else if (isset($_GET['import'])) {
-	
+
 	$importer = $_GET['import'];

-	if ( validate_file($importer) ) {
-		die(__('Invalid importer.'));
-	}
-		
-	if (! file_exists(ABSPATH . "wp-admin/import/$importer.php"))
-		die(__('Cannot load importer.'));
-	
-	include(ABSPATH . "wp-admin/import/$importer.php");
+	if ( ! current_user_can('import') )
+		wp_die(__('You are not allowed to import.'));

-	$parent_file = 'import.php';
+	if ( validate_file($importer) ) {
+		wp_die(__('Invalid importer.'));
+	}
+
+	// Allow plugins to define importers as well
+	if (! is_callable($wp_importers[$importer][2]))
+	{
+		if (! file_exists(ABSPATH . "wp-admin/import/$importer.php"))
+		{
+			wp_die(__('Cannot load importer.'));
+		}
+		include(ABSPATH . "wp-admin/import/$importer.php");
+	}
+
+	$parent_file = 'edit.php';
+	$submenu_file = 'import.php';
 	$title = __('Import');
-	
+
 	if (! isset($_GET['noheader']))
 		require_once(ABSPATH . 'wp-admin/admin-header.php');

-	require_once(ABSPATH . 'wp-admin/upgrade-functions.php');
+	require_once(ABSPATH . 'wp-admin/includes/upgrade.php');

 	define('WP_IMPORTING', true);
-	kses_init_filters();  // Always filter imported data with kses.

 	call_user_func($wp_importers[$importer][2]);
-			
+
 	include(ABSPATH . 'wp-admin/admin-footer.php');

 	exit();
+} else {
+	do_action("load-$pagenow");
 }

 ?>
--- a/wp-admin/bookmarklet.php
+++ b/wp-admin/bookmarklet.php
@@ -3,7 +3,7 @@ $mode = 'bookmarklet';
 require_once('admin.php');

 if ( ! current_user_can('edit_posts') )
-	die ("Cheatin' uh?");
+	wp_die(__('Cheatin&#8217; uh?'));

 if ('b' == $a):
 ?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
@@ -25,33 +25,33 @@ $post = get_default_post_to_edit();

 $popuptitle = wp_specialchars(stripslashes($popuptitle));
 $text       = wp_specialchars(stripslashes(urldecode($text)));
-	
+
 $popuptitle = funky_javascript_fix($popuptitle);
 $text       = funky_javascript_fix($text);
-	
+
 $post_title = wp_specialchars($_REQUEST['post_title']);
 if (!empty($post_title))
 	$post->post_title =  stripslashes($post_title);
 else
 	$post->post_title = $popuptitle;
-	
-  
-$content  = wp_specialchars($_REQUEST['content']);
-$popupurl = wp_specialchars($_REQUEST['popupurl']);
-    if ( !empty($content) ) {
-        $post->post_content = wp_specialchars( stripslashes($_REQUEST['content']) );
-    } else {
-        $post->post_content = '<a href="'.$popupurl.'">'.$popuptitle.'</a>'."\n$text";
-    }

-    /* /big funky fixes */
+
+$content  = wp_specialchars($_REQUEST['content']);
+$popupurl = clean_url($_REQUEST['popupurl']);
+if ( !empty($content) ) {
+	$post->post_content = wp_specialchars( stripslashes($_REQUEST['content']) );
+} else {
+	$post->post_content = '<a href="'.$popupurl.'">'.$popuptitle.'</a>'."\n$text";
+}
+
+/* /big funky fixes */

 ?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
 <title><?php bloginfo('name') ?> &rsaquo; Bookmarklet &#8212; WordPress</title>
-<meta http-equiv="Content-Type" content="<?php bloginfo('html_type'); ?>; charset=<?php echo get_settings('blog_charset'); ?>" />
-<link rel="stylesheet" href="wp-admin.css" type="text/css" />
+<meta http-equiv="Content-Type" content="<?php bloginfo('html_type'); ?>; charset=<?php echo get_option('blog_charset'); ?>" />
+<?php wp_admin_css(); ?>

 <style type="text/css">
 <!--
@@ -77,15 +77,15 @@ $popupurl = wp_specialchars($_REQUEST['popupurl']);
 }

 #wpbookmarklet .wrap {
-    border: 0px;
+	border: 0px;
 }

 #wpbookmarklet #postdiv {
-    margin-bottom: 0.5em;
+	margin-bottom: 0.5em;
 }

 #wpbookmarklet #titlediv {
-    margin-bottom: 1em;
+	margin-bottom: 1em;
 }

 -->
--- a/wp-admin/cat-js.php
+++ b/wp-admin/cat-js.php
@@ -1,178 +0,0 @@
-<?php
-require_once('admin.php');
-header('Content-type: text/javascript; charset=' . get_settings('blog_charset'), true);
-?>
-var ajaxCat = new sack();
-var newcat;
- 
-function newCatAddIn() {
-	if ( !document.getElementById('jaxcat') ) return false;
-	var ajaxcat = document.createElement('span');
-	ajaxcat.id = 'ajaxcat';
-
-	newcat = document.createElement('input');
-	newcat.type = 'text';
-	newcat.name = 'newcat';
-	newcat.id = 'newcat';
-	newcat.size = '16';
-	newcat.setAttribute('autocomplete', 'off');
-	newcat.onkeypress = ajaxNewCatKeyPress;
-
-	var newcatSub = document.createElement('input');
-	newcatSub.type = 'button';
-	newcatSub.name = 'Button';
-	newcatSub.id = 'catadd';
-	newcatSub.value = '<?php echo addslashes(__('Add')); ?>';
-	newcatSub.onclick = ajaxNewCat;
-
-	ajaxcat.appendChild(newcat);
-	ajaxcat.appendChild(newcatSub);
-	document.getElementById('jaxcat').appendChild(ajaxcat);
-
-	howto = document.createElement('span');
-	howto.innerHTML = '<?php echo addslashes(__('Separate multiple categories with commas.')); ?>';
-	howto.id = 'howto';
-	ajaxcat.appendChild(howto);
-}
-
-addLoadEvent(newCatAddIn);
-
-function getResponseElement() {
-	var p = document.getElementById('ajaxcatresponse');
-	if (!p) {
-		p = document.createElement('span');
-		document.getElementById('jaxcat').appendChild(p);
-		p.id = 'ajaxcatresponse';
-	}
-	return p;
-}
-
-function newCatLoading() {
-	var p = getResponseElement();
-	p.innerHTML = '<?php echo addslashes(__('Sending Data...')); ?>';
-}
-
-function newCatLoaded() {
-	var p = getResponseElement();
-	p.innerHTML = '<?php echo addslashes(__('Data Sent...')); ?>';
-}
-
-function newCatInteractive() {
-	var p = getResponseElement();
-	p.innerHTML = '<?php echo addslashes(__('Processing Request...')); ?>';
-}
-
-function newCatCompletion() {
-	var p = getResponseElement();
-	var id    = 0;
-	var ids   = new Array();
-	var names = new Array();
-	
-	ids   = myPload( ajaxCat.response );
-	names = myPload( newcat.value );
-	for ( i = 0; i < ids.length; i++ ) {
-		id = ids[i].replace(/[\n\r]+/g, "");
-		if ( id == '-1' ) {
-			p.innerHTML = "<?php echo addslashes(__("You don't have permission to do that.")); ?>";
-			return;
-		}
-		if ( id == '0' ) {
-			p.innerHTML = "<?php echo addslashes(__('That category name is invalid.  Try something else.')); ?>";
-			return;
-		}
-		
-		var exists = document.getElementById('category-' + id);
-		
-		if (exists) {
-			var moveIt = exists.parentNode;
-			var container = moveIt.parentNode;
-			container.removeChild(moveIt);
-			container.insertBefore(moveIt, container.firstChild);
-			moveIt.id = 'new-category-' + id;
-			exists.checked = 'checked';
-			var nowClass = moveIt.className;
-			moveIt.className = nowClass + ' fade';
-			Fat.fade_all();
-			moveIt.className = nowClass;
-		} else {
-			var catDiv = document.getElementById('categorychecklist');
-			var newLabel = document.createElement('label');
-			newLabel.setAttribute('for', 'category-' + id);
-			newLabel.id = 'new-category-' + id;
-			newLabel.className = 'selectit fade';
-	
-			var newCheck = document.createElement('input');
-			newCheck.type = 'checkbox';
-			newCheck.value = id;
-			newCheck.name = 'post_category[]';
-			newCheck.id = 'category-' + id;
-			newLabel.appendChild(newCheck);
-	
-			var newLabelText = document.createTextNode(' ' + names[i]);
-			newLabel.appendChild(newLabelText);
-	
-			catDiv.insertBefore(newLabel, catDiv.firstChild);
-			newCheck.checked = 'checked';
-	
-			Fat.fade_all();
-			newLabel.className = 'selectit';
-		}
-		newcat.value = '';
-	}
-	p.parentNode.removeChild(p);
-//	var id = parseInt(ajaxCat.response, 10);
-}
-
-function ajaxNewCatKeyPress(e) {
-	if (!e) {
-		if (window.event) {
-			e = window.event;
-		} else {
-			return;
-		}
-	}
-	if (e.keyCode == 13) {
-		ajaxNewCat();
-		e.returnValue = false;
-		e.cancelBubble = true;
-		return false;
-	}
-}
-
-function ajaxNewCat() {
-	var newcat = document.getElementById('newcat');
-	var split_cats = new Array(1);
-	var catString = '';
-
-	catString = 'ajaxnewcat=' + encodeURIComponent(newcat.value);
-	ajaxCat.requestFile = 'edit-form-ajax-cat.php';
-	ajaxCat.method = 'GET';
-	ajaxCat.onLoading = newCatLoading;
-	ajaxCat.onLoaded = newCatLoaded;
-	ajaxCat.onInteractive = newCatInteractive;
-	ajaxCat.onCompletion = newCatCompletion;
-	ajaxCat.runAJAX(catString);
-}
-
-function myPload( str ) {
-	var fixedExplode = new Array();
-	var comma = new String(',');
-	var count = 0;
-	var currentElement = '';
-
-	for( x=0; x < str.length; x++) {
-		andy = str.charAt(x);
-		if ( comma.indexOf(andy) != -1 ) {
-			currentElement = currentElement.replace(new RegExp('^\\s*(.*?)\\s*$', ''), '$1'); // trim
-			fixedExplode[count] = currentElement;
-			currentElement = "";
-			count++;
-		} else {
-			currentElement += andy;
-		}
-	}
-
-	if ( currentElement != "" )
-		fixedExplode[count] = currentElement;
-	return fixedExplode;
-}
--- a/wp-admin/categories.php
+++ b/wp-admin/categories.php
@@ -3,112 +3,80 @@ require_once('admin.php');

 $title = __('Categories');
 $parent_file = 'edit.php';
-$list_js = true;

-$wpvarstoreset = array('action','cat');
-for ($i=0; $i<count($wpvarstoreset); $i += 1) {
-    $wpvar = $wpvarstoreset[$i];
-    if (!isset($$wpvar)) {
-        if (empty($_POST["$wpvar"])) {
-            if (empty($_GET["$wpvar"])) {
-                $$wpvar = '';
-            } else {
-                $$wpvar = $_GET["$wpvar"];
-            }
-        } else {
-            $$wpvar = $_POST["$wpvar"];
-        }
-    }
-}
+wp_reset_vars(array('action', 'cat'));

 switch($action) {

 case 'addcat':

-	if ( !current_user_can('manage_categories') )
-		die (__('Cheatin&#8217; uh?'));
-	
-	wp_insert_category($_POST);
+	check_admin_referer('add-category');

-	header('Location: categories.php?message=1#addcat');
+	if ( !current_user_can('manage_categories') )
+		wp_die(__('Cheatin&#8217; uh?'));
+
+	if( wp_insert_category($_POST ) ) {
+		wp_redirect('categories.php?message=1#addcat');
+	} else {
+		wp_redirect('categories.php?message=4#addcat');
+	}
+	exit;
 break;

 case 'delete':
-
-	check_admin_referer();
+	$cat_ID = (int) $_GET['cat_ID'];
+	check_admin_referer('delete-category_' .  $cat_ID);

 	if ( !current_user_can('manage_categories') )
-		die (__('Cheatin&#8217; uh?'));
+		wp_die(__('Cheatin&#8217; uh?'));

-	$cat_ID = (int) $_GET['cat_ID'];
 	$cat_name = get_catname($cat_ID);

-	if ( 1 == $cat_ID )
-		die(sprintf(__("Can't delete the <strong>%s</strong> category: this is the default one"), $cat_name));
+	// Don't delete the default cats.
+    if ( $cat_ID == get_option('default_category') )
+		wp_die(sprintf(__("Can&#8217;t delete the <strong>%s</strong> category: this is the default one"), $cat_name));

 	wp_delete_category($cat_ID);

-	header('Location: categories.php?message=2');
+	wp_redirect('categories.php?message=2');
+	exit;

 break;

 case 'edit':

-    require_once ('admin-header.php');
-    $cat_ID = (int) $_GET['cat_ID'];
-    $category = get_category_to_edit($cat_ID);
-    ?>
-
-<div class="wrap">
- <h2><?php _e('Edit Category') ?></h2>
- <form name="editcat" action="categories.php" method="post">
-	  <table class="editform" width="100%" cellspacing="2" cellpadding="5">
-		<tr>
-		  <th width="33%" scope="row"><?php _e('Category name:') ?></th>
-		  <td width="67%"><input name="cat_name" type="text" value="<?php echo wp_specialchars($category->cat_name); ?>" size="40" /> <input type="hidden" name="action" value="editedcat" />
-<input type="hidden" name="cat_ID" value="<?php echo $category->cat_ID ?>" /></td>
-		</tr>
-		<tr>
-			<th scope="row"><?php _e('Category slug:') ?></th>
-			<td><input name="category_nicename" type="text" value="<?php echo wp_specialchars($category->category_nicename); ?>" size="40" /></td>
-		</tr>
-		<tr>
-			<th scope="row"><?php _e('Category parent:') ?></th>
-			<td>        
-			<select name='category_parent'>
-	  <option value='0' <?php if (!$category->category_parent) echo " selected='selected'"; ?>><?php _e('None') ?></option>
-	  <?php wp_dropdown_cats($category->cat_ID, $category->category_parent); ?>
-	  </select></td>
-		</tr>
-		<tr>
-			<th scope="row"><?php _e('Description:') ?></th>
-			<td><textarea name="category_description" rows="5" cols="50" style="width: 97%;"><?php echo wp_specialchars($category->category_description, 1); ?></textarea></td>
-		</tr>
-		</table>
-	  <p class="submit"><input type="submit" name="submit" value="<?php _e('Edit category') ?> &raquo;" /></p>
- </form>
- <p><a href="categories.php"><?php _e('&laquo; Return to category list'); ?></a></p>
-</div>
-    <?php
+	require_once ('admin-header.php');
+	$cat_ID = (int) $_GET['cat_ID'];
+	$category = get_category_to_edit($cat_ID);
+	include('edit-category-form.php');

 break;

 case 'editedcat':
-	if ( !current_user_can('manage_categories') )
-		die (__('Cheatin&#8217; uh?'));
-	
-	wp_update_category($_POST);
+	$cat_ID = (int) $_POST['cat_ID'];
+	check_admin_referer('update-category_' . $cat_ID);

-	header('Location: categories.php?message=3');
+	if ( !current_user_can('manage_categories') )
+		wp_die(__('Cheatin&#8217; uh?'));
+
+	if ( wp_update_category($_POST) )
+		wp_redirect('categories.php?message=3');
+	else
+		wp_redirect('categories.php?message=5');
+
+	exit;
 break;

 default:

+wp_enqueue_script( 'admin-categories' );
 require_once ('admin-header.php');

 $messages[1] = __('Category added.');
 $messages[2] = __('Category deleted.');
 $messages[3] = __('Category updated.');
+$messages[4] = __('Category not added.');
+$messages[5] = __('Category not updated.');
 ?>

 <?php if (isset($_GET['message'])) : ?>
@@ -121,44 +89,33 @@ $messages[3] = __('Category updated.');
 <?php else : ?>
 	<h2><?php _e('Categories') ?> </h2>
 <?php endif; ?>
-<table id="the-list-x" width="100%" cellpadding="3" cellspacing="3">
+<table class="widefat">
+	<thead>
 	<tr>
-		<th scope="col"><?php _e('ID') ?></th>
+		<th scope="col" style="text-align: center"><?php _e('ID') ?></th>
        <th scope="col"><?php _e('Name') ?></th>
        <th scope="col"><?php _e('Description') ?></th>
-        <th scope="col"><?php _e('# Posts') ?></th>
-        <th colspan="2"><?php _e('Action') ?></th>
+        <th scope="col" width="90" style="text-align: center"><?php _e('Posts') ?></th>
+        <th colspan="2" style="text-align: center"><?php _e('Action') ?></th>
 	</tr>
+	</thead>
+	<tbody id="the-list">
 <?php
 cat_rows();
 ?>
+	</tbody>
 </table>

-<div id="ajax-response"></div>
-
 </div>

 <?php if ( current_user_can('manage_categories') ) : ?>
 <div class="wrap">
-<p><?php printf(__('<strong>Note:</strong><br />Deleting a category does not delete posts from that category, it will just set them back to the default category <strong>%s</strong>.'), get_catname(get_option('default_category'))) ?></p>
+<p><?php printf(__('<strong>Note:</strong><br />Deleting a category does not delete the posts in that category. Instead, posts that were only assigned to the deleted category are set to the category <strong>%s</strong>.'), apply_filters('the_category', get_catname(get_option('default_category')))) ?></p>
+<p><?php printf(__('Categories can be selectively converted to tags using the <a href="%s">category to tag converter</a>.'), 'admin.php?import=wp-cat2tag') ?></p>
 </div>

-<div class="wrap">
-    <h2><?php _e('Add New Category') ?></h2>
-    <form name="addcat" id="addcat" action="categories.php" method="post">
-        
-        <p><?php _e('Name:') ?><br />
-        <input type="text" name="cat_name" value="" /></p>
-        <p><?php _e('Category parent:') ?><br />
-        <select name='category_parent' class='postform'>
-        <option value='0'><?php _e('None') ?></option>
-        <?php wp_dropdown_cats(0); ?>
-        </select></p>
-        <p><?php _e('Description: (optional)') ?> <br />
-        <textarea name="category_description" rows="5" cols="50" style="width: 97%;"></textarea></p>
-        <p class="submit"><input type="hidden" name="action" value="addcat" /><input type="submit" name="submit" value="<?php _e('Add Category &raquo;') ?>" /></p>
-    </form>
-</div>
+<?php include('edit-category-form.php'); ?>
+
 <?php endif; ?>

 <?php
@@ -166,4 +123,5 @@ break;
 }

 include('admin-footer.php');
+
 ?>
--- a/wp-admin/comment.php
+++ b/wp-admin/comment.php
@@ -0,0 +1,213 @@
+<?php
+require_once('admin.php');
+
+$parent_file = 'edit-comments.php';
+$submenu_file = 'edit-comments.php';
+
+wp_reset_vars(array('action'));
+
+if ( isset( $_POST['deletecomment'] ) )
+	$action = 'deletecomment';
+
+switch($action) {
+case 'editcomment':
+	$title = __('Edit Comment');
+
+	require_once ('admin-header.php');
+
+	$comment = (int) $_GET['c'];
+
+	if ( ! $comment = get_comment($comment) )
+		wp_die(__('Oops, no comment with this ID.').sprintf(' <a href="%s">'.__('Go back').'</a>!', 'javascript:history.go(-1)'));
+
+	if ( !current_user_can('edit_post', $comment->comment_post_ID) )
+		wp_die( __('You are not allowed to edit comments on this post.') );
+
+	$comment = get_comment_to_edit($comment);
+
+	include('edit-form-comment.php');
+
+	break;
+
+case 'cdc':
+case 'mac':
+
+	require_once('./admin-header.php');
+
+	$comment = (int) $_GET['c'];
+	$formaction = 'cdc' == $action ? 'deletecomment' : 'approvecomment';
+	$nonce_action = 'cdc' == $action ? 'delete-comment_' : 'approve-comment_';
+	$nonce_action .= $comment;
+
+	if ( ! $comment = get_comment_to_edit($comment) )
+		wp_die(__('Oops, no comment with this ID.').sprintf(' <a href="%s">'.__('Go back').'</a>!', 'edit.php'));
+
+	if ( !current_user_can('edit_post', $comment->comment_post_ID) )
+		wp_die( 'cdc' == $action ? __('You are not allowed to delete comments on this post.') : __('You are not allowed to edit comments on this post, so you cannot approve this comment.') );
+?>
+<div class='wrap'>
+
+<div class="narrow">
+<?php if ( 'spam' == $_GET['dt'] ) { ?>
+<p><?php echo '<strong>'.__('Caution:').'</strong> '.__('You are about to mark the following comment as spam:'); ?></p>
+<?php } elseif ( 'cdc' == $action ) { ?>
+<p><?php echo '<strong>'.__('Caution:').'</strong> '.__('You are about to delete the following comment:'); ?></p>
+<?php } else { ?>
+<p><?php echo '<strong>'.__('Caution:').'</strong> '.__('You are about to approve the following comment:'); ?></p>
+<?php } ?>
+
+<p><?php _e('Are you sure you want to do that?'); ?></p>
+
+<form action='<?php echo get_option('siteurl'); ?>/wp-admin/comment.php' method='get'>
+
+<table width="100%">
+<tr>
+<td><input type='button' value='<?php _e('No'); ?>' onclick="self.location='<?php echo get_option('siteurl'); ?>/wp-admin/edit-comments.php';" /></td>
+<td align="right"><input type='submit' value='<?php _e('Yes'); ?>' /></td>
+</tr>
+</table>
+
+<?php wp_nonce_field($nonce_action); ?>
+<input type='hidden' name='action' value='<?php echo $formaction; ?>' />
+<?php if ( 'spam' == $_GET['dt'] ) { ?>
+<input type='hidden' name='dt' value='spam' />
+<?php } ?>
+<input type='hidden' name='p' value='<?php echo $comment->comment_post_ID; ?>' />
+<input type='hidden' name='c' value='<?php echo $comment->comment_ID; ?>' />
+<input type='hidden' name='noredir' value='1' />
+</form>
+
+<table class="editform" cellpadding="5">
+<tr class="alt">
+<th scope="row"><?php _e('Author:'); ?></th>
+<td><?php echo $comment->comment_author; ?></td>
+</tr>
+<?php if ( $comment->comment_author_email ) { ?>
+<tr>
+<th scope="row"><?php _e('E-mail:'); ?></th>
+<td><?php echo $comment->comment_author_email; ?></td>
+</tr>
+<?php } ?>
+<?php if ( $comment->comment_author_url ) { ?>
+<tr>
+<th scope="row"><?php _e('URL:'); ?></th>
+<td><a href='<?php echo $comment->comment_author_url; ?>'><?php echo $comment->comment_author_url; ?></a></td>
+</tr>
+<?php } ?>
+<tr>
+<th scope="row" valign="top"><p><?php _e('Comment:'); ?></p></th>
+<td><?php echo $comment->comment_content; ?></td>
+</tr>
+</table>
+
+</div>
+</div>
+<?php
+	break;
+
+case 'deletecomment':
+	$comment = (int) $_REQUEST['c'];
+	check_admin_referer('delete-comment_' . $comment);
+
+	if ( isset($_REQUEST['noredir']) ) {
+		$noredir = true;
+	} else {
+		$noredir = false;
+	}
+
+	if ( ! $comment = get_comment($comment) )
+			 wp_die(__('Oops, no comment with this ID.').sprintf(' <a href="%s">'.__('Go back').'</a>!', 'edit-comments.php'));
+
+	if ( !current_user_can('edit_post', $comment->comment_post_ID) )
+		wp_die( __('You are not allowed to edit comments on this post.') );
+
+	if ( 'spam' == $_REQUEST['dt'] )
+		wp_set_comment_status($comment->comment_ID, 'spam');
+	else
+		wp_delete_comment($comment->comment_ID);
+
+	if ((wp_get_referer() != '') && (false == $noredir)) {
+		wp_redirect(wp_get_referer());
+	} else {
+		wp_redirect(get_option('siteurl') .'/wp-admin/edit-comments.php');
+	}
+	exit();
+	break;
+
+case 'unapprovecomment':
+	$comment = (int) $_GET['c'];
+	check_admin_referer('unapprove-comment_' . $comment);
+
+	if (isset($_GET['noredir'])) {
+		$noredir = true;
+	} else {
+		$noredir = false;
+	}
+
+	if ( ! $comment = get_comment($comment) )
+		wp_die(__('Oops, no comment with this ID.').sprintf(' <a href="%s">'.__('Go back').'</a>!', 'edit.php'));
+
+	if ( !current_user_can('edit_post', $comment->comment_post_ID) )
+		wp_die( __('You are not allowed to edit comments on this post, so you cannot disapprove this comment.') );
+
+	wp_set_comment_status($comment->comment_ID, "hold");
+
+	if ((wp_get_referer() != "") && (false == $noredir)) {
+		wp_redirect(wp_get_referer());
+	} else {
+		wp_redirect(get_option('siteurl') .'/wp-admin/edit.php?p=' . (int) $comment->comment_post_ID.'&c=1#comments');
+	}
+	exit();
+	break;
+
+case 'approvecomment':
+	$comment = (int) $_GET['c'];
+	check_admin_referer('approve-comment_' . $comment);
+
+	if (isset($_GET['noredir'])) {
+		$noredir = true;
+	} else {
+		$noredir = false;
+	}
+
+	if ( ! $comment = get_comment($comment) )
+		wp_die(__('Oops, no comment with this ID.').sprintf(' <a href="%s">'.__('Go back').'</a>!', 'edit.php'));
+
+	if ( !current_user_can('edit_post', $comment->comment_post_ID) )
+		wp_die( __('You are not allowed to edit comments on this post, so you cannot approve this comment.') );
+
+	wp_set_comment_status($comment->comment_ID, "approve");
+	if (get_option("comments_notify") == true) {
+		wp_notify_postauthor($comment->comment_ID);
+	}
+
+
+	if ((wp_get_referer() != "") && (false == $noredir)) {
+		wp_redirect(wp_get_referer());
+	} else {
+		wp_redirect(get_option('siteurl') .'/wp-admin/edit.php?p=' . (int) $comment->comment_post_ID.'&c=1#comments');
+	}
+	exit();
+	break;
+
+case 'editedcomment':
+
+	$comment_ID = (int) $_POST['comment_ID'];
+	$comment_post_ID = (int) $_POST['comment_post_id'];
+
+	check_admin_referer('update-comment_' . $comment_ID);
+
+	edit_comment();
+
+	$location = ( empty($_POST['referredby']) ? "edit.php?p=$comment_post_ID&c=1" : $_POST['referredby'] ) . '#comment-' . $comment_ID;
+	$location = apply_filters('comment_edit_redirect', $location, $comment_ID);
+	wp_redirect($location);
+	exit();
+	break;
+default:
+	break;
+} // end switch
+
+include('admin-footer.php');
+
+?>
--- a/wp-admin/css/install-rtl.css
+++ b/wp-admin/css/install-rtl.css
@@ -0,0 +1,15 @@
+body { font: 13px Tahoma, Georgia, "Times New Roman", Times, serif; }
+
+ul, ol { padding: 5px 20px 5px 5px; }
+
+h1, h2, h3 { font-family: "Times New Roman", Times, serif; font-weight: 700 }
+
+.step, th { text-align: left }
+
+input { font-family: "Times New Roman", Times, serif; padding: 1px }
+
+#logo {	background: url(../wp-content/plugins/WP-Jalali/wp-fa-logo.png) center right no-repeat;	text-align: left; }
+
+#admin_email {direction: ltr; text-align: left; }
+
+#footer { font-style: normal; }
--- a/wp-admin/css/install.css
+++ b/wp-admin/css/install.css
@@ -0,0 +1,40 @@
+html { background: #eee; }
+
+body {
+	background: #fff;
+	color: #000;
+	font-family: Georgia, "Times New Roman", Times, serif;
+	margin-left: 20%;
+	margin-right: 20%;
+	padding: .2em 2em;
+}
+
+h1 {
+	color: #006;
+	font-size: 18px;
+	font-weight: lighter;
+}
+
+h2 { font-size: 16px; }
+
+p, li, dt {
+	line-height: 140%;
+	padding-bottom: 2px;
+}
+
+ul, ol { padding: 5px 5px 5px 20px; }
+
+#logo { margin-bottom: 2em; }
+
+.step a, .step input { font-size: 2em; }
+
+td input { font-size: 1.5em; }
+
+.step, th { text-align: right; }
+
+#footer {
+	text-align: center; 
+	border-top: 1px solid #ccc; 
+	padding-top: 1em; 
+	font-style: italic;
+}
--- a/wp-admin/css/upload-rtl.css
+++ b/wp-admin/css/upload-rtl.css
@@ -0,0 +1,12 @@
+html {
+	direction: ltr;
+	}
+#uploadoptions, table {
+	direction: rtl;
+	}
+td {
+	padding: 1px 6px 0;
+	}
+.submit {
+	text-align: left;
+	}
--- a/wp-admin/css/upload.css
+++ b/wp-admin/css/upload.css
@@ -0,0 +1,204 @@
+body { background: #f9fcfe; }
+
+.upload-file-data { display: none; }
+
+#upload-menu {
+	border-top: 2em solid #247fab;
+	margin: 0;
+	padding: 0;
+	height: 0;
+	list-style: none;
+	width: 100%;
+}
+
+body > #upload-menu { border-bottom: 7px solid #fff; }
+
+#upload-menu li {
+	margin: 0;
+	position: relative;
+	top: -2em;
+	padding-bottom: 5px;
+	border: none;
+	border-top: 3px solid #247fab;
+}
+
+#upload-menu li a.upload-tab-link {
+	margin-left: 0.75em;
+	padding: 5px 5px 0;
+	display: block;
+	float: left;
+	height: 100%;
+	text-decoration: none;
+	border-bottom: none;
+	color: #fff;
+}
+
+#upload-menu li.current {
+	border-right: 2px solid #448abd;
+	color: #000;
+}
+
+#upload-menu li.current a.upload-tab-link, #upload-menu li a:hover {
+	background: #f9fcfe;
+	color: #000;
+}
+
+#upload-menu li #current-tab-nav {
+	background: #f9fcfe;
+	float: left;
+	padding: 5px 5px 0 0;
+	margin-left: -5px;
+}
+
+#upload-menu li span .page-numbers {
+	padding: 0;
+	border: none;
+}
+
+#upload-menu li span a.page-numbers { color: #00019b; }
+#upload-menu li span a.page-numbers:hover { text-decoration: underline; }
+
+#upload-content {
+	position: relative;
+	clear: both;
+	margin: 0;
+	padding: 0;
+	border: none;
+	width: 100%;
+	height: 100%;
+	background: none;
+}
+
+#upload-file {
+	margin: 0 auto;
+	top: 0;
+	left: 0;
+	width: 95%;
+	height: 100%;
+	background: #f9fcfe;
+}
+
+#upload-file th {
+	width: 8em;
+}
+
+form#upload-file input, form#upload-file textarea, div#upload-content.upload table { width: 100%; }
+
+form#upload-file .submit input { width: auto; }
+
+#upload-file-view { padding: 0 0 0 75px; }
+
+#file-title {
+	margin: 0 0 .2em 75px;
+	padding: 0;
+	display: block;
+	font-family: Georgia, "Times New Roman", Times, serif;
+	font-size: 16px;
+}
+
+h2 {
+	margin: 0 .2em 0 0;
+	padding: 0;
+	display: inline;
+	border: none;
+	color: #000;
+	font-size: 1.4em;
+	line-height: 1.4em;
+}
+
+.wrap h2 {
+	margin: .4em 0 .5em;
+	display: block;
+	border-bottom: .5em solid #e5f3ff;
+	color: #333;
+	font: normal 32px/5px serif;
+	clear: both;
+}
+
+* html .wrap h2 {
+	margin-top: 1em;
+}
+
+.back {
+	display: block;
+	position: absolute;
+	left: 14px;
+	top: 10px;
+}
+
+#upload-files {
+	list-style-type: none;
+	margin: 0;
+	padding: 15px 0 0;
+}
+
+#upload-files li { margin: 0 0 15px 15px; }
+
+#upload-files a, #upload-file-view a, a.file-link {
+	border: none;
+	text-decoration: none;
+}
+
+#upload-file-view a img { padding-bottom: .2em; border-bottom: 1px solid #6699CC; }
+
+#upload-files a.file-link {
+	display: block;
+	width: 130px;
+	height: 128px;
+	background-color: rgb(209, 226, 239);
+	text-align: center;
+	overflow: hidden;
+}
+
+#upload-files a.text {
+	padding-top: 40px;
+	height: 88px;
+	font-size: 16px;
+}
+
+#upload-files a.file-link.image {
+	font-size: 2px;
+	letter-spacing: 0;
+}
+
+#upload-files a.file-link img { vertical-align: middle; }
+
+#the-attachment-links textarea {
+	font-size: 10px;
+	overflow: hidden;
+}
+
+form table { float: none; padding: 0 15px; }
+
+table {
+	float: left;
+	margin: 0;
+	padding: 0;
+}
+
+th { text-align: right; vertical-align: text-top; }
+
+tr, td, th {
+	margin-top: 0;
+	padding-top: 0;
+}
+
+#uploadoptions th {
+	width: 80px;
+}
+
+#uploadoptions p {
+	margin: 0;
+	padding: 0;
+}
+
+#uploadoptions td {
+	padding-left: 1em;
+	line-height: 140%;
+}
+
+#uploadoptions table {
+	width: 300px;
+}
+
+input.readonly { background-color: #ddd; }
--- a/wp-admin/css/widgets-rtl.css
+++ b/wp-admin/css/widgets-rtl.css
@@ -0,0 +1,38 @@
+.dropzone,
+#palettediv,
+.handle,
+.controlform {
+	direction: rtl;
+	text-align: justify;
+	}
+.dropzone {
+	float: right;
+	margin-left: 10px;
+	margin-right: auto;
+	width: 240px;
+	}
+* html .dropzone ul {
+	margin-right: 0;
+	}
+* .handle, #lastmodule span {
+	border-left: 1px solid #e8e8e8;
+	border-right: 1px solid #f2f2f2;
+	}
+* .popper {
+	right: auto;
+	left: 3px;
+	}
+#palettediv .module, #lastmodule {
+	margin-right: auto;
+	margin-left: 10px;
+	float: right;
+	}
+#palettediv ul {
+	padding: 0 10px 0 0;
+	margin-right: 0;
+	width: 100%;
+	}
+.placemat {
+	margin-right: 0;
+	float: right;
+	}
--- a/wp-admin/css/widgets.css
+++ b/wp-admin/css/widgets.css
@@ -0,0 +1,236 @@
+body {
+	height: 100%;
+}
+
+#sbadmin #zones {
+	-moz-user-select: none;
+	-khtml-user-select: none;
+	user-select: none;
+}
+
+#sbreset {
+	float: left;
+	margin: 1px 0;
+}
+
+.dropzone {
+	border: 1px solid #bbb;
+	float: left;
+	margin-right: 10px;
+	padding: 5px;
+	background-color: #f0f8ff;
+}
+
+.dropzone h3 {
+	text-align: center;
+	color: #333;
+}
+
+.dropzone input {
+	display: none;
+}
+
+.dropzone ul {
+	float: left;
+	list-style-type: none;
+	width: 240px;
+	margin: 0;
+	min-height: 200px;
+	padding: 0;
+	display: block;
+}
+
+* .module {
+	width: 238px;
+	padding: 0;
+	margin: 5px 0;
+	cursor: move;
+	display: block;
+	border: 1px solid #ccc;
+	background-color: #fbfbfb;
+	position: relative;
+	text-align: left;
+	line-height: 25px;
+}
+
+* .handle {
+	display: block;
+	width: 216px;
+	padding: 0 10px;
+	position: relative;
+	border-top: 1px solid #f2f2f2;
+	border-right: 1px solid #e8e8e8;
+	border-bottom: 1px solid #e8e8e8;
+	border-left: 1px solid #f2f2f2;
+}
+
+* .popper {
+	margin: 0;
+	display: inline;
+	position: absolute;
+	top: 3px;
+	right: 3px;
+	overflow: hidden;
+	text-align: center;
+	height: 16px;
+	font-size: 18px;
+	line-height: 14px;
+	cursor: pointer;
+	padding: 0 3px 1px;
+	border-top: 4px solid #6da6d1;
+	background: url( ../images/fade-butt.png ) -5px 0px;
+}
+
+* html .popper {
+	padding: 1px 6px 0;
+	font-size: 16px;
+}
+
+#sbadmin p.submit {
+	padding-right: 10px;
+	clear: left;
+}
+
+.placemat {
+	cursor: default;
+	margin: 0;
+	padding: 0;
+	position: relative;
+}
+
+.placemat h4 {
+	text-align: center;
+}
+
+.placemat span {
+	background-color: #ffe;
+	border: 1px solid #ccc;
+	padding: 0 10px 10px;
+	position: absolute;
+	text-align: justify;
+}
+
+#palettediv {
+	border: 1px solid #bbb;
+	background-color: #f0f8ff;
+	height:auto;
+	margin-top: 10px;
+	padding-bottom: 10px;
+}
+
+#palettediv:after, #zones:after, .dropzone:after {
+	content: ".";
+	display: block;
+	height: 0;
+	clear: both;
+	visibility: hidden;
+}
+
+#palettediv, #zones, .dropzone {
+	display: block;
+	min-height: 1px;
+}
+
+* html #palettediv, * html #zones, * html .dropzone {
+	height: 1%;
+}
+
+#palettediv h3 {
+	text-align: center;
+	color: #333;
+	min-height: 1px;
+}
+
+#palettediv ul {
+	padding: 0 0 0 10px;
+}
+
+#palettediv .module {
+	margin-right: 10px;
+	float: left;
+	width: 120px;
+}
+
+#palettediv .handle {
+	height: 40px;
+	font-size: 90%;
+	width: 110px;
+	padding: 0 5px;
+}
+
+#palettediv .popper {
+	visibility: hidden;
+}
+
+* html #palettediv ul {
+	margin: 0;
+	padding: 0 0 0 10px;
+}
+
+#controls {
+	height: 0px;
+}
+
+.control {
+	position: absolute;
+	display: block;
+	background: #f9fcfe;
+	padding: 0;
+}
+
+.controlhandle {
+	cursor: move;
+	background-color: #6da6d1;
+	border-bottom: 2px solid #448abd;
+	color: #333;
+	display: block;
+	margin: 0 0 5px;
+	padding: 4px;
+	font-size: 120%;
+}
+
+.controlcloser {
+	cursor: pointer;
+	font-size: 120%;
+	display: block;
+	position: absolute;
+	top: 2px;
+	right: 8px;
+	padding: 0 3px;
+	font-weight: bold;
+}
+
+.controlform {
+	margin: 20px 30px;
+}
+
+.controlform p {
+	text-align: center;
+}
+
+.control .checkbox {
+	border: none;
+	background: transparent;
+}
+
+.hidden {
+	display: none;
+}
+
+#shadow {
+	background: black;
+	display: none;
+	position: absolute;
+	top: 0px;
+	left: 0px;
+	width: 100%;
+}
+
+#dragHelper {
+	position: absolute;
+}
+
+#dragHelper li.module {
+	display: block;
+	float: left;
+}
--- a/wp-admin/custom-header.php
+++ b/wp-admin/custom-header.php
@@ -0,0 +1,332 @@
+<?php
+
+class Custom_Image_Header {
+	var $admin_header_callback;
+
+	function Custom_Image_Header($admin_header_callback) {
+		$this->admin_header_callback = $admin_header_callback;
+	}
+
+	function init() {
+		$page = add_theme_page(__('Custom Image Header'), __('Custom Image Header'), 'edit_themes', 'custom-header', array(&$this, 'admin_page'));
+
+		add_action("admin_print_scripts-$page", array(&$this, 'js_includes'));
+		add_action("admin_head-$page", array(&$this, 'js'), 50);
+		add_action("admin_head-$page", $this->admin_header_callback, 51);
+	}
+
+	function js_includes() {
+		wp_enqueue_script('cropper');
+		wp_enqueue_script('colorpicker');
+	}
+
+	function js() {
+
+		if ( isset( $_POST['textcolor'] ) ) {
+			check_admin_referer('custom-header');
+			if ( 'blank' == $_POST['textcolor'] ) {
+				set_theme_mod('header_textcolor', 'blank');
+			} else {
+				$color = preg_replace('/[^0-9a-fA-F]/', '', $_POST['textcolor']);
+				if ( strlen($color) == 6 || strlen($color) == 3 )
+					set_theme_mod('header_textcolor', $color);
+			}
+		}
+		if ( isset($_POST['resetheader']) ) {
+			check_admin_referer('custom-header');
+			remove_theme_mods();
+		}
+	?>
+<script type="text/javascript">
+
+	function onEndCrop( coords, dimensions ) {
+		$( 'x1' ).value = coords.x1;
+		$( 'y1' ).value = coords.y1;
+		$( 'x2' ).value = coords.x2;
+		$( 'y2' ).value = coords.y2;
+		$( 'width' ).value = dimensions.width;
+		$( 'height' ).value = dimensions.height;
+	}
+
+	// with a supplied ratio
+	Event.observe(
+		window,
+		'load',
+		function() {
+			var xinit = <?php echo HEADER_IMAGE_WIDTH; ?>;
+			var yinit = <?php echo HEADER_IMAGE_HEIGHT; ?>;
+			var ratio = xinit / yinit;
+			var ximg = $('upload').width;
+			var yimg = $('upload').height;
+			if ( yimg < yinit || ximg < xinit ) {
+				if ( ximg / yimg > ratio ) {
+					yinit = yimg;
+					xinit = yinit * ratio;
+				} else {
+					xinit = ximg;
+					yinit = xinit / ratio;
+				}
+			}
+			new Cropper.Img(
+				'upload',
+				{
+					ratioDim: { x: xinit, y: yinit },
+					displayOnInit: true,
+					onEndCrop: onEndCrop
+				}
+			)
+		}
+	);
+
+	var cp = new ColorPicker();
+
+	function pickColor(color) {
+		$('name').style.color = color;
+		$('desc').style.color = color;
+		$('textcolor').value = color;
+	}
+	function PopupWindow_hidePopup(magicword) {
+		if ( magicword != 'prettyplease' )
+			return false;
+		if (this.divName != null) {
+			if (this.use_gebi) {
+				document.getElementById(this.divName).style.visibility = "hidden";
+			}
+			else if (this.use_css) {
+				document.all[this.divName].style.visibility = "hidden";
+			}
+			else if (this.use_layers) {
+				document.layers[this.divName].visibility = "hidden";
+			}
+		}
+		else {
+			if (this.popupWindow && !this.popupWindow.closed) {
+				this.popupWindow.close();
+				this.popupWindow = null;
+			}
+		}
+		return false;
+	}
+	function colorSelect(t,p) {
+		if ( cp.p == p && document.getElementById(cp.divName).style.visibility != "hidden" ) {
+			cp.hidePopup('prettyplease');
+		} else {
+			cp.p = p;
+			cp.select(t,p);
+		}
+	}
+	function colorDefault() {
+		pickColor('<?php echo HEADER_TEXTCOLOR; ?>');
+	}
+
+	function hide_text() {
+		$('name').style.display = 'none';
+		$('desc').style.display = 'none';
+		$('pickcolor').style.display = 'none';
+		$('defaultcolor').style.display = 'none';
+		$('textcolor').value = 'blank';
+		$('hidetext').value = '<?php _e('Show Text'); ?>';
+//		$('hidetext').onclick = 'show_text()';
+		Event.observe( $('hidetext'), 'click', show_text );
+	}
+
+	function show_text() {
+		$('name').style.display = 'block';
+		$('desc').style.display = 'block';
+		$('pickcolor').style.display = 'inline';
+		$('defaultcolor').style.display = 'inline';
+		$('textcolor').value = '<?php echo HEADER_TEXTCOLOR; ?>';
+		$('hidetext').value = '<?php _e('Hide Text'); ?>';
+		Event.stopObserving( $('hidetext'), 'click', show_text );
+		Event.observe( $('hidetext'), 'click', hide_text );
+	}
+
+	<?php if ( 'blank' == get_theme_mod('header_textcolor', HEADER_TEXTCOLOR) ) { ?>
+Event.observe( window, 'load', hide_text );
+	<?php } ?>
+
+</script>
+<?php
+	}
+
+	function step_1() {
+		if ( $_GET['updated'] ) { ?>
+<div id="message" class="updated fade">
+<p><?php _e('Header updated.') ?></p>
+</div>
+		<?php } ?>
+
+<div class="wrap">
+<h2><?php _e('Your Header Image'); ?></h2>
+<p><?php _e('This is your header image. You can change the text color or upload and crop a new image.'); ?></p>
+
+<div id="headimg" style="background-image: url(<?php clean_url(header_image()) ?>);">
+<h1><a onclick="return false;" href="<?php bloginfo('url'); ?>" title="<?php bloginfo('name'); ?>" id="name"><?php bloginfo('name'); ?></a></h1>
+<div id="desc"><?php bloginfo('description');?></div>
+</div>
+<?php if ( !defined( 'NO_HEADER_TEXT' ) ) { ?>
+<form method="post" action="<?php echo get_option('siteurl') ?>/wp-admin/themes.php?page=custom-header&amp;updated=true">
+<input type="button" value="<?php _e('Hide Text'); ?>" onclick="hide_text()" id="hidetext" />
+<input type="button" value="<?php _e('Select a Text Color'); ?>" onclick="colorSelect($('textcolor'), 'pickcolor')" id="pickcolor" /><input type="button" value="<?php _e('Use Original Color'); ?>" onclick="colorDefault()" id="defaultcolor" />
+<?php wp_nonce_field('custom-header') ?>
+<input type="hidden" name="textcolor" id="textcolor" value="#<?php attribute_escape(header_textcolor()) ?>" /><input name="submit" type="submit" value="<?php _e('Save Changes &raquo;'); ?>" /></form>
+<?php } ?>
+
+<div id="colorPickerDiv" style="z-index: 100;background:#eee;border:1px solid #ccc;position:absolute;visibility:hidden;"> </div>
+</div>
+<div class="wrap">
+<h2><?php _e('Upload New Header Image'); ?></h2><p><?php _e('Here you can upload a custom header image to be shown at the top of your blog instead of the default one. On the next screen you will be able to crop the image.'); ?></p>
+<p><?php printf(__('Images of exactly <strong>%1$d x %2$d pixels</strong> will be used as-is.'), HEADER_IMAGE_WIDTH, HEADER_IMAGE_HEIGHT); ?></p>
+
+<form enctype="multipart/form-data" id="uploadForm" method="POST" action="<?php echo attribute_escape(add_query_arg('step', 2)) ?>" style="margin: auto; width: 50%;">
+<label for="upload"><?php _e('Choose an image from your computer:'); ?></label><br /><input type="file" id="upload" name="import" />
+<input type="hidden" name="action" value="save" />
+<?php wp_nonce_field('custom-header') ?>
+<p class="submit">
+<input type="submit" value="<?php _e('Upload &raquo;'); ?>" />
+</p>
+</form>
+
+</div>
+
+		<?php if ( get_theme_mod('header_image') || get_theme_mod('header_textcolor') ) : ?>
+<div class="wrap">
+<h2><?php _e('Reset Header Image and Color'); ?></h2>
+<p><?php _e('This will restore the original header image and color. You will not be able to retrieve any customizations.') ?></p>
+<form method="post" action="<?php echo attribute_escape(add_query_arg('step', 1)) ?>">
+<?php wp_nonce_field('custom-header'); ?>
+<input type="submit" name="resetheader" value="<?php _e('Restore Original Header'); ?>" />
+</form>
+</div>
+		<?php endif;
+
+	}
+
+	function step_2() {
+		check_admin_referer('custom-header');
+		$overrides = array('test_form' => false);
+		$file = wp_handle_upload($_FILES['import'], $overrides);
+
+		if ( isset($file['error']) )
+		die( $file['error'] );
+
+		$url = $file['url'];
+		$file = $file['file'];
+		$filename = basename($file);
+
+		// Construct the object array
+		$object = array(
+		'post_title' => $filename,
+		'post_content' => $url,
+		'post_mime_type' => 'import',
+		'guid' => $url);
+
+		// Save the data
+		$id = wp_insert_attachment($object, $file);
+
+		$upload = array('file' => $file, 'id' => $id);
+
+		list($width, $height, $type, $attr) = getimagesize( $file );
+
+		if ( $width == HEADER_IMAGE_WIDTH && $height == HEADER_IMAGE_HEIGHT ) {
+			set_theme_mod('header_image', clean_url($url));
+			$header = apply_filters('wp_create_file_in_uploads', $file, $id); // For replication
+			return $this->finished();
+		} elseif ( $width > HEADER_IMAGE_WIDTH ) {
+			$oitar = $width / HEADER_IMAGE_WIDTH;
+			$image = wp_crop_image($file, 0, 0, $width, $height, HEADER_IMAGE_WIDTH, $height / $oitar, false, str_replace(basename($file), 'midsize-'.basename($file), $file));
+			$image = apply_filters('wp_create_file_in_uploads', $image, $id); // For replication
+
+			$url = str_replace(basename($url), basename($image), $url);
+			$width = $width / $oitar;
+			$height = $height / $oitar;
+		} else {
+			$oitar = 1;
+		}
+		?>
+
+<div class="wrap">
+
+<form method="POST" action="<?php echo attribute_escape(add_query_arg('step', 3)) ?>">
+
+<p><?php _e('Choose the part of the image you want to use as your header.'); ?></p>
+<div id="testWrap">
+<img src="<?php echo $url; ?>" id="upload" width="<?php echo $width; ?>" height="<?php echo $height; ?>" />
+</div>
+
+<p class="submit">
+<input type="hidden" name="x1" id="x1" />
+<input type="hidden" name="y1" id="y1" />
+<input type="hidden" name="x2" id="x2" />
+<input type="hidden" name="y2" id="y2" />
+<input type="hidden" name="width" id="width" />
+<input type="hidden" name="height" id="height" />
+<input type="hidden" name="attachment_id" id="attachment_id" value="<?php echo $id; ?>" />
+<input type="hidden" name="oitar" id="oitar" value="<?php echo $oitar; ?>" />
+<?php wp_nonce_field('custom-header') ?>
+<input type="submit" value="<?php _e('Crop Header &raquo;'); ?>" />
+</p>
+
+</form>
+</div>
+		<?php
+	}
+
+	function step_3() {
+		check_admin_referer('custom-header');
+		if ( $_POST['oitar'] > 1 ) {
+			$_POST['x1'] = $_POST['x1'] * $_POST['oitar'];
+			$_POST['y1'] = $_POST['y1'] * $_POST['oitar'];
+			$_POST['width'] = $_POST['width'] * $_POST['oitar'];
+			$_POST['height'] = $_POST['height'] * $_POST['oitar'];
+		}
+
+		$header = wp_crop_image($_POST['attachment_id'], $_POST['x1'], $_POST['y1'], $_POST['width'], $_POST['height'], HEADER_IMAGE_WIDTH, HEADER_IMAGE_HEIGHT);
+		$header = apply_filters('wp_create_file_in_uploads', $header); // For replication
+
+		$parent = get_post($_POST['attachment_id']);
+
+		$parent_url = $parent->guid;
+
+		$url = str_replace(basename($parent_url), basename($header), $parent_url);
+
+		set_theme_mod('header_image', $url);
+
+		// cleanup
+		$file = get_attached_file( $_POST['attachment_id'] );
+		$medium = str_replace(basename($file), 'midsize-'.basename($file), $file);
+		@unlink( apply_filters( 'wp_delete_file', $medium ) );
+		wp_delete_attachment( $_POST['attachment_id'] );
+
+		return $this->finished();
+	}
+
+	function finished() {
+		?>
+<div class="wrap">
+<h2><?php _e('Header complete!'); ?></h2>
+
+<p><?php _e('Visit your site and you should see the new header now.'); ?></p>
+
+</div>
+		<?php
+	}
+
+	function admin_page() {
+		if ( !isset( $_GET['step'] ) )
+			$step = 1;
+		else
+			$step = (int) $_GET['step'];
+
+		if ( 1 == $step ) {
+			$this->step_1();
+		} elseif ( 2 == $step ) {
+			$this->step_2();
+		} elseif ( 3 == $step ) {
+			$this->step_3();
+		}
+
+	}
+
+}
+?>
--- a/wp-admin/edit-category-form.php
+++ b/wp-admin/edit-category-form.php
@@ -0,0 +1,49 @@
+<?php
+if ( ! empty($cat_ID) ) {
+	$heading = __('Edit Category');
+	$submit_text = __('Edit Category &raquo;');
+	$form = '<form name="editcat" id="editcat" method="post" action="categories.php">';
+	$action = 'editedcat';
+	$nonce_action = 'update-category_' . $cat_ID;
+	do_action('edit_category_form_pre', $category);
+} else {
+	$heading = __('Add Category');
+	$submit_text = __('Add Category &raquo;');
+	$form = '<form name="addcat" id="addcat" method="post" action="categories.php">';
+	$action = 'addcat';
+	$nonce_action = 'add-category';
+	do_action('add_category_form_pre', $category);
+}
+?>
+
+<div class="wrap">
+<h2><?php echo $heading ?></h2>
+<div id="ajax-response"></div>
+<?php echo $form ?>
+<input type="hidden" name="action" value="<?php echo $action ?>" />
+<input type="hidden" name="cat_ID" value="<?php echo $category->term_id ?>" />
+<?php wp_nonce_field($nonce_action); ?>
+	<table class="editform" width="100%" cellspacing="2" cellpadding="5">
+		<tr>
+			<th width="33%" scope="row" valign="top"><label for="cat_name"><?php _e('Category name:') ?></label></th>
+			<td width="67%"><input name="cat_name" id="cat_name" type="text" value="<?php echo attribute_escape($category->name); ?>" size="40" /></td>
+		</tr>
+		<tr>
+			<th scope="row" valign="top"><label for="category_nicename"><?php _e('Category slug:') ?></label></th>
+			<td><input name="category_nicename" id="category_nicename" type="text" value="<?php echo attribute_escape($category->slug); ?>" size="40" /></td>
+		</tr>
+		<tr>
+			<th scope="row" valign="top"><label for="category_parent"><?php _e('Category parent:') ?></label></th>
+			<td>
+	  			<?php wp_dropdown_categories('hide_empty=0&name=category_parent&orderby=name&selected=' . $category->parent . '&hierarchical=1&show_option_none=' . __('None')); ?>
+	  		</td>
+		</tr>
+		<tr>
+			<th scope="row" valign="top"><label for="category_description"><?php _e('Description: (optional)') ?></label></th>
+			<td><textarea name="category_description" id="category_description" rows="5" cols="50" style="width: 97%;"><?php echo wp_specialchars($category->description); ?></textarea></td>
+		</tr>
+	</table>
+<p class="submit"><input type="submit" name="submit" value="<?php echo $submit_text ?>" /></p>
+<?php do_action('edit_category_form', $category); ?>
+</form>
+</div>
--- a/wp-admin/edit-comments.php
+++ b/wp-admin/edit-comments.php
@@ -2,12 +2,12 @@
 require_once('admin.php');

 $title = __('Edit Comments');
-$parent_file = 'edit.php';
-$list_js = true;
+$parent_file = 'edit-comments.php';
+wp_enqueue_script( 'admin-comments' );

 require_once('admin-header.php');
 if (empty($_GET['mode'])) $mode = 'view';
-else $mode = wp_specialchars($_GET['mode'], 1);
+else $mode = attribute_escape($_GET['mode']);
 ?>

 <script type="text/javascript">
@@ -23,139 +23,166 @@ function checkAll(form)
 		}
 	}
 }
+
+function getNumChecked(form)
+{
+	var num = 0;
+	for (i = 0, n = form.elements.length; i < n; i++) {
+		if(form.elements[i].type == "checkbox") {
+			if(form.elements[i].checked == true)
+				num++;
+		}
+	}
+	return num;
+}
 //-->
 </script>
 <div class="wrap">
 <h2><?php _e('Comments'); ?></h2>
-<form name="searchform" action="" method="get"> 
-  <fieldset> 
-  <legend><?php _e('Show Comments That Contain...') ?></legend> 
-  <input type="text" name="s" value="<?php if (isset($_GET['s'])) echo wp_specialchars($_GET['s'], 1); ?>" size="17" /> 
-  <input type="submit" name="submit" value="<?php _e('Search') ?>"  />  
+<form name="searchform" action="" method="get" id="editcomments">
+  <fieldset>
+  <legend><?php _e('Show Comments That Contain...') ?></legend>
+  <input type="text" name="s" value="<?php if (isset($_GET['s'])) echo attribute_escape($_GET['s']); ?>" size="17" />
+  <input type="submit" name="submit" value="<?php _e('Search') ?>"  />
  <input type="hidden" name="mode" value="<?php echo $mode; ?>" />
-  <?php _e('(Searches within comment text, e-mail, URI, and IP address.)') ?>
-  </fieldset> 
+  <?php _e('(Searches within comment text, e-mail, URL, and IP address.)') ?>
+  </fieldset>
 </form>
 <p><a href="?mode=view"><?php _e('View Mode') ?></a> | <a href="?mode=edit"><?php _e('Mass Edit Mode') ?></a></p>
 <?php
 if ( !empty( $_POST['delete_comments'] ) ) :
+	check_admin_referer('bulk-comments');
+
 	$i = 0;
 	foreach ($_POST['delete_comments'] as $comment) : // Check the permissions on each
 		$comment = (int) $comment;
-		$post_id = $wpdb->get_var("SELECT comment_post_ID FROM $wpdb->comments WHERE comment_ID = $comment");
-		$authordata = get_userdata( $wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = $post_id") );
-		if ( current_user_can('edit_post', $post_id) ) :
-			wp_set_comment_status($comment, "delete");
+		$post_id = (int) $wpdb->get_var("SELECT comment_post_ID FROM $wpdb->comments WHERE comment_ID = $comment");
+		// $authordata = get_userdata( $wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = $post_id") );
+		if ( current_user_can('edit_post', $post_id) ) {
+			if ( !empty( $_POST['spam_button'] ) )
+				wp_set_comment_status($comment, 'spam');
+			else
+				wp_set_comment_status($comment, 'delete');
 			++$i;
-		endif;
+		}
 	endforeach;
-	echo "<div class='wrap'><p>" . sprintf(__('%s comments deleted.'), $i) . "</p></div>";
+	echo '<div style="background-color: rgb(207, 235, 247);" id="message" class="updated fade"><p>';
+	if ( !empty( $_POST['spam_button'] ) ) {
+		printf(__ngettext('%s comment marked as spam', '%s comments marked as spam.', $i), $i);
+	} else {
+		printf(__ngettext('%s comment deleted.', '%s comments deleted.', $i), $i);
+	}
+	echo '</p></div>';
 endif;

-if (isset($_GET['s'])) {
-	$s = $wpdb->escape($_GET['s']);
-	$comments = $wpdb->get_results("SELECT * FROM $wpdb->comments  WHERE
-		(comment_author LIKE '%$s%' OR
-		comment_author_email LIKE '%$s%' OR
-		comment_author_url LIKE ('%$s%') OR
-		comment_author_IP LIKE ('%$s%') OR
-		comment_content LIKE ('%$s%') ) AND
-		comment_approved != 'spam'
-		ORDER BY comment_date DESC");
-} else {
-	if ( isset($_GET['offset']) )
-		$offset = (int) $_GET['offset'] * 20;
-	else
-		$offset = 0;
+if ( isset( $_GET['apage'] ) )
+	$page = abs( (int) $_GET['apage'] );
+else
+	$page = 1;
+
+$start = $offset = ( $page - 1 ) * 20;
+
+list($_comments, $total) = _wp_get_comment_list( isset($_GET['s']) ? $_GET['s'] : false, $start, 25 ); // Grab a few extra
+
+$comments = array_slice($_comments, 0, 20);
+$extra_comments = array_slice($_comments, 20);
+
+$page_links = paginate_links( array(
+	'base' => add_query_arg( 'apage', '%#%' ),
+	'format' => '',
+	'total' => ceil($total / 20),
+	'current' => $page
+));
+
+if ( $page_links )
+	echo "<p class='pagenav'>$page_links</p>";

-	$comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_approved = '0' OR comment_approved = '1' ORDER BY comment_date DESC LIMIT $offset,20");
-}
 if ('view' == $mode) {
 	if ($comments) {
-		if ($offset)
-			$start = " start='$offset'";
-		else
-			$start = '';
+		$offset = $offset + 1;
+		$start = " start='$offset'";

-		echo "<ol id='the-list' class='commentlist' $start>";
+		echo "<ol id='the-comment-list' class='commentlist' $start>\n";
 		$i = 0;
-		foreach ($comments as $comment) {
-		++$i; $class = '';
-		$authordata = get_userdata($wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = $comment->comment_post_ID"));
-			$comment_status = wp_get_comment_status($comment->comment_ID);
-			if ('unapproved' == $comment_status) 
-				$class .= ' unapproved';
-			if ($i % 2)
-				$class .= ' alternate';
-			echo "<li id='comment-$comment->comment_ID' class='$class'>";
-?>		
-        <p><strong><?php _e('Name:') ?></strong> <?php comment_author() ?> <?php if ($comment->comment_author_email) { ?>| <strong><?php _e('E-mail:') ?></strong> <?php comment_author_email_link() ?> <?php } if ($comment->comment_author_url && 'http://' != $comment->comment_author_url ) { ?> | <strong><?php _e('URI:') ?></strong> <?php comment_author_url_link() ?> <?php } ?>| <strong><?php _e('IP:') ?></strong> <a href="http://ws.arin.net/cgi-bin/whois.pl?queryinput=<?php comment_author_IP() ?>"><?php comment_author_IP() ?></a></p>
-		
-		<?php comment_text() ?>
+		foreach ( $comments as $comment ) {
+			get_comment( $comment ); // Cache it
+			_wp_comment_list_item( $comment->comment_ID, ++$i );
+		}
+		echo "</ol>\n\n";

-        <p><?php _e('Posted'); echo ' '; comment_date('M j, g:i A');  
-			if ( current_user_can('edit_post', $comment->comment_post_ID) ) {
-				echo " | <a href=\"post.php?action=editcomment&amp;comment=".$comment->comment_ID."\">" . __('Edit Comment') . "</a>";
-				echo " | <a href=\"post.php?action=deletecomment&amp;p=".$comment->comment_post_ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . sprintf(__("You are about to delete this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), wp_specialchars( $comment->comment_author, 1 ))  . "' );\">" . __('Delete Comment') . "</a> &#8212; ";
-			} // end if any comments to show
-			// Get post title
-			if ( current_user_can('edit_post', $comment->comment_post_ID) ) {
-				$post_title = $wpdb->get_var("SELECT post_title FROM $wpdb->posts WHERE ID = $comment->comment_post_ID");
-				$post_title = ('' == $post_title) ? "# $comment->comment_post_ID" : $post_title;
-				?> <a href="post.php?action=edit&amp;post=<?php echo $comment->comment_post_ID; ?>"><?php printf(__('Edit Post &#8220;%s&#8221;'), stripslashes($post_title)); ?></a>
-				<?php } ?>
-			 | <a href="<?php echo get_permalink($comment->comment_post_ID); ?>"><?php _e('View Post') ?></a></p>
-		</li>
-
-<?php } // end foreach ?>
-</ol>
+if ( $extra_comments ) : ?>
+<div id="extra-comments" style="display:none">
+<ul id="the-extra-comment-list" class="commentlist">
+<?php
+	foreach ( $extra_comments as $comment ) {
+		get_comment( $comment ); // Cache it
+		_wp_comment_list_item( $comment->comment_ID, ++$i );
+	}
+?>
+</ul>
+</div>
+<?php endif; // $extra_comments ?>

 <div id="ajax-response"></div>

 <?php
-	} else {
+	} else { //no comments to show

 		?>
 		<p>
-        <strong><?php _e('No comments found.') ?></strong></p>
-		
+			<strong><?php _e('No comments found.') ?></strong></p>
+
 		<?php
 	} // end if ($comments)
 } elseif ('edit' == $mode) {

 	if ($comments) {
-		echo '<form name="deletecomments" id="deletecomments" action="" method="post"> 
-		<table width="100%" cellpadding="3" cellspacing="3">
+		echo '<form name="deletecomments" id="deletecomments" action="" method="post"> ';
+		wp_nonce_field('bulk-comments');
+		echo '<table class="widefat">
+<thead>
  <tr>
-    <th scope="col">*</th>
+    <th scope="col" style="text-align: center"><input type="checkbox" onclick="checkAll(document.getElementById(\'deletecomments\'));" /></th>
    <th scope="col">' .  __('Name') . '</th>
    <th scope="col">' .  __('E-mail') . '</th>
    <th scope="col">' . __('IP') . '</th>
    <th scope="col">' . __('Comment Excerpt') . '</th>
-	<th scope="col" colspan="3">' .  __('Actions') . '</th>
-  </tr>';
+	<th scope="col" colspan="3" style="text-align: center">' .  __('Actions') . '</th>
+  </tr>
+</thead>';
 		foreach ($comments as $comment) {
-		$authordata = get_userdata($wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = $comment->comment_post_ID"));
+		$post = get_post($comment->comment_post_ID);
+		$authordata = get_userdata($post->post_author);
+		$comment_status = wp_get_comment_status($comment->comment_ID);
 		$class = ('alternate' == $class) ? '' : 'alternate';
+		$class .= ('unapproved' == $comment_status) ? ' unapproved' : '';
 ?>
-  <tr class='<?php echo $class; ?>'>
-    <td><?php if ( current_user_can('edit_post', $comment->comment_post_ID) ) { ?><input type="checkbox" name="delete_comments[]" value="<?php echo $comment->comment_ID; ?>" /><?php } ?></td>
+  <tr id="comment-<?php echo $comment->comment_ID; ?>" class='<?php echo $class; ?>'>
+    <td style="text-align: center"><?php if ( current_user_can('edit_post', $comment->comment_post_ID) ) { ?><input type="checkbox" name="delete_comments[]" value="<?php echo $comment->comment_ID; ?>" /><?php } ?></td>
    <td><?php comment_author_link() ?></td>
    <td><?php comment_author_email_link() ?></td>
-    <td><a href="http://ws.arin.net/cgi-bin/whois.pl?queryinput=<?php comment_author_IP() ?>"><?php comment_author_IP() ?></a></td>
+    <td><a href="edit-comments.php?s=<?php comment_author_IP() ?>&amp;mode=edit"><?php comment_author_IP() ?></a></td>
    <td><?php comment_excerpt(); ?></td>
-    <td><a href="<?php echo get_permalink($comment->comment_post_ID); ?>#comment-<?php comment_ID() ?>" class="edit"><?php _e('View') ?></a></td>
+    <td>
+    	<?php if ('unapproved' == $comment_status) {
+    		_e('Unapproved');
+    	} else { ?>
+    		<a href="<?php echo get_permalink($comment->comment_post_ID); ?>#comment-<?php comment_ID() ?>" class="edit"><?php _e('View') ?></a>
+    	<?php } ?>
+    </td>
    <td><?php if ( current_user_can('edit_post', $comment->comment_post_ID) ) {
-	echo "<a href='post.php?action=editcomment&amp;comment=$comment->comment_ID' class='edit'>" .  __('Edit') . "</a>"; } ?></td>
+	echo "<a href='comment.php?action=editcomment&amp;c=$comment->comment_ID' class='edit'>" .  __('Edit') . "</a>"; } ?></td>
    <td><?php if ( current_user_can('edit_post', $comment->comment_post_ID) ) {
-            echo "<a href=\"post.php?action=deletecomment&amp;p=".$comment->comment_post_ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return confirm('" . sprintf(__("You are about to delete this comment by \'%s\'\\n  \'Cancel\' to stop, \'OK\' to delete."), $comment->comment_author) . "')\"    class='delete'>" . __('Delete') . "</a>"; } ?></td>
+		echo "<a href=\"comment.php?action=deletecomment&amp;p=".$comment->comment_post_ID."&amp;c=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to delete this comment by '%s'. \n  'Cancel' to stop, 'OK' to delete."), $comment->comment_author ))  . "', theCommentList );\" class='delete'>" . __('Delete') . "</a> ";
+		} ?></td>
  </tr>
-		<?php 
+		<?php
 		} // end foreach
 	?></table>
-    <p><a href="javascript:;" onclick="checkAll(document.getElementById('deletecomments')); return false; "><?php _e('Invert Checkbox Selection') ?></a></p>
-            <p class="submit"><input type="submit" name="Submit" value="<?php _e('Delete Checked Comments') ?> &raquo;" onclick="return confirm('<?php _e("You are about to delete these comments permanently \\n  \'Cancel\' to stop, \'OK\' to delete.") ?>')" />	</p>
+<p class="submit"><input type="submit" name="delete_button" class="delete" value="<?php _e('Delete Checked Comments &raquo;') ?>" onclick="var numchecked = getNumChecked(document.getElementById('deletecomments')); if(numchecked < 1) { alert('<?php echo js_escape(__("Please select some comments to delete")); ?>'); return false } return confirm('<?php echo sprintf(js_escape(__("You are about to delete %s comments permanently \n  'Cancel' to stop, 'OK' to delete.")), "' + numchecked + '"); ?>')" />
+			<input type="submit" name="spam_button" value="<?php _e('Mark Checked Comments as Spam &raquo;') ?>" onclick="var numchecked = getNumChecked(document.getElementById('deletecomments')); if(numchecked < 1) { alert('<?php echo js_escape(__("Please select some comments to mark as spam")); ?>'); return false } return confirm('<?php echo sprintf(js_escape(__("You are about to mark %s comments as spam \n  'Cancel' to stop, 'OK' to mark as spam.")), "' + numchecked + '"); ?>')" /></p>
  </form>
+<div id="ajax-response"></div>
 <?php
 	} else {
 ?>
@@ -165,7 +192,11 @@ if ('view' == $mode) {
 <?php
 	} // end if ($comments)
 }
-	?>
+
+if ( $page_links )
+	echo "<p class='pagenav'>$page_links</p>";
+
+?>

 </div>

--- a/wp-admin/edit-form-advanced.php
+++ b/wp-admin/edit-form-advanced.php
@@ -1,59 +1,63 @@
 <?php
+if ( isset($_GET['message']) )
+	$_GET['message'] = (int) $_GET['message'];
 $messages[1] = __('Post updated');
 $messages[2] = __('Custom field updated');
 $messages[3] = __('Custom field deleted.');
 ?>
 <?php if (isset($_GET['message'])) : ?>
-<div id="message" class="updated fade"><p><?php echo $messages[$_GET['message']]; ?></p></div>
+<div id="message" class="updated fade"><p><?php echo wp_specialchars($messages[$_GET['message']]); ?></p></div>
 <?php endif; ?>

 <form name="post" action="post.php" method="post" id="post">
-<?php if ( (isset($mode) && 'bookmarklet' == $mode) || 
-            isset($_GET['popupurl']) ): ?>
+<?php if ( (isset($mode) && 'bookmarklet' == $mode) || isset($_GET['popupurl']) ): ?>
 <input type="hidden" name="mode" value="bookmarklet" />
 <?php endif; ?>

 <div class="wrap">
-<h2 id="write-post"><?php _e('Write Post'); ?><?php if ( 0 != $post_ID ) : ?>
- <small class="quickjump"><a href="#preview-post"><?php _e('preview &darr;'); ?></a></small><?php endif; ?></h2>
 <?php

 if (0 == $post_ID) {
 	$form_action = 'post';
-	$temp_ID = -1 * time();
-	$form_extra = "<input type='hidden' name='temp_ID' value='$temp_ID' />";
+	$temp_ID = -1 * time(); // don't change this formula without looking at wp_write_post()
+	$form_extra = "<input type='hidden' id='post_ID' name='temp_ID' value='$temp_ID' />";
+	wp_nonce_field('add-post');
 } else {
+	$post_ID = (int) $post_ID;
 	$form_action = 'editpost';
-	$form_extra = "<input type='hidden' name='post_ID' value='$post_ID' />";
+	$form_extra = "<input type='hidden' id='post_ID' name='post_ID' value='$post_ID' />";
+	wp_nonce_field('update-post_' .  $post_ID);
 }

-$form_pingback = '<input type="hidden" name="post_pingback" value="' . get_option('default_pingback_flag') . '" id="post_pingback" />';
+$form_pingback = '<input type="hidden" name="post_pingback" value="' . (int) get_option('default_pingback_flag') . '" id="post_pingback" />';

-$form_prevstatus = '<input type="hidden" name="prev_status" value="' . $post->post_status . '" />';
+$form_prevstatus = '<input type="hidden" name="prev_status" value="' . attribute_escape( $post->post_status ) . '" />';

-$form_trackback = '<input type="text" name="trackback_url" style="width: 415px" id="trackback" tabindex="7" value="'. str_replace("\n", ' ', $post->to_ping) .'" />';
+$form_trackback = '<input type="text" name="trackback_url" style="width: 415px" id="trackback" tabindex="7" value="'. attribute_escape( str_replace("\n", ' ', $post->to_ping) ) .'" />';

 if ('' != $post->pinged) {
 	$pings = '<p>'. __('Already pinged:') . '</p><ul>';
 	$already_pinged = explode("\n", trim($post->pinged));
 	foreach ($already_pinged as $pinged_url) {
-		$pings .= "\n\t<li>$pinged_url</li>";
+		$pings .= "\n\t<li>" . wp_specialchars($pinged_url) . "</li>";
 	}
 	$pings .= '</ul>';
 }

-$saveasdraft = '<input name="save" type="submit" id="save" tabindex="3" value="' . __('Save and Continue Editing') . '" />';
+$saveasdraft = '<input name="save" type="submit" id="save" tabindex="3" value="' . attribute_escape( __('Save and Continue Editing') ) . '" />';

 if (empty($post->post_status)) $post->post_status = 'draft';

 ?>

-<input type="hidden" name="user_ID" value="<?php echo $user_ID ?>" />
-<input type="hidden" name="action" value="<?php echo $form_action ?>" />
-<input type="hidden" name="post_author" value="<?php echo $post->post_author ?>" />
+<input type="hidden" name="user_ID" value="<?php echo (int) $user_ID ?>" />
+<input type="hidden" id="hiddenaction" name="action" value="<?php echo $form_action ?>" />
+<input type="hidden" id="originalaction" name="originalaction" value="<?php echo $form_action ?>" />
+<input type="hidden" name="post_author" value="<?php echo attribute_escape( $post->post_author ); ?>" />
+<input type="hidden" id="post_type" name="post_type" value="post" />

 <?php echo $form_extra ?>
-<?php if (isset($_GET['message']) && 2 > $_GET['message']) : ?>
+<?php if ((isset($post->post_title) && '' == $post->post_title) || (isset($_GET['message']) && 2 > $_GET['message'])) : ?>
 <script type="text/javascript">
 function focusit() {
 	// focus on first input field
@@ -67,64 +71,62 @@ addLoadEvent(focusit);
 <div id="moremeta">
 <div id="grabit" class="dbx-group">

+<fieldset id="categorydiv" class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Categories') ?></h3>
+<div class="dbx-content">
+<p id="jaxcat"></p>
+<ul id="categorychecklist"><?php dropdown_categories(); ?></ul></div>
+</fieldset>
+
 <fieldset id="commentstatusdiv" class="dbx-box">
 <h3 class="dbx-handle"><?php _e('Discussion') ?></h3>
 <div class="dbx-content">
 <input name="advanced_view" type="hidden" value="1" />
 <label for="comment_status" class="selectit">
 <input name="comment_status" type="checkbox" id="comment_status" value="open" <?php checked($post->comment_status, 'open'); ?> />
-<?php _e('Allow Comments') ?></label> 
+<?php _e('Allow Comments') ?></label>
 <label for="ping_status" class="selectit"><input name="ping_status" type="checkbox" id="ping_status" value="open" <?php checked($post->ping_status, 'open'); ?> /> <?php _e('Allow Pings') ?></label>
 </div>
 </fieldset>

 <fieldset id="passworddiv" class="dbx-box">
-<h3 class="dbx-handle"><?php _e('Password-Protect Post') ?></h3> 
-<div class="dbx-content"><input name="post_password" type="text" size="13" id="post_password" value="<?php echo $post->post_password ?>" /></div>
+<h3 class="dbx-handle"><?php _e('Post Password') ?></h3>
+<div class="dbx-content"><input name="post_password" type="text" size="13" id="post_password" value="<?php echo attribute_escape( $post->post_password ); ?>" /></div>
 </fieldset>

 <fieldset id="slugdiv" class="dbx-box">
-<h3 class="dbx-handle"><?php _e('Post slug') ?></h3> 
-<div class="dbx-content"><input name="post_name" type="text" size="13" id="post_name" value="<?php echo $post->post_name ?>" /></div>
+<h3 class="dbx-handle"><?php _e('Post Slug') ?></h3>
+<div class="dbx-content"><input name="post_name" type="text" size="13" id="post_name" value="<?php echo attribute_escape( $post->post_name ); ?>" /></div>
 </fieldset>

-<fieldset id="categorydiv" class="dbx-box">
-<h3 class="dbx-handle"><?php _e('Categories') ?></h3>
+<fieldset id="poststatusdiv" class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Post Status') ?></h3>
 <div class="dbx-content">
-<p id="jaxcat"></p>
-<div id="categorychecklist"><?php dropdown_categories(get_settings('default_category')); ?></div></div>
-</fieldset>
-
-<fieldset class="dbx-box">
-<h3 class="dbx-handle"><?php _e('Post Status') ?></h3> 
-<div class="dbx-content"><?php if ( current_user_can('publish_posts') ) : ?>
-<label for="post_status_publish" class="selectit"><input id="post_status_publish" name="post_status" type="radio" value="publish" <?php checked($post->post_status, 'publish'); ?> /> <?php _e('Published') ?></label>
+<?php if ( current_user_can('publish_posts') ) : ?>
+	<label for="post_status_publish" class="selectit"><input id="post_status_publish" name="post_status" type="radio" value="publish" <?php checked($post->post_status, 'publish'); checked($post->post_status, 'future'); ?> /> <?php _e('Published') ?></label>
 <?php endif; ?>
+	<label for="post_status_pending" class="selectit"><input id="post_status_pending" name="post_status" type="radio" value="pending" <?php checked($post->post_status, 'pending'); ?> /> <?php _e('Pending Review') ?></label>
 	  <label for="post_status_draft" class="selectit"><input id="post_status_draft" name="post_status" type="radio" value="draft" <?php checked($post->post_status, 'draft'); ?> /> <?php _e('Draft') ?></label>
 	  <label for="post_status_private" class="selectit"><input id="post_status_private" name="post_status" type="radio" value="private" <?php checked($post->post_status, 'private'); ?> /> <?php _e('Private') ?></label></div>
 </fieldset>

 <?php if ( current_user_can('edit_posts') ) : ?>
-<fieldset class="dbx-box">
-<h3 class="dbx-handle"><?php _e('Post Timestamp'); ?>:</h3>
+<fieldset id="posttimestampdiv" class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Post Timestamp'); ?></h3>
 <div class="dbx-content"><?php touch_time(($action == 'edit')); ?></div>
 </fieldset>
 <?php endif; ?>

-<?php if ( $authors = get_editable_authors( $current_user->id ) ) : // TODO: ROLE SYSTEM ?>
-<fieldset id="authordiv" class="dbx-box">
-<h3 class="dbx-handle"><?php _e('Post author'); ?>:</h3>
-<div class="dbx-content">
-<select name="post_author_override" id="post_author_override">
-<?php 
-foreach ($authors as $o) :
-$o = get_userdata( $o->ID );
-if ( $post->post_author == $o->ID || ( empty($post_ID) && $user_ID == $o->ID ) ) $selected = 'selected="selected"';
-else $selected = '';
-echo "<option value='$o->ID' $selected>$o->display_name</option>";
-endforeach;
+<?php
+$authors = get_editable_user_ids( $current_user->id ); // TODO: ROLE SYSTEM
+if ( $post->post_author && !in_array($post->post_author, $authors) )
+	$authors[] = $post->post_author;
+if ( $authors && count( $authors ) > 1 ) :
 ?>
-</select>
+<fieldset id="authordiv" class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Post Author'); ?></h3>
+<div class="dbx-content">
+<?php wp_dropdown_users( array('include' => $authors, 'name' => 'post_author_override', 'selected' => empty($post_ID) ? $user_ID : $post->post_author) ); ?>
 </div>
 </fieldset>
 <?php endif; ?>
@@ -135,137 +137,125 @@ endforeach;
 </div>

 <fieldset id="titlediv">
-  <legend><?php _e('Title') ?></legend> 
-  <div><input type="text" name="post_title" size="30" tabindex="1" value="<?php echo $post->post_title; ?>" id="title" /></div>
+	<legend><?php _e('Title') ?></legend>
+	<div><input type="text" name="post_title" size="30" tabindex="1" value="<?php echo attribute_escape($post->post_title); ?>" id="title" /></div>
 </fieldset>

 <fieldset id="<?php echo user_can_richedit() ? 'postdivrich' : 'postdiv'; ?>">
-<legend><?php _e('Post') ?></legend>
+<legend><?php _e('Post') ?>

-<?php
- $rows = get_settings('default_post_edit_rows');
- if (($rows < 3) || ($rows > 100)) {
-     $rows = 12;
- }
-?>
-<?php the_quicktags(); ?>
+<?php if ( 'publish' == $post->post_status ) { ?>
+<a href="<?php echo clean_url(get_permalink($post->ID)); ?>" class="view-link" target="_blank"><?php _e('View &raquo;'); ?></a>
+<?php } elseif ( 'edit' == $action ) { ?>
+<a href="<?php echo clean_url(apply_filters('preview_post_link', add_query_arg('preview', 'true', get_permalink($post->ID)))); ?>" class="view-link" target="_blank"><?php _e('Preview &raquo;'); ?></a>
+<?php } ?>
+</legend>

-<div><textarea <?php if ( user_can_richedit() ) echo 'title="true" '; ?>rows="<?php echo $rows; ?>" cols="40" name="content" tabindex="2" id="content"><?php echo user_can_richedit() ? wp_richedit_pre($post->post_content) : $post->post_content; ?></textarea></div>
+	<?php the_editor($post->post_content); ?>
 </fieldset>

-<script type="text/javascript">
-<!--
-edCanvas = document.getElementById('content');
-<?php if ( user_can_richedit() ) : ?>
-// This code is meant to allow tabbing from Title to Post (TinyMCE).
-if ( tinyMCE.isMSIE )
-	document.getElementById('title').onkeydown = function (e)
-		{
-			e = e ? e : window.event;
-			if (e.keyCode == 9 && !e.shiftKey && !e.controlKey && !e.altKey) {
-				var i = tinyMCE.selectedInstance;
-				if(typeof i ==  'undefined')
-					return true;
-                                tinyMCE.execCommand("mceStartTyping");
-				this.blur();
-				i.contentWindow.focus();
-				e.returnValue = false;
-				return false;
-			}
-		}
-else
-	document.getElementById('title').onkeypress = function (e)
-		{
-			e = e ? e : window.event;
-			if (e.keyCode == 9 && !e.shiftKey && !e.controlKey && !e.altKey) {
-				var i = tinyMCE.selectedInstance;
-				if(typeof i ==  'undefined')
-					return true;
-                                tinyMCE.execCommand("mceStartTyping");
-				this.blur();
-				i.contentWindow.focus();
-				e.returnValue = false;
-				return false;
-			}
-		}
-<?php endif; ?>
-//-->
-</script>
-
 <?php echo $form_pingback ?>
 <?php echo $form_prevstatus ?>

+<fieldset id="tagdiv">
+	<legend><?php _e('Tags (separate multiple tags with commas: cats, pet food, dogs)'); ?></legend>
+	<div><input type="text" name="tags_input" class="tags-input" id="tags-input" size="30" tabindex="3" value="<?php echo get_tags_to_edit( $post_ID ); ?>" /></div>
+</fieldset>

-<p class="submit"><?php echo $saveasdraft; ?> <input type="submit" name="submit" value="<?php _e('Save') ?>" style="font-weight: bold;" tabindex="4" /> 
-<?php 
-if ('publish' != $post->post_status || 0 == $post_ID) {
+<p class="submit">
+<span id="autosave"></span>
+<?php echo $saveasdraft; ?>
+<input type="submit" name="submit" value="<?php _e('Save'); ?>" style="font-weight: bold;" tabindex="4" />
+<?php
+if ( !in_array( $post->post_status, array('publish', 'future') ) || 0 == $post_ID ) {
 ?>
 <?php if ( current_user_can('publish_posts') ) : ?>
-	<input name="publish" type="submit" id="publish" tabindex="5" accesskey="p" value="<?php _e('Publish') ?>" /> 
+	<input name="publish" type="submit" id="publish" tabindex="5" accesskey="p" value="<?php _e('Publish') ?>" />
+<?php else : ?>
+	<input name="publish" type="submit" id="publish" tabindex="5" accesskey="p" value="<?php _e('Submit for Review') ?>" />
 <?php endif; ?>
 <?php
 }
 ?>
-<input name="referredby" type="hidden" id="referredby" value="<?php 
+<input name="referredby" type="hidden" id="referredby" value="<?php
 if ( !empty($_REQUEST['popupurl']) )
-	echo wp_specialchars($_REQUEST['popupurl']);
-else if ( url_to_postid($_SERVER['HTTP_REFERER']) == $post_ID )
+	echo clean_url(stripslashes($_REQUEST['popupurl']));
+else if ( url_to_postid(wp_get_referer()) == $post_ID )
 	echo 'redo';
 else
-	echo wp_specialchars($_SERVER['HTTP_REFERER']);
+	echo clean_url(stripslashes(wp_get_referer()));
 ?>" /></p>

 <?php do_action('edit_form_advanced'); ?>

 <?php
 if (current_user_can('upload_files')) {
-	$uploading_iframe_ID = (0 == $post_ID ? $temp_ID : $post_ID);
-	$uploading_iframe_src = "inline-uploading.php?action=view&amp;post=$uploading_iframe_ID";
+	$uploading_iframe_ID = (int) (0 == $post_ID ? $temp_ID : $post_ID);
+	$uploading_iframe_src = wp_nonce_url("upload.php?style=inline&amp;tab=upload&amp;post_id=$uploading_iframe_ID", 'inlineuploading');
 	$uploading_iframe_src = apply_filters('uploading_iframe_src', $uploading_iframe_src);
 	if ( false != $uploading_iframe_src )
-		echo '<iframe id="uploading" border="0" src="' . $uploading_iframe_src . '">' . __('This feature requires iframe support.') . '</iframe>';
+		echo '<iframe id="uploading" name="uploading" frameborder="0" src="' . $uploading_iframe_src . '">' . __('This feature requires iframe support.') . '</iframe>';
 }
 ?>

 <div id="advancedstuff" class="dbx-group" >

+<div class="dbx-b-ox-wrapper">
 <fieldset id="postexcerpt" class="dbx-box">
+<div class="dbx-h-andle-wrapper">
 <h3 class="dbx-handle"><?php _e('Optional Excerpt') ?></h3>
+</div>
+<div class="dbx-c-ontent-wrapper">
 <div class="dbx-content"><textarea rows="1" cols="40" name="excerpt" tabindex="6" id="excerpt"><?php echo $post->post_excerpt ?></textarea></div>
+</div>
 </fieldset>
+</div>

-<fieldset class="dbx-box">
+<div class="dbx-b-ox-wrapper">
+<fieldset id="trackbacksdiv" class="dbx-box">
+<div class="dbx-h-andle-wrapper">
 <h3 class="dbx-handle"><?php _e('Trackbacks') ?></h3>
-<div class="dbx-content"><?php _e('Send trackbacks to'); ?>: <?php echo $form_trackback; ?> (<?php _e('Separate multiple URIs with spaces'); ?>)
-<?php 
+</div>
+<div class="dbx-c-ontent-wrapper">
+<div class="dbx-content"><?php _e('Send trackbacks to:'); ?> <?php echo $form_trackback; ?> (<?php _e('Separate multiple URLs with spaces'); ?>)
+<?php
 if ( ! empty($pings) )
 	echo $pings;
 ?>
 </div>
-</fieldset>
-
-<fieldset id="postcustom" class="dbx-box">
-<h3 class="dbx-handle"><?php _e('Custom Fields') ?></h3>
-<div id="postcustomstuff" class="dbx-content">
-<?php 
-if($metadata = has_meta($post_ID)) {
-?>
-<?php
-	list_meta($metadata); 
-?>
-<?php
-}
-	meta_form();
-?>
 </div>
 </fieldset>
+</div>
+
+<div class="dbx-b-ox-wrapper">
+<fieldset id="postcustom" class="dbx-box">
+<div class="dbx-h-andle-wrapper">
+<h3 class="dbx-handle"><?php _e('Custom Fields') ?></h3>
+</div>
+<div class="dbx-c-ontent-wrapper">
+<div id="postcustomstuff" class="dbx-content">
+<table cellpadding="3">
+<?php
+$metadata = has_meta($post_ID);
+list_meta($metadata);
+?>
+
+</table>
+<?php
+	meta_form();
+?>
+<div id="ajax-response"></div>
+</div>
+</div>
+</fieldset>
+</div>

 <?php do_action('dbx_post_advanced'); ?>

 </div>

-<?php if ('edit' == $action) : ?>
-<input name="deletepost" class="button" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this post') ?>" <?php echo "onclick=\"return confirm('" . sprintf(__("You are about to delete this post \'%s\'\\n  \'Cancel\' to stop, \'OK\' to delete."), addslashes($post->post_title) ) . "')\""; ?> />
+<?php if ('edit' == $action) : $delete_nonce = wp_create_nonce( 'delete-post_' . $post_ID ); ?>
+<input name="deletepost" class="button delete" type="submit" id="deletepost" tabindex="10" value="<?php echo ( 'draft' == $post->post_status ) ? __('Delete this draft') : __('Delete this post'); ?>" <?php echo "onclick=\"if ( confirm('" . js_escape(sprintf( ('draft' == $post->post_status) ? __("You are about to delete this draft '%s'\n  'Cancel' to stop, 'OK' to delete.") : __("You are about to delete this post '%s'\n  'Cancel' to stop, 'OK' to delete."), $post->post_title )) . "') ) { document.forms.post._wpnonce.value = '$delete_nonce'; return true;}return false;\""; ?> />
 <?php endif; ?>

 </div>
--- a/wp-admin/edit-form-ajax-cat.php
+++ b/wp-admin/edit-form-ajax-cat.php
@@ -1,37 +0,0 @@
-<?php
-require_once('../wp-config.php');
-require_once('admin-functions.php');
-require_once('admin-db.php');
-
-get_currentuserinfo();
-
-if ( !current_user_can('manage_categories') )
-	die('-1');
-
-function get_out_now() { exit; }
-
-add_action('shutdown', 'get_out_now', -1);
-
-$names = explode(',', rawurldecode($_GET['ajaxnewcat']) );
-$ids   = array();
-
-foreach ($names as $cat_name) {
-	$cat_name = trim( $cat_name );
-	
-	if ( !$category_nicename = sanitize_title($cat_name) )
-		continue;
-	if ( $already = category_exists($cat_name) ) {
-		$ids[] = (string) $already;
-		continue;
-	}
-	
-	$new_cat_id = wp_create_category($cat_name);
-	
-	$ids[] = (string) $new_cat_id;
-}
-
-$return = join(',', $ids);
-
-die( (string) $return );
-
-?>
--- a/wp-admin/edit-form-comment.php
+++ b/wp-admin/edit-form-comment.php
@@ -2,12 +2,14 @@
 $submitbutton_text = __('Edit Comment &raquo;');
 $toprow_title = sprintf(__('Editing Comment # %s'), $comment->comment_ID);
 $form_action = 'editedcomment';
-$form_extra = "' />\n<input type='hidden' name='comment_ID' value='" . $comment->comment_ID . "' />\n<input type='hidden' name='comment_post_ID' value='".$comment->comment_post_ID;
+$form_extra = "' />\n<input type='hidden' name='comment_ID' value='" . $comment->comment_ID . "' />\n<input type='hidden' name='comment_post_ID' value='" . $comment->comment_post_ID;
 ?>

-<form name="post" action="post.php" method="post" id="post">
+<form name="post" action="comment.php" method="post" id="post">
+<h2><?php echo $toprow_title; ?></h2>
+<?php wp_nonce_field('update-comment_' . $comment->comment_ID) ?>
 <div class="wrap">
-<input type="hidden" name="user_ID" value="<?php echo $user_ID ?>" />
+<input type="hidden" name="user_ID" value="<?php echo (int) $user_ID ?>" />
 <input type="hidden" name="action" value='<?php echo $form_action . $form_extra ?>' />

 <script type="text/javascript">
@@ -17,78 +19,31 @@ function focusit() { // focus on first input field
 addLoadEvent(focusit);
 </script>
 <fieldset id="namediv">
-    <legend><?php _e('Name:') ?></legend>
+    <legend><label for="name"><?php _e('Name:') ?></label></legend>
 	<div>
-	  <input type="text" name="newcomment_author" size="22" value="<?php echo $comment->comment_author ?>" tabindex="1" id="name" />
+	  <input type="text" name="newcomment_author" size="25" value="<?php echo attribute_escape( $comment->comment_author ); ?>" tabindex="1" id="name" />
    </div>
 </fieldset>
 <fieldset id="emaildiv">
-        <legend><?php _e('E-mail:') ?></legend>
+        <legend><label for="email"><?php _e('E-mail:') ?></label></legend>
 		<div>
-		  <input type="text" name="newcomment_author_email" size="30" value="<?php echo $comment->comment_author_email ?>" tabindex="2" id="email" />
+		  <input type="text" name="newcomment_author_email" size="20" value="<?php echo attribute_escape( $comment->comment_author_email ); ?>" tabindex="2" id="email" />
    </div>
 </fieldset>
 <fieldset id="uridiv">
-        <legend><?php _e('URI:') ?></legend>
+        <legend><label for="newcomment_author_url"><?php _e('URL:') ?></label></legend>
 		<div>
-		  <input type="text" id="newcomment_author_url" name="newcomment_author_url" size="35" value="<?php echo $comment->comment_author_url ?>" tabindex="3" id="URL" />
+		  <input type="text" id="newcomment_author_url" name="newcomment_author_url" size="35" value="<?php echo attribute_escape( $comment->comment_author_url ); ?>" tabindex="2" />
    </div>
 </fieldset>

 <fieldset style="clear: both;">
        <legend><?php _e('Comment') ?></legend>
-<?php the_quicktags(); ?>
-
-<?php
- $rows = get_settings('default_post_edit_rows');
- if (($rows < 3) || ($rows > 100)) {
-     $rows = 10;
- }
-?>
-<div><textarea title="true" rows="<?php echo $rows; ?>" cols="40" name="content" tabindex="4" id="content" style="width: 99%"><?php echo user_can_richedit() ? wp_richedit_pre($comment->comment_content) : $comment->comment_content; ?></textarea></div>
+	<?php the_editor($comment->comment_content, 'content', 'newcomment_author_url'); ?>
 </fieldset>

-<script type="text/javascript">
-<!--
-edCanvas = document.getElementById('content');
-<?php if ( user_can_richedit() ) : ?>
-// This code is meant to allow tabbing from Author URL to Post (TinyMCE).
-if ( tinyMCE.isMSIE )
-	document.getElementById('newcomment_author_url').onkeydown = function (e)
-		{
-			e = e ? e : window.event;
-			if (e.keyCode == 9 && !e.shiftKey && !e.controlKey && !e.altKey) {
-				var i = tinyMCE.selectedInstance;
-				if(typeof i ==  'undefined')
-					return true;
-                                tinyMCE.execCommand("mceStartTyping");
-				this.blur();
-				i.contentWindow.focus();
-				e.returnValue = false;
-				return false;
-			}
-		}
-else
-	document.getElementById('newcomment_author_url').onkeypress = function (e)
-		{
-			e = e ? e : window.event;
-			if (e.keyCode == 9 && !e.shiftKey && !e.controlKey && !e.altKey) {
-				var i = tinyMCE.selectedInstance;
-				if(typeof i ==  'undefined')
-					return true;
-                                tinyMCE.execCommand("mceStartTyping");
-				this.blur();
-				i.contentWindow.focus();
-				e.returnValue = false;
-				return false;
-			}
-		}
-<?php endif; ?>
-//-->
-</script>
-
 <p class="submit"><input type="submit" name="editcomment" id="editcomment" value="<?php echo $submitbutton_text ?>" style="font-weight: bold;" tabindex="6" />
-  <input name="referredby" type="hidden" id="referredby" value="<?php echo $_SERVER['HTTP_REFERER']; ?>" />
+  <input name="referredby" type="hidden" id="referredby" value="<?php echo wp_get_referer(); ?>" />
 </p>

 </div>
@@ -99,21 +54,25 @@ else
 <table width="100%" cellspacing="2" cellpadding="5" class="editform">
 	<tr>
 		<th scope="row" valign="top"><?php _e('Comment Status') ?>:</th>
-		<td><label for="comment_status_approved" class="selectit"><input id="comment_status_approved" name="comment_status" type="radio" value="1" <?php checked($comment->comment_approved, '1'); ?> /> <?php _e('Approved') ?></label><br />
-	  <label for="comment_status_moderated" class="selectit"><input id="comment_status_moderated" name="comment_status" type="radio" value="0" <?php checked($comment->comment_approved, '0'); ?> /> <?php _e('Moderated') ?></label><br />
-	  <label for="comment_status_spam" class="selectit"><input id="comment_status_spam" name="comment_status" type="radio" value="spam" <?php checked($comment->comment_approved, 'spam'); ?> /> <?php _e('Spam') ?></label></td>
+		<td><label for="comment_status_approved" class="selectit"><input id="comment_status_approved" name="comment_status" type="radio" value="1" <?php checked($comment->comment_approved, '1'); ?> tabindex="4" /> <?php _e('Approved') ?></label> &nbsp;
+		<label for="comment_status_moderated" class="selectit"><input id="comment_status_moderated" name="comment_status" type="radio" value="0" <?php checked($comment->comment_approved, '0'); ?> tabindex="4" /> <?php _e('Moderated') ?></label> &nbsp;
+		<label for="comment_status_spam" class="selectit"><input id="comment_status_spam" name="comment_status" type="radio" value="spam" <?php checked($comment->comment_approved, 'spam'); ?> tabindex="4" /> <?php _e('Spam') ?></label></td>
 	</tr>

 <?php if ( current_user_can('edit_posts') ) : ?>
 	<tr>
-		<th scope="row"><?php _e('Edit time'); ?>:</th>
-		<td><?php touch_time(('editcomment' == $action), 0); ?></td>
+		<th scope="row" valign="top"><?php _e('Edit time'); ?>:</th>
+		<td><?php touch_time(('editcomment' == $action), 0, 5); ?> </td>
 	</tr>
 <?php endif; ?>

 	<tr>
-		<th scope="row"><?php _e('Delete'); ?>:</th>
-		<td><p><a class="delete" href="post.php?action=confirmdeletecomment&amp;noredir=true&amp;comment=<?php echo $comment->comment_ID; ?>&amp;p=<?php echo $comment->comment_post_ID; ?>"><?php _e('Delete comment') ?></a></p></td>
+		<th scope="row" valign="top">&nbsp;</th>
+		<td><input name="deletecomment" class="button delete" type="submit" id="deletecomment" tabindex="10" value="<?php _e('Delete this comment') ?>" <?php echo "onclick=\"if ( confirm('" . js_escape(__("You are about to delete this comment. \n  'Cancel' to stop, 'OK' to delete.")) . "') ) { document.forms.post._wpnonce.value = '" . wp_create_nonce( 'delete-comment_' . $comment->comment_ID ) . "'; return true; } return false;\""; ?> />
+		<input type="hidden" name="c" value="<?php echo $comment->comment_ID ?>" />
+		<input type="hidden" name="p" value="<?php echo $comment->comment_post_ID ?>" />
+		<input type="hidden" name="noredir" value="1" />
+	</td>
 	</tr>
 </table>

--- a/wp-admin/edit-form.php
+++ b/wp-admin/edit-form.php
@@ -6,7 +6,7 @@
 <?php if (isset($mode) && 'bookmarklet' == $mode) : ?>
 <input type="hidden" name="mode" value="bookmarklet" />
 <?php endif; ?>
-<input type="hidden" name="user_ID" value="<?php echo $user_ID ?>" />
+<input type="hidden" name="user_ID" value="<?php echo (int) $user_ID ?>" />
 <input type="hidden" name="action" value='post' />

 <script type="text/javascript">
@@ -20,21 +20,20 @@ addLoadEvent(focusit);

 <div id="poststuff">
    <fieldset id="titlediv">
-      <legend><a href="http://wordpress.org/docs/reference/post/#title" title="<?php _e('Help on titles') ?>"><?php _e('Title') ?></a></legend> 
-	  <div><input type="text" name="post_title" size="30" tabindex="1" value="<?php echo $post->post_title; ?>" id="title" /></div>
+      <legend><a href="http://wordpress.org/docs/reference/post/#title" title="<?php _e('Help on titles') ?>"><?php _e('Title') ?></a></legend>
+	  <div><input type="text" name="post_title" size="30" tabindex="1" value="<?php echo attribute_escape( $post->post_title ); ?>" id="title" /></div>
    </fieldset>

    <fieldset id="categorydiv">
-      <legend><a href="http://wordpress.org/docs/reference/post/#category" title="<?php _e('Help on categories') ?>"><?php _e('Categories') ?></a></legend> 
+      <legend><a href="http://wordpress.org/docs/reference/post/#category" title="<?php _e('Help on categories') ?>"><?php _e('Categories') ?></a></legend>
 	  <div><?php dropdown_categories($post->post_category); ?></div>
    </fieldset>

 <br />
 <fieldset id="postdiv">
    <legend><a href="http://wordpress.org/docs/reference/post/#post" title="<?php _e('Help with post field') ?>"><?php _e('Post') ?></a></legend>
-<?php the_quicktags(); ?>
 <?php
- $rows = get_settings('default_post_edit_rows');
+ $rows = get_option('default_post_edit_rows');
 if (($rows < 3) || ($rows > 100)) {
     $rows = 10;
 }
@@ -49,22 +48,22 @@ edCanvas = document.getElementById('content');
 //-->
 </script>

-<input type="hidden" name="post_pingback" value="<?php echo get_option('default_pingback_flag') ?>" id="post_pingback" />
+<input type="hidden" name="post_pingback" value="<?php echo (int) get_option('default_pingback_flag') ?>" id="post_pingback" />

-<p><label for="trackback"> <?php printf(__('<a href="%s" title="Help on trackbacks"><strong>TrackBack</strong> a <abbr title="Universal Resource Identifier">URI</abbr></a>:</label> (Separate multiple <abbr title="Universal Resource Identifier">URI</abbr>s with spaces.)<br />'), 'http://wordpress.org/docs/reference/post/#trackback') ?>
+<p><label for="trackback"> <?php printf(__('<a href="%s" title="Help on trackbacks"><strong>TrackBack</strong> a <abbr title="Universal Resource Locator">URL</abbr></a>:</label> (Separate multiple <abbr title="Universal Resource Locator">URL</abbr>s with spaces.)'), 'http://wordpress.org/docs/reference/post/#trackback'); echo '<br />'; ?>
 	<input type="text" name="trackback_url" style="width: 360px" id="trackback" tabindex="7" /></p>

-<p class="submit"><input name="saveasdraft" type="submit" id="saveasdraft" tabindex="9" value="<?php _e('Save as Draft') ?>" /> 
-  <input name="saveasprivate" type="submit" id="saveasprivate" tabindex="10" value="<?php _e('Save as Private') ?>" />
+<p class="submit"><input name="saveasdraft" type="submit" id="saveasdraft" tabindex="9" value="<?php _e('Save as Draft') ?>" />
+	<input name="saveasprivate" type="submit" id="saveasprivate" tabindex="10" value="<?php _e('Save as Private') ?>" />

 	 <?php if ( current_user_can('edit_posts') ) : ?>
-  <input name="publish" type="submit" id="publish" tabindex="6" style="font-weight: bold;" value="<?php _e('Publish') ?>" /> 
+	<input name="publish" type="submit" id="publish" tabindex="6" style="font-weight: bold;" value="<?php _e('Publish') ?>" />
 <?php endif; ?>

 <?php if ('bookmarklet' != $mode) {
-      echo '<input name="advanced" type="submit" id="advancededit" tabindex="7" value="' .  __('Advanced Editing &raquo;') . '" />';
-  } ?>
-  <input name="referredby" type="hidden" id="referredby" value="<?php if (isset($_SERVER['HTTP_REFERER'])) echo urlencode($_SERVER['HTTP_REFERER']); ?>" />
+		echo '<input name="advanced" type="submit" id="advancededit" tabindex="7" value="' .  __('Advanced Editing &raquo;') . '" />';
+	} ?>
+	<input name="referredby" type="hidden" id="referredby" value="<?php if ( $refby = wp_get_referer() ) echo urlencode($refby); ?>" />
 </p>

 <?php do_action('simple_edit_form', ''); ?>
--- a/wp-admin/edit-link-categories.php
+++ b/wp-admin/edit-link-categories.php
@@ -0,0 +1,93 @@
+<?php
+require_once('admin.php');
+
+$title = __('Categories');
+$parent_file = 'link-manager.php';
+
+//wp_enqueue_script( 'admin-categories' );  TODO: Fix AJAX
+require_once ('admin-header.php');
+
+$messages[1] = __('Category added.');
+$messages[2] = __('Category deleted.');
+$messages[3] = __('Category updated.');
+$messages[4] = __('Category not added.');
+$messages[5] = __('Category not updated.');
+
+function link_cat_row($category) {
+	global $class;
+
+	if ( current_user_can( 'manage_categories' ) ) {
+		$edit = "<a href='link-category.php?action=edit&amp;cat_ID=$category->term_id' class='edit'>".__( 'Edit' )."</a></td>";
+		$default_cat_id = (int) get_option( 'default_link_category' );
+
+		if ( $category->term_id != $default_cat_id )
+			$edit .= "<td><a href='" . wp_nonce_url( "link-category.php?action=delete&amp;cat_ID=$category->term_id", 'delete-link-category_' . $category->term_id ) . "' onclick=\"return deleteSomething( 'cat', $category->term_id, '" . js_escape(sprintf( __("You are about to delete the category '%s'.\nAll links that were only assigned to this category will be assigned to the '%s' category.\n'OK' to delete, 'Cancel' to stop." ), $category->name, get_term_field( 'name', $default_cat_id,  'link_category' ))) . "' );\" class='delete'>".__( 'Delete' )."</a>";
+		else
+			$edit .= "<td style='text-align:center'>".__( "Default" );
+	} else {
+		$edit = '';
+	}
+
+	$class = ( ( defined( 'DOING_AJAX' ) && DOING_AJAX ) || " class='alternate'" == $class ) ? '' : " class='alternate'";
+
+	$category->count = number_format_i18n( $category->count );
+	$count = ( $category->count > 0 ) ? "<a href='link-manager.php?cat_id=$category->term_id'>$category->count</a>" : $category->count;
+	return "<tr id='cat-$category->term_id'$class>
+		<th scope='row' style='text-align: center'>$category->term_id</th>
+		<td>" . ( $name_override ? $name_override : $pad . ' ' . $category->name ) . "</td>
+		<td>$category->description</td>
+		<td align='center'>$count</td>
+		<td>$edit</td>\n\t</tr>\n";
+}
+?>
+
+<?php if (isset($_GET['message'])) : ?>
+<div id="message" class="updated fade"><p><?php echo $messages[$_GET['message']]; ?></p></div>
+<?php endif; ?>
+
+<div class="wrap">
+<?php if ( current_user_can('manage_categories') ) : ?>
+	<h2><?php printf(__('Categories (<a href="%s">add new</a>)'), '#addcat') ?> </h2>
+<?php else : ?>
+	<h2><?php _e('Categories') ?> </h2>
+<?php endif; ?>
+<table class="widefat">
+	<thead>
+	<tr>
+		<th scope="col" style="text-align: center"><?php _e('ID') ?></th>
+        <th scope="col"><?php _e('Name') ?></th>
+        <th scope="col"><?php _e('Description') ?></th>
+        <th scope="col" width="90" style="text-align: center"><?php _e('Links') ?></th>
+        <th colspan="2" style="text-align: center"><?php _e('Action') ?></th>
+	</tr>
+	</thead>
+	<tbody id="the-list">
+<?php
+$categories = get_terms( 'link_category', 'hide_empty=0' );
+if ( $categories ) {
+	$output = '';
+	foreach ( $categories as $category ) {
+		$category = sanitize_term($category, 'link_category', 'display');
+		$output .= link_cat_row($category);
+	}
+	$output = apply_filters('cat_rows', $output);
+	echo $output;
+	unset($category);
+}
+
+?>
+	</tbody>
+</table>
+
+</div>
+
+<?php if ( current_user_can('manage_categories') ) : ?>
+<div class="wrap">
+<p><?php printf(__('<strong>Note:</strong><br />Deleting a category does not delete the links in that category. Instead, links that were only assigned to the deleted category are set to the category <strong>%s</strong>.'), get_term_field('name', get_option('default_link_category'), 'link_category')) ?></p>
+</div>
+
+<?php include('edit-link-category-form.php'); ?>
+
+<?php endif; ?>
+
+<?php include('admin-footer.php'); ?>
--- a/wp-admin/edit-link-category-form.php
+++ b/wp-admin/edit-link-category-form.php
@@ -0,0 +1,43 @@
+<?php
+if ( ! empty($cat_ID) ) {
+	$heading = __('Edit Category');
+	$submit_text = __('Edit Category &raquo;');
+	$form = '<form name="editcat" id="editcat" method="post" action="link-category.php">';
+	$action = 'editedcat';
+	$nonce_action = 'update-link-category_' . $cat_ID;
+	do_action('edit_link_category_form_pre', $category);
+} else {
+	$heading = __('Add Category');
+	$submit_text = __('Add Category &raquo;');
+	$form = '<form name="addcat" id="addcat" method="post" action="link-category.php">';
+	$action = 'addcat';
+	$nonce_action = 'add-link-category';
+	do_action('add_link_category_form_pre', $category);
+}
+?>
+
+<div class="wrap">
+<h2><?php echo $heading ?></h2>
+<div id="ajax-response"></div>
+<?php echo $form ?>
+<input type="hidden" name="action" value="<?php echo $action ?>" />
+<input type="hidden" name="cat_ID" value="<?php echo $category->term_id ?>" />
+<?php wp_nonce_field($nonce_action); ?>
+	<table class="editform" width="100%" cellspacing="2" cellpadding="5">
+		<tr>
+			<th width="33%" scope="row" valign="top"><label for="name"><?php _e('Category name:') ?></label></th>
+			<td width="67%"><input name="name" id="name" type="text" value="<?php echo $category->name; ?>" size="40" /></td>
+		</tr>
+		<tr>
+			<th scope="row" valign="top"><label for="slug"><?php _e('Category slug:') ?></label></th>
+			<td><input name="slug" id="slug" type="text" value="<?php echo $category->slug; ?>" size="40" /></td>
+		</tr>
+		<tr>
+			<th scope="row" valign="top"><label for="description"><?php _e('Description: (optional)') ?></label></th>
+			<td><textarea name="description" id="description" rows="5" cols="50" style="width: 97%;"><?php echo $category->description; ?></textarea></td>
+		</tr>
+	</table>
+<p class="submit"><input type="submit" name="submit" value="<?php echo $submit_text ?>" /></p>
+<?php do_action('edit_link_category_form', $category); ?>
+</form>
+</div>
--- a/wp-admin/edit-link-form.php
+++ b/wp-admin/edit-link-form.php
@@ -1,14 +1,14 @@
 <?php
 if ( ! empty($link_id) ) {
-	$editing = true;
-	$heading = __('Edit a link:');
+	$heading = __('Edit Link');
 	$submit_text = __('Save Changes &raquo;');
-	$form = '<form action="" method="post" name="editlink" id="editlink">'; 
+	$form = '<form name="editlink" id="editlink" method="post" action="link.php">';
+	$nonce_action = 'update-bookmark_' . $link_id;
 } else {
-	$editing = false;
-	$heading = __('<strong>Add</strong> a link:');
+	$heading = __('Add Link');
 	$submit_text = __('Add Link &raquo;');
-	$form = '<form name="addlink" method="post" action="link-manager.php">';
+	$form = '<form name="addlink" id="addlink" method="post" action="link.php">';
+	$nonce_action = 'add-bookmark';
 }

 function xfn_check($class, $value = '', $type = 'check') {
@@ -22,215 +22,237 @@ function xfn_check($class, $value = '', $type = 'check') {
 	}

 	if ('' == $value) {
-		if ('family' == $class && !strstr($link_rel, 'child') && !strstr($link_rel, 'parent') && !strstr($link_rel, 'sibling') && !strstr($link_rel, 'spouse') && !strstr($link_rel, 'kin')) echo ' checked="checked"';
-		if ('friendship' == $class && !strstr($link_rel, 'friend') && !strstr($link_rel, 'acquaintance') && !strstr($link_rel, 'contact') ) echo ' checked="checked"';
-		if ('geographical' == $class && !strstr($link_rel, 'co-resident') && !strstr($link_rel, 'neighbor') ) echo ' checked="checked"';
+		if ('family' == $class && strpos($link_rel, 'child') === false && strpos($link_rel, 'parent') === false && strpos($link_rel, 'sibling') === false && strpos($link_rel, 'spouse') === false && strpos($link_rel, 'kin') === false) echo ' checked="checked"';
+		if ('friendship' == $class && strpos($link_rel, 'friend') === false && strpos($link_rel, 'acquaintance') === false && strpos($link_rel, 'contact') === false) echo ' checked="checked"';
+		if ('geographical' == $class && strpos($link_rel, 'co-resident') === false && strpos($link_rel, 'neighbor') === false) echo ' checked="checked"';
 		if ('identity' == $class && in_array('me', $rels) ) echo ' checked="checked"';
 	}
 }
-
 ?>

-<div class="wrap"> 
-  <?php echo $form ?>
-  <h2><?php echo $heading ?></h2>
-<fieldset class="options">
-    <legend><?php _e('Basics') ?></legend>
-        <table class="editform" width="100%" cellspacing="2" cellpadding="5">
-         <tr>
-           <th width="33%" scope="row"><?php _e('URI:') ?></th>
-           <td width="67%"><input type="text" name="link_url" value="<?php echo $link->link_url; ?>" style="width: 95%;" /></td>
-         </tr>
-         <tr>
-           <th scope="row"><?php _e('Link Name:') ?></th>
-           <td><input type="text" name="link_name" value="<?php echo $link->link_name; ?>" style="width: 95%" /></td>
-         </tr>
-         <tr>
-            <th scope="row"><?php _e('Short description:') ?></th>
-         	<td><input type="text" name="link_description" value="<?php echo $link->link_description; ?>" style="width: 95%" /></td>
-         	</tr>
-        <tr>
-           <th scope="row"><?php _e('Category:') ?></th>
-           <td><?php link_category_dropdown('link_category', $link->link_category); ?></td>
-         </tr>
-</table>
+<div class="wrap">
+<h2><?php echo $heading ?></h2>
+<?php echo $form ?>
+<?php wp_nonce_field($nonce_action); ?>
+
+<div id="poststuff">
+<div id="moremeta">
+<div id="grabit" class="dbx-group">
+
+<fieldset id="categorydiv" class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Categories') ?></h3>
+<div class="dbx-content">
+<p id="jaxcat"></p>
+<ul id="linkcategorychecklist"><?php dropdown_link_categories(get_option('default_link_category')); ?></ul>
+</div>
 </fieldset>
-       <p class="submit">
-       <input type="submit" name="submit" value="<?php echo $submit_text ?>" />
-       </p>
-	<fieldset class="options">
-        <legend><?php _e('Link Relationship (XFN)') ?></legend>
-        <table class="editform" width="100%" cellspacing="2" cellpadding="5">
-            <tr>
-                <th width="33%" scope="row"><?php _e('rel:') ?></th>
-            	<td width="67%"><input type="text" name="link_rel" id="link_rel" size="50" value="<?php echo $link->link_rel; ?>" /></td>
-           	</tr>
-            <tr>
-                <th scope="row"><?php _e('<a href="http://gmpg.org/xfn/">XFN</a> Creator:') ?></th>
-            	<td>
-					<table cellpadding="3" cellspacing="5">
-	          <tr>
-              <th scope="row"> <?php _e('identity') ?> </th>
-              <td>
-                <label for="me">
-                <input type="checkbox" name="identity" value="me" id="me" <?php xfn_check('identity', 'me'); ?> />
-          <?php _e('another web address of mine') ?></label>
-              </td>
-            </tr>
-            <tr>
-              <th scope="row"> <?php _e('friendship') ?> </th>
-              <td>
-			    <label for="contact">
-                <input class="valinp" type="radio" name="friendship" value="contact" id="contact" <?php xfn_check('friendship', 'contact', 'radio'); ?> /> <?php _e('contact') ?></label>
-                <label for="acquaintance">
-                <input class="valinp" type="radio" name="friendship" value="acquaintance" id="acquaintance" <?php xfn_check('friendship', 'acquaintance', 'radio'); ?> />  <?php _e('acquaintance') ?></label>
-                <label id="friend">
-                <input class="valinp" type="radio" name="friendship" value="friend" id="friend" <?php xfn_check('friendship', 'friend', 'radio'); ?> /> <?php _e('friend') ?></label>
-                <label for="friendship">
-                <input name="friendship" type="radio" class="valinp" value="" id="friendship" <?php xfn_check('friendship', '', 'radio'); ?> /> <?php _e('none') ?></label>
-              </td>
-            </tr>
-            <tr>
-              <th scope="row"> <?php _e('physical') ?> </th>
-              <td>
-                <label for="met">
-                <input class="valinp" type="checkbox" name="physical" value="met" id="met" <?php xfn_check('physical', 'met'); ?> />
-          <?php _e('met') ?></label>
-              </td>
-            </tr>
-            <tr>
-              <th scope="row"> <?php _e('professional') ?> </th>
-              <td>
-                <label for="co-worker">
-                <input class="valinp" type="checkbox" name="professional" value="co-worker" id="co-worker" <?php xfn_check('professional', 'co-worker'); ?> />
-          <?php _e('co-worker') ?></label>
-                <label for="colleague">
-                <input class="valinp" type="checkbox" name="professional" value="colleague" id="colleague" <?php xfn_check('professional', 'colleague'); ?> />
-          <?php _e('colleague') ?></label>
-              </td>
-            </tr>
-            <tr>
-              <th scope="row"> <?php _e('geographical') ?> </th>
-              <td>
-                <label for="co-resident">
-                <input class="valinp" type="radio" name="geographical" value="co-resident" id="co-resident" <?php xfn_check('geographical', 'co-resident', 'radio'); ?> />
-          <?php _e('co-resident') ?></label>
-                <label for="neighbor">
-                <input class="valinp" type="radio" name="geographical" value="neighbor" id="neighbor" <?php xfn_check('geographical', 'neighbor', 'radio'); ?> />
-          <?php _e('neighbor') ?></label>
-                <label for="geographical">
-                <input class="valinp" type="radio" name="geographical" value="" id="geographical" <?php xfn_check('geographical', '', 'radio'); ?> />
-          <?php _e('none') ?></label>
-              </td>
-            </tr>
-            <tr>
-              <th scope="row"> <?php _e('family') ?> </th>
-              <td>
-                <label for="child">
-                <input class="valinp" type="radio" name="family" value="child" id="child" <?php xfn_check('family', 'child', 'radio'); ?>  />
-          <?php _e('child') ?></label>
-                <label for="kin">
-                <input class="valinp" type="radio" name="family" value="kin" id="kin" <?php xfn_check('family', 'kin', 'radio'); ?>  />
-          <?php _e('kin') ?></label>
-                <label for="parent">
-                <input class="valinp" type="radio" name="family" value="parent" id="parent" <?php xfn_check('family', 'parent', 'radio'); ?> />
-          <?php _e('parent') ?></label>
-                <label for="sibling">
-                <input class="valinp" type="radio" name="family" value="sibling" id="sibling" <?php xfn_check('family', 'sibling', 'radio'); ?> />
-          <?php _e('sibling') ?></label>
-                <label for="spouse">
-                <input class="valinp" type="radio" name="family" value="spouse" id="spouse" <?php xfn_check('family', 'spouse', 'radio'); ?> />
-          <?php _e('spouse') ?></label>
-                <label for="family">
-                <input class="valinp" type="radio" name="family" value="" id="family" <?php xfn_check('family', '', 'radio'); ?> />
-          <?php _e('none') ?></label>
-              </td>
-            </tr>
-            <tr>
-              <th scope="row"> <?php _e('romantic') ?> </th>
-              <td>
-                <label for="muse">
-                <input class="valinp" type="checkbox" name="romantic" value="muse" id="muse" <?php xfn_check('romantic', 'muse'); ?> />
-         <?php _e('muse') ?></label>
-                <label for="crush">
-                <input class="valinp" type="checkbox" name="romantic" value="crush" id="crush" <?php xfn_check('romantic', 'crush'); ?> />
-         <?php _e('crush') ?></label>
-                <label for="date">
-                <input class="valinp" type="checkbox" name="romantic" value="date" id="date" <?php xfn_check('romantic', 'date'); ?> />
-         <?php _e('date') ?></label>
-                <label for="romantic">
-                <input class="valinp" type="checkbox" name="romantic" value="sweetheart" id="romantic" <?php xfn_check('romantic', 'sweetheart'); ?> />
-         <?php _e('sweetheart') ?></label>
-              </td>
-            </tr>
-        </table>
-		  </td>
-           	</tr>
-</table>
+
+<fieldset class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Target') ?></h3>
+<div class="dbx-content">
+<label for="link_target_blank" class="selectit">
+<input id="link_target_blank" type="radio" name="link_target" value="_blank" <?php echo(($link->link_target == '_blank') ? 'checked="checked"' : ''); ?> />
+<code>_blank</code></label>
+<label for="link_target_top" class="selectit">
+<input id="link_target_top" type="radio" name="link_target" value="_top" <?php echo(($link->link_target == '_top') ? 'checked="checked"' : ''); ?> />
+<code>_top</code></label>
+<label for="link_target_none" class="selectit">
+<input id="link_target_none" type="radio" name="link_target" value="" <?php echo(($link->link_target == '') ? 'checked="checked"' : ''); ?> />
+<?php _e('none') ?></label>
+</div>
 </fieldset>
-       <p class="submit">
-       <input type="submit" name="submit" value="<?php echo $submit_text ?>" />
-       </p>
-<fieldset class="options">
-        <legend><?php _e('Advanced') ?></legend>
-        <table class="editform" width="100%" cellspacing="2" cellpadding="5">
-         <tr>
-           <th width="33%" scope="row"><?php _e('Image URI:') ?></th>
-           <td width="67%"><input type="text" name="link_image" size="50" value="<?php echo $link->link_image; ?>" style="width: 95%" /></td>
-         </tr>
+
+<fieldset class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Visible') ?></h3>
+<div class="dbx-content">
+<label for="link_visible_yes" class="selectit">
+<input id="link_visible_yes" type="radio" name="link_visible" <?php if ($link->link_visible == 'Y') echo "checked='checked'"; ?> value="Y" />
+<?php _e('Yes') ?></label>
+<label for="link_visible_no" class="selectit">
+<input id="link_visible_no" type="radio" name="link_visible" <?php if ($link->link_visible == 'N') echo "checked='checked'"; ?> value="N" />
+<?php _e('No') ?></label>
+</div>
+</fieldset>
+
+</div>
+</div>
+
+<table class="editform" width="100%" cellspacing="2" cellpadding="5">
 <tr>
-           <th scope="row"><?php _e('RSS URI:') ?> </th>
-           <td><input name="link_rss" type="text" id="rss_uri" value="<?php echo $link->link_rss; ?>" size="50" style="width: 95%" /></td>
-         </tr>
-         <tr>
-           <th scope="row"><?php _e('Notes:') ?></th>
-           <td><textarea name="link_notes" cols="50" rows="10" style="width: 95%"><?php echo $link->link_notes; ?></textarea></td>
-         </tr>
-         <tr>
-           <th scope="row"><?php _e('Rating:') ?></th>
-           <td><select name="link_rating" size="1">
-<?php
-    for ($r = 0; $r < 10; $r++) {
-      echo('            <option value="'.$r.'" ');
-      if ($link->link_rating == $r)
-        echo 'selected="selected"';
-      echo('>'.$r.'</option>');
-    }
-?>
-           </select>
-         &nbsp;<?php _e('(Leave at 0 for no rating.)') ?> </td>
-         </tr>
-         <tr>
-           <th scope="row"><?php _e('Target') ?></th>
-           <td><label>
-          <input type="radio" name="link_target" value="_blank"   <?php echo(($link->link_target == '_blank') ? 'checked="checked"' : ''); ?> />
-          <code>_blank</code></label><br />
-<label>
-<input type="radio" name="link_target" value="_top" <?php echo(($link->link_target == '_top') ? 'checked="checked"' : ''); ?> />
-<code>_top</code></label><br />
-<label>
-<input type="radio" name="link_target" value=""     <?php echo(($link->link_target == '') ? 'checked="checked"' : ''); ?> />
-<?php _e('none') ?></label><br />
-<?php _e('(Note that the <code>target</code> attribute is illegal in XHTML 1.1 and 1.0 Strict.)') ?></td>
-         </tr>
-         <tr>
-           <th scope="row"><?php _e('Visible:') ?></th>
-           <td><label>
-             <input type="radio" name="link_visible" <?php if ($link->link_visible == 'Y') echo "checked='checked'"; ?> value="Y" />
-<?php _e('Yes') ?></label><br /><label>
-<input type="radio" name="link_visible" <?php if ($link->link_visible == 'N') echo "checked='checked'"; ?> value="N" />
-<?php _e('No') ?></label></td>
-         </tr>
+<th scope="row" valign="top"><label for="link_name"><?php _e('Name:') ?></label></th>
+<td><input type="text" name="link_name" id="link_name" value="<?php echo $link->link_name; ?>" style="width: 95%" /></td>
+</tr>
+<tr>
+<th width="20%" scope="row" valign="top"><label for="link_url"><?php _e('Address:') ?></label></th>
+<td width="80%"><input type="text" name="link_url" id="link_url" value="<?php echo $link->link_url; if ( empty( $link->link_url ) ) echo 'http://'; ?>" style="width: 95%" /></td>
+</tr>
+<tr>
+<th scope="row" valign="top"><label for="link_description"><?php _e('Description:') ?></label></th>
+<td><input type="text" name="link_description" id="link_description" value="<?php echo $link->link_description; ?>" style="width: 95%" /></td>
+</tr>
 </table>
+
+<p class="submit">
+<input type="submit" name="submit" value="<?php echo $submit_text ?>" />
+</p>
+
+<div id="advancedstuff" class="dbx-group" >
+
+<fieldset id="xfn" class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Link Relationship (XFN)') ?></h3>
+<div class="dbx-content">
+<table class="editform" width="100%" cellspacing="2" cellpadding="5">
+	<tr>
+		<th width="20%" scope="row"><?php _e('rel:') ?></th>
+		<td width="80%"><input type="text" name="link_rel" id="link_rel" size="50" value="<?php echo $link->link_rel; ?>" /></td>
+	</tr>
+	<tr>
+		<th scope="row"><?php _e('<a href="http://gmpg.org/xfn/">XFN</a> Creator:') ?></th>
+		<td>
+			<table cellpadding="3" cellspacing="5">
+				<tr>
+					<th scope="row"> <?php _e('identity') ?> </th>
+					<td>
+						<label for="me">
+						<input type="checkbox" name="identity" value="me" id="me" <?php xfn_check('identity', 'me'); ?> />
+						<?php _e('another web address of mine') ?></label>
+					</td>
+				</tr>
+				<tr>
+					<th scope="row"> <?php _e('friendship') ?> </th>
+					<td>
+						<label for="contact">
+						<input class="valinp" type="radio" name="friendship" value="contact" id="contact" <?php xfn_check('friendship', 'contact', 'radio'); ?> /> <?php _e('contact') ?></label>
+						<label for="acquaintance">
+						<input class="valinp" type="radio" name="friendship" value="acquaintance" id="acquaintance" <?php xfn_check('friendship', 'acquaintance', 'radio'); ?> />  <?php _e('acquaintance') ?></label>
+						<label for="friend">
+						<input class="valinp" type="radio" name="friendship" value="friend" id="friend" <?php xfn_check('friendship', 'friend', 'radio'); ?> /> <?php _e('friend') ?></label>
+						<label for="friendship">
+						<input name="friendship" type="radio" class="valinp" value="" id="friendship" <?php xfn_check('friendship', '', 'radio'); ?> /> <?php _e('none') ?></label>
+					</td>
+				</tr>
+				<tr>
+					<th scope="row"> <?php _e('physical') ?> </th>
+					<td>
+						<label for="met">
+						<input class="valinp" type="checkbox" name="physical" value="met" id="met" <?php xfn_check('physical', 'met'); ?> />
+						<?php _e('met') ?></label>
+					</td>
+				</tr>
+				<tr>
+					<th scope="row"> <?php _e('professional') ?> </th>
+					<td>
+						<label for="co-worker">
+						<input class="valinp" type="checkbox" name="professional" value="co-worker" id="co-worker" <?php xfn_check('professional', 'co-worker'); ?> />
+						<?php _e('co-worker') ?></label>
+						<label for="colleague">
+						<input class="valinp" type="checkbox" name="professional" value="colleague" id="colleague" <?php xfn_check('professional', 'colleague'); ?> />
+						<?php _e('colleague') ?></label>
+					</td>
+				</tr>
+				<tr>
+					<th scope="row"> <?php _e('geographical') ?> </th>
+					<td>
+						<label for="co-resident">
+						<input class="valinp" type="radio" name="geographical" value="co-resident" id="co-resident" <?php xfn_check('geographical', 'co-resident', 'radio'); ?> />
+						<?php _e('co-resident') ?></label>
+						<label for="neighbor">
+						<input class="valinp" type="radio" name="geographical" value="neighbor" id="neighbor" <?php xfn_check('geographical', 'neighbor', 'radio'); ?> />
+						<?php _e('neighbor') ?></label>
+						<label for="geographical">
+						<input class="valinp" type="radio" name="geographical" value="" id="geographical" <?php xfn_check('geographical', '', 'radio'); ?> />
+						<?php _e('none') ?></label>
+					</td>
+				</tr>
+				<tr>
+					<th scope="row"> <?php _e('family') ?> </th>
+					<td>
+						<label for="child">
+						<input class="valinp" type="radio" name="family" value="child" id="child" <?php xfn_check('family', 'child', 'radio'); ?>  />
+						<?php _e('child') ?></label>
+						<label for="kin">
+						<input class="valinp" type="radio" name="family" value="kin" id="kin" <?php xfn_check('family', 'kin', 'radio'); ?>  />
+						<?php _e('kin') ?></label>
+						<label for="parent">
+						<input class="valinp" type="radio" name="family" value="parent" id="parent" <?php xfn_check('family', 'parent', 'radio'); ?> />
+						<?php _e('parent') ?></label>
+						<label for="sibling">
+						<input class="valinp" type="radio" name="family" value="sibling" id="sibling" <?php xfn_check('family', 'sibling', 'radio'); ?> />
+						<?php _e('sibling') ?></label>
+						<label for="spouse">
+						<input class="valinp" type="radio" name="family" value="spouse" id="spouse" <?php xfn_check('family', 'spouse', 'radio'); ?> />
+						<?php _e('spouse') ?></label>
+						<label for="family">
+						<input class="valinp" type="radio" name="family" value="" id="family" <?php xfn_check('family', '', 'radio'); ?> />
+						<?php _e('none') ?></label>
+					</td>
+				</tr>
+				<tr>
+					<th scope="row"> <?php _e('romantic') ?> </th>
+					<td>
+						<label for="muse">
+						<input class="valinp" type="checkbox" name="romantic" value="muse" id="muse" <?php xfn_check('romantic', 'muse'); ?> />
+						<?php _e('muse') ?></label>
+						<label for="crush">
+						<input class="valinp" type="checkbox" name="romantic" value="crush" id="crush" <?php xfn_check('romantic', 'crush'); ?> />
+						<?php _e('crush') ?></label>
+						<label for="date">
+						<input class="valinp" type="checkbox" name="romantic" value="date" id="date" <?php xfn_check('romantic', 'date'); ?> />
+						<?php _e('date') ?></label>
+						<label for="romantic">
+						<input class="valinp" type="checkbox" name="romantic" value="sweetheart" id="romantic" <?php xfn_check('romantic', 'sweetheart'); ?> />
+						<?php _e('sweetheart') ?></label>
+					</td>
+				</tr>
+			</table>
+		</td>
+	</tr>
+</table>
+</div>
 </fieldset>
-<p class="submit"><input type="submit" name="submit" value="<?php echo $submit_text ?>" /></p>
-<?php if ( $editing ) : ?>
-          <input type="hidden" name="action" value="editlink" />
-          <input type="hidden" name="link_id" value="<?php echo (int) $link_id; ?>" />
-          <input type="hidden" name="order_by" value="<?php echo wp_specialchars($order_by, 1); ?>" />
-          <input type="hidden" name="cat_id" value="<?php echo (int) $cat_id ?>" />
+
+<fieldset id="advanced" class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Advanced') ?></h3>
+<div class="dbx-content">
+<table class="editform" width="100%" cellspacing="2" cellpadding="5">
+	<tr>
+		<th width="20%" scope="row"><?php _e('Image Address:') ?></th>
+		<td width="80%"><input type="text" name="link_image" size="50" value="<?php echo $link->link_image; ?>" style="width: 95%" /></td>
+	</tr>
+	<tr>
+		<th scope="row"><?php _e('RSS Address:') ?> </th>
+		<td><input name="link_rss" type="text" id="rss_uri" value="<?php echo $link->link_rss; ?>" size="50" style="width: 95%" /></td>
+	</tr>
+	<tr>
+		<th scope="row"><?php _e('Notes:') ?></th>
+		<td><textarea name="link_notes" cols="50" rows="10" style="width: 95%"><?php echo $link->link_notes; ?></textarea></td>
+	</tr>
+	<tr>
+		<th scope="row"><?php _e('Rating:') ?></th>
+		<td><select name="link_rating" size="1">
+		<?php
+			for ($r = 0; $r < 10; $r++) {
+				echo('            <option value="'.$r.'" ');
+				if ($link->link_rating == $r)
+					echo 'selected="selected"';
+				echo('>'.$r.'</option>');
+			}
+		?></select>&nbsp;<?php _e('(Leave at 0 for no rating.)') ?>
+		</td>
+	</tr>
+</table>
+</div>
+</fieldset>
+</div>
+
+<?php if ( $link_id ) : ?>
+<input type="hidden" name="action" value="save" />
+<input type="hidden" name="link_id" value="<?php echo (int) $link_id; ?>" />
+<input type="hidden" name="order_by" value="<?php echo attribute_escape($order_by); ?>" />
+<input type="hidden" name="cat_id" value="<?php echo (int) $cat_id ?>" />
 <?php else: ?>
-       	<input type="hidden" name="action" value="Add" />
+<input type="hidden" name="action" value="add" />
 <?php endif; ?>
-</form> 
-</div>
+</div>
+</form>
+</div>
--- a/wp-admin/edit-page-form.php
+++ b/wp-admin/edit-page-form.php
@@ -1,44 +1,51 @@

 <div class="wrap">
-<h2 id="write-post"><?php _e('Write Page'); ?><?php if ( 0 != $post_ID ) : ?>
-<small class="quickjump"><a href="#preview-post"><?php _e('preview &darr;'); ?></a></small><?php endif; ?></h2>
+<h2 id="write-post"><?php _e('Write Page'); ?></h2>
 <?php
+
 if (0 == $post_ID) {
 	$form_action = 'post';
-	$temp_ID = -1 * time();
-	$form_extra = "<input type='hidden' name='temp_ID' value='$temp_ID' />";
+	$nonce_action = 'add-page';
+	$temp_ID = -1 * time(); // don't change this formula without looking at wp_write_post()
+	$form_extra = "<input type='hidden' id='post_ID' name='temp_ID' value='$temp_ID' />";
 } else {
+	$post_ID = (int) $post_ID;
 	$form_action = 'editpost';
-	$form_extra = "<input type='hidden' name='post_ID' value='$post_ID' />";
+	$nonce_action = 'update-page_' . $post_ID;
+	$form_extra = "<input type='hidden' id='post_ID' name='post_ID' value='$post_ID' />";
 }

-$sendto = $_SERVER['HTTP_REFERER'];
+$temp_ID = (int) $temp_ID;
+$user_ID = (int) $user_ID;
+
+$sendto = clean_url(stripslashes(wp_get_referer()));

 if ( 0 != $post_ID && $sendto == get_permalink($post_ID) )
- 	$sendto = 'redo';
-$sendto = wp_specialchars( $sendto );
-
+	$sendto = 'redo';
 ?>

-<form name="post" action="post.php" method="post" id="post">
+<form name="post" action="page.php" method="post" id="post">

 <?php
+wp_nonce_field($nonce_action);
+
 if (isset($mode) && 'bookmarklet' == $mode) {
-    echo '<input type="hidden" name="mode" value="bookmarklet" />';
+	echo '<input type="hidden" name="mode" value="bookmarklet" />';
 }
 ?>
 <input type="hidden" name="user_ID" value="<?php echo $user_ID ?>" />
-<input type="hidden" name="action" value='<?php echo $form_action ?>' />
+<input type="hidden" id="hiddenaction" name="action" value='<?php echo $form_action ?>' />
+<input type="hidden" id="originalaction" name="originalaction" value="<?php echo $form_action ?>" />
 <?php echo $form_extra ?>
-<input type="hidden" name="post_status" value="static" />
+<input type="hidden" id="post_type" name="post_type" value="page" />

 <script type="text/javascript">
-<!--
+// <![CDATA[
 function focusit() { // focus on first input field
 	document.post.title.focus();
 }
 addLoadEvent(focusit);
-//-->
+// ]]>
 </script>
 <div id="poststuff">

@@ -50,18 +57,27 @@ addLoadEvent(focusit);
 <input name="advanced_view" type="hidden" value="1" />
 <label for="comment_status" class="selectit">
 <input name="comment_status" type="checkbox" id="comment_status" value="open" <?php checked($post->comment_status, 'open'); ?> />
-<?php _e('Allow Comments') ?></label> 
+<?php _e('Allow Comments') ?></label>
 <label for="ping_status" class="selectit"><input name="ping_status" type="checkbox" id="ping_status" value="open" <?php checked($post->ping_status, 'open'); ?> /> <?php _e('Allow Pings') ?></label>
 </div>
 </fieldset>

+<fieldset class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Page Status') ?></h3>
+<div class="dbx-content"><?php if ( current_user_can('publish_pages') ) : ?>
+<label for="post_status_publish" class="selectit"><input id="post_status_publish" name="post_status" type="radio" value="publish" <?php checked($post->post_status, 'publish'); checked($post->post_status, 'future'); ?> /> <?php _e('Published') ?></label>
+<?php endif; ?>
+	  <label for="post_status_draft" class="selectit"><input id="post_status_draft" name="post_status" type="radio" value="draft" <?php checked($post->post_status, 'draft'); ?> /> <?php _e('Draft') ?></label>
+	  <label for="post_status_private" class="selectit"><input id="post_status_private" name="post_status" type="radio" value="private" <?php checked($post->post_status, 'private'); ?> /> <?php _e('Private') ?></label></div>
+</fieldset>
+
 <fieldset id="passworddiv" class="dbx-box">
-<h3 class="dbx-handle"><?php _e('Password-Protect Post') ?></h3> 
-<div class="dbx-content"><input name="post_password" type="text" size="13" id="post_password" value="<?php echo $post->post_password ?>" /></div>
+<h3 class="dbx-handle"><?php _e('Page Password') ?></h3>
+<div class="dbx-content"><input name="post_password" type="text" size="13" id="post_password" value="<?php echo attribute_escape( $post->post_password ); ?>" /></div>
 </fieldset>

 <fieldset id="pageparent" class="dbx-box">
-<h3 class="dbx-handle"><?php _e('Page Parent') ?></h3> 
+<h3 class="dbx-handle"><?php _e('Page Parent') ?></h3>
 <div class="dbx-content"><p><select name="parent_id">
 <option value='0'><?php _e('Main Page (no parent)'); ?></option>
 <?php parent_dropdown($post->post_parent); ?>
@@ -70,8 +86,8 @@ addLoadEvent(focusit);
 </fieldset>

 <?php if ( 0 != count( get_page_templates() ) ) { ?>
-<fieldset id="pageparent" class="dbx-box">
-<h3 class="dbx-handle"><?php _e('Page Template:') ?></h3> 
+<fieldset id="pagetemplate" class="dbx-box">
+<h3 class="dbx-handle"><?php _e('Page Template') ?></h3>
 <div class="dbx-content"><p><select name="page_template">
 		<option value='default'><?php _e('Default Template'); ?></option>
 		<?php page_template_dropdown($post->page_template); ?>
@@ -81,20 +97,22 @@ addLoadEvent(focusit);
 <?php } ?>

 <fieldset id="slugdiv" class="dbx-box">
-<h3 class="dbx-handle"><?php _e('Post slug') ?></h3> 
-<div class="dbx-content"><input name="post_name" type="text" size="13" id="post_name" value="<?php echo $post->post_name ?>" /></div>
+<h3 class="dbx-handle"><?php _e('Page Slug') ?></h3>
+<div class="dbx-content"><input name="post_name" type="text" size="13" id="post_name" value="<?php echo attribute_escape( $post->post_name ); ?>" /></div>
 </fieldset>

 <?php if ( $authors = get_editable_authors( $current_user->id ) ) : // TODO: ROLE SYSTEM ?>
 <fieldset id="authordiv" class="dbx-box">
-<h3 class="dbx-handle"><?php _e('Post author'); ?>:</h3>
+<h3 class="dbx-handle"><?php _e('Page Author'); ?></h3>
 <div class="dbx-content">
 <select name="post_author_override" id="post_author_override">
-<?php 
+<?php
 foreach ($authors as $o) :
 $o = get_userdata( $o->ID );
 if ( $post->post_author == $o->ID || ( empty($post_ID) && $user_ID == $o->ID ) ) $selected = 'selected="selected"';
 else $selected = '';
+$o->ID = (int) $o->ID;
+$o->display_name = wp_specialchars( $o->display_name );
 echo "<option value='$o->ID' $selected>$o->display_name</option>";
 endforeach;
 ?>
@@ -104,7 +122,7 @@ endforeach;
 <?php endif; ?>

 <fieldset id="pageorder" class="dbx-box">
-<h3 class="dbx-handle"><?php _e('Page Order') ?></h3> 
+<h3 class="dbx-handle"><?php _e('Page Order') ?></h3>
 <div class="dbx-content"><p><input name="menu_order" type="text" size="4" id="menu_order" value="<?php echo $post->menu_order ?>" /></p></div>
 </fieldset>

@@ -114,70 +132,33 @@ endforeach;
 </div>

 <fieldset id="titlediv">
-  <legend><?php _e('Page Title') ?></legend> 
-  <div><input type="text" name="post_title" size="30" tabindex="1" value="<?php echo $post->post_title; ?>" id="title" /></div>
+  <legend><?php _e('Page Title') ?></legend>
+  <div><input type="text" name="post_title" size="30" tabindex="1" value="<?php echo attribute_escape( $post->post_title ); ?>" id="title" /></div>
 </fieldset>


 <fieldset id="<?php echo user_can_richedit() ? 'postdivrich' : 'postdiv'; ?>">
-    <legend><?php _e('Page Content') ?></legend>
-<?php
- $rows = get_settings('default_post_edit_rows');
- if (($rows < 3) || ($rows > 100)) {
-     $rows = 10;
- }
-?>
-<?php the_quicktags(); ?>
+<legend><?php _e('Page Content') ?>

-<div><textarea title="true" rows="<?php echo $rows; ?>" cols="40" name="content" tabindex="4" id="content"><?php echo user_can_richedit() ? wp_richedit_pre($post->post_content) : $post->post_content; ?></textarea></div>
+<?php if ( 'publish' == $post->post_status ) { ?>
+<a href="<?php echo clean_url(get_permalink($post->ID)); ?>" style="position: absolute; right: 2em; margin-right: 19em; text-decoration: underline;" target="_blank"><?php _e('View &raquo;'); ?></a>
+<?php } elseif ( 'edit' == $action ) { ?>
+<a href="<?php echo clean_url(apply_filters('preview_post_link', add_query_arg('preview', 'true', get_permalink($post->ID)))); ?>" style="position: absolute; right: 2em; margin-right: 19em; text-decoration: underline;" target="_blank"><?php _e('Preview &raquo;'); ?></a>
+<?php } ?>
+</legend>
+	<?php the_editor($post->post_content); ?>
 </fieldset>

-<script type="text/javascript">
-<!--
-edCanvas = document.getElementById('content');
-<?php if ( user_can_richedit() ) : ?>
-// This code is meant to allow tabbing from Title to Post (TinyMCE).
-if ( tinyMCE.isMSIE )
-	document.getElementById('title').onkeydown = function (e)
-		{
-			e = e ? e : window.event;
-			if (e.keyCode == 9 && !e.shiftKey && !e.controlKey && !e.altKey) {
-				var i = tinyMCE.selectedInstance;
-				if(typeof i ==  'undefined')
-					return true;
-                                tinyMCE.execCommand("mceStartTyping");
-				this.blur();
-				i.contentWindow.focus();
-				e.returnValue = false;
-				return false;
-			}
-		}
-else
-	document.getElementById('title').onkeypress = function (e)
-		{
-			e = e ? e : window.event;
-			if (e.keyCode == 9 && !e.shiftKey && !e.controlKey && !e.altKey) {
-				var i = tinyMCE.selectedInstance;
-				if(typeof i ==  'undefined')
-					return true;
-                                tinyMCE.execCommand("mceStartTyping");
-				this.blur();
-				i.contentWindow.focus();
-				e.returnValue = false;
-				return false;
-			}
-		}
-<?php endif; ?>
-//-->
-</script>
-
 <p class="submit">
-<?php if ( $post_ID ) : ?>
-<input name="save" type="submit" id="save" tabindex="5" value=" <?php _e('Save and Continue Editing'); ?> "/> 
-<input name="savepage" type="submit" id="savepage" tabindex="6" value="<?php $post_ID ? _e('Save') : _e('Create New Page') ?> &raquo;" /> 
-<?php else : ?>
-<input name="savepage" type="submit" id="savepage" tabindex="6" value="<?php _e('Create New Page') ?> &raquo;" /> 
-<?php endif; ?>
+<span id="autosave"></span>
+<input name="save" type="submit" id="save" tabindex="3" value="<?php _e('Save and Continue Editing'); ?>" />
+<input type="submit" name="submit" value="<?php _e('Save') ?>" style="font-weight: bold;" tabindex="4" />
+<?php
+if ('publish' != $post->post_status || 0 == $post_ID):
+?>
+<?php if ( current_user_can('publish_pages') ) : ?>
+	<input name="publish" type="submit" id="publish" tabindex="5" accesskey="p" value="<?php _e('Publish') ?>" />
+<?php endif; endif;?>
 <input name="referredby" type="hidden" id="referredby" value="<?php echo $sendto; ?>" />
 </p>

@@ -186,10 +167,10 @@ else
 <?php
 if (current_user_can('upload_files')) {
 	$uploading_iframe_ID = (0 == $post_ID ? $temp_ID : $post_ID);
-	$uploading_iframe_src = "inline-uploading.php?action=view&amp;post=$uploading_iframe_ID";
+	$uploading_iframe_src = wp_nonce_url("upload.php?style=inline&amp;tab=upload&amp;post_id=$uploading_iframe_ID", 'inlineuploading');
 	$uploading_iframe_src = apply_filters('uploading_iframe_src', $uploading_iframe_src);
 	if ( false != $uploading_iframe_src )
-		echo '<iframe id="uploading" border="0" src="' . $uploading_iframe_src . '">' . __('This feature requires iframe support.') . '</iframe>';
+		echo '<iframe id="uploading" name="uploading" frameborder="0" src="' . $uploading_iframe_src . '">' . __('This feature requires iframe support.') . '</iframe>';
 }
 ?>

@@ -198,28 +179,31 @@ if (current_user_can('upload_files')) {
 <fieldset id="postcustom" class="dbx-box">
 <h3 class="dbx-handle"><?php _e('Custom Fields') ?></h3>
 <div id="postcustomstuff" class="dbx-content">
-<?php 
-if($metadata = has_meta($post_ID)) {
-?>
+<table cellpadding="3">
 <?php
-	list_meta($metadata); 
+$metadata = has_meta($post_ID);
+list_meta($metadata);
 ?>
+
+</table>
 <?php
-}
 	meta_form();
 ?>
 </div>
+<div id="ajax-response"></div>
 </fieldset>

 <?php do_action('dbx_page_advanced'); ?>

 </div>

-<?php if ('edit' == $action) : ?>
-		<input name="deletepost" class="delete" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this page') ?>" <?php echo "onclick=\"return confirm('" . sprintf(__("You are about to delete this page \'%s\'\\n  \'Cancel\' to stop, \'OK\' to delete."), $wpdb->escape($post->post_title) ) . "')\""; ?> />
+<?php if ('edit' == $action) :
+	$delete_nonce = wp_create_nonce( 'delete-page_' . $post_ID );
+	if ( current_user_can('delete_page', $post->ID) ) ?>
+		<input name="deletepost" class="button delete" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this page') ?>" <?php echo "onclick=\"if ( confirm('" . js_escape(sprintf(__("You are about to delete this page '%s'\n  'Cancel' to stop, 'OK' to delete."), $post->post_title )) . "') ) { document.forms.post._wpnonce.value = '$delete_nonce'; return true;}return false;\""; ?> />
 <?php endif; ?>
+</div>
+
 </form>

 </div>
-
-</div>
--- a/wp-admin/edit-pages.php
+++ b/wp-admin/edit-pages.php
@@ -2,78 +2,102 @@
 require_once('admin.php');
 $title = __('Pages');
 $parent_file = 'edit.php';
-$list_js = true;
+wp_enqueue_script( 'listman' );
 require_once('admin-header.php');
+
+$post_stati  = array(	//	array( adj, noun )
+			'publish' => array(__('Published'), __('Published pages')),
+			'draft'   => array(__('Draft'), __('Draft pages')),
+			'private' => array(__('Private'), __('Private pages'))
+		);
+
+
+$post_status_label = __('Pages');
+$post_status_q = '';
+if ( isset($_GET['post_status']) && in_array( $_GET['post_status'], array_keys($post_stati) ) ) {
+	$post_status_label = $post_stati[$_GET['post_status']][1];
+	$post_status_q = '&post_status=' . $_GET['post_status'];
+}
+
 ?>

 <div class="wrap">
-<h2><?php _e('Page Management'); ?></h2>
-<p><?php _e('Pages are like posts except they live outside of the normal blog chronology and can be hierarchical. You can use pages to organize and manage any amount of content.'); ?> <a href="page-new.php"><?php _e('Create a new page'); ?> &raquo;</a></p>

-<form name="searchform" action="" method="get"> 
-  <fieldset> 
-  <legend><?php _e('Search Pages&hellip;') ?></legend>
-  <input type="text" name="s" value="<?php if (isset($_GET['s'])) echo wp_specialchars($_GET['s'], 1); ?>" size="17" /> 
-  <input type="submit" name="submit" value="<?php _e('Search') ?>"  /> 
-  </fieldset>
+<h2><?php
+// Use $_GET instead of is_ since they can override each other
+$h2_search = isset($_GET['s']) && $_GET['s'] ? ' ' . sprintf(__('matching &#8220;%s&#8221;'), wp_specialchars( stripslashes( $_GET['s'] ) ) ) : '';
+$h2_author = '';
+if ( isset($_GET['author']) && $_GET['author'] ) {
+	$author_user = get_userdata( (int) $_GET['author'] );
+	$h2_author = ' ' . sprintf(__('by %s'), wp_specialchars( $author_user->display_name ));
+}
+printf( _c( '%1$s%2$s%3$s|You can reorder these: 1: Pages, 2: by {s}, 3: matching {s}' ), $post_status_label, $h2_author, $h2_search );
+?></h2>
+
+<p><?php _e('Pages are like posts except they live outside of the normal blog chronology and can be hierarchical. You can use pages to organize and manage any amount of content.'); ?> <a href="page-new.php"><?php _e('Create a new page &raquo;'); ?></a></p>
+
+<form name="searchform" id="searchform" action="" method="get">
+	<fieldset><legend><?php _e('Search Terms&hellip;') ?></legend>
+		<input type="text" name="s" id="s" value="<?php echo attribute_escape( stripslashes( $_GET['s'] ) ); ?>" size="17" />
+	</fieldset>
+
+
+	<fieldset><legend><?php _e('Page Type&hellip;'); ?></legend>
+		<select name='post_status'>
+			<option<?php selected( @$_GET['post_status'], 0 ); ?> value='0'><?php _e('Any'); ?></option>
+<?php	foreach ( $post_stati as $status => $label ) : ?>
+			<option<?php selected( @$_GET['post_status'], $status ); ?> value='<?php echo $status; ?>'><?php echo $label[0]; ?></option>
+<?php	endforeach; ?>
+		</select>
+	</fieldset>
+
+<?php $editable_ids = get_editable_user_ids( $user_ID ); if ( $editable_ids && count( $editable_ids ) > 1 ) : ?>
+
+	<fieldset><legend><?php _e('Author&hellip;'); ?></legend>
+		<?php wp_dropdown_users( array('include' => $editable_ids, 'show_option_all' => __('Any'), 'name' => 'author', 'selected' => isset($_GET['author']) ? $_GET['author'] : 0) ); ?>
+	</fieldset>
+
+<?php endif; ?>
+
+	<input type="submit" id="post-query-submit" value="<?php _e('Filter &#187;'); ?>" class="button" />
 </form>

+<br style="clear:both;" />
+
 <?php
+wp("post_type=page&orderby=menu_order&what_to_show=posts$post_status_q&posts_per_page=-1&posts_per_archive_page=-1&order=asc");

-$show_post_type = 'page';
-
-if ( isset($_GET['s']) )
-	wp();
-else
-	$posts = $wpdb->get_results("SELECT * FROM $wpdb->posts WHERE post_status = 'static'");
+$all = !( $h2_search || $post_status_q );

 if ($posts) {
 ?>
-<table id="the-list-x" width="100%" cellpadding="3" cellspacing="3"> 
-  <tr> 
-    <th scope="col"><?php _e('ID') ?></th> 
-    <th scope="col"><?php _e('Title') ?></th> 
+<table class="widefat">
+  <thead>
+  <tr>
+    <th scope="col" style="text-align: center"><?php _e('ID') ?></th>
+    <th scope="col"><?php _e('Title') ?></th>
    <th scope="col"><?php _e('Owner') ?></th>
 	<th scope="col"><?php _e('Updated') ?></th>
-	<th scope="col"></th> 
-    <th scope="col"></th> 
-    <th scope="col"></th> 
-  </tr> 
-<?php
-if ( isset($_GET['s']) ) {
-foreach ( $posts as $post ) : 
-	$class = ('alternate' != $class) ? 'alternate' : ''; ?>
-  <tr id='page-<?php echo $id; ?>' class='<?php echo $class; ?>'> 
-    <th scope="row"><?php echo $post->ID; ?></th> 
-    <td>
-      <?php echo $pad; ?><?php the_title() ?> 
-    </td> 
-    <td><?php the_author() ?></td>
-    <td><?php echo mysql2date('Y-m-d g:i a', $post->post_modified); ?></td> 
-	<td><a href="<?php the_permalink(); ?>" rel="permalink" class="edit"><?php _e('View'); ?></a></td>
-    <td><?php if ( current_user_can('edit_pages') ) { echo "<a href='post.php?action=edit&amp;post=$id' class='edit'>" . __('Edit') . "</a>"; } ?></td> 
-    <td><?php if ( current_user_can('edit_pages') ) { echo "<a href='post.php?action=delete&amp;post=$id' class='delete' onclick=\"return deleteSomething( 'page', " . $id . ", '" . sprintf(__("You are about to delete the &quot;%s&quot; page.\\n&quot;OK&quot; to delete, &quot;Cancel&quot; to stop."), wp_specialchars(get_the_title('','',0), 1)) . "' );\">" . __('Delete') . "</a>"; } ?></td> 
+	<th scope="col" colspan="3" style="text-align: center"><?php _e('Action'); ?></th>
  </tr>
-<?php
-endforeach;
-} else {
-	page_rows();
-}
-?>
-</table> 
+  </thead>
+  <tbody id="the-list">
+<?php page_rows(0, 0, $posts, $all); ?>
+  </tbody>
+</table>

 <div id="ajax-response"></div>

 <?php
 } else {
 ?>
-<p><?php _e('No pages yet.') ?></p>
+<p><?php _e('No pages found.') ?></p>
 <?php
 } // end if ($posts)
-?> 
+?>

-<h3><a href="page-new.php"><?php _e('Create New Page'); ?> &raquo;</a></h3>
+<h3><a href="page-new.php"><?php _e('Create New Page &raquo;'); ?></a></h3>

 </div>

-<?php include('admin-footer.php'); ?> 
+<?php include('admin-footer.php'); ?>
--- a/wp-admin/edit-post-rows.php
+++ b/wp-admin/edit-post-rows.php
@@ -0,0 +1,118 @@
+<?php if ( ! defined('ABSPATH') ) die(); ?>
+<table class="widefat">
+	<thead>
+	<tr>
+
+<?php foreach($posts_columns as $column_display_name) { ?>
+	<th scope="col"><?php echo $column_display_name; ?></th>
+<?php } ?>
+
+	</tr>
+	</thead>
+	<tbody id="the-list">
+<?php
+if ( have_posts() ) {
+$bgcolor = '';
+add_filter('the_title','wp_specialchars');
+while (have_posts()) : the_post();
+$class = ('alternate' == $class) ? '' : 'alternate';
+global $current_user;
+$post_owner = ( $current_user->ID == $post->post_author ? 'self' : 'other' );
+?>
+	<tr id='post-<?php echo $id; ?>' class='<?php echo trim( $class . ' author-' . $post_owner . ' status-' . $post->post_status ); ?>'>
+
+<?php
+
+foreach($posts_columns as $column_name=>$column_display_name) {
+
+	switch($column_name) {
+
+	case 'id':
+		?>
+		<th scope="row" style="text-align: center"><?php echo $id ?></th>
+		<?php
+		break;
+	case 'modified':
+		?>
+		<td><?php if ( '0000-00-00 00:00:00' ==$post->post_modified ) _e('Never'); else the_modified_time(__('Y-m-d \<\b\r \/\> g:i:s a')); ?></td>
+		<?php
+		break;
+	case 'date':
+		?>
+		<td><?php if ( '0000-00-00 00:00:00' ==$post->post_date) _e('Unpublished'); else the_time(__('Y-m-d \<\b\r \/\> g:i:s a')); ?></td>
+		<?php
+		break;
+	case 'title':
+		?>
+		<td><?php the_title() ?>
+		<?php if ('private' == $post->post_status) _e(' - <strong>Private</strong>'); ?></td>
+		<?php
+		break;
+
+	case 'categories':
+		?>
+		<td><?php the_category(','); ?></td>
+		<?php
+		break;
+
+	case 'comments':
+		?>
+		<td style="text-align: center">
+		<?php
+		$left = get_pending_comments_num( $post->ID );
+		$pending_phrase = sprintf( __('%s pending'), number_format( $left ) );
+		if ( $left )
+			echo '<strong>';
+		comments_number("<a href='edit.php?p=$id&amp;c=1' title='$pending_phrase'>" . __('0') . '</a>', "<a href='edit.php?p=$id&amp;c=1' title='$pending_phrase'>" . __('1') . '</a>', "<a href='edit.php?p=$id&amp;c=1' title='$pending_phrase'>" . __('%') . '</a>');
+		if ( $left )
+			echo '</strong>';
+		?>
+		</td>
+		<?php
+		break;
+
+	case 'author':
+		?>
+		<td><?php the_author() ?></td>
+		<?php
+		break;
+
+	case 'control_view':
+		?>
+		<td><a href="<?php the_permalink(); ?>" rel="permalink" class="view"><?php _e('View'); ?></a></td>
+		<?php
+		break;
+
+	case 'control_edit':
+		?>
+		<td><?php if ( current_user_can('edit_post',$post->ID) ) { echo "<a href='post.php?action=edit&amp;post=$id' class='edit'>" . __('Edit') . "</a>"; } ?></td>
+		<?php
+		break;
+
+	case 'control_delete':
+		?>
+		<td><?php if ( current_user_can('delete_post',$post->ID) ) { echo "<a href='" . wp_nonce_url("post.php?action=delete&amp;post=$id", 'delete-post_' . $post->ID) . "' class='delete' onclick=\"return deleteSomething( 'post', " . $id . ", '" . js_escape(sprintf(__("You are about to delete this post '%s'.\n'OK' to delete, 'Cancel' to stop."), get_the_title())) . "' );\">" . __('Delete') . "</a>"; } ?></td>
+		<?php
+		break;
+
+	default:
+		?>
+		<td><?php do_action('manage_posts_custom_column', $column_name, $id); ?></td>
+		<?php
+		break;
+	}
+}
+?>
+	</tr>
+<?php
+endwhile;
+} else {
+?>
+  <tr style='background-color: <?php echo $bgcolor; ?>'>
+    <td colspan="8"><?php _e('No posts found.') ?></td>
+  </tr>
+<?php
+} // end if ( have_posts() )
+?>
+	</tbody>
+</table>
--- a/wp-admin/edit.php
+++ b/wp-admin/edit.php
@@ -3,130 +3,61 @@ require_once('admin.php');

 $title = __('Posts');
 $parent_file = 'edit.php';
-$list_js = true;
+wp_enqueue_script( 1 == $_GET['c'] ? 'admin-comments' : 'listman' );
 require_once('admin-header.php');

-$_GET['m'] = (int) $_GET['m'];
+$_GET['m']   = (int) $_GET['m'];
+$_GET['cat'] = (int) $_GET['cat'];
+$post_stati  = array(	//	array( adj, noun )
+			'publish' => array(__('Published'), __('Published posts')),
+			'future' => array(__('Scheduled'), __('Scheduled posts')),
+			'pending' => array(__('Pending Review'), __('Pending posts')),
+			'draft' => array(__('Draft'), _c('Drafts|manage posts header')),
+			'private' => array(__('Private'), __('Private posts'))
+		);

-$drafts = get_users_drafts( $user_ID );
-$other_drafts = get_others_drafts( $user_ID);
+$avail_post_stati = $wpdb->get_col("SELECT DISTINCT post_status FROM $wpdb->posts WHERE post_type = 'post'");

-if ($drafts || $other_drafts) {
-?> 
-<div class="wrap">
-<?php if ($drafts) { ?>
-    <p><strong><?php _e('Your Drafts:') ?></strong> 
-    <?php
-	$i = 0;
-	foreach ($drafts as $draft) {
-		if (0 != $i)
-			echo ', ';
-		$draft->post_title = stripslashes($draft->post_title);
-		if ($draft->post_title == '')
-			$draft->post_title = sprintf(__('Post #%s'), $draft->ID);
-		echo "<a href='post.php?action=edit&amp;post=$draft->ID' title='" . __('Edit this draft') . "'>$draft->post_title</a>";
-		++$i;
-		}
-	?> 
-    .</p> 
-<?php } ?>
-
-<?php if ($other_drafts) { ?> 
-    <p><strong><?php _e('Other&#8217;s Drafts:') ?></strong> 
-    <?php
-	$i = 0;
-	foreach ($other_drafts as $draft) {
-		if (0 != $i)
-			echo ', ';
-		$draft->post_title = stripslashes($draft->post_title);
-		if ($draft->post_title == '')
-			$draft->post_title = sprintf(__('Post #%s'), $draft->ID);
-		echo "<a href='post.php?action=edit&amp;post=$draft->ID' title='" . __('Edit this draft') . "'>$draft->post_title</a>";
-		++$i;
-		}
-	?> 
-    .</p> 
-
-<?php } ?>
-
-</div>
-<?php } ?>
-
-<div class="wrap">
-<h2>
-<?php
-$what_to_show = 'posts';
-$posts_per_page = 15;
-$posts_per_archive_page = -1;
-
-wp();
-
-if ( is_month() ) {
-	single_month_title(' ');
-} elseif ( is_search() ) {
-	printf(__('Search for &#8220;%s&#8221;'), wp_specialchars($_GET['s']) );
-} else {
-	if ( is_single() )
-		printf(__('Comments on %s'), $post->post_title);
-	elseif ( ! is_paged() || get_query_var('paged') == 1 )
-		_e('Last 15 Posts');
-	else
-		_e('Previous Posts');
+$post_status_q = '';
+$post_status_label = __('Posts');
+if ( isset($_GET['post_status']) && in_array( $_GET['post_status'], array_keys($post_stati) ) ) {
+	$post_status_label = $post_stati[$_GET['post_status']][1];
+	$post_status_q = '&post_status=' . $_GET['post_status'];
 }
 ?>
-</h2>

-<form name="searchform" action="" method="get" style="float: left; width: 16em; margin-right: 3em;"> 
-  <fieldset> 
-  <legend><?php _e('Search Posts&hellip;') ?></legend> 
-  <input type="text" name="s" value="<?php if (isset($s)) echo wp_specialchars($s, 1); ?>" size="17" /> 
-  <input type="submit" name="submit" value="<?php _e('Search') ?>"  /> 
-  </fieldset>
-</form>
-
-<?php $arc_result = $wpdb->get_results("SELECT DISTINCT YEAR(post_date) AS yyear, MONTH(post_date) AS mmonth FROM $wpdb->posts WHERE post_date != '0000-00-00 00:00:00' ORDER BY post_date DESC");
-
-if ( count($arc_result) ) { ?>
-
-<form name="viewarc" action="" method="get" style="float: left; width: 20em; margin-bottom: 1em;">
-	<fieldset>
-	<legend><?php _e('Browse Month&hellip;') ?></legend>
-    <select name='m'>
-	<?php
-		foreach ($arc_result as $arc_row) {			
-			$arc_year  = $arc_row->yyear;
-			$arc_month = $arc_row->mmonth;
-			
-			if( isset($_GET['m']) && $arc_year . zeroise($arc_month, 2) == (int) $_GET['m'] )
-				$default = 'selected="selected"';
-			else
-				$default = null;
-			
-			echo "<option $default value=\"" . $arc_year.zeroise($arc_month, 2) . '">';
-			echo $month[zeroise($arc_month, 2)] . " $arc_year";
-			echo "</option>\n";
-		}
-	?>
-	</select>
-		<input type="submit" name="submit" value="<?php _e('Show Month') ?>"  /> 
-	</fieldset>
-</form>
-
-<?php } ?>
-
-<br style="clear:both;" />
+<div class="wrap">

 <?php

+if ( 'pending' === $_GET['post_status'] ) {
+	$order = 'ASC';
+	$orderby = 'modified';
+} elseif ( 'draft' === $_GET['post_status'] ) {
+	$order = 'DESC';
+	$orderby = 'modified';
+} else {
+	$order = 'DESC';
+	$orderby = 'date';
+}
+
+wp("what_to_show=posts$post_status_q&posts_per_page=15&order=$order&orderby=$orderby");
+
 // define the columns to display, the syntax is 'internal name' => 'display name'
-$posts_columns = array(
-  'id'         => __('ID'),
-  'date'       => __('When'),
-  'title'      => __('Title'),
-  'categories' => __('Categories'),
-  'comments'   => __('Comments'),
-  'author'     => __('Author')
-);
+$posts_columns = array();
+$posts_columns['id'] = '<div style="text-align: center">' . __('ID') . '</div>';
+if ( 'draft' === $_GET['post_status'] )
+	$posts_columns['modified'] = __('Modified');
+elseif ( 'pending' === $_GET['post_status'] )
+	$posts_columns['modified'] = __('Submitted');
+else
+	$posts_columns['date'] = __('When');
+$posts_columns['title'] = __('Title');
+$posts_columns['categories'] = __('Categories');
+if ( !in_array($_GET['post_status'], array('pending', 'draft', 'future')) )
+	$posts_columns['comments'] = '<div style="text-align: center">' . __('Comments') . '</div>';
+$posts_columns['author'] = __('Author');
+
 $posts_columns = apply_filters('manage_posts_columns', $posts_columns);

 // you can not edit these at the moment
@@ -136,104 +67,100 @@ $posts_columns['control_delete'] = '';

 ?>

-<table id="the-list-x" width="100%" cellpadding="3" cellspacing="3"> 
-	<tr>
+<h2><?php
+if ( is_single() ) {
+	printf(__('Comments on %s'), apply_filters( "the_title", $post->post_title));
+} else {
+	if ( $post_listing_pageable && !is_archive() && !is_search() )
+		$h2_noun = is_paged() ? sprintf(__( 'Previous %s' ), $post_status_label) : sprintf(__('Latest %s'), $post_status_label);
+	else
+		$h2_noun = $post_status_label;
+	// Use $_GET instead of is_ since they can override each other
+	$h2_author = '';
+	$_GET['author'] = (int) $_GET['author'];
+	if ( $_GET['author'] != 0 ) {
+		if ( $_GET['author'] == '-' . $user_ID ) { // author exclusion
+			$h2_author = ' ' . __('by other authors');
+		} else {
+			$author_user = get_userdata( get_query_var( 'author' ) );
+			$h2_author = ' ' . sprintf(__('by %s'), wp_specialchars( $author_user->display_name ));
+		}
+	}
+	$h2_search = isset($_GET['s'])   && $_GET['s']   ? ' ' . sprintf(__('matching &#8220;%s&#8221;'), wp_specialchars( get_search_query() ) ) : '';
+	$h2_cat    = isset($_GET['cat']) && $_GET['cat'] ? ' ' . sprintf( __('in &#8220;%s&#8221;'), single_cat_title('', false) ) : '';
+	$h2_month  = isset($_GET['m'])   && $_GET['m']   ? ' ' . sprintf( __('during %s'), single_month_title(' ', false) ) : '';
+	printf( _c( '%1$s%2$s%3$s%4$s%5$s|You can reorder these: 1: Posts, 2: by {s}, 3: matching {s}, 4: in {s}, 5: during {s}' ), $h2_noun, $h2_author, $h2_search, $h2_cat, $h2_month );
+}
+?></h2>
+
+<form name="searchform" id="searchform" action="" method="get">
+	<fieldset><legend><?php _e('Search terms&hellip;'); ?></legend>
+		<input type="text" name="s" id="s" value="<?php the_search_query(); ?>" size="17" />
+	</fieldset>
+
+	<fieldset><legend><?php _e('Status&hellip;'); ?></legend>
+		<select name='post_status'>
+			<option<?php selected( @$_GET['post_status'], 0 ); ?> value='0'><?php _e('Any'); ?></option>
+<?php	foreach ( $post_stati as $status => $label ) : if ( !in_array($status, $avail_post_stati) ) continue; ?>
+			<option<?php selected( @$_GET['post_status'], $status ); ?> value='<?php echo $status; ?>'><?php echo $label[0]; ?></option>
+<?php	endforeach; ?>
+		</select>
+	</fieldset>
+
+<?php
+$editable_ids = get_editable_user_ids( $user_ID );
+if ( $editable_ids && count( $editable_ids ) > 1 ) :
+?>
+	<fieldset><legend><?php _e('Author&hellip;'); ?></legend>
+		<?php wp_dropdown_users( array('include' => $editable_ids, 'show_option_all' => __('Any'), 'name' => 'author', 'selected' => isset($_GET['author']) ? $_GET['author'] : 0) ); ?>
+	</fieldset>
+
+<?php
+endif;
+
+$arc_query = "SELECT DISTINCT YEAR(post_date) AS yyear, MONTH(post_date) AS mmonth FROM $wpdb->posts WHERE post_type = 'post' ORDER BY post_date DESC";
+
+$arc_result = $wpdb->get_results( $arc_query );
+
+$month_count = count($arc_result);
+
+if ( $month_count && !( 1 == $month_count && 0 == $arc_result[0]->mmonth ) ) { ?>
+
+	<fieldset><legend><?php _e('Month&hellip;') ?></legend>
+		<select name='m'>
+			<option<?php selected( @$_GET['m'], 0 ); ?> value='0'><?php _e('Any'); ?></option>
+		<?php
+		foreach ($arc_result as $arc_row) {
+			if ( $arc_row->yyear == 0 )
+				continue;
+			$arc_row->mmonth = zeroise($arc_row->mmonth, 2);
+
+			if ( $arc_row->yyear . $arc_row->mmonth == $_GET['m'] )
+				$default = ' selected="selected"';
+			else
+				$default = '';
+
+			echo "<option$default value='$arc_row->yyear$arc_row->mmonth'>";
+			echo $wp_locale->get_month($arc_row->mmonth) . " $arc_row->yyear";
+			echo "</option>\n";
+		}
+		?>
+		</select>
+	</fieldset>

-<?php foreach($posts_columns as $column_display_name) { ?>
-	<th scope="col"><?php echo $column_display_name; ?></th>
 <?php } ?>

-	</tr>
-<?php
-if ($posts) {
-$bgcolor = '';
-foreach ($posts as $post) { start_wp();
-$class = ('alternate' == $class) ? '' : 'alternate';
-?> 
-	<tr id='post-<?php echo $id; ?>' class='<?php echo $class; ?>'>
+	<fieldset><legend><?php _e('Category&hellip;') ?></legend>
+		<?php wp_dropdown_categories('show_option_all='.__('All').'&hide_empty=1&hierarchical=1&show_count=1&selected='.$cat);?>
+	</fieldset>
+	<input type="submit" id="post-query-submit" value="<?php _e('Filter &#187;'); ?>" class="button" />
+</form>

-<?php
+<?php do_action('restrict_manage_posts'); ?>

-foreach($posts_columns as $column_name=>$column_display_name) {
+<br style="clear:both;" />

-	switch($column_name) {
-	
-	case 'id':
-		?>
-		<th scope="row"><?php echo $id ?></th>
-		<?php
-		break;
-
-	case 'date':
-		?>
-		<td><?php the_time('Y-m-d \<\b\r \/\> g:i:s a'); ?></td>
-		<?php
-		break;
-	case 'title':
-		?>
-		<td><?php the_title() ?>
-		<?php if ('private' == $post->post_status) _e(' - <strong>Private</strong>'); ?></td>
-		<?php
-		break;
-
-	case 'categories':
-		?>
-		<td><?php the_category(','); ?></td>
-		<?php
-		break;
-
-	case 'comments':
-		?>
-		<td><a href="edit.php?p=<?php echo $id ?>&amp;c=1"> 
-      <?php comments_number(__('0'), __('1'), __('%')) ?> 
-      </a></td>
-		<?php
-		break;
-
-	case 'author':
-		?>
-		<td><?php the_author() ?></td>
-		<?php
-		break;
-
-	case 'control_view':
-		?>
-		<td><a href="<?php the_permalink(); ?>" rel="permalink" class="edit"><?php _e('View'); ?></a></td>
-		<?php
-		break;
-
-	case 'control_edit':
-		?>
-		<td><?php if ( current_user_can('edit_post',$post->ID) ) { echo "<a href='post.php?action=edit&amp;post=$id' class='edit'>" . __('Edit') . "</a>"; } ?></td>
-		<?php
-		break;
-
-	case 'control_delete':
-		?>
-		<td><?php if ( current_user_can('edit_post',$post->ID) ) { echo "<a href='post.php?action=delete&amp;post=$id' class='delete' onclick=\"return deleteSomething( 'post', " . $id . ", '" . sprintf(__("You are about to delete this post &quot;%s&quot;.\\n&quot;OK&quot; to delete, &quot;Cancel&quot; to stop."), wp_specialchars(get_the_title('', ''), 1) ) . "' );\">" . __('Delete') . "</a>"; } ?></td>
-		<?php
-		break;
-
-	default:
-		?>
-		<td><?php do_action('manage_posts_custom_column', $column_name, $id); ?></td>
-		<?php
-		break;
-	}
-}
-?>
-	</tr> 
-<?php
-}
-} else {
-?>
-  <tr style='background-color: <?php echo $bgcolor; ?>'> 
-    <td colspan="8"><?php _e('No posts found.') ?></td> 
-  </tr> 
-<?php
-} // end if ($posts)
-?> 
-</table>
+<?php include( 'edit-post-rows.php' ); ?>

 <div id="ajax-response"></div>

@@ -243,57 +170,54 @@ foreach($posts_columns as $column_name=>$column_display_name) {
 </div>

 <?php
+
 if ( 1 == count($posts) ) {

 	$comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = $id AND comment_approved != 'spam' ORDER BY comment_date");
 	if ($comments) {
-	?> 
-<h3><?php _e('Comments') ?></h3> 
-<ol id="comments"> 
+		update_comment_cache($comments);
+	?>
+<h3 id="comments"><?php _e('Comments') ?></h3>
+<ol id="the-comment-list" class="commentlist">
 <?php
+$i = 0;
 foreach ($comments as $comment) {
-$comment_status = wp_get_comment_status($comment->comment_ID);
-?> 

-<li <?php if ("unapproved" == $comment_status) echo "class='unapproved'"; ?> >
-  <?php comment_date('Y-n-j') ?> 
-  @
-  <?php comment_time('g:m:s a') ?> 
-  <?php 
-			if ( current_user_can('edit_post', $post->ID) ) {
-				echo "[ <a href=\"post.php?action=editcomment&amp;comment=".$comment->comment_ID."\">" .  __('Edit') . "</a>";
-				echo " - <a href=\"post.php?action=deletecomment&amp;p=".$post->ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return confirm('" . sprintf(__("You are about to delete this comment by \'%s\'\\n  \'OK\' to delete, \'Cancel\' to stop."), $comment->comment_author) . "')\">" . __('Delete') . "</a> ";
-				if ( ('none' != $comment_status) && ( current_user_can('moderate_comments') ) ) {
-					if ('approved' == wp_get_comment_status($comment->comment_ID)) {
-						echo " - <a href=\"post.php?action=unapprovecomment&amp;p=".$post->ID."&amp;comment=".$comment->comment_ID."\">" . __('Unapprove') . "</a> ";
-					} else {
-						echo " - <a href=\"post.php?action=approvecomment&amp;p=".$post->ID."&amp;comment=".$comment->comment_ID."\">" . __('Approve') . "</a> ";
-					}
-				}
-				echo "]";
-			} // end if any comments to show
-			?> 
-  <br /> 
-  <strong> 
-  <?php comment_author() ?> 
-  (
-  <?php comment_author_email_link() ?> 
-  /
-  <?php comment_author_url_link() ?> 
-  )</strong> (IP:
-  <?php comment_author_IP() ?> 
-  )
-  <?php comment_text() ?> 
+		++$i; $class = '';
+		$post = get_post($comment->comment_post_ID);
+		$authordata = get_userdata($post->post_author);
+			$comment_status = wp_get_comment_status($comment->comment_ID);
+			if ('unapproved' == $comment_status)
+				$class .= ' unapproved';
+			if ($i % 2)
+				$class .= ' alternate';
+			echo "<li id='comment-$comment->comment_ID' class='$class'>";
+?>
+<p><strong><?php comment_author() ?></strong> <?php if ($comment->comment_author_email) { ?>| <?php comment_author_email_link() ?> <?php } if ($comment->comment_author_url && 'http://' != $comment->comment_author_url) { ?> | <?php comment_author_url_link() ?> <?php } ?>| <?php _e('IP:') ?> <a href="edit-comments.php?s=<?php comment_author_IP() ?>&amp;mode=edit"><?php comment_author_IP() ?></a></p>
+
+<?php comment_text() ?>
+
+<p><?php comment_date(__('M j, g:i A')); ?> &#8212; [
+<?php
+if ( current_user_can('edit_post', $comment->comment_post_ID) ) {
+	echo " <a href='comment.php?action=editcomment&amp;c=".$comment->comment_ID."'>" . __('Edit') . '</a>';
+	echo ' | <a href="' . wp_nonce_url('comment.php?action=deletecomment&amp;p=' . $comment->comment_post_ID . '&amp;c=' . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . '" onclick="return deleteSomething( \'comment\', ' . $comment->comment_ID . ', \'' . js_escape(sprintf(__("You are about to delete this comment by '%s'.\n'Cancel' to stop, 'OK' to delete."), $comment->comment_author)) . "', theCommentList );\">" . __('Delete') . '</a> ';
+	if ( ('none' != $comment_status) && ( current_user_can('moderate_comments') ) ) {
+		echo '<span class="unapprove"> | <a href="' . wp_nonce_url('comment.php?action=unapprovecomment&amp;p=' . $comment->comment_post_ID . '&amp;c=' . $comment->comment_ID, 'unapprove-comment_' . $comment->comment_ID) . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\', theCommentList );">' . __('Unapprove') . '</a> </span>';
+		echo '<span class="approve"> | <a href="' . wp_nonce_url('comment.php?action=approvecomment&amp;p=' . $comment->comment_post_ID . '&amp;c=' . $comment->comment_ID, 'approve-comment_' . $comment->comment_ID) . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\', theCommentList );">' . __('Approve') . '</a> </span>';
+	}
+	echo " | <a href=\"" . wp_nonce_url("comment.php?action=deletecomment&amp;dt=spam&amp;p=" . $comment->comment_post_ID . "&amp;c=" . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . "\" onclick=\"return deleteSomething( 'comment-as-spam', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to mark as spam this comment by '%s'.\n'Cancel' to stop, 'OK' to mark as spam."), $comment->comment_author)) . "', theCommentList );\">" . __('Spam') . "</a> ";
+}
+?> ]
+</p>
+		</li>

-</li> 
-<!-- /comment --> 
 <?php //end of the loop, don't delete
 		} // end foreach
 	echo '</ol>';
 	}//end if comments
 	?>
-<?php } ?> 
-</div> 
-<?php 
- include('admin-footer.php');
-?> 
+<?php } ?>
+</div>
+
+<?php include('admin-footer.php'); ?>
--- a/wp-admin/execute-pings.php
+++ b/wp-admin/execute-pings.php
@@ -1,25 +0,0 @@
-<?php
-
-require_once('../wp-config.php');
-
-// Do pingbacks
-while ($ping = $wpdb->get_row("SELECT * FROM {$wpdb->posts}, {$wpdb->postmeta} WHERE {$wpdb->posts}.ID = {$wpdb->postmeta}.post_id AND {$wpdb->postmeta}.meta_key = '_pingme' LIMIT 1")) {
-	$wpdb->query("DELETE FROM {$wpdb->postmeta} WHERE post_id = {$ping->ID} AND meta_key = '_pingme';");
-	pingback($ping->post_content, $ping->ID);
-}
-
-// Do Enclosures
-while ($enclosure = $wpdb->get_row("SELECT * FROM {$wpdb->posts}, {$wpdb->postmeta} WHERE {$wpdb->posts}.ID = {$wpdb->postmeta}.post_id AND {$wpdb->postmeta}.meta_key = '_encloseme' LIMIT 1")) {
-	$wpdb->query("DELETE FROM {$wpdb->postmeta} WHERE post_id = {$enclosure->ID} AND meta_key = '_encloseme';");
-	do_enclose($enclosure->post_content, $enclosure->ID);
-}
-
-// Do Trackbacks
-$trackbacks = $wpdb->get_results("SELECT ID FROM $wpdb->posts WHERE CHAR_LENGTH(TRIM(to_ping)) > 7 AND post_status != 'draft'");
-if ( is_array($trackbacks) ) {
-	foreach ( $trackbacks as $trackback ) {
-		do_trackbacks($trackback->ID);
-	}
-}
-
-?>
--- a/wp-admin/export.php
+++ b/wp-admin/export.php
@@ -0,0 +1,272 @@
+<?php
+require_once ('admin.php');
+$title = __('Export');
+$parent_file = 'edit.php';
+
+if ( isset( $_GET['download'] ) )
+	export_wp();
+
+require_once ('admin-header.php');
+?>
+
+<div class="wrap">
+<h2><?php _e('Export'); ?></h2>
+<div class="narrow">
+<p><?php _e('When you click the button below WordPress will create an XML file for you to save to your computer.'); ?></p>
+<p><?php _e('This format, which we call WordPress eXtended RSS or WXR, will contain your posts, comments, custom fields, and categories.'); ?></p>
+<p><?php _e('Once you&#8217;ve saved the download file, you can use the Import function on another WordPress blog to import this blog.'); ?></p>
+<form action="" method="get">
+<h3><?php _e('Optional options'); ?></h3>
+
+<table>
+<tr>
+<th><?php _e('Restrict Author:'); ?></th>
+<td>
+<select name="author">
+<option value="all" selected="selected"><?php _e('All'); ?></option>
+<?php
+$authors = $wpdb->get_col( "SELECT post_author FROM $wpdb->posts GROUP BY post_author" );
+foreach ( $authors as $id ) {
+	$o = get_userdata( $id );
+	echo "<option value='$o->ID'>$o->display_name</option>";
+}
+?>
+</select>
+</td>
+</tr>
+</table>
+<p class="submit"><input type="submit" name="submit" value="<?php _e('Download Export File'); ?> &raquo;" />
+<input type="hidden" name="download" value="true" />
+</p>
+</form>
+</div>
+</div>
+
+<?php
+
+function export_wp() {
+global $wpdb, $post_ids, $post;
+
+do_action('export_wp');
+
+$filename = 'wordpress.' . date('Y-m-d') . '.xml';
+
+header('Content-Description: File Transfer');
+header("Content-Disposition: attachment; filename=$filename");
+header('Content-Type: text/xml; charset=' . get_option('blog_charset'), true);
+
+$where = '';
+if ( isset( $_GET['author'] ) && $_GET['author'] != 'all' ) {
+	$author_id = (int) $_GET['author'];
+	$where = " WHERE post_author = '$author_id' ";
+}
+
+// grab a snapshot of post IDs, just in case it changes during the export
+$post_ids = $wpdb->get_col("SELECT ID FROM $wpdb->posts $where ORDER BY post_date_gmt ASC");
+
+$categories = (array) get_categories('get=all');
+$tags = (array) get_tags('get=all');
+
+function wxr_missing_parents($categories) {
+	if ( !is_array($categories) || empty($categories) )
+		return array();
+
+	foreach ( $categories as $category )
+		$parents[$category->term_id] = $category->parent;
+
+	$parents = array_unique(array_diff($parents, array_keys($parents)));
+
+	if ( $zero = array_search('0', $parents) )
+		unset($parents[$zero]);
+
+	return $parents;
+}
+
+while ( $parents = wxr_missing_parents($categories) ) {
+	$found_parents = get_categories("include=" . join(', ', $parents));
+	if ( is_array($found_parents) && count($found_parents) )
+		$categories = array_merge($categories, $found_parents);
+	else
+		break;
+}
+
+// Put them in order to be inserted with no child going before its parent
+$pass = 0;
+$passes = 1000 + count($categories);
+while ( ( $cat = array_shift($categories) ) && ++$pass < $passes ) {
+	if ( $cat->parent == 0 || isset($cats[$cat->parent]) ) {
+		$cats[$cat->term_id] = $cat;
+	} else {
+		$categories[] = $cat;
+	}
+}
+unset($categories);
+
+function wxr_cdata($str) {
+	if ( seems_utf8($str) == false )
+		$str = utf8_encode($str);
+
+	// $str = ent2ncr(wp_specialchars($str));
+
+	$str = "<![CDATA[$str" . ( ( substr($str, -1) == ']' ) ? ' ' : '') . "]]>";
+
+	return $str;
+}
+
+function wxr_cat_name($c) {
+	if ( empty($c->name) )
+		return;
+
+	echo '<wp:cat_name>' . wxr_cdata($c->name) . '</wp:cat_name>';
+}
+
+function wxr_category_description($c) {
+	if ( empty($c->description) )
+		return;
+
+	echo '<wp:category_description>' . wxr_cdata($c->description) . '</wp:category_description>';
+}
+
+function wxr_tag_name($t) {
+	if ( empty($t->name) )
+		return;
+
+	echo '<wp:tag_name>' . wxr_cdata($t->name) . '</wp:tag_name>';
+}
+
+function wxr_tag_description($t) {
+	if ( empty($t->description) )
+		return;
+
+	echo '<wp:tag_description>' . wxr_cdata($t->description) . '</wp:tag_description>';
+}
+
+function wxr_post_taxonomy() {
+	$categories = get_the_category();
+	$tags = get_the_tags();
+	$cat_names = array();
+	$tag_names = array();
+	$the_list = '';
+	$filter = 'rss';
+
+	if ( !empty($categories) ) foreach ( (array) $categories as $category ) {
+		$cat_name = sanitize_term_field('name', $category->name, $category->term_id, 'category', $filter);
+		$the_list .= "\n\t\t<category><![CDATA[$cat_name]]></category>\n";
+	}
+
+	if ( !empty($tags) ) foreach ( (array) $tags as $tag ) {
+		$tag_name = sanitize_term_field('name', $tag->name, $tag->term_id, 'post_tag', $filter);
+		$the_list .= "\n\t\t<category domain=\"tag\"><![CDATA[$tag_name]]></category>\n";
+	}
+
+	echo $the_list;
+}
+
+echo '<?xml version="1.0" encoding="' . get_bloginfo('charset') . '"?' . ">\n";
+
+?>
+<!-- This is a WordPress eXtended RSS file generated by WordPress as an export of your blog. -->
+<!-- It contains information about your blog's posts, comments, and categories. -->
+<!-- You may use this file to transfer that content from one site to another. -->
+<!-- This file is not intended to serve as a complete backup of your blog. -->
+
+<!-- To import this information into a WordPress blog follow these steps. -->
+<!-- 1. Log into that blog as an administrator. -->
+<!-- 2. Go to Manage: Import in the blog's admin panels. -->
+<!-- 3. Choose "WordPress" from the list. -->
+<!-- 4. Upload this file using the form provided on that page. -->
+<!-- 5. You will first be asked to map the authors in this export file to users -->
+<!--    on the blog.  For each author, you may choose to map to an -->
+<!--    existing user on the blog or to create a new user -->
+<!-- 6. WordPress will then import each of the posts, comments, and categories -->
+<!--    contained in this file into your blog -->
+
+<!-- generator="wordpress/<?php bloginfo_rss('version') ?>" created="<?php echo date('Y-m-d H:i'); ?>"-->
+<rss version="2.0"
+	xmlns:content="http://purl.org/rss/1.0/modules/content/"
+	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
+	xmlns:dc="http://purl.org/dc/elements/1.1/"
+	xmlns:wp="http://wordpress.org/export/1.0/"
+>
+
+<channel>
+	<title><?php bloginfo_rss('name'); ?></title>
+	<link><?php bloginfo_rss('url') ?></link>
+	<description><?php bloginfo_rss("description") ?></description>
+	<pubDate><?php echo mysql2date('D, d M Y H:i:s +0000', get_lastpostmodified('GMT'), false); ?></pubDate>
+	<generator>http://wordpress.org/?v=<?php bloginfo_rss('version'); ?></generator>
+	<language><?php echo get_option('rss_language'); ?></language>
+<?php if ( $cats ) : foreach ( $cats as $c ) : ?>
+	<wp:category><wp:category_nicename><?php echo $c->slug; ?></wp:category_nicename><wp:category_parent><?php echo $c->parent ? $cats[$c->parent]->name : ''; ?></wp:category_parent><?php wxr_cat_name($c); ?><?php wxr_category_description($c); ?></wp:category>
+<?php endforeach; endif; ?>
+<?php if ( $tags ) : foreach ( $tags as $t ) : ?>
+	<wp:tag><wp:tag_slug><?php echo $t->slug; ?></wp:tag_slug><?php wxr_tag_name($t); ?><?php wxr_tag_description($t); ?></wp:tag>
+<?php endforeach; endif; ?>
+	<?php do_action('rss2_head'); ?>
+	<?php if ($post_ids) {
+		global $wp_query;
+		$wp_query->in_the_loop = true;  // Fake being in the loop.
+		// fetch 20 posts at a time rather than loading the entire table into memory
+		while ( $next_posts = array_splice($post_ids, 0, 20) ) {
+			$where = "WHERE ID IN (".join(',', $next_posts).")";
+			$posts = $wpdb->get_results("SELECT * FROM $wpdb->posts $where ORDER BY post_date_gmt ASC");
+				foreach ($posts as $post) {
+			setup_postdata($post); ?>
+<item>
+<title><?php the_title_rss() ?></title>
+<link><?php the_permalink_rss() ?></link>
+<pubDate><?php echo mysql2date('D, d M Y H:i:s +0000', get_post_time('Y-m-d H:i:s', true), false); ?></pubDate>
+<dc:creator><?php the_author() ?></dc:creator>
+<?php wxr_post_taxonomy() ?>
+
+<guid isPermaLink="false"><?php the_guid(); ?></guid>
+<description></description>
+<content:encoded><![CDATA[<?php echo $post->post_content ?>]]></content:encoded>
+<wp:post_id><?php echo $post->ID; ?></wp:post_id>
+<wp:post_date><?php echo $post->post_date; ?></wp:post_date>
+<wp:post_date_gmt><?php echo $post->post_date_gmt; ?></wp:post_date_gmt>
+<wp:comment_status><?php echo $post->comment_status; ?></wp:comment_status>
+<wp:ping_status><?php echo $post->ping_status; ?></wp:ping_status>
+<wp:post_name><?php echo $post->post_name; ?></wp:post_name>
+<wp:status><?php echo $post->post_status; ?></wp:status>
+<wp:post_parent><?php echo $post->post_parent; ?></wp:post_parent>
+<wp:menu_order><?php echo $post->menu_order; ?></wp:menu_order>
+<wp:post_type><?php echo $post->post_type; ?></wp:post_type>
+<?php
+$postmeta = $wpdb->get_results("SELECT * FROM $wpdb->postmeta WHERE post_id = $post->ID");
+if ( $postmeta ) {
+?>
+<?php foreach( $postmeta as $meta ) { ?>
+<wp:postmeta>
+<wp:meta_key><?php echo $meta->meta_key; ?></wp:meta_key>
+<wp:meta_value><?Php echo $meta->meta_value; ?></wp:meta_value>
+</wp:postmeta>
+<?php } ?>
+<?php } ?>
+<?php
+$comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = $post->ID");
+if ( $comments ) { foreach ( $comments as $c ) { ?>
+<wp:comment>
+<wp:comment_id><?php echo $c->comment_ID; ?></wp:comment_id>
+<wp:comment_author><?php echo wxr_cdata($c->comment_author); ?></wp:comment_author>
+<wp:comment_author_email><?php echo $c->comment_author_email; ?></wp:comment_author_email>
+<wp:comment_author_url><?php echo $c->comment_author_url; ?></wp:comment_author_url>
+<wp:comment_author_IP><?php echo $c->comment_author_IP; ?></wp:comment_author_IP>
+<wp:comment_date><?php echo $c->comment_date; ?></wp:comment_date>
+<wp:comment_date_gmt><?php echo $c->comment_date_gmt; ?></wp:comment_date_gmt>
+<wp:comment_content><?php echo $c->comment_content; ?></wp:comment_content>
+<wp:comment_approved><?php echo $c->comment_approved; ?></wp:comment_approved>
+<wp:comment_type><?php echo $c->comment_type; ?></wp:comment_type>
+<wp:comment_parent><?php echo $c->comment_parent; ?></wp:comment_parent>
+</wp:comment>
+<?php } } ?>
+	</item>
+<?php } } } ?>
+</channel>
+</rss>
+<?php
+	die();
+}
+
+include ('admin-footer.php');
+?>
--- a/wp-admin/images/box-bg-left.gif
+++ b/wp-admin/images/box-bg-left.gif
--- a/wp-admin/images/box-bg-right.gif
+++ b/wp-admin/images/box-bg-right.gif
--- a/wp-admin/images/box-butt-left.gif
+++ b/wp-admin/images/box-butt-left.gif
--- a/wp-admin/images/box-butt-right.gif
+++ b/wp-admin/images/box-butt-right.gif
--- a/wp-admin/images/box-head-left.gif
+++ b/wp-admin/images/box-head-left.gif
--- a/wp-admin/images/box-head-right.gif
+++ b/wp-admin/images/box-head-right.gif
--- a/wp-admin/images/heading-bg.gif
+++ b/wp-admin/images/heading-bg.gif
--- a/wp-admin/images/login-bkg-bottom.gif
+++ b/wp-admin/images/login-bkg-bottom.gif
--- a/wp-admin/images/login-bkg-tile.gif
+++ b/wp-admin/images/login-bkg-tile.gif
--- a/wp-admin/images/logo-ghost.png
+++ b/wp-admin/images/logo-ghost.png
--- a/wp-admin/import.php
+++ b/wp-admin/import.php
@@ -1,28 +1,30 @@
 <?php
 require_once ('admin.php');
 $title = __('Import');
-$parent_file = 'import.php';
+$parent_file = 'edit.php';
 require_once ('admin-header.php');
 ?>

 <div class="wrap">
 <h2><?php _e('Import'); ?></h2>
-<p><?php _e('If you have posts or comments in another system WordPress can import them into your current blog. To get started, choose a system to import from below:'); ?></p>
+<p><?php _e('If you have posts or comments in another system, WordPress can import those into this blog. To get started, choose a system to import from below:'); ?></p>

 <?php

 // Load all importers so that they can register.
 $import_loc = 'wp-admin/import';
 $import_root = ABSPATH.$import_loc;
-$imports_dir = @ dir($import_root);
+$imports_dir = @ opendir($import_root);
 if ($imports_dir) {
-	while (($file = $imports_dir->read()) !== false) {
-		if (preg_match('|^\.+$|', $file))
+	while (($file = readdir($imports_dir)) !== false) {
+		if ($file{0} == '.') {
 			continue;
-		if (preg_match('|\.php$|', $file))
-			require_once("$import_root/$file");
+		} elseif (substr($file, -4) == '.php') {
+			require_once($import_root . '/' . $file);
+		}
 	}
 }
+@closedir($imports_dir);

 $importers = get_importers();

@@ -30,20 +32,20 @@ if (empty ($importers)) {
 	echo '<p>'.__('No importers are available.').'</p>'; // TODO: make more helpful
 } else {
 ?>
-<table width="100%" cellpadding="3" cellspacing="3">
+<table class="widefat">

 <?php
 	$style = '';
 	foreach ($importers as $id => $data) {
 		$style = ('class="alternate"' == $style || 'class="alternate active"' == $style) ? '' : 'alternate';
-		$action = "<a href='admin.php?import=$id' title='{$data[1]}'>{$data[0]}</a>";
+		$action = "<a href='admin.php?import=$id' title='".wptexturize(strip_tags($data[1]))."'>{$data[0]}</a>";

 		if ($style != '')
 			$style = 'class="'.$style.'"';
 		echo "
 			<tr $style>
-				<td class=\"togl\">$action</td>
-				<td class=\"desc\">{$data[1]}</td>
+				<td class='import-system'>$action</td>
+				<td class='desc'>{$data[1]}</td>
 			</tr>";
 	}
 ?>
--- a/wp-admin/import/b2.php
+++ b/wp-admin/import/b2.php
--- a/wp-admin/import/blogger.php
+++ b/wp-admin/import/blogger.php
--- a/wp-admin/import/blogware.php
+++ b/wp-admin/import/blogware.php
@@ -0,0 +1,201 @@
+<?php
+
+/* By Shayne Sweeney - http://www.theshayne.com/ */
+
+class BW_Import {
+
+	var $file;
+
+	function header() {
+		echo '<div class="wrap">';
+		echo '<h2>'.__('Import Blogware').'</h2>';
+	}
+
+	function footer() {
+		echo '</div>';
+	}
+
+	function unhtmlentities($string) { // From php.net for < 4.3 compat
+		$trans_tbl = get_html_translation_table(HTML_ENTITIES);
+		$trans_tbl = array_flip($trans_tbl);
+		return strtr($string, $trans_tbl);
+	}
+
+	function greet() {
+		echo '<div class="narrow">';
+		echo '<p>'.__('Howdy! This importer allows you to extract posts from Blogware XML export file into your blog.  Pick a Blogware file to upload and click Import.').'</p>';
+		wp_import_upload_form("admin.php?import=blogware&amp;step=1");
+		echo '</div>';
+	}
+
+	function import_posts() {
+		global $wpdb, $current_user;
+
+		set_magic_quotes_runtime(0);
+		$importdata = file($this->file); // Read the file into an array
+		$importdata = implode('', $importdata); // squish it
+		$importdata = str_replace(array ("\r\n", "\r"), "\n", $importdata);
+
+		preg_match_all('|(<item[^>]+>(.*?)</item>)|is', $importdata, $posts);
+		$posts = $posts[1];
+		unset($importdata);
+		echo '<ol>';
+		foreach ($posts as $post) {
+			flush();
+			preg_match('|<item type=\"(.*?)\">|is', $post, $post_type);
+			$post_type = $post_type[1];
+			if($post_type == "photo") {
+				preg_match('|<photoFilename>(.*?)</photoFilename>|is', $post, $post_title);
+			} else {
+				preg_match('|<title>(.*?)</title>|is', $post, $post_title);
+			}
+			$post_title = $wpdb->escape(trim($post_title[1]));
+
+			preg_match('|<pubDate>(.*?)</pubDate>|is', $post, $post_date);
+			$post_date = strtotime($post_date[1]);
+			$post_date = gmdate('Y-m-d H:i:s', $post_date);
+
+			preg_match_all('|<category>(.*?)</category>|is', $post, $categories);
+			$categories = $categories[1];
+
+			$cat_index = 0;
+			foreach ($categories as $category) {
+				$categories[$cat_index] = $wpdb->escape($this->unhtmlentities($category));
+				$cat_index++;
+			}
+
+			if(strcasecmp($post_type, "photo") === 0) {
+				preg_match('|<sizedPhotoUrl>(.*?)</sizedPhotoUrl>|is', $post, $post_content);
+				$post_content = '<img src="'.trim($post_content[1]).'" />';
+				$post_content = $this->unhtmlentities($post_content);
+			} else {
+				preg_match('|<body>(.*?)</body>|is', $post, $post_content);
+				$post_content = str_replace(array ('<![CDATA[', ']]>'), '', trim($post_content[1]));
+				$post_content = $this->unhtmlentities($post_content);
+			}
+
+			// Clean up content
+			$post_content = preg_replace('|<(/?[A-Z]+)|e', "'<' . strtolower('$1')", $post_content);
+			$post_content = str_replace('<br>', '<br />', $post_content);
+			$post_content = str_replace('<hr>', '<hr />', $post_content);
+			$post_content = $wpdb->escape($post_content);
+
+			$post_author = $current_user->ID;
+			preg_match('|<postStatus>(.*?)</postStatus>|is', $post, $post_status);
+			$post_status = trim($post_status[1]);
+
+			echo '<li>';
+			if ($post_id = post_exists($post_title, $post_content, $post_date)) {
+				printf(__('Post <i>%s</i> already exists.'), stripslashes($post_title));
+			} else {
+				printf(__('Importing post <i>%s</i>...'), stripslashes($post_title));
+				$postdata = compact('post_author', 'post_date', 'post_content', 'post_title', 'post_status');
+				$post_id = wp_insert_post($postdata);
+				if ( is_wp_error( $post_id ) ) {
+					return $post_id;
+				}
+				if (!$post_id) {
+					_e("Couldn't get post ID");
+					echo '</li>';
+					break;
+				}
+				if(0 != count($categories))
+					wp_create_categories($categories, $post_id);
+			}
+
+			preg_match_all('|<comment>(.*?)</comment>|is', $post, $comments);
+			$comments = $comments[1];
+
+			if ( $comments ) {
+				$comment_post_ID = (int) $post_id;
+				$num_comments = 0;
+				foreach ($comments as $comment) {
+					preg_match('|<body>(.*?)</body>|is', $comment, $comment_content);
+					$comment_content = str_replace(array ('<![CDATA[', ']]>'), '', trim($comment_content[1]));
+					$comment_content = $this->unhtmlentities($comment_content);
+
+					// Clean up content
+					$comment_content = preg_replace('|<(/?[A-Z]+)|e', "'<' . strtolower('$1')", $comment_content);
+					$comment_content = str_replace('<br>', '<br />', $comment_content);
+					$comment_content = str_replace('<hr>', '<hr />', $comment_content);
+					$comment_content = $wpdb->escape($comment_content);
+
+					preg_match('|<pubDate>(.*?)</pubDate>|is', $comment, $comment_date);
+					$comment_date = trim($comment_date[1]);
+					$comment_date = date('Y-m-d H:i:s', strtotime($comment_date));
+
+					preg_match('|<author>(.*?)</author>|is', $comment, $comment_author);
+					$comment_author = $wpdb->escape(trim($comment_author[1]));
+
+					$comment_author_email = NULL;
+
+					$comment_approved = 1;
+					// Check if it's already there
+					if (!comment_exists($comment_author, $comment_date)) {
+						$commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_email', 'comment_date', 'comment_content', 'comment_approved');
+						$commentdata = wp_filter_comment($commentdata);
+						wp_insert_comment($commentdata);
+						$num_comments++;
+					}
+				}
+			}
+			if ( $num_comments ) {
+				echo ' ';
+				printf(__('(%s comments)'), $num_comments);
+			}
+			echo '</li>';
+			flush();
+			ob_flush();
+		}
+		echo '</ol>';
+	}
+
+	function import() {
+		$file = wp_import_handle_upload();
+		if ( isset($file['error']) ) {
+			echo $file['error'];
+			return;
+		}
+
+		$this->file = $file['file'];
+		$result = $this->import_posts();
+		if ( is_wp_error( $result ) )
+			return $result;
+		wp_import_cleanup($file['id']);
+
+		echo '<h3>';
+		printf(__('All done. <a href="%s">Have fun!</a>'), get_option('home'));
+		echo '</h3>';
+	}
+
+	function dispatch() {
+		if (empty ($_GET['step']))
+			$step = 0;
+		else
+			$step = (int) $_GET['step'];
+
+		$this->header();
+
+		switch ($step) {
+			case 0 :
+				$this->greet();
+				break;
+			case 1 :
+				$result = $this->import();
+				if ( is_wp_error( $result ) )
+					$result->get_error_message();
+				break;
+		}
+
+		$this->footer();
+	}
+
+	function BW_Import() {
+		// Nothing.
+	}
+}
+
+$blogware_import = new BW_Import();
+
+register_importer('blogware', __('Blogware'), __('Import posts from Blogware'), array ($blogware_import, 'dispatch'));
+?>
--- a/wp-admin/import/btt.php
+++ b/wp-admin/import/btt.php
@@ -0,0 +1,115 @@
+<?php
+
+class BunnyTags_Import {
+
+	function header() {
+		echo '<div class="wrap">';
+		echo '<h2>'.__('Import Bunny&#8217;s Technorati Tags').'</h2>';
+		echo '<p>'.__('Steps may take a few minutes depending on the size of your database. Please be patient.').'<br /><br /></p>';
+	}
+
+	function footer() {
+		echo '</div>';
+	}
+
+	function greet() {
+		echo '<div class="narrow">';
+		echo '<p>'.__('Howdy! This imports tags from an existing Bunny&#8217;s Technorati Tags installation into this blog using the new WordPress native tagging structure.').'</p>';
+		echo '<p>'.__('This is suitable for Bunny&#8217;s Technorati Tags version 0.6.').'</p>';
+		echo '<p><strong>'.__('All existing Bunny&#8217;s Technorati Tags will be removed after import.').'</strong></p>';
+		echo '<p><strong>'.__('Don&#8217;t be stupid - backup your database before proceeding!').'</strong></p>';
+		echo '<form action="admin.php?import=btt&amp;step=1" method="post">';
+		wp_nonce_field('import-btt');
+		echo '<p class="submit"><input type="submit" name="submit" value="'.__('Import Tags &raquo;').'" /></p>';
+		echo '</form>';
+		echo '</div>';
+	}
+
+	function dispatch() {
+		if ( empty($_GET['step']) )
+			$step = 0;
+		else
+			$step = abs(intval($_GET['step']));
+
+		// load the header
+		$this->header();
+
+		switch ( $step ) {
+			case 0 :
+				$this->greet();
+				break;
+			case 1 :
+				check_admin_referer('import-btt');
+				$this->check_post_keyword( true );
+				break;
+			case 2 :
+				check_admin_referer('import-btt');
+				$this->check_post_keyword( false );
+				break;
+			case 3:
+				$this->done();
+				break;
+		}
+
+		// load the footer
+		$this->footer();
+	}
+
+	function check_post_keyword($precheck = true) {
+		global $wpdb;
+
+		echo '<div class="narrow">';
+		echo '<p><h3>'.__('Reading Bunny&#8217;s Technorati Tags&#8230;').'</h3></p>';
+
+		// import Bunny's Keywords tags 
+		$metakeys = $wpdb->get_results("SELECT post_id, meta_id, meta_key, meta_value FROM $wpdb->postmeta WHERE $wpdb->postmeta.meta_key = 'tags'");
+		if ( !is_array($metakeys)) {
+			echo '<p>' . __('No Tags Found!') . '</p>';
+			return false;
+		} else {
+			$count = count($metakeys);
+			echo '<p>' . sprintf( __('Done! <strong>%s</strong> posts with tags were read.'), $count ) . '<br /></p>';
+			echo '<ul>';
+			foreach ( $metakeys as $post_meta ) {
+				if ( $post_meta->meta_value != '' ) {
+					$post_keys = explode(' ', $post_meta->meta_value);
+					foreach ( $post_keys as $keyword ) {
+						$keyword = addslashes(trim(str_replace('+',' ',$keyword)));
+						if ( '' != $keyword ) {
+							echo '<li>' . $post_meta->post_id . '&nbsp;-&nbsp;' . $keyword . '</li>';
+							if ( !$precheck )
+								wp_add_post_tags($post_meta->post_id, $keyword);
+						}
+					}
+				}
+				if ( !$precheck )
+					delete_post_meta($post_meta->post_id, 'tags');
+			}
+			echo '</ul>';
+		}
+
+		echo '<form action="admin.php?import=btt&amp;step='.($precheck? 2:3).'" method="post">';
+		wp_nonce_field('import-btt');
+		echo '<p class="submit"><input type="submit" name="submit" value="'.__('Next &raquo;').'" /></p>';
+		echo '</form>';
+		echo '</div>';
+	}
+
+	function done() {
+		echo '<div class="narrow">';
+		echo '<p><h3>'.__('Import Complete!').'</h3></p>';
+		echo '</div>';
+	}
+
+	function BunnyTags_Import() {
+	}
+
+}
+
+// create the import object
+$btt_import = new BunnyTags_Import();
+
+// add it to the import page!
+register_importer('btt', 'Bunny&#8217;s Technorati Tags', __('Import Bunny&#8217;s Technorati Tags into the new native tagging structure.'), array($btt_import, 'dispatch'));
+
+?>
--- a/wp-admin/import/dotclear.php
+++ b/wp-admin/import/dotclear.php
@@ -1,19 +1,12 @@
 <?php
+/*
+ * DotClear import plugin
+ * by Thomas Quinot - http://thomas.quinot.org/
+ */
+
 /**
 	Add These Functions to make our lives easier
 **/
-if(!function_exists('get_catbynicename'))
-{
-	function get_catbynicename($category_nicename) 
-	{
-	global $wpdb;
-	
-	$cat_id -= 0; 	// force numeric
-	$name = $wpdb->get_var('SELECT cat_ID FROM '.$wpdb->categories.' WHERE category_nicename="'.$category_nicename.'"');
-	
-	return $name;
-	}
-}

 if(!function_exists('get_comment_count'))
 {
@@ -24,15 +17,6 @@ if(!function_exists('get_comment_count'))
 	}
 }

-if(!function_exists('link_cat_exists'))
-{
-	function link_cat_exists($catname)
-	{
-		global $wpdb;
-		return $wpdb->get_var('SELECT cat_id FROM '.$wpdb->linkcategories.' WHERE cat_name = "'.$wpdb->escape($catname).'"');
-	}
-}
-
 if(!function_exists('link_exists'))
 {
 	function link_exists($linkname)
@@ -55,57 +39,58 @@ if(!function_exists('link_exists'))
 //
 //    This cries out for a C-implementation to be included in PHP core
 //
-   function valid_1byte($char) {
-       if(!is_int($char)) return false;
-       return ($char & 0x80) == 0x00;
-   }
-  
-   function valid_2byte($char) {
-       if(!is_int($char)) return false;
-       return ($char & 0xE0) == 0xC0;
-   }

-   function valid_3byte($char) {
-       if(!is_int($char)) return false;
-       return ($char & 0xF0) == 0xE0;
-   }
+function valid_1byte($char) {
+	if(!is_int($char)) return false;
+		return ($char & 0x80) == 0x00;
+}

-   function valid_4byte($char) {
-       if(!is_int($char)) return false;
-       return ($char & 0xF8) == 0xF0;
-   }
-  
-   function valid_nextbyte($char) {
-       if(!is_int($char)) return false;
-       return ($char & 0xC0) == 0x80;
-   }
-  
-   function valid_utf8($string) {
-       $len = strlen($string);
-       $i = 0;   
-       while( $i < $len ) {
-           $char = ord(substr($string, $i++, 1));
-           if(valid_1byte($char)) {    // continue
-               continue;
-           } else if(valid_2byte($char)) { // check 1 byte
-               if(!valid_nextbyte(ord(substr($string, $i++, 1))))
-                   return false;
-           } else if(valid_3byte($char)) { // check 2 bytes
-               if(!valid_nextbyte(ord(substr($string, $i++, 1))))
-                   return false;
-               if(!valid_nextbyte(ord(substr($string, $i++, 1))))
-                   return false;
-           } else if(valid_4byte($char)) { // check 3 bytes
-               if(!valid_nextbyte(ord(substr($string, $i++, 1))))
-                   return false;
-               if(!valid_nextbyte(ord(substr($string, $i++, 1))))
-                   return false;
-               if(!valid_nextbyte(ord(substr($string, $i++, 1))))
-                   return false;
-           } // goto next char
-       }
-       return true; // done
-   }
+function valid_2byte($char) {
+	if(!is_int($char)) return false;
+		return ($char & 0xE0) == 0xC0;
+}
+
+function valid_3byte($char) {
+	if(!is_int($char)) return false;
+		return ($char & 0xF0) == 0xE0;
+}
+
+function valid_4byte($char) {
+	if(!is_int($char)) return false;
+		return ($char & 0xF8) == 0xF0;
+}
+
+function valid_nextbyte($char) {
+	if(!is_int($char)) return false;
+		return ($char & 0xC0) == 0x80;
+}
+
+function valid_utf8($string) {
+	$len = strlen($string);
+	$i = 0;
+	while( $i < $len ) {
+		$char = ord(substr($string, $i++, 1));
+		if(valid_1byte($char)) {    // continue
+			continue;
+		} else if(valid_2byte($char)) { // check 1 byte
+			if(!valid_nextbyte(ord(substr($string, $i++, 1))))
+				return false;
+		} else if(valid_3byte($char)) { // check 2 bytes
+			if(!valid_nextbyte(ord(substr($string, $i++, 1))))
+				return false;
+			if(!valid_nextbyte(ord(substr($string, $i++, 1))))
+				return false;
+		} else if(valid_4byte($char)) { // check 3 bytes
+			if(!valid_nextbyte(ord(substr($string, $i++, 1))))
+				return false;
+			if(!valid_nextbyte(ord(substr($string, $i++, 1))))
+				return false;
+			if(!valid_nextbyte(ord(substr($string, $i++, 1))))
+				return false;
+		} // goto next char
+	}
+	return true; // done
+}

 function csc ($s) {
 	if (valid_utf8 ($s)) {
@@ -124,89 +109,90 @@ function textconv ($s) {
 **/
 class Dotclear_Import {

-	function header() 
+	function header()
 	{
 		echo '<div class="wrap">';
-		echo '<h2>'.__('Import Dotclear').'</h2>';
+		echo '<h2>'.__('Import DotClear').'</h2>';
 		echo '<p>'.__('Steps may take a few minutes depending on the size of your database. Please be patient.').'</p>';
 	}

-	function footer() 
+	function footer()
 	{
 		echo '</div>';
 	}
-	
-	function greet() 
+
+	function greet()
 	{
-		echo '<p>'.__('Howdy! This importer allows you to extract posts from a Dotclear database into your blog.  Mileage may vary.').'</p>';
-		echo '<p>'.__('Your Dotclear Configuration settings are as follows:').'</p>';
+		echo '<div class="narrow"><p>'.__('Howdy! This importer allows you to extract posts from a DotClear database into your blog.  Mileage may vary.').'</p>';
+		echo '<p>'.__('Your DotClear Configuration settings are as follows:').'</p>';
 		echo '<form action="admin.php?import=dotclear&amp;step=1" method="post">';
+		wp_nonce_field('import-dotclear');
 		$this->db_form();
-		echo '<input type="submit" name="submit" value="'.__('Import Categories').'" />';
-		echo '</form>';
+		echo '<p class="submit"><input type="submit" name="submit" value="'.attribute_escape(__('Import Categories &raquo;')).'" /></p>';
+		echo '</form></div>';
 	}

-	function get_dc_cats() 
+	function get_dc_cats()
 	{
 		global $wpdb;
 		// General Housekeeping
 		$dcdb = new wpdb(get_option('dcuser'), get_option('dcpass'), get_option('dcname'), get_option('dchost'));
 		set_magic_quotes_runtime(0);
-		$prefix = get_option('tpre');
-		
+		$dbprefix = get_option('dcdbprefix');
+
 		// Get Categories
-		return $dcdb->get_results('SELECT * FROM dc_categorie', ARRAY_A);
+		return $dcdb->get_results('SELECT * FROM '.$dbprefix.'categorie', ARRAY_A);
 	}
-	
+
 	function get_dc_users()
 	{
 		global $wpdb;
 		// General Housekeeping
 		$dcdb = new wpdb(get_option('dcuser'), get_option('dcpass'), get_option('dcname'), get_option('dchost'));
 		set_magic_quotes_runtime(0);
-		$prefix = get_option('tpre');
-		
+		$dbprefix = get_option('dcdbprefix');
+
 		// Get Users
-		
-		return $dcdb->get_results('SELECT * FROM dc_user', ARRAY_A);
+
+		return $dcdb->get_results('SELECT * FROM '.$dbprefix.'user', ARRAY_A);
 	}
-	
+
 	function get_dc_posts()
 	{
 		// General Housekeeping
 		$dcdb = new wpdb(get_option('dcuser'), get_option('dcpass'), get_option('dcname'), get_option('dchost'));
 		set_magic_quotes_runtime(0);
-		$prefix = get_option('tpre');
-		
+		$dbprefix = get_option('dcdbprefix');
+
 		// Get Posts
-		return $dcdb->get_results('SELECT dc_post.*, dc_categorie.cat_libelle_url AS post_cat_name
-						FROM dc_post INNER JOIN dc_categorie
-						  ON dc_post.cat_id = dc_categorie.cat_id', ARRAY_A);
+		return $dcdb->get_results('SELECT '.$dbprefix.'post.*, '.$dbprefix.'categorie.cat_libelle_url AS post_cat_name
+						FROM '.$dbprefix.'post INNER JOIN '.$dbprefix.'categorie
+						ON '.$dbprefix.'post.cat_id = '.$dbprefix.'categorie.cat_id', ARRAY_A);
 	}
-	
+
 	function get_dc_comments()
 	{
 		global $wpdb;
 		// General Housekeeping
 		$dcdb = new wpdb(get_option('dcuser'), get_option('dcpass'), get_option('dcname'), get_option('dchost'));
 		set_magic_quotes_runtime(0);
-		$prefix = get_option('tpre');
-		
+		$dbprefix = get_option('dcdbprefix');
+
 		// Get Comments
-		return $dcdb->get_results('SELECT * FROM dc_comment', ARRAY_A);
+		return $dcdb->get_results('SELECT * FROM '.$dbprefix.'comment', ARRAY_A);
 	}
-	
+
 	function get_dc_links()
 	{
 		//General Housekeeping
 		$dcdb = new wpdb(get_option('dcuser'), get_option('dcpass'), get_option('dcname'), get_option('dchost'));
 		set_magic_quotes_runtime(0);
-		$prefix = get_option('tpre');
+		$dbprefix = get_option('dcdbprefix');

-		return $dcdb->get_results('SELECT * FROM dc_link ORDER BY position', ARRAY_A);
+		return $dcdb->get_results('SELECT * FROM '.$dbprefix.'link ORDER BY position', ARRAY_A);
 	}
-	
-	function cat2wp($categories='') 
+
+	function cat2wp($categories='')
 	{
 		// General Housekeeping
 		global $wpdb;
@@ -216,11 +202,11 @@ class Dotclear_Import {
 		if(is_array($categories))
 		{
 			echo '<p>'.__('Importing Categories...').'<br /><br /></p>';
-			foreach ($categories as $category) 
+			foreach ($categories as $category)
 			{
 				$count++;
 				extract($category);
-				
+
 				// Make Nice Variables
 				$name = $wpdb->escape($cat_libelle_url);
 				$title = $wpdb->escape(csc ($cat_libelle));
@@ -236,7 +222,7 @@ class Dotclear_Import {
 				}
 				$dccat2wpcat[$id] = $ret_id;
 			}
-			
+
 			// Store category translation for future use
 			add_option('dccat2wpcat',$dccat2wpcat);
 			echo '<p>'.sprintf(__('Done! <strong>%1$s</strong> categories imported.'), $count).'<br /><br /></p>';
@@ -245,14 +231,14 @@ class Dotclear_Import {
 		echo __('No Categories to Import!');
 		return false;
 	}
-	
+
 	function users2wp($users='')
 	{
 		// General Housekeeping
 		global $wpdb;
 		$count = 0;
 		$dcid2wpid = array();
-		
+
 		// Midnight Mojo
 		if(is_array($users))
 		{
@@ -261,14 +247,14 @@ class Dotclear_Import {
 			{
 				$count++;
 				extract($user);
-				
+
 				// Make Nice Variables
 				$name = $wpdb->escape(csc ($name));
 				$RealName = $wpdb->escape(csc ($user_pseudo));
-				
+
 				if($uinfo = get_userdatabylogin($name))
 				{
-					
+
 					$ret_id = wp_insert_user(array(
 								'ID'		=> $uinfo->ID,
 								'user_login'	=> $user_id,
@@ -278,7 +264,7 @@ class Dotclear_Import {
 								'display_name'	=> $Realname)
 								);
 				}
-				else 
+				else
 				{
 					$ret_id = wp_insert_user(array(
 								'user_login'	=> $user_id,
@@ -289,9 +275,9 @@ class Dotclear_Import {
 								);
 				}
 				$dcid2wpid[$user_id] = $ret_id;
-				
-				// Set Dotclear-to-WordPress permissions translation
-				
+
+				// Set DotClear-to-WordPress permissions translation
+
 				// Update Usermeta Data
 				$user = new WP_User($ret_id);
 				$wp_perms = $user_level + 1;
@@ -302,26 +288,26 @@ class Dotclear_Import {
 				else if(3  <= $wp_perms) { $user->set_role('contributor'); }
 				else if(2  <= $wp_perms) { $user->set_role('contributor'); }
 				else                     { $user->set_role('subscriber'); }
-				
+
 				update_usermeta( $ret_id, 'wp_user_level', $wp_perms);
 				update_usermeta( $ret_id, 'rich_editing', 'false');
 				update_usermeta( $ret_id, 'first_name', csc ($user_prenom));
 				update_usermeta( $ret_id, 'last_name', csc ($user_nom));
 			}// End foreach($users as $user)
-			
+
 			// Store id translation array for future use
 			add_option('dcid2wpid',$dcid2wpid);
-			
-			
+
+
 			echo '<p>'.sprintf(__('Done! <strong>%1$s</strong> users imported.'), $count).'<br /><br /></p>';
 			return true;
 		}// End if(is_array($users)
-		
+
 		echo __('No Users to Import!');
 		return false;
-		
+
 	}// End function user2wp()
-	
+
 	function posts2wp($posts='')
 	{
 		// General Housekeeping
@@ -338,17 +324,18 @@ class Dotclear_Import {
 			{
 				$count++;
 				extract($post);
-				
-				// Set Dotclear-to-WordPress status translation
+
+				// Set DotClear-to-WordPress status translation
 				$stattrans = array(0 => 'draft', 1 => 'publish');
 				$comment_status_map = array (0 => 'closed', 1 => 'open');
-				
+
 				//Can we do this more efficiently?
 				$uinfo = ( get_userdatabylogin( $user_id ) ) ? get_userdatabylogin( $user_id ) : 1;
 				$authorid = ( is_object( $uinfo ) ) ? $uinfo->ID : $uinfo ;

 				$Title = $wpdb->escape(csc ($post_titre));
 				$post_content = textconv ($post_content);
+				$post_excerpt = "";
 				if ($post_chapo != "") {
 					$post_excerpt = textconv ($post_chapo);
 					$post_content = $post_excerpt ."\n<!--more-->\n".$post_content;
@@ -356,9 +343,9 @@ class Dotclear_Import {
 				$post_excerpt = $wpdb->escape ($post_excerpt);
 				$post_content = $wpdb->escape ($post_content);
 				$post_status = $stattrans[$post_pub];
-				
+
 				// Import Post data into WordPress
-				
+
 				if($pinfo = post_exists($Title,$post_content))
 				{
 					$ret_id = wp_insert_post(array(
@@ -377,8 +364,10 @@ class Dotclear_Import {
 							'ping_status'		=> $comment_status_map[$post_open_tb],
 							'comment_count'		=> $post_nb_comment + $post_nb_trackback)
 							);
+					if ( is_wp_error( $ret_id ) )
+						return $ret_id;
 				}
-				else 
+				else
 				{
 					$ret_id = wp_insert_post(array(
 							'post_author'		=> $authorid,
@@ -395,23 +384,28 @@ class Dotclear_Import {
 							'ping_status'		=> $comment_status_map[$post_open_tb],
 							'comment_count'		=> $post_nb_comment + $post_nb_trackback)
 							);
+					if ( is_wp_error( $ret_id ) )
+						return $ret_id;
 				}
 				$dcposts2wpposts[$post_id] = $ret_id;
-				
+
 				// Make Post-to-Category associations
 				$cats = array();
-				if($cat1 = get_catbynicename($post_cat_name)) { $cats[1] = $cat1; }
+				$category1 = get_category_by_slug($post_cat_name);
+				$category1 = $category1->term_id;

-				if(!empty($cats)) { wp_set_post_cats('', $ret_id, $cats); }
+				if($cat1 = $category1) { $cats[1] = $cat1; }
+
+				if(!empty($cats)) { wp_set_post_categories($ret_id, $cats); }
 			}
 		}
 		// Store ID translation for later use
 		add_option('dcposts2wpposts',$dcposts2wpposts);
-		
+
 		echo '<p>'.sprintf(__('Done! <strong>%1$s</strong> posts imported.'), $count).'<br /><br /></p>';
-		return true;	
+		return true;
 	}
-	
+
 	function comments2wp($comments='')
 	{
 		// General Housekeeping
@@ -419,7 +413,7 @@ class Dotclear_Import {
 		$count = 0;
 		$dccm2wpcm = array();
 		$postarr = get_option('dcposts2wpposts');
-		
+
 		// Magic Mojo
 		if(is_array($comments))
 		{
@@ -428,16 +422,16 @@ class Dotclear_Import {
 			{
 				$count++;
 				extract($comment);
-				
+
 				// WordPressify Data
-				$comment_ID = ltrim($comment_id, '0');
-				$comment_post_ID = $postarr[$post_id];
+				$comment_ID = (int) ltrim($comment_id, '0');
+				$comment_post_ID = (int) $postarr[$post_id];
 				$comment_approved = "$comment_pub";
 				$name = $wpdb->escape(csc ($comment_auteur));
 				$email = $wpdb->escape($comment_email);
 				$web = "http://".$wpdb->escape($comment_site);
 				$message = $wpdb->escape(textconv ($comment_content));
-				
+
 				if($cinfo = comment_exists($name, $comment_dt))
 				{
 					// Update comments
@@ -454,7 +448,7 @@ class Dotclear_Import {
 							'comment_approved'	=> $comment_approved)
 							);
 				}
-				else 
+				else
 				{
 					// Insert comments
 					$ret_id = wp_insert_comment(array(
@@ -472,25 +466,25 @@ class Dotclear_Import {
 				$dccm2wpcm[$comment_ID] = $ret_id;
 			}
 			// Store Comment ID translation for future use
-			add_option('dccm2wpcm', $dccm2wpcm);			
-			
+			add_option('dccm2wpcm', $dccm2wpcm);
+
 			// Associate newly formed categories with posts
 			get_comment_count($ret_id);
-			
-			
+
+
 			echo '<p>'.sprintf(__('Done! <strong>%1$s</strong> comments imported.'), $count).'<br /><br /></p>';
 			return true;
 		}
 		echo __('No Comments to Import!');
 		return false;
 	}
-	
+
 	function links2wp($links='')
 	{
 		// General Housekeeping
 		global $wpdb;
 		$count = 0;
-		
+
 		// Deal with the links
 		if(is_array($links))
 		{
@@ -499,19 +493,18 @@ class Dotclear_Import {
 			{
 				$count++;
 				extract($link);
-				
+
 				if ($title != "") {
-					if ($cinfo = link_cat_exists (csc ($title))) {
-						$category = $cinfo;
+					if ($cinfo = is_term(csc ($title), 'link_category')) {
+						$category = $cinfo['term_id'];
 					} else {
-						$wpdb->query ("INSERT INTO $wpdb->linkcategories (cat_name) VALUES ('".
-							$wpdb->escape (csc ($title))."')");
-						$category = $wpdb->insert_id;
+						$category = wp_insert_term($wpdb->escape (csc ($title)), 'link_category');
+						$category = $category['term_id'];
 					}
 				} else {
 					$linkname = $wpdb->escape(csc ($label));
 					$description = $wpdb->escape(csc ($title));
-				
+
 					if($linfo = link_exists($linkname)) {
 						$ret_id = wp_insert_link(array(
 									'link_id'		=> $linfo,
@@ -540,70 +533,77 @@ class Dotclear_Import {
 		echo __('No Links to Import!');
 		return false;
 	}
-		
-	function import_categories() 
-	{	
-		// Category Import	
+
+	function import_categories()
+	{
+		// Category Import
 		$cats = $this->get_dc_cats();
 		$this->cat2wp($cats);
 		add_option('dc_cats', $cats);
-		
-		
-			
+
+
+
 		echo '<form action="admin.php?import=dotclear&amp;step=2" method="post">';
-		printf('<input type="submit" name="submit" value="%s" />', __('Import Users'));
+		wp_nonce_field('import-dotclear');
+		printf('<input type="submit" name="submit" value="%s" />', attribute_escape(__('Import Users')));
 		echo '</form>';

 	}
-	
+
 	function import_users()
 	{
 		// User Import
-		$users = $this->get_dc_users(); 
+		$users = $this->get_dc_users();
 		$this->users2wp($users);
-		
+
 		echo '<form action="admin.php?import=dotclear&amp;step=3" method="post">';
-		printf('<input type="submit" name="submit" value="%s" />', __('Import Posts'));
+		wp_nonce_field('import-dotclear');
+		printf('<input type="submit" name="submit" value="%s" />', attribute_escape(__('Import Posts')));
 		echo '</form>';
 	}
-	
+
 	function import_posts()
 	{
 		// Post Import
 		$posts = $this->get_dc_posts();
-		$this->posts2wp($posts);
-		
+		$result = $this->posts2wp($posts);
+		if ( is_wp_error( $result ) )
+			return $result;
+
 		echo '<form action="admin.php?import=dotclear&amp;step=4" method="post">';
-		printf('<input type="submit" name="submit" value="%s" />', __('Import Comments'));
+		wp_nonce_field('import-dotclear');
+		printf('<input type="submit" name="submit" value="%s" />', attribute_escape(__('Import Comments')));
 		echo '</form>';
 	}
-	
+
 	function import_comments()
 	{
 		// Comment Import
 		$comments = $this->get_dc_comments();
 		$this->comments2wp($comments);
-		
+
 		echo '<form action="admin.php?import=dotclear&amp;step=5" method="post">';
-		printf('<input type="submit" name="submit" value="%s" />', __('Import Links'));
+		wp_nonce_field('import-dotclear');
+		printf('<input type="submit" name="submit" value="%s" />', attribute_escape(__('Import Links')));
 		echo '</form>';
 	}
-	
+
 	function import_links()
 	{
 		//Link Import
 		$links = $this->get_dc_links();
 		$this->links2wp($links);
 		add_option('dc_links', $links);
-		
+
 		echo '<form action="admin.php?import=dotclear&amp;step=6" method="post">';
-		printf('<input type="submit" name="submit" value="%s" />', __('Finish'));
+		wp_nonce_field('import-dotclear');
+		printf('<input type="submit" name="submit" value="%s" />', attribute_escape(__('Finish')));
 		echo '</form>';
 	}
-	
+
 	function cleanup_dcimport()
 	{
-		delete_option('tpre');
+		delete_option('dcdbprefix');
 		delete_option('dc_cats');
 		delete_option('dcid2wpid');
 		delete_option('dccat2wpcat');
@@ -617,39 +617,39 @@ class Dotclear_Import {
 		delete_option('dccharset');
 		$this->tips();
 	}
-	
+
 	function tips()
 	{
-		echo '<p>'.__('Welcome to WordPress.  We hope (and expect!) that you will find this platform incredibly rewarding!  As a new WordPress user coming from Dotclear, there are some things that we would like to point out.  Hopefully, they will help your transition go as smoothly as possible.').'</p>';
+		echo '<p>'.__('Welcome to WordPress.  We hope (and expect!) that you will find this platform incredibly rewarding!  As a new WordPress user coming from DotClear, there are some things that we would like to point out.  Hopefully, they will help your transition go as smoothly as possible.').'</p>';
 		echo '<h3>'.__('Users').'</h3>';
-		echo '<p>'.sprintf(__('You have already setup WordPress and have been assigned an administrative login and password.  Forget it.  You didn\'t have that login in Dotclear, why should you have it here?  Instead we have taken care to import all of your users into our system.  Unfortunately there is one downside.  Because both WordPress and Dotclear uses a strong encryption hash with passwords, it is impossible to decrypt it and we are forced to assign temporary passwords to all your users.  <strong>Every user has the same username, but their passwords are reset to password123.</strong>  So <a href="%1$s">Login</a> and change it.'), '/wp-login.php').'</p>';
+		echo '<p>'.sprintf(__('You have already setup WordPress and have been assigned an administrative login and password.  Forget it.  You didn\'t have that login in DotClear, why should you have it here?  Instead we have taken care to import all of your users into our system.  Unfortunately there is one downside.  Because both WordPress and DotClear uses a strong encryption hash with passwords, it is impossible to decrypt it and we are forced to assign temporary passwords to all your users.  <strong>Every user has the same username, but their passwords are reset to password123.</strong>  So <a href="%1$s">Login</a> and change it.'), '/wp-login.php').'</p>';
 		echo '<h3>'.__('Preserving Authors').'</h3>';
 		echo '<p>'.__('Secondly, we have attempted to preserve post authors.  If you are the only author or contributor to your blog, then you are safe.  In most cases, we are successful in this preservation endeavor.  However, if we cannot ascertain the name of the writer due to discrepancies between database tables, we assign it to you, the administrative user.').'</p>';
 		echo '<h3>'.__('Textile').'</h3>';
-		echo '<p>'.__('Also, since you\'re coming from Dotclear, you probably have been using Textile to format your comments and posts.  If this is the case, we recommend downloading and installing <a href="http://www.huddledmasses.org/2004/04/19/wordpress-plugin-textile-20/">Textile for WordPress</a>.  Trust me... You\'ll want it.').'</p>';
+		echo '<p>'.__('Also, since you\'re coming from DotClear, you probably have been using Textile to format your comments and posts.  If this is the case, we recommend downloading and installing <a href="http://www.huddledmasses.org/category/development/wordpress/textile/">Textile for WordPress</a>.  Trust me... You\'ll want it.').'</p>';
 		echo '<h3>'.__('WordPress Resources').'</h3>';
 		echo '<p>'.__('Finally, there are numerous WordPress resources around the internet.  Some of them are:').'</p>';
 		echo '<ul>';
 		echo '<li>'.__('<a href="http://www.wordpress.org">The official WordPress site</a>').'</li>';
-		echo '<li>'.__('<a href="http://wordpress.org/support/">The WordPress support forums').'</li>';
+		echo '<li>'.__('<a href="http://wordpress.org/support/">The WordPress support forums</a>').'</li>';
 		echo '<li>'.__('<a href="http://codex.wordpress.org">The Codex (In other words, the WordPress Bible)</a>').'</li>';
 		echo '</ul>';
-		echo '<p>'.sprintf(__('That\'s it! What are you waiting for? Go <a href="%1$s">login</a>!'), '/wp-login.php').'</p>';
+		echo '<p>'.sprintf(__('That\'s it! What are you waiting for? Go <a href="%1$s">login</a>!'), '../wp-login.php').'</p>';
 	}
-	
+
 	function db_form()
 	{
-		echo '<ul>';
-		printf('<li><label for="dbuser">%s</label> <input type="text" name="dbuser" /></li>', __('Dotclear Database User:'));
-		printf('<li><label for="dbpass">%s</label> <input type="password" name="dbpass" /></li>', __('Dotclear Database Password:'));
-		printf('<li><label for="dbname">%s</label> <input type="text" name="dbname" /></li>', __('Dotclear Database Name:'));
-		printf('<li><label for="dbhost">%s</label> <input type="text" name="dbhost" value="localhost" /></li>', __('Dotclear Database Host:'));
-		/* printf('<li><label for="dbprefix">%s</label> <input type="text" name="dbprefix" /></li>', __('Dotclear Table prefix (if any):')); */
-		printf('<li><label for="dccharset">%s</label> <input type="text" name="dccharset" value="ISO-8859-15"/></li>', __('Originating character set:'));
-		echo '</ul>';
+		echo '<table class="editform">';
+		printf('<tr><th><label for="dbuser">%s</label></th><td><input type="text" name="dbuser" id="dbuser" /></td></tr>', __('DotClear Database User:'));
+		printf('<tr><th><label for="dbpass">%s</label></th><td><input type="password" name="dbpass" id="dbpass" /></td></tr>', __('DotClear Database Password:'));
+		printf('<tr><th><label for="dbname">%s</label></th><td><input type="text" name="dbname" id="dbname" /></td></tr>', __('DotClear Database Name:'));
+		printf('<tr><th><label for="dbhost">%s</label></th><td><input type="text" name="dbhost" nameid="dbhost" value="localhost" /></td></tr>', __('DotClear Database Host:'));
+		printf('<tr><th><label for="dbprefix">%s</label></th><td><input type="text" name="dbprefix" id="dbprefix" value="dc_"/></td></tr>', __('DotClear Table prefix:'));
+		printf('<tr><th><label for="dccharset">%s</label></th><td><input type="text" name="dccharset" id="dccharset" value="ISO-8859-15"/></td></tr>', __('Originating character set:'));
+		echo '</table>';
 	}
-	
-	function dispatch() 
+
+	function dispatch()
 	{

 		if (empty ($_GET['step']))
@@ -657,51 +657,53 @@ class Dotclear_Import {
 		else
 			$step = (int) $_GET['step'];
 		$this->header();
-		
-		if ( $step > 0 ) 
+
+		if ( $step > 0 )
 		{
+			check_admin_referer('import-dotclear');
+
 			if($_POST['dbuser'])
 			{
 				if(get_option('dcuser'))
-					delete_option('dcuser');	
-				add_option('dcuser',$_POST['dbuser']);
+					delete_option('dcuser');
+				add_option('dcuser', sanitize_user($_POST['dbuser'], true));
 			}
 			if($_POST['dbpass'])
 			{
 				if(get_option('dcpass'))
-					delete_option('dcpass');	
-				add_option('dcpass',$_POST['dbpass']);
+					delete_option('dcpass');
+				add_option('dcpass', sanitize_user($_POST['dbpass'], true));
 			}
-			
+
 			if($_POST['dbname'])
 			{
 				if(get_option('dcname'))
-					delete_option('dcname');	
-				add_option('dcname',$_POST['dbname']);
+					delete_option('dcname');
+				add_option('dcname', sanitize_user($_POST['dbname'], true));
 			}
 			if($_POST['dbhost'])
 			{
 				if(get_option('dchost'))
 					delete_option('dchost');
-				add_option('dchost',$_POST['dbhost']); 
+				add_option('dchost', sanitize_user($_POST['dbhost'], true));
 			}
 			if($_POST['dccharset'])
 			{
 				if(get_option('dccharset'))
 					delete_option('dccharset');
-				add_option('dccharset',$_POST['dccharset']); 
-			}			
+				add_option('dccharset', sanitize_user($_POST['dccharset'], true));
+			}
 			if($_POST['dbprefix'])
 			{
-				if(get_option('tpre'))
-					delete_option('tpre');
-				add_option('tpre',$_POST['dbprefix']); 
-			}			
+				if(get_option('dcdbprefix'))
+					delete_option('dcdbprefix');
+				add_option('dcdbprefix', sanitize_user($_POST['dbprefix'], true));
+			}


 		}

-		switch ($step) 
+		switch ($step)
 		{
 			default:
 			case 0 :
@@ -714,7 +716,9 @@ class Dotclear_Import {
 				$this->import_users();
 				break;
 			case 3 :
-				$this->import_posts();
+				$result = $this->import_posts();
+				if ( is_wp_error( $result ) )
+					echo $result->get_error_message();
 				break;
 			case 4 :
 				$this->import_comments();
@@ -726,16 +730,16 @@ class Dotclear_Import {
 				$this->cleanup_dcimport();
 				break;
 		}
-		
+
 		$this->footer();
 	}

-	function Dotclear_Import() 
+	function Dotclear_Import()
 	{
-		// Nothing.	
+		// Nothing.
 	}
 }

 $dc_import = new Dotclear_Import();
-register_importer('dotclear', 'Dotclear', __('Import posts from a Dotclear Blog'), array ($dc_import, 'dispatch'));
+register_importer('dotclear', __('DotClear'), __('Import categories, users, posts, comments, and links from a DotClear blog'), array ($dc_import, 'dispatch'));
 ?>
--- a/wp-admin/import/greymatter.php
+++ b/wp-admin/import/greymatter.php
@@ -0,0 +1,322 @@
+<?php
+
+class GM_Import {
+
+	var $gmnames = array ();
+
+	function header() {
+		echo '<div class="wrap">';
+		echo '<h2>'.__('Import GreyMatter').'</h2>';
+	}
+
+	function footer() {
+		echo '</div>';
+	}
+
+	function greet() {
+		$this->header();
+?>
+<p><?php _e('This is a basic GreyMatter to WordPress import script.') ?></p>
+<p><?php _e('What it does:') ?></p>
+<ul>
+<li><?php _e('Parses gm-authors.cgi to import (new) authors. Everyone is imported at level 1.') ?></li>
+<li><?php _e('Parses the entries cgi files to import posts, comments, and karma on posts (although karma is not used on WordPress yet).<br />If authors are found not to be in gm-authors.cgi, imports them at level 0.') ?></li>
+<li><?php _e("Detects duplicate entries or comments. If you don't import everything the first time, or this import should fail in the middle, duplicate entries will not be made when you try again.") ?></li>
+</ul>
+<p><?php _e('What it does not:') ?></p>
+<ul>
+<li><?php _e('Parse gm-counter.cgi, gm-banlist.cgi, gm-cplog.cgi (you can make a CP log hack if you really feel like it, but I question the need of a CP log).') ?></li>
+<li><?php _e('Import gm-templates.') ?></li>
+<li><?php _e("Doesn't keep entries on top.")?></li>
+</ul>
+<p>&nbsp;</p>
+
+<form name="stepOne" method="get">
+<input type="hidden" name="import" value="greymatter" />
+<input type="hidden" name="step" value="1" />
+<?php wp_nonce_field('import-greymatter'); ?>
+<h3><?php _e('Second step: GreyMatter details:') ?></h3>
+<p><table cellpadding="0">
+<tr>
+<td><?php _e('Path to GM files:') ?></td>
+<td><input type="text" style="width:300px" name="gmpath" value="/home/my/site/cgi-bin/greymatter/" /></td>
+</tr>
+<tr>
+<td><?php _e('Path to GM entries:') ?></td>
+<td><input type="text" style="width:300px" name="archivespath" value="/home/my/site/cgi-bin/greymatter/archives/" /></td>
+</tr>
+<tr>
+<td colspan="2"><br /><?php _e("This importer will search for files 00000001.cgi to 000-whatever.cgi,<br />so you need to enter the number of the last GM post here.<br />(if you don't know that number, just log into your FTP and look it out<br />in the entries' folder)") ?></td>
+</tr>
+<tr>
+<td><?php _e("Last entry's number:") ?></td>
+<td><input type="text" name="lastentry" value="00000001" /></td>
+</tr>
+</table>
+</p>
+<p><?php _e("When you're ready, click OK to start importing: ") ?><input type="submit" name="submit" value="<?php _e('OK') ?>" class="search" /></p>
+</form>
+<p>&nbsp</p>
+<?php
+		$this->footer();
+	}
+
+
+
+	function gm2autobr($string) { // transforms GM's |*| into b2's <br />\n
+		$string = str_replace("|*|","<br />\n",$string);
+		return($string);
+	}
+
+	function import() {
+		global $wpdb;
+
+		$wpvarstoreset = array('gmpath', 'archivespath', 'lastentry');
+		for ($i=0; $i<count($wpvarstoreset); $i += 1) {
+			$wpvar = $wpvarstoreset[$i];
+			if (!isset($$wpvar)) {
+				if (empty($_POST["$wpvar"])) {
+					if (empty($_GET["$wpvar"])) {
+						$$wpvar = '';
+					} else {
+						$$wpvar = $_GET["$wpvar"];
+					}
+				} else {
+					$$wpvar = $_POST["$wpvar"];
+				}
+			}
+		}
+
+		if (!chdir($archivespath))
+			wp_die(__("Wrong path, the path to the GM entries does not exist on the server"));
+
+		if (!chdir($gmpath))
+			wp_die(__("Wrong path, the path to the GM files does not exist on the server"));
+
+		$lastentry = (int) $lastentry;
+
+		$this->header();
+?>
+<p><?php _e('The importer is running...') ?></p>
+<ul>
+<li><?php _e('importing users...') ?><ul><?php
+
+	chdir($gmpath);
+	$userbase = file("gm-authors.cgi");
+
+	foreach($userbase as $user) {
+		$userdata=explode("|", $user);
+
+		$user_ip="127.0.0.1";
+		$user_domain="localhost";
+		$user_browser="server";
+
+		$s=$userdata[4];
+		$user_joindate=substr($s,6,4)."-".substr($s,0,2)."-".substr($s,3,2)." 00:00:00";
+
+		$user_login=$wpdb->escape($userdata[0]);
+		$pass1=$wpdb->escape($userdata[1]);
+		$user_nickname=$wpdb->escape($userdata[0]);
+		$user_email=$wpdb->escape($userdata[2]);
+		$user_url=$wpdb->escape($userdata[3]);
+		$user_joindate=$wpdb->escape($user_joindate);
+
+		$user_id = username_exists($user_login);
+		if ($user_id) {
+			printf('<li>'.__('user %s').'<strong>'.__('Already exists').'</strong></li>', "<em>$user_login</em>");
+			$this->gmnames[$userdata[0]] = $user_id;
+			continue;
+		}
+
+		$user_info = array("user_login"=>"$user_login", "user_pass"=>"$pass1", "user_nickname"=>"$user_nickname", "user_email"=>"$user_email", "user_url"=>"$user_url", "user_ip"=>"$user_ip", "user_domain"=>"$user_domain", "user_browser"=>"$user_browser", "dateYMDhour"=>"$user_joindate", "user_level"=>"1", "user_idmode"=>"nickname");
+		$user_id = wp_insert_user($user_info);
+		$this->gmnames[$userdata[0]] = $user_id;
+
+		printf('<li>'.__('user %s...').' <strong>'.__('Done').'</strong></li>', "<em>$user_login</em>");
+	}
+
+?></ul><strong><?php _e('Done') ?></strong></li>
+<li><?php _e('importing posts, comments, and karma...') ?><br /><ul><?php
+
+	chdir($archivespath);
+
+	for($i = 0; $i <= $lastentry; $i = $i + 1) {
+
+		$entryfile = "";
+
+		if ($i<10000000) {
+			$entryfile .= "0";
+			if ($i<1000000) {
+				$entryfile .= "0";
+				if ($i<100000) {
+					$entryfile .= "0";
+					if ($i<10000) {
+						$entryfile .= "0";
+						if ($i<1000) {
+							$entryfile .= "0";
+							if ($i<100) {
+								$entryfile .= "0";
+								if ($i<10) {
+									$entryfile .= "0";
+		}}}}}}}
+
+		$entryfile .= "$i";
+
+		if (is_file($entryfile.".cgi")) {
+
+			$entry=file($entryfile.".cgi");
+			$postinfo=explode("|",$entry[0]);
+			$postmaincontent=$this->gm2autobr($entry[2]);
+			$postmorecontent=$this->gm2autobr($entry[3]);
+
+			$post_author=trim($wpdb->escape($postinfo[1]));
+
+			$post_title=$this->gm2autobr($postinfo[2]);
+			printf('<li>'.__('entry # %s : %s : by %s'), $entryfile, $post_title, $postinfo[1]);
+			$post_title=$wpdb->escape($post_title);
+
+			$postyear=$postinfo[6];
+			$postmonth=zeroise($postinfo[4],2);
+			$postday=zeroise($postinfo[5],2);
+			$posthour=zeroise($postinfo[7],2);
+			$postminute=zeroise($postinfo[8],2);
+			$postsecond=zeroise($postinfo[9],2);
+
+			if (($postinfo[10]=="PM") && ($posthour!="12"))
+				$posthour=$posthour+12;
+
+			$post_date="$postyear-$postmonth-$postday $posthour:$postminute:$postsecond";
+
+			$post_content=$postmaincontent;
+			if (strlen($postmorecontent)>3)
+				$post_content .= "<!--more--><br /><br />".$postmorecontent;
+			$post_content=$wpdb->escape($post_content);
+
+			$post_karma=$postinfo[12];
+
+			$post_status = 'publish'; //in greymatter, there are no drafts
+			$comment_status = 'open';
+			$ping_status = 'closed';
+
+			if ($post_ID = post_exists($post_title, '', $post_date)) {
+				echo ' ';
+				_e('(already exists)');
+			} else {
+				//just so that if a post already exists, new users are not created by checkauthor
+				// we'll check the author is registered, or if it's a deleted author
+				$user_id = username_exists($post_author);
+				if (!$user_id) {	// if deleted from GM, we register the author as a level 0 user
+					$user_ip="127.0.0.1";
+					$user_domain="localhost";
+					$user_browser="server";
+					$user_joindate="1979-06-06 00:41:00";
+					$user_login=$wpdb->escape($post_author);
+					$pass1=$wpdb->escape("password");
+					$user_nickname=$wpdb->escape($post_author);
+					$user_email=$wpdb->escape("user@deleted.com");
+					$user_url=$wpdb->escape("");
+					$user_joindate=$wpdb->escape($user_joindate);
+
+					$user_info = array("user_login"=>$user_login, "user_pass"=>$pass1, "user_nickname"=>$user_nickname, "user_email"=>$user_email, "user_url"=>$user_url, "user_ip"=>$user_ip, "user_domain"=>$user_domain, "user_browser"=>$user_browser, "dateYMDhour"=>$user_joindate, "user_level"=>0, "user_idmode"=>"nickname");
+					$user_id = wp_insert_user($user_info);
+					$this->gmnames[$postinfo[1]] = $user_id;
+
+					echo ': ';
+					printf(__('registered deleted user %s at level 0 '), "<em>$user_login</em>");
+				}
+
+				if (array_key_exists($postinfo[1], $this->gmnames)) {
+					$post_author = $this->gmnames[$postinfo[1]];
+				} else {
+					$post_author = $user_id;
+				}
+
+				$postdata = compact('post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_title', 'post_excerpt', 'post_status', 'comment_status', 'ping_status', 'post_modified', 'post_modified_gmt');
+				$post_ID = wp_insert_post($postdata);
+				if ( is_wp_error( $post_ID ) )
+					return $post_ID;
+			}
+
+			$c=count($entry);
+			if ($c>4) {
+				$numAddedComments = 0;
+				$numComments = 0;
+				for ($j=4;$j<$c;$j++) {
+					$entry[$j]=$this->gm2autobr($entry[$j]);
+					$commentinfo=explode("|",$entry[$j]);
+					$comment_post_ID=$post_ID;
+					$comment_author=$wpdb->escape($commentinfo[0]);
+					$comment_author_email=$wpdb->escape($commentinfo[2]);
+					$comment_author_url=$wpdb->escape($commentinfo[3]);
+					$comment_author_IP=$wpdb->escape($commentinfo[1]);
+
+					$commentyear=$commentinfo[7];
+					$commentmonth=zeroise($commentinfo[5],2);
+					$commentday=zeroise($commentinfo[6],2);
+					$commenthour=zeroise($commentinfo[8],2);
+					$commentminute=zeroise($commentinfo[9],2);
+					$commentsecond=zeroise($commentinfo[10],2);
+					if (($commentinfo[11]=="PM") && ($commenthour!="12"))
+						$commenthour=$commenthour+12;
+					$comment_date="$commentyear-$commentmonth-$commentday $commenthour:$commentminute:$commentsecond";
+
+					$comment_content=$wpdb->escape($commentinfo[12]);
+
+					if (!comment_exists($comment_author, $comment_date)) {
+						$commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_url', 'comment_author_email', 'comment_author_IP', 'comment_date', 'comment_content', 'comment_approved');
+						$commentdata = wp_filter_comment($commentdata);
+						wp_insert_comment($commentdata);
+						$numAddedComments++;
+					}
+					$numComments++;
+				}
+				if ($numAddedComments > 0) {
+					echo ': ';
+					printf(__('imported %d comment(s)'), $numAddedComments);
+				}
+				$preExisting = $numComments - numAddedComments;
+				if ($preExisting > 0) {
+					echo ' ';
+					printf(__('ignored %d pre-existing comments'), $preExisting);
+				}
+			}
+			echo '... <strong>'.__('Done').'</strong></li>';
+		}
+	}
+	?>
+</ul><strong><?php _e('Done') ?></strong></li></ul>
+<p>&nbsp;</p>
+<p><?php _e('Completed GreyMatter import!') ?></p>
+<?php
+	$this->footer();
+	return;
+	}
+
+	function dispatch() {
+		if (empty ($_GET['step']))
+			$step = 0;
+		else
+			$step = (int) $_GET['step'];
+
+		switch ($step) {
+			case 0 :
+				$this->greet();
+				break;
+			case 1:
+				check_admin_referer('import-greymatter');
+				$result = $this->import();
+				if ( is_wp_error( $result ) )
+					echo $result->get_error_message();
+				break;
+		}
+	}
+
+	function GM_Import() {
+		// Nothing.
+	}
+}
+
+$gm_import = new GM_Import();
+
+register_importer('greymatter', __('GreyMatter'), __('Import users, posts, and comments from a Greymatter blog'), array ($gm_import, 'dispatch'));
+?>
--- a/wp-admin/import/jkw.php
+++ b/wp-admin/import/jkw.php
@@ -0,0 +1,178 @@
+<?php
+
+class JeromesKeyword_Import {
+
+	function header() {
+		echo '<div class="wrap">';
+		echo '<h2>'.__('Import Jerome&#8217;s Keywords').'</h2>';
+		echo '<p>'.__('Steps may take a few minutes depending on the size of your database. Please be patient.').'<br /><br /></p>';
+	}
+
+	function footer() {
+		echo '</div>';
+	}
+
+	function greet() {
+		echo '<div class="narrow">';
+		echo '<p>'.__('Howdy! This imports tags from an existing Jerome&#8217;s Keywords installation into this blog using the new WordPress native tagging structure.').'</p>';
+		echo '<p>'.__('This is suitable for Jerome&#8217;s Keywords version 1.x and 2.0a.').'</p>';
+		echo '<p><strong>'.__('All existing Jerome&#8217;s Keywords will be removed after import.').'</strong></p>';
+		echo '<p><strong>'.__('Don&#8217;t be stupid - backup your database before proceeding!').'</strong></p>';
+		echo '<form action="admin.php?import=jkw&amp;step=1" method="post">';
+		wp_nonce_field('import-jkw');
+		echo '<p class="submit"><input type="submit" name="submit" value="'.__('Import Version 1.x &raquo;').'" /></p>';
+		echo '</form>';
+		echo '<form action="admin.php?import=jkw&amp;step=3" method="post">';
+		wp_nonce_field('import-jkw');
+		echo '<p class="submit"><input type="submit" name="submit" value="'.__('Import Version 2.0a &raquo;').'" /></p>';
+		echo '</form>';
+		echo '</div>';
+	}
+
+	function dispatch() {
+		if ( empty($_GET['step']) )
+			$step = 0;
+		else
+			$step = abs(intval($_GET['step']));
+
+		// load the header
+		$this->header();
+
+		switch ( $step ) {
+			case 0 :
+				$this->greet();
+				break;
+			case 1 :
+				check_admin_referer('import-jkw');
+				$this->check_V1_post_keyword( true );
+				break;
+			case 2 :
+				check_admin_referer('import-jkw');
+				$this->check_V1_post_keyword( false );
+				break;
+			case 3 :
+				check_admin_referer('import-jkw');
+				$this->check_V2_post_keyword( true );
+				break;
+			case 4 :
+				check_admin_referer('import-jkw');
+				$this->check_V2_post_keyword( false );
+				break;
+			case 5:
+				check_admin_referer('import-jkw');
+				$this->cleanup_V2_import();
+				break;
+			case 6:
+				$this->done();
+				break;
+		}
+
+		// load the footer
+		$this->footer();
+	}
+
+	function check_V1_post_keyword($precheck = true) {
+		global $wpdb;
+
+		echo '<div class="narrow">';
+		echo '<p><h3>'.__('Reading Jerome&#8217;s Keywords Tags&#8230;').'</h3></p>';
+
+		// import Jerome's Keywords tags 
+		$metakeys = $wpdb->get_results("SELECT post_id, meta_id, meta_key, meta_value FROM $wpdb->postmeta WHERE $wpdb->postmeta.meta_key = 'keywords'");
+		if ( !is_array($metakeys)) {
+			echo '<p>' . __('No Tags Found!') . '</p>';
+			return false;
+		} else {
+			$count = count($metakeys);
+			echo '<p>' . sprintf( __('Done! <strong>%s</strong> posts with tags were read.'), $count ) . '<br /></p>';
+			echo '<ul>';
+			foreach ( $metakeys as $post_meta ) {
+				if ( $post_meta->meta_value != '' ) {
+					$post_keys = explode(',', $post_meta->meta_value);
+					foreach ( $post_keys as $keyword ) {
+						$keyword = addslashes(trim($keyword));
+						if ( '' != $keyword ) {
+							echo '<li>' . $post_meta->post_id . '&nbsp;-&nbsp;' . $keyword . '</li>';
+							if ( !$precheck )
+								wp_add_post_tags($post_meta->post_id, $keyword);
+						}
+					}
+				}
+				if ( !$precheck )
+					delete_post_meta($post_meta->post_id, 'keywords');
+			}
+			echo '</ul>';
+		}
+
+		echo '<form action="admin.php?import=jkw&amp;step='.($precheck? 2:6).'" method="post">';
+		wp_nonce_field('import-jkw');
+		echo '<p class="submit"><input type="submit" name="submit" value="'.__('Next &raquo;').'" /></p>';
+		echo '</form>';
+		echo '</div>';
+	}
+
+	function check_V2_post_keyword($precheck = true) {
+		global $wpdb;
+
+		echo '<div class="narrow">';
+		echo '<p><h3>'.__('Reading Jerome&#8217;s Keywords Tags&#8230;').'</h3></p>';
+
+		// import Jerome's Keywords tags 
+		$tablename = $wpdb->prefix . substr(get_option('jkeywords_keywords_table'), 1, -1);
+		$metakeys = $wpdb->get_results("SELECT post_id, tag_name FROM $tablename");
+		if ( !is_array($metakeys) ) {
+			echo '<p>' . __('No Tags Found!') . '</p>';
+			return false;
+		} else {
+			$count = count($metakeys);
+			echo '<p>' . sprintf( __('Done! <strong>%s</strong> tags were read.'), $count ) . '<br /></p>';
+			echo '<ul>';
+			foreach ( $metakeys as $post_meta ) {
+				$keyword = addslashes(trim($post_meta->tag_name));
+				if ( $keyword != '' ) {
+					echo '<li>' . $post_meta->post_id . '&nbsp;-&nbsp;' . $keyword . '</li>';
+					if ( !$precheck )
+						wp_add_post_tags($post_meta->post_id, $keyword);
+				}
+			}
+		echo '</ul>';
+		}
+		echo '<form action="admin.php?import=jkw&amp;step='.($precheck? 4:5).'" method="post">';
+		wp_nonce_field('import-jkw');
+		echo '<p class="submit"><input type="submit" name="submit" value="'.__('Next &raquo;').'" /></p>';
+		echo '</form>';
+		echo '</div>';
+	}
+
+	function cleanup_V2_import() {
+		global $wpdb;
+
+		/* options from V2.0a (jeromes-keywords.php) */
+		$options = array('version', 'keywords_table', 'query_varname', 'template', 'meta_always_include', 'meta_includecats', 'meta_autoheader', 'search_strict', 'use_feed_cats', 'post_linkformat', 'post_tagseparator', 'post_includecats', 'post_notagstext', 'cloud_linkformat', 'cloud_tagseparator', 'cloud_includecats', 'cloud_sortorder', 'cloud_displaymax', 'cloud_displaymin', 'cloud_scalemax', 'cloud_scalemin');
+
+		$wpdb->query('DROP TABLE IF EXISTS ' . $wpdb->prefix . substr(get_option('jkeywords_keywords_table'), 1, -1));
+
+		foreach ( $options as $o )
+			delete_option('jkeywords_' . $o);
+
+		$this->done();
+	}
+
+	function done() {
+		echo '<div class="narrow">';
+		echo '<p><h3>'.__('Import Complete!').'</h3></p>';
+		echo '</div>';
+	}
+
+	function JeromesKeyword_Import() {
+	}
+
+}
+
+// create the import object
+$jkw_import = new JeromesKeyword_Import();
+
+// add it to the import page!
+register_importer('jkw', 'Jerome&#8217;s Keywords', __('Import Jerome&#8217;s Keywords into the new native tagging structure.'), array($jkw_import, 'dispatch'));
+
+?>
--- a/wp-admin/import/livejournal.php
+++ b/wp-admin/import/livejournal.php
@@ -18,15 +18,18 @@ class LJ_Import {
 		$trans_tbl = array_flip($trans_tbl);
 		return strtr($string, $trans_tbl);
 	}
-	
+
 	function greet() {
-		echo '<p>'.__('Howdy! This importer allows you to extract posts from LiveJournal XML export file into your blog.  Pick a LiveJournal file to upload and click Import.').'</p>';
+		echo '<div class="narrow">';
+		echo '<p>'.__('Howdy! Upload your LiveJournal XML export file and we&#8217;ll import the posts into this blog.').'</p>';
+		echo '<p>'.__('Choose a LiveJournal XML file to upload, then click Upload file and import.').'</p>';
 		wp_import_upload_form("admin.php?import=livejournal&amp;step=1");
+		echo '</div>';
 	}

 	function import_posts() {
 		global $wpdb, $current_user;
-		
+
 		set_magic_quotes_runtime(0);
 		$importdata = file($this->file); // Read the file into an array
 		$importdata = implode('', $importdata); // squish it
@@ -35,9 +38,8 @@ class LJ_Import {
 		preg_match_all('|<entry>(.*?)</entry>|is', $importdata, $posts);
 		$posts = $posts[1];
 		unset($importdata);
-		echo '<ol>';		
+		echo '<ol>';
 		foreach ($posts as $post) {
-			flush();
 			preg_match('|<subject>(.*?)</subject>|is', $post, $post_title);
 			$post_title = $wpdb->escape(trim($post_title[1]));
 			if ( empty($post_title) ) {
@@ -47,7 +49,7 @@ class LJ_Import {

 			preg_match('|<eventtime>(.*?)</eventtime>|is', $post, $post_date);
 			$post_date = strtotime($post_date[1]);
-			$post_date = gmdate('Y-m-d H:i:s', $post_date);
+			$post_date = date('Y-m-d H:i:s', $post_date);

 			preg_match('|<event>(.*?)</event>|is', $post, $post_content);
 			$post_content = str_replace(array ('<![CDATA[', ']]>'), '', trim($post_content[1]));
@@ -69,6 +71,8 @@ class LJ_Import {
 				printf(__('Importing post <i>%s</i>...'), stripslashes($post_title));
 				$postdata = compact('post_author', 'post_date', 'post_content', 'post_title', 'post_status');
 				$post_id = wp_insert_post($postdata);
+				if ( is_wp_error( $post_id ) )
+					return $post_id;
 				if (!$post_id) {
 					_e("Couldn't get post ID");
 					echo '</li>';
@@ -78,9 +82,9 @@ class LJ_Import {

 			preg_match_all('|<comment>(.*?)</comment>|is', $post, $comments);
 			$comments = $comments[1];
-			
+
 			if ( $comments ) {
-				$comment_post_ID = $post_id;
+				$comment_post_ID = (int) $post_id;
 				$num_comments = 0;
 				foreach ($comments as $comment) {
 					preg_match('|<event>(.*?)</event>|is', $comment, $comment_content);
@@ -118,8 +122,6 @@ class LJ_Import {
 				printf(__('(%s comments)'), $num_comments);
 			}
 			echo '</li>';
-			flush();
-			ob_flush();
 		}
 		echo '</ol>';
 	}
@@ -132,9 +134,11 @@ class LJ_Import {
 		}

 		$this->file = $file['file'];
-		$this->import_posts();
+		$result = $this->import_posts();
+		if ( is_wp_error( $result ) )
+			return $result;
 		wp_import_cleanup($file['id']);
-		
+
 		echo '<h3>';
 		printf(__('All done. <a href="%s">Have fun!</a>'), get_option('home'));
 		echo '</h3>';
@@ -147,25 +151,28 @@ class LJ_Import {
 			$step = (int) $_GET['step'];

 		$this->header();
-		
+
 		switch ($step) {
 			case 0 :
 				$this->greet();
 				break;
 			case 1 :
-				$this->import();
+				check_admin_referer('import-upload');
+				$result = $this->import();
+				if ( is_wp_error( $result ) )
+					echo $result->get_error_message();
 				break;
 		}
-		
+
 		$this->footer();
 	}

 	function LJ_Import() {
-		// Nothing.	
+		// Nothing.
 	}
 }

 $livejournal_import = new LJ_Import();

-register_importer('livejournal', 'LiveJournal', __('Import posts from LiveJournal'), array ($livejournal_import, 'dispatch'));
+register_importer('livejournal', __('LiveJournal'), __('Import posts from a LiveJournal XML export file'), array ($livejournal_import, 'dispatch'));
 ?>
--- a/wp-admin/import/mt.php
+++ b/wp-admin/import/mt.php
@@ -11,7 +11,7 @@ class MT_Import {

 	function header() {
 		echo '<div class="wrap">';
-		echo '<h2>'.__('Import Movable Type').'</h2>';
+		echo '<h2>'.__('Import Movable Type or TypePad').'</h2>';
 	}

 	function footer() {
@@ -21,9 +21,20 @@ class MT_Import {
 	function greet() {
 		$this->header();
 ?>
-<p><?php _e('Howdy! We&#8217;re about to begin the process to import all of your Movable Type entries into WordPress. To begin, select a file to upload and click Import.'); ?></p>
+<div class="narrow">
+<p><?php _e('Howdy! We&#8217;re about to begin importing all of your Movable Type or Typepad entries into WordPress. To begin, either choose a file to upload and click "Upload file and import," or use FTP to upload your MT export file as <code>mt-export.txt</code> in your <code>/wp-content/</code> directory and then click "Import mt-export.txt"'); ?></p>
 <?php wp_import_upload_form( add_query_arg('step', 1) ); ?>
-	<p><?php _e('The importer is smart enough not to import duplicates, so you can run this multiple times without worry if&#8212;for whatever reason&#8212;it doesn\'t finish. If you get an <strong>out of memory</strong> error try splitting up the import file into pieces.'); ?> </p>
+<form method="post" action="<?php echo add_query_arg('step', 1); ?>" class="import-upload-form">
+<?php wp_nonce_field('import-upload'); ?>
+<p>
+	<input type="hidden" name="upload_type" value="ftp" />
+<?php _e('Or use <code>mt-export.txt</code> in your <code>/wp-content/</code> directory'); ?></p>
+<p class="submit">
+<input type="submit" value="<?php echo attribute_escape(__('Import mt-export.txt &raquo;')); ?>" />
+</p>
+</form>
+<p><?php _e('The importer is smart enough not to import duplicates, so you can run this multiple times without worry if&#8212;for whatever reason&#8212;it doesn\'t finish. If you get an <strong>out of memory</strong> error try splitting up the import file into pieces.'); ?> </p>
+</div>
 <?php
 		$this->footer();
 	}
@@ -32,7 +43,7 @@ class MT_Import {
 		global $wpdb, $testing;
 		$users = $wpdb->get_results("SELECT * FROM $wpdb->users ORDER BY ID");
 ?><select name="userselect[<?php echo $n; ?>]">
-	<option value="#NONE#">- Select -</option>
+	<option value="#NONE#"><?php _e('- Select -') ?></option>
 	<?php


@@ -53,9 +64,9 @@ class MT_Import {
 		$pass = 'changeme';
 		if (!(in_array($author, $this->mtnames))) { //a new mt author name is found
 			++ $this->j;
-			$this->mtnames[$this->j] = $author; //add that new mt author name to an array 
+			$this->mtnames[$this->j] = $author; //add that new mt author name to an array
 			$user_id = username_exists($this->newauthornames[$this->j]); //check if the new author name defined by the user is a pre-existing wp user
-			if (!$user_id) { //banging my head against the desk now. 
+			if (!$user_id) { //banging my head against the desk now.
 				if ($newauthornames[$this->j] == 'left_blank') { //check if the user does not want to change the authorname
 					$user_id = wp_create_user($author, $pass);
 					$this->newauthornames[$this->j] = $author; //now we have a name, in the place of left_blank.
@@ -73,25 +84,27 @@ class MT_Import {
 		return $user_id;
 	}

-	function get_entries() {
-		set_magic_quotes_runtime(0);
-		$importdata = file($this->file); // Read the file into an array
-		$importdata = implode('', $importdata); // squish it
-		$importdata = preg_replace("/(\r\n|\n|\r)/", "\n", $importdata);
-		$importdata = preg_replace("/\n--------\n/", "--MT-ENTRY--\n", $importdata);
-		$this->posts = explode("--MT-ENTRY--", $importdata);
-	}
-
 	function get_mt_authors() {
-		$temp = array ();
-		$i = -1;
-		foreach ($this->posts as $post) {
-			if ('' != trim($post)) {
-				++ $i;
-				preg_match("|AUTHOR:(.*)|", $post, $thematch);
-				$thematch = trim($thematch[1]);
-				array_push($temp, "$thematch"); //store the extracted author names in a temporary array
-			}
+		$temp = array();
+		$authors = array();
+
+		$handle = fopen($this->file, 'r');
+		if ( $handle == null )
+			return false;
+
+		$in_comment = false;
+		while ( $line = fgets($handle) ) {
+			$line = trim($line);
+
+			if ( 'COMMENT:' == $line )
+				$in_comment = true;
+			else if ( '-----' == $line )
+				$in_comment = false;
+
+			if ( $in_comment || 0 !== strpos($line,"AUTHOR:") )
+				continue;
+
+			$temp[] = trim( substr($line, strlen("AUTHOR:")) );
 		}

 		//we need to find unique values of author names, while preserving the order, so this function emulates the unique_value(); php function, without the sorting.
@@ -103,6 +116,8 @@ class MT_Import {
 				array_push($authors, "$next");
 		}

+		fclose($handle);
+
 		return $authors;
 	}

@@ -134,7 +149,9 @@ class MT_Import {

 	function mt_authors_form() {
 ?>
-<p><?php _e('To make it easier for you to edit and save the imported posts and drafts, you may want to change the name of the author of the posts. For example, you may want to import all the entries as <code>admin</code>s entries.'); ?></p>
+<div class="wrap">
+<h2><?php _e('Assign Authors'); ?></h2>
+<p><?php _e('To make it easier for you to edit and save the imported posts and drafts, you may want to change the name of the author of the posts. For example, you may want to import all the entries as admin\'s entries.'); ?></p>
 <p><?php _e('Below, you can see the names of the authors of the MovableType posts in <i>italics</i>. For each of these names, you can either pick an author in your WordPress installation from the menu, or enter a name for the author in the textbox.'); ?></p>
 <p><?php _e('If a new user is created by WordPress, the password will be set, by default, to "changeme". Quite suggestive, eh? ;)'); ?></p>
 	<?php
@@ -143,261 +160,268 @@ class MT_Import {
 		$authors = $this->get_mt_authors();
 		echo '<ol id="authors">';
 		echo '<form action="?import=mt&amp;step=2&amp;id=' . $this->id . '" method="post">';
+		wp_nonce_field('import-mt');
 		$j = -1;
 		foreach ($authors as $author) {
 			++ $j;
-			echo '<li><i>'.$author.'</i><br />'.'<input type="text" value="'.$author.'" name="'.'user[]'.'" maxlength="30">';
+			echo '<li>'.__('Current author:').' <strong>'.$author.'</strong><br />'.sprintf(__('Create user %1$s or map to existing'), ' <input type="text" value="'.$author.'" name="'.'user[]'.'" maxlength="30"> <br />');
 			$this->users_form($j);
 			echo '</li>';
 		}

-		echo '<input type="submit" value="Submit">'.'<br/>';
+		echo '<input type="submit" value="'.__('Submit').'">'.'<br />';
 		echo '</form>';
-		echo '</ol>';
+		echo '</ol></div>';

-		flush();
 	}

 	function select_authors() {
-		$file = wp_import_handle_upload();
+		if ( $_POST['upload_type'] === 'ftp' ) {
+			$file['file'] = ABSPATH . 'wp-content/mt-export.txt';
+			if ( !file_exists($file['file']) )
+				$file['error'] = __('<code>mt-export.txt</code> does not exist');
+		} else {
+			$file = wp_import_handle_upload();
+		}
 		if ( isset($file['error']) ) {
-			echo $file['error'];
+			$this->header();
+			echo '<p>'.__('Sorry, there has been an error').'.</p>';
+			echo '<p><strong>' . $file['error'] . '</strong></p>';
+			$this->footer();
 			return;
 		}
 		$this->file = $file['file'];
-		$this->id = $file['id'];
+		$this->id = (int) $file['id'];

-		$this->get_entries();
 		$this->mt_authors_form();
 	}

+	function save_post(&$post, &$comments, &$pings) {
+		// Reset the counter
+		set_time_limit(30);
+		$post = get_object_vars($post);
+		$post = add_magic_quotes($post);
+		$post = (object) $post;
+
+		if ( $post_id = post_exists($post->post_title, '', $post->post_date) ) {
+			echo '<li>';
+			printf(__('Post <i>%s</i> already exists.'), stripslashes($post->post_title));
+		} else {
+			echo '<li>';
+			printf(__('Importing post <i>%s</i>...'), stripslashes($post->post_title));
+
+			if ( '' != trim( $post->extended ) )
+					$post->post_content .= "\n<!--more-->\n$post->extended";
+
+			$post->post_author = $this->checkauthor($post->post_author); //just so that if a post already exists, new users are not created by checkauthor
+			$post_id = wp_insert_post($post);
+			if ( is_wp_error( $post_id ) ) 
+				return $post_id;
+
+			// Add categories.
+			if ( 0 != count($post->categories) ) {
+				wp_create_categories($post->categories, $post_id);
+			}
+		}
+
+		$num_comments = 0;
+		foreach ( $comments as $comment ) {
+			$comment = get_object_vars($comment);
+			$comment = add_magic_quotes($comment);
+
+			if ( !comment_exists($comment['comment_author'], $comment['comment_date'])) {
+				$comment['comment_post_ID'] = $post_id;
+				$comment = wp_filter_comment($comment);
+				wp_insert_comment($comment);
+				$num_comments++;
+			}
+		}
+
+		if ( $num_comments )
+			printf(' '.__('(%s comments)'), $num_comments);
+
+		$num_pings = 0;
+		foreach ( $pings as $ping ) {
+			$ping = get_object_vars($ping);
+			$ping = add_magic_quotes($ping);
+
+			if ( !comment_exists($ping['comment_author'], $ping['comment_date'])) {
+				$ping['comment_content'] = "<strong>{$ping['title']}</strong>\n\n{$ping['comment_content']}";
+				$ping['comment_post_ID'] = $post_id;
+				$ping = wp_filter_comment($ping);
+				wp_insert_comment($ping);
+				$num_pings++;
+			}
+		}
+
+		if ( $num_pings )
+			printf(' '.__('(%s pings)'), $num_pings);
+
+		echo "</li>";
+		//ob_flush();flush();
+	}
+
 	function process_posts() {
 		global $wpdb;
-		$i = -1;
-		echo "<ol>";
-		foreach ($this->posts as $post) {
-			if ('' != trim($post)) {
-				++ $i;
-				unset ($post_categories);

-				// Take the pings out first
-				preg_match("|(-----\n\nPING:.*)|s", $post, $pings);
-				$post = preg_replace("|(-----\n\nPING:.*)|s", '', $post);
+		$handle = fopen($this->file, 'r');
+		if ( $handle == null )
+			return false;

-				// Then take the comments out
-				preg_match("|(-----\nCOMMENT:.*)|s", $post, $comments);
-				$post = preg_replace("|(-----\nCOMMENT:.*)|s", '', $post);
+		$context = '';
+		$post = new StdClass();
+		$comment = new StdClass();
+		$comments = array();
+		$ping = new StdClass();
+		$pings = array();

-				// We ignore the keywords
-				$post = preg_replace("|(-----\nKEYWORDS:.*)|s", '', $post);
+		echo "<div class='wrap'><ol>";

-				// We want the excerpt
-				preg_match("|-----\nEXCERPT:(.*)|s", $post, $excerpt);
-				$excerpt = $wpdb->escape(trim($excerpt[1]));
-				$post = preg_replace("|(-----\nEXCERPT:.*)|s", '', $post);
+		while ( $line = fgets($handle) ) {
+			$line = trim($line);

-				// We're going to put extended body into main body with a more tag
-				preg_match("|-----\nEXTENDED BODY:(.*)|s", $post, $extended);
-				$extended = trim($extended[1]);
-				if ('' != $extended)
-					$extended = "\n<!--more-->\n$extended";
-				$post = preg_replace("|(-----\nEXTENDED BODY:.*)|s", '', $post);
-
-				// Now for the main body
-				preg_match("|-----\nBODY:(.*)|s", $post, $body);
-				$body = trim($body[1]);
-				$post_content = $wpdb->escape($body.$extended);
-				$post = preg_replace("|(-----\nBODY:.*)|s", '', $post);
-
-				// Grab the metadata from what's left
-				$metadata = explode("\n", $post);
-				foreach ($metadata as $line) {
-					preg_match("/^(.*?):(.*)/", $line, $token);
-					$key = trim($token[1]);
-					$value = trim($token[2]);
-					// Now we decide what it is and what to do with it
-					switch ($key) {
-						case '' :
-							break;
-						case 'AUTHOR' :
-							$post_author = $value;
-							break;
-						case 'TITLE' :
-							$post_title = $wpdb->escape($value);
-							break;
-						case 'STATUS' :
-							// "publish" and "draft" enumeration items match up; no change required
-							$post_status = $value;
-							if (empty ($post_status))
-								$post_status = 'publish';
-							break;
-						case 'ALLOW COMMENTS' :
-							$post_allow_comments = $value;
-							if ($post_allow_comments == 1) {
-								$comment_status = 'open';
-							} else {
-								$comment_status = 'closed';
-							}
-							break;
-						case 'CONVERT BREAKS' :
-							$post_convert_breaks = $value;
-							break;
-						case 'ALLOW PINGS' :
-							$ping_status = trim($meta[2][0]);
-							if ($ping_status == 1) {
-								$ping_status = 'open';
-							} else {
-								$ping_status = 'closed';
-							}
-							break;
-						case 'PRIMARY CATEGORY' :
-							if (! empty ($value) )
-								$post_categories[] = $wpdb->escape($value);
-							break;
-						case 'CATEGORY' :
-							if (! empty ($value) )
-								$post_categories[] = $wpdb->escape($value);
-							break;
-						case 'DATE' :
-							$post_modified = strtotime($value);
-							$post_modified = date('Y-m-d H:i:s', $post_modified);
-							$post_modified_gmt = get_gmt_from_date("$post_modified");
-							$post_date = $post_modified;
-							$post_date_gmt = $post_modified_gmt;
-							break;
-						default :
-							// echo "\n$key: $value";
-							break;
-					} // end switch
-				} // End foreach
-
-				// Let's check to see if it's in already
-				if ($post_id = post_exists($post_title, '', $post_date)) {
-					echo '<li>';
-					printf(__('Post <i>%s</i> already exists.'), stripslashes($post_title));
-				} else {
-					echo '<li>';
-					printf(__('Importing post <i>%s</i>...'), stripslashes($post_title));
-
-					$post_author = $this->checkauthor($post_author); //just so that if a post already exists, new users are not created by checkauthor
-
-					$postdata = compact('post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_title', 'post_excerpt', 'post_status', 'comment_status', 'ping_status', 'post_modified', 'post_modified_gmt');
-					$post_id = wp_insert_post($postdata);
-					// Add categories.
-					if (0 != count($post_categories)) {
-						wp_create_categories($post_categories, $post_id);
-					}
+			if ( '-----' == $line ) {
+				// Finishing a multi-line field
+				if ( 'comment' == $context ) {
+					$comments[] = $comment;
+					$comment = new StdClass();
+				} else if ( 'ping' == $context ) {
+					$pings[] = $ping;
+					$ping = new StdClass();
 				}
-
-				$comment_post_ID = $post_id;
-				$comment_approved = 1;
-
-				// Now for comments
-				$comments = explode("-----\nCOMMENT:", $comments[0]);
-				$num_comments = 0;
-				foreach ($comments as $comment) {
-					if ('' != trim($comment)) {
-						// Author
-						preg_match("|AUTHOR:(.*)|", $comment, $comment_author);
-						$comment_author = $wpdb->escape(trim($comment_author[1]));
-						$comment = preg_replace('|(\n?AUTHOR:.*)|', '', $comment);
-						preg_match("|EMAIL:(.*)|", $comment, $comment_author_email);
-						$comment_author_email = $wpdb->escape(trim($comment_author_email[1]));
-						$comment = preg_replace('|(\n?EMAIL:.*)|', '', $comment);
-
-						preg_match("|IP:(.*)|", $comment, $comment_author_IP);
-						$comment_author_IP = trim($comment_author_IP[1]);
-						$comment = preg_replace('|(\n?IP:.*)|', '', $comment);
-
-						preg_match("|URL:(.*)|", $comment, $comment_author_url);
-						$comment_author_url = $wpdb->escape(trim($comment_author_url[1]));
-						$comment = preg_replace('|(\n?URL:.*)|', '', $comment);
-
-						preg_match("|DATE:(.*)|", $comment, $comment_date);
-						$comment_date = trim($comment_date[1]);
-						$comment_date = date('Y-m-d H:i:s', strtotime($comment_date));
-						$comment = preg_replace('|(\n?DATE:.*)|', '', $comment);
-
-						$comment_content = $wpdb->escape(trim($comment));
-						$comment_content = str_replace('-----', '', $comment_content);
-						// Check if it's already there
-						if (!comment_exists($comment_author, $comment_date)) {
-							$commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_url', 'comment_author_email', 'comment_author_IP', 'comment_date', 'comment_content', 'comment_approved');
-							$commentdata = wp_filter_comment($commentdata);
-							wp_insert_comment($commentdata);
-							$num_comments++;
-						}
-					}
+				$context = '';
+			} else if ( '--------' == $line ) {
+				// Finishing a post.
+				$context = '';
+				$result = $this->save_post($post, $comments, $pings);
+				if ( is_wp_error( $result ) ) 
+					return $result;
+				$post = new StdClass;
+				$comment = new StdClass();
+				$ping = new StdClass();
+				$comments = array();
+				$pings = array();
+			} else if ( 'BODY:' == $line ) {
+				$context = 'body';
+			} else if ( 'EXTENDED BODY:' == $line ) {
+				$context = 'extended';
+			} else if ( 'EXCERPT:' == $line ) {
+				$context = 'excerpt';
+			} else if ( 'KEYWORDS:' == $line ) {
+				$context = 'keywords';
+			} else if ( 'COMMENT:' == $line ) {
+				$context = 'comment';
+			} else if ( 'PING:' == $line ) {
+				$context = 'ping';
+			} else if ( 0 === strpos($line, "AUTHOR:") ) {
+				$author = trim( substr($line, strlen("AUTHOR:")) );
+				if ( '' == $context )
+					$post->post_author = $author;
+				else if ( 'comment' == $context )
+					 $comment->comment_author = $author;
+			} else if ( 0 === strpos($line, "TITLE:") ) {
+				$title = trim( substr($line, strlen("TITLE:")) );
+				if ( '' == $context )
+					$post->post_title = $title;
+				else if ( 'ping' == $context )
+					$ping->title = $title;
+			} else if ( 0 === strpos($line, "STATUS:") ) {
+				$status = trim( substr($line, strlen("STATUS:")) );
+				if ( empty($status) )
+					$status = 'publish';
+				$post->post_status = $status;
+			} else if ( 0 === strpos($line, "ALLOW COMMENTS:") ) {
+				$allow = trim( substr($line, strlen("ALLOW COMMENTS:")) );
+				if ( $allow == 1 )
+					$post->comment_status = 'open';
+				else
+					$post->comment_status = 'closed';
+			} else if ( 0 === strpos($line, "ALLOW PINGS:") ) {
+				$allow = trim( substr($line, strlen("ALLOW PINGS:")) );
+				if ( $allow == 1 )
+					$post->ping_status = 'open';
+				else
+					$post->ping_status = 'closed';
+			} else if ( 0 === strpos($line, "CATEGORY:") ) {
+				$category = trim( substr($line, strlen("CATEGORY:")) );
+				if ( '' != $category )
+					$post->categories[] = $category;
+			} else if ( 0 === strpos($line, "PRIMARY CATEGORY:") ) {
+				$category = trim( substr($line, strlen("PRIMARY CATEGORY:")) );
+				if ( '' != $category )
+					$post->categories[] = $category;
+			} else if ( 0 === strpos($line, "DATE:") ) {
+				$date = trim( substr($line, strlen("DATE:")) );
+				$date = strtotime($date);
+				$date = date('Y-m-d H:i:s', $date);
+				$date_gmt = get_gmt_from_date($date);
+				if ( '' == $context ) {
+					$post->post_modified = $date;
+					$post->post_modified_gmt = $date_gmt;
+					$post->post_date = $date;
+					$post->post_date_gmt = $date_gmt;
+				} else if ( 'comment' == $context ) {
+					$comment->comment_date = $date;
+				} else if ( 'ping' == $context ) {
+					$ping->comment_date = $date;
 				}
-				if ( $num_comments )
-					printf(__('(%s comments)'), $num_comments);
+			} else if ( 0 === strpos($line, "EMAIL:") ) {
+				$email = trim( substr($line, strlen("EMAIL:")) );
+				if ( 'comment' == $context )
+					$comment->comment_author_email = $email;
+				else
+					$ping->comment_author_email = '';
+			} else if ( 0 === strpos($line, "IP:") ) {
+				$ip = trim( substr($line, strlen("IP:")) );
+				if ( 'comment' == $context )
+					$comment->comment_author_IP = $ip;
+				else
+					$ping->comment_author_IP = $ip;
+			} else if ( 0 === strpos($line, "URL:") ) {
+				$url = trim( substr($line, strlen("URL:")) );
+				if ( 'comment' == $context )
+					$comment->comment_author_url = $url;
+				else
+					$ping->comment_author_url = $url;
+			} else if ( 0 === strpos($line, "BLOG NAME:") ) {
+				$blog = trim( substr($line, strlen("BLOG NAME:")) );
+				$ping->comment_author = $blog;
+			} else {
+				// Processing multi-line field, check context.

-				// Finally the pings
-				// fix the double newline on the first one
-				$pings[0] = str_replace("-----\n\n", "-----\n", $pings[0]);
-				$pings = explode("-----\nPING:", $pings[0]);
-				$num_pings = 0;
-				foreach ($pings as $ping) {
-					if ('' != trim($ping)) {
-						// 'Author'
-						preg_match("|BLOG NAME:(.*)|", $ping, $comment_author);
-						$comment_author = $wpdb->escape(trim($comment_author[1]));
-						$ping = preg_replace('|(\n?BLOG NAME:.*)|', '', $ping);
-
-						preg_match("|IP:(.*)|", $ping, $comment_author_IP);
-						$comment_author_IP = trim($comment_author_IP[1]);
-						$ping = preg_replace('|(\n?IP:.*)|', '', $ping);
-
-						preg_match("|URL:(.*)|", $ping, $comment_author_url);
-						$comment_author_url = $wpdb->escape(trim($comment_author_url[1]));
-						$ping = preg_replace('|(\n?URL:.*)|', '', $ping);
-
-						preg_match("|DATE:(.*)|", $ping, $comment_date);
-						$comment_date = trim($comment_date[1]);
-						$comment_date = date('Y-m-d H:i:s', strtotime($comment_date));
-						$ping = preg_replace('|(\n?DATE:.*)|', '', $ping);
-
-						preg_match("|TITLE:(.*)|", $ping, $ping_title);
-						$ping_title = $wpdb->escape(trim($ping_title[1]));
-						$ping = preg_replace('|(\n?TITLE:.*)|', '', $ping);
-
-						$comment_content = $wpdb->escape(trim($ping));
-						$comment_content = str_replace('-----', '', $comment_content);
-
-						$comment_content = "<strong>$ping_title</strong>\n\n$comment_content";
-
-						$comment_type = 'trackback';
-
-						// Check if it's already there
-						if (!comment_exists($comment_author, $comment_date)) {
-							$commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_url', 'comment_author_email', 'comment_author_IP', 'comment_date', 'comment_content', 'comment_type', 'comment_approved');
-							$commentdata = wp_filter_comment($commentdata);
-							wp_insert_comment($commentdata);
-							$num_pings++;
-						}
-					}
+				$line .= "\n";
+				if ( 'body' == $context ) {
+					$post->post_content .= $line;
+				} else if ( 'extended' ==  $context ) {
+					$post->extended .= $line;
+				} else if ( 'excerpt' == $context ) {
+					$post->post_excerpt .= $line;
+				} else if ( 'comment' == $context ) {
+					$comment->comment_content .= $line;
+				} else if ( 'ping' == $context ) {
+					$ping->comment_content .= $line;
 				}
-				if ( $num_pings )
-					printf(__('(%s pings)'), $num_pings);
-				
-				echo "</li>";
 			}
-			flush();
 		}

 		echo '</ol>';

 		wp_import_cleanup($this->id);
+		do_action('import_done', 'mt');

-		echo '<h3>'.sprintf(__('All done. <a href="%s">Have fun!</a>'), get_option('home')).'</h3>';
+		echo '<h3>'.sprintf(__('All done. <a href="%s">Have fun!</a>'), get_option('home')).'</h3></div>';
 	}

 	function import() {
 		$this->id = (int) $_GET['id'];
-		$this->file = get_attached_file($this->id);
+		if ( $this->id == 0 )
+			$this->file = ABSPATH . 'wp-content/mt-export.txt';
+		else
+			$this->file = get_attached_file($this->id);
 		$this->get_authors_from_post();
-		$this->get_entries();
-		$this->process_posts();
+		$result = $this->process_posts();
+		if ( is_wp_error( $result ) ) 
+			return $result;
 	}

 	function dispatch() {
@@ -411,20 +435,24 @@ class MT_Import {
 				$this->greet();
 				break;
 			case 1 :
+				check_admin_referer('import-upload');
 				$this->select_authors();
 				break;
 			case 2:
-				$this->import();
+				check_admin_referer('import-mt');
+				$result = $this->import();
+				if ( is_wp_error( $result ) )
+					echo $result->get_error_message();
 				break;
 		}
 	}

 	function MT_Import() {
-		// Nothing.	
+		// Nothing.
 	}
 }

 $mt_import = new MT_Import();

-register_importer('mt', 'Movable Type', __('Import posts and comments from your Movable Type blog'), array ($mt_import, 'dispatch'));
+register_importer('mt', __('Movable Type and TypePad'), __('Import posts and comments from a Movable Type or Typepad blog'), array ($mt_import, 'dispatch'));
 ?>
--- a/wp-admin/import/rss.php
+++ b/wp-admin/import/rss.php
@@ -19,15 +19,17 @@ class RSS_Import {
 		$trans_tbl = array_flip($trans_tbl);
 		return strtr($string, $trans_tbl);
 	}
-	
+
 	function greet() {
-		echo '<p>'.__('Howdy! This importer allows you to extract posts from any RSS 2.0 file into your blog. This is useful if you want to import your posts from a system that is not handled by a custom import tool. Pick an RSS file to upload and click Import.').'</p>';
+		echo '<div class="narrow">';
+		echo '<p>'.__('Howdy! This importer allows you to extract posts from an RSS 2.0 file into your blog. This is useful if you want to import your posts from a system that is not handled by a custom import tool. Pick an RSS file to upload and click Import.').'</p>';
 		wp_import_upload_form("admin.php?import=rss&amp;step=1");
+		echo '</div>';
 	}

 	function get_posts() {
 		global $wpdb;
-		
+
 		set_magic_quotes_runtime(0);
 		$datalines = file($this->file); // Read the file into an array
 		$importdata = implode('', $datalines); // squish it
@@ -38,21 +40,22 @@ class RSS_Import {
 		$index = 0;
 		foreach ($this->posts as $post) {
 			preg_match('|<title>(.*?)</title>|is', $post, $post_title);
-			$post_title = $wpdb->escape(trim($post_title[1]));
+			$post_title = str_replace(array('<![CDATA[', ']]>'), '', $wpdb->escape( trim($post_title[1]) ));

-			preg_match('|<pubdate>(.*?)</pubdate>|is', $post, $post_date);
+			preg_match('|<pubdate>(.*?)</pubdate>|is', $post, $post_date_gmt);

-			if ($post_date) {
-				$post_date = strtotime($post_date[1]);
+			if ($post_date_gmt) {
+				$post_date_gmt = strtotime($post_date_gmt[1]);
 			} else {
 				// if we don't already have something from pubDate
-				preg_match('|<dc:date>(.*?)</dc:date>|is', $post, $post_date);
-				$post_date = preg_replace('|([-+])([0-9]+):([0-9]+)$|', '\1\2\3', $post_date[1]);
-				$post_date = str_replace('T', ' ', $post_date);
-				$post_date = strtotime($post_date);
+				preg_match('|<dc:date>(.*?)</dc:date>|is', $post, $post_date_gmt);
+				$post_date_gmt = preg_replace('|([-+])([0-9]+):([0-9]+)$|', '\1\2\3', $post_date_gmt[1]);
+				$post_date_gmt = str_replace('T', ' ', $post_date_gmt);
+				$post_date_gmt = strtotime($post_date_gmt);
 			}

-			$post_date = gmdate('Y-m-d H:i:s', $post_date);
+			$post_date_gmt = gmdate('Y-m-d H:i:s', $post_date_gmt);
+			$post_date = get_date_from_gmt( $post_date_gmt );

 			preg_match_all('|<category>(.*?)</category>|is', $post, $categories);
 			$categories = $categories[1];
@@ -90,7 +93,7 @@ class RSS_Import {

 			$post_author = 1;
 			$post_status = 'publish';
-			$this->posts[$index] = compact('post_author', 'post_date', 'post_content', 'post_title', 'post_status', 'guid', 'categories');
+			$this->posts[$index] = compact('post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_title', 'post_status', 'guid', 'categories');
 			$index++;
 		}
 	}
@@ -107,6 +110,8 @@ class RSS_Import {
 				_e('Post already imported');
 			} else {
 				$post_id = wp_insert_post($post);
+				if ( is_wp_error( $post_id ) )
+					return $post_id;
 				if (!$post_id) {
 					_e("Couldn't get post ID");
 					return;
@@ -132,9 +137,11 @@ class RSS_Import {

 		$this->file = $file['file'];
 		$this->get_posts();
-		$this->import_posts();
+		$result = $this->import_posts();
+		if ( is_wp_error( $result ) )
+			return $result;
 		wp_import_cleanup($file['id']);
-		
+
 		echo '<h3>';
 		printf(__('All done. <a href="%s">Have fun!</a>'), get_option('home'));
 		echo '</h3>';
@@ -147,25 +154,28 @@ class RSS_Import {
 			$step = (int) $_GET['step'];

 		$this->header();
-		
+
 		switch ($step) {
 			case 0 :
 				$this->greet();
 				break;
 			case 1 :
-				$this->import();
+				check_admin_referer('import-upload');
+				$result = $this->import();
+				if ( is_wp_error( $result ) )
+					echo $result->get_error_message();
 				break;
 		}
-		
+
 		$this->footer();
 	}

 	function RSS_Import() {
-		// Nothing.	
+		// Nothing.
 	}
 }

 $rss_import = new RSS_Import();

-register_importer('rss', 'RSS', __('Import posts from an RSS feed'), array ($rss_import, 'dispatch'));
+register_importer('rss', __('RSS'), __('Import posts from an RSS feed'), array ($rss_import, 'dispatch'));
 ?>
--- a/wp-admin/import/stp.php
+++ b/wp-admin/import/stp.php
@@ -0,0 +1,155 @@
+<?php
+class STP_Import {
+	function header()  {
+		echo '<div class="wrap">';
+		echo '<h2>'.__('Import Simple Tagging').'</h2>';
+		echo '<p>'.__('Steps may take a few minutes depending on the size of your database. Please be patient.').'<br /><br /></p>';
+	}
+
+	function footer() {
+		echo '</div>';
+	}
+
+	function greet() {
+		echo '<div class="narrow">';
+		echo '<p>'.__('Howdy! This imports tags from an existing Simple Tagging 1.6.2 installation into this blog using the new WordPress native tagging structure.').'</p>';
+		echo '<p>'.__('This has not been tested on any other versions of Simple Tagging. Mileage may vary.').'</p>';
+		echo '<p>'.__('To accommodate larger databases for those tag-crazy authors out there, we have made this into an easy 4-step program to help you kick that nasty Simple Tagging habit. Just keep clicking along and we will let you know when you are in the clear!').'</p>';
+		echo '<p><strong>'.__('Don&#8217;t be stupid - backup your database before proceeding!').'</strong></p>';
+		echo '<form action="admin.php?import=stp&amp;step=1" method="post">';
+		wp_nonce_field('import-stp');
+		echo '<p class="submit"><input type="submit" name="submit" value="'.__('Step 1 &raquo;').'" /></p>';
+		echo '</form>';
+		echo '</div>';
+	}
+
+	function dispatch () {
+		if ( empty( $_GET['step'] ) ) {
+			$step = 0;
+		} else {
+			$step = (int) $_GET['step'];
+		}
+		// load the header
+		$this->header();
+		switch ( $step ) {
+			case 0 :
+				$this->greet();
+				break;
+			case 1 :
+				check_admin_referer('import-stp');
+				$this->import_posts();
+				break;
+			case 2:
+				check_admin_referer('import-stp');
+				$this->import_t2p();
+				break;
+			case 3:
+				check_admin_referer('import-stp');
+				$this->cleanup_import();
+				break;
+		}
+		// load the footer
+		$this->footer();
+	}
+
+
+	function import_posts ( ) {
+		echo '<div class="narrow">';
+		echo '<p><h3>'.__('Reading STP Post Tags&#8230;').'</h3></p>';
+
+		// read in all the STP tag -> post settings
+		$posts = $this->get_stp_posts();
+
+		// if we didn't get any tags back, that's all there is folks!
+		if ( !is_array($posts) ) {
+			echo '<p>' . __('No posts were found to have tags!') . '</p>';
+			return false;
+		}
+		else {
+			// if there's an existing entry, delete it
+			if ( get_option('stpimp_posts') ) {
+				delete_option('stpimp_posts');
+			}
+			
+			add_option('stpimp_posts', $posts);
+			$count = count($posts);
+			echo '<p>' . sprintf( __('Done! <strong>%s</strong> tag to post relationships were read.'), $count ) . '<br /></p>';
+		}
+
+		echo '<form action="admin.php?import=stp&amp;step=2" method="post">';
+		wp_nonce_field('import-stp');
+		echo '<p class="submit"><input type="submit" name="submit" value="'.__('Step 2 &raquo;').'" /></p>';
+		echo '</form>';
+		echo '</div>';
+	}
+
+
+	function import_t2p ( ) {
+		echo '<div class="narrow">';
+		echo '<p><h3>'.__('Adding Tags to Posts&#8230;').'</h3></p>';
+		
+		// run that funky magic!
+		$tags_added = $this->tag2post();
+		
+		echo '<p>' . sprintf( __('Done! <strong>%s</strong> tags where added!'), $tags_added ) . '<br /></p>';
+		echo '<form action="admin.php?import=stp&amp;step=3" method="post">';
+		wp_nonce_field('import-stp');
+		echo '<p class="submit"><input type="submit" name="submit" value="'.__('Step 3 &raquo;').'" /></p>';
+		echo '</form>';
+		echo '</div>';
+	}
+
+	function get_stp_posts ( ) {
+		global $wpdb;
+		// read in all the posts from the STP post->tag table: should be wp_post2tag
+		$posts_query = "SELECT post_id, tag_name FROM " . $wpdb->prefix . "stp_tags";
+		$posts = $wpdb->get_results($posts_query);
+		return $posts;
+	}
+
+	function tag2post ( ) {
+		global $wpdb;
+
+		// get the tags and posts we imported in the last 2 steps
+		$posts = get_option('stpimp_posts');
+
+		// null out our results
+		$tags_added = 0;
+
+		// loop through each post and add its tags to the db
+		foreach ( $posts as $this_post ) {
+			$the_post = (int) $this_post->post_id;
+			$the_tag = $wpdb->escape($this_post->tag_name);
+			// try to add the tag
+			wp_add_post_tags($the_post, $the_tag);
+			$tags_added++;
+		}
+
+		// that's it, all posts should be linked to their tags properly, pending any errors we just spit out!
+		return $tags_added;
+	}
+
+	function cleanup_import ( ) {
+		delete_option('stpimp_posts');
+		$this->done();
+	}
+
+	function done ( ) {
+		echo '<div class="narrow">';
+		echo '<p><h3>'.__('Import Complete!').'</h3></p>';
+		echo '<p>' . __('OK, so we lied about this being a 4-step program! You&#8217;re done!') . '</p>';
+		echo '<p>' . __('Now wasn&#8217;t that easy?') . '</p>';
+		echo '</div>';
+	}
+
+	function STP_Import ( ) {
+		// Nothing.
+	}
+}
+
+// create the import object
+$stp_import = new STP_Import();
+
+// add it to the import page!
+register_importer('stp', 'Simple Tagging', __('Import Simple Tagging tags into the new native tagging structure.'), array($stp_import, 'dispatch'));
+?>
--- a/wp-admin/import/textpattern.php
+++ b/wp-admin/import/textpattern.php
@@ -2,18 +2,6 @@
 /**
 	Add These Functions to make our lives easier
 **/
-if(!function_exists('get_catbynicename'))
-{
-	function get_catbynicename($category_nicename) 
-	{
-	global $wpdb;
-	
-	$cat_id -= 0; 	// force numeric
-	$name = $wpdb->get_var('SELECT cat_ID FROM '.$wpdb->categories.' WHERE category_nicename="'.$category_nicename.'"');
-	
-	return $name;
-	}
-}

 if(!function_exists('get_comment_count'))
 {
@@ -38,26 +26,29 @@ if(!function_exists('link_exists'))
 **/
 class Textpattern_Import {

-	function header() 
+	function header()
 	{
 		echo '<div class="wrap">';
 		echo '<h2>'.__('Import Textpattern').'</h2>';
 		echo '<p>'.__('Steps may take a few minutes depending on the size of your database. Please be patient.').'</p>';
 	}

-	function footer() 
+	function footer()
 	{
 		echo '</div>';
 	}
-	
-	function greet() 
-	{
-		echo '<p>'.__('Howdy! This importer allows you to extract posts from any Textpattern 4.0.2+ into your blog. This has not been tested on previous versions of Textpattern.  Mileage may vary.').'</p>';
+
+	function greet() {
+		echo '<div class="narrow">';
+		echo '<p>'.__('Howdy! This imports categories, users, posts, comments, and links from any Textpattern 4.0.2+ into this blog.').'</p>';
+		echo '<p>'.__('This has not been tested on previous versions of Textpattern.  Mileage may vary.').'</p>';
 		echo '<p>'.__('Your Textpattern Configuration settings are as follows:').'</p>';
 		echo '<form action="admin.php?import=textpattern&amp;step=1" method="post">';
+		wp_nonce_field('import-textpattern');
 		$this->db_form();
-		echo '<input type="submit" name="submit" value="'.__('Import Categories').'" />';
+		echo '<p class="submit"><input type="submit" name="submit" value="'.attribute_escape(__('Import Categories &raquo;')).'" /></p>';
 		echo '</form>';
+		echo '</div>';
 	}

 	function get_txp_cats()
@@ -67,17 +58,17 @@ class Textpattern_Import {
 		$txpdb = new wpdb(get_option('txpuser'), get_option('txppass'), get_option('txpname'), get_option('txphost'));
 		set_magic_quotes_runtime(0);
 		$prefix = get_option('tpre');
-		
+
 		// Get Categories
-		return $txpdb->get_results('SELECT 
-										id,
-										name,
-										title
-							   		 FROM '.$prefix.'txp_category 
-							   		 WHERE type = "article"', 
-									 ARRAY_A);
+		return $txpdb->get_results('SELECT
+			id,
+			name,
+			title
+			FROM '.$prefix.'txp_category
+			WHERE type = "article"',
+			ARRAY_A);
 	}
-	
+
 	function get_txp_users()
 	{
 		global $wpdb;
@@ -85,44 +76,44 @@ class Textpattern_Import {
 		$txpdb = new wpdb(get_option('txpuser'), get_option('txppass'), get_option('txpname'), get_option('txphost'));
 		set_magic_quotes_runtime(0);
 		$prefix = get_option('tpre');
-		
+
 		// Get Users
-		
+
 		return $txpdb->get_results('SELECT
-										user_id,
-										name,
-										RealName,
-										email,
-										privs
-							   		FROM '.$prefix.'txp_users', ARRAY_A);
+			user_id,
+			name,
+			RealName,
+			email,
+			privs
+			FROM '.$prefix.'txp_users', ARRAY_A);
 	}
-	
+
 	function get_txp_posts()
 	{
 		// General Housekeeping
 		$txpdb = new wpdb(get_option('txpuser'), get_option('txppass'), get_option('txpname'), get_option('txphost'));
 		set_magic_quotes_runtime(0);
 		$prefix = get_option('tpre');
-		
+
 		// Get Posts
-		return $txpdb->get_results('SELECT 
-										ID,
-										Posted,
-										AuthorID,
-										LastMod,
-										Title,
-										Body,
-										Excerpt,
-										Category1,
-										Category2,
-										Status,
-										Keywords,
-										url_title,
-										comments_count
-							   		FROM '.$prefix.'textpattern
-							   		', ARRAY_A);
+		return $txpdb->get_results('SELECT
+			ID,
+			Posted,
+			AuthorID,
+			LastMod,
+			Title,
+			Body,
+			Excerpt,
+			Category1,
+			Category2,
+			Status,
+			Keywords,
+			url_title,
+			comments_count
+			FROM '.$prefix.'textpattern
+			', ARRAY_A);
 	}
-	
+
 	function get_txp_comments()
 	{
 		global $wpdb;
@@ -130,30 +121,30 @@ class Textpattern_Import {
 		$txpdb = new wpdb(get_option('txpuser'), get_option('txppass'), get_option('txpname'), get_option('txphost'));
 		set_magic_quotes_runtime(0);
 		$prefix = get_option('tpre');
-		
+
 		// Get Comments
 		return $txpdb->get_results('SELECT * FROM '.$prefix.'txp_discuss', ARRAY_A);
 	}
-	
+
 		function get_txp_links()
 	{
 		//General Housekeeping
 		$txpdb = new wpdb(get_option('txpuser'), get_option('txppass'), get_option('txpname'), get_option('txphost'));
 		set_magic_quotes_runtime(0);
 		$prefix = get_option('tpre');
-		
-		return $txpdb->get_results('SELECT 
-										id,
-										date,
-										category,
-										url,
-										linkname,
-										description
-									  FROM '.$prefix.'txp_link', 
-									  ARRAY_A);						  
+
+		return $txpdb->get_results('SELECT
+			id,
+			date,
+			category,
+			url,
+			linkname,
+			description
+			FROM '.$prefix.'txp_link',
+			ARRAY_A);
 	}
-	
-	function cat2wp($categories='') 
+
+	function cat2wp($categories='')
 	{
 		// General Housekeeping
 		global $wpdb;
@@ -163,16 +154,16 @@ class Textpattern_Import {
 		if(is_array($categories))
 		{
 			echo '<p>'.__('Importing Categories...').'<br /><br /></p>';
-			foreach ($categories as $category) 
+			foreach ($categories as $category)
 			{
 				$count++;
 				extract($category);
-				
-				
+
+
 				// Make Nice Variables
 				$name = $wpdb->escape($name);
 				$title = $wpdb->escape($title);
-				
+
 				if($cinfo = category_exists($name))
 				{
 					$ret_id = wp_insert_category(array('cat_ID' => $cinfo, 'category_nicename' => $name, 'cat_name' => $title));
@@ -183,7 +174,7 @@ class Textpattern_Import {
 				}
 				$txpcat2wpcat[$id] = $ret_id;
 			}
-			
+
 			// Store category translation for future use
 			add_option('txpcat2wpcat',$txpcat2wpcat);
 			echo '<p>'.sprintf(__('Done! <strong>%1$s</strong> categories imported.'), $count).'<br /><br /></p>';
@@ -192,14 +183,14 @@ class Textpattern_Import {
 		echo __('No Categories to Import!');
 		return false;
 	}
-	
+
 	function users2wp($users='')
 	{
 		// General Housekeeping
 		global $wpdb;
 		$count = 0;
 		$txpid2wpid = array();
-		
+
 		// Midnight Mojo
 		if(is_array($users))
 		{
@@ -208,14 +199,14 @@ class Textpattern_Import {
 			{
 				$count++;
 				extract($user);
-				
+
 				// Make Nice Variables
 				$name = $wpdb->escape($name);
 				$RealName = $wpdb->escape($RealName);
-				
+
 				if($uinfo = get_userdatabylogin($name))
 				{
-					
+
 					$ret_id = wp_insert_user(array(
 								'ID'			=> $uinfo->ID,
 								'user_login'	=> $name,
@@ -225,7 +216,7 @@ class Textpattern_Import {
 								'display_name'	=> $name)
 								);
 				}
-				else 
+				else
 				{
 					$ret_id = wp_insert_user(array(
 								'user_login'	=> $name,
@@ -236,10 +227,10 @@ class Textpattern_Import {
 								);
 				}
 				$txpid2wpid[$user_id] = $ret_id;
-				
+
 				// Set Textpattern-to-WordPress permissions translation
 				$transperms = array(1 => '10', 2 => '9', 3 => '5', 4 => '4', 5 => '3', 6 => '2', 7 => '0');
-				
+
 				// Update Usermeta Data
 				$user = new WP_User($ret_id);
 				if('10' == $transperms[$privs]) { $user->set_role('administrator'); }
@@ -249,24 +240,24 @@ class Textpattern_Import {
 				if('3'  == $transperms[$privs]) { $user->set_role('contributor'); }
 				if('2'  == $transperms[$privs]) { $user->set_role('contributor'); }
 				if('0'  == $transperms[$privs]) { $user->set_role('subscriber'); }
-				
+
 				update_usermeta( $ret_id, 'wp_user_level', $transperms[$privs] );
 				update_usermeta( $ret_id, 'rich_editing', 'false');
 			}// End foreach($users as $user)
-			
+
 			// Store id translation array for future use
 			add_option('txpid2wpid',$txpid2wpid);
-			
-			
+
+
 			echo '<p>'.sprintf(__('Done! <strong>%1$s</strong> users imported.'), $count).'<br /><br /></p>';
 			return true;
 		}// End if(is_array($users)
-		
+
 		echo __('No Users to Import!');
 		return false;
-		
+
 	}// End function user2wp()
-	
+
 	function posts2wp($posts='')
 	{
 		// General Housekeeping
@@ -283,10 +274,10 @@ class Textpattern_Import {
 			{
 				$count++;
 				extract($post);
-				
+
 				// Set Textpattern-to-WordPress status translation
 				$stattrans = array(1 => 'draft', 2 => 'private', 3 => 'draft', 4 => 'publish', 5 => 'publish');
-				
+
 				//Can we do this more efficiently?
 				$uinfo = ( get_userdatabylogin( $AuthorID ) ) ? get_userdatabylogin( $AuthorID ) : 1;
 				$authorid = ( is_object( $uinfo ) ) ? $uinfo->ID : $uinfo ;
@@ -295,59 +286,67 @@ class Textpattern_Import {
 				$Body = $wpdb->escape($Body);
 				$Excerpt = $wpdb->escape($Excerpt);
 				$post_status = $stattrans[$Status];
-				
+
 				// Import Post data into WordPress
-				
+
 				if($pinfo = post_exists($Title,$Body))
 				{
 					$ret_id = wp_insert_post(array(
-							'ID'				=> $pinfo,
-							'post_date'			=> $Posted,
-							'post_date_gmt'		=> $post_date_gmt,
-							'post_author'		=> $authorid,
-							'post_modified'		=> $LastMod,
-							'post_modified_gmt' => $post_modified_gmt,
-							'post_title'		=> $Title,
-							'post_content'		=> $Body,
-							'post_excerpt'		=> $Excerpt,
-							'post_status'		=> $post_status,
-							'post_name'			=> $url_title,
-							'comment_count'		=> $comments_count)
-							);
+						'ID'				=> $pinfo,
+						'post_date'			=> $Posted,
+						'post_date_gmt'		=> $post_date_gmt,
+						'post_author'		=> $authorid,
+						'post_modified'		=> $LastMod,
+						'post_modified_gmt' => $post_modified_gmt,
+						'post_title'		=> $Title,
+						'post_content'		=> $Body,
+						'post_excerpt'		=> $Excerpt,
+						'post_status'		=> $post_status,
+						'post_name'			=> $url_title,
+						'comment_count'		=> $comments_count)
+						);
+					if ( is_wp_error( $ret_id ) )
+						return $ret_id;
 				}
-				else 
+				else
 				{
 					$ret_id = wp_insert_post(array(
-							'post_date'			=> $Posted,
-							'post_date_gmt'		=> $post_date_gmt,
-							'post_author'		=> $authorid,
-							'post_modified'		=> $LastMod,
-							'post_modified_gmt' => $post_modified_gmt,
-							'post_title'		=> $Title,
-							'post_content'		=> $Body,
-							'post_excerpt'		=> $Excerpt,
-							'post_status'		=> $post_status,
-							'post_name'			=> $url_title,
-							'comment_count'		=> $comments_count)
-							);
+						'post_date'			=> $Posted,
+						'post_date_gmt'		=> $post_date_gmt,
+						'post_author'		=> $authorid,
+						'post_modified'		=> $LastMod,
+						'post_modified_gmt' => $post_modified_gmt,
+						'post_title'		=> $Title,
+						'post_content'		=> $Body,
+						'post_excerpt'		=> $Excerpt,
+						'post_status'		=> $post_status,
+						'post_name'			=> $url_title,
+						'comment_count'		=> $comments_count)
+						);
+					if ( is_wp_error( $ret_id ) )
+						return $ret_id;
 				}
 				$txpposts2wpposts[$ID] = $ret_id;
-				
+
 				// Make Post-to-Category associations
 				$cats = array();
-				if($cat1 = get_catbynicename($Category1)) { $cats[1] = $cat1; }
-				if($cat2 = get_catbynicename($Category2)) { $cats[2] = $cat2; }
+				$category1 = get_category_by_slug($Category1);
+				$category1 = $category1->term_id;
+				$category2 = get_category_by_slug($Category2);
+				$category2 = $category1->term_id;
+				if($cat1 = $category1) { $cats[1] = $cat1; }
+				if($cat2 = $category2) { $cats[2] = $cat2; }

-				if(!empty($cats)) { wp_set_post_cats('', $ret_id, $cats); }
+				if(!empty($cats)) { wp_set_post_categories($ret_id, $cats); }
 			}
 		}
 		// Store ID translation for later use
 		add_option('txpposts2wpposts',$txpposts2wpposts);
-		
+
 		echo '<p>'.sprintf(__('Done! <strong>%1$s</strong> posts imported.'), $count).'<br /><br /></p>';
-		return true;	
+		return true;
 	}
-	
+
 	function comments2wp($comments='')
 	{
 		// General Housekeeping
@@ -355,7 +354,7 @@ class Textpattern_Import {
 		$count = 0;
 		$txpcm2wpcm = array();
 		$postarr = get_option('txpposts2wpposts');
-		
+
 		// Magic Mojo
 		if(is_array($comments))
 		{
@@ -364,7 +363,7 @@ class Textpattern_Import {
 			{
 				$count++;
 				extract($comment);
-				
+
 				// WordPressify Data
 				$comment_ID = ltrim($discussid, '0');
 				$comment_post_ID = $postarr[$parentid];
@@ -373,57 +372,57 @@ class Textpattern_Import {
 				$email = $wpdb->escape($email);
 				$web = $wpdb->escape($web);
 				$message = $wpdb->escape($message);
-				
+
 				if($cinfo = comment_exists($name, $posted))
 				{
 					// Update comments
 					$ret_id = wp_update_comment(array(
-							'comment_ID'			=> $cinfo,
-							'comment_post_ID'		=> $comment_post_ID,
-							'comment_author'		=> $name,
-							'comment_author_email'	=> $email,
-							'comment_author_url'	=> $web,
-							'comment_date'			=> $posted,
-							'comment_content'		=> $message,
-							'comment_approved'		=> $comment_approved)
-							);
+						'comment_ID'			=> $cinfo,
+						'comment_post_ID'		=> $comment_post_ID,
+						'comment_author'		=> $name,
+						'comment_author_email'	=> $email,
+						'comment_author_url'	=> $web,
+						'comment_date'			=> $posted,
+						'comment_content'		=> $message,
+						'comment_approved'		=> $comment_approved)
+						);
 				}
-				else 
+				else
 				{
 					// Insert comments
 					$ret_id = wp_insert_comment(array(
-							'comment_post_ID'		=> $comment_post_ID,
-							'comment_author'		=> $name,
-							'comment_author_email'	=> $email,
-							'comment_author_url'	=> $web,
-							'comment_author_IP'		=> $ip,
-							'comment_date'			=> $posted,
-							'comment_content'		=> $message,
-							'comment_approved'		=> $comment_approved)
-							);
+						'comment_post_ID'		=> $comment_post_ID,
+						'comment_author'		=> $name,
+						'comment_author_email'	=> $email,
+						'comment_author_url'	=> $web,
+						'comment_author_IP'		=> $ip,
+						'comment_date'			=> $posted,
+						'comment_content'		=> $message,
+						'comment_approved'		=> $comment_approved)
+						);
 				}
 				$txpcm2wpcm[$comment_ID] = $ret_id;
 			}
 			// Store Comment ID translation for future use
-			add_option('txpcm2wpcm', $txpcm2wpcm);			
-			
+			add_option('txpcm2wpcm', $txpcm2wpcm);
+
 			// Associate newly formed categories with posts
 			get_comment_count($ret_id);
-			
-			
+
+
 			echo '<p>'.sprintf(__('Done! <strong>%1$s</strong> comments imported.'), $count).'<br /><br /></p>';
 			return true;
 		}
 		echo __('No Comments to Import!');
 		return false;
 	}
-	
+
 	function links2wp($links='')
 	{
 		// General Housekeeping
 		global $wpdb;
 		$count = 0;
-		
+
 		// Deal with the links
 		if(is_array($links))
 		{
@@ -432,12 +431,12 @@ class Textpattern_Import {
 			{
 				$count++;
 				extract($link);
-				
+
 				// Make nice vars
 				$category = $wpdb->escape($category);
 				$linkname = $wpdb->escape($linkname);
 				$description = $wpdb->escape($description);
-				
+
 				if($linfo = link_exists($linkname))
 				{
 					$ret_id = wp_insert_link(array(
@@ -449,7 +448,7 @@ class Textpattern_Import {
 								'link_updated'		=> $date)
 								);
 				}
-				else 
+				else
 				{
 					$ret_id = wp_insert_link(array(
 								'link_url'			=> $url,
@@ -470,67 +469,74 @@ class Textpattern_Import {
 		echo __('No Links to Import!');
 		return false;
 	}
-		
-	function import_categories() 
-	{	
-		// Category Import	
+
+	function import_categories()
+	{
+		// Category Import
 		$cats = $this->get_txp_cats();
 		$this->cat2wp($cats);
 		add_option('txp_cats', $cats);
-		
-		
-			
+
+
+
 		echo '<form action="admin.php?import=textpattern&amp;step=2" method="post">';
-		printf('<input type="submit" name="submit" value="%s" />', __('Import Users'));
+		wp_nonce_field('import-textpattern');
+		printf('<input type="submit" name="submit" value="%s" />', attribute_escape(__('Import Users')));
 		echo '</form>';

 	}
-	
+
 	function import_users()
 	{
 		// User Import
-		$users = $this->get_txp_users(); 
+		$users = $this->get_txp_users();
 		$this->users2wp($users);
-		
+
 		echo '<form action="admin.php?import=textpattern&amp;step=3" method="post">';
-		printf('<input type="submit" name="submit" value="%s" />', __('Import Posts'));
+		wp_nonce_field('import-textpattern');
+		printf('<input type="submit" name="submit" value="%s" />', attribute_escape(__('Import Posts')));
 		echo '</form>';
 	}
-	
+
 	function import_posts()
 	{
 		// Post Import
 		$posts = $this->get_txp_posts();
-		$this->posts2wp($posts);
-		
+		$result = $this->posts2wp($posts);
+		if ( is_wp_error( $result ) )
+			return $result;
+
 		echo '<form action="admin.php?import=textpattern&amp;step=4" method="post">';
-		printf('<input type="submit" name="submit" value="%s" />', __('Import Comments'));
+		wp_nonce_field('import-textpattern');
+		printf('<input type="submit" name="submit" value="%s" />', attribute_escape(__('Import Comments')));
 		echo '</form>';
 	}
-	
+
 	function import_comments()
 	{
 		// Comment Import
 		$comments = $this->get_txp_comments();
 		$this->comments2wp($comments);
-		
+
 		echo '<form action="admin.php?import=textpattern&amp;step=5" method="post">';
-		printf('<input type="submit" name="submit" value="%s" />', __('Import Links'));
+		wp_nonce_field('import-textpattern');
+		printf('<input type="submit" name="submit" value="%s" />', attribute_escape(__('Import Links')));
 		echo '</form>';
 	}
-	
+
 	function import_links()
 	{
 		//Link Import
 		$links = $this->get_txp_links();
 		$this->links2wp($links);
 		add_option('txp_links', $links);
-		
+
 		echo '<form action="admin.php?import=textpattern&amp;step=6" method="post">';
-		printf('<input type="submit" name="submit" value="%s" />', __('Finish'));
+		wp_nonce_field('import-textpattern');
+		printf('<input type="submit" name="submit" value="%s" />', attribute_escape(__('Finish')));
 		echo '</form>';
 	}
-	
+
 	function cleanup_txpimport()
 	{
 		delete_option('tpre');
@@ -546,38 +552,38 @@ class Textpattern_Import {
 		delete_option('txphost');
 		$this->tips();
 	}
-	
+
 	function tips()
 	{
 		echo '<p>'.__('Welcome to WordPress.  We hope (and expect!) that you will find this platform incredibly rewarding!  As a new WordPress user coming from Textpattern, there are some things that we would like to point out.  Hopefully, they will help your transition go as smoothly as possible.').'</p>';
 		echo '<h3>'.__('Users').'</h3>';
-		echo '<p>'.sprintf(__('You have already setup WordPress and have been assigned an administrative login and password.  Forget it.  You didn\'t have that login in Textpattern, why should you have it here?  Instead we have taken care to import all of your users into our system.  Unfortunately there is one downside.  Because both WordPress and Textpattern uses a strong encryption hash with passwords, it is impossible to decrypt it and we are forced to assign temporary passwords to all your users.  <strong>Every user has the same username, but their passwords are reset to password123.</strong>  So <a href="%1$s">Login</a> and change it.'), '/wp-login.php').'</p>';
+		echo '<p>'.sprintf(__('You have already setup WordPress and have been assigned an administrative login and password.  Forget it.  You didn&#8217;t have that login in Textpattern, why should you have it here?  Instead we have taken care to import all of your users into our system.  Unfortunately there is one downside.  Because both WordPress and Textpattern uses a strong encryption hash with passwords, it is impossible to decrypt it and we are forced to assign temporary passwords to all your users.  <strong>Every user has the same username, but their passwords are reset to password123.</strong>  So <a href="%1$s">Login</a> and change it.'), get_bloginfo( 'wpurl' ) . '/wp-login.php').'</p>';
 		echo '<h3>'.__('Preserving Authors').'</h3>';
 		echo '<p>'.__('Secondly, we have attempted to preserve post authors.  If you are the only author or contributor to your blog, then you are safe.  In most cases, we are successful in this preservation endeavor.  However, if we cannot ascertain the name of the writer due to discrepancies between database tables, we assign it to you, the administrative user.').'</p>';
 		echo '<h3>'.__('Textile').'</h3>';
-		echo '<p>'.__('Also, since you\'re coming from Textpattern, you probably have been using Textile to format your comments and posts.  If this is the case, we recommend downloading and installing <a href="http://www.huddledmasses.org/2004/04/19/wordpress-plugin-textile-20/">Textile for WordPress</a>.  Trust me... You\'ll want it.').'</p>';
+		echo '<p>'.__('Also, since you&#8217;re coming from Textpattern, you probably have been using Textile to format your comments and posts.  If this is the case, we recommend downloading and installing <a href="http://www.huddledmasses.org/category/development/wordpress/textile/">Textile for WordPress</a>.  Trust me... You&#8217;ll want it.').'</p>';
 		echo '<h3>'.__('WordPress Resources').'</h3>';
 		echo '<p>'.__('Finally, there are numerous WordPress resources around the internet.  Some of them are:').'</p>';
 		echo '<ul>';
 		echo '<li>'.__('<a href="http://www.wordpress.org">The official WordPress site</a>').'</li>';
-		echo '<li>'.__('<a href="http://wordpress.org/support/">The WordPress support forums').'</li>';
+		echo '<li>'.__('<a href="http://wordpress.org/support/">The WordPress support forums</a>').'</li>';
 		echo '<li>'.__('<a href="http://codex.wordpress.org">The Codex (In other words, the WordPress Bible)</a>').'</li>';
 		echo '</ul>';
-		echo '<p>'.sprintf(__('That\'s it! What are you waiting for? Go <a href="%1$s">login</a>!'), '/wp-login.php').'</p>';
+		echo '<p>'.sprintf(__('That&#8217;s it! What are you waiting for? Go <a href="%1$s">login</a>!'), get_bloginfo( 'wpurl' ) . '/wp-login.php').'</p>';
 	}
-	
+
 	function db_form()
 	{
-		echo '<ul>';
-		printf('<li><label for="dbuser">%s</label> <input type="text" name="dbuser" /></li>', __('Textpattern Database User:'));
-		printf('<li><label for="dbpass">%s</label> <input type="password" name="dbpass" /></li>', __('Textpattern Database Password:'));
-		printf('<li><label for="dbname">%s</label> <input type="text" name="dbname" /></li>', __('Textpattern Database Name:'));
-		printf('<li><label for="dbhost">%s</label> <input type="text" name="dbhost" value="localhost" /></li>', __('Textpattern Database Host:'));
-		printf('<li><label for="dbprefix">%s</label> <input type="text" name="dbprefix" /></li>', __('Textpattern Table prefix (if any):'));
-		echo '</ul>';
+		echo '<table class="editform">';
+		printf('<tr><th scope="row"><label for="dbuser">%s</label></th><td><input type="text" name="dbuser" id="dbuser" /></td></tr>', __('Textpattern Database User:'));
+		printf('<tr><th scope="row"><label for="dbpass">%s</label></th><td><input type="password" name="dbpass" id="dbpass" /></td></tr>', __('Textpattern Database Password:'));
+		printf('<tr><th scope="row"><label for="dbname">%s</label></th><td><input type="text" id="dbname" name="dbname" /></td></tr>', __('Textpattern Database Name:'));
+		printf('<tr><th scope="row"><label for="dbhost">%s</label></th><td><input type="text" id="dbhost" name="dbhost" value="localhost" /></td></tr>', __('Textpattern Database Host:'));
+		printf('<tr><th scope="row"><label for="dbprefix">%s</label></th><td><input type="text" name="dbprefix" id="dbprefix"  /></td></tr>', __('Textpattern Table prefix (if any):'));
+		echo '</table>';
 	}
-	
-	function dispatch() 
+
+	function dispatch()
 	{

 		if (empty ($_GET['step']))
@@ -585,45 +591,47 @@ class Textpattern_Import {
 		else
 			$step = (int) $_GET['step'];
 		$this->header();
-		
-		if ( $step > 0 ) 
+
+		if ( $step > 0 )
 		{
+			check_admin_referer('import-textpattern');
+
 			if($_POST['dbuser'])
 			{
 				if(get_option('txpuser'))
-					delete_option('txpuser');	
-				add_option('txpuser',$_POST['dbuser']);
+					delete_option('txpuser');
+				add_option('txpuser', sanitize_user($_POST['dbuser'], true));
 			}
 			if($_POST['dbpass'])
 			{
 				if(get_option('txppass'))
-					delete_option('txppass');	
-				add_option('txppass',$_POST['dbpass']);
+					delete_option('txppass');
+				add_option('txppass',  sanitize_user($_POST['dbpass'], true));
 			}
-			
+
 			if($_POST['dbname'])
 			{
 				if(get_option('txpname'))
-					delete_option('txpname');	
-				add_option('txpname',$_POST['dbname']);
+					delete_option('txpname');
+				add_option('txpname',  sanitize_user($_POST['dbname'], true));
 			}
 			if($_POST['dbhost'])
 			{
 				if(get_option('txphost'))
 					delete_option('txphost');
-				add_option('txphost',$_POST['dbhost']); 
+				add_option('txphost',  sanitize_user($_POST['dbhost'], true));
 			}
 			if($_POST['dbprefix'])
 			{
 				if(get_option('tpre'))
 					delete_option('tpre');
-				add_option('tpre',$_POST['dbprefix']); 
-			}			
+				add_option('tpre',  sanitize_user($_POST['dbprefix']));
+			}


 		}

-		switch ($step) 
+		switch ($step)
 		{
 			default:
 			case 0 :
@@ -636,7 +644,9 @@ class Textpattern_Import {
 				$this->import_users();
 				break;
 			case 3 :
-				$this->import_posts();
+				$result = $this->import_posts();
+				if ( is_wp_error( $result ) ) 
+					echo $result->get_error_message();
 				break;
 			case 4 :
 				$this->import_comments();
@@ -648,16 +658,16 @@ class Textpattern_Import {
 				$this->cleanup_txpimport();
 				break;
 		}
-		
+
 		$this->footer();
 	}

-	function Textpattern_Import() 
+	function Textpattern_Import()
 	{
-		// Nothing.	
+		// Nothing.
 	}
 }

 $txp_import = new Textpattern_Import();
-register_importer('textpattern', 'Textpattern', __('Import posts from a Textpattern Blog'), array ($txp_import, 'dispatch'));
+register_importer('textpattern', __('Textpattern'), __('Import categories, users, posts, comments, and links from a Textpattern blog'), array ($txp_import, 'dispatch'));
 ?>
--- a/wp-admin/import/utw.php
+++ b/wp-admin/import/utw.php
@@ -0,0 +1,276 @@
+<?php
+
+class UTW_Import {
+
+	function header()  {
+		echo '<div class="wrap">';
+		echo '<h2>'.__('Import Ultimate Tag Warrior').'</h2>';
+		echo '<p>'.__('Steps may take a few minutes depending on the size of your database. Please be patient.').'<br /><br /></p>';
+	}
+
+	function footer() {
+		echo '</div>';
+	}
+
+	function greet() {
+		echo '<div class="narrow">';
+		echo '<p>'.__('Howdy! This imports tags from an existing Ultimate Tag Warrior 3 installation into this blog using the new WordPress native tagging structure.').'</p>';
+		echo '<p>'.__('This has not been tested on any other versions of Ultimate Tag Warrior. Mileage may vary.').'</p>';
+		echo '<p>'.__('To accommodate larger databases for those tag-crazy authors out there, we have made this into an easy 5-step program to help you kick that nasty UTW habit. Just keep clicking along and we will let you know when you are in the clear!').'</p>';
+		echo '<p><strong>'.__('Don&#8217;t be stupid - backup your database before proceeding!').'</strong></p>';
+		echo '<form action="admin.php?import=utw&amp;step=1" method="post">';
+		echo '<p class="submit"><input type="submit" name="submit" value="'.__('Step 1 &raquo;').'" /></p>';
+		echo '</form>';
+		echo '</div>';
+	}
+
+
+	function dispatch () {
+		if ( empty( $_GET['step'] ) ) {
+			$step = 0;
+		} else {
+			$step = (int) $_GET['step'];
+		}
+
+		if ( $step > 1 )
+			check_admin_referer('import-utw');
+
+		// load the header
+		$this->header();
+
+		switch ( $step ) {
+			case 0 :
+				$this->greet();
+				break;
+			case 1 :
+				$this->import_tags();
+				break;
+			case 2 :
+				$this->import_posts();
+				break;
+			case 3:
+				$this->import_t2p();
+				break;
+			case 4:
+				$this->cleanup_import();
+				break;
+		}
+
+		// load the footer
+		$this->footer();
+	}
+
+
+	function import_tags ( ) {
+		echo '<div class="narrow">';
+		echo '<p><h3>'.__('Reading UTW Tags&#8230;').'</h3></p>';
+
+		$tags = $this->get_utw_tags();
+
+		// if we didn't get any tags back, that's all there is folks!
+		if ( !is_array($tags) ) {
+			echo '<p>' . __('No Tags Found!') . '</p>';
+			return false;
+		}
+		else {
+
+			// if there's an existing entry, delete it
+			if ( get_option('utwimp_tags') ) {
+				delete_option('utwimp_tags');
+			}
+
+			add_option('utwimp_tags', $tags);
+
+
+			$count = count($tags);
+
+			echo '<p>' . sprintf( __('Done! <strong>%s</strong> tags were read.'), $count ) . '<br /></p>';
+			echo '<p>' . __('The following tags were found:') . '</p>';
+
+			echo '<ul>';
+
+			foreach ( $tags as $tag_id => $tag_name ) {
+
+				echo '<li>' . $tag_name . '</li>';
+
+			}
+
+			echo '</ul>';
+
+			echo '<br />';
+
+			echo '<p>' . __('If you don&#8217;t want to import any of these tags, you should delete them from the UTW tag management page and then re-run this import.') . '</p>';
+
+
+		}
+
+		echo '<form action="admin.php?import=utw&amp;step=2" method="post">';
+		wp_nonce_field('import-utw');
+		echo '<p class="submit"><input type="submit" name="submit" value="'.__('Step 2 &raquo;').'" /></p>';
+		echo '</form>';
+		echo '</div>';
+	}
+
+
+	function import_posts ( ) {
+		echo '<div class="narrow">';
+		echo '<p><h3>'.__('Reading UTW Post Tags&#8230;').'</h3></p>';
+
+		// read in all the UTW tag -> post settings
+		$posts = $this->get_utw_posts();
+
+		// if we didn't get any tags back, that's all there is folks!
+		if ( !is_array($posts) ) {
+			echo '<p>' . __('No posts were found to have tags!') . '</p>';
+			return false;
+		}
+		else {
+
+			// if there's an existing entry, delete it
+			if ( get_option('utwimp_posts') ) {
+				delete_option('utwimp_posts');
+			}
+
+			add_option('utwimp_posts', $posts);
+
+
+			$count = count($posts);
+
+			echo '<p>' . sprintf( __('Done! <strong>%s</strong> tag to post relationships were read.'), $count ) . '<br /></p>';
+
+		}
+
+		echo '<form action="admin.php?import=utw&amp;step=3" method="post">';
+		wp_nonce_field('import-utw');
+		echo '<p class="submit"><input type="submit" name="submit" value="'.__('Step 3 &raquo;').'" /></p>';
+		echo '</form>';
+		echo '</div>';
+
+	}
+
+
+	function import_t2p ( ) {
+
+		echo '<div class="narrow">';
+		echo '<p><h3>'.__('Adding Tags to Posts&#8230;').'</h3></p>';
+
+		// run that funky magic!
+		$tags_added = $this->tag2post();
+
+		echo '<p>' . sprintf( __('Done! <strong>%s</strong> tags were added!'), $tags_added ) . '<br /></p>';
+
+		echo '<form action="admin.php?import=utw&amp;step=4" method="post">';
+		wp_nonce_field('import-utw');
+		echo '<p class="submit"><input type="submit" name="submit" value="'.__('Step 4 &raquo;').'" /></p>';
+		echo '</form>';
+		echo '</div>';
+
+	}
+
+
+	function get_utw_tags ( ) {
+
+		global $wpdb;
+
+		// read in all the tags from the UTW tags table: should be wp_tags
+		$tags_query = "SELECT tag_id, tag FROM " . $wpdb->prefix . "tags";
+
+		$tags = $wpdb->get_results($tags_query);
+
+		// rearrange these tags into something we can actually use
+		foreach ( $tags as $tag ) {
+
+			$new_tags[$tag->tag_id] = $tag->tag;
+
+		}
+
+		return $new_tags;
+
+	}
+
+	function get_utw_posts ( ) {
+
+		global $wpdb;
+
+		// read in all the posts from the UTW post->tag table: should be wp_post2tag
+		$posts_query = "SELECT tag_id, post_id FROM " . $wpdb->prefix . "post2tag";
+
+		$posts = $wpdb->get_results($posts_query);
+
+		return $posts;
+
+	}
+
+
+	function tag2post ( ) {
+
+		// get the tags and posts we imported in the last 2 steps
+		$tags = get_option('utwimp_tags');
+		$posts = get_option('utwimp_posts');
+
+		// null out our results
+		$tags_added = 0;
+
+		// loop through each post and add its tags to the db
+		foreach ( $posts as $this_post ) {
+
+			$the_post = (int) $this_post->post_id;
+			$the_tag = (int) $this_post->tag_id;
+
+			// what's the tag name for that id?
+			$the_tag = $tags[$the_tag];
+
+			// screw it, just try to add the tag
+			wp_add_post_tags($the_post, $the_tag);
+
+			$tags_added++;
+
+		}
+
+		// that's it, all posts should be linked to their tags properly, pending any errors we just spit out!
+		return $tags_added;
+
+
+	}
+
+
+	function cleanup_import ( ) {
+
+		delete_option('utwimp_tags');
+		delete_option('utwimp_posts');
+
+		$this->done();
+
+	}
+
+
+	function done ( ) {
+
+		echo '<div class="narrow">';
+		echo '<p><h3>'.__('Import Complete!').'</h3></p>';
+
+		echo '<p>' . __('OK, so we lied about this being a 5-step program! You&#8217;re done!') . '</p>';
+
+		echo '<p>' . __('Now wasn&#8217;t that easy?') . '</p>';
+
+		echo '</div>';
+
+	}
+
+
+	function UTW_Import ( ) {
+
+		// Nothing.
+
+	}
+
+}
+
+
+// create the import object
+$utw_import = new UTW_Import();
+
+// add it to the import page!
+register_importer('utw', 'Ultimate Tag Warrior', __('Import Ultimate Tag Warrior tags into the new native tagging structure.'), array($utw_import, 'dispatch'));
+
+?>
--- a/wp-admin/import/wordpress.php
+++ b/wp-admin/import/wordpress.php
@@ -0,0 +1,489 @@
+<?php
+
+class WP_Import {
+
+	var $posts = array ();
+	var $posts_processed = array ();
+    // Array of arrays. [[0] => XML fragment, [1] => New post ID]
+	var $file;
+	var $id;
+	var $mtnames = array ();
+	var $newauthornames = array ();
+	var $j = -1;
+
+	function header() {
+		echo '<div class="wrap">';
+		echo '<h2>'.__('Import WordPress').'</h2>';
+	}
+
+	function footer() {
+		echo '</div>';
+	}
+
+	function unhtmlentities($string) { // From php.net for < 4.3 compat
+		$trans_tbl = get_html_translation_table(HTML_ENTITIES);
+		$trans_tbl = array_flip($trans_tbl);
+		return strtr($string, $trans_tbl);
+	}
+
+	function greet() {
+		echo '<div class="narrow">';
+		echo '<p>'.__('Howdy! Upload your WordPress eXtended RSS (WXR) file and we&#8217;ll import the posts, comments, custom fields, and categories into this blog.').'</p>';
+		echo '<p>'.__('Choose a WordPress WXR file to upload, then click Upload file and import.').'</p>';
+		wp_import_upload_form("admin.php?import=wordpress&amp;step=1");
+		echo '</div>';
+	}
+
+	function get_tag( $string, $tag ) {
+		global $wpdb;
+		preg_match("|<$tag.*?>(.*?)</$tag>|is", $string, $return);
+		$return = preg_replace('|^<!\[CDATA\[(.*)\]\]>$|s', '$1', $return[1]);
+		$return = $wpdb->escape( trim( $return ) );
+		return $return;
+	}
+
+	function users_form($n) {
+		global $wpdb, $testing;
+		$users = $wpdb->get_results("SELECT user_login FROM $wpdb->users ORDER BY user_login");
+?><select name="userselect[<?php echo $n; ?>]">
+	<option value="#NONE#">- Select -</option>
+	<?php
+		foreach ($users as $user) {
+			echo '<option value="'.$user->user_login.'">'.$user->user_login.'</option>';
+		}
+?>
+	</select>
+	<?php
+	}
+
+	//function to check the authorname and do the mapping
+	function checkauthor($author) {
+		global $wpdb;
+		//mtnames is an array with the names in the mt import file
+		$pass = 'changeme';
+		if (!(in_array($author, $this->mtnames))) { //a new mt author name is found
+			++ $this->j;
+			$this->mtnames[$this->j] = $author; //add that new mt author name to an array
+			$user_id = username_exists($this->newauthornames[$this->j]); //check if the new author name defined by the user is a pre-existing wp user
+			if (!$user_id) { //banging my head against the desk now.
+				if ($this->newauthornames[$this->j] == 'left_blank') { //check if the user does not want to change the authorname
+					$user_id = wp_create_user($author, $pass);
+					$this->newauthornames[$this->j] = $author; //now we have a name, in the place of left_blank.
+				} else {
+					$user_id = wp_create_user($this->newauthornames[$this->j], $pass);
+				}
+			} else {
+				return $user_id; // return pre-existing wp username if it exists
+			}
+		} else {
+			$key = array_search($author, $this->mtnames); //find the array key for $author in the $mtnames array
+			$user_id = username_exists($this->newauthornames[$key]); //use that key to get the value of the author's name from $newauthornames
+		}
+
+		return $user_id;
+	}
+
+	function get_entries() {
+		set_magic_quotes_runtime(0);
+
+		$this->posts = array();
+		$this->categories = array();
+		$this->tags = array();
+		$num = 0;
+		$doing_entry = false;
+
+		$fp = fopen($this->file, 'r');
+		if ($fp) {
+			while ( !feof($fp) ) {
+				$importline = rtrim(fgets($fp));
+
+				if ( false !== strpos($importline, '<wp:category>') ) {
+					preg_match('|<wp:category>(.*?)</wp:category>|is', $importline, $category);
+					$this->categories[] = $category[1];
+					continue;
+				}
+				if ( false !== strpos($importline, '<wp:tag>') ) {
+					preg_match('|<wp:tag>(.*?)</wp:tag>|is', $importline, $tag);
+					$this->tags[] = $tag[1];
+					continue;
+				}
+				if ( false !== strpos($importline, '<item>') ) {
+					$this->posts[$num] = '';
+					$doing_entry = true;
+					continue;
+				}
+				if ( false !== strpos($importline, '</item>') ) {
+					$num++;
+					$doing_entry = false;
+					continue;
+				}
+				if ( $doing_entry ) {
+					$this->posts[$num] .= $importline . "\n";
+				}
+			}
+
+			foreach ($this->posts as $post) {
+				$post_ID = (int) $this->get_tag( $post, 'wp:post_id' );
+				if ($post_ID) {
+					$this->posts_processed[$post_ID][0] = &$post;
+					$this->posts_processed[$post_ID][1] = 0;
+				}
+			}
+
+			fclose($fp);
+		}
+	}
+
+	function get_wp_authors() {
+		$temp = array ();
+		$i = -1;
+		foreach ($this->posts as $post) {
+			if ('' != trim($post)) {
+				++ $i;
+				$author = $this->get_tag( $post, 'dc:creator' );
+				array_push($temp, "$author"); //store the extracted author names in a temporary array
+			}
+		}
+
+		// We need to find unique values of author names, while preserving the order, so this function emulates the unique_value(); php function, without the sorting.
+		$authors[0] = array_shift($temp);
+		$y = count($temp) + 1;
+		for ($x = 1; $x < $y; $x ++) {
+			$next = array_shift($temp);
+			if (!(in_array($next, $authors)))
+				array_push($authors, "$next");
+		}
+
+		return $authors;
+	}
+
+	function get_authors_from_post() {
+		$formnames = array ();
+		$selectnames = array ();
+
+		foreach ($_POST['user'] as $key => $line) {
+			$newname = trim(stripslashes($line));
+			if ($newname == '')
+				$newname = 'left_blank'; //passing author names from step 1 to step 2 is accomplished by using POST. left_blank denotes an empty entry in the form.
+			array_push($formnames, "$newname");
+		} // $formnames is the array with the form entered names
+
+		foreach ($_POST['userselect'] as $user => $key) {
+			$selected = trim(stripslashes($key));
+			array_push($selectnames, "$selected");
+		}
+
+		$count = count($formnames);
+		for ($i = 0; $i < $count; $i ++) {
+			if ($selectnames[$i] != '#NONE#') { //if no name was selected from the select menu, use the name entered in the form
+				array_push($this->newauthornames, "$selectnames[$i]");
+			} else {
+				array_push($this->newauthornames, "$formnames[$i]");
+			}
+		}
+	}
+
+	function wp_authors_form() {
+?>
+<h2><?php _e('Assign Authors'); ?></h2>
+<p><?php _e('To make it easier for you to edit and save the imported posts and drafts, you may want to change the name of the author of the posts. For example, you may want to import all the entries as <code>admin</code>s entries.'); ?></p>
+<p><?php _e('If a new user is created by WordPress, the password will be set, by default, to "changeme". Quite suggestive, eh? ;)'); ?></p>
+	<?php
+
+
+		$authors = $this->get_wp_authors();
+		echo '<ol id="authors">';
+		echo '<form action="?import=wordpress&amp;step=2&amp;id=' . $this->id . '" method="post">';
+		wp_nonce_field('import-wordpress');
+		$j = -1;
+		foreach ($authors as $author) {
+			++ $j;
+			echo '<li>'.__('Current author:').' <strong>'.$author.'</strong><br />'.sprintf(__('Create user %1$s or map to existing'), ' <input type="text" value="'.$author.'" name="'.'user[]'.'" maxlength="30"> <br />');
+			$this->users_form($j);
+			echo '</li>';
+		}
+
+		echo '<input type="submit" value="Submit">'.'<br />';
+		echo '</form>';
+		echo '</ol>';
+
+	}
+
+	function select_authors() {
+		$file = wp_import_handle_upload();
+		if ( isset($file['error']) ) {
+			echo '<p>'.__('Sorry, there has been an error.').'</p>';
+			echo '<p><strong>' . $file['error'] . '</strong></p>';
+			return;
+		}
+		$this->file = $file['file'];
+		$this->id = (int) $file['id'];
+
+		$this->get_entries();
+		$this->wp_authors_form();
+	}
+
+	function process_categories() {
+		global $wpdb;
+
+		$cat_names = (array) get_terms('category', 'fields=names');
+
+		while ( $c = array_shift($this->categories) ) {
+			$cat_name = trim($this->get_tag( $c, 'wp:cat_name' ));
+
+			// If the category exists we leave it alone
+			if ( in_array($cat_name, $cat_names) )
+				continue;
+
+			$category_nicename	= $this->get_tag( $c, 'wp:category_nicename' );
+			$posts_private		= (int) $this->get_tag( $c, 'wp:posts_private' );
+			$links_private		= (int) $this->get_tag( $c, 'wp:links_private' );
+
+			$parent = $this->get_tag( $c, 'wp:category_parent' );
+
+			if ( empty($parent) )
+				$category_parent = '0';
+			else
+				$category_parent = category_exists($parent);
+
+			$catarr = compact('category_nicename', 'category_parent', 'posts_private', 'links_private', 'posts_private', 'cat_name');
+
+			$cat_ID = wp_insert_category($catarr);
+		}
+	}
+
+	function process_tags() {
+		global $wpdb;
+
+		$tag_names = (array) get_terms('post_tag', 'fields=names');
+
+		while ( $c = array_shift($this->tags) ) {
+			$tag_name = trim($this->get_tag( $c, 'wp:tag_name' ));
+
+			// If the category exists we leave it alone
+			if ( in_array($tag_name, $tag_names) )
+				continue;
+
+			$slug = $this->get_tag( $c, 'wp:tag_slug' );
+			$description = $this->get_tag( $c, 'wp:tag_description' );
+
+			$tagarr = compact('slug', 'description');
+
+			$tag_ID = wp_insert_term($tag_name, 'post_tag', $tagarr);
+		}
+	}
+
+	function process_posts() {
+		$i = -1;
+		echo '<ol>';
+
+		foreach ($this->posts as $post) {
+			$result = $this->process_post($post);
+			if ( is_wp_error( $result ) )
+				return $result;
+		}
+
+		echo '</ol>';
+
+		wp_import_cleanup($this->id);
+
+		echo '<h3>'.sprintf(__('All done.').' <a href="%s">'.__('Have fun!').'</a>', get_option('home')).'</h3>';
+	}
+
+	function process_post($post) {
+		global $wpdb;
+
+		$post_ID = (int) $this->get_tag( $post, 'wp:post_id' );
+  		if ( $post_ID && !empty($this->posts_processed[$post_ID][1]) ) // Processed already
+			return 0;
+
+		// There are only ever one of these
+		$post_title     = $this->get_tag( $post, 'title' );
+		$post_date      = $this->get_tag( $post, 'wp:post_date' );
+		$post_date_gmt  = $this->get_tag( $post, 'wp:post_date_gmt' );
+		$comment_status = $this->get_tag( $post, 'wp:comment_status' );
+		$ping_status    = $this->get_tag( $post, 'wp:ping_status' );
+		$post_status    = $this->get_tag( $post, 'wp:status' );
+		$post_name      = $this->get_tag( $post, 'wp:post_name' );
+		$post_parent    = $this->get_tag( $post, 'wp:post_parent' );
+		$menu_order     = $this->get_tag( $post, 'wp:menu_order' );
+		$post_type      = $this->get_tag( $post, 'wp:post_type' );
+		$guid           = $this->get_tag( $post, 'guid' );
+		$post_author    = $this->get_tag( $post, 'dc:creator' );
+
+		$post_content = $this->get_tag( $post, 'content:encoded' );
+		$post_content = preg_replace('|<(/?[A-Z]+)|e', "'<' . strtolower('$1')", $post_content);
+		$post_content = str_replace('<br>', '<br />', $post_content);
+		$post_content = str_replace('<hr>', '<hr />', $post_content);
+
+		preg_match_all('|<category domain="tag">(.*?)</category>|is', $post, $tags);
+		$tags = $tags[1];
+
+		$tag_index = 0;
+		foreach ($tags as $tag) {
+			$tags[$tag_index] = $wpdb->escape($this->unhtmlentities(str_replace(array ('<![CDATA[', ']]>'), '', $tag)));
+			$tag_index++;
+		}
+
+		preg_match_all('|<category>(.*?)</category>|is', $post, $categories);
+		$categories = $categories[1];
+
+		$cat_index = 0;
+		foreach ($categories as $category) {
+			$categories[$cat_index] = $wpdb->escape($this->unhtmlentities(str_replace(array ('<![CDATA[', ']]>'), '', $category)));
+			$cat_index++;
+		}
+
+		if ($post_id = post_exists($post_title, '', $post_date)) {
+			echo '<li>';
+			printf(__('Post <i>%s</i> already exists.'), stripslashes($post_title));
+		} else {
+
+			// If it has parent, process parent first.
+			$post_parent = (int) $post_parent;
+			if ($parent = $this->posts_processed[$post_parent]) {
+				if (!$parent[1]) { 
+					$result = $this->process_post($parent[0]); // If not yet, process the parent first.
+					if ( is_wp_error( $result ) )
+						return $result;
+				}
+				$post_parent = $parent[1]; // New ID of the parent;
+			}
+
+			echo '<li>';
+			printf(__('Importing post <i>%s</i>...'), stripslashes($post_title));
+
+			$post_author = $this->checkauthor($post_author); //just so that if a post already exists, new users are not created by checkauthor
+
+			$postdata = compact('post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_title', 'post_excerpt', 'post_status', 'post_name', 'comment_status', 'ping_status', 'post_modified', 'post_modified_gmt', 'guid', 'post_parent', 'menu_order', 'post_type');
+			$comment_post_ID = $post_id = wp_insert_post($postdata);
+			if ( is_wp_error( $post_id ) )
+				return $post_id;
+
+			// Memorize old and new ID.
+			if ( $post_id && $post_ID && $this->posts_processed[$post_ID] )
+				$this->posts_processed[$post_ID][1] = $post_id; // New ID.
+
+			// Add categories.
+			if (count($categories) > 0) {
+				$post_cats = array();
+				foreach ($categories as $category) {
+					$slug = sanitize_term_field('slug', $category, 0, 'category', 'db');
+					$cat = get_term_by('slug', $slug, 'category');
+					$cat_ID = 0;
+					if ( ! empty($cat) )
+						$cat_ID = $cat->term_id;
+					if ($cat_ID == 0) {
+						$category = $wpdb->escape($category);
+						$cat_ID = wp_insert_category(array('cat_name' => $category));
+					}
+					$post_cats[] = $cat_ID;
+				}
+				wp_set_post_categories($post_id, $post_cats);
+			}
+
+			// Add tags.
+			if (count($tags) > 0) {
+				$post_tags = array();
+				foreach ($tags as $tag) {
+					$slug = sanitize_term_field('slug', $tag, 0, 'post_tag', 'db');
+					$tag_obj = get_term_by('slug', $slug, 'post_tag');
+					$tag_id = 0;
+					if ( ! empty($tag_obj) )
+						$tag_id = $tag_obj->term_id;
+					if ( $tag_id == 0 ) {
+						$tag = $wpdb->escape($tag);
+						$tag_id = wp_insert_term($tag, 'post_tag');
+						$tag_id = $tag_id['term_id'];
+					}
+					$post_tags[] = intval($tag_id);
+				}
+				wp_set_post_tags($post_id, $post_tags);
+			}
+		}
+
+		// Now for comments
+		preg_match_all('|<wp:comment>(.*?)</wp:comment>|is', $post, $comments);
+		$comments = $comments[1];
+		$num_comments = 0;
+		if ( $comments) { foreach ($comments as $comment) {
+			$comment_author       = $this->get_tag( $comment, 'wp:comment_author');
+			$comment_author_email = $this->get_tag( $comment, 'wp:comment_author_email');
+			$comment_author_IP    = $this->get_tag( $comment, 'wp:comment_author_IP');
+			$comment_author_url   = $this->get_tag( $comment, 'wp:comment_author_url');
+			$comment_date         = $this->get_tag( $comment, 'wp:comment_date');
+			$comment_date_gmt     = $this->get_tag( $comment, 'wp:comment_date_gmt');
+			$comment_content      = $this->get_tag( $comment, 'wp:comment_content');
+			$comment_approved     = $this->get_tag( $comment, 'wp:comment_approved');
+			$comment_type         = $this->get_tag( $comment, 'wp:comment_type');
+			$comment_parent       = $this->get_tag( $comment, 'wp:comment_parent');
+
+			if ( !comment_exists($comment_author, $comment_date) ) {
+				$commentdata = compact('comment_post_ID', 'comment_author', 'comment_author_url', 'comment_author_email', 'comment_author_IP', 'comment_date', 'comment_date_gmt', 'comment_content', 'comment_approved', 'comment_type', 'comment_parent');
+				wp_insert_comment($commentdata);
+				$num_comments++;
+			}
+		} }
+
+		if ( $num_comments )
+			printf(' '.__('(%s comments)'), $num_comments);
+
+		// Now for post meta
+		preg_match_all('|<wp:postmeta>(.*?)</wp:postmeta>|is', $post, $postmeta);
+		$postmeta = $postmeta[1];
+		if ( $postmeta) { foreach ($postmeta as $p) {
+			$key   = $this->get_tag( $p, 'wp:meta_key' );
+			$value = $this->get_tag( $p, 'wp:meta_value' );
+			$value = stripslashes($value); // add_post_meta() will escape.
+			add_post_meta( $post_id, $key, $value );
+		} }
+	}
+
+	function import() {
+		$this->id = (int) $_GET['id'];
+
+		$this->file = get_attached_file($this->id);
+		$this->get_authors_from_post();
+		$this->get_entries();
+		$this->process_categories();
+		$this->process_tags();
+		$result = $this->process_posts();
+		if ( is_wp_error( $result ) )
+			return $result;
+	}
+
+	function dispatch() {
+		if (empty ($_GET['step']))
+			$step = 0;
+		else
+			$step = (int) $_GET['step'];
+
+		$this->header();
+		switch ($step) {
+			case 0 :
+				$this->greet();
+				break;
+			case 1 :
+				check_admin_referer('import-upload');
+				$this->select_authors();
+				break;
+			case 2:
+				check_admin_referer('import-wordpress');
+				$result = $this->import();
+				if ( is_wp_error( $result ) )
+					echo $result->get_error_message();
+				break;
+		}
+		$this->footer();
+	}
+
+	function WP_Import() {
+		// Nothing.
+	}
+}
+
+$wp_import = new WP_Import();
+
+register_importer('wordpress', 'WordPress', __('Import <strong>posts, comments, custom fields, pages, and categories</strong> from a WordPress export file'), array ($wp_import, 'dispatch'));
+
+?>
--- a/wp-admin/import/wp-cat2tag.php
+++ b/wp-admin/import/wp-cat2tag.php
@@ -0,0 +1,212 @@
+<?php
+
+class WP_Categories_to_Tags {
+	var $categories_to_convert = array();
+	var $all_categories = array();
+
+	function header() {
+		print '<div class="wrap">';
+		print '<h2>' . __('Convert Categories to Tags') . '</h2>';
+	}
+
+	function footer() {
+		print '</div>';
+	}
+
+	function populate_all_categories() {
+		global $wpdb;
+
+		$categories = get_categories('get=all');
+		foreach ( $categories as $category ) {
+			if ( !tag_exists($wpdb->escape($category->name)) )
+				$this->all_categories[] = $category;	
+		}
+	}
+
+	function welcome() {
+		$this->populate_all_categories();
+
+		print '<div class="narrow">';
+
+		if (count($this->all_categories) > 0) {
+			print '<p>' . __('Howdy! This converter allows you to selectively convert existing categories to tags. To get started, check the checkboxes of the categories you wish to be converted, then click the Convert button.') . '</p>';
+			print '<p>' . __('Keep in mind that if you convert a category with child categories, those child categories get their parent setting removed, so they\'re in the root.') . '</p>';
+
+			$this->categories_form();
+		} else {
+			print '<p>'.__('You have no categories to convert!').'</p>';
+		}
+
+		print '</div>';
+	}
+
+	function categories_form() {
+		print '<form action="admin.php?import=wp-cat2tag&amp;step=2" method="post">';
+		wp_nonce_field('import-cat2tag');
+		print '<ul style="list-style:none">';
+
+		$hier = _get_term_hierarchy('category');
+
+		foreach ($this->all_categories as $category) {
+			$category = sanitize_term( $category, 'category', 'display' );
+		
+			if ((int) $category->parent == 0) {
+				print '<li><label><input type="checkbox" name="cats_to_convert[]" value="' . intval($category->term_id) . '" /> ' . $category->name . ' (' . $category->count . ')</label>';
+
+				if (isset($hier[$category->term_id])) {
+					$this->_category_children($category, $hier);
+				}
+
+				print '</li>';
+			}
+		}
+
+		print '</ul>';
+
+		print '<p class="submit"><input type="submit" name="submit" value="' . __('Convert &raquo;') . '" /></p>';
+		print '</form>';
+	}
+
+	function _category_children($parent, $hier) {
+		print '<ul style="list-style:none">';
+
+		foreach ($hier[$parent->term_id] as $child_id) {
+			$child =& get_category($child_id);
+
+			print '<li><label><input type="checkbox" name="cats_to_convert[]" value="' . intval($child->term_id) . '" /> ' . $child->name . ' (' . $child->count . ')</label>';
+
+			if (isset($hier[$child->term_id])) {
+				$this->_category_children($child, $hier);
+			}
+
+			print '</li>';
+		}
+
+		print '</ul>';
+	}
+
+	function _category_exists($cat_id) {
+		global $wpdb;
+
+		$cat_id = (int) $cat_id;
+
+		$maybe_exists = category_exists($cat_id);
+
+		if ( $maybe_exists ) {
+			return true;
+		} else {
+			return false;
+		}
+	}
+
+	function convert_them() {
+		global $wpdb;
+
+		if ( (!isset($_POST['cats_to_convert']) || !is_array($_POST['cats_to_convert'])) && empty($this->categories_to_convert)) {
+			print '<div class="narrow">';
+			print '<p>' . sprintf(__('Uh, oh. Something didn\'t work. Please <a href="%s">try again</a>.'), 'admin.php?import=wp-cat2tag') . '</p>';
+			print '</div>';
+			return;
+		}
+
+
+		if ( empty($this->categories_to_convert) )
+			$this->categories_to_convert = $_POST['cats_to_convert'];
+		$hier = _get_term_hierarchy('category');
+
+		print '<ul>';
+
+		foreach ( (array) $this->categories_to_convert as $cat_id) {
+			$cat_id = (int) $cat_id;
+
+			print '<li>' . sprintf(__('Converting category #%s ... '),  $cat_id);
+
+			if (!$this->_category_exists($cat_id)) {
+				_e('Category doesn\'t exist!');
+			} else {
+				$category =& get_category($cat_id);
+
+				if ( tag_exists($wpdb->escape($category->name)) ) {
+					_e('Category is already a tag.');
+					print '</li>';
+					continue;
+				}
+
+				// If the category is the default, leave category in place and create tag.
+				if ( get_option('default_category') == $category->term_id ) {
+					$id = wp_insert_term($category->name, 'post_tag', array('slug' => $category->slug));
+					$id = $id['term_taxonomy_id'];
+					$posts = get_objects_in_term($category->term_id, 'category');
+					foreach ( $posts as $post ) {
+						if ( !$wpdb->get_var("SELECT object_id FROM $wpdb->term_relationships WHERE object_id = '$post' AND term_taxonomy_id = '$id'") )						
+							$wpdb->query("INSERT INTO $wpdb->term_relationships (object_id, term_taxonomy_id) VALUES ('$post', '$id')");
+						clean_post_cache($post);
+					}
+				} else {
+					$tt_ids = $wpdb->get_col("SELECT term_taxonomy_id FROM $wpdb->term_taxonomy WHERE term_id = '{$category->term_id}' AND taxonomy = 'category'");
+					if ( $tt_ids ) {
+						$posts = $wpdb->get_col("SELECT object_id FROM $wpdb->term_relationships WHERE term_taxonomy_id IN (" . join(',', $tt_ids) . ") GROUP BY object_id");
+						foreach ( (array) $posts as $post )
+							clean_post_cache($post);
+					}
+
+					// Change the category to a tag.
+					$wpdb->query("UPDATE $wpdb->term_taxonomy SET taxonomy = 'post_tag' WHERE term_id = '{$category->term_id}' AND taxonomy = 'category'");
+
+					$terms = $wpdb->get_col("SELECT term_id FROM $wpdb->term_taxonomy WHERE parent = '{$category->term_id}' AND taxonomy = 'category'");
+					foreach ( (array) $terms as $term )
+						clean_category_cache($term);
+
+					// Set all parents to 0 (root-level) if their parent was the converted tag
+					$wpdb->query("UPDATE $wpdb->term_taxonomy SET parent = 0 WHERE parent = '{$category->term_id}' AND taxonomy = 'category'");
+				}
+				// Clean the cache
+				clean_category_cache($category->term_id);
+
+				_e('Converted successfully.');
+			}
+
+			print '</li>';
+		}
+
+		print '</ul>';
+	}
+
+	function init() {
+
+		$step = (isset($_GET['step'])) ? (int) $_GET['step'] : 1;
+
+		$this->header();
+
+		if (!current_user_can('manage_categories')) {
+			print '<div class="narrow">';
+			print '<p>' . __('Cheatin&#8217; uh?') . '</p>';
+			print '</div>';
+		} else {
+			if ( $step > 1 )
+				check_admin_referer('import-cat2tag');
+
+			switch ($step) {
+				case 1 :
+					$this->welcome();
+				break;
+
+				case 2 :
+					$this->convert_them();
+				break;
+			}
+		}
+
+		$this->footer();
+	}
+
+	function WP_Categories_to_Tags() {
+		// Do nothing.
+	}
+}
+
+$wp_cat2tag_importer = new WP_Categories_to_Tags();
+
+register_importer('wp-cat2tag', __('Categories to Tags Converter'), __('Convert existing categories to tags, selectively.'), array(&$wp_cat2tag_importer, 'init'));
+
+?>
--- a/wp-admin/includes/admin.php
+++ b/wp-admin/includes/admin.php
@@ -0,0 +1,19 @@
+<?php
+
+require_once(ABSPATH . 'wp-admin/includes/bookmark.php');
+require_once(ABSPATH . 'wp-admin/includes/comment.php');
+require_once(ABSPATH . 'wp-admin/includes/file.php');
+require_once(ABSPATH . 'wp-admin/includes/image.php');
+require_once(ABSPATH . 'wp-admin/includes/import.php');
+require_once(ABSPATH . 'wp-admin/includes/misc.php');
+require_once(ABSPATH . 'wp-admin/includes/plugin.php');
+require_once(ABSPATH . 'wp-admin/includes/post.php');
+require_once(ABSPATH . 'wp-admin/includes/taxonomy.php');
+require_once(ABSPATH . 'wp-admin/includes/template.php');
+require_once(ABSPATH . 'wp-admin/includes/theme.php');
+require_once(ABSPATH . 'wp-admin/includes/user.php');
+require_once(ABSPATH . 'wp-admin/includes/update.php');
+
+require_once(ABSPATH . WPINC . '/registration.php');
+
+?>
--- a/wp-admin/includes/bookmark.php
+++ b/wp-admin/includes/bookmark.php
@@ -0,0 +1,177 @@
+<?php
+
+function add_link() {
+	return edit_link();
+}
+
+function edit_link( $link_id = '' ) {
+	if (!current_user_can( 'manage_links' ))
+		wp_die( __( 'Cheatin&#8217; uh?' ));
+
+	$_POST['link_url'] = wp_specialchars( $_POST['link_url'] );
+	$_POST['link_url'] = clean_url($_POST['link_url']);
+	$_POST['link_name'] = wp_specialchars( $_POST['link_name'] );
+	$_POST['link_image'] = wp_specialchars( $_POST['link_image'] );
+	$_POST['link_rss'] = clean_url($_POST['link_rss']);
+
+	if ( !empty( $link_id ) ) {
+		$_POST['link_id'] = $link_id;
+		return wp_update_link( $_POST);
+	} else {
+		return wp_insert_link( $_POST);
+	}
+}
+
+function get_default_link_to_edit() {
+	if ( isset( $_GET['linkurl'] ) )
+		$link->link_url = clean_url( $_GET['linkurl']);
+	else
+		$link->link_url = '';
+
+	if ( isset( $_GET['name'] ) )
+		$link->link_name = attribute_escape( $_GET['name']);
+	else
+		$link->link_name = '';
+
+	$link->link_visible = 'Y';
+
+	return $link;
+}
+
+function wp_delete_link($link_id) {
+	global $wpdb;
+
+	do_action('delete_link', $link_id);
+
+	wp_delete_object_term_relationships($link_id, 'link_category');
+
+	$wpdb->query("DELETE FROM $wpdb->links WHERE link_id = '$link_id'");
+
+	do_action('deleted_link', $link_id);
+
+	return true;
+}
+
+function wp_get_link_cats($link_id = 0) {
+
+	$cats = wp_get_object_terms($link_id, 'link_category', 'fields=ids');
+
+	return array_unique($cats);
+}
+
+function get_link_to_edit( $link_id ) {
+	return get_link( $link_id, OBJECT, 'edit' );
+}
+
+function wp_insert_link($linkdata) {
+	global $wpdb, $current_user;
+
+	$defaults = array('link_id' => 0, 'link_name' => '', 'link_url' => '', 'link_rating' => 0 );
+
+	$linkdata = wp_parse_args($linkdata, $defaults);
+	$linkdata = sanitize_bookmark($linkdata, 'db');
+
+	extract($linkdata, EXTR_SKIP);
+
+	$update = false;
+
+	if ( !empty($link_id) )
+		$update = true;
+
+	if ( trim( $link_name ) == '' )
+		return 0;
+
+	if ( trim( $link_url ) == '' )
+		return 0;
+
+	if ( empty($link_rating) )
+		$link_rating = 0;
+
+	if ( empty($link_image) )
+		$link_image = '';
+
+	if ( empty($link_target) )
+		$link_target = '';
+
+	if ( empty($link_visible) )
+		$link_visible = 'Y';
+
+	if ( empty($link_owner) )
+		$link_owner = $current_user->id;
+
+	if ( empty($link_notes) )
+		$link_notes = '';
+
+	if ( empty($link_description) )
+		$link_description = '';
+
+	if ( empty($link_rss) )
+		$link_rss = '';
+
+	if ( empty($link_rel) )
+		$link_rel = '';
+
+	// Make sure we set a valid category
+	if (0 == count($link_category) || !is_array($link_category)) {
+		$link_category = array(get_option('default_link_category'));
+	}
+
+	if ( $update ) {
+		$wpdb->query("UPDATE $wpdb->links SET link_url='$link_url',
+			link_name='$link_name', link_image='$link_image',
+			link_target='$link_target',
+			link_visible='$link_visible', link_description='$link_description',
+			link_rating='$link_rating', link_rel='$link_rel',
+			link_notes='$link_notes', link_rss = '$link_rss'
+			WHERE link_id='$link_id'");
+	} else {
+		$wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_image, link_target, link_description, link_visible, link_owner, link_rating, link_rel, link_notes, link_rss) VALUES('$link_url','$link_name', '$link_image', '$link_target', '$link_description', '$link_visible', '$link_owner', '$link_rating', '$link_rel', '$link_notes', '$link_rss')");
+		$link_id = (int) $wpdb->insert_id;
+	}
+
+	wp_set_link_cats($link_id, $link_category);
+
+	if ( $update )
+		do_action('edit_link', $link_id);
+	else
+		do_action('add_link', $link_id);
+
+	return $link_id;
+}
+
+function wp_set_link_cats($link_id = 0, $link_categories = array()) {
+	// If $link_categories isn't already an array, make it one:
+	if (!is_array($link_categories) || 0 == count($link_categories))
+		$link_categories = array(get_option('default_link_category'));
+
+	$link_categories = array_map('intval', $link_categories);
+	$link_categories = array_unique($link_categories);
+
+	wp_set_object_terms($link_id, $link_categories, 'link_category');
+}	// wp_set_link_cats()
+
+function wp_update_link($linkdata) {
+	global $wpdb;
+
+	$link_id = (int) $linkdata['link_id'];
+
+	$link = get_link($link_id, ARRAY_A);
+
+	// Escape data pulled from DB.
+	$link = add_magic_quotes($link);
+
+	// Passed link category list overwrites existing category list if not empty.
+	if ( isset($linkdata['link_category']) && is_array($linkdata['link_category'])
+			 && 0 != count($linkdata['link_category']) )
+		$link_cats = $linkdata['link_category'];
+	else
+		$link_cats = $link['link_category'];
+
+	// Merge old and new fields with new fields overwriting old ones.
+	$linkdata = array_merge($link, $linkdata);
+	$linkdata['link_category'] = $link_cats;
+
+	return wp_insert_link($linkdata);
+}
+
+?>
--- a/wp-admin/includes/comment.php
+++ b/wp-admin/includes/comment.php
@@ -0,0 +1,68 @@
+<?php
+
+function comment_exists($comment_author, $comment_date) {
+	global $wpdb;
+
+	return $wpdb->get_var("SELECT comment_post_ID FROM $wpdb->comments
+			WHERE comment_author = '$comment_author' AND comment_date = '$comment_date'");
+}
+
+function edit_comment() {
+	global $user_ID;
+
+	$comment_ID = (int) $_POST['comment_ID'];
+	$comment_post_ID = (int) $_POST['comment_post_ID'];
+
+	if (!current_user_can( 'edit_post', $comment_post_ID ))
+		wp_die( __('You are not allowed to edit comments on this post, so you cannot edit this comment.' ));
+
+	$_POST['comment_author'] = $_POST['newcomment_author'];
+	$_POST['comment_author_email'] = $_POST['newcomment_author_email'];
+	$_POST['comment_author_url'] = $_POST['newcomment_author_url'];
+	$_POST['comment_approved'] = $_POST['comment_status'];
+	$_POST['comment_content'] = $_POST['content'];
+	$_POST['comment_ID'] = (int) $_POST['comment_ID'];
+
+	if (!empty ( $_POST['edit_date'] ) ) {
+		$aa = $_POST['aa'];
+		$mm = $_POST['mm'];
+		$jj = $_POST['jj'];
+		$hh = $_POST['hh'];
+		$mn = $_POST['mn'];
+		$ss = $_POST['ss'];
+		$jj = ($jj > 31 ) ? 31 : $jj;
+		$hh = ($hh > 23 ) ? $hh -24 : $hh;
+		$mn = ($mn > 59 ) ? $mn -60 : $mn;
+		$ss = ($ss > 59 ) ? $ss -60 : $ss;
+		$_POST['comment_date'] = "$aa-$mm-$jj $hh:$mn:$ss";
+	}
+
+	wp_update_comment( $_POST);
+}
+
+function get_comment_to_edit( $id ) {
+	if ( !$comment = get_comment($id) )
+		return false;
+
+	$comment->comment_ID = (int) $comment->comment_ID;
+	$comment->comment_post_ID = (int) $comment->comment_post_ID;
+
+	$comment->comment_content = format_to_edit( $comment->comment_content );
+	$comment->comment_content = apply_filters( 'comment_edit_pre', $comment->comment_content);
+
+	$comment->comment_author = format_to_edit( $comment->comment_author );
+	$comment->comment_author_email = format_to_edit( $comment->comment_author_email );
+	$comment->comment_author_url = clean_url($comment->comment_author_url);
+	$comment->comment_author_url = format_to_edit( $comment->comment_author_url );
+
+	return $comment;
+}
+
+function get_pending_comments_num( $post_id ) {
+	global $wpdb;
+	$post_id = (int) $post_id;
+	$pending = $wpdb->get_var( "SELECT COUNT(*) FROM $wpdb->comments WHERE comment_post_ID = $post_id AND comment_approved = '0'" );
+	return $pending;
+}
+
+?>
--- a/wp-admin/includes/file.php
+++ b/wp-admin/includes/file.php
@@ -0,0 +1,192 @@
+<?php
+
+$wp_file_descriptions = array ('index.php' => __( 'Main Index Template' ), 'style.css' => __( 'Stylesheet' ), 'comments.php' => __( 'Comments' ), 'comments-popup.php' => __( 'Popup Comments' ), 'footer.php' => __( 'Footer' ), 'header.php' => __( 'Header' ), 'sidebar.php' => __( 'Sidebar' ), 'archive.php' => __( 'Archives' ), 'category.php' => __( 'Category Template' ), 'page.php' => __( 'Page Template' ), 'search.php' => __( 'Search Results' ), 'single.php' => __( 'Single Post' ), '404.php' => __( '404 Template' ), 'my-hacks.php' => __( 'my-hacks.php (legacy hacks support)' ), '.htaccess' => __( '.htaccess (for rewrite rules )' ),
+	// Deprecated files
+	'wp-layout.css' => __( 'Stylesheet' ), 'wp-comments.php' => __( 'Comments Template' ), 'wp-comments-popup.php' => __( 'Popup Comments Template' ));
+function get_file_description( $file ) {
+	global $wp_file_descriptions;
+
+	if ( isset( $wp_file_descriptions[basename( $file )] ) ) {
+		return $wp_file_descriptions[basename( $file )];
+	}
+	elseif ( file_exists( ABSPATH . $file ) && is_file( ABSPATH . $file ) ) {
+		$template_data = implode( '', file( ABSPATH . $file ) );
+		if ( preg_match( "|Template Name:(.*)|i", $template_data, $name ))
+			return $name[1];
+	}
+
+	return basename( $file );
+}
+
+function get_home_path() {
+	$home = get_option( 'home' );
+	if ( $home != '' && $home != get_option( 'siteurl' ) ) {
+		$home_path = parse_url( $home );
+		$home_path = $home_path['path'];
+		$root = str_replace( $_SERVER["PHP_SELF"], '', $_SERVER["SCRIPT_FILENAME"] );
+		$home_path = trailingslashit( $root.$home_path );
+	} else {
+		$home_path = ABSPATH;
+	}
+
+	return $home_path;
+}
+
+function get_real_file_to_edit( $file ) {
+	if ('index.php' == $file || '.htaccess' == $file ) {
+		$real_file = get_home_path().$file;
+	} else {
+		$real_file = ABSPATH.$file;
+	}
+
+	return $real_file;
+}
+
+function validate_file( $file, $allowed_files = '' ) {
+	if ( false !== strpos( $file, '..' ))
+		return 1;
+
+	if ( false !== strpos( $file, './' ))
+		return 1;
+
+	if (':' == substr( $file, 1, 1 ))
+		return 2;
+
+	if (!empty ( $allowed_files ) && (!in_array( $file, $allowed_files ) ) )
+		return 3;
+
+	return 0;
+}
+
+function validate_file_to_edit( $file, $allowed_files = '' ) {
+	$file = stripslashes( $file );
+
+	$code = validate_file( $file, $allowed_files );
+
+	if (!$code )
+		return $file;
+
+	switch ( $code ) {
+		case 1 :
+			wp_die( __('Sorry, can&#8217;t edit files with ".." in the name. If you are trying to edit a file in your WordPress home directory, you can just type the name of the file in.' ));
+
+		case 2 :
+			wp_die( __('Sorry, can&#8217;t call files with their real path.' ));
+
+		case 3 :
+			wp_die( __('Sorry, that file cannot be edited.' ));
+	}
+}
+
+// array wp_handle_upload ( array &file [, array overrides] )
+// file: reference to a single element of $_FILES. Call the function once for each uploaded file.
+// overrides: an associative array of names=>values to override default variables with extract( $overrides, EXTR_OVERWRITE ).
+// On success, returns an associative array of file attributes.
+// On failure, returns $overrides['upload_error_handler'](&$file, $message ) or array( 'error'=>$message ).
+function wp_handle_upload( &$file, $overrides = false ) {
+	// The default error handler.
+	if (! function_exists( 'wp_handle_upload_error' ) ) {
+		function wp_handle_upload_error( &$file, $message ) {
+			return array( 'error'=>$message );
+		}
+	}
+
+	// You may define your own function and pass the name in $overrides['upload_error_handler']
+	$upload_error_handler = 'wp_handle_upload_error';
+
+	// $_POST['action'] must be set and its value must equal $overrides['action'] or this:
+	$action = 'wp_handle_upload';
+
+	// Courtesy of php.net, the strings that describe the error indicated in $_FILES[{form field}]['error'].
+	$upload_error_strings = array( false,
+		__( "The uploaded file exceeds the <code>upload_max_filesize</code> directive in <code>php.ini</code>." ),
+		__( "The uploaded file exceeds the <em>MAX_FILE_SIZE</em> directive that was specified in the HTML form." ),
+		__( "The uploaded file was only partially uploaded." ),
+		__( "No file was uploaded." ),
+		__( "Missing a temporary folder." ),
+		__( "Failed to write file to disk." ));
+
+	// All tests are on by default. Most can be turned off by $override[{test_name}] = false;
+	$test_form = true;
+	$test_size = true;
+
+	// If you override this, you must provide $ext and $type!!!!
+	$test_type = true;
+
+	// Install user overrides. Did we mention that this voids your warranty?
+	if ( is_array( $overrides ) )
+		extract( $overrides, EXTR_OVERWRITE );
+
+	// A correct form post will pass this test.
+	if ( $test_form && (!isset( $_POST['action'] ) || ($_POST['action'] != $action ) ) )
+		return $upload_error_handler( $file, __( 'Invalid form submission.' ));
+
+	// A successful upload will pass this test. It makes no sense to override this one.
+	if ( $file['error'] > 0 )
+		return $upload_error_handler( $file, $upload_error_strings[$file['error']] );
+
+	// A non-empty file will pass this test.
+	if ( $test_size && !($file['size'] > 0 ) )
+		return $upload_error_handler( $file, __( 'File is empty. Please upload something more substantial. This error could also be caused by uploads being disabled in your php.ini.' ));
+
+	// A properly uploaded file will pass this test. There should be no reason to override this one.
+	if (! @ is_uploaded_file( $file['tmp_name'] ) )
+		return $upload_error_handler( $file, __( 'Specified file failed upload test.' ));
+
+	// A correct MIME type will pass this test. Override $mimes or use the upload_mimes filter.
+	if ( $test_type ) {
+		$wp_filetype = wp_check_filetype( $file['name'], $mimes );
+
+		extract( $wp_filetype );
+
+		if ( ( !$type || !$ext ) && !current_user_can( 'unfiltered_upload' ) )
+			return $upload_error_handler( $file, __( 'File type does not meet security guidelines. Try another.' ));
+
+		if ( !$ext )
+			$ext = ltrim(strrchr($file['name'], '.'), '.');
+	}
+
+	// A writable uploads dir will pass this test. Again, there's no point overriding this one.
+	if ( ! ( ( $uploads = wp_upload_dir() ) && false === $uploads['error'] ) )
+		return $upload_error_handler( $file, $uploads['error'] );
+
+	// Increment the file number until we have a unique file to save in $dir. Use $override['unique_filename_callback'] if supplied.
+	if ( isset( $unique_filename_callback ) && function_exists( $unique_filename_callback ) ) {
+		$filename = $unique_filename_callback( $uploads['path'], $file['name'] );
+	} else {
+		$number = '';
+		$filename = str_replace( '#', '_', $file['name'] );
+		$filename = str_replace( array( '\\', "'" ), '', $filename );
+		if ( empty( $ext) )
+			$ext = '';
+		else
+			$ext = ".$ext";
+		while ( file_exists( $uploads['path'] . "/$filename" ) ) {
+			if ( '' == "$number$ext" )
+				$filename = $filename . ++$number . $ext;
+			else
+				$filename = str_replace( "$number$ext", ++$number . $ext, $filename );
+		}
+		$filename = str_replace( $ext, '', $filename );
+		$filename = sanitize_title_with_dashes( $filename ) . $ext;
+	}
+
+	// Move the file to the uploads dir
+	$new_file = $uploads['path'] . "/$filename";
+	if ( false === @ move_uploaded_file( $file['tmp_name'], $new_file ) )
+		wp_die( printf( __('The uploaded file could not be moved to %s.' ), $uploads['path'] ));
+
+	// Set correct file permissions
+	$stat = stat( dirname( $new_file ));
+	$perms = $stat['mode'] & 0000666;
+	@ chmod( $new_file, $perms );
+
+	// Compute the URL
+	$url = $uploads['url'] . "/$filename";
+
+	$return = apply_filters( 'wp_handle_upload', array( 'file' => $new_file, 'url' => $url, 'type' => $type ) );
+
+	return $return;
+}
+
+?>
--- a/wp-admin/includes/image.php
+++ b/wp-admin/includes/image.php
@@ -0,0 +1,192 @@
+<?php
+
+function get_udims( $width, $height) {
+	if ( $height <= 96 && $width <= 128 )
+		return array( $width, $height);
+	elseif ( $width / $height > 4 / 3 )
+		return array( 128, (int) ($height / $width * 128 ));
+	else
+		return array( (int) ($width / $height * 96 ), 96 );
+}
+
+function wp_create_thumbnail( $file, $max_side, $effect = '' ) {
+
+		// 1 = GIF, 2 = JPEG, 3 = PNG
+
+	if ( file_exists( $file ) ) {
+		$type = getimagesize( $file );
+
+		// if the associated function doesn't exist - then it's not
+		// handle. duh. i hope.
+
+		if (!function_exists( 'imagegif' ) && $type[2] == 1 ) {
+			$error = __( 'Filetype not supported. Thumbnail not created.' );
+		}
+		elseif (!function_exists( 'imagejpeg' ) && $type[2] == 2 ) {
+			$error = __( 'Filetype not supported. Thumbnail not created.' );
+		}
+		elseif (!function_exists( 'imagepng' ) && $type[2] == 3 ) {
+			$error = __( 'Filetype not supported. Thumbnail not created.' );
+		} else {
+
+			// create the initial copy from the original file
+			if ( $type[2] == 1 ) {
+				$image = imagecreatefromgif( $file );
+			}
+			elseif ( $type[2] == 2 ) {
+				$image = imagecreatefromjpeg( $file );
+			}
+			elseif ( $type[2] == 3 ) {
+				$image = imagecreatefrompng( $file );
+			}
+
+			if ( function_exists( 'imageantialias' ))
+				imageantialias( $image, TRUE );
+
+			$image_attr = getimagesize( $file );
+
+			// figure out the longest side
+
+			if ( $image_attr[0] > $image_attr[1] ) {
+				$image_width = $image_attr[0];
+				$image_height = $image_attr[1];
+				$image_new_width = $max_side;
+
+				$image_ratio = $image_width / $image_new_width;
+				$image_new_height = $image_height / $image_ratio;
+				//width is > height
+			} else {
+				$image_width = $image_attr[0];
+				$image_height = $image_attr[1];
+				$image_new_height = $max_side;
+
+				$image_ratio = $image_height / $image_new_height;
+				$image_new_width = $image_width / $image_ratio;
+				//height > width
+			}
+
+			$thumbnail = imagecreatetruecolor( $image_new_width, $image_new_height);
+			@ imagecopyresampled( $thumbnail, $image, 0, 0, 0, 0, $image_new_width, $image_new_height, $image_attr[0], $image_attr[1] );
+
+			// If no filters change the filename, we'll do a default transformation.
+			if ( basename( $file ) == $thumb = apply_filters( 'thumbnail_filename', basename( $file ) ) )
+				$thumb = preg_replace( '!(\.[^.]+)?$!', '.thumbnail' . '$1', basename( $file ), 1 );
+
+			$thumbpath = str_replace( basename( $file ), $thumb, $file );
+
+			// move the thumbnail to its final destination
+			if ( $type[2] == 1 ) {
+				if (!imagegif( $thumbnail, $thumbpath ) ) {
+					$error = __( "Thumbnail path invalid" );
+				}
+			}
+			elseif ( $type[2] == 2 ) {
+				if (!imagejpeg( $thumbnail, $thumbpath ) ) {
+					$error = __( "Thumbnail path invalid" );
+				}
+			}
+			elseif ( $type[2] == 3 ) {
+				if (!imagepng( $thumbnail, $thumbpath ) ) {
+					$error = __( "Thumbnail path invalid" );
+				}
+			}
+
+		}
+	} else {
+		$error = __( 'File not found' );
+	}
+
+	if (!empty ( $error ) ) {
+		return $error;
+	} else {
+		return apply_filters( 'wp_create_thumbnail', $thumbpath );
+	}
+}
+
+function wp_crop_image( $src_file, $src_x, $src_y, $src_w, $src_h, $dst_w, $dst_h, $src_abs = false, $dst_file = false ) {
+	if ( ctype_digit( $src_file ) ) // Handle int as attachment ID
+		$src_file = get_attached_file( $src_file );
+
+	$src = wp_load_image( $src_file );
+
+	if ( !is_resource( $src ))
+		return $src;
+
+	$dst = imagecreatetruecolor( $dst_w, $dst_h );
+
+	if ( $src_abs ) {
+		$src_w -= $src_x;
+		$src_h -= $src_y;
+	}
+
+	if (function_exists('imageantialias'))
+		imageantialias( $dst, true );
+
+	imagecopyresampled( $dst, $src, 0, 0, $src_x, $src_y, $dst_w, $dst_h, $src_w, $src_h );
+
+	if ( !$dst_file )
+		$dst_file = str_replace( basename( $src_file ), 'cropped-'.basename( $src_file ), $src_file );
+
+	$dst_file = preg_replace( '/\\.[^\\.]+$/', '.jpg', $dst_file );
+
+	if ( imagejpeg( $dst, $dst_file ) )
+		return $dst_file;
+	else
+		return false;
+}
+
+function wp_generate_attachment_metadata( $attachment_id, $file ) {
+	$attachment = get_post( $attachment_id );
+
+	$metadata = array();
+	if ( preg_match('!^image/!', get_post_mime_type( $attachment )) ) {
+		$imagesize = getimagesize($file);
+		$metadata['width'] = $imagesize['0'];
+		$metadata['height'] = $imagesize['1'];
+		list($uwidth, $uheight) = get_udims($metadata['width'], $metadata['height']);
+		$metadata['hwstring_small'] = "height='$uheight' width='$uwidth'";
+		$metadata['file'] = $file;
+
+		$max = apply_filters( 'wp_thumbnail_creation_size_limit', 3 * 1024 * 1024, $attachment_id, $file );
+
+		if ( $max < 0 || $metadata['width'] * $metadata['height'] < $max ) {
+			$max_side = apply_filters( 'wp_thumbnail_max_side_length', 128, $attachment_id, $file );
+			$thumb = wp_create_thumbnail( $file, $max_side );
+
+			if ( @file_exists($thumb) )
+				$metadata['thumb'] = basename($thumb);
+		}
+	}
+	return apply_filters( 'wp_generate_attachment_metadata', $metadata );
+}
+
+function wp_load_image( $file ) {
+	if ( ctype_digit( $file ) )
+		$file = get_attached_file( $file );
+
+	if ( !file_exists( $file ) )
+		return sprintf(__("File '%s' doesn't exist?"), $file);
+
+	if ( ! function_exists('imagecreatefromstring') )
+		return __('The GD image library is not installed.');
+
+	$contents = file_get_contents( $file );
+
+	$image = imagecreatefromstring( $contents );
+
+	if ( !is_resource( $image ) )
+		return sprintf(__("File '%s' is not an image."), $file);
+
+	return $image;
+}
+
+function wp_shrink_dimensions( $width, $height, $wmax = 128, $hmax = 96 ) {
+	if ( $height <= $hmax && $width <= $wmax )
+		return array( $width, $height);
+	elseif ( $width / $height > $wmax / $hmax )
+		return array( $wmax, (int) ($height / $width * $wmax ));
+	else
+		return array( (int) ($width / $height * $hmax ), $hmax );
+}
+
+?>
--- a/wp-admin/includes/import.php
+++ b/wp-admin/includes/import.php
@@ -0,0 +1,45 @@
+<?php
+
+function get_importers() {
+	global $wp_importers;
+	uasort($wp_importers, create_function('$a, $b', 'return strcmp($a[0], $b[0]);'));
+	return $wp_importers;
+}
+
+function register_importer( $id, $name, $description, $callback ) {
+	global $wp_importers;
+	if ( is_wp_error( $callback ) )
+		return $callback;
+	$wp_importers[$id] = array ( $name, $description, $callback );
+}
+
+function wp_import_cleanup( $id ) {
+	wp_delete_attachment( $id );
+}
+
+function wp_import_handle_upload() {
+	$overrides = array( 'test_form' => false, 'test_type' => false );
+	$file = wp_handle_upload( $_FILES['import'], $overrides );
+
+	if ( isset( $file['error'] ) )
+		return $file;
+
+	$url = $file['url'];
+	$type = $file['type'];
+	$file = addslashes( $file['file'] );
+	$filename = basename( $file );
+
+	// Construct the object array
+	$object = array( 'post_title' => $filename,
+		'post_content' => $url,
+		'post_mime_type' => $type,
+		'guid' => $url
+	);
+
+	// Save the data
+	$id = wp_insert_attachment( $object, $file );
+
+	return array( 'file' => $file, 'id' => $id );
+}
+
+?>
--- a/wp-admin/includes/misc.php
+++ b/wp-admin/includes/misc.php
@@ -0,0 +1,177 @@
+<?php
+
+function got_mod_rewrite() {
+	global $is_apache;
+
+	// take 3 educated guesses as to whether or not mod_rewrite is available
+	if ( !$is_apache )
+		return false;
+
+	if ( function_exists( 'apache_get_modules' ) ) {
+		if ( !in_array( 'mod_rewrite', apache_get_modules() ) )
+			return false;
+	}
+
+	return true;
+}
+
+// Returns an array of strings from a file (.htaccess ) from between BEGIN
+// and END markers.
+function extract_from_markers( $filename, $marker ) {
+	$result = array ();
+
+	if (!file_exists( $filename ) ) {
+		return $result;
+	}
+
+	if ( $markerdata = explode( "\n", implode( '', file( $filename ) ) ));
+	{
+		$state = false;
+		foreach ( $markerdata as $markerline ) {
+			if (strpos($markerline, '# END ' . $marker) !== false)
+				$state = false;
+			if ( $state )
+				$result[] = $markerline;
+			if (strpos($markerline, '# BEGIN ' . $marker) !== false)
+				$state = true;
+		}
+	}
+
+	return $result;
+}
+
+// Inserts an array of strings into a file (.htaccess ), placing it between
+// BEGIN and END markers.  Replaces existing marked info.  Retains surrounding
+// data.  Creates file if none exists.
+// Returns true on write success, false on failure.
+function insert_with_markers( $filename, $marker, $insertion ) {
+	if (!file_exists( $filename ) || is_writeable( $filename ) ) {
+		if (!file_exists( $filename ) ) {
+			$markerdata = '';
+		} else {
+			$markerdata = explode( "\n", implode( '', file( $filename ) ) );
+		}
+
+		$f = fopen( $filename, 'w' );
+		$foundit = false;
+		if ( $markerdata ) {
+			$state = true;
+			foreach ( $markerdata as $n => $markerline ) {
+				if (strpos($markerline, '# BEGIN ' . $marker) !== false)
+					$state = false;
+				if ( $state ) {
+					if ( $n + 1 < count( $markerdata ) )
+						fwrite( $f, "{$markerline}\n" );
+					else
+						fwrite( $f, "{$markerline}" );
+				}
+				if (strpos($markerline, '# END ' . $marker) !== false) {
+					fwrite( $f, "# BEGIN {$marker}\n" );
+					if ( is_array( $insertion ))
+						foreach ( $insertion as $insertline )
+							fwrite( $f, "{$insertline}\n" );
+					fwrite( $f, "# END {$marker}\n" );
+					$state = true;
+					$foundit = true;
+				}
+			}
+		}
+		if (!$foundit) {
+			fwrite( $f, "# BEGIN {$marker}\n" );
+			foreach ( $insertion as $insertline )
+				fwrite( $f, "{$insertline}\n" );
+			fwrite( $f, "# END {$marker}\n" );
+		}
+		fclose( $f );
+		return true;
+	} else {
+		return false;
+	}
+}
+
+/**
+ * Updates the htaccess file with the current rules if it is writable.
+ *
+ * Always writes to the file if it exists and is writable to ensure that we blank out old rules.
+ */
+
+function save_mod_rewrite_rules() {
+	global $wp_rewrite;
+
+	$home_path = get_home_path();
+	$htaccess_file = $home_path.'.htaccess';
+
+	// If the file doesn't already exists check for write access to the directory and whether of not we have some rules.
+	// else check for write access to the file.
+	if ((!file_exists($htaccess_file) && is_writable($home_path) && $wp_rewrite->using_mod_rewrite_permalinks()) || is_writable($htaccess_file)) {
+		if ( got_mod_rewrite() ) {
+			$rules = explode( "\n", $wp_rewrite->mod_rewrite_rules() );
+			return insert_with_markers( $htaccess_file, 'WordPress', $rules );
+		}
+	}
+
+	return false;
+}
+
+function update_recently_edited( $file ) {
+	$oldfiles = (array ) get_option( 'recently_edited' );
+	if ( $oldfiles ) {
+		$oldfiles = array_reverse( $oldfiles );
+		$oldfiles[] = $file;
+		$oldfiles = array_reverse( $oldfiles );
+		$oldfiles = array_unique( $oldfiles );
+		if ( 5 < count( $oldfiles ))
+			array_pop( $oldfiles );
+	} else {
+		$oldfiles[] = $file;
+	}
+	update_option( 'recently_edited', $oldfiles );
+}
+
+// If siteurl or home changed, reset cookies and flush rewrite rules.
+function update_home_siteurl( $old_value, $value ) {
+	global $wp_rewrite, $user_login, $user_pass_md5;
+
+	if ( defined( "WP_INSTALLING" ) )
+		return;
+
+	// If home changed, write rewrite rules to new location.
+	$wp_rewrite->flush_rules();
+	// Clear cookies for old paths.
+	wp_clearcookie();
+	// Set cookies for new paths.
+	wp_setcookie( $user_login, $user_pass_md5, true, get_option( 'home' ), get_option( 'siteurl' ));
+}
+
+add_action( 'update_option_home', 'update_home_siteurl', 10, 2 );
+add_action( 'update_option_siteurl', 'update_home_siteurl', 10, 2 );
+
+function url_shorten( $url ) {
+	$short_url = str_replace( 'http://', '', stripslashes( $url ));
+	$short_url = str_replace( 'www.', '', $short_url );
+	if ('/' == substr( $short_url, -1 ))
+		$short_url = substr( $short_url, 0, -1 );
+	if ( strlen( $short_url ) > 35 )
+		$short_url = substr( $short_url, 0, 32 ).'...';
+	return $short_url;
+}
+
+function wp_reset_vars( $vars ) {
+	for ( $i=0; $i<count( $vars ); $i += 1 ) {
+		$var = $vars[$i];
+		global $$var;
+
+		if (!isset( $$var ) ) {
+			if ( empty( $_POST["$var"] ) ) {
+				if ( empty( $_GET["$var"] ) )
+					$$var = '';
+				else
+					$$var = $_GET["$var"];
+			} else {
+				$$var = $_POST["$var"];
+			}
+		}
+	}
+}
+
+?>
--- a/wp-admin/includes/plugin.php
+++ b/wp-admin/includes/plugin.php
@@ -0,0 +1,382 @@
+<?php
+
+function get_plugin_data( $plugin_file ) {
+	$plugin_data = implode( '', file( $plugin_file ));
+	preg_match( '|Plugin Name:(.*)$|mi', $plugin_data, $plugin_name );
+	preg_match( '|Plugin URI:(.*)$|mi', $plugin_data, $plugin_uri );
+	preg_match( '|Description:(.*)$|mi', $plugin_data, $description );
+	preg_match( '|Author:(.*)$|mi', $plugin_data, $author_name );
+	preg_match( '|Author URI:(.*)$|mi', $plugin_data, $author_uri );
+
+	if ( preg_match( "|Version:(.*)|i", $plugin_data, $version ))
+		$version = trim( $version[1] );
+	else
+		$version = '';
+
+	$description = wptexturize( trim( $description[1] ));
+
+	$name = $plugin_name[1];
+	$name = trim( $name );
+	$plugin = $name;
+	if ('' != trim($plugin_uri[1]) && '' != $name ) {
+		$plugin = '<a href="' . trim( $plugin_uri[1] ) . '" title="'.__( 'Visit plugin homepage' ).'">'.$plugin.'</a>';
+	}
+
+	if ('' == $author_uri[1] ) {
+		$author = trim( $author_name[1] );
+	} else {
+		$author = '<a href="' . trim( $author_uri[1] ) . '" title="'.__( 'Visit author homepage' ).'">' . trim( $author_name[1] ) . '</a>';
+	}
+
+	return array('Name' => $name, 'Title' => $plugin, 'Description' => $description, 'Author' => $author, 'Version' => $version);
+}
+
+function get_plugins() {
+	global $wp_plugins;
+
+	if ( isset( $wp_plugins ) ) {
+		return $wp_plugins;
+	}
+
+	$wp_plugins = array ();
+	$plugin_root = ABSPATH . PLUGINDIR;
+
+	// Files in wp-content/plugins directory
+	$plugins_dir = @ opendir( $plugin_root);
+	if ( $plugins_dir ) {
+		while (($file = readdir( $plugins_dir ) ) !== false ) {
+			if ( substr($file, 0, 1) == '.' )
+				continue;
+			if ( is_dir( $plugin_root.'/'.$file ) ) {
+				$plugins_subdir = @ opendir( $plugin_root.'/'.$file );
+				if ( $plugins_subdir ) {
+					while (($subfile = readdir( $plugins_subdir ) ) !== false ) {
+						if ( substr($subfile, 0, 1) == '.' )
+							continue;
+						if ( substr($subfile, -4) == '.php' )
+							$plugin_files[] = "$file/$subfile";
+					}
+				}
+			} else {
+				if ( substr($file, -4) == '.php' )
+					$plugin_files[] = $file;
+			}
+		}
+	}
+	@closedir( $plugins_dir );
+	@closedir( $plugins_subdir );
+
+	if ( !$plugins_dir || !$plugin_files )
+		return $wp_plugins;
+
+	foreach ( $plugin_files as $plugin_file ) {
+		if ( !is_readable( "$plugin_root/$plugin_file" ) )
+			continue;
+
+		$plugin_data = get_plugin_data( "$plugin_root/$plugin_file" );
+
+		if ( empty ( $plugin_data['Name'] ) )
+			continue;
+
+		$wp_plugins[plugin_basename( $plugin_file )] = $plugin_data;
+	}
+
+	uasort( $wp_plugins, create_function( '$a, $b', 'return strnatcasecmp( $a["Name"], $b["Name"] );' ));
+
+	return $wp_plugins;
+}
+
+//
+// Menu
+//
+
+function add_menu_page( $page_title, $menu_title, $access_level, $file, $function = '' ) {
+	global $menu, $admin_page_hooks;
+
+	$file = plugin_basename( $file );
+
+	$menu[] = array ( $menu_title, $access_level, $file, $page_title );
+
+	$admin_page_hooks[$file] = sanitize_title( $menu_title );
+
+	$hookname = get_plugin_page_hookname( $file, '' );
+	if (!empty ( $function ) && !empty ( $hookname ))
+		add_action( $hookname, $function );
+
+	return $hookname;
+}
+
+function add_submenu_page( $parent, $page_title, $menu_title, $access_level, $file, $function = '' ) {
+	global $submenu;
+	global $menu;
+	global $_wp_real_parent_file;
+	global $_wp_submenu_nopriv;
+	global $_wp_menu_nopriv;
+
+	$file = plugin_basename( $file );
+
+	$parent = plugin_basename( $parent);
+	if ( isset( $_wp_real_parent_file[$parent] ) )
+		$parent = $_wp_real_parent_file[$parent];
+
+	if ( !current_user_can( $access_level ) ) {
+		$_wp_submenu_nopriv[$parent][$file] = true;
+		return false;
+	}
+
+	// If the parent doesn't already have a submenu, add a link to the parent
+	// as the first item in the submenu.  If the submenu file is the same as the
+	// parent file someone is trying to link back to the parent manually.  In
+	// this case, don't automatically add a link back to avoid duplication.
+	if (!isset( $submenu[$parent] ) && $file != $parent  ) {
+		foreach ( $menu as $parent_menu ) {
+			if ( $parent_menu[2] == $parent && current_user_can( $parent_menu[1] ) )
+				$submenu[$parent][] = $parent_menu;
+		}
+	}
+
+	$submenu[$parent][] = array ( $menu_title, $access_level, $file, $page_title );
+
+	$hookname = get_plugin_page_hookname( $file, $parent);
+	if (!empty ( $function ) && !empty ( $hookname ))
+		add_action( $hookname, $function );
+
+	return $hookname;
+}
+
+function add_management_page( $page_title, $menu_title, $access_level, $file, $function = '' ) {
+	return add_submenu_page( 'edit.php', $page_title, $menu_title, $access_level, $file, $function );
+}
+
+function add_options_page( $page_title, $menu_title, $access_level, $file, $function = '' ) {
+	return add_submenu_page( 'options-general.php', $page_title, $menu_title, $access_level, $file, $function );
+}
+
+function add_theme_page( $page_title, $menu_title, $access_level, $file, $function = '' ) {
+	return add_submenu_page( 'themes.php', $page_title, $menu_title, $access_level, $file, $function );
+}
+
+function add_users_page( $page_title, $menu_title, $access_level, $file, $function = '' ) {
+	if ( current_user_can('edit_users') )
+		$parent = 'users.php';
+	else
+		$parent = 'profile.php';
+	return add_submenu_page( $parent, $page_title, $menu_title, $access_level, $file, $function );
+}
+
+//
+// Pluggable Menu Support -- Private
+//
+
+function get_admin_page_parent() {
+	global $parent_file;
+	global $menu;
+	global $submenu;
+	global $pagenow;
+	global $plugin_page;
+	global $_wp_real_parent_file;
+	global $_wp_menu_nopriv;
+	global $_wp_submenu_nopriv;
+
+	if ( !empty ( $parent_file ) ) {
+		if ( isset( $_wp_real_parent_file[$parent_file] ) )
+			$parent_file = $_wp_real_parent_file[$parent_file];
+
+		return $parent_file;
+	}
+
+	if ( $pagenow == 'admin.php' && isset( $plugin_page ) ) {
+		foreach ( $menu as $parent_menu ) {
+			if ( $parent_menu[2] == $plugin_page ) {
+				$parent_file = $plugin_page;
+				if ( isset( $_wp_real_parent_file[$parent_file] ) )
+					$parent_file = $_wp_real_parent_file[$parent_file];
+				return $parent_file;
+			}
+		}
+		if ( isset( $_wp_menu_nopriv[$plugin_page] ) ) {
+			$parent_file = $plugin_page;
+			if ( isset( $_wp_real_parent_file[$parent_file] ) )
+					$parent_file = $_wp_real_parent_file[$parent_file];
+			return $parent_file;
+		}
+	}
+
+	if ( isset( $plugin_page ) && isset( $_wp_submenu_nopriv[$pagenow][$plugin_page] ) ) {
+		$parent_file = $pagenow;
+		if ( isset( $_wp_real_parent_file[$parent_file] ) )
+			$parent_file = $_wp_real_parent_file[$parent_file];
+		return $parent_file;
+	}
+
+	foreach (array_keys( $submenu ) as $parent) {
+		foreach ( $submenu[$parent] as $submenu_array ) {
+			if ( isset( $_wp_real_parent_file[$parent] ) )
+				$parent = $_wp_real_parent_file[$parent];
+			if ( $submenu_array[2] == $pagenow ) {
+				$parent_file = $parent;
+				return $parent;
+			} else
+				if ( isset( $plugin_page ) && ($plugin_page == $submenu_array[2] ) ) {
+					$parent_file = $parent;
+					return $parent;
+				}
+		}
+	}
+
+	$parent_file = '';
+	return '';
+}
+
+function get_admin_page_title() {
+	global $title;
+	global $menu;
+	global $submenu;
+	global $pagenow;
+	global $plugin_page;
+
+	if ( isset( $title ) && !empty ( $title ) ) {
+		return $title;
+	}
+
+	$hook = get_plugin_page_hook( $plugin_page, $pagenow );
+
+	$parent = $parent1 = get_admin_page_parent();
+	if ( empty ( $parent) ) {
+		foreach ( $menu as $menu_array ) {
+			if ( isset( $menu_array[3] ) ) {
+				if ( $menu_array[2] == $pagenow ) {
+					$title = $menu_array[3];
+					return $menu_array[3];
+				} else
+					if ( isset( $plugin_page ) && ($plugin_page == $menu_array[2] ) && ($hook == $menu_array[3] ) ) {
+						$title = $menu_array[3];
+						return $menu_array[3];
+					}
+			} else {
+				$title = $menu_array[0];
+				return $title;
+			}
+		}
+	} else {
+		foreach (array_keys( $submenu ) as $parent) {
+			foreach ( $submenu[$parent] as $submenu_array ) {
+				if ( isset( $plugin_page ) &&
+					($plugin_page == $submenu_array[2] ) &&
+					(($parent == $pagenow ) || ($parent == $plugin_page ) || ($plugin_page == $hook ) || (($pagenow == 'admin.php' ) && ($parent1 != $submenu_array[2] ) ) )
+					) {
+						$title = $submenu_array[3];
+						return $submenu_array[3];
+					}
+
+				if ( $submenu_array[2] != $pagenow || isset( $_GET['page'] ) ) // not the current page
+					continue;
+
+				if ( isset( $submenu_array[3] ) ) {
+					$title = $submenu_array[3];
+					return $submenu_array[3];
+				} else {
+					$title = $submenu_array[0];
+					return $title;
+				}
+			}
+		}
+	}
+
+	return $title;
+}
+
+function get_plugin_page_hook( $plugin_page, $parent_page ) {
+	global $wp_filter;
+
+	$hook = get_plugin_page_hookname( $plugin_page, $parent_page );
+	if ( isset( $wp_filter[$hook] ))
+		return $hook;
+	else
+		return null;
+}
+
+function get_plugin_page_hookname( $plugin_page, $parent_page ) {
+	global $admin_page_hooks;
+
+	$parent = get_admin_page_parent();
+
+	if ( empty ( $parent_page ) || 'admin.php' == $parent_page ) {
+		if ( isset( $admin_page_hooks[$plugin_page] ))
+			$page_type = 'toplevel';
+		else
+			if ( isset( $admin_page_hooks[$parent] ))
+				$page_type = $admin_page_hooks[$parent];
+	} else
+		if ( isset( $admin_page_hooks[$parent_page] ) ) {
+			$page_type = $admin_page_hooks[$parent_page];
+		} else {
+			$page_type = 'admin';
+		}
+
+	$plugin_name = preg_replace( '!\.php!', '', $plugin_page );
+
+	return $page_type.'_page_'.$plugin_name;
+}
+
+function user_can_access_admin_page() {
+	global $pagenow;
+	global $menu;
+	global $submenu;
+	global $_wp_menu_nopriv;
+	global $_wp_submenu_nopriv;
+	global $plugin_page;
+
+	$parent = get_admin_page_parent();
+
+	if ( isset( $_wp_submenu_nopriv[$parent][$pagenow] ) )
+		return false;
+
+	if ( isset( $plugin_page ) && isset( $_wp_submenu_nopriv[$parent][$plugin_page] ) )
+		return false;
+
+	if ( empty( $parent) ) {
+		if ( isset( $_wp_menu_nopriv[$pagenow] ) )
+			return false;
+		if ( isset( $_wp_submenu_nopriv[$pagenow][$pagenow] ) )
+			return false;
+		if ( isset( $plugin_page ) && isset( $_wp_submenu_nopriv[$pagenow][$plugin_page] ) )
+			return false;
+		foreach (array_keys( $_wp_submenu_nopriv ) as $key ) {
+			if ( isset( $_wp_submenu_nopriv[$key][$pagenow] ) )
+				return false;
+			if ( isset( $plugin_page ) && isset( $_wp_submenu_nopriv[$key][$plugin_page] ) )
+			return false;
+		}
+		return true;
+	}
+
+	if ( isset( $submenu[$parent] ) ) {
+		foreach ( $submenu[$parent] as $submenu_array ) {
+			if ( isset( $plugin_page ) && ( $submenu_array[2] == $plugin_page ) ) {
+				if ( current_user_can( $submenu_array[1] ))
+					return true;
+				else
+					return false;
+			} else if ( $submenu_array[2] == $pagenow ) {
+				if ( current_user_can( $submenu_array[1] ))
+					return true;
+				else
+					return false;
+			}
+		}
+	}
+
+	foreach ( $menu as $menu_array ) {
+		if ( $menu_array[2] == $parent) {
+			if ( current_user_can( $menu_array[1] ))
+				return true;
+			else
+				return false;
+		}
+	}
+
+	return true;
+}
+
+?>
--- a/wp-admin/includes/post.php
+++ b/wp-admin/includes/post.php
@@ -0,0 +1,471 @@
+<?php
+
+// Update an existing post with values provided in $_POST.
+function edit_post() {
+	global $user_ID;
+
+	$post_ID = (int) $_POST['post_ID'];
+
+	if ( 'page' == $_POST['post_type'] ) {
+		if ( !current_user_can( 'edit_page', $post_ID ) )
+			wp_die( __('You are not allowed to edit this page.' ));
+	} else {
+		if ( !current_user_can( 'edit_post', $post_ID ) )
+			wp_die( __('You are not allowed to edit this post.' ));
+	}
+
+	// Autosave shouldn't save too soon after a real save
+	if ( 'autosave' == $_POST['action'] ) {
+		$post =& get_post( $post_ID );
+		$now = time();
+		$then = strtotime($post->post_date_gmt . ' +0000');
+		// Keep autosave_interval in sync with autosave-js.php.
+		$delta = apply_filters( 'autosave_interval', 120 ) / 2;
+		if ( ($now - $then) < $delta )
+			return $post_ID;
+	}
+
+	// Rename.
+	$_POST['ID'] = (int) $_POST['post_ID'];
+	$_POST['post_content'] = $_POST['content'];
+	$_POST['post_excerpt'] = $_POST['excerpt'];
+	$_POST['post_parent'] = $_POST['parent_id'];
+	$_POST['to_ping'] = $_POST['trackback_url'];
+
+	if (!empty ( $_POST['post_author_override'] ) ) {
+		$_POST['post_author'] = (int) $_POST['post_author_override'];
+	} else
+		if (!empty ( $_POST['post_author'] ) ) {
+			$_POST['post_author'] = (int) $_POST['post_author'];
+		} else {
+			$_POST['post_author'] = (int) $_POST['user_ID'];
+		}
+
+	if ( $_POST['post_author'] != $_POST['user_ID'] ) {
+		if ( 'page' == $_POST['post_type'] ) {
+			if ( !current_user_can( 'edit_others_pages' ) )
+				wp_die( __('You are not allowed to edit pages as this user.' ));
+		} else {
+			if ( !current_user_can( 'edit_others_posts' ) )
+				wp_die( __('You are not allowed to edit posts as this user.' ));
+
+		}
+	}
+
+	// What to do based on which button they pressed
+	if ('' != $_POST['saveasdraft'] )
+		$_POST['post_status'] = 'draft';
+	if ('' != $_POST['saveasprivate'] )
+		$_POST['post_status'] = 'private';
+	if ('' != $_POST['publish'] )
+		$_POST['post_status'] = 'publish';
+	if ('' != $_POST['advanced'] )
+		$_POST['post_status'] = 'draft';
+
+	if ( 'page' == $_POST['post_type'] ) {
+		if ('publish' == $_POST['post_status'] && !current_user_can( 'edit_published_pages' ))
+			$_POST['post_status'] = 'pending';
+	} else {
+		if ('publish' == $_POST['post_status'] && !current_user_can( 'edit_published_posts' ))
+			$_POST['post_status'] = 'pending';
+	}
+
+	if (!isset( $_POST['comment_status'] ))
+		$_POST['comment_status'] = 'closed';
+
+	if (!isset( $_POST['ping_status'] ))
+		$_POST['ping_status'] = 'closed';
+
+	if (!empty ( $_POST['edit_date'] ) ) {
+		$aa = $_POST['aa'];
+		$mm = $_POST['mm'];
+		$jj = $_POST['jj'];
+		$hh = $_POST['hh'];
+		$mn = $_POST['mn'];
+		$ss = $_POST['ss'];
+		$jj = ($jj > 31 ) ? 31 : $jj;
+		$hh = ($hh > 23 ) ? $hh -24 : $hh;
+		$mn = ($mn > 59 ) ? $mn -60 : $mn;
+		$ss = ($ss > 59 ) ? $ss -60 : $ss;
+		$_POST['post_date'] = "$aa-$mm-$jj $hh:$mn:$ss";
+		$_POST['post_date_gmt'] = get_gmt_from_date( "$aa-$mm-$jj $hh:$mn:$ss" );
+	}
+
+	// Meta Stuff
+	if ( $_POST['meta'] ) {
+		foreach ( $_POST['meta'] as $key => $value )
+			update_meta( $key, $value['key'], $value['value'] );
+	}
+
+	if ( $_POST['deletemeta'] ) {
+		foreach ( $_POST['deletemeta'] as $key => $value )
+			delete_meta( $key );
+	}
+
+	add_meta( $post_ID );
+
+	wp_update_post( $_POST );
+
+	// Reunite any orphaned attachments with their parent
+	if ( !$draft_ids = get_user_option( 'autosave_draft_ids' ) )
+		$draft_ids = array();
+	if ( $draft_temp_id = (int) array_search( $post_ID, $draft_ids ) )
+		_relocate_children( $draft_temp_id, $post_ID );
+
+	// Now that we have an ID we can fix any attachment anchor hrefs
+	_fix_attachment_links( $post_ID );
+
+	return $post_ID;
+}
+
+// Default post information to use when populating the "Write Post" form.
+function get_default_post_to_edit() {
+	if ( !empty( $_REQUEST['post_title'] ) )
+		$post_title = wp_specialchars( stripslashes( $_REQUEST['post_title'] ));
+	else if ( !empty( $_REQUEST['popuptitle'] ) ) {
+		$post_title = wp_specialchars( stripslashes( $_REQUEST['popuptitle'] ));
+		$post_title = funky_javascript_fix( $post_title );
+	} else {
+		$post_title = '';
+	}
+
+	if ( !empty( $_REQUEST['content'] ) )
+		$post_content = wp_specialchars( stripslashes( $_REQUEST['content'] ));
+	else if ( !empty( $post_title ) ) {
+		$text       = wp_specialchars( stripslashes( urldecode( $_REQUEST['text'] ) ) );
+		$text       = funky_javascript_fix( $text);
+		$popupurl   = clean_url($_REQUEST['popupurl']);
+        $post_content = '<a href="'.$popupurl.'">'.$post_title.'</a>'."\n$text";
+    }
+
+	if ( !empty( $_REQUEST['excerpt'] ) )
+		$post_excerpt = wp_specialchars( stripslashes( $_REQUEST['excerpt'] ));
+	else
+		$post_excerpt = '';
+
+	$post->post_status = 'draft';
+	$post->comment_status = get_option( 'default_comment_status' );
+	$post->ping_status = get_option( 'default_ping_status' );
+	$post->post_pingback = get_option( 'default_pingback_flag' );
+	$post->post_category = get_option( 'default_category' );
+	$post->post_content = apply_filters( 'default_content', $post_content);
+	$post->post_title = apply_filters( 'default_title', $post_title );
+	$post->post_excerpt = apply_filters( 'default_excerpt', $post_excerpt);
+	$post->page_template = 'default';
+	$post->post_parent = 0;
+	$post->menu_order = 0;
+
+	return $post;
+}
+
+// Get an existing post and format it for editing.
+function get_post_to_edit( $id ) {
+
+	$post = get_post( $id, OBJECT, 'edit' );
+
+	if ( $post->post_type == 'page' )
+		$post->page_template = get_post_meta( $id, '_wp_page_template', true );
+
+	return $post;
+}
+
+function post_exists($title, $content = '', $post_date = '') {
+	global $wpdb;
+
+	if (!empty ($post_date))
+		$post_date = "AND post_date = '$post_date'";
+
+	if (!empty ($title))
+		return $wpdb->get_var("SELECT ID FROM $wpdb->posts WHERE post_title = '$title' $post_date");
+	else
+		if (!empty ($content))
+			return $wpdb->get_var("SELECT ID FROM $wpdb->posts WHERE post_content = '$content' $post_date");
+
+	return 0;
+}
+
+// Creates a new post from the "Write Post" form using $_POST information.
+function wp_write_post() {
+	global $user_ID;
+
+	if ( 'page' == $_POST['post_type'] ) {
+		if ( !current_user_can( 'edit_pages' ) )
+			return new WP_Error( 'edit_pages', __( 'You are not allowed to create pages on this blog.' ) );
+	} else {
+		if ( !current_user_can( 'edit_posts' ) )
+			return new WP_Error( 'edit_posts', __( 'You are not allowed to create posts or drafts on this blog.' ) );
+	}
+
+
+	// Check for autosave collisions
+	$temp_id = false;
+	if ( isset($_POST['temp_ID']) ) {
+		$temp_id = (int) $_POST['temp_ID'];
+		if ( !$draft_ids = get_user_option( 'autosave_draft_ids' ) )
+			$draft_ids = array();
+		foreach ( $draft_ids as $temp => $real )
+			if ( time() + $temp > 86400 ) // 1 day: $temp is equal to -1 * time( then )
+				unset($draft_ids[$temp]);
+
+		if ( isset($draft_ids[$temp_id]) ) { // Edit, don't write
+			$_POST['post_ID'] = $draft_ids[$temp_id];
+			unset($_POST['temp_ID']);
+			update_user_option( $user_ID, 'autosave_draft_ids', $draft_ids );
+			return edit_post();
+		}
+	}
+
+	// Rename.
+	$_POST['post_content'] = $_POST['content'];
+	$_POST['post_excerpt'] = $_POST['excerpt'];
+	$_POST['post_parent'] = $_POST['parent_id'];
+	$_POST['to_ping'] = $_POST['trackback_url'];
+
+	if (!empty ( $_POST['post_author_override'] ) ) {
+		$_POST['post_author'] = (int) $_POST['post_author_override'];
+	} else {
+		if (!empty ( $_POST['post_author'] ) ) {
+			$_POST['post_author'] = (int) $_POST['post_author'];
+		} else {
+			$_POST['post_author'] = (int) $_POST['user_ID'];
+		}
+
+	}
+
+	if ( $_POST['post_author'] != $_POST['user_ID'] ) {
+		if ( 'page' == $_POST['post_type'] ) {
+			if ( !current_user_can( 'edit_others_pages' ) )
+				return new WP_Error( 'edit_others_pages', __( 'You are not allowed to create pages as this user.' ) );
+		} else {
+			if ( !current_user_can( 'edit_others_posts' ) )
+				return new WP_Error( 'edit_others_posts', __( 'You are not allowed to post as this user.' ) );
+
+		}
+	}
+
+	// What to do based on which button they pressed
+	if ('' != $_POST['saveasdraft'] )
+		$_POST['post_status'] = 'draft';
+	if ('' != $_POST['saveasprivate'] )
+		$_POST['post_status'] = 'private';
+	if ('' != $_POST['publish'] )
+		$_POST['post_status'] = 'publish';
+	if ('' != $_POST['advanced'] )
+		$_POST['post_status'] = 'draft';
+
+	if ( 'page' == $_POST['post_type'] ) {
+		if ('publish' == $_POST['post_status'] && !current_user_can( 'publish_pages' ) )
+			$_POST['post_status'] = 'pending';
+	} else {
+		if ('publish' == $_POST['post_status'] && !current_user_can( 'publish_posts' ) )
+			$_POST['post_status'] = 'pending';
+	}
+
+	if (!isset( $_POST['comment_status'] ))
+		$_POST['comment_status'] = 'closed';
+
+	if (!isset( $_POST['ping_status'] ))
+		$_POST['ping_status'] = 'closed';
+
+	if (!empty ( $_POST['edit_date'] ) ) {
+		$aa = $_POST['aa'];
+		$mm = $_POST['mm'];
+		$jj = $_POST['jj'];
+		$hh = $_POST['hh'];
+		$mn = $_POST['mn'];
+		$ss = $_POST['ss'];
+		$jj = ($jj > 31 ) ? 31 : $jj;
+		$hh = ($hh > 23 ) ? $hh -24 : $hh;
+		$mn = ($mn > 59 ) ? $mn -60 : $mn;
+		$ss = ($ss > 59 ) ? $ss -60 : $ss;
+		$_POST['post_date'] = sprintf( "%04d-%02d-%02d %02d:%02d:%02d", $aa, $mm, $jj, $hh, $mn, $ss );
+		$_POST['post_date_gmt'] = get_gmt_from_date( $_POST['post_date'] );
+	}
+
+	// Create the post.
+	$post_ID = wp_insert_post( $_POST );
+	if ( is_wp_error( $post_ID ) )
+		return $post_ID;
+
+	if ( empty($post_ID) )
+		return 0;
+
+	add_meta( $post_ID );
+
+	// Reunite any orphaned attachments with their parent
+	if ( !$draft_ids = get_user_option( 'autosave_draft_ids' ) )
+		$draft_ids = array();
+	if ( $draft_temp_id = (int) array_search( $post_ID, $draft_ids ) )
+		_relocate_children( $draft_temp_id, $post_ID );
+	if ( $temp_id && $temp_id != $draft_temp_id )
+		_relocate_children( $temp_id, $post_ID );
+
+	// Update autosave collision detection
+	if ( $temp_id ) {
+		$draft_ids[$temp_id] = $post_ID;
+		update_user_option( $user_ID, 'autosave_draft_ids', $draft_ids );
+	}
+
+	// Now that we have an ID we can fix any attachment anchor hrefs
+	_fix_attachment_links( $post_ID );
+
+	return $post_ID;
+}
+
+function write_post() {
+	$result = wp_write_post();
+	if( is_wp_error( $result ) )
+		wp_die( $result->get_error_message() );
+	else
+		return $result;
+}
+
+//
+// Post Meta
+//
+
+function add_meta( $post_ID ) {
+	global $wpdb;
+	$post_ID = (int) $post_ID;
+
+	$protected = array( '_wp_attached_file', '_wp_attachment_metadata', '_wp_old_slug', '_wp_page_template' );
+
+	$metakeyselect = $wpdb->escape( stripslashes( trim( $_POST['metakeyselect'] ) ) );
+	$metakeyinput = $wpdb->escape( stripslashes( trim( $_POST['metakeyinput'] ) ) );
+	$metavalue = maybe_serialize( stripslashes( (trim( $_POST['metavalue'] ) ) ));
+	$metavalue = $wpdb->escape( $metavalue );
+
+	if ( ('0' === $metavalue || !empty ( $metavalue ) ) && ((('#NONE#' != $metakeyselect) && !empty ( $metakeyselect) ) || !empty ( $metakeyinput) ) ) {
+		// We have a key/value pair. If both the select and the
+		// input for the key have data, the input takes precedence:
+
+ 		if ('#NONE#' != $metakeyselect)
+			$metakey = $metakeyselect;
+
+		if ( $metakeyinput)
+			$metakey = $metakeyinput; // default
+
+		if ( in_array($metakey, $protected) )
+			return false;
+
+		$result = $wpdb->query( "
+						INSERT INTO $wpdb->postmeta
+						(post_id,meta_key,meta_value )
+						VALUES ('$post_ID','$metakey','$metavalue' )
+					" );
+		return $wpdb->insert_id;
+	}
+	return false;
+} // add_meta
+
+function delete_meta( $mid ) {
+	global $wpdb;
+	$mid = (int) $mid;
+
+	return $wpdb->query( "DELETE FROM $wpdb->postmeta WHERE meta_id = '$mid'" );
+}
+
+// Get a list of previously defined keys
+function get_meta_keys() {
+	global $wpdb;
+
+	$keys = $wpdb->get_col( "
+			SELECT meta_key
+			FROM $wpdb->postmeta
+			GROUP BY meta_key
+			ORDER BY meta_key" );
+
+	return $keys;
+}
+
+function get_post_meta_by_id( $mid ) {
+	global $wpdb;
+	$mid = (int) $mid;
+
+	$meta = $wpdb->get_row( "SELECT * FROM $wpdb->postmeta WHERE meta_id = '$mid'" );
+	if ( is_serialized_string( $meta->meta_value ) )
+		$meta->meta_value = maybe_unserialize( $meta->meta_value );
+	return $meta;
+}
+
+// Some postmeta stuff
+function has_meta( $postid ) {
+	global $wpdb;
+
+	return $wpdb->get_results( "
+			SELECT meta_key, meta_value, meta_id, post_id
+			FROM $wpdb->postmeta
+			WHERE post_id = '$postid'
+			ORDER BY meta_key,meta_id", ARRAY_A );
+
+}
+
+function update_meta( $mid, $mkey, $mvalue ) {
+	global $wpdb;
+
+	$protected = array( '_wp_attached_file', '_wp_attachment_metadata', '_wp_old_slug', '_wp_page_template' );
+
+	if ( in_array($mkey, $protected) )
+		return false;
+
+	$mvalue = maybe_serialize( stripslashes( $mvalue ));
+	$mvalue = $wpdb->escape( $mvalue );
+	$mid = (int) $mid;
+	return $wpdb->query( "UPDATE $wpdb->postmeta SET meta_key = '$mkey', meta_value = '$mvalue' WHERE meta_id = '$mid'" );
+}
+
+//
+// Private
+//
+
+// Replace hrefs of attachment anchors with up-to-date permalinks.
+function _fix_attachment_links( $post_ID ) {
+	global $wp_rewrite;
+
+	$post = & get_post( $post_ID, ARRAY_A );
+
+	$search = "#<a[^>]+rel=('|\")[^'\"]*attachment[^>]*>#ie";
+
+	// See if we have any rel="attachment" links
+	if ( 0 == preg_match_all( $search, $post['post_content'], $anchor_matches, PREG_PATTERN_ORDER ) )
+		return;
+
+	$i = 0;
+	$search = "#[\s]+rel=(\"|')(.*?)wp-att-(\d+)\\1#i";
+	foreach ( $anchor_matches[0] as $anchor ) {
+		if ( 0 == preg_match( $search, $anchor, $id_matches ) )
+			continue;
+
+		$id = (int) $id_matches[3];
+
+		// While we have the attachment ID, let's adopt any orphans.
+		$attachment = & get_post( $id, ARRAY_A );
+		if ( ! empty( $attachment) && ! is_object( get_post( $attachment['post_parent'] ) ) ) {
+			$attachment['post_parent'] = $post_ID;
+			// Escape data pulled from DB.
+			$attachment = add_magic_quotes( $attachment);
+			wp_update_post( $attachment);
+		}
+
+		$post_search[$i] = $anchor;
+		$post_replace[$i] = preg_replace( "#href=(\"|')[^'\"]*\\1#e", "stripslashes( 'href=\\1' ).get_attachment_link( $id ).stripslashes( '\\1' )", $anchor );
+		++$i;
+	}
+
+	$post['post_content'] = str_replace( $post_search, $post_replace, $post['post_content'] );
+
+	// Escape data pulled from DB.
+	$post = add_magic_quotes( $post);
+
+	return wp_update_post( $post);
+}
+
+// Move child posts to a new parent
+function _relocate_children( $old_ID, $new_ID ) {
+	global $wpdb;
+	$old_ID = (int) $old_ID;
+	$new_ID = (int) $new_ID;
+	return $wpdb->query( "UPDATE $wpdb->posts SET post_parent = $new_ID WHERE post_parent = $old_ID" );
+}
+
+?>
--- a/wp-admin/includes/schema.php
+++ b/wp-admin/includes/schema.php
@@ -1,16 +1,39 @@
 <?php
 // Here we keep the DB structure and option values

-$wp_queries="CREATE TABLE $wpdb->categories (
-  cat_ID bigint(20) NOT NULL auto_increment,
-  cat_name varchar(55) NOT NULL default '',
-  category_nicename varchar(200) NOT NULL default '',
-  category_description longtext NOT NULL,
-  category_parent bigint(20) NOT NULL default '0',
-  category_count bigint(20) NOT NULL default '0',
-  PRIMARY KEY  (cat_ID),
-  KEY category_nicename (category_nicename)
-);
+$charset_collate = '';
+
+if ( version_compare(mysql_get_server_info(), '4.1.0', '>=') ) {
+	if ( ! empty($wpdb->charset) )
+		$charset_collate = "DEFAULT CHARACTER SET $wpdb->charset";
+	if ( ! empty($wpdb->collate) )
+		$charset_collate .= " COLLATE $wpdb->collate";
+}
+
+$wp_queries="CREATE TABLE $wpdb->terms (
+ term_id bigint(20) NOT NULL auto_increment,
+ name varchar(55) NOT NULL default '',
+ slug varchar(200) NOT NULL default '',
+ term_group bigint(10) NOT NULL default 0,
+ PRIMARY KEY  (term_id),
+ UNIQUE KEY slug (slug)
+) $charset_collate;
+CREATE TABLE $wpdb->term_taxonomy (
+ term_taxonomy_id bigint(20) NOT NULL auto_increment,
+ term_id bigint(20) NOT NULL default 0,
+ taxonomy varchar(32) NOT NULL default '',
+ description longtext NOT NULL,
+ parent bigint(20) NOT NULL default 0,
+ count bigint(20) NOT NULL default 0,
+ PRIMARY KEY  (term_taxonomy_id),
+ UNIQUE KEY term_id_taxonomy (term_id,taxonomy)
+) $charset_collate;
+CREATE TABLE $wpdb->term_relationships (
+ object_id bigint(20) NOT NULL default 0,
+ term_taxonomy_id bigint(20) NOT NULL default 0,
+ PRIMARY KEY  (object_id,term_taxonomy_id),
+ KEY term_taxonomy_id (term_taxonomy_id)
+) $charset_collate;
 CREATE TABLE $wpdb->comments (
  comment_ID bigint(20) unsigned NOT NULL auto_increment,
  comment_post_ID int(11) NOT NULL default '0',
@@ -30,23 +53,7 @@ CREATE TABLE $wpdb->comments (
  PRIMARY KEY  (comment_ID),
  KEY comment_approved (comment_approved),
  KEY comment_post_ID (comment_post_ID)
-);
-CREATE TABLE $wpdb->linkcategories (
-  cat_id bigint(20) NOT NULL auto_increment,
-  cat_name tinytext NOT NULL,
-  auto_toggle enum('Y','N') NOT NULL default 'N',
-  show_images enum('Y','N') NOT NULL default 'Y',
-  show_description enum('Y','N') NOT NULL default 'N',
-  show_rating enum('Y','N') NOT NULL default 'Y',
-  show_updated enum('Y','N') NOT NULL default 'Y',
-  sort_order varchar(64) NOT NULL default 'rand',
-  sort_desc enum('Y','N') NOT NULL default 'N',
-  text_before_link varchar(128) NOT NULL default '<li>',
-  text_after_link varchar(128) NOT NULL default '<br />',
-  text_after_all varchar(128) NOT NULL default '</li>',
-  list_limit int(11) NOT NULL default '-1',
-  PRIMARY KEY  (cat_id)
-);
+) $charset_collate;
 CREATE TABLE $wpdb->links (
  link_id bigint(20) NOT NULL auto_increment,
  link_url varchar(255) NOT NULL default '',
@@ -65,29 +72,16 @@ CREATE TABLE $wpdb->links (
  PRIMARY KEY  (link_id),
  KEY link_category (link_category),
  KEY link_visible (link_visible)
-);
+) $charset_collate;
 CREATE TABLE $wpdb->options (
  option_id bigint(20) NOT NULL auto_increment,
  blog_id int(11) NOT NULL default '0',
  option_name varchar(64) NOT NULL default '',
-  option_can_override enum('Y','N') NOT NULL default 'Y',
-  option_type int(11) NOT NULL default '1',
  option_value longtext NOT NULL,
-  option_width int(11) NOT NULL default '20',
-  option_height int(11) NOT NULL default '8',
-  option_description tinytext NOT NULL,
-  option_admin_level int(11) NOT NULL default '1',
  autoload enum('yes','no') NOT NULL default 'yes',
  PRIMARY KEY  (option_id,blog_id,option_name),
  KEY option_name (option_name)
-);
-CREATE TABLE $wpdb->post2cat (
-  rel_id bigint(20) NOT NULL auto_increment,
-  post_id bigint(20) NOT NULL default '0',
-  category_id bigint(20) NOT NULL default '0',
-  PRIMARY KEY  (rel_id),
-  KEY post_id (post_id,category_id)
-);
+) $charset_collate;
 CREATE TABLE $wpdb->postmeta (
  meta_id bigint(20) NOT NULL auto_increment,
  post_id bigint(20) NOT NULL default '0',
@@ -96,7 +90,7 @@ CREATE TABLE $wpdb->postmeta (
  PRIMARY KEY  (meta_id),
  KEY post_id (post_id),
  KEY meta_key (meta_key)
-);
+) $charset_collate;
 CREATE TABLE $wpdb->posts (
  ID bigint(20) unsigned NOT NULL auto_increment,
  post_author bigint(20) NOT NULL default '0',
@@ -106,7 +100,7 @@ CREATE TABLE $wpdb->posts (
  post_title text NOT NULL,
  post_category int(4) NOT NULL default '0',
  post_excerpt text NOT NULL,
-  post_status enum('publish','draft','private','static','object','attachment') NOT NULL default 'publish',
+  post_status enum('publish','draft','private','static','object','attachment','inherit','future', 'pending') NOT NULL default 'publish',
  comment_status enum('open','closed','registered_only') NOT NULL default 'open',
  ping_status enum('open','closed') NOT NULL default 'open',
  post_password varchar(20) NOT NULL default '',
@@ -119,12 +113,13 @@ CREATE TABLE $wpdb->posts (
  post_parent bigint(20) NOT NULL default '0',
  guid varchar(255) NOT NULL default '',
  menu_order int(11) NOT NULL default '0',
-  post_type varchar(100) NOT NULL default '',
+  post_type varchar(20) NOT NULL default 'post',
  post_mime_type varchar(100) NOT NULL default '',
  comment_count bigint(20) NOT NULL default '0',
  PRIMARY KEY  (ID),
-  KEY post_name (post_name)
-);
+  KEY post_name (post_name),
+  KEY type_status_date (post_type,post_status,post_date,ID)
+) $charset_collate;
 CREATE TABLE $wpdb->users (
  ID bigint(20) unsigned NOT NULL auto_increment,
  user_login varchar(60) NOT NULL default '',
@@ -137,8 +132,9 @@ CREATE TABLE $wpdb->users (
  user_status int(11) NOT NULL default '0',
  display_name varchar(250) NOT NULL default '',
  PRIMARY KEY  (ID),
-  KEY user_login_key (user_login)
-);
+  KEY user_login_key (user_login),
+  KEY user_nicename (user_nicename)
+) $charset_collate;
 CREATE TABLE $wpdb->usermeta (
  umeta_id bigint(20) NOT NULL auto_increment,
  user_id bigint(20) NOT NULL default '0',
@@ -147,17 +143,16 @@ CREATE TABLE $wpdb->usermeta (
  PRIMARY KEY  (umeta_id),
  KEY user_id (user_id),
  KEY meta_key (meta_key)
-);";
+) $charset_collate;";

 function populate_options() {
 	global $wpdb, $wp_db_version;

 	$schema = ( isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' ) ? 'https://' : 'http://';
 	$guessurl = preg_replace('|/wp-admin/.*|i', '', $schema . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
-	add_option('siteurl', $guessurl, __('WordPress web address'));
-	add_option('blogname', __('My Weblog'), __('Blog title'));
-	add_option('blogdescription', __('Just another WordPress weblog'), __('Short tagline'));
-	add_option('new_users_can_blog', 0);
+	add_option('siteurl', $guessurl);
+	add_option('blogname', __('My Blog'));
+	add_option('blogdescription', __('Just another WordPress weblog'));
 	add_option('users_can_register', 0);
 	add_option('admin_email', 'you@example.com');
 	add_option('start_of_week', 1);
@@ -202,7 +197,7 @@ function populate_options() {
 	add_option('comment_max_links', 2);
 	add_option('gmt_offset', date('Z') / 3600);
 	// 1.5
-	add_option('default_email_category', 1, __('Posts by email go to this category'));
+	add_option('default_email_category', 1);
 	add_option('recently_edited');
 	add_option('use_linksupdate', 0);
 	add_option('template', 'default');
@@ -211,14 +206,12 @@ function populate_options() {
 	add_option('page_uris');
 	add_option('blacklist_keys');
 	add_option('comment_registration', 0);
-	add_option('open_proxy_check', 1);
 	add_option('rss_language', 'en');
 	add_option('html_type', 'text/html');
 	// 1.5.1
 	add_option('use_trackback', 0);
 	// 2.0
 	add_option('default_role', 'subscriber');
-	add_option('rich_editing', 'true');
 	add_option('db_version', $wp_db_version);
 	// 2.0.1
 	if ( ini_get('safe_mode') ) {
@@ -230,8 +223,19 @@ function populate_options() {
 		add_option('upload_path', 'wp-content/uploads');
 	}

+	// 2.0.3
+	add_option('secret', md5(uniqid(microtime())));
+
+	// 2.1
+	add_option('blog_public', '1');
+	add_option('default_link_category', 2);
+	add_option('show_on_front', 'posts');
+
+	// 2.2
+	add_option('tag_base');
+
 	// Delete unused options
-	$unusedoptions = array ('blodotgsping_url', 'bodyterminator', 'emailtestonly', 'phoneemail_separator', 'smilies_directory', 'subjectprefix', 'use_bbcode', 'use_blodotgsping', 'use_phoneemail', 'use_quicktags', 'use_weblogsping', 'weblogs_cache_file', 'use_preview', 'use_htmltrans', 'smilies_directory', 'fileupload_allowedusers', 'use_phoneemail', 'default_post_status', 'default_post_category', 'archive_mode', 'time_difference', 'links_minadminlevel', 'links_use_adminlevels', 'links_rating_type', 'links_rating_char', 'links_rating_ignore_zero', 'links_rating_single_image', 'links_rating_image0', 'links_rating_image1', 'links_rating_image2', 'links_rating_image3', 'links_rating_image4', 'links_rating_image5', 'links_rating_image6', 'links_rating_image7', 'links_rating_image8', 'links_rating_image9', 'weblogs_cacheminutes', 'comment_allowed_tags', 'search_engine_friendly_urls', 'default_geourl_lat', 'default_geourl_lon', 'use_default_geourl', 'weblogs_xml_url', 'new_users_can_blog');
+	$unusedoptions = array ('blodotgsping_url', 'bodyterminator', 'emailtestonly', 'phoneemail_separator', 'smilies_directory', 'subjectprefix', 'use_bbcode', 'use_blodotgsping', 'use_phoneemail', 'use_quicktags', 'use_weblogsping', 'weblogs_cache_file', 'use_preview', 'use_htmltrans', 'smilies_directory', 'fileupload_allowedusers', 'use_phoneemail', 'default_post_status', 'default_post_category', 'archive_mode', 'time_difference', 'links_minadminlevel', 'links_use_adminlevels', 'links_rating_type', 'links_rating_char', 'links_rating_ignore_zero', 'links_rating_single_image', 'links_rating_image0', 'links_rating_image1', 'links_rating_image2', 'links_rating_image3', 'links_rating_image4', 'links_rating_image5', 'links_rating_image6', 'links_rating_image7', 'links_rating_image8', 'links_rating_image9', 'weblogs_cacheminutes', 'comment_allowed_tags', 'search_engine_friendly_urls', 'default_geourl_lat', 'default_geourl_lon', 'use_default_geourl', 'weblogs_xml_url', 'new_users_can_blog', '_wpnonce', '_wp_http_referer', 'Update', 'action', 'rich_editing');
 	foreach ($unusedoptions as $option) :
 		delete_option($option);
 	endforeach;
@@ -244,7 +248,9 @@ function populate_options() {
 }

 function populate_roles() {
-	populate_roles_160();	
+	populate_roles_160();
+	populate_roles_210();
+	populate_roles_230();
 }

 function populate_roles_160() {
@@ -256,7 +262,7 @@ function populate_roles_160() {
 	add_role('author', __('Author'));
 	add_role('contributor', __('Contributor'));
 	add_role('subscriber', __('Subscriber'));
-	
+
 	// Add caps for Administrator role
 	$role = get_role('administrator');
 	$role->add_cap('switch_themes');
@@ -289,7 +295,7 @@ function populate_roles_160() {
 	$role->add_cap('level_2');
 	$role->add_cap('level_1');
 	$role->add_cap('level_0');
-	
+
 	// Add caps for Editor role
 	$role = get_role('editor');
 	$role->add_cap('moderate_comments');
@@ -311,7 +317,7 @@ function populate_roles_160() {
 	$role->add_cap('level_2');
 	$role->add_cap('level_1');
 	$role->add_cap('level_0');
-	
+
 	// Add caps for Author role
 	$role = get_role('author');
 	$role->add_cap('upload_files');
@@ -322,18 +328,68 @@ function populate_roles_160() {
 	$role->add_cap('level_2');
 	$role->add_cap('level_1');
 	$role->add_cap('level_0');
-	
+
 	// Add caps for Contributor role
 	$role = get_role('contributor');
 	$role->add_cap('edit_posts');
 	$role->add_cap('read');
 	$role->add_cap('level_1');
 	$role->add_cap('level_0');
-	
+
 	// Add caps for Subscriber role
 	$role = get_role('subscriber');
 	$role->add_cap('read');
 	$role->add_cap('level_0');
 }

+function populate_roles_210() {
+	$roles = array('administrator', 'editor');
+	foreach ($roles as $role) {
+		$role = get_role($role);
+		if ( empty($role) )
+			continue;
+
+		$role->add_cap('edit_others_pages');
+		$role->add_cap('edit_published_pages');
+		$role->add_cap('publish_pages');
+		$role->add_cap('delete_pages');
+		$role->add_cap('delete_others_pages');
+		$role->add_cap('delete_published_pages');
+		$role->add_cap('delete_posts');
+		$role->add_cap('delete_others_posts');
+		$role->add_cap('delete_published_posts');
+		$role->add_cap('delete_private_posts');
+		$role->add_cap('edit_private_posts');
+		$role->add_cap('read_private_posts');
+		$role->add_cap('delete_private_pages');
+		$role->add_cap('edit_private_pages');
+		$role->add_cap('read_private_pages');
+	}
+
+	$role = get_role('administrator');
+	if ( ! empty($role) ) {
+		$role->add_cap('delete_users');
+		$role->add_cap('create_users');
+	}
+
+	$role = get_role('author');
+	if ( ! empty($role) ) {
+		$role->add_cap('delete_posts');
+		$role->add_cap('delete_published_posts');
+	}
+
+	$role = get_role('contributor');
+	if ( ! empty($role) ) {
+		$role->add_cap('delete_posts');
+	}
+}
+
+function populate_roles_230() {
+	$role = get_role( 'administrator' );
+
+	if ( !empty( $role ) ) {
+		$role->add_cap( 'unfiltered_upload' );
+	}
+}
+
 ?>
--- a/wp-admin/includes/taxonomy.php
+++ b/wp-admin/includes/taxonomy.php
@@ -0,0 +1,148 @@
+<?php
+
+//
+// Category
+//
+
+function category_exists($cat_name) {
+	$id = is_term($cat_name, 'category');
+	if ( is_array($id) )
+		$id = $id['term_id'];
+	return $id;
+}
+
+function get_category_to_edit( $id ) {
+	$category = get_category( $id, OBJECT, 'edit' );
+	return $category;
+}
+
+function wp_create_category($cat_name) {
+	if ( $id = category_exists($cat_name) )
+		return $id;
+
+	return wp_insert_category( array('cat_name' => $cat_name) );
+}
+
+function wp_create_categories($categories, $post_id = '') {
+	$cat_ids = array ();
+	foreach ($categories as $category) {
+		if ($id = category_exists($category))
+			$cat_ids[] = $id;
+		else
+			if ($id = wp_create_category($category))
+				$cat_ids[] = $id;
+	}
+
+	if ($post_id)
+		wp_set_post_categories($post_id, $cat_ids);
+
+	return $cat_ids;
+}
+
+function wp_delete_category($cat_ID) {
+	global $wpdb;
+
+	$cat_ID = (int) $cat_ID;
+	$default = get_option('default_category');
+
+	// Don't delete the default cat
+	if ( $cat_ID == $default )
+		return 0;
+
+	return wp_delete_term($cat_ID, 'category', "default=$default");
+}
+
+function wp_insert_category($catarr) {
+	global $wpdb;
+
+	extract($catarr, EXTR_SKIP);
+
+	if ( trim( $cat_name ) == '' )
+		return 0;
+
+	$cat_ID = (int) $cat_ID;
+
+	// Are we updating or creating?
+	if ( !empty ($cat_ID) )
+		$update = true;
+	else
+		$update = false;
+
+	$name = $cat_name;
+	$description = $category_description;
+	$slug = $category_nicename;
+	$parent = $category_parent;
+
+	$parent = (int) $parent;
+	if ( empty($parent) || !category_exists( $parent ) || ($cat_ID && cat_is_ancestor_of($cat_ID, $parent) ) )
+		$parent = 0;
+
+	$args = compact('name', 'slug', 'parent', 'description');
+
+	if ( $update )
+		$cat_ID = wp_update_term($cat_ID, 'category', $args);
+	else
+		$cat_ID = wp_insert_term($cat_name, 'category', $args);
+
+	if ( is_wp_error($cat_ID) )
+		return 0;
+
+	return $cat_ID['term_id'];
+}
+
+function wp_update_category($catarr) {
+	global $wpdb;
+
+	$cat_ID = (int) $catarr['cat_ID'];
+
+	if ( $cat_ID == $catarr['category_parent'] )
+		return false;
+
+	// First, get all of the original fields
+	$category = get_category($cat_ID, ARRAY_A);
+
+	// Escape data pulled from DB.
+	$category = add_magic_quotes($category);
+
+	// Merge old and new fields with new fields overwriting old ones.
+	$catarr = array_merge($category, $catarr);
+
+	return wp_insert_category($catarr);
+}
+
+//
+// Tags
+//
+
+function get_tags_to_edit( $post_id ) {
+	global $wpdb;
+
+	$post_id = (int) $post_id;
+	if ( !$post_id )
+		return false;
+
+	$tags = wp_get_post_tags($post_id);
+
+	if ( !$tags )
+		return false;
+
+	foreach ( $tags as $tag )
+		$tag_names[] = $tag->name;
+	$tags_to_edit = join( ', ', $tag_names );
+	$tags_to_edit = attribute_escape( $tags_to_edit );
+	$tags_to_edit = apply_filters( 'tags_to_edit', $tags_to_edit );
+	return $tags_to_edit;
+}
+
+function tag_exists($tag_name) {
+	return is_term($tag_name, 'post_tag');
+}
+
+function wp_create_tag($tag_name) {
+	if ( $id = tag_exists($tag_name) )
+		return $id;
+
+	return wp_insert_term($tag_name, 'post_tag');
+}
+
+?>
--- a/wp-admin/includes/template.php
+++ b/wp-admin/includes/template.php
@@ -0,0 +1,617 @@
+<?php
+
+//
+// Big Mess
+//
+
+// Dandy new recursive multiple category stuff.
+function cat_rows( $parent = 0, $level = 0, $categories = 0 ) {
+	if ( !$categories )
+		$categories = get_categories( 'hide_empty=0' );
+
+	$children = _get_term_hierarchy('category');
+
+	if ( $categories ) {
+		ob_start();
+		foreach ( $categories as $category ) {
+			if ( $category->parent == $parent) {
+				echo "\t" . _cat_row( $category, $level );
+				if ( isset($children[$category->term_id]) )
+					cat_rows( $category->term_id, $level +1, $categories );
+			}
+		}
+		$output = ob_get_contents();
+		ob_end_clean();
+
+		$output = apply_filters('cat_rows', $output);
+
+		echo $output;
+	} else {
+		return false;
+	}
+}
+
+function _cat_row( $category, $level, $name_override = false ) {
+	global $class;
+
+	$pad = str_repeat( '&#8212; ', $level );
+	if ( current_user_can( 'manage_categories' ) ) {
+		$edit = "<a href='categories.php?action=edit&amp;cat_ID=$category->term_id' class='edit'>".__( 'Edit' )."</a></td>";
+		$default_cat_id = (int) get_option( 'default_category' );
+		$default_link_cat_id = (int) get_option( 'default_link_category' );
+
+		if ( $category->term_id != $default_cat_id )
+			$edit .= "<td><a href='" . wp_nonce_url( "categories.php?action=delete&amp;cat_ID=$category->term_id", 'delete-category_' . $category->term_id ) . "' onclick=\"return deleteSomething( 'cat', $category->term_id, '" . js_escape(sprintf( __("You are about to delete the category '%s'.\nAll posts that were only assigned to this category will be assigned to the '%s' category.\nAll links that were only assigned to this category will be assigned to the '%s' category.\n'OK' to delete, 'Cancel' to stop." ), $category->name, get_catname( $default_cat_id ), get_catname( $default_link_cat_id ) )) . "' );\" class='delete'>".__( 'Delete' )."</a>";
+		else
+			$edit .= "<td style='text-align:center'>".__( "Default" );
+	} else
+		$edit = '';
+
+	$class = ( ( defined( 'DOING_AJAX' ) && DOING_AJAX ) || " class='alternate'" == $class ) ? '' : " class='alternate'";
+
+	$category->count = number_format_i18n( $category->count );
+	$posts_count = ( $category->count > 0 ) ? "<a href='edit.php?cat=$category->term_id'>$category->count</a>" : $category->count;
+	$output = "<tr id='cat-$category->term_id'$class>
+		<th scope='row' style='text-align: center'>$category->term_id</th>
+		<td>" . ( $name_override ? $name_override : $pad . ' ' . $category->name ) . "</td>
+		<td>$category->description</td>
+		<td align='center'>$posts_count</td>
+		<td>$edit</td>\n\t</tr>\n";
+
+	return apply_filters('cat_row', $output);
+}
+
+function checked( $checked, $current) {
+	if ( $checked == $current)
+		echo ' checked="checked"';
+}
+
+// TODO: Remove?
+function documentation_link( $for ) {
+	return;
+}
+
+function selected( $selected, $current) {
+	if ( $selected == $current)
+		echo ' selected="selected"';
+}
+
+//
+// Nasty Category Stuff
+//
+
+function sort_cats( $cat1, $cat2 ) {
+	if ( $cat1['checked'] || $cat2['checked'] )
+		return ( $cat1['checked'] && !$cat2['checked'] ) ? -1 : 1;
+	else
+		return strcasecmp( $cat1['cat_name'], $cat2['cat_name'] );
+}
+
+function get_nested_categories( $default = 0, $parent = 0 ) {
+	global $post_ID, $mode, $wpdb, $checked_categories;
+
+	if ( empty($checked_categories) ) {
+		if ( $post_ID ) {
+			$checked_categories = wp_get_post_categories($post_ID);
+
+			if ( count( $checked_categories ) == 0 ) {
+				// No selected categories, strange
+			$checked_categories[] = $default;
+			}
+		} else {
+			$checked_categories[] = $default;
+		}
+	}
+
+	$cats = get_categories("parent=$parent&hide_empty=0&fields=ids");
+
+	$result = array ();
+	if ( is_array( $cats ) ) {
+		foreach ( $cats as $cat) {
+			$result[$cat]['children'] = get_nested_categories( $default, $cat);
+			$result[$cat]['cat_ID'] = $cat;
+			$result[$cat]['checked'] = in_array( $cat, $checked_categories );
+			$result[$cat]['cat_name'] = get_the_category_by_ID( $cat);
+		}
+	}
+
+	$result = apply_filters('get_nested_categories', $result);
+	usort( $result, 'sort_cats' );
+
+	return $result;
+}
+
+function write_nested_categories( $categories ) {
+	foreach ( $categories as $category ) {
+		echo '<li id="category-', $category['cat_ID'], '"><label for="in-category-', $category['cat_ID'], '" class="selectit"><input value="', $category['cat_ID'], '" type="checkbox" name="post_category[]" id="in-category-', $category['cat_ID'], '"', ($category['checked'] ? ' checked="checked"' : "" ), '/> ', wp_specialchars( apply_filters('the_category', $category['cat_name'] )), "</label></li>";
+
+		if ( $category['children'] ) {
+			echo "<ul>\n";
+			write_nested_categories( $category['children'] );
+			echo "</ul>\n";
+		}
+	}
+}
+
+function dropdown_categories( $default = 0 ) {
+	write_nested_categories( get_nested_categories( $default) );
+}
+
+function dropdown_link_categories( $default = 0 ) {
+	global $link_id;
+
+	if ( $link_id ) {
+		$checked_categories = wp_get_link_cats($link_id);
+
+		if ( count( $checked_categories ) == 0 ) {
+			// No selected categories, strange
+			$checked_categories[] = $default;
+		}
+	} else {
+		$checked_categories[] = $default;
+	}
+
+	$categories = get_terms('link_category', 'orderby=count&hide_empty=0');
+
+	if ( empty($categories) )
+		return;
+
+	foreach ( $categories as $category ) {
+		$cat_id = $category->term_id;
+		$name = wp_specialchars( apply_filters('the_category', $category->name));
+		$checked = in_array( $cat_id, $checked_categories );
+		echo '<li id="link-category-', $cat_id, '"><label for="in-link-category-', $cat_id, '" class="selectit"><input value="', $cat_id, '" type="checkbox" name="link_category[]" id="in-link-category-', $cat_id, '"', ($checked ? ' checked="checked"' : "" ), '/> ', $name, "</label></li>";
+	}
+}
+
+function page_rows( $parent = 0, $level = 0, $pages = 0, $hierarchy = true ) {
+	global $wpdb, $class, $post;
+
+	if (!$pages )
+		$pages = get_pages( 'sort_column=menu_order' );
+
+	if (! $pages )
+		return false;
+
+	foreach ( $pages as $post) {
+		setup_postdata( $post);
+		if ( $hierarchy && ($post->post_parent != $parent) )
+			continue;
+
+		$post->post_title = wp_specialchars( $post->post_title );
+		$pad = str_repeat( '&#8212; ', $level );
+		$id = (int) $post->ID;
+		$class = ('alternate' == $class ) ? '' : 'alternate';
+?>
+  <tr id='page-<?php echo $id; ?>' class='<?php echo $class; ?>'>
+    <th scope="row" style="text-align: center"><?php echo $post->ID; ?></th>
+    <td>
+      <?php echo $pad; ?><?php the_title() ?>
+    </td>
+    <td><?php the_author() ?></td>
+    <td><?php if ( '0000-00-00 00:00:00' ==$post->post_modified ) _e('Unpublished'); else echo mysql2date( __('Y-m-d g:i a'), $post->post_modified ); ?></td>
+	<td><a href="<?php the_permalink(); ?>" rel="permalink" class="view"><?php _e( 'View' ); ?></a></td>
+    <td><?php if ( current_user_can( 'edit_page', $id ) ) { echo "<a href='page.php?action=edit&amp;post=$id' class='edit'>" . __( 'Edit' ) . "</a>"; } ?></td>
+    <td><?php if ( current_user_can( 'delete_page', $id ) ) { echo "<a href='" . wp_nonce_url( "page.php?action=delete&amp;post=$id", 'delete-page_' . $id ) .  "' class='delete' onclick=\"return deleteSomething( 'page', " . $id . ", '" . js_escape(sprintf( __("You are about to delete the '%s' page.\n'OK' to delete, 'Cancel' to stop." ), get_the_title() ) ) . "' );\">" . __( 'Delete' ) . "</a>"; } ?></td>
+  </tr>
+
+<?php
+		if ( $hierarchy ) page_rows( $id, $level + 1, $pages );
+	}
+}
+
+function user_row( $user_object, $style = '' ) {
+	if ( !(is_object( $user_object) && is_a( $user_object, 'WP_User' ) ) )
+		$user_object = new WP_User( (int) $user_object );
+	$email = $user_object->user_email;
+	$url = $user_object->user_url;
+	$short_url = str_replace( 'http://', '', $url );
+	$short_url = str_replace( 'www.', '', $short_url );
+	if ('/' == substr( $short_url, -1 ))
+		$short_url = substr( $short_url, 0, -1 );
+	if ( strlen( $short_url ) > 35 )
+		$short_url =  substr( $short_url, 0, 32 ).'...';
+	$numposts = get_usernumposts( $user_object->ID );
+	$r = "<tr id='user-$user_object->ID'$style>
+		<td><input type='checkbox' name='users[]' id='user_{$user_object->ID}' value='{$user_object->ID}' /> <label for='user_{$user_object->ID}'>{$user_object->ID}</label></td>
+		<td><label for='user_{$user_object->ID}'><strong>$user_object->user_login</strong></label></td>
+		<td><label for='user_{$user_object->ID}'>$user_object->first_name $user_object->last_name</label></td>
+		<td><a href='mailto:$email' title='" . sprintf( __('e-mail: %s' ), $email ) . "'>$email</a></td>
+		<td><a href='$url' title='website: $url'>$short_url</a></td>";
+	$r .= "\n\t\t<td align='center'>";
+	if ( $numposts > 0 ) {
+		$r .= "<a href='edit.php?author=$user_object->ID' title='" . __( 'View posts by this author' ) . "' class='edit'>";
+		$r .= sprintf(__ngettext( 'View %s post', 'View %s posts', $numposts ), $numposts);
+		$r .= '</a>';
+	}
+	$r .= "</td>\n\t\t<td>";
+	if ( current_user_can( 'edit_user', $user_object->ID ) ) {
+		$edit_link = add_query_arg( 'wp_http_referer', urlencode( clean_url( stripslashes( $_SERVER['REQUEST_URI'] ) ) ), "user-edit.php?user_id=$user_object->ID" );
+		$r .= "<a href='$edit_link' class='edit'>".__( 'Edit' )."</a>";
+	}
+	$r .= "</td>\n\t</tr>";
+	return $r;
+}
+
+function _wp_get_comment_list( $s = false, $start, $num ) {
+	global $wpdb;
+
+	$start = abs( (int) $start );
+	$num = (int) $num;
+
+	if ( $s ) {
+		$s = $wpdb->escape($s);
+		$comments = $wpdb->get_results("SELECT SQL_CALC_FOUND_ROWS * FROM $wpdb->comments WHERE
+			(comment_author LIKE '%$s%' OR
+			comment_author_email LIKE '%$s%' OR
+			comment_author_url LIKE ('%$s%') OR
+			comment_author_IP LIKE ('%$s%') OR
+			comment_content LIKE ('%$s%') ) AND
+			comment_approved != 'spam'
+			ORDER BY comment_date DESC LIMIT $start, $num");
+	} else {
+		$comments = $wpdb->get_results( "SELECT SQL_CALC_FOUND_ROWS * FROM $wpdb->comments WHERE comment_approved = '0' OR comment_approved = '1' ORDER BY comment_date DESC LIMIT $start, $num" );
+	}
+
+	update_comment_cache($comments);
+
+	$total = $wpdb->get_var( "SELECT FOUND_ROWS()" );
+
+	return array($comments, $total);
+}
+
+function _wp_comment_list_item( $id, $alt = 0 ) {
+	global $authordata, $comment, $wpdb;
+	$id = (int) $id;
+	$comment =& get_comment( $id );
+	$class = '';
+	$post = get_post($comment->comment_post_ID);
+	$authordata = get_userdata($post->post_author);
+	$comment_status = wp_get_comment_status($comment->comment_ID);
+	if ( 'unapproved' == $comment_status )
+		$class .= ' unapproved';
+	if ( $alt % 2 )
+		$class .= ' alternate';
+	echo "<li id='comment-$comment->comment_ID' class='$class'>";
+?>
+<p><strong><?php comment_author(); ?></strong> <?php if ($comment->comment_author_email) { ?>| <?php comment_author_email_link() ?> <?php } if ($comment->comment_author_url && 'http://' != $comment->comment_author_url) { ?> | <?php comment_author_url_link() ?> <?php } ?>| <?php _e('IP:') ?> <a href="http://ws.arin.net/cgi-bin/whois.pl?queryinput=<?php comment_author_IP() ?>"><?php comment_author_IP() ?></a></p>
+
+<?php comment_text() ?>
+
+<p><?php comment_date(__('M j, g:i A'));  ?> &#8212; [
+<?php
+if ( current_user_can('edit_post', $comment->comment_post_ID) ) {
+	echo " <a href='comment.php?action=editcomment&amp;c=".$comment->comment_ID."'>" .  __('Edit') . '</a>';
+	echo ' | <a href="' . wp_nonce_url('comment.php?action=deletecomment&amp;p=' . $comment->comment_post_ID . '&amp;c=' . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . '" onclick="return deleteSomething( \'comment\', ' . $comment->comment_ID . ', \'' . js_escape(sprintf(__("You are about to delete this comment by '%s'.\n'Cancel' to stop, 'OK' to delete."), $comment->comment_author)) . "', theCommentList );\">" . __('Delete') . '</a> ';
+	if ( ('none' != $comment_status) && ( current_user_can('moderate_comments') ) ) {
+		echo '<span class="unapprove"> | <a href="' . wp_nonce_url('comment.php?action=unapprovecomment&amp;p=' . $comment->comment_post_ID . '&amp;c=' . $comment->comment_ID, 'unapprove-comment_' . $comment->comment_ID) . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\', theCommentList );">' . __('Unapprove') . '</a> </span>';
+		echo '<span class="approve"> | <a href="' . wp_nonce_url('comment.php?action=approvecomment&amp;p=' . $comment->comment_post_ID . '&amp;c=' . $comment->comment_ID, 'approve-comment_' . $comment->comment_ID) . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\', theCommentList );">' . __('Approve') . '</a> </span>';
+	}
+	echo " | <a href=\"" . wp_nonce_url("comment.php?action=deletecomment&amp;dt=spam&amp;p=" . $comment->comment_post_ID . "&amp;c=" . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . "\" onclick=\"return deleteSomething( 'comment-as-spam', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to mark as spam this comment by '%s'.\n'Cancel' to stop, 'OK' to mark as spam."), $comment->comment_author))  . "', theCommentList );\">" . __('Spam') . "</a> ";
+}
+$post = get_post($comment->comment_post_ID, OBJECT, 'display');
+$post_title = wp_specialchars( $post->post_title, 'double' );
+$post_title = ('' == $post_title) ? "# $comment->comment_post_ID" : $post_title;
+?>
+ ] &#8212; <a href="<?php echo get_permalink($comment->comment_post_ID); ?>"><?php echo $post_title; ?></a></p>
+		</li>
+<?php
+}
+
+function wp_dropdown_cats( $currentcat = 0, $currentparent = 0, $parent = 0, $level = 0, $categories = 0 ) {
+	global $wpdb;
+	if (!$categories )
+		$categories = get_categories( 'hide_empty=0' );
+
+	if ( $categories ) {
+		foreach ( $categories as $category ) {
+			if ( $currentcat != $category->term_id && $parent == $category->parent) {
+				$pad = str_repeat( '&#8211; ', $level );
+				$category->name = wp_specialchars( $category->name );
+				echo "\n\t<option value='$category->term_id'";
+				if ( $currentparent == $category->term_id )
+					echo " selected='selected'";
+				echo ">$pad$category->name</option>";
+				wp_dropdown_cats( $currentcat, $currentparent, $category->term_id, $level +1, $categories );
+			}
+		}
+	} else {
+		return false;
+	}
+}
+
+function list_meta( $meta ) {
+	global $post_ID;
+	// Exit if no meta
+	if (!$meta ) {
+		echo '<tbody id="the-list"><tr style="display: none;"><td>&nbsp;</td></tr></tbody>'; //TBODY needed for list-manipulation JS
+		return;
+	}
+	$count = 0;
+?>
+	<thead>
+	<tr>
+		<th><?php _e( 'Key' ) ?></th>
+		<th><?php _e( 'Value' ) ?></th>
+		<th colspan='2'><?php _e( 'Action' ) ?></th>
+	</tr>
+	</thead>
+<?php
+	$r ="\n\t<tbody id='the-list'>";
+	foreach ( $meta as $entry ) {
+		++ $count;
+		if ( $count % 2 )
+			$style = 'alternate';
+		else
+			$style = '';
+		if ('_' == $entry['meta_key'] { 0 } )
+			$style .= ' hidden';
+
+		if ( is_serialized( $entry['meta_value'] ) ) {
+			if ( is_serialized_string( $entry['meta_value'] ) ) {
+				// this is a serialized string, so we should display it
+				$entry['meta_value'] = maybe_unserialize( $entry['meta_value'] );
+			} else {
+				// this is a serialized array/object so we should NOT display it
+				--$count;
+				continue;
+			}
+		}
+
+		$key_js = js_escape( $entry['meta_key'] );
+		$entry['meta_key']   = attribute_escape($entry['meta_key']);
+		$entry['meta_value'] = attribute_escape($entry['meta_value']);
+		$entry['meta_id'] = (int) $entry['meta_id'];
+		$r .= "\n\t<tr id='meta-{$entry['meta_id']}' class='$style'>";
+		$r .= "\n\t\t<td valign='top'><input name='meta[{$entry['meta_id']}][key]' tabindex='6' type='text' size='20' value='{$entry['meta_key']}' /></td>";
+		$r .= "\n\t\t<td><textarea name='meta[{$entry['meta_id']}][value]' tabindex='6' rows='2' cols='30'>{$entry['meta_value']}</textarea></td>";
+		$r .= "\n\t\t<td align='center'><input name='updatemeta' type='submit' class='updatemeta' tabindex='6' value='".attribute_escape(__( 'Update' ))."' /><br />";
+		$r .= "\n\t\t<input name='deletemeta[{$entry['meta_id']}]' type='submit' onclick=\"return deleteSomething( 'meta', {$entry['meta_id']}, '";
+		$r .= js_escape(sprintf( __("You are about to delete the '%s' custom field on this post.\n'OK' to delete, 'Cancel' to stop." ), $key_js ) );
+		$r .= "' );\" class='deletemeta' tabindex='6' value='".attribute_escape(__( 'Delete' ))."' /></td>";
+		$r .= "\n\t</tr>";
+	}
+	echo $r;
+	echo "\n\t</tbody>";
+}
+
+function meta_form() {
+	global $wpdb;
+	$limit = (int) apply_filters( 'postmeta_form_limit', 30 );
+	$keys = $wpdb->get_col( "
+		SELECT meta_key
+		FROM $wpdb->postmeta
+		WHERE meta_key NOT LIKE '\_%'
+		GROUP BY meta_key
+		ORDER BY meta_id DESC
+		LIMIT $limit" );
+	if ( $keys )
+		natcasesort($keys);
+?>
+<h3><?php _e( 'Add a new custom field:' ) ?></h3>
+<table id="newmeta" cellspacing="3" cellpadding="3">
+	<tr>
+<th colspan="2"><?php _e( 'Key' ) ?></th>
+<th><?php _e( 'Value' ) ?></th>
+</tr>
+	<tr valign="top">
+		<td align="right" width="18%">
+<?php if ( $keys ) : ?>
+<select id="metakeyselect" name="metakeyselect" tabindex="7">
+<option value="#NONE#"><?php _e( '- Select -' ); ?></option>
+<?php
+
+	foreach ( $keys as $key ) {
+		$key = attribute_escape( $key );
+		echo "\n\t<option value='$key'>$key</option>";
+	}
+?>
+</select> <?php _e( 'or' ); ?>
+<?php endif; ?>
+</td>
+<td><input type="text" id="metakeyinput" name="metakeyinput" tabindex="7" /></td>
+		<td><textarea id="metavalue" name="metavalue" rows="3" cols="25" tabindex="8"></textarea></td>
+	</tr>
+
+</table>
+<p class="submit"><input type="submit" id="updatemetasub" name="updatemeta" tabindex="9" value="<?php _e( 'Add Custom Field &raquo;' ) ?>" /></p>
+<?php
+
+}
+
+function touch_time( $edit = 1, $for_post = 1, $tab_index = 0 ) {
+	global $wp_locale, $post, $comment;
+
+	if ( $for_post )
+		$edit = ( in_array($post->post_status, array('draft', 'pending') ) && (!$post->post_date || '0000-00-00 00:00:00' == $post->post_date ) ) ? false : true;
+	
+	$tab_index_attribute = '';
+	if ( (int) $tab_index > 0 )
+		$tab_index_attribute = " tabindex=\"$tab_index\"";
+
+	echo '<fieldset><legend><input type="checkbox" class="checkbox" name="edit_date" value="1" id="timestamp"'.$tab_index_attribute.' /> <label for="timestamp">'.__( 'Edit timestamp' ).'</label></legend>';
+
+	$time_adj = time() + (get_option( 'gmt_offset' ) * 3600 );
+	$post_date = ($for_post) ? $post->post_date : $comment->comment_date;
+	$jj = ($edit) ? mysql2date( 'd', $post_date ) : gmdate( 'd', $time_adj );
+	$mm = ($edit) ? mysql2date( 'm', $post_date ) : gmdate( 'm', $time_adj );
+	$aa = ($edit) ? mysql2date( 'Y', $post_date ) : gmdate( 'Y', $time_adj );
+	$hh = ($edit) ? mysql2date( 'H', $post_date ) : gmdate( 'H', $time_adj );
+	$mn = ($edit) ? mysql2date( 'i', $post_date ) : gmdate( 'i', $time_adj );
+	$ss = ($edit) ? mysql2date( 's', $post_date ) : gmdate( 's', $time_adj );
+
+	echo "<select name=\"mm\" onchange=\"edit_date.checked=true\"$tab_index_attribute>\n";
+	for ( $i = 1; $i < 13; $i = $i +1 ) {
+		echo "\t\t\t<option value=\"$i\"";
+		if ( $i == $mm )
+			echo ' selected="selected"';
+		echo '>' . $wp_locale->get_month( $i ) . "</option>\n";
+	}
+?>
+</select>
+<input type="text" id="jj" name="jj" value="<?php echo $jj; ?>" size="2" maxlength="2" onchange="edit_date.checked=true"<?php echo $tab_index_attribute ?> />
+<input type="text" id="aa" name="aa" value="<?php echo $aa ?>" size="4" maxlength="5" onchange="edit_date.checked=true"<?php echo $tab_index_attribute ?> /> @
+<input type="text" id="hh" name="hh" value="<?php echo $hh ?>" size="2" maxlength="2" onchange="edit_date.checked=true"<?php echo $tab_index_attribute ?> /> :
+<input type="text" id="mn" name="mn" value="<?php echo $mn ?>" size="2" maxlength="2" onchange="edit_date.checked=true"<?php echo $tab_index_attribute ?> />
+<input type="hidden" id="ss" name="ss" value="<?php echo $ss ?>" size="2" maxlength="2" onchange="edit_date.checked=true" />
+<?php
+	if ( $edit ) {
+		printf( _c( 'Existing timestamp: %1$s %2$s, %3$s @ %4$s:%5$s|1: month, 2: month string, 3: full year, 4: hours, 5: minutes' ), $wp_locale->get_month( $mm ), $jj, $aa, $hh, $mn );
+	}
+?>
+</fieldset>
+	<?php
+
+}
+
+function page_template_dropdown( $default = '' ) {
+	$templates = get_page_templates();
+	ksort( $templates );
+	foreach (array_keys( $templates ) as $template )
+		: if ( $default == $templates[$template] )
+			$selected = " selected='selected'";
+		else
+			$selected = '';
+	echo "\n\t<option value='".$templates[$template]."' $selected>$template</option>";
+	endforeach;
+}
+
+function parent_dropdown( $default = 0, $parent = 0, $level = 0 ) {
+	global $wpdb, $post_ID;
+	$items = $wpdb->get_results( "SELECT ID, post_parent, post_title FROM $wpdb->posts WHERE post_parent = $parent AND post_type = 'page' ORDER BY menu_order" );
+
+	if ( $items ) {
+		foreach ( $items as $item ) {
+			// A page cannot be its own parent.
+			if (!empty ( $post_ID ) ) {
+				if ( $item->ID == $post_ID ) {
+					continue;
+				}
+			}
+			$pad = str_repeat( '&nbsp;', $level * 3 );
+			if ( $item->ID == $default)
+				$current = ' selected="selected"';
+			else
+				$current = '';
+
+			echo "\n\t<option value='$item->ID'$current>$pad " . wp_specialchars($item->post_title) . "</option>";
+			parent_dropdown( $default, $item->ID, $level +1 );
+		}
+	} else {
+		return false;
+	}
+}
+
+function browse_happy() {
+	$getit = __( 'WordPress recommends a better browser' );
+	echo '
+		<p id="bh" style="text-align: center;"><a href="http://browsehappy.com/" title="'.$getit.'"><img src="images/browse-happy.gif" alt="Browse Happy" /></a></p>
+		';
+}
+
+if (strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false)
+	add_action( 'admin_footer', 'browse_happy' );
+
+function the_attachment_links( $id = false ) {
+	$id = (int) $id;
+	$post = & get_post( $id );
+
+	if ( $post->post_type != 'attachment' )
+		return false;
+
+	$icon = get_attachment_icon( $post->ID );
+	$attachment_data = wp_get_attachment_metadata( $id );
+	$thumb = isset( $attachment_data['thumb'] );
+?>
+<form id="the-attachment-links">
+<table>
+	<col />
+	<col class="widefat" />
+	<tr>
+		<th scope="row"><?php _e( 'URL' ) ?></th>
+		<td><textarea rows="1" cols="40" type="text" class="attachmentlinks" readonly="readonly"><?php echo wp_get_attachment_url(); ?></textarea></td>
+	</tr>
+<?php if ( $icon ) : ?>
+	<tr>
+		<th scope="row"><?php $thumb ? _e( 'Thumbnail linked to file' ) : _e( 'Image linked to file' ); ?></th>
+		<td><textarea rows="1" cols="40" type="text" class="attachmentlinks" readonly="readonly"><a href="<?php echo wp_get_attachment_url(); ?>"><?php echo $icon ?></a></textarea></td>
+	</tr>
+	<tr>
+		<th scope="row"><?php $thumb ? _e( 'Thumbnail linked to page' ) : _e( 'Image linked to page' ); ?></th>
+		<td><textarea rows="1" cols="40" type="text" class="attachmentlinks" readonly="readonly"><a href="<?php echo get_attachment_link( $post->ID ) ?>" rel="attachment wp-att-<?php echo $post->ID; ?>"><?php echo $icon ?></a></textarea></td>
+	</tr>
+<?php else : ?>
+	<tr>
+		<th scope="row"><?php _e( 'Link to file' ) ?></th>
+		<td><textarea rows="1" cols="40" type="text" class="attachmentlinks" readonly="readonly"><a href="<?php echo wp_get_attachment_url(); ?>" class="attachmentlink"><?php echo basename( wp_get_attachment_url() );  ?></a></textarea></td>
+	</tr>
+	<tr>
+		<th scope="row"><?php _e( 'Link to page' ) ?></th>
+		<td><textarea rows="1" cols="40" type="text" class="attachmentlinks" readonly="readonly"><a href="<?php echo get_attachment_link( $post->ID ) ?>" rel="attachment wp-att-<?php echo $post->ID ?>"><?php the_title(); ?></a></textarea></td>
+	</tr>
+<?php endif; ?>
+</table>
+</form>
+<?php
+}
+
+function wp_dropdown_roles( $default = false ) {
+	global $wp_roles;
+	$r = '';
+	foreach( $wp_roles->role_names as $role => $name )
+		if ( $default == $role ) // Make default first in list
+			$p = "\n\t<option selected='selected' value='$role'>$name</option>";
+		else
+			$r .= "\n\t<option value='$role'>$name</option>";
+	echo $p . $r;
+}
+
+function wp_convert_hr_to_bytes( $size ) {
+	$size = strtolower($size);
+	$bytes = (int) $size;
+	if ( strpos($size, 'k') !== false )
+		$bytes = intval($size) * 1024;
+	elseif ( strpos($size, 'm') !== false )
+		$bytes = intval($size) * 1024 * 1024;
+	elseif ( strpos($size, 'g') !== false )
+		$bytes = intval($size) * 1024 * 1024 * 1024;
+	return $bytes;
+}
+
+function wp_convert_bytes_to_hr( $bytes ) {
+	$units = array( 0 => 'B', 1 => 'kB', 2 => 'MB', 3 => 'GB' );
+	$log = log( $bytes, 1024 );
+	$power = (int) $log;
+	$size = pow(1024, $log - $power);
+	return $size . $units[$power];
+}
+
+function wp_import_upload_form( $action ) {
+	$u_bytes = wp_convert_hr_to_bytes( ini_get( 'upload_max_filesize' ) );
+	$p_bytes = wp_convert_hr_to_bytes( ini_get( 'post_max_size' ) );
+	$bytes = apply_filters( 'import_upload_size_limit', min($u_bytes, $p_bytes), $u_bytes, $p_bytes );
+	$size = wp_convert_bytes_to_hr( $bytes );
+?>
+<form enctype="multipart/form-data" id="import-upload-form" method="post" action="<?php echo attribute_escape($action) ?>">
+<p>
+<?php wp_nonce_field('import-upload'); ?>
+<label for="upload"><?php _e( 'Choose a file from your computer:' ); ?></label> (<?php printf( __('Maximum size: %s' ), $size ); ?>)
+<input type="file" id="upload" name="import" size="25" />
+<input type="hidden" name="action" value="save" />
+<input type="hidden" name="max_file_size" value="<?php echo $bytes; ?>" />
+</p>
+<p class="submit">
+<input type="submit" value="<?php _e( 'Upload file and import &raquo;' ); ?>" />
+</p>
+</form>
+<?php
+}
+
+function wp_remember_old_slug() {
+	global $post;
+	$name = attribute_escape($post->post_name); // just in case
+	if ( strlen($name) )
+		echo '<input type="hidden" id="wp-old-slug" name="wp-old-slug" value="' . $name . '" />';
+}
+
+?>
--- a/wp-admin/includes/theme.php
+++ b/wp-admin/includes/theme.php
@@ -0,0 +1,52 @@
+<?php
+
+function current_theme_info() {
+	$themes = get_themes();
+	$current_theme = get_current_theme();
+	$ct->name = $current_theme;
+	$ct->title = $themes[$current_theme]['Title'];
+	$ct->version = $themes[$current_theme]['Version'];
+	$ct->parent_theme = $themes[$current_theme]['Parent Theme'];
+	$ct->template_dir = $themes[$current_theme]['Template Dir'];
+	$ct->stylesheet_dir = $themes[$current_theme]['Stylesheet Dir'];
+	$ct->template = $themes[$current_theme]['Template'];
+	$ct->stylesheet = $themes[$current_theme]['Stylesheet'];
+	$ct->screenshot = $themes[$current_theme]['Screenshot'];
+	$ct->description = $themes[$current_theme]['Description'];
+	$ct->author = $themes[$current_theme]['Author'];
+	return $ct;
+}
+
+function get_broken_themes() {
+	global $wp_broken_themes;
+
+	get_themes();
+	return $wp_broken_themes;
+}
+
+function get_page_templates() {
+	$themes = get_themes();
+	$theme = get_current_theme();
+	$templates = $themes[$theme]['Template Files'];
+	$page_templates = array ();
+
+	if ( is_array( $templates ) ) {
+		foreach ( $templates as $template ) {
+			$template_data = implode( '', file( ABSPATH.$template ));
+
+			preg_match( '|Template Name:(.*)$|mi', $template_data, $name );
+			preg_match( '|Description:(.*)$|mi', $template_data, $description );
+
+			$name = $name[1];
+			$description = $description[1];
+
+			if ( !empty( $name ) ) {
+				$page_templates[trim( $name )] = basename( $template );
+			}
+		}
+	}
+
+	return $page_templates;
+}
+
+?>
--- a/wp-admin/includes/update.php
+++ b/wp-admin/includes/update.php
@@ -0,0 +1,122 @@
+<?php
+
+// The admin side of our 1.0 update system
+
+function core_update_footer( $msg ) {
+	if ( !current_user_can('manage_options') )
+		return sprintf( '| '.__( 'Version %s' ), $GLOBALS['wp_version'] );
+
+	$cur = get_option( 'update_core' );
+
+	switch ( $cur->response ) {
+	case 'development' :
+		return sprintf( '| '.__( 'You are using a development version (%s). Cool! Please <a href="%s">stay updated</a>.' ), $GLOBALS['wp_version'], 'http://wordpress.org/download/svn/' );
+	break;
+
+	case 'upgrade' :
+		return sprintf( '| <strong>'.__( 'Your WordPress %s is out of date. <a href="%s">Please update</a>.' ).'</strong>', $GLOBALS['wp_version'], $cur->url );
+	break;
+
+	case 'latest' :
+	default :
+		return sprintf( '| '.__( 'Version %s' ), $GLOBALS['wp_version'] );
+	break;
+	}
+}
+add_filter( 'update_footer', 'core_update_footer' );
+
+function update_nag() {
+	$cur = get_option( 'update_core' );
+
+	if ( ! isset( $cur->response ) || $cur->response != 'upgrade' )
+		return false;
+
+	if ( current_user_can('manage_options') )
+		$msg = sprintf( __('A new version of WordPress is available! <a href="%s">Please update now</a>.'), $cur->url );
+	else
+		$msg = __('A new version of WordPress is available! Please notify the site administrator.');
+
+	echo "<div id='update-nag'>$msg</div>";
+}
+add_action( 'admin_notices', 'update_nag', 3 );
+
+function wp_update_plugins() {
+	global $wp_version;
+
+	if ( !function_exists('fsockopen') )
+		return false;
+
+	$plugins = get_plugins();
+	$active  = get_option( 'active_plugins' );
+	$current = get_option( 'update_plugins' );
+
+	$new_option = '';
+	$new_option->last_checked = time();
+
+	$plugin_changed = false;
+	foreach ( $plugins as $file => $p ) {
+		$new_option->checked[ $file ] = $p['Version'];
+
+		if ( !isset( $current->checked[ $file ] ) ) {
+			$plugin_changed = true;
+			continue;
+		}
+
+		if ( $current->checked[ $file ] != $p['Version'] )
+			$plugin_changed = true;
+	}
+
+	if (
+		isset( $current->last_checked ) &&
+		43200 > ( time() - $current->last_checked ) &&
+		!$plugin_changed
+	)
+		return false;
+
+	$to_send->plugins = $plugins;
+	$to_send->active = $active;
+	$send = serialize( $to_send );
+
+	$request = 'plugins=' . urlencode( $send );
+	$http_request  = "POST /plugins/update-check/1.0/ HTTP/1.0\r\n";
+	$http_request .= "Host: api.wordpress.org\r\n";
+	$http_request .= "Content-Type: application/x-www-form-urlencoded; charset=" . get_option('blog_charset') . "\r\n";
+	$http_request .= "Content-Length: " . strlen($request) . "\r\n";
+	$http_request .= 'User-Agent: WordPress/' . $wp_version . '; ' . get_bloginfo('url') . "\r\n";
+	$http_request .= "\r\n";
+	$http_request .= $request;
+
+	$response = '';
+	if( false != ( $fs = @fsockopen( 'api.wordpress.org', 80, $errno, $errstr, 3) ) && is_resource($fs) ) {
+		fwrite($fs, $http_request);
+
+		while ( !feof($fs) )
+			$response .= fgets($fs, 1160); // One TCP-IP packet
+		fclose($fs);
+		$response = explode("\r\n\r\n", $response, 2);
+	}
+
+	$response = unserialize( $response[1] );
+
+	if ( $response )
+		$new_option->response = $response;
+
+	update_option( 'update_plugins', $new_option );
+}
+add_action( 'load-plugins.php', 'wp_update_plugins' );
+
+function wp_plugin_update_row( $file ) {
+	global $plugin_data;
+	$current = get_option( 'update_plugins' );
+	if ( !isset( $current->response[ $file ] ) )
+		return false;
+
+	$r = $current->response[ $file ];
+
+	echo "<tr><td colspan='5' class='plugin-update'>";
+	printf( __('There is a new version of %s available. <a href="%s">Download version %s here</a>.'), $plugin_data['Name'], $r->url, $r->new_version );
+	echo "</td></tr>";
+}
+add_action( 'after_plugin_row', 'wp_plugin_update_row' );
+
+?>
--- a/wp-admin/includes/upgrade.php
+++ b/wp-admin/includes/upgrade.php
--- a/wp-admin/includes/upload.php
+++ b/wp-admin/includes/upload.php
@@ -0,0 +1,358 @@
+<?php
+
+function wp_upload_display( $dims = false, $href = '' ) {
+	global $post;
+	$id = get_the_ID();
+	$attachment_data = wp_get_attachment_metadata( $id );
+	$is_image = (int) wp_attachment_is_image();
+	$filesystem_path = get_attached_file( $id );
+	if ( !isset($attachment_data['width']) && $is_image ) {
+		if ( $image_data = getimagesize( $filesystem_path ) ) {
+			$attachment_data['width'] = $image_data[0];
+			$attachment_data['height'] = $image_data[1];
+			wp_update_attachment_metadata( $id, $attachment_data );
+		}
+	}
+	if ( isset($attachment_data['width']) )
+		list($width,$height) = wp_shrink_dimensions($attachment_data['width'], $attachment_data['height'], 171, 128);
+
+	$post_title = attribute_escape( the_title( '', '', false ) );
+	$post_content = attribute_escape(apply_filters( 'content_edit_pre', $post->post_content ));
+
+	$class = 'text';
+	$innerHTML = get_attachment_innerHTML( $id, false, $dims );
+	if ( $image_src = get_attachment_icon_src() ) {
+		$image_rel = wp_make_link_relative($image_src);
+		$innerHTML = '&nbsp;' . str_replace($image_src, $image_rel, $innerHTML);
+		$class = 'image';
+	}
+
+	$src_base = wp_get_attachment_url();
+	$src = wp_make_link_relative( $src_base );
+	$src_base = str_replace($src, '', $src_base);
+
+	if ( !trim($post_title) )
+		$post_title = basename($src);
+
+	$r = '';
+
+	if ( $href )
+		$r .= "<a id='file-link-$id' href='$href' title='$post_title' class='file-link $class'>\n";
+	if ( $href || $image_src )
+		$r .= "\t\t\t$innerHTML";
+	if ( $href )
+		$r .= "</a>\n";
+	$size = @filesize($filesystem_path);
+	if ( !empty($size) )
+		$r .= "\t\t\t\t<span class='upload-file-size'>".size_format($size)."</span>\n";
+	$r .= "\n\t\t<div class='upload-file-data'>\n\t\t\t<p>\n";
+	$r .= "\t\t\t\t<input type='hidden' name='attachment-url-$id' id='attachment-url-$id' value='$src' />\n";
+	$r .= "\t\t\t\t<input type='hidden' name='attachment-url-base-$id' id='attachment-url-base-$id' value='$src_base' />\n";
+
+	if ( !$thumb_base = wp_get_attachment_thumb_url() )
+		$thumb_base = wp_mime_type_icon();
+	if ( $thumb_base ) {
+		$thumb_rel = wp_make_link_relative( $thumb_base );
+		$thumb_base = str_replace( $thumb_rel, '', $thumb_base );
+		$r .= "\t\t\t\t<input type='hidden' name='attachment-thumb-url-$id' id='attachment-thumb-url-$id' value='$thumb_rel' />\n";
+		$r .= "\t\t\t\t<input type='hidden' name='attachment-thumb-url-base-$id' id='attachment-thumb-url-base-$id' value='$thumb_base' />\n";
+	}
+
+	$r .= "\t\t\t\t<input type='hidden' name='attachment-is-image-$id' id='attachment-is-image-$id' value='$is_image' />\n";
+
+	if ( isset($width) ) {
+		$r .= "\t\t\t\t<input type='hidden' name='attachment-width-$id' id='attachment-width-$id' value='$width' />\n";
+		$r .= "\t\t\t\t<input type='hidden' name='attachment-height-$id' id='attachment-height-$id' value='$height' />\n";
+	}
+	$r .= "\t\t\t\t<input type='hidden' name='attachment-page-url-$id' id='attachment-page-url-$id' value='" . get_attachment_link( $id ) . "' />\n";
+	$r .= "\t\t\t\t<input type='hidden' name='attachment-title-$id' id='attachment-title-$id' value='$post_title' />\n";
+	$r .= "\t\t\t\t<input type='hidden' name='attachment-description-$id' id='attachment-description-$id' value='$post_content' />\n";
+	$r .= "\t\t\t</p>\n\t\t</div>\n";
+	return $r;
+}
+
+function wp_upload_view() {
+	global $style, $post_id, $style;
+	$id = get_the_ID();
+	$attachment_data = wp_get_attachment_metadata( $id );
+?>
+	<div id="upload-file">
+		<div id="file-title">
+			<h2><?php if ( !isset($attachment_data['width']) && 'inline' != $style )
+					echo "<a href='" . wp_get_attachment_url() . "' title='" . __('Direct link to file') . "'>";
+				the_title();
+				if ( !isset($attachment_data['width']) && 'inline' != $style )
+					echo '</a>';
+			?></h2>
+			<span><?php
+				echo '[&nbsp;';
+				echo '<a href="' . get_permalink() . '">' . __('view') . '</a>';
+				echo '&nbsp;|&nbsp;';
+					echo '<a href="' . clean_url(add_query_arg('action', 'edit')) . '" title="' . __('Edit this file') . '">' . __('edit') . '</a>';
+				echo '&nbsp;|&nbsp;';
+				echo '<a href="' . clean_url(remove_query_arg(array('action', 'ID'))) . '" title="' . __('Browse your files') . '">' . __('cancel') . '</a>';
+				echo '&nbsp;]'; ?></span>
+		</div>
+
+		<div id="upload-file-view" class="alignleft">
+<?php		if ( isset($attachment_data['width']) && 'inline' != $style )
+			echo "<a href='" . wp_get_attachment_url() . "' title='" . __('Direct link to file') . "'>";
+		echo wp_upload_display( array(171, 128) );
+		if ( isset($attachment_data['width']) && 'inline' != $style )
+			echo '</a>'; ?>
+		</div>
+		<?php the_attachment_links( $id ); ?>
+	</div>
+<?php	echo "<form action='' id='browse-form'><input type='hidden' id='nonce-value' value='" . wp_create_nonce( 'inlineuploading' )  . "' /></form>\n";
+}
+
+function wp_upload_form() {
+	$id = get_the_ID();
+	global $post_id, $tab, $style;
+	$enctype = $id ? '' : ' enctype="multipart/form-data"';
+	$post_id = (int) $post_id;
+?>
+	<form<?php echo $enctype; ?> id="upload-file" method="post" action="<?php echo get_option('siteurl') . '/wp-admin/upload.php?style=' . attribute_escape($style . '&amp;tab=upload&amp;post_id=' . $post_id); ?>">
+<?php
+	if ( $id ) :
+		$attachment = get_post_to_edit( $id );
+		$attachment_data = wp_get_attachment_metadata( $id );
+?>
+		<div id="file-title">
+			<h2><?php if ( !isset($attachment_data['width']) && 'inline' != $style )
+					echo "<a href='" . wp_get_attachment_url() . "' title='" . __('Direct link to file') . "'>";
+				the_title();
+				if ( !isset($attachment_data['width']) && 'inline' != $style )
+					echo '</a>';
+			?></h2>
+			<span><?php
+				echo '[&nbsp;';
+				echo '<a href="' . get_permalink() . '">' . __('view') . '</a>';
+				echo '&nbsp;|&nbsp;';
+					echo '<a href="' . clean_url(add_query_arg('action', 'view')) . '">' . __('links') . '</a>';
+				echo '&nbsp;|&nbsp;';
+				echo '<a href="' . clean_url(remove_query_arg(array('action','ID'))) . '" title="' . __('Browse your files') . '">' . __('cancel') . '</a>';
+				echo '&nbsp;]'; ?></span>
+		</div>
+
+	<div id="upload-file-view" class="alignleft">
+<?php		if ( isset($attachment_data['width']) && 'inline' != $style )
+			echo "<a href='" . wp_get_attachment_url() . "' title='" . __('Direct link to file') . "'>";
+		echo wp_upload_display( array(171, 128) );
+		if ( isset($attachment_data['width']) && 'inline' != $style )
+			echo '</a>'; ?>
+	</div>
+<?php	endif; ?>
+		<table><col /><col class="widefat" />
+<?php	if ( $id ): ?>
+			<tr>
+				<th scope="row"><label for="url"><?php _e('URL'); ?></label></th>
+				<td><input type="text" id="url" class="readonly" value="<?php echo wp_get_attachment_url(); ?>" readonly="readonly" /></td>
+			</tr>
+<?php	else : ?>
+			<tr>
+				<th scope="row"><label for="upload"><?php _e('File'); ?></label></th>
+				<td><input type="file" id="upload" name="image" /></td>
+			</tr>
+<?php	endif; ?>
+			<tr>
+				<th scope="row"><label for="post_title"><?php _e('Title'); ?></label></th>
+				<td><input type="text" id="post_title" name="post_title" value="<?php echo $attachment->post_title; ?>" /></td>
+			</tr>
+			<tr>
+				<th scope="row"><label for="post_content"><?php _e('Description'); ?></label></th>
+				<td><textarea name="post_content" id="post_content"><?php echo $attachment->post_content; ?></textarea></td>
+			</tr>
+			<tr id="buttons" class="submit">
+				<td colspan='2'>
+<?php	if ( $id ) : ?>
+					<input type="submit" name="delete" id="delete" class="delete alignleft" value="<?php _e('Delete File'); ?>" />
+<?php	endif; ?>
+					<input type="hidden" name="from_tab" value="<?php echo $tab; ?>" />
+					<input type="hidden" name="action" value="<?php echo $id ? 'save' : 'upload'; ?>" />
+<?php	if ( $post_id ) : ?>
+					<input type="hidden" name="post_id" value="<?php echo $post_id; ?>" />
+<?php	endif; if ( $id ) : ?>
+					<input type="hidden" name="ID" value="<?php echo $id; ?>" />
+<?php	endif; ?>
+					<?php wp_nonce_field( 'inlineuploading' ); ?>
+					<div class="submit">
+						<input type="submit" value="<?php $id ? _e('Save &raquo;') : _e('Upload &raquo;'); ?>" />
+					</div>
+				</td>
+			</tr>
+		</table>
+	</form>
+<?php
+}
+
+function wp_upload_tab_upload() {
+	wp_upload_form();
+}
+
+function wp_upload_tab_upload_action() {
+	global $action;
+	if ( isset($_POST['delete']) )
+		$action = 'delete';
+
+	switch ( $action ) :
+	case 'upload' :
+		global $from_tab, $post_id, $style;
+		if ( !$from_tab )
+			$from_tab = 'upload';
+
+		check_admin_referer( 'inlineuploading' );
+
+		global $post_id, $post_title, $post_content;
+
+		if ( !current_user_can( 'upload_files' ) )
+			wp_die( __('You are not allowed to upload files.')
+				. " <a href='" . get_option('siteurl') . "/wp-admin/upload.php?style=" . attribute_escape($style . "&amp;tab=browse-all&amp;post_id=$post_id") . "'>"
+				. __('Browse Files') . '</a>'
+			);
+
+		$overrides = array('action'=>'upload');
+
+		$file = wp_handle_upload($_FILES['image'], $overrides);
+
+		if ( isset($file['error']) )
+			wp_die($file['error'] . "<br /><a href='" . get_option('siteurl')
+			. "/wp-admin/upload.php?style=" . attribute_escape($style . "&amp;tab=$from_tab&amp;post_id=$post_id") . "'>" . __('Back to Image Uploading') . '</a>'
+		);
+
+		$url = $file['url'];
+		$type = $file['type'];
+		$file = $file['file'];
+		$filename = basename($file);
+
+		// Construct the attachment array
+		$attachment = array(
+			'post_title' => $post_title,
+			'post_content' => $post_content,
+			'post_type' => 'attachment',
+			'post_parent' => $post_id,
+			'post_mime_type' => $type,
+			'guid' => $url
+		);
+
+		// Save the data
+		$id = wp_insert_attachment($attachment, $file, $post_id);
+
+		wp_update_attachment_metadata( $id, wp_generate_attachment_metadata( $id, $file ) );
+
+		wp_redirect( get_option('siteurl') . "/wp-admin/upload.php?style=$style&tab=browse&action=view&ID=$id&post_id=$post_id");
+		die;
+		break;
+
+	case 'save' :
+		global $from_tab, $post_id, $style;
+		if ( !$from_tab )
+			$from_tab = 'upload';
+		check_admin_referer( 'inlineuploading' );
+
+		wp_update_post($_POST);
+		wp_redirect( get_option('siteurl') . "/wp-admin/upload.php?style=$style&tab=$from_tab&post_id=$post_id");
+		die;
+		break;
+
+	case 'delete' :
+		global $ID, $post_id, $from_tab, $style;
+		if ( !$from_tab )
+			$from_tab = 'upload';
+
+		check_admin_referer( 'inlineuploading' );
+
+		if ( !current_user_can('edit_post', (int) $ID) )
+			wp_die( __('You are not allowed to delete this attachment.')
+				. " <a href='" . get_option('siteurl') . "/wp-admin/upload.php?style=" . attribute_escape($style . "&amp;tab=$from_tab&amp;post_id=$post_id") . "'>"
+				. __('Go back') . '</a>'
+			);
+
+		wp_delete_attachment($ID);
+
+		wp_redirect( get_option('siteurl') . "/wp-admin/upload.php?style=$style&tab=$from_tab&post_id=$post_id" );
+		die;
+		break;
+
+	endswitch;
+}
+
+add_action( 'upload_files_upload', 'wp_upload_tab_upload_action' );
+
+function wp_upload_grab_attachments( $obj ) {
+	$obj->is_attachment = true;
+}
+
+function wp_upload_posts_where( $where ) {
+	global $post_id;
+	return $where . " AND post_parent = '" . (int) $post_id . "'";
+}
+
+function wp_upload_tab_browse() {
+	global $action, $paged;
+	$old_vars = compact( 'paged' );
+
+	switch ( $action ) :
+	case 'edit' :
+	case 'view' :
+		global $ID;
+		$attachments = query_posts("attachment_id=$ID");
+		if ( have_posts() ) : while ( have_posts() ) : the_post();
+			'edit' == $action ? wp_upload_form() : wp_upload_view();
+		endwhile; endif;
+		break;
+	default :
+		global $tab, $post_id, $style;
+		add_action( 'pre_get_posts', 'wp_upload_grab_attachments' );
+		if ( 'browse' == $tab && $post_id )
+			add_filter( 'posts_where', 'wp_upload_posts_where' );
+		$attachments = query_posts("what_to_show=posts&post_status=any&posts_per_page=10&paged=$paged");
+
+		echo "<ul id='upload-files'>\n";
+		if ( have_posts() ) : while ( have_posts() ) : the_post();
+			$href = wp_specialchars( add_query_arg( array(
+				'action' => 'inline' == $style ? 'view' : 'edit',
+				'ID' => get_the_ID())
+			 ), 1 );
+
+			echo "\t<li id='file-";
+			the_ID();
+			echo "' class='alignleft'>\n";
+			echo wp_upload_display( array(128,128), $href );
+			echo "\t</li>\n";
+		endwhile;
+		else :
+			echo "\t<li>" . __('There are no attachments to show.') . "</li>\n";
+		endif;
+		echo "</ul>\n\n";
+
+		echo "<form action='' id='browse-form'><input type='hidden' id='nonce-value' value='" . wp_create_nonce( 'inlineuploading' )  . "' /></form>\n";
+		break;
+	endswitch;
+
+	extract($old_vars);
+}
+
+
+function wp_upload_tab_browse_action() {
+	global $style;
+	if ( 'inline' == $style )
+		wp_enqueue_script('upload');
+}
+
+add_action( 'upload_files_browse', 'wp_upload_tab_browse_action' );
+add_action( 'upload_files_browse-all', 'wp_upload_tab_browse_action' );
+
+function wp_upload_admin_head() {
+	wp_admin_css( 'css/upload' );
+	if ( 'inline' == @$_GET['style'] ) {
+		echo "<style type='text/css' media='screen'>\n";
+		echo "\t#upload-menu { position: absolute; z-index: 2; }\n";
+		echo "\tbody > #upload-menu { position: fixed; }\n";
+		echo "\t#upload-content { top: 2em; }\n";
+		echo "\t#upload-file { position: absolute; top: 15px; }\n";
+		echo "</style>";
+	}
+}
+
+?>
--- a/wp-admin/includes/user.php
+++ b/wp-admin/includes/user.php
@@ -0,0 +1,282 @@
+<?php
+
+// Creates a new user from the "Users" form using $_POST information.
+function add_user() {
+	if ( func_num_args() ) { // The hackiest hack that ever did hack
+		global $current_user, $wp_roles;
+		$user_id = (int) func_get_arg( 0 );
+
+		if ( isset( $_POST['role'] ) ) {
+			if( $user_id != $current_user->id || $wp_roles->role_objects[$_POST['role']]->has_cap( 'edit_users' ) ) {
+				$user = new WP_User( $user_id );
+				$user->set_role( $_POST['role'] );
+			}
+		}
+	} else {
+		add_action( 'user_register', 'add_user' ); // See above
+		return edit_user();
+	}
+}
+
+function edit_user( $user_id = 0 ) {
+	global $current_user, $wp_roles, $wpdb;
+	if ( $user_id != 0 ) {
+		$update = true;
+		$user->ID = (int) $user_id;
+		$userdata = get_userdata( $user_id );
+		$user->user_login = $wpdb->escape( $userdata->user_login );
+	} else {
+		$update = false;
+		$user = '';
+	}
+
+	if ( isset( $_POST['user_login'] ))
+		$user->user_login = wp_specialchars( trim( $_POST['user_login'] ));
+
+	$pass1 = $pass2 = '';
+	if ( isset( $_POST['pass1'] ))
+		$pass1 = $_POST['pass1'];
+	if ( isset( $_POST['pass2'] ))
+		$pass2 = $_POST['pass2'];
+
+	if ( isset( $_POST['role'] ) && current_user_can( 'edit_users' ) ) {
+		if( $user_id != $current_user->id || $wp_roles->role_objects[$_POST['role']]->has_cap( 'edit_users' ))
+			$user->role = $_POST['role'];
+	}
+
+	if ( isset( $_POST['email'] ))
+		$user->user_email = wp_specialchars( trim( $_POST['email'] ));
+	if ( isset( $_POST['url'] ) ) {
+		$user->user_url = clean_url( trim( $_POST['url'] ));
+		$user->user_url = preg_match('/^(https?|ftps?|mailto|news|irc|gopher|nntp|feed|telnet):/is', $user->user_url) ? $user->user_url : 'http://'.$user->user_url;
+	}
+	if ( isset( $_POST['first_name'] ))
+		$user->first_name = wp_specialchars( trim( $_POST['first_name'] ));
+	if ( isset( $_POST['last_name'] ))
+		$user->last_name = wp_specialchars( trim( $_POST['last_name'] ));
+	if ( isset( $_POST['nickname'] ))
+		$user->nickname = wp_specialchars( trim( $_POST['nickname'] ));
+	if ( isset( $_POST['display_name'] ))
+		$user->display_name = wp_specialchars( trim( $_POST['display_name'] ));
+	if ( isset( $_POST['description'] ))
+		$user->description = trim( $_POST['description'] );
+	if ( isset( $_POST['jabber'] ))
+		$user->jabber = wp_specialchars( trim( $_POST['jabber'] ));
+	if ( isset( $_POST['aim'] ))
+		$user->aim = wp_specialchars( trim( $_POST['aim'] ));
+	if ( isset( $_POST['yim'] ))
+		$user->yim = wp_specialchars( trim( $_POST['yim'] ));
+	if ( !$update )
+		$user->rich_editing = 'true';  // Default to true for new users.
+	else if ( isset( $_POST['rich_editing'] ) )
+		$user->rich_editing = $_POST['rich_editing'];
+	else
+		$user->rich_editing = 'false';
+
+	$errors = new WP_Error();
+
+	/* checking that username has been typed */
+	if ( $user->user_login == '' )
+		$errors->add( 'user_login', __( '<strong>ERROR</strong>: Please enter a username.' ));
+
+	/* checking the password has been typed twice */
+	do_action_ref_array( 'check_passwords', array ( $user->user_login, & $pass1, & $pass2 ));
+
+	if (!$update ) {
+		if ( $pass1 == '' || $pass2 == '' )
+			$errors->add( 'pass', __( '<strong>ERROR</strong>: Please enter your password twice.' ));
+	} else {
+		if ((empty ( $pass1 ) && !empty ( $pass2 ) ) || (empty ( $pass2 ) && !empty ( $pass1 ) ) )
+			$errors->add( 'pass', __( "<strong>ERROR</strong>: you typed your new password only once." ));
+	}
+
+	/* Check for "\" in password */
+	if( strpos( " ".$pass1, "\\" ) )
+		$errors->add( 'pass', __( '<strong>ERROR</strong>: Passwords may not contain the character "\\".' ));
+
+	/* checking the password has been typed twice the same */
+	if ( $pass1 != $pass2 )
+		$errors->add( 'pass', __( '<strong>ERROR</strong>: Please type the same password in the two password fields.' ));
+
+	if (!empty ( $pass1 ))
+		$user->user_pass = $pass1;
+
+	if ( !$update && !validate_username( $user->user_login ) )
+		$errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is invalid.  Please enter a valid username.' ));
+
+	if (!$update && username_exists( $user->user_login ))
+		$errors->add( 'user_login', __( '<strong>ERROR</strong>: This username is already registered, please choose another one.' ));
+
+	/* checking e-mail address */
+	if ( empty ( $user->user_email ) ) {
+		$errors->add( 'user_email', __( "<strong>ERROR</strong>: please type an e-mail address" ));
+	} else
+		if (!is_email( $user->user_email ) ) {
+			$errors->add( 'user_email', __( "<strong>ERROR</strong>: the email address isn't correct" ));
+		}
+
+	if ( $errors->get_error_codes() )
+		return $errors;
+
+	if ( $update ) {
+		$user_id = wp_update_user( get_object_vars( $user ));
+	} else {
+		$user_id = wp_insert_user( get_object_vars( $user ));
+		wp_new_user_notification( $user_id );
+	}
+	return $user_id;
+}
+
+function get_author_user_ids() {
+	global $wpdb;
+	$level_key = $wpdb->prefix . 'user_level';
+
+	$query = "SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '$level_key' AND meta_value != '0'";
+
+	return $wpdb->get_col( $query );
+}
+
+function get_editable_authors( $user_id ) {
+	global $wpdb;
+
+	$editable = get_editable_user_ids( $user_id );
+
+	if( !$editable ) {
+		return false;
+	} else {
+		$editable = join(',', $editable);
+		$authors = $wpdb->get_results( "SELECT * FROM $wpdb->users WHERE ID IN ($editable) ORDER BY display_name" );
+	}
+
+	return apply_filters('get_editable_authors', $authors);
+}
+
+function get_editable_user_ids( $user_id, $exclude_zeros = true ) {
+	global $wpdb;
+
+	$user = new WP_User( $user_id );
+
+	if ( ! $user->has_cap('edit_others_posts') ) {
+		if ( $user->has_cap('edit_posts') || $exclude_zeros == false )
+			return array($user->id);
+		else
+			return false;
+	}
+
+	$level_key = $wpdb->prefix . 'user_level';
+
+	$query = "SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '$level_key'";
+	if ( $exclude_zeros )
+		$query .= " AND meta_value != '0'";
+
+	return $wpdb->get_col( $query );
+}
+
+function get_nonauthor_user_ids() {
+	global $wpdb;
+	$level_key = $wpdb->prefix . 'user_level';
+
+	$query = "SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '$level_key' AND meta_value = '0'";
+
+	return $wpdb->get_col( $query );
+}
+
+function get_others_unpublished_posts($user_id, $type='any') {
+	global $wpdb;
+	$user = get_userdata( $user_id );
+	$level_key = $wpdb->prefix . 'user_level';
+
+	$editable = get_editable_user_ids( $user_id );
+
+	if ( in_array($type, array('draft', 'pending')) )
+		$type_sql = " post_status = '$type' ";
+	else
+		$type_sql = " ( post_status = 'draft' OR post_status = 'pending' ) ";
+
+	$dir = ( 'pending' == $type ) ? 'ASC' : 'DESC';
+
+	if( !$editable ) {
+		$other_unpubs = '';
+	} else {
+		$editable = join(',', $editable);
+		$other_unpubs = $wpdb->get_results("SELECT ID, post_title, post_author FROM $wpdb->posts WHERE post_type = 'post' AND $type_sql AND post_author IN ($editable) AND post_author != '$user_id' ORDER BY post_modified $dir");
+	}
+
+	return apply_filters('get_others_drafts', $other_unpubs);
+}
+
+function get_others_drafts($user_id) {
+	return get_others_unpublished_posts($user_id, 'draft');
+}
+
+function get_others_pending($user_id) {
+	return get_others_unpublished_posts($user_id, 'pending');
+}
+
+function get_user_to_edit( $user_id ) {
+	$user = new WP_User( $user_id );
+	$user->user_login   = attribute_escape($user->user_login);
+	$user->user_email   = attribute_escape($user->user_email);
+	$user->user_url     = clean_url($user->user_url);
+	$user->first_name   = attribute_escape($user->first_name);
+	$user->last_name    = attribute_escape($user->last_name);
+	$user->display_name = attribute_escape($user->display_name);
+	$user->nickname     = attribute_escape($user->nickname);
+	$user->aim          = attribute_escape($user->aim);
+	$user->yim          = attribute_escape($user->yim);
+	$user->jabber       = attribute_escape($user->jabber);
+	$user->description  =  wp_specialchars($user->description);
+
+	return $user;
+}
+
+function get_users_drafts( $user_id ) {
+	global $wpdb;
+	$user_id = (int) $user_id;
+	$query = "SELECT ID, post_title FROM $wpdb->posts WHERE post_type = 'post' AND post_status = 'draft' AND post_author = $user_id ORDER BY post_modified DESC";
+	$query = apply_filters('get_users_drafts', $query);
+	return $wpdb->get_results( $query );
+}
+
+function wp_delete_user($id, $reassign = 'novalue') {
+	global $wpdb;
+
+	$id = (int) $id;
+	$user = get_userdata($id);
+
+	if ($reassign == 'novalue') {
+		$post_ids = $wpdb->get_col("SELECT ID FROM $wpdb->posts WHERE post_author = $id");
+
+		if ($post_ids) {
+			foreach ($post_ids as $post_id)
+				wp_delete_post($post_id);
+		}
+
+		// Clean links
+		$wpdb->query("DELETE FROM $wpdb->links WHERE link_owner = $id");
+	} else {
+		$reassign = (int) $reassign;
+		$wpdb->query("UPDATE $wpdb->posts SET post_author = {$reassign} WHERE post_author = {$id}");
+		$wpdb->query("UPDATE $wpdb->links SET link_owner = {$reassign} WHERE link_owner = {$id}");
+	}
+
+	// FINALLY, delete user
+	do_action('delete_user', $id);
+
+	$wpdb->query("DELETE FROM $wpdb->users WHERE ID = $id");
+	$wpdb->query("DELETE FROM $wpdb->usermeta WHERE user_id = '$id'");
+
+	wp_cache_delete($id, 'users');
+	wp_cache_delete($user->user_login, 'userlogins');
+
+	return true;
+}
+
+function wp_revoke_user($id) {
+	$id = (int) $id;
+
+	$user = new WP_User($id);
+	$user->remove_all_caps();
+}
+
+?>
--- a/wp-admin/index-extra.php
+++ b/wp-admin/index-extra.php
@@ -0,0 +1,73 @@
+<?php
+require_once('admin.php');
+require_once (ABSPATH . WPINC . '/rss.php');
+
+@header('Content-Type: ' . get_option('html_type') . '; charset=' . get_option('blog_charset'));
+
+switch ( $_GET['jax'] ) {
+
+case 'incominglinks' :
+
+$rss_feed = apply_filters( 'dashboard_incoming_links_feed', 'http://blogsearch.google.com/blogsearch_feeds?hl=en&scoring=d&ie=utf-8&num=10&output=rss&partner=wordpress&q=link:' . trailingslashit( get_option('home') ) );
+$more_link = apply_filters( 'dashboard_incoming_links_link', 'http://blogsearch.google.com/blogsearch?hl=en&scoring=d&partner=wordpress&q=link:' . trailingslashit( get_option('home') ) );
+
+$rss = @fetch_rss( $rss_feed );
+if ( isset($rss->items) && 1 < count($rss->items) ) { // Technorati returns a 1-item feed when it has no results
+?>
+<h3><?php _e('Incoming Links'); ?> <cite><a href="<?php echo htmlspecialchars( $more_link ); ?>"><?php _e('More &raquo;'); ?></a></cite></h3>
+<ul>
+<?php
+$rss->items = array_slice($rss->items, 0, 10);
+foreach ($rss->items as $item ) {
+?>
+	<li><a href="<?php echo wp_filter_kses($item['link']); ?>"><?php echo wptexturize(wp_specialchars($item['title'])); ?></a></li>
+<?php } ?>
+</ul>
+<?php
+}
+break;
+
+case 'devnews' :
+$rss = @fetch_rss(apply_filters( 'dashboard_primary_feed', 'http://wordpress.org/development/feed/' ));
+if ( isset($rss->items) && 0 != count($rss->items) ) {
+?>
+<h3><?php echo apply_filters( 'dashboard_primary_title', __('WordPress Development Blog') ); ?></h3>
+<?php
+$rss->items = array_slice($rss->items, 0, 3);
+foreach ($rss->items as $item ) {
+?>
+<h4><a href='<?php echo wp_filter_kses($item['link']); ?>'><?php echo wp_specialchars($item['title']); ?></a> &#8212; <?php printf(__('%s ago'), human_time_diff(strtotime($item['pubdate'], time() ) ) ); ?></h4>
+<p><?php echo $item['description']; ?></p>
+<?php
+	}
+}
+?>
+
+<?php
+break;
+
+case 'planetnews' :
+$rss = @fetch_rss(apply_filters( 'dashboard_secondary_feed', 'http://planet.wordpress.org/feed/' ));
+if ( isset($rss->items) && 0 != count($rss->items) ) {
+?>
+<h3><?php echo apply_filters( 'dashboard_secondary_title', __('Other WordPress News') ); ?></h3>
+<ul>
+<?php
+$rss->items = array_slice($rss->items, 0, 20);
+foreach ($rss->items as $item ) {
+$title = wp_specialchars($item['title']);
+$author = preg_replace( '|(.+?):.+|s', '$1', $item['title'] );
+$post = preg_replace( '|.+?:(.+)|s', '$1', $item['title'] );
+?>
+<li><a href='<?php echo wp_filter_kses($item['link']); ?>'><span class="post"><?php echo $post; ?></span><span class="hidden"> - </span><cite><?php echo $author; ?></cite></a></li>
+<?php
+	}
+?>
+</ul>
+<p class="readmore"><a href="<?php echo apply_filters( 'dashboard_secondary_link', 'http://planet.wordpress.org/' ); ?>"><?php _e('Read more &raquo;'); ?></a></p>
+<?php
+}
+break;
+}
+
+?>
--- a/wp-admin/index.php
+++ b/wp-admin/index.php
@@ -1,35 +1,36 @@
 <?php
-require_once('admin.php'); 
-$title = __('Dashboard'); 
+require_once('admin.php');
+
+function index_js() {
+?>
+<script type="text/javascript">
+	jQuery(function() {
+		jQuery('#incominglinks').load('index-extra.php?jax=incominglinks');
+		jQuery('#devnews').load('index-extra.php?jax=devnews');
+		jQuery('#planetnews').load('index-extra.php?jax=planetnews');
+	});
+</script>
+<?php
+}
+add_action( 'admin_head', 'index_js' );
+
+wp_enqueue_script( 'jquery' );
+
+$title = __('Dashboard');
+$parent_file = 'index.php';
 require_once('admin-header.php');
-require_once (ABSPATH . WPINC . '/rss-functions.php');

 $today = current_time('mysql', 1);
 ?>

 <div class="wrap">

-<h2><?php _e('Dashboard'); ?></h2>
+<h2><?php _e('Welcome to WordPress'); ?></h2>

 <div id="zeitgeist">
 <h2><?php _e('Latest Activity'); ?></h2>

-<?php
-$rss = @fetch_rss('http://feeds.technorati.com/cosmos/rss/?url='. trailingslashit(get_option('home')) .'&partner=wordpress');
-if ( isset($rss->items) && 0 != count($rss->items) ) {
-?>
-<div id="incominglinks">
-<h3><?php _e('Incoming Links'); ?> <cite><a href="http://www.technorati.com/search/<?php echo trailingslashit(get_option('home')); ?>?partner=wordpress"><?php _e('More'); ?> &raquo;</a></cite></h3>
-<ul>
-<?php
-$rss->items = array_slice($rss->items, 0, 10);
-foreach ($rss->items as $item ) {
-?>
-	<li><a href="<?php echo wp_filter_kses($item['link']); ?>"><?php echo wp_specialchars($item['title']); ?></a></li>
-<?php } ?>
-</ul>
-</div>
-<?php } ?>
+<div id="incominglinks"></div>

 <?php
 $comments = $wpdb->get_results("SELECT comment_author, comment_author_url, comment_ID, comment_post_ID FROM $wpdb->comments WHERE comment_approved = '1' ORDER BY comment_date_gmt DESC LIMIT 5");
@@ -38,32 +39,31 @@ $numcomments = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->comments WHERE commen
 if ( $comments || $numcomments ) :
 ?>
 <div>
-<h3><?php _e('Comments'); ?> <a href="edit-comments.php" title="<?php _e('More comments...'); ?>">&raquo;</a></h3>
+<h3><?php printf( __( 'Comments <a href="%s" title="More comments&#8230;">&raquo;</a>' ), 'edit-comments.php' ); ?></h3>

 <?php if ( $numcomments ) : ?>
-<p><strong><a href="moderation.php"><?php echo sprintf(__('Comments in moderation (%s)'), number_format($numcomments) ); ?> &raquo;</a></strong></p>
+<p><strong><a href="moderation.php"><?php echo sprintf(__('Comments in moderation (%s) &raquo;'), number_format_i18n($numcomments) ); ?></a></strong></p>
 <?php endif; ?>
-</div>

 <ul>
-<?php 
+<?php
 if ( $comments ) {
 foreach ($comments as $comment) {
 	echo '<li>' . sprintf(__('%1$s on %2$s'), get_comment_author_link(), '<a href="'. get_permalink($comment->comment_post_ID) . '#comment-' . $comment->comment_ID . '">' . get_the_title($comment->comment_post_ID) . '</a>');
-	edit_comment_link(__("Edit"), ' <small>(', ')</small>'); 
+	edit_comment_link(__("Edit"), ' <small>(', ')</small>');
 	echo '</li>';
 }
 }
 ?>
 </ul>
-
+</div>
 <?php endif; ?>

 <?php
-if ( $recentposts = $wpdb->get_results("SELECT ID, post_title FROM $wpdb->posts WHERE post_status = 'publish' AND post_date_gmt < '$today' ORDER BY post_date DESC LIMIT 5") ) :
+if ( $recentposts = $wpdb->get_results("SELECT ID, post_title FROM $wpdb->posts WHERE post_type = 'post' AND " . get_private_posts_cap_sql('post') . " AND post_date_gmt < '$today' ORDER BY post_date DESC LIMIT 5") ) :
 ?>
 <div>
-<h3><?php _e('Posts'); ?> <a href="edit.php" title="<?php _e('More posts...'); ?>">&raquo;</a></h3>
+<h3><?php printf( __( 'Posts <a href="%s" title="More posts&#8230;">&raquo;</a>' ), 'edit.php' ); ?></h3>
 <ul>
 <?php
 foreach ($recentposts as $post) {
@@ -79,8 +79,8 @@ foreach ($recentposts as $post) {
 <?php endif; ?>

 <?php
-if ( $scheduled = $wpdb->get_results("SELECT ID, post_title, post_date_gmt FROM $wpdb->posts WHERE post_status = 'publish' AND post_date_gmt > '$today' ORDER BY post_date ASC") ) :
-?> 
+if ( $scheduled = $wpdb->get_results("SELECT ID, post_title, post_date_gmt FROM $wpdb->posts WHERE post_type = 'post' AND post_status = 'future' ORDER BY post_date ASC") ) :
+?>
 <div>
 <h3><?php _e('Scheduled Entries:') ?></h3>
 <ul>
@@ -90,7 +90,7 @@ foreach ($scheduled as $post) {
 		$post->post_title = sprintf(__('Post #%s'), $post->ID);
 	echo "<li>" . sprintf(__('%1$s in %2$s'), "<a href='post.php?action=edit&amp;post=$post->ID' title='" . __('Edit this post') . "'>$post->post_title</a>", human_time_diff( current_time('timestamp', 1), strtotime($post->post_date_gmt. ' GMT') ))  . "</li>";
 }
-?> 
+?>
 </ul>
 </div>
 <?php endif; ?>
@@ -98,70 +98,43 @@ foreach ($scheduled as $post) {
 <div>
 <h3><?php _e('Blog Stats'); ?></h3>
 <?php
-$numposts = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE post_status = 'publish'");
-if (0 < $numposts) $numposts = number_format($numposts); 
+$numposts = (int) $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE post_type = 'post' AND post_status = 'publish'");
+$numcomms = (int) $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->comments WHERE comment_approved = '1'");
+$numcats  = wp_count_terms('category');
+$numtags = wp_count_terms('post_tag');

-$numcomms = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->comments WHERE comment_approved = '1'");
-if (0 < $numcomms) $numcomms = number_format($numcomms);
-
-$numcats = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->categories");
-if (0 < $numcats) $numcats = number_format($numcats);
+$post_str = sprintf(__ngettext('%1$s <a href="%2$s" title="Posts">post</a>', '%1$s <a href="%2$s" title="Posts">posts</a>', $numposts), number_format_i18n($numposts), 'edit.php');
+$comm_str = sprintf(__ngettext('%1$s <a href="%2$s" title="Comments">comment</a>', '%1$s <a href="%2$s" title="Comments">comments</a>', $numcomms), number_format_i18n($numcomms), 'edit-comments.php');
+$cat_str  = sprintf(__ngettext('%1$s <a href="%2$s" title="Categories">category</a>', '%1$s <a href="%2$s" title="Categories">categories</a>', $numcats), number_format_i18n($numcats), 'categories.php');
+$tag_str  = sprintf(__ngettext('%1$s tag', '%1$s tags', $numtags), number_format_i18n($numtags));
 ?>
-<p><?php printf(__('There are currently %1$s <a href="%2$s" title="Posts">posts</a> and %3$s <a href="%4$s" title="Comments">comments</a>, contained within %5$s <a href="%6$s" title="categories">categories</a>.'), $numposts, 'edit.php',  $numcomms, 'edit-comments.php', $numcats, 'categories.php'); ?></p>
+
+<p><?php printf(__('There are currently %1$s and %2$s, contained within %3$s and %4$s.'), $post_str, $comm_str, $cat_str, $tag_str); ?></p>
 </div>

 <?php do_action('activity_box_end'); ?>
 </div>

-<h3><?php _e('Welcome to WordPress'); ?></h3>
-
 <p><?php _e('Use these links to get started:'); ?></p>

 <ul>
-<li><a href="post.php"><?php _e('Write a post'); ?></a></li>
-<li><a href="profile.php"><?php _e('Update your profile or change your password'); ?></a></li>
-<li><a href="link-add.php"><?php _e('Add a link to your blogroll'); ?></a></li>
-<li><a href="themes.php"><?php _e('Change your site&#8217;s look or theme'); ?></a></li>
+<?php if ( current_user_can('edit_posts') ) : ?>
+	<li><a href="post-new.php"><?php _e('Write a post'); ?></a></li>
+<?php endif; ?>
+	<li><a href="profile.php"><?php _e('Update your profile or change your password'); ?></a></li>
+<?php if ( current_user_can('manage_links') ) : ?>
+	<li><a href="link-add.php"><?php _e('Add a link to your blogroll'); ?></a></li>
+<?php endif; ?>
+<?php if ( current_user_can('switch_themes') ) : ?>
+	<li><a href="themes.php"><?php _e('Change your site&#8217;s look or theme'); ?></a></li>
+<?php endif; ?>
 </ul>
+<p><?php _e("Need help with WordPress? Please see our <a href='http://codex.wordpress.org/'>documentation</a> or visit the <a href='http://wordpress.org/support/'>support forums</a>."); ?></p>

-<p><?php _e("Below is the latest news from the official WordPress development blog, click on a title to read the full entry. If you need help with WordPress please see our <a href='http://codex.wordpress.org/'>great documentation</a> or if that doesn't help visit the <a href='http://wordpress.org/support/'>support forums</a>."); ?></p>
-<?php
-$rss = @fetch_rss('http://wordpress.org/development/feed/');
-if ( isset($rss->items) && 0 != count($rss->items) ) {
-?>
-<h3><?php _e('WordPress Development Blog'); ?></h3>
-<?php
-$rss->items = array_slice($rss->items, 0, 3);
-foreach ($rss->items as $item ) {
-?>
-<h4><a href='<?php echo wp_filter_kses($item['link']); ?>'><?php echo wp_specialchars($item['title']); ?></a> &#8212; <?php printf(__('%s ago'), human_time_diff(strtotime($item['pubdate'], time() ) ) ); ?></h4>
-<p><?php echo $item['description']; ?></p>
-<?php
-	}
-}
-?>
+<div id="devnews"></div>

+<div id="planetnews"></div>

-<?php
-$rss = @fetch_rss('http://planet.wordpress.org/feed/');
-if ( isset($rss->items) && 0 != count($rss->items) ) {
-?>
-<div id="planetnews">
-<h3><?php _e('Other WordPress News'); ?> <a href="http://planet.wordpress.org/"><?php _e('more'); ?> &raquo;</a></h3>
-<ul>
-<?php
-$rss->items = array_slice($rss->items, 0, 20);
-foreach ($rss->items as $item ) {
-?>
-<li><a href='<?php echo wp_filter_kses($item['link']); ?>'><?php echo wp_specialchars($item['title']); ?></a></li>
-<?php
-	}
-?>
-</ul>
-</div>
-<?php
-}
-?>
 <div style="clear: both">&nbsp;
 <br clear="all" />
 </div>
--- a/wp-admin/inline-uploading.php
+++ b/wp-admin/inline-uploading.php
@@ -1,715 +0,0 @@
-<?php
-
-require_once('admin.php');
-
-header('Content-Type: text/html; charset=' . get_option('blog_charset'));
-
-if (!current_user_can('upload_files'))
-	die(__('You do not have permission to upload files.'));
-
-$wpvarstoreset = array('action', 'post', 'all', 'last', 'link', 'sort', 'start', 'imgtitle', 'descr', 'attachment');
-
-for ($i=0; $i<count($wpvarstoreset); $i += 1) {
-	$wpvar = $wpvarstoreset[$i];
-	if (!isset($$wpvar)) {
-		if (empty($_POST["$wpvar"])) {
-			if (empty($_GET["$wpvar"])) {
-				$$wpvar = '';
-			} else {
-			$$wpvar = $_GET["$wpvar"];
-			}
-		} else {
-			$$wpvar = $_POST["$wpvar"];
-		}
-	}
-}
-
-$post = (int) $post;
-$images_width = 1;
-
-switch($action) {
-case 'links':
-// Do not pass GO.
-break;
-
-case 'delete':
-
-if ( !current_user_can('edit_post', (int) $attachment) )
-	die(__('You are not allowed to delete this attachment.').' <a href="'.basename(__FILE__)."?post=$post&amp;all=$all&amp;action=upload\">".__('Go back').'</a>');
-
-wp_delete_attachment($attachment);
-
-header("Location: ".basename(__FILE__)."?post=$post&all=$all&action=view&start=$start");
-die;
-
-case 'save':
-
-$overrides = array('action'=>'save');
-
-$file = wp_handle_upload($_FILES['image'], $overrides);
-
-if ( isset($file['error']) )
-	die($file['error'] . '<br /><a href="' . basename(__FILE__) . '?action=upload&post=' . $post . '">'.__('Back to Image Uploading').'</a>');
-
-$url = $file['url'];
-$type = $file['type'];
-$file = $file['file'];
-$filename = basename($file);
-
-// Construct the attachment array
-$attachment = array(
-	'post_title' => $imgtitle ? $imgtitle : $filename,
-	'post_content' => $descr,
-	'post_status' => 'attachment',
-	'post_parent' => $post,
-	'post_mime_type' => $type,
-	'guid' => $url
-	);
-
-// Save the data
-$id = wp_insert_attachment($attachment, $file, $post);
-
-if ( preg_match('!^image/!', $attachment['post_mime_type']) ) {
-	// Generate the attachment's postmeta.
-	$imagesize = getimagesize($file);
-	$imagedata['width'] = $imagesize['0'];
-	$imagedata['height'] = $imagesize['1'];
-	list($uwidth, $uheight) = get_udims($imagedata['width'], $imagedata['height']);
-	$imagedata['hwstring_small'] = "height='$uheight' width='$uwidth'";
-	$imagedata['file'] = $file;
-
-	add_post_meta($id, '_wp_attachment_metadata', $imagedata);
-
-	if ( $imagedata['width'] * $imagedata['height'] < 3 * 1024 * 1024 ) {
-		if ( $imagedata['width'] > 128 && $imagedata['width'] >= $imagedata['height'] * 4 / 3 )
-			$thumb = wp_create_thumbnail($file, 128);
-		elseif ( $imagedata['height'] > 96 )
-			$thumb = wp_create_thumbnail($file, 96);
-
-		if ( @file_exists($thumb) ) {
-			$newdata = $imagedata;
-			$newdata['thumb'] = basename($thumb);
-			update_post_meta($id, '_wp_attachment_metadata', $newdata, $imagedata);
-		} else {
-			$error = $thumb;
-		}
-	}
-} else {
-	add_post_meta($id, '_wp_attachment_metadata', array());
-}
-
-header("Location: ".basename(__FILE__)."?post=$post&all=$all&action=view&start=0");
-die();
-
-case 'upload':
-
-$current_1 = ' class="current"';
-$back = $next = false;
-break;
-
-case 'view':
-
-// How many images do we show? How many do we query?
-$num = 5;
-$double = $num * 2;
-
-if ( $post && (empty($all) || $all == 'false') ) {
-	$and_post = "AND post_parent = '$post'";
-	$current_2 = ' class="current"';
-} else {
-	$current_3 = ' class="current"';
-}
-
-if (! current_user_can('edit_others_posts') )
-	$and_user = "AND post_author = " . $user_ID;
-
-if ( $last )
-	$start = $wpdb->get_var("SELECT count(ID) FROM $wpdb->posts WHERE post_status = 'attachment' $and_user $and_post") - $num;
-else
-	$start = (int) $start;
-
-if ( $start < 0 )
-	$start = 0;
-
-if ( '' == $sort )
-	$sort = "post_date_gmt DESC";
-
-$attachments = $wpdb->get_results("SELECT ID, post_date, post_title, post_mime_type, guid FROM $wpdb->posts WHERE post_status = 'attachment' $and_type $and_post $and_user ORDER BY $sort LIMIT $start, $double", ARRAY_A);
-
-if ( count($attachments) == 0 ) {
-	header("Location: ".basename(__FILE__)."?post=$post&action=upload");
-	die;
-} elseif ( count($attachments) > $num ) {
-	$next = $start + count($attachments) - $num;
-} else {
-	$next = false;
-}
-
-if ( $start > 0 ) {
-	$back = $start - $num;
-	if ( $back < 1 )
-		$back = '0';
-} else {
-	$back = false;
-}
-
-$uwidth_sum = 0;
-$html = '';
-$popups = '';
-$style = '';
-$script = '';
-if ( count($attachments) > 0 ) {
-	$attachments = array_slice( $attachments, 0, $num );
-	$__delete = __('Delete');
-	$__not_linked = __('Not Linked');
-	$__linked_to_page = __('Linked to Page');
-	$__linked_to_image = __('Linked to Image');
-	$__linked_to_file = __('Linked to File');
-	$__using_thumbnail = __('Using Thumbnail');
-	$__using_original = __('Using Original');
-	$__using_title = __('Using Title');
-	$__using_filename = __('Using Filename');
-	$__using_icon = __('Using Icon');
-	$__no_thumbnail = '<del>'.__('No Thumbnail').'</del>';
-	$__send_to_editor = __('Send to editor');
-	$__close = __('Close Options');
-	$__confirmdelete = __('Delete this file from the server?');
-	$__nothumb = __('There is no thumbnail associated with this photo.');
-	$script .= "notlinked = '$__not_linked';
-linkedtoimage = '$__linked_to_image';
-linkedtopage = '$__linked_to_page';
-linkedtofile = '$__linked_to_file';
-usingthumbnail = '$__using_thumbnail';
-usingoriginal = '$__using_original';
-usingtitle = '$__using_title';
-usingfilename = '$__using_filename';
-usingicon = '$__using_icon';
-var aa = new Array();
-var ab = new Array();
-var imga = new Array();
-var imgb = new Array();
-var srca = new Array();
-var srcb = new Array();
-var title = new Array();
-var filename = new Array();
-var icon = new Array();
-";
-	foreach ( $attachments as $key => $attachment ) {
-		$ID = $attachment['ID'];
-		$href = get_attachment_link($ID);
-		$meta = get_post_meta($ID, '_wp_attachment_metadata', true);
-		if (!is_array($meta)) {
-			$meta = get_post_meta($ID, 'imagedata', true); // Try 1.6 Alpha meta key
-			if (!is_array($meta)) {
-				$meta = array();
-			}
-			add_post_meta($ID, '_wp_attachment_metadata', $meta);
-		}
-		$attachment = array_merge($attachment, $meta);
-		$noscript = "<noscript>
-		<div class='caption'><a href=\"".basename(__FILE__)."?action=links&amp;attachment={$ID}&amp;post={$post}&amp;all={$all}&amp;start={$start}\">Choose Links</a></div>
-		</noscript>
-";
-		$send_delete_cancel = "<a onclick=\"sendToEditor({$ID});return false;\" href=\"javascript:void()\">$__send_to_editor</a>
-<a onclick=\"return confirm('$__confirmdelete')\" href=\"".basename(__FILE__)."?action=delete&amp;attachment={$ID}&amp;all=$all&amp;start=$start&amp;post=$post\">$__delete</a>
-		<a onclick=\"popup.style.display='none';return false;\" href=\"javascript:void()\">$__close</a>
-";
-		$uwidth_sum += 128;
-		if ( preg_match('!^image/!', $attachment['post_mime_type'] ) ) {
-			$image = & $attachment;
-			if ( ($image['width'] > 128 || $image['height'] > 96) && !empty($image['thumb']) && file_exists(dirname($image['file']).'/'.$image['thumb']) ) {
-				$src = str_replace(basename($image['guid']), $image['thumb'], $image['guid']);
-				$script .= "srca[{$ID}] = '$src';
-srcb[{$ID}] = '{$image['guid']}';
-";
-				$thumb = 'true';
-				$thumbtext = $__using_thumbnail;
-			} else {
-				$src = $image['guid'];
-				$thumb = 'false';
-				$thumbtext = $__no_thumbnail;
-			}
-			list($image['uwidth'], $image['uheight']) = get_udims($image['width'], $image['height']);
-			$height_width = 'height="'.$image['uheight'].'" width="'.$image['uwidth'].'"';
-			$xpadding = (128 - $image['uwidth']) / 2;
-			$ypadding = (96 - $image['uheight']) / 2;
-			$style .= "#target{$ID} img { padding: {$ypadding}px {$xpadding}px; }\n";
-			$title = htmlentities($image['post_title'], ENT_QUOTES);
-			$script .= "aa[{$ID}] = '<a id=\"p{$ID}\" rel=\"attachment\" class=\"imagelink\" href=\"$href\" onclick=\"doPopup({$ID});return false;\" title=\"{$title}\">';
-ab[{$ID}] = '<a class=\"imagelink\" href=\"{$image['guid']}\" onclick=\"doPopup({$ID});return false;\" title=\"{$title}\">';
-imga[{$ID}] = '<img id=\"image{$ID}\" src=\"$src\" alt=\"{$title}\" $height_width />';
-imgb[{$ID}] = '<img id=\"image{$ID}\" src=\"{$image['guid']}\" alt=\"{$title}\" $height_width />';
-";
-			$html .= "<div id='target{$ID}' class='attwrap left'>
-	<div id='div{$ID}' class='imagewrap' onclick=\"doPopup({$ID});\">
-		<img id=\"image{$ID}\" src=\"$src\" alt=\"{$title}\" $height_width />
-	</div>
-	{$noscript}
-</div>
-";
-			$popups .= "<div id='popup{$ID}' class='popup'>
-	<a id=\"I{$ID}\" onclick=\"if($thumb)toggleImage({$ID});else alert('$__nothumb');return false;\" href=\"javascript:void()\">$thumbtext</a>
-	<a id=\"L{$ID}\" onclick=\"toggleLink({$ID});return false;\" href=\"javascript:void()\">$__not_linked</a>
-	{$send_delete_cancel}
-</div>
-";
-		} else {
-			$title = htmlentities($attachment['post_title'], ENT_QUOTES);
-			$filename = basename($attachment['guid']);
-			$icon = get_attachment_icon($ID);
-			$toggle_icon = "<a id=\"I{$ID}\" onclick=\"toggleOtherIcon({$ID});return false;\" href=\"javascript:void()\">$__using_title</a>";
-			$script .= "aa[{$ID}] = '<a id=\"p{$ID}\" rel=\"attachment\" href=\"$href\" onclick=\"doPopup({$ID});return false;\" title=\"{$title}\">';
-ab[{$ID}] = '<a id=\"p{$ID}\" href=\"{$filename}\" onclick=\"doPopup({$ID});return false;\" title=\"{$title}\">';
-title[{$ID}] = '{$title}';
-filename[{$ID}] = '{$filename}';
-icon[{$ID}] = '{$icon}';
-";
-			$html .= "<div id='target{$ID}' class='attwrap left'>
-	<div id='div{$ID}' class='otherwrap usingtext' onmousedown=\"selectLink({$ID})\" onclick=\"doPopup({$ID});return false;\">
-		<a id=\"p{$ID}\" href=\"{$attachment['guid']}\" onmousedown=\"selectLink({$ID});\" onclick=\"return false;\">{$title}</a>
-	</div>
-	{$noscript}
-</div>
-";
-			$popups .= "<div id='popup{$ID}' class='popup'>
-	<div class='filetype'>".__('File Type:').' '.str_replace('/',"/\n",$attachment['post_mime_type'])."</div>
-	<a id=\"L{$ID}\" onclick=\"toggleOtherLink({$ID});return false;\" href=\"javascript:void()\">$__linked_to_file</a>
-	{$toggle_icon}
-	{$send_delete_cancel}
-</div>
-";
-		}
-	}
-}
-
-$images_width = $uwidth_sum + ( count($images) * 6 ) + 35;
-
-break;
-
-default:
-die(__('This script was not meant to be called directly.'));
-}
-
-?>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-<head>
-<meta http-equiv="Content-Type" content="<?php bloginfo('html_type'); ?>; charset=<?php echo get_settings('blog_charset'); ?>" />
-<meta http-equiv="imagetoolbar" content="no" />
-<script type="text/javascript">
-/* Define any variables we'll need, such as alternate URLs. */
-<?php echo $script; ?>
-function htmldecode(st) {
-	o = document.getElementById('htmldecode');
-	if (! o) {
-		o = document.createElement("A");
-		o.id = "htmldecode"
-	}
-	o.innerHTML = st;
-	r = o.innerHTML;
-	return r;
-}
-function cancelUpload() {
-	o = document.getElementById('uploadForm');
-	o.method = 'GET';
-	o.action.value = 'view';
-	o.submit();
-}
-function doPopup(i) {
-	if ( popup )
-	popup.style.display = 'none';
-	target = document.getElementById('target'+i);
-	popup = document.getElementById('popup'+i);
-	popup.style.left = (target.offsetLeft) + 'px';
-	popup.style.top = (target.offsetTop) + 'px';
-	popup.style.display = 'block';
-}
-popup = false;
-function selectLink(n) {
-	o=document.getElementById('div'+n);
-	if ( typeof document.body.createTextRange == 'undefined' || typeof win.tinyMCE == 'undefined' || win.tinyMCE.configs.length < 1 )
-		return;
-	r = document.body.createTextRange();
-	if ( typeof r != 'undefined' ) {
-		r.moveToElementText(o);
-		r.select();
-	}
-}
-function toggleLink(n) {
-	ol=document.getElementById('L'+n);
-	if ( ol.innerHTML == htmldecode(notlinked) ) {
-		ol.innerHTML = linkedtoimage;
-	} else if ( ol.innerHTML == htmldecode(linkedtoimage) ) {
-		ol.innerHTML = linkedtopage;
-	} else {
-		ol.innerHTML = notlinked;
-	}
-	updateImage(n);
-}
-function toggleOtherLink(n) {
-	ol=document.getElementById('L'+n);
-	if ( ol.innerHTML == htmldecode(linkedtofile) ) {
-		ol.innerHTML = linkedtopage;
-	} else {
-		ol.innerHTML = linkedtofile;
-	}
-	updateOtherIcon(n);
-}
-function toggleImage(n) {
-	oi = document.getElementById('I'+n);
-	if ( oi.innerHTML == htmldecode(usingthumbnail) ) {
-		oi.innerHTML = usingoriginal;
-	} else {
-		oi.innerHTML = usingthumbnail;
-	}
-	updateImage(n);
-}
-function toggleOtherIcon(n) {
-	od = document.getElementById('div'+n);
-	oi = document.getElementById('I'+n);
-	if ( oi.innerHTML == htmldecode(usingtitle) ) {
-		oi.innerHTML = usingfilename;
-		od.className = 'otherwrap usingtext';
-	} else if ( oi.innerHTML == htmldecode(usingfilename) && icon[n] != '' ) {
-		oi.innerHTML = usingicon;
-		od.className = 'otherwrap usingicon';
-	} else {
-		oi.innerHTML = usingtitle;
-		od.className = 'otherwrap usingtext';
-	}
-	updateOtherIcon(n);
-}
-function updateImage(n) {
-	od=document.getElementById('div'+n);
-	ol=document.getElementById('L'+n);
-	oi=document.getElementById('I'+n);
-	if ( oi.innerHTML == htmldecode(usingthumbnail) ) {
-		img = imga[n];
-	} else {
-		img = imgb[n];
-	}
-	if ( ol.innerHTML == htmldecode(linkedtoimage) ) {
-		od.innerHTML = ab[n]+img+'</a>';
-	} else if ( ol.innerHTML == htmldecode(linkedtopage) ) {
-		od.innerHTML = aa[n]+img+'</a>';
-	} else {
-		od.innerHTML = img;
-	}
-}
-function updateOtherIcon(n) {
-	od=document.getElementById('div'+n);
-	ol=document.getElementById('L'+n);
-	oi=document.getElementById('I'+n);
-	if ( oi.innerHTML == htmldecode(usingfilename) ) {
-		txt = filename[n];
-	} else if ( oi.innerHTML == htmldecode(usingicon) ) {
-		txt = icon[n];
-	} else {
-		txt = title[n];
-	}
-	if ( ol.innerHTML == htmldecode(linkedtofile) ) {
-		od.innerHTML = ab[n]+txt+'</a>';
-	} else if ( ol.innerHTML == htmldecode(linkedtopage) ) {
-		od.innerHTML = aa[n]+txt+'</a>';
-	} else {
-		od.innerHTML = txt;
-	}
-}
-
-var win = window.opener ? window.opener : window.dialogArguments;
-if (!win) win = top;
-tinyMCE = win.tinyMCE;
-richedit = ( typeof tinyMCE == 'object' && tinyMCE.configs.length > 0 );
-function sendToEditor(n) {
-	o = document.getElementById('div'+n);
-	h = o.innerHTML.replace(new RegExp('^\\s*(.*?)\\s*$', ''), '$1'); // Trim
-	h = h.replace(new RegExp(' (class|title|width|height|id|onclick|onmousedown)=([^\'"][^ ]*)( |/|>)', 'g'), ' $1="$2"$3'); // Enclose attribs in quotes
-	h = h.replace(new RegExp(' (width|height)=".*?"', 'g'), ''); // Drop size constraints
-	h = h.replace(new RegExp(' on(click|mousedown)="[^"]*"', 'g'), ''); // Drop menu events
-	h = h.replace(new RegExp('<(/?)A', 'g'), '<$1a'); // Lowercase tagnames
-	h = h.replace(new RegExp('<IMG', 'g'), '<img'); // Lowercase again
-	h = h.replace(new RegExp('(<img .+?")>', 'g'), '$1 />'); // XHTML
-	if ( richedit )
-		win.tinyMCE.execCommand('mceInsertContent', false, h);
-	else
-		win.edInsertContent(win.edCanvas, h);
-}
-</script>
-<style type="text/css">
-<?php if ( $action == 'links' ) : ?>
-* html { overflow-x: hidden; }
-<?php else : ?>
-* html { overflow-y: hidden; }
-<?php endif; ?>
-body {
-	font: 13px "Lucida Grande", "Lucida Sans Unicode", Tahoma, Verdana;
-	border: none;
-	margin: 0px;
-	height: 150px;
-	background: #dfe8f1;
-}
-form {
-	margin: 3px 2px 0px 6px;
-}
-#wrap {
-	clear: both;
-	padding: 0px;
-	width: 100%;
-}
-#images {
-	position: absolute;
-	clear: both;
-	margin: 0px;
-	padding: 15px 15px;
-	width: <?php echo $images_width; ?>px;
-}
-#images img {
-	background-color: rgb(209, 226, 239);
-}
-<?php echo $style; ?>
-.attwrap, .attwrap * {
-	margin: 0px;
-	padding: 0px;
-	border: 0px;
-}
-.imagewrap {
-	margin-right: 5px;
-	overflow: hidden;
-	width: 128px;
-}
-.otherwrap {
-	margin-right: 5px;
-	overflow: hidden;
-	background-color: #f9fcfe;
-}
-.otherwrap a {
-	display: block;
-}
-.otherwrap a, .otherwrap a:hover, .otherwrap a:active, .otherwrap a:visited {
-	color: blue;
-}
-.usingicon {
-	padding: 0px;
-	height: 96px;
-	text-align: center;
-	width: 128px;
-}
-.usingtext {
-	padding: 3px;
-	height: 90px;
-	text-align: left;
-	width: 122px;
-}
-.filetype {
-	font-size: 80%;
-	border-bottom: 3px double #89a
-}
-.imagewrap, .imagewrap img, .imagewrap a, .imagewrap a img, .imagewrap a:hover img, .imagewrap a:visited img, .imagewrap a:active img {
-	text-decoration: none;
-}
-#upload-menu {
-	background: #fff;
-	margin: 0px;
-	padding: 0;
-	list-style: none;
-	height: 2em;
-	border-bottom: 1px solid #448abd;
-	width: 100%;
-}
-#upload-menu li {
-	float: left;
-	margin: 0 0 0 .75em;
-}
-#upload-menu a {
-	display: block;
-	padding: 5px;
-	text-decoration: none;
-	color: #000;
-	border-top: 3px solid #fff;
-}
-#upload-menu .current a {
-	background: #dfe8f1;
-	border-right: 2px solid #448abd;
-}
-#upload-menu a:hover {
-	background: #dfe8f1;
-	color: #000;
-}
-.tip {
-	color: rgb(68, 138, 189);
-	padding: 2px 1em;
-}
-.inactive {
-	color: #fff;
-	padding: 1px 3px;
-}
-.left {
-	float: left;
-}
-.right {
-	float: right;
-}
-.center {
-	text-align: center;
-}
-#upload-menu li.spacer {
-	margin-left: 40px;
-}
-#title, #descr {
-	width: 99%;
-	margin-top: 1px;
-}
-th {
-	width: 4.5em;
-}
-#descr {
-	height: 36px;
-}
-#buttons {
-	margin-top: 2px;
-	text-align: right;
-}
-.popup {
-	margin: 4px 4px;
-	padding: 1px;
-	position: absolute;
-	width: 114px;
-	display: none;
-	background-color: rgb(240, 240, 238);
-	border-top: 2px solid #fff;
-	border-right: 2px solid #ddd;
-	border-bottom: 2px solid #ddd;
-	border-left: 2px solid #fff;
-	text-align: center;
-}
-.imagewrap .popup {
-	opacity: .90;
-	filter:alpha(opacity=90);
-}
-.otherwrap .popup {
-	padding-top: 20px;
-}
-.popup a, .popup a:visited, .popup a:active {
-	background-color: transparent;
-	display: block;
-	width: 100%;
-	text-decoration: none;
-	color: #246;
-}
-.popup a:hover {
-	background-color: #fff;
-	color: #000;
-}
-.caption {
-	text-align: center;
-}
-#submit {
-	margin: 1px;
-	width: 99%;
-}
-#submit input, #submit input:focus {
-	background: url( images/fade-butt.png );
-	border: 3px double #999;
-	border-left-color: #ccc;
-	border-top-color: #ccc;
-	color: #333;
-	padding: 0.25em;
-}
-#submit input:active {
-	background: #f4f4f4;
-	border: 3px double #ccc;
-	border-left-color: #999;
-	border-top-color: #999;
-}
-.zerosize {
-	width: 0px;
-	height: 0px;
-	overflow: hidden;
-	position: absolute;
-}
-#links {
-	margin: 3px 8px;
-	line-height: 2em;
-}
-#links textarea {
-	width: 95%;
-	height: 4.5em;
-}
-</style>
-</head>
-<body>
-<ul id="upload-menu">
-<li<?php echo $current_1; ?>><a href="<?php echo basename(__FILE__); ?>?action=upload&amp;post=<?php echo $post; ?>&amp;all=<?php echo $all; ?>&amp;start=<?php echo $start; ?>"><?php _e('Upload'); ?></a></li>
-<?php if ( $attachments = $wpdb->get_results("SELECT ID FROM $wpdb->posts WHERE post_parent = '$post'") ) { ?>
-<li<?php echo $current_2; ?>><a href="<?php echo basename(__FILE__); ?>?action=view&amp;post=<?php echo $post; ?>&amp;all=false"><?php _e('Browse'); ?></a></li>
-<?php } ?>
-<?php if ($wpdb->get_var("SELECT count(ID) FROM $wpdb->posts WHERE post_status = 'attachment'")) { ?>
-<li<?php echo $current_3; ?>><a href="<?php echo basename(__FILE__); ?>?action=view&amp;post=<?php echo $post; ?>&amp;all=true"><?php _e('Browse All'); ?></a></li>
-<?php } ?>
-<li> </li>
-<?php if ( $action == 'view' ) { ?>
-<?php if ( false !== $back ) : ?>
-<li class="spacer"><a href="<?php echo basename(__FILE__); ?>?action=<?php echo $action; ?>&amp;post=<?php echo $post; ?>&amp;all=<?php echo $all; ?>&amp;start=0" title="<?php _e('First'); ?>">|&laquo;</a></li>
-<li><a href="<?php echo basename(__FILE__); ?>?action=<?php echo $action; ?>&amp;post=<?php echo $post; ?>&amp;all=<?php echo $all; ?>&amp;start=<?php echo $back; ?>"">&laquo; <?php _e('Back'); ?></a></li>
-<?php else : ?>
-<li class="inactive spacer">|&laquo;</li>
-<li class="inactive">&laquo; <?php _e('Back'); ?></li>
-<?php endif; ?>
-<?php if ( false !== $next ) : ?>
-<li><a href="<?php echo basename(__FILE__); ?>?action=<?php echo $action; ?>&amp;post=<?php echo $post; ?>&amp;all=<?php echo $all; ?>&amp;start=<?php echo $next; ?>"><?php _e('Next'); ?> &raquo;</a></li>
-<li><a href="<?php echo basename(__FILE__); ?>?action=<?php echo $action; ?>&amp;post=<?php echo $post; ?>&amp;all=<?php echo $all; ?>&amp;last=true" title="<?php _e('Last'); ?>">&raquo;|</a></li>
-<?php else : ?>
-<li class="inactive"><?php _e('Next'); ?> &raquo;</li>
-<li class="inactive">&raquo;|</li>
-<?php endif; ?>
-<?php } // endif not upload?>
-</ul>
-<?php if ( $action == 'view' ) : ?>
-<div id="wrap">
-<!--<div class="tip"><?php _e('You can drag and drop these items into your post. Click on one for more options.'); ?></div>-->
-<div id="images">
-<?php echo $html; ?>
-<?php echo $popups; ?>
-</div>
-</div>
-<?php elseif ( $action == 'upload' ) : ?>
-<div class="tip"></div>
-<form enctype="multipart/form-data" id="uploadForm" method="POST" action="<?php echo basename(__FILE__); ?>">
-<table style="width:99%;">
-<tr>
-<th scope="row" align="right"><label for="upload"><?php _e('File:'); ?></label></th>
-<td><input type="file" id="upload" name="image" /></td>
-</tr>
-<tr>
-<th scope="row" align="right"><label for="title"><?php _e('Title:'); ?></label></th>
-<td><input type="text" id="title" name="imgtitle" /></td>
-</tr>
-<tr>
-<th scope="row" align="right"><label for="descr"><?php _e('Description:'); ?></label></th>
-<td><input type="textarea" name="descr" id="descr" value="" /></td>
-</tr>
-<tr id="buttons">
-<th></th>
-<td>
-<input type="hidden" name="action" value="save" />
-<input type="hidden" name="post" value="<?php echo $post; ?>" />
-<input type="hidden" name="all" value="<?php echo $all; ?>" />
-<input type="hidden" name="start" value="<?php echo $start; ?>" />
-<div id="submit">
-<input type="submit" value="<?php _e('Upload'); ?>" />
-<?php if ( !empty($all) ) : ?>
-<input type="button" value="<?php _e('Cancel'); ?>" onclick="cancelUpload()" />
-<?php endif; ?>
-</div>
-</td>
-</tr>
-</table>
-</div>
-</form>
-<?php elseif ( $action == 'links' ) : ?>
-<div id="links">
-<?php the_attachment_links($attachment); ?>
-</div>
-<?php endif; ?>
-</body>
-</html>
--- a/wp-admin/install-helper.php
+++ b/wp-admin/install-helper.php
@@ -1,5 +1,5 @@
 <?php
-require_once('../wp-config.php');
+require_once(dirname(dirname(__FILE__)).'/wp-config.php');
 $debug = 0;

 /**
@@ -9,21 +9,21 @@ $debug = 0;
 **           false on error
 */
 function maybe_create_table($table_name, $create_ddl) {
-    global $wpdb;
-    foreach ($wpdb->get_col("SHOW TABLES",0) as $table ) {
-        if ($table == $table_name) {
-            return true;
-        }
-    }
-    //didn't find it try to create it.
-    $q = $wpdb->query($create_ddl);
-    // we cannot directly tell that whether this succeeded!
-    foreach ($wpdb->get_col("SHOW TABLES",0) as $table ) {
-        if ($table == $table_name) {
-            return true;
-        }
-    }
-    return false;
+	global $wpdb;
+	foreach ($wpdb->get_col("SHOW TABLES",0) as $table ) {
+		if ($table == $table_name) {
+			return true;
+		}
+	}
+	//didn't find it try to create it.
+	$q = $wpdb->query($create_ddl);
+	// we cannot directly tell that whether this succeeded!
+	foreach ($wpdb->get_col("SHOW TABLES",0) as $table ) {
+		if ($table == $table_name) {
+			return true;
+		}
+	}
+	return false;
 }

 /**
@@ -33,22 +33,22 @@ function maybe_create_table($table_name, $create_ddl) {
 **           false on error
 */
 function maybe_add_column($table_name, $column_name, $create_ddl) {
-    global $wpdb, $debug;
-    foreach ($wpdb->get_col("DESC $table_name",0) as $column ) {
-        if ($debug) echo("checking $column == $column_name<br />");
-        if ($column == $column_name) {
-            return true;
-        }
-    }
-    //didn't find it try to create it.
-    $q = $wpdb->query($create_ddl);
-    // we cannot directly tell that whether this succeeded!
-    foreach ($wpdb->get_col("DESC $table_name",0) as $column ) {
-        if ($column == $column_name) {
-            return true;
-        }
-    }
-    return false;
+	global $wpdb, $debug;
+	foreach ($wpdb->get_col("DESC $table_name",0) as $column ) {
+		if ($debug) echo("checking $column == $column_name<br />");
+			if ($column == $column_name) {
+				return true;
+			}
+	}
+	//didn't find it try to create it.
+	$q = $wpdb->query($create_ddl);
+	// we cannot directly tell that whether this succeeded!
+	foreach ($wpdb->get_col("DESC $table_name",0) as $column ) {
+		if ($column == $column_name) {
+			return true;
+		}
+	}
+	return false;
 }


@@ -59,21 +59,21 @@ function maybe_add_column($table_name, $column_name, $create_ddl) {
 **           false on error
 */
 function maybe_drop_column($table_name, $column_name, $drop_ddl) {
-    global $wpdb;
-    foreach ($wpdb->get_col("DESC $table_name",0) as $column ) {
-        if ($column == $column_name) {
-            //found it try to drop it.
-            $q = $wpdb->query($drop_ddl);
-            // we cannot directly tell that whether this succeeded!
-            foreach ($wpdb->get_col("DESC $table_name",0) as $column ) {
-                if ($column == $column_name) {
-                    return false;
-                }
-            }
-        }
-    }
-    // else didn't find it
-    return true;
+	global $wpdb;
+	foreach ($wpdb->get_col("DESC $table_name",0) as $column ) {
+		if ($column == $column_name) {
+			//found it try to drop it.
+			$q = $wpdb->query($drop_ddl);
+			// we cannot directly tell that whether this succeeded!
+			foreach ($wpdb->get_col("DESC $table_name",0) as $column ) {
+				if ($column == $column_name) {
+					return false;
+				}
+			}
+		}
+	}
+	// else didn't find it
+	return true;
 }


@@ -92,45 +92,45 @@ function maybe_drop_column($table_name, $column_name, $drop_ddl) {
 **      Extra
 */
 function check_column($table_name, $col_name, $col_type, $is_null = null, $key = null, $default = null, $extra = null) {
-    global $wpdb, $debug;
-    $diffs = 0;
-    $results = $wpdb->get_results("DESC $table_name");
-    
-    foreach ($results as $row ) {
-        if ($debug > 1) print_r($row);
-        if ($row->Field == $col_name) {
-            // got our column, check the params
-            if ($debug) echo ("checking $row->Type against $col_type\n");
-            if (($col_type != null) && ($row->Type != $col_type)) {
-                ++$diffs;
-            }
-            if (($is_null != null) && ($row->Null != $is_null)) {
-                ++$diffs;
-            }
-            if (($key != null) && ($row->Key  != $key)) {
-                ++$diffs;
-            }
-            if (($default != null) && ($row->Default != $default)) {
-                ++$diffs;
-            }
-            if (($extra != null) && ($row->Extra != $extra)) {
-                ++$diffs;
-            }
-            if ($diffs > 0) {
-                if ($debug) echo ("diffs = $diffs returning false\n");
-                return false;
-            }
-            return true;
-        } // end if found our column
-    }
-    return false;
+	global $wpdb, $debug;
+	$diffs = 0;
+	$results = $wpdb->get_results("DESC $table_name");
+
+	foreach ($results as $row ) {
+		if ($debug > 1) print_r($row);
+			if ($row->Field == $col_name) {
+				// got our column, check the params
+				if ($debug) echo ("checking $row->Type against $col_type\n");
+				if (($col_type != null) && ($row->Type != $col_type)) {
+					++$diffs;
+				}
+				if (($is_null != null) && ($row->Null != $is_null)) {
+					++$diffs;
+				}
+				if (($key != null) && ($row->Key  != $key)) {
+					++$diffs;
+				}
+				if (($default != null) && ($row->Default != $default)) {
+					++$diffs;
+				}
+				if (($extra != null) && ($row->Extra != $extra)) {
+					++$diffs;
+				}
+				if ($diffs > 0) {
+					if ($debug) echo ("diffs = $diffs returning false\n");
+					return false;
+				}
+				return true;
+			} // end if found our column
+	}
+	return false;
 }
-    
+
 /*
 echo "<p>testing</p>";
 echo "<pre>";

-//check_column('wp_links', 'link_description', 'mediumtext'); 
+//check_column('wp_links', 'link_description', 'mediumtext');
 //if (check_column($wpdb->comments, 'comment_author', 'tinytext'))
 //    echo "ok\n";
 $error_count = 0;
@@ -138,15 +138,15 @@ $tablename = $wpdb->links;
 // check the column
 if (!check_column($wpdb->links, 'link_description', 'varchar(255)'))
 {
-    $ddl = "ALTER TABLE $wpdb->links MODIFY COLUMN link_description varchar(255) NOT NULL DEFAULT '' ";
-    $q = $wpdb->query($ddl);
+	$ddl = "ALTER TABLE $wpdb->links MODIFY COLUMN link_description varchar(255) NOT NULL DEFAULT '' ";
+	$q = $wpdb->query($ddl);
 }
 if (check_column($wpdb->links, 'link_description', 'varchar(255)')) {
-    $res .= $tablename . ' - ok <br />';
+	$res .= $tablename . ' - ok <br />';
 } else {
-    $res .= 'There was a problem with ' . $tablename . '<br />';
-    ++$error_count;
+	$res .= 'There was a problem with ' . $tablename . '<br />';
+	++$error_count;
 }
 echo "</pre>";
 */
-?>
+?>
--- a/wp-admin/install.php
+++ b/wp-admin/install.php
@@ -1,226 +1,113 @@
 <?php
 define('WP_INSTALLING', true);
-if (!file_exists('../wp-config.php')) 
-    die("There doesn't seem to be a <code>wp-config.php</code> file. I need this before we can get started. Need more help? <a href='http://wordpress.org/docs/faq/#wp-config'>We got it</a>. You can <a href='setup-config.php'>create a <code>wp-config.php</code> file through a web interface</a>, but this doesn't work for all server setups. The safest way is to manually create the file.");
+if (!file_exists('../wp-config.php')) {
+  require_once('../wp-includes/compat.php');
+  require_once('../wp-includes/functions.php');
+  wp_die("There doesn't seem to be a <code>wp-config.php</code> file. I need this before we can get started. Need more help? <a href='http://codex.wordpress.org/Editing_wp-config.php'>We got it</a>. You can <a href='setup-config.php'>create a <code>wp-config.php</code> file through a web interface</a>, but this doesn't work for all server setups. The safest way is to manually create the file.", "WordPress &rsaquo; Error");
+}

 require_once('../wp-config.php');
-require_once('./upgrade-functions.php');
-
-$schema = ( isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' ) ? 'https://' : 'http://';
-$guessurl = str_replace('/wp-admin/install.php?step=2', '', $schema . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) );
+require_once('./includes/upgrade.php');

 if (isset($_GET['step']))
 	$step = $_GET['step'];
 else
 	$step = 0;
+function display_header(){
 header( 'Content-Type: text/html; charset=utf-8' );
 ?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
+<html xmlns="http://www.w3.org/1999/xhtml" <?php language_attributes(); ?>>
 <head>
-	<title><?php _e('WordPress &rsaquo; Installation'); ?></title>
 	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-	<style media="screen" type="text/css">
-	<!--
-	html {
-		background: #eee;
-	}
-	body {
-		background: #fff;
-		color: #000;
-		font-family: Georgia, "Times New Roman", Times, serif;
-		margin-left: 20%;
-		margin-right: 20%;
-		padding: .2em 2em;
-	}
-	
-	h1 {
-		color: #006;
-		font-size: 18px;
-		font-weight: lighter;
-	}
-	
-	h2 {
-		font-size: 16px;
-	}
-	
-	p, li, dt {
-		line-height: 140%;
-		padding-bottom: 2px;
-	}
-
-	ul, ol {
-		padding: 5px 5px 5px 20px;
-	}
-	#logo {
-		margin-bottom: 2em;
-	}
-	.step a, .step input {
-		font-size: 2em;
-	}
-	td input {
-		font-size: 1.5em;
-	}
-	.step, th {
-		text-align: right;
-	}
-	#footer {
-		text-align: center; 
-		border-top: 1px solid #ccc; 
-		padding-top: 1em; 
-		font-style: italic;
-	}
-	-->
-	</style>
+	<title><?php _e('WordPress &rsaquo; Installation'); ?></title>
+	<?php wp_admin_css( 'css/install' ); ?>
 </head>
 <body>
 <h1 id="logo"><img alt="WordPress" src="images/wordpress-logo.png" /></h1>
+
 <?php
+}//end function display_header();
+
 // Let's check to make sure WP isn't already installed.
-$wpdb->hide_errors();
-$installed = $wpdb->get_results("SELECT * FROM $wpdb->users");
-if ($installed) die('<h1>'.__('Already Installed').'</h1><p>'.__('You appear to have already installed WordPress. To reinstall please clear your old database tables first.').'</p></body></html>');
-$wpdb->show_errors();
+if ( is_blog_installed() ) {display_header(); die('<h1>'.__('Already Installed').'</h1><p>'.__('You appear to have already installed WordPress. To reinstall please clear your old database tables first.').'</p></body></html>');}

 switch($step) {
-
 	case 0:
+	case 1: // in case people are directly linking to this
+	  display_header();
 ?>
-<p><?php printf(__('Welcome to WordPress installation. We&#8217;re now going to go through a few steps to get you up and running with the latest in personal publishing platforms. You may want to peruse the <a href="%s">ReadMe documentation</a> at your leisure.'), '../readme.html'); ?></p>
-	<h2 class="step"><a href="install.php?step=1"><?php _e('First Step &raquo;'); ?></a></h2>
-<?php
-	break;
+<h1><?php _e('Welcome'); ?></h1>
+<p><?php printf(__('Welcome to the famous five minute WordPress installation process! You may want to browse the <a href="%s">ReadMe documentation</a> at your leisure.  Otherwise, just fill in the information below and you\'ll be on your way to using the most extendable and powerful personal publishing platform in the world.'), '../readme.html'); ?></p>
+<!--<h2 class="step"><a href="install.php?step=1"><?php _e('First Step &raquo;'); ?></a></h2>-->

-	case 1:
-
-?>
-<h1><?php _e('First Step'); ?></h1>
-<p><?php _e("Before we begin we need a little bit of information. Don't worry, you can always change these later."); ?></p>
+<h1><?php _e('Information needed'); ?></h1>
+<p><?php _e("Please provide the following information.  Don't worry, you can always change these settings later."); ?></p>

 <form id="setup" method="post" action="install.php?step=2">
-<table width="100%">
-<tr>
-<th width="33%"><?php _e('Weblog title:'); ?></th>
-<td><input name="weblog_title" type="text" id="weblog_title" size="25" /></td>
-</tr>
-<tr>
-<th><?php _e('Your e-mail:'); ?></th>
-	<td><input name="admin_email" type="text" id="admin_email" size="25" /></td>
-</tr>
-</table>
-<p><em><?php _e('Double-check that email address before continuing.'); ?></em></p>
-<h2 class="step">
-<input type="submit" name="Submit" value="<?php _e('Continue to Second Step &raquo;'); ?>" />
-</h2>
+	<table width="100%">
+		<tr>
+			<th width="33%"><?php _e('Blog title:'); ?></th>
+			<td><input name="weblog_title" type="text" id="weblog_title" size="25" /></td>
+		</tr>
+		<tr>
+			<th><?php _e('Your e-mail:'); ?></th>
+			<td><input name="admin_email" type="text" id="admin_email" size="25" /></td>
+		</tr>
+		<tr>
+			<td>&nbsp;</td>
+			<td><label><input type="checkbox" name="blog_public" value="1" checked="checked" /> <?php _e('Allow my blog to appear in search engines like Google and Technorati.'); ?></label></td>
+		</tr>
+	</table>
+	<p><em><?php _e('Double-check your email address before continuing.'); ?></em></p>
+	<h2 class="step"><input type="submit" name="Submit" value="<?php _e('Install WordPress &raquo;'); ?>" /></h2>
 </form>

 <?php
-	break;
+		break;
 	case 2:
+		if ( !empty($wpdb->error) )
+			wp_die($wpdb->error->get_error_message());

-// Fill in the data we gathered
-$weblog_title = stripslashes($_POST['weblog_title']);
-$admin_email = stripslashes($_POST['admin_email']);
-// check e-mail address
-if (empty($admin_email)) {
-	die (__("<strong>ERROR</strong>: please type your e-mail address"));
-} else if (!is_email($admin_email)) {
-	die (__("<strong>ERROR</strong>: the e-mail address isn't correct"));
-}
-	
-?>
-<h1><?php _e('Second Step'); ?></h1>
-<p><?php _e('Now we&#8217;re going to create the database tables and fill them with some default data.'); ?></p>
+		display_header();	
+		// Fill in the data we gathered
+		$weblog_title = stripslashes($_POST['weblog_title']);
+		$admin_email = stripslashes($_POST['admin_email']);
+		$public = (int) $_POST['blog_public'];
+		// check e-mail address
+		if (empty($admin_email)) {
+			// TODO: poka-yoke
+			die(__("<strong>ERROR</strong>: you must provide an e-mail address"));
+		} else if (!is_email($admin_email)) {
+			// TODO: poka-yoke
+			die(__('<strong>ERROR</strong>: that isn\'t a valid e-mail address.  E-mail addresses look like: <code>username@example.com</code>'));
+		}

-
-<?php
-flush();
-
-// Set everything up
-wp_cache_flush();
-make_db_current_silent();
-populate_options();
-populate_roles();
-
-update_option('blogname', $weblog_title);
-update_option('admin_email', $admin_email);
-
-// Now drop in some default links
-$wpdb->query("INSERT INTO $wpdb->linkcategories (cat_id, cat_name) VALUES (1, '".$wpdb->escape(__('Blogroll'))."')");
-$wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss, link_notes) VALUES ('http://blogs.linux.ie/xeer/', 'Donncha', 1, 'http://blogs.linux.ie/xeer/feed/', '');");
-$wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss, link_notes) VALUES ('http://zengun.org/weblog/', 'Michel', 1, 'http://zengun.org/weblog/feed/', '');");
-$wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss, link_notes) VALUES ('http://boren.nu/', 'Ryan', 1, 'http://boren.nu/feed/', '');");
-$wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss, link_notes) VALUES ('http://photomatt.net/', 'Matt', 1, 'http://xml.photomatt.net/feed/', '');");
-$wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss, link_notes) VALUES ('http://zed1.com/journalized/', 'Mike', 1, 'http://zed1.com/journalized/feed/', '');");
-$wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss, link_notes) VALUES ('http://www.alexking.org/', 'Alex', 1, 'http://www.alexking.org/blog/wp-rss2.php', '');");
-$wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss, link_notes) VALUES ('http://dougal.gunters.org/', 'Dougal', 1, 'http://dougal.gunters.org/feed/', '');");
-
-// Default category
-$wpdb->query("INSERT INTO $wpdb->categories (cat_ID, cat_name, category_nicename, category_count, category_description) VALUES ('0', '".$wpdb->escape(__('Uncategorized'))."', '".sanitize_title(__('Uncategorized'))."', '1', '')");
-
-// First post
-$now = date('Y-m-d H:i:s');
-$now_gmt = gmdate('Y-m-d H:i:s');
-$wpdb->query("INSERT INTO $wpdb->posts (post_author, post_date, post_date_gmt, post_content, post_excerpt, post_title, post_category, post_name, post_modified, post_modified_gmt, comment_count, to_ping, pinged, post_content_filtered) VALUES ('1', '$now', '$now_gmt', '".$wpdb->escape(__('Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!'))."', '', '".$wpdb->escape(__('Hello world!'))."', '0', '".$wpdb->escape(__('hello-world'))."', '$now', '$now_gmt', '1', '', '', '')");
-
-$wpdb->query( "INSERT INTO $wpdb->post2cat (`rel_id`, `post_id`, `category_id`) VALUES (1, 1, 1)" );
-
-// Default comment
-$wpdb->query("INSERT INTO $wpdb->comments (comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_date, comment_date_gmt, comment_content) VALUES ('1', '".$wpdb->escape(__('Mr WordPress'))."', '', 'http://wordpress.org/', '$now', '$now_gmt', '".$wpdb->escape(__('Hi, this is a comment.<br />To delete a comment, just log in, and view the posts\' comments, there you will have the option to edit or delete them.'))."')");
-
-// First Page
-
-$wpdb->query("INSERT INTO $wpdb->posts (post_author, post_date, post_date_gmt, post_content, post_excerpt, post_title, post_category, post_name, post_modified, post_modified_gmt, post_status, to_ping, pinged, post_content_filtered) VALUES ('1', '$now', '$now_gmt', '".$wpdb->escape(__('This is an example of a WordPress page, you could edit this to put information about yourself or your site so readers know where you are coming from. You can create as many pages like this one or sub-pages as you like and manage all of your content inside of WordPress.'))."', '', '".$wpdb->escape(__('About'))."', '0', '".$wpdb->escape(__('about'))."', '$now', '$now_gmt', 'static', '', '', '')");
-$wp_rewrite->flush_rules();
-
-// Set up admin user
-$random_password = substr(md5(uniqid(microtime())), 0, 6);
-$display_name_array = explode('@', $admin_email);
-$display_name = $display_name_array[0];
-$wpdb->query("INSERT INTO $wpdb->users (ID, user_login, user_pass, user_email, user_registered, display_name, user_nicename) VALUES ( '1', 'admin', MD5('$random_password'), '$admin_email', NOW(), '$display_name', 'admin')");
-$wpdb->query("INSERT INTO $wpdb->usermeta (user_id, meta_key, meta_value) VALUES ({$wpdb->insert_id}, '{$table_prefix}user_level', '10');");
-$admin_caps = serialize(array('administrator' => true));
-$wpdb->query("INSERT INTO $wpdb->usermeta (user_id, meta_key, meta_value) VALUES ({$wpdb->insert_id}, '{$table_prefix}capabilities', '{$admin_caps}');");
-
-$message_headers = 'From: ' . $weblog_title . ' <wordpress@' . $_SERVER['SERVER_NAME'] . '>';
-$message = sprintf(__("Your new WordPress blog has been successfully set up at:
-
-%1\$s
-
-You can log in to the administrator account with the following information:
-
-Username: admin
-Password: %2\$s
-
-We hope you enjoy your new weblog. Thanks!
-
--The WordPress Team
-http://wordpress.org/
-"), $guessurl, $random_password);
-
-@wp_mail($admin_email, __('New WordPress Blog'), $message, $message_headers);
-
-wp_cache_flush();
+		$wpdb->show_errors();
+		$result = wp_install($weblog_title, 'admin', $admin_email, $public);
+		extract($result, EXTR_SKIP);
 ?>

-<p><em><?php _e('Finished!'); ?></em></p>
+<h1><?php _e('Success!'); ?></h1>
+
+<p><?php printf(__('WordPress has been installed.  Now you can <a href="%1$s">log in</a> with the <strong>username</strong> "<code>admin</code>" and <strong>password</strong> "<code>%2$s</code>".'), '../wp-login.php', $password); ?></p>
+<p><?php _e('<strong><em>Note that password</em></strong> carefully! It is a <em>random</em> password that was generated just for you.'); ?></p>

-<p><?php printf(__('Now you can <a href="%1$s">log in</a> with the <strong>username</strong> "<code>admin</code>" and <strong>password</strong> "<code>%2$s</code>".'), '../wp-login.php', $random_password); ?></p>
-<p><?php _e('<strong><em>Note that password</em></strong> carefully! It is a <em>random</em> password that was generated just for you. If you lose it, you will have to delete the tables from the database yourself, and re-install WordPress. So to review:'); ?>
-</p>
 <dl>
-<dt><?php _e('Username'); ?></dt>
-<dd><code>admin</code></dd>
-<dt><?php _e('Password'); ?></dt>
-<dd><code><?php echo $random_password; ?></code></dd>
+	<dt><?php _e('Username'); ?></dt>
+		<dd><code>admin</code></dd>
+	<dt><?php _e('Password'); ?></dt>
+		<dd><code><?php echo $password; ?></code></dd>
 	<dt><?php _e('Login address'); ?></dt>
-<dd><a href="../wp-login.php">wp-login.php</a></dd>
+		<dd><a href="../wp-login.php">wp-login.php</a></dd>
 </dl>
-<p><?php _e('Were you expecting more steps? Sorry to disappoint. All done! :)'); ?></p>
+<p><?php _e('Were you expecting more steps? Sorry to disappoint. :)'); ?></p>
+
 <?php
-	break;
+		break;
 }
 ?>
+
 <p id="footer"><?php _e('<a href="http://wordpress.org/">WordPress</a>, personal publishing platform.'); ?></p>
 </body>
-</html>
+</html>
--- a/wp-admin/js/cat.js
+++ b/wp-admin/js/cat.js
@@ -0,0 +1,11 @@
+addLoadEvent(function(){catList=new listMan('categorychecklist');catList.ajaxRespEl='jaxcat';catList.topAdder=1;catList.alt=0;catList.showLink=0;});
+addLoadEvent(newCatAddIn);
+function newCatAddIn() {
+	var jaxcat = $('jaxcat');
+	if ( !jaxcat )
+		return false;
+	// These multiple blank hidden inputs are needed: https://bugzilla.mozilla.org/show_bug.cgi?id=377815 , #3895 , #4664
+	Element.update(jaxcat,'<span id="ajaxcat"><input type="text" name="newcat" id="newcat" size="16" autocomplete="off"/><input type="button" name="Button" id="catadd" value="' + catL10n.add + '"/><input type="hidden"/><input type="hidden"/><span id="howto">' + catL10n.how + '</span></span>');
+	$('newcat').onkeypress = function(e) { return killSubmit("catList.ajaxAdder('category','jaxcat');", e); };
+	$('catadd').onclick = function() { catList.ajaxAdder('category', 'jaxcat'); };
+}
--- a/wp-admin/js/categories.js
+++ b/wp-admin/js/categories.js
@@ -0,0 +1,16 @@
+addLoadEvent(function() {
+	if (!theList.theList) return false;
+	document.forms.addcat.submit.onclick = function(e) {return killSubmit('theList.ajaxAdder("cat", "addcat");', e); };
+	theList.addComplete = function(what, where, update, transport) {
+		var name = getNodeValue(transport.responseXML, 'name').unescapeHTML();
+		var id = transport.responseXML.getElementsByTagName(what)[0].getAttribute('id');
+		var options = document.forms['addcat'].category_parent.options;
+		options[options.length] = new Option(name, id);
+	};
+	theList.delComplete = function(what, id) {
+		var options = document.forms['addcat'].category_parent.options;
+		for ( var o = 0; o < options.length; o++ )
+			if ( id == options[o].value )
+				options[o] = null;
+	};
+});
--- a/wp-admin/js/custom-fields.js
+++ b/wp-admin/js/custom-fields.js
@@ -0,0 +1,26 @@
+function customFieldsOnComplete( what, where, update, transport ) {
+	var pidEl = $('post_ID');
+	pidEl.name = 'post_ID';
+	pidEl.value = getNodeValue(transport.responseXML, 'postid');
+	var aEl = $('hiddenaction')
+	if ( aEl.value == 'post' ) aEl.value = 'postajaxpost';
+}
+addLoadEvent(customFieldsAddIn);
+function customFieldsAddIn() {
+	theList.showLink=0;
+	theList.addComplete = customFieldsOnComplete;
+	if (!theList.theList) return false;
+	inputs = theList.theList.getElementsByTagName('input');
+	for ( var i=0; i < inputs.length; i++ ) {
+		if ('text' == inputs[i].type) {
+			inputs[i].setAttribute('autocomplete', 'off');
+			inputs[i].onkeypress = function(e) {return killSubmit('theList.ajaxUpdater("meta", "meta-' + parseInt(this.name.slice(5),10) + '");', e); };
+		}
+		if ('updatemeta' == inputs[i].className) {
+			inputs[i].onclick = function(e) {return killSubmit('theList.ajaxUpdater("meta", "meta-' + parseInt(this.parentNode.parentNode.id.slice(5),10) + '");', e); };
+		}
+	}
+
+	$('metakeyinput').onkeypress = function(e) {return killSubmit('theList.inputData+="&id="+$("post_ID").value;theList.ajaxAdder("meta", "newmeta");', e); };
+	$('updatemetasub').onclick = function(e) {return killSubmit('theList.inputData+="&id="+$("post_ID").value;theList.ajaxAdder("meta", "newmeta");', e); };
+}
--- a/wp-admin/js/dbx-admin-key.js
+++ b/wp-admin/js/dbx-admin-key.js
@@ -0,0 +1,47 @@
+addLoadEvent( function() {var manager = new dbxManager( dbxL10n.manager );} );
+
+addLoadEvent( function()
+{
+	//create new docking boxes group
+	var meta = new dbxGroup(
+		'grabit', 		// container ID [/-_a-zA-Z0-9/]
+		'vertical', 		// orientation ['vertical'|'horizontal']
+		'10', 			// drag threshold ['n' pixels]
+		'no',			// restrict drag movement to container axis ['yes'|'no']
+		'10', 			// animate re-ordering [frames per transition, or '0' for no effect]
+		'yes', 			// include open/close toggle buttons ['yes'|'no']
+		'closed', 		// default state ['open'|'closed']
+		dbxL10n.open, 		// word for "open", as in "open this box"
+		dbxL10n.close, 		// word for "close", as in "close this box"
+		dbxL10n.moveMouse,	// sentence for "move this box" by mouse
+		dbxL10n.toggleMouse,	// pattern-match sentence for "(open|close) this box" by mouse
+		dbxL10n.moveKey,	// sentence for "move this box" by keyboard
+		dbxL10n.toggleKey,	// pattern-match sentence-fragment for "(open|close) this box" by keyboard
+		'%mytitle%  [%dbxtitle%]' // pattern-match syntax for title-attribute conflicts
+		);
+
+	// Boxes are closed by default. Open the Category box if the cookie isn't already set.
+	var catdiv = document.getElementById('categorydiv');
+	if ( catdiv ) {
+		var button = catdiv.getElementsByTagName('A')[0];
+		if ( dbx.cookiestate == null && /dbx\-toggle\-closed/.test(button.className) )
+			meta.toggleBoxState(button, true);
+	}
+
+	var advanced = new dbxGroup(
+		'advancedstuff',
+		'vertical',
+		'10',
+		'yes',			// restrict drag movement to container axis ['yes'|'no']
+		'10',
+		'yes',
+		'closed',
+		dbxL10n.open,
+		dbxL10n.close,
+		dbxL10n.moveMouse,
+		dbxL10n.toggleMouse,
+		dbxL10n.moveKey,
+		dbxL10n.toggleKey,
+		'%mytitle%  [%dbxtitle%]' // pattern-match syntax for title-attribute conflicts
+		);
+});
--- a/wp-admin/js/edit-comments.js
+++ b/wp-admin/js/edit-comments.js
@@ -0,0 +1,59 @@
+addLoadEvent(function() {
+	theCommentList = new listMan('the-comment-list');
+	if ( !theCommentList )
+		return false;
+
+	theExtraCommentList = new listMan('the-extra-comment-list');
+	if ( theExtraCommentList ) {
+		theExtraCommentList.showLink = 0;
+		theExtraCommentList.altOffset = 1;
+		if ( theExtraCommentList.theList && theExtraCommentList.theList.childNodes )
+			var commentNum = $A(theExtraCommentList.theList.childNodes).findAll( function(i) { return Element.visible(i) } ).length;
+		else
+			var commentNum = 0;
+		var urlQ   = document.location.href.split('?');
+		var params = urlQ[1] ? urlQ[1].toQueryParams() : [];
+		var search = params['s'] ? params['s'] : '';
+		var page   = params['apage'] ? params['apage'] : 1;
+	}
+
+	theCommentList.dimComplete = function(what,id,dimClass) {
+		var m = document.getElementById('awaitmod');
+		if ( document.getElementById(what + '-' + id).className.match(dimClass) )
+			m.innerHTML = parseInt(m.innerHTML,10) + 1;
+		else
+			m.innerHTML = parseInt(m.innerHTML,10) - 1;
+	}
+
+	theCommentList.delComplete = function(what,id) {
+		var m = document.getElementById('awaitmod');
+		what = what.split('-')[0];
+		if ( document.getElementById(what + '-' + id).className.match('unapproved') )
+			m.innerHTML = parseInt(m.innerHTML,10) - 1;
+		if ( theExtraCommentList && commentNum ) {
+			var theMover = theExtraCommentList.theList.childNodes[0];
+			Element.removeClassName(theMover,'alternate');
+			theCommentList.theList.appendChild(theMover);
+			theExtraCommentList.inputData += '&page=' + page;
+			if ( search )
+				theExtraCommentList.inputData += '&s=' + search; // trust the URL not the search box
+			theExtraCommentList.addComplete = function() {
+				if ( theExtraCommentList.theList.childNodes )
+					var commentNum = $A(theExtraCommentList.theList.childNodes).findAll( function(i) { return Element.visible(i) } ).length;
+				else
+					var commentNum = 0;
+			}
+			theExtraCommentList.ajaxAdder( 'comment', 'ajax-response' ); // Dummy Request
+		}
+	}
+
+	if ( theList ) // the post list: edit.php
+		theList.delComplete = function() {
+			var comments = document.getElementById('comments');
+			var commdel = encloseFunc(function(a){a.parentNode.removeChild(a);},comments);
+			var listdel = encloseFunc(function(a){a.parentNode.removeChild(a);},theCommentList.theList);
+			setTimeout(commdel,705);
+			setTimeout(listdel,705);
+		}
+});
+
--- a/wp-admin/js/link-cat.js
+++ b/wp-admin/js/link-cat.js
@@ -0,0 +1,10 @@
+addLoadEvent(function(){linkcatList=new listMan('linkcategorychecklist');linkcatList.ajaxRespEl='jaxcat';linkcatList.topAdder=1;linkcatList.alt=0;linkcatList.showLink=0;});
+addLoadEvent(newLinkCatAddIn);
+function newLinkCatAddIn() {
+	var jaxcat = $('jaxcat');
+	if ( !jaxcat )
+		return false;
+	Element.update(jaxcat,'<span id="ajaxcat"><input type="text" name="newcat" id="newcat" size="16" autocomplete="off"/><input type="button" name="Button" id="catadd" value="' + linkcatL10n.add + '"/><input type="hidden"/><span id="howto">' + linkcatL10n.how + '</span></span>');
+	$('newcat').onkeypress = function(e) { return killSubmit("linkcatList.ajaxAdder('link-category','jaxcat');", e); };
+	$('catadd').onclick = function() { linkcatList.ajaxAdder('link-category', 'jaxcat'); };
+}
--- a/wp-admin/js/upload.js
+++ b/wp-admin/js/upload.js
@@ -0,0 +1,295 @@
+addLoadEvent( function() {
+	theFileList = {
+		currentImage: {ID: 0},
+		nonce: '',
+		tab: '',
+		postID: 0,
+
+		toQueryParams: function(qryStrOrig) {
+			var params = new Object();
+			var qryStr = qryStrOrig;
+			var i = 0;
+			do {
+				params[qryStr.split("=")[0].replace(/&/, "")] = ( qryStr.split("=")[1] ) ? qryStr.split("=")[1].split(/&|$/)[0] : '';
+				qryStr = ( qryStr.split("=")[1] ) ? qryStr.split(qryStr.split("=")[1].split(/&|$/)[0])[1] : '';
+				i++;
+			} 
+			while(i < (qryStrOrig.split("=").length - 1));
+			return params;
+		},
+
+		toQueryString: function(params) {
+			var qryStr = '';
+			for ( var key in params )
+				qryStr += key + '=' + params[key] + '&';
+			return qryStr;
+		},
+
+		initializeVars: function() {
+			this.urlData  = document.location.href.split('?');
+			this.params = this.toQueryParams(this.urlData[1]);
+			this.postID = this.params['post_id'];
+			this.tab = this.params['tab'];
+			this.style = this.params['style'];
+			this.ID = this.params['ID'];
+			if ( !this.style )
+				this.style = 'default';
+			var nonceEl = jQuery('#nonce-value');
+			if ( nonceEl )
+				this.nonce = jQuery(nonceEl).val();
+			if ( this.ID ) {
+				this.grabImageData( this.ID );
+				this.imageView( this.ID );
+			}
+		},
+
+		initializeLinks: function() {
+			if ( this.ID )
+				return;
+			jQuery('a.file-link').each(function() {
+				var id = jQuery(this).attr('id').split('-').pop();
+				jQuery(this).attr('href','javascript:void(0)').click(function(e) {
+					theFileList[ 'inline' == theFileList.style ? 'imageView' : 'editView' ](id, e);
+				});
+			});
+		},
+
+		grabImageData: function(id) {
+			if ( id == this.currentImage.ID )
+				return;
+			var thumbEl = jQuery('#attachment-thumb-url-' + id);
+			if ( thumbEl ) {
+				this.currentImage.thumb = ( 0 == id ? '' : jQuery(thumbEl).val() );
+				this.currentImage.thumbBase = ( 0 == id ? '' : jQuery('#attachment-thumb-url-base-' + id).val() );
+			} else {
+				this.currentImage.thumb = false;
+			}
+			this.currentImage.src = ( 0 == id ? '' : jQuery('#attachment-url-' + id).val() );
+			this.currentImage.srcBase = ( 0 == id ? '' : jQuery('#attachment-url-base-' + id).val() );
+			this.currentImage.page = ( 0 == id ? '' : jQuery('#attachment-page-url-' + id).val() );
+			this.currentImage.title = ( 0 == id ? '' : jQuery('#attachment-title-' + id).val() );
+			this.currentImage.description = ( 0 == id ? '' : jQuery('#attachment-description-' + id).val() );
+			var widthEl = jQuery('#attachment-width-' + id);
+			if ( widthEl ) {
+				this.currentImage.width = ( 0 == id ? '' : jQuery(widthEl).val() );
+				this.currentImage.height = ( 0 == id ? '' : jQuery('#attachment-height-' + id).val() );
+			} else {
+				this.currentImage.width = false;
+				this.currentImage.height = false;
+			}
+			this.currentImage.isImage = ( 0 == id ? 0 : jQuery('#attachment-is-image-' + id).val() );
+			this.currentImage.ID = id;
+		},
+
+		imageView: function(id, e) {
+			this.prepView(id);
+			var h = '';
+
+			h += "<div id='upload-file'>"
+			if ( this.ID ) {
+				var params = this.params;
+				params.ID = '';
+				params.action = '';
+				h += "<a href='" + this.urlData[0] + '?' + this.toQueryString(params) + "'";
+			} else {
+				h += "<a href='#' onclick='return theFileList.cancelView();'";
+			}
+			h += " title='" + this.browseTitle + "' class='back'>" + this.back + "</a>";
+			h += "<div id='file-title'>"
+			if ( 0 == this.currentImage.isImage )
+				h += "<h2><a href='" + this.currentImage.srcBase + this.currentImage.src + "' onclick='return false;' title='" + this.directTitle + "'>" + this.currentImage.title + "</a></h2>";
+			else
+				h += "<h2>" + this.currentImage.title + "</h2>";
+			h += " &#8212; <span>";
+			h += "<a href='#' onclick='return theFileList.editView(" + id + ");'>" + this.edit + "</a>"
+			h += "</span>";
+			h += '</div>'
+			h += "<div id='upload-file-view' class='alignleft'>";
+			if ( 1 == this.currentImage.isImage ) {
+				h += "<a href='" + this.currentImage.srcBase + this.currentImage.src + "' onclick='return false;' title='" + this.directTitle + "'>";
+				h += "<img src='" + ( this.currentImage.thumb ? this.currentImage.thumb : this.currentImage.src ) + "' alt='" + this.currentImage.title + "' width='" + this.currentImage.width + "' height='" + this.currentImage.height + "' />";
+				h += "</a>";
+			} else
+				h += '&nbsp;';
+			h += "</div>";
+
+			h += "<form name='uploadoptions' id='uploadoptions' class='alignleft'>";
+			h += "<table>";
+			var display = [];
+			var checked = 'display-title';
+			if ( 1 == this.currentImage.isImage ) {
+				checked = 'display-full';
+				if ( this.currentImage.thumb ) {
+					display.push("<label for='display-thumb'><input type='radio' name='display' id='display-thumb' value='thumb' /> " + this.thumb + "</label><br />");
+					checked = 'display-thumb';
+				}
+				display.push("<label for='display-full'><input type='radio' name='display' id='display-full' value='full' /> " + this.full + "</label>");
+			} else if ( this.currentImage.thumb ) {
+				display.push("<label for='display-thumb'><input type='radio' name='display' id='display-thumb' value='thumb' /> " + this.icon + "</label>");
+			}
+			if ( display.length ) {
+				display.push("<br /><label for='display-title'><input type='radio' name='display' id='display-title' value='title' /> " + this.title + "</label>");
+				h += "<tr><th style='padding-bottom:.5em'>" + this.show + "</th><td style='padding-bottom:.5em'>";
+				jQuery(display).each( function() { h += this; } );
+				h += "</td></tr>";
+			}
+
+			h += "<tr><th>" + this.link + "</th><td>";
+			h += "<label for='link-file'><input type='radio' name='link' id='link-file' value='file' checked='checked'/> " + this.file + "</label><br />";
+			h += "<label for='link-page'><input type='radio' name='link' id='link-page' value='page' /> " + this.page + "</label><br />";
+			h += "<label for='link-none'><input type='radio' name='link' id='link-none' value='none' /> " + this.none + "</label>";
+			h += "</td></tr>";
+
+			h += "<tr><td colspan='2'><p class='submit'>";
+			h += "<input type='button' class='button' name='send' onclick='theFileList.sendToEditor(" + id + ")' value='" + this.editorText + "' />";
+			h += "</p></td></tr></table>";
+			h += "</form>";
+
+			h += "</div>";
+
+			jQuery(h).prependTo('#upload-content');
+			jQuery('#' + checked).attr('checked','checked');
+			if (e) return e.stopPropagation();
+			return false;
+		},
+
+		editView: function(id, e) {
+			this.prepView(id);
+			var h = '';
+
+			var action = 'upload.php?style=' + this.style + '&amp;tab=upload';
+			if ( this.postID )
+				action += '&amp;post_id=' + this.postID;
+
+			h += "<form id='upload-file' method='post' action='" + action + "'>";
+			if ( this.ID ) {
+				var params = this.params;
+				params.ID = '';
+				params.action = '';
+				h += "<a href='" + this.urlData[0] + '?' + this.toQueryString(params) + "'";
+			} else {
+				h += "<a href='#' onclick='return theFileList.cancelView();'";
+			}
+			h += " title='" + this.browseTitle + "' class='back'>" + this.back + "</a>";
+			h += "<div id='file-title'>"
+			if ( 0 == this.currentImage.isImage )
+				h += "<h2><a href='" + this.currentImage.srcBase + this.currentImage.src + "' onclick='return false;' title='" + this.directTitle + "'>" + this.currentImage.title + "</a></h2>";
+			else
+				h += "<h2>" + this.currentImage.title + "</h2>";
+			h += " &#8212; <span>";
+			h += "<a href='#' onclick='return theFileList.imageView(" + id + ");'>" + this.insert + "</a>";
+			h += "</span>";
+			h += '</div>'
+			h += "<div id='upload-file-view' class='alignleft'>";
+			if ( 1 == this.currentImage.isImage ) {
+				h += "<a href='" + this.currentImage.srcBase + this.currentImage.src + "' onclick='return false;' title='" + this.directTitle + "'>";
+				h += "<img src='" + ( this.currentImage.thumb ? this.currentImage.thumb : this.currentImage.src ) + "' alt='" + this.currentImage.title + "' width='" + this.currentImage.width + "' height='" + this.currentImage.height + "' />";
+				h += "</a>";
+			} else
+				h += '&nbsp;';
+			h += "</div>";
+
+
+			h += "<table><col /><col class='widefat' /><tr>";
+			h += "<th scope='row'><label for='url'>" + this.urlText + "</label></th>";
+			h += "<td><input type='text' id='url' class='readonly' value='" + this.currentImage.srcBase + this.currentImage.src + "' readonly='readonly' /></td>";
+			h += "</tr><tr>";
+			h += "<th scope='row'><label for='post_title'>" + this.title + "</label></th>";
+			h += "<td><input type='text' id='post_title' name='post_title' value='" + this.currentImage.title + "' /></td>";
+			h += "</tr><tr>";
+			h += "<th scope='row'><label for='post_content'>" + this.desc + "</label></th>";
+			h += "<td><textarea name='post_content' id='post_content'>" + this.currentImage.description + "</textarea></td>";
+			h += "</tr><tr id='buttons' class='submit'><td colspan='2'><input type='button' id='delete' name='delete' class='delete alignleft' value='" + this.deleteText + "' onclick='theFileList.deleteFile(" + id + ");' />";
+			h += "<input type='hidden' name='from_tab' value='" + this.tab + "' />";
+			h += "<input type='hidden' name='post_parent' value='" + parseInt(this.postID,10) + "' />";
+			h += "<input type='hidden' name='action' id='action-value' value='save' />";
+			h += "<input type='hidden' name='ID' value='" + id + "' />";
+			h += "<input type='hidden' name='_wpnonce' value='" + this.nonce + "' />";
+			h += "<div class='submit'><input type='submit' value='" + this.saveText + "' /></div>";
+			h += "</td></tr></table></form>";
+
+			jQuery(h).prependTo('#upload-content');
+			if (e) e.stopPropagation();
+			return false;
+		},
+
+		prepView: function(id) {
+			this.cancelView( true );
+			var filesEl = jQuery('#upload-files');
+			if ( filesEl )
+				filesEl.hide();
+			var navEl = jQuery('#current-tab-nav');
+			if ( navEl )
+				navEl.hide();
+			this.grabImageData(id);
+		},
+
+		cancelView: function( prep ) {
+			if ( !prep ) {
+				var filesEl = jQuery('#upload-files');
+				if ( filesEl )
+					jQuery(filesEl).show();
+				var navEl = jQuery('#current-tab-nav');
+				if ( navEl )
+					jQuery(navEl).show();
+			}
+			if ( !this.ID )
+				this.grabImageData(0);
+			var div = jQuery('#upload-file');
+			if ( div )
+				jQuery(div).remove();
+			return false;
+		},
+
+		sendToEditor: function(id) {
+			this.grabImageData(id);
+			var link = '';
+			var display = '';
+			var h = '';
+
+			link = jQuery('input[@type=radio][@name="link"][@checked]','#uploadoptions').val();
+			displayEl = jQuery('input[@type=radio][@name="display"][@checked]','#uploadoptions');
+			if ( displayEl )
+				display = jQuery(displayEl).val();
+			else if ( 1 == this.currentImage.isImage )
+				display = 'full';
+
+			if ( 'none' != link )
+				h += "<a href='" + ( 'file' == link ? ( this.currentImage.srcBase + this.currentImage.src ) : ( this.currentImage.page + "' rel='attachment wp-att-" + this.currentImage.ID ) ) + "' title='" + this.currentImage.title + "'>";
+			if ( display && 'title' != display )
+				h += "<img src='" + ( 'thumb' == display ? ( this.currentImage.thumbBase + this.currentImage.thumb ) : ( this.currentImage.srcBase + this.currentImage.src ) ) + "' alt='" + this.currentImage.title + "' />";
+			else
+				h += this.currentImage.title;
+			if ( 'none' != link )
+				h += "</a>";
+
+			var win = window.opener ? window.opener : window.dialogArguments;
+			if ( !win )
+				win = top;
+			tinyMCE = win.tinyMCE;
+			if ( typeof tinyMCE != 'undefined' && tinyMCE.getInstanceById('content') ) {
+				tinyMCE.selectedInstance.getWin().focus();
+				tinyMCE.execCommand('mceInsertContent', false, h);
+			} else
+				win.edInsertContent(win.edCanvas, h);
+			if ( !this.ID )
+				this.cancelView();
+			return false;
+		},
+
+		deleteFile: function(id) {
+			if ( confirm( this.confirmText.replace(/%title%/g, this.currentImage.title) ) ) {
+				jQuery('#action-value').attr('value','delete');
+				jQuery('#upload-file').submit();
+				return true;
+			}
+			return false;
+		}
+
+	};
+
+	for ( var property in uploadL10n ) 
+		theFileList[property] = uploadL10n[property];
+	theFileList.initializeVars();
+	theFileList.initializeLinks();
+} );
--- a/wp-admin/js/users.js
+++ b/wp-admin/js/users.js
@@ -0,0 +1,21 @@
+addLoadEvent(function() {
+	theListEls = document.getElementsByTagName('tbody');
+	theUserLists = new Array();
+	for ( var l = 0; l < theListEls.length; l++ ) {
+		if ( theListEls[l].id )
+			theUserLists[theListEls[l].id] = new listMan(theListEls[l].id);
+	}
+	addUserInputs = document.getElementById('adduser').getElementsByTagName('input');
+	for ( var i = 0; i < addUserInputs.length; i++ ) {
+		addUserInputs[i].onkeypress = function(e) { return killSubmit('addUserSubmit();', e); }
+	}
+	document.getElementById('addusersub').onclick = function(e) { return killSubmit('addUserSubmit();', e); }
+}
+);
+
+function addUserSubmit() {
+	var roleEl = document.getElementById('role');
+	var role = roleEl.options[roleEl.selectedIndex].value;
+	if ( !theUserLists['role-' + role] ) return true;
+	return theUserLists['role-' + role].ajaxAdder('user', 'adduser');
+}
--- a/wp-admin/js/xfn.js
+++ b/wp-admin/js/xfn.js
@@ -10,10 +10,10 @@ function GetElementsWithClassName(elementName, className) {
 }

 function meChecked() {
-  var undefined;
-  var eMe = document.getElementById('me');
-  if (eMe == undefined) return false;
-  else return eMe.checked;
+	var undefined;
+	var eMe = document.getElementById('me');
+	if (eMe == undefined) return false;
+	else return eMe.checked;
 }

 function upit() {
@@ -38,7 +38,7 @@ function blurry() {

 	var aInputs = document.getElementsByTagName('input');

-	for (var i = 0; i < aInputs.length; i++) {		
+	for (var i = 0; i < aInputs.length; i++) {
 		 aInputs[i].onclick = aInputs[i].onkeyup = upit;
 	}
 }
--- a/wp-admin/link-add.php
+++ b/wp-admin/link-add.php
@@ -6,30 +6,18 @@ $this_file = 'link-manager.php';
 $parent_file = 'link-manager.php';


-$wpvarstoreset = array('action', 'cat_id', 'linkurl', 'name', 'image',
-                       'description', 'visible', 'target', 'category', 'link_id',
-                       'submit', 'order_by', 'links_show_cat_id', 'rating', 'rel',
-                       'notes', 'linkcheck[]');
-for ($i=0; $i<count($wpvarstoreset); $i += 1) {
-    $wpvar = $wpvarstoreset[$i];
-    if (!isset($$wpvar)) {
-        if (empty($_POST["$wpvar"])) {
-            if (empty($_GET["$wpvar"])) {
-                $$wpvar = '';
-            } else {
-                $$wpvar = $_GET["$wpvar"];
-            }
-        } else {
-            $$wpvar = $_POST["$wpvar"];
-        }
-    }
-}
+wp_reset_vars(array('action', 'cat_id', 'linkurl', 'name', 'image',
+	'description', 'visible', 'target', 'category', 'link_id',
+	'submit', 'order_by', 'links_show_cat_id', 'rating', 'rel',
+	'notes', 'linkcheck[]'));

-$xfn_js = true;
+wp_enqueue_script( array('xfn', 'dbx-admin-key?pagenow=link.php') );
+if ( current_user_can( 'manage_categories' ) )
+	wp_enqueue_script( 'ajaxlinkcat' );
 require('admin-header.php');
 ?>

-<?php if ($_GET['added']) : ?>
+<?php if ($_GET['added'] && '' != $_POST['link_name']) : ?>
 <div id="message" class="updated fade"><p><?php _e('Link added.'); ?></p></div>
 <?php endif; ?>

@@ -38,8 +26,10 @@ require('admin-header.php');
 	include('edit-link-form.php');
 ?>

-<div class="wrap">
-<?php printf(__('<p>You can drag <a href="%s" title="Link add bookmarklet">Link This</a> to your toolbar and when you click it a window will pop up that will allow you to add whatever site you&#8217;re on to your links! Right now this only works on Mozilla or Netscape, but we&#8217;re working on it.</p>'), "javascript:void(linkmanpopup=window.open('" . get_settings('siteurl') . "/wp-admin/link-add.php?action=popup&amp;linkurl='+escape(location.href)+'&amp;name='+escape(document.title),'LinkManager','scrollbars=yes,width=750,height=550,left=15,top=15,status=yes,resizable=yes'));linkmanpopup.focus();window.focus();linkmanpopup.focus();") ?>
+<div id="wp-link-bookmarklet"  class="wrap">
+<h3><?php _e('Add Link Bookmarklet'); ?></h3>
+<p><?php _e('Right click on the following link and choose &#0147;Bookmark This Link...&#0148; or &#0147;Add to Favorites...&#0148; to create a Link This shortcut.'); ?></p>
+<?php printf('<p><a href="%s" title="'.__('Link add bookmarklet').'">'.__('Link This').'</a></p>', "javascript:void(linkmanpopup=window.open('" . get_option('siteurl') . "/wp-admin/link-add.php?action=popup&amp;linkurl='+escape(location.href)+'&amp;name='+escape(document.title),'LinkManager','scrollbars=yes,width=750,height=550,left=15,top=15,status=yes,resizable=yes'));linkmanpopup.focus();window.focus();linkmanpopup.focus();") ?>
 </div>

 <?php
--- a/wp-admin/link-categories.php
+++ b/wp-admin/link-categories.php
@@ -1,455 +0,0 @@
-<?php
-// Links
-// Copyright (C) 2002, 2003 Mike Little -- mike@zed1.com
-require_once('admin.php');
-$title = __('Link Categories');
-$this_file='link-categories.php';
-$parent_file = 'link-manager.php';
-$list_js = true;
-
-$wpvarstoreset = array('action', 'cat', 'auto_toggle');
-for ($i=0; $i<count($wpvarstoreset); $i += 1) {
-    $wpvar = $wpvarstoreset[$i];
-    if (!isset($$wpvar)) {
-        if (empty($_POST["$wpvar"])) {
-            if (empty($_GET["$wpvar"])) {
-                $$wpvar = '';
-            } else {
-                $$wpvar = $_GET["$wpvar"];
-            }
-        } else {
-            $$wpvar = $_POST["$wpvar"];
-        }
-    }
-}
-
-switch ($action) {
-  case 'addcat':
-  {
-      if ( !current_user_can('manage_links') )
-          die (__("Cheatin' uh ?"));
-
-      $cat_name = wp_specialchars($_POST['cat_name']);
-      $auto_toggle = $_POST['auto_toggle'];
-      if ($auto_toggle != 'Y') {
-          $auto_toggle = 'N';
-      }
-
-      $show_images = $_POST['show_images'];
-      if ($show_images != 'Y') {
-          $show_images = 'N';
-      }
-
-      $show_description = $_POST['show_description'];
-      if ($show_description != 'Y') {
-          $show_description = 'N';
-      }
-
-      $show_rating = $_POST['show_rating'];
-      if ($show_rating != 'Y') {
-          $show_rating = 'N';
-      }
-
-      $show_updated = $_POST['show_updated'];
-      if ($show_updated != 'Y') {
-          $show_updated = 'N';
-      }
-
-      $sort_order = $_POST['sort_order'];
-
-      $sort_desc = $_POST['sort_desc'];
-      if ($sort_desc != 'Y') {
-          $sort_desc = 'N';
-      }
-      $text_before_link = $_POST['text_before_link'];
-      $text_after_link = $_POST['text_after_link'];
-      $text_after_all = $_POST['text_after_all'];
-
-      $list_limit = $_POST['list_limit'];
-      if ($list_limit == '')
-          $list_limit = -1;
-
-      $wpdb->query("INSERT INTO $wpdb->linkcategories (cat_id, cat_name, auto_toggle, show_images, show_description, \n" .
-             " show_rating, show_updated, sort_order, sort_desc, text_before_link, text_after_link, text_after_all, list_limit) \n" .
-             " VALUES ('0', '$cat_name', '$auto_toggle', '$show_images', '$show_description', \n" .
-             " '$show_rating', '$show_updated', '$sort_order', '$sort_desc', '$text_before_link', '$text_after_link', \n" .
-             " '$text_after_all', $list_limit)");
-
-      header('Location: link-categories.php');
-    break;
-  } // end addcat
-  case 'Delete':
-  {
-    $cat_id = (int) $_GET['cat_id'];
-    $cat_name=get_linkcatname($cat_id);
-
-    if ($cat_id=="1")
-        die(sprintf(__("Can't delete the <strong>%s</strong> link category: this is the default one"), $cat_name));
-
-    if ( !current_user_can('manage_links') )
-      die (__("Cheatin' uh ?"));
-
-    $wpdb->query("DELETE FROM $wpdb->linkcategories WHERE cat_id='$cat_id'");
-    $wpdb->query("UPDATE $wpdb->links SET link_category=1 WHERE link_category='$cat_id'");
-
-    header('Location: link-categories.php');
-    break;
-  } // end delete
-  case 'Edit':
-  {
-    include_once ('admin-header.php');
-    $cat_id = (int) $_GET['cat_id'];
-    $row = $wpdb->get_row("SELECT cat_id, cat_name, auto_toggle, show_images, show_description, "
-         . " show_rating, show_updated, sort_order, sort_desc, text_before_link, text_after_link, "
-         . " text_after_all, list_limit FROM $wpdb->linkcategories WHERE cat_id=$cat_id");
-    if ($row) {
-        if ($row->list_limit == -1) {
-            $row->list_limit = '';
-        }
-?>
-
-<div class="wrap">
-  <h2><?php printf(__('Edit &#8220%s&#8221; Category'), wp_specialchars($row->cat_name)); ?></h2>
-
-  <form name="editcat" method="post">
-      <input type="hidden" name="action" value="editedcat" />
-      <input type="hidden" name="cat_id" value="<?php echo $row->cat_id ?>" />
-<fieldset class="options">
-<legend><?php _e('Category Options') ?></legend>
-<table class="editform" width="100%" cellspacing="2" cellpadding="5">
-<tr>
-	<th width="33%" scope="row"><?php _e('Name:') ?></th>
-	<td width="67%"><input name="cat_name" type="text" value="<?php echo wp_specialchars($row->cat_name)?>" size="30" /></td>
-</tr>
-<tr>
-	<th scope="row"><?php _e('Show:') ?></th>
-        <td>
-            <label>
-            <input type="checkbox" name="show_images"  value="Y" <?php checked('Y', $row->show_images); ?> /> 
-            <?php _e('Image') ?></label> <br />
-            <label>
-            <input type="checkbox" name="show_description" value="Y" <?php checked('Y', $row->show_description); ?> /> 
-            <?php _e('Description') ?></label> 
-            <?php _e('(shown in <code>title</code> regardless)') ?><br />
-            <label>
-            <input type="checkbox" name="show_rating"  value="Y" <?php checked('Y', $row->show_rating); ?> /> 
-            <?php _e('Rating') ?></label> <br />
-            <label>
-            <input type="checkbox" name="show_updated" value="Y" <?php checked('Y', $row->show_updated); ?> /> 
-            <?php _e('Updated') ?></label>
-<?php _e('(shown in <code>title</code> regardless)') ?></td>
-</tr>
-<tr>
-	<th scope="row"><?php _e('Sort order:') ?></th>
-	<td>
-	<select name="sort_order" size="1">
-            <option value="name" <?php echo ($row->sort_order == 'name') ? 'selected="selected"' : ''?>><?php _e('Name') ?></option>
-            <option value="id"      <?php echo ($row->sort_order == 'id') ? 'selected' : ''?>><?php _e('Id') ?></option>
-            <option value="url"     <?php echo ($row->sort_order == 'url') ? 'selected' : ''?>><?php _e('URL') ?></option>
-            <option value="rating"  <?php echo ($row->sort_order == 'rating') ? 'selected' : ''?>><?php _e('Rating') ?></option>
-            <option value="updated" <?php echo ($row->sort_order == 'updated') ? 'selected' : ''?>><?php _e('Updated') ?></option>
-            <option value="rand"  <?php echo ($row->sort_order == 'rand') ? 'selected' : ''?>><?php _e('Random') ?></option>
-            <option value="length"  <?php echo ($row->sort_order == 'length') ? 'selected' : ''?>><?php _e('Name Length') ?></option>
-	</select>
-	<label>
-	<input type="checkbox" name="sort_desc" value="Y" <?php checked('Y', $row->sort_desc); ?> /> 
-	<?php _e('Descending') ?></label>
-	</td>
-</tr>
-<tr>
-	<th scope="row"><?php _e('Limit:') ?></th>
-	<td>
-	<input type="text" name="list_limit" size="5" value="<?php echo $row->list_limit ?>" /> 
-	<?php _e('(Leave empty for no limit to number of links shown)') ?>
-	</td>
-</tr>
-<tr>
-	<th scope="row"><?php _e('Toggle:') ?></th>
-	<td><label>
-		<input type="checkbox" name="auto_toggle"  value="Y" <?php checked('Y', $row->auto_toggle); ?> /> 
-		<?php _e('When new link is added toggle all others to be invisible') ?></label></td>
-</tr>
-
-</table>
-</fieldset>
-<fieldset class="options">
-<legend><?php _e('Formatting') ?></legend>
-<table class="editform" width="100%" cellspacing="2" cellpadding="5">
-<tr>
-	<th width="33%" scope="row"><?php _e('Before Link:') ?></th>
-	<td width="67%"><input type="text" name="text_before_link" size="45" value="<?php echo wp_specialchars($row->text_before_link)?>" /></td>
-</tr>
-<tr>
-<th scope="row"><?php _e('Between Link and Description:') ?></th>
-<td><input type="text" name="text_after_link" size="45" value="<?php echo wp_specialchars($row->text_after_link)?>" /></td>
-</tr>
-<tr>
-<th scope="row"><?php _e('After Link:') ?></th>
-<td><input type="text" name="text_after_all" size="45" value="<?php echo wp_specialchars($row->text_after_all)?>"/></td>
-</tr>
-</table>
-</fieldset>
-<p class="submit"><input type="submit" name="submit" value="<?php _e('Save Category Settings &raquo;') ?>" /></p>
-</form>
-
-</div>
-<?php
-    } // end if row
-    break;
-  } // end Edit
-  case "editedcat":
-  {
-    if ( !current_user_can('manage_links') )
-      die (__("Cheatin' uh ?"));
-
-    $submit=$_POST["submit"];
-    if (isset($submit)) {
-
-    $cat_id = (int)$_POST["cat_id"];
-
-    $cat_name= wp_specialchars($_POST["cat_name"]);
-    $auto_toggle = $_POST["auto_toggle"];
-    if ($auto_toggle != 'Y') {
-        $auto_toggle = 'N';
-    }
-
-    $show_images = $_POST["show_images"];
-    if ($show_images != 'Y') {
-        $show_images = 'N';
-    }
-
-    $show_description = $_POST["show_description"];
-    if ($show_description != 'Y') {
-        $show_description = 'N';
-    }
-
-    $show_rating = $_POST["show_rating"];
-    if ($show_rating != 'Y') {
-        $show_rating = 'N';
-    }
-
-    $show_updated = $_POST["show_updated"];
-    if ($show_updated != 'Y') {
-        $show_updated = 'N';
-    }
-
-    $sort_order = $_POST["sort_order"];
-
-    $sort_desc = $_POST["sort_desc"];
-    if ($sort_desc != 'Y') {
-        $sort_desc = 'N';
-    }
-    $text_before_link = $_POST["text_before_link"];
-    $text_after_link = $_POST["text_after_link"];
-    $text_after_all = $_POST["text_after_all"];
-
-    $list_limit = $_POST["list_limit"];
-    if ($list_limit == '')
-        $list_limit = -1;
-
-    $wpdb->query("UPDATE $wpdb->linkcategories set
-            cat_name='$cat_name',
-            auto_toggle='$auto_toggle',
-            show_images='$show_images',
-            show_description='$show_description',
-            show_rating='$show_rating',
-            show_updated='$show_updated',
-            sort_order='$sort_order',
-            sort_desc='$sort_desc',
-            text_before_link='$text_before_link',
-            text_after_link='$text_after_link',
-            text_after_all='$text_after_all',
-            list_limit=$list_limit
-            WHERE cat_id=$cat_id
-            ");
-    } // end if save
-
-
-    header("Location: link-categories.php");
-    break;
-  } // end editcat
-  default:
-  {
-    include_once ("admin-header.php");
-    if ( !current_user_can('manage_links') )
-      die(__("You have do not have sufficient permissions to edit the link categories for this blog. :)"));
-?>
-
-<div class="wrap">
-            <h2><?php _e('Link Categories:') ?></h2>
-            <table id="the-list" width="100%" cellpadding="5" cellspacing="0" border="0">
-              <tr>
- 	        <th rowspan="2" valign="bottom"><?php _e('Name') ?></th>
-                <th rowspan="2" valign="bottom"><?php _e('ID') ?></th>
-                <th rowspan="2" valign="bottom"><?php _e('Toggle?') ?></th>
-                <th colspan="4" valign="bottom" class="alternate"><?php _e('Show') ?></th>
-                <th rowspan="2" valign="bottom"><?php _e('Sort Order') ?></th>
-                <th rowspan="2" valign="bottom"><?php _e('Desc?') ?></th>
-                <th colspan="3" valign="bottom" class="alternate"><?php _e('Formatting') ?></th>
-                <th rowspan="2" valign="bottom"><?php _e('Limit') ?></th>
-                <th rowspan="2" colspan="2">&nbsp;</th>
-              </tr>
-              <tr>
-                <th valign="top"><?php _e('Images') ?></th>
-                <th valign="top"><?php _e('Description') ?></th>
-                <th valign="top"><?php _e('Rating') ?></th>
-                <th valign="top"><?php _e('Updated') ?></th>
-                <th valign="top"><?php _e('Before') ?></th>
-                <th valign="top"><?php _e('Between') ?></th>
-                <th valign="top"><?php _e('After') ?></th>
-              </tr>
-<?php
-$results = $wpdb->get_results("SELECT cat_id, cat_name, auto_toggle, show_images, show_description, "
-         . " show_rating, show_updated, sort_order, sort_desc, text_before_link, text_after_link, "
-         . " text_after_all, list_limit FROM $wpdb->linkcategories ORDER BY cat_id");
-$i = 1;
-foreach ($results as $row) {
-    if ($row->list_limit == -1) {
-        $row->list_limit = __('none');
-    }
-    $style = ($i % 2) ? ' class="alternate"' : '';
-    /*
-    	Manually internationalize every sort order option.
-    */
-    switch ($row->sort_order) {
-    	case 'name':
-    		$row->sort_order = __('name');
-    		break;
-    	case 'id':
-    		$row->sort_order = __('id');
-    		break;
-    	case 'url':
-    		$row->sort_order = __('url');
-    		break;
-    	case 'rating':
-    		$row->sort_order = __('rating');
-    		break;
-    	case 'updated':
-    		$row->sort_order = __('updated');
-    		break;
-    	case 'rand':
-    		$row->sort_order = __('rand');
-    		break;
-    	case 'length':
-    		$row->sort_order = __('length');
-    		break;
-    }
-?>
-              <tr id="link-category-<?php echo $row->cat_id; ?>" valign="middle" align="center" <?php echo $style ?> style="border-bottom: 1px dotted #9C9A9C;">
-                <td><?php echo wp_specialchars($row->cat_name)?></td>
-				<td ><?php echo $row->cat_id?></td>
-                <td><?php echo $row->auto_toggle == 'Y' ? __('Yes') : __('No') ?></td>
-                <td><?php echo $row->show_images == 'Y' ? __('Yes') : __('No') ?></td>
-                <td><?php echo $row->show_description == 'Y' ? __('Yes') : __('No') ?></td>
-                <td><?php echo $row->show_rating == 'Y' ? __('Yes') : __('No') ?></td>
-                <td><?php echo $row->show_updated == 'Y' ? __('Yes') : __('No') ?></td>
-                <td><?php echo $row->sort_order ?></td>
-                <td><?php echo $row->sort_desc == 'Y' ? __('Yes') : __('No') ?></td>
-                <td nowrap="nowrap"><?php echo htmlentities($row->text_before_link)?>&nbsp;</td>
-                <td nowrap="nowrap"><?php echo htmlentities($row->text_after_link)?>&nbsp;</td>
-                <td nowrap="nowrap"><?php echo htmlentities($row->text_after_all)?></td>
-                <td><?php echo $row->list_limit ?></td>
-                <td><a href="link-categories.php?cat_id=<?php echo $row->cat_id?>&amp;action=Edit" class="edit"><?php _e('Edit') ?></a></td>
-                <td><a href="link-categories.php?cat_id=<?php echo $row->cat_id?>&amp;action=Delete" onclick="return deleteSomething( 'link category', <?php echo $row->cat_id . ", '" . sprintf(__("You are about to delete the &quot;%s&quot; link category.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), wp_specialchars($row->cat_name,1)); ?>' );" class="delete"><?php _e('Delete') ?></a></td>
-              </tr>
-<?php
-        ++$i;
-    }
-?>
-            </table>
-<p><?php _e('These are the defaults for when you call a link category with no additional arguments. All of these settings may be overwritten.') ?></p>
-
-<div id="ajax-response"></div>
-
-</div>
-
-<div class="wrap">
-    <form name="addcat" method="post">
-      <input type="hidden" name="action" value="addcat" />
-	  <h2><?php _e('Add a Link Category:') ?></h2>
-<fieldset class="options">
-<legend><?php _e('Category Options') ?></legend>
-<table class="editform" width="100%" cellspacing="2" cellpadding="5">
-<tr>
-	<th width="33%" scope="row"><?php _e('Name:') ?></th>
-	<td width="67%"><input type="text" name="cat_name" size="30" /></td>
-</tr>
-<tr>
-	<th scope="row"><?php _e('Show:') ?></th>
-        <td>
-            <label>
-            <input type="checkbox" name="show_images"  value="Y" /> 
-            <?php _e('Image') ?></label> <br />
-            <label>
-            <input type="checkbox" name="show_description" value="Y" /> 
-            <?php _e('Description') ?></label> 
-            <?php _e('(shown in <code>title</code> regardless)') ?><br />
-            <label>
-            <input type="checkbox" name="show_rating"  value="Y" /> 
-            <?php _e('Rating') ?></label> <br />
-            <label>
-            <input type="checkbox" name="show_updated" value="Y" /> 
-            <?php _e('Updated') ?></label>
-<?php _e('(shown in <code>title</code> regardless)') ?></td>
-</tr>
-<tr>
-	<th scope="row"><?php _e('Sort order:') ?></th>
-	<td>
-	<select name="sort_order" size="1">
-	<option value="name"><?php _e('Name') ?></option>
-	<option value="id"><?php _e('Id') ?></option>
-	<option value="url"><?php _e('URL') ?></option>
-	<option value="rating"><?php _e('Rating') ?></option>
-	<option value="updated"><?php _e('Updated') ?></option>
-	<option value="rand"><?php _e('Random') ?></option>
-	</select>
-	<label>
-	<input type="checkbox" name="sort_desc" value="Y" /> 
-	<?php _e('Descending') ?></label>
-	</td>
-</tr>
-<tr>
-	<th scope="row"><?php _e('Limit:') ?></th>
-	<td>
-	<input type="text" name="list_limit" size="5" value="" /> <?php _e('(Leave empty for no limit to number of links shown)') ?>
-	</td>
-</tr>
-<tr>
-	<th scope="row"><?php _e('Toggle:') ?></th>
-	<td><label>
-		<input type="checkbox" name="auto_toggle"  value="Y" /> 
-		<?php _e('When new link is added toggle all others to be invisible') ?></label></td>
-</tr>
-
-</table>
-</fieldset>
-<fieldset class="options">
-<legend><?php _e('Formatting') ?></legend>
-<table class="editform" width="100%" cellspacing="2" cellpadding="5">
-<tr>
-	<th width="33%" scope="row"><?php _e('Before Link:') ?></th>
-	<td width="67%"><input type="text" name="text_before_link" size="45" value="&lt;li&gt;" /></td>
-</tr>
-<tr>
-<th scope="row"><?php _e('Between Link and Description:') ?></th>
-<td><input type="text" name="text_after_link" size="45" value="&lt;br /&gt;" /></td>
-</tr>
-<tr>
-<th scope="row"><?php _e('After Link:') ?></th>
-<td><input type="text" name="text_after_all" size="45" value="&lt;/li&gt;"/></td>
-</tr>
-</table>
-</fieldset>
-<p class="submit"><input type="submit" name="submit" value="<?php _e('Add Category &raquo;') ?>" /></p>
-  </form>
-</div>
-<div class="wrap">
-    <h3><?php _e('Note:') ?></h3>
-	<p><?php printf(__('Deleting a link category does not delete links from that category.<br />It will just set them back to the default category <strong>%s</strong>.'), get_linkcatname(1)) ?></p>
-</div>
-<?php
-    break;
-  } // end default
-} // end case
-?>
-<?php include('admin-footer.php'); ?>
--- a/wp-admin/link-category.php
+++ b/wp-admin/link-category.php
@@ -0,0 +1,71 @@
+<?php
+require_once('admin.php');
+
+wp_reset_vars(array('action', 'cat'));
+
+switch($action) {
+
+case 'addcat':
+
+	check_admin_referer('add-link-category');
+
+	if ( !current_user_can('manage_categories') )
+		wp_die(__('Cheatin&#8217; uh?'));
+
+	if ( wp_insert_term($_POST['name'], 'link_category', $_POST ) ) {
+		wp_redirect('edit-link-categories.php?message=1#addcat');
+	} else {
+		wp_redirect('edit-link-categories.php?message=4#addcat');
+	}
+	exit;
+break;
+
+case 'delete':
+	$cat_ID = (int) $_GET['cat_ID'];
+	check_admin_referer('delete-link-category_' .  $cat_ID);
+
+	if ( !current_user_can('manage_categories') )
+		wp_die(__('Cheatin&#8217; uh?'));
+
+	$cat_name = get_term_field('name', $cat_ID, 'link_category');
+
+	// Don't delete the default cats.
+    if ( $cat_ID == get_option('default_link_category') )
+		wp_die(sprintf(__("Can&#8217;t delete the <strong>%s</strong> category: this is the default one"), $cat_name));
+
+	wp_delete_term($cat_ID, 'link_category');
+
+	wp_redirect('edit-link-categories.php?message=2');
+	exit;
+
+break;
+
+case 'edit':
+	$title = __('Categories');
+	$parent_file = 'link-manager.php';
+	$submenu_file = 'edit-link-categories.php';
+	require_once ('admin-header.php');
+	$cat_ID = (int) $_GET['cat_ID'];
+	$category = get_term_to_edit($cat_ID, 'link_category');
+	include('edit-link-category-form.php');
+	include('admin-footer.php');
+	exit;
+break;
+
+case 'editedcat':
+	$cat_ID = (int) $_POST['cat_ID'];
+	check_admin_referer('update-link-category_' . $cat_ID);
+
+	if ( !current_user_can('manage_categories') )
+		wp_die(__('Cheatin&#8217; uh?'));
+
+	if ( wp_update_term($cat_ID, 'link_category', $_POST) )
+		wp_redirect('edit-link-categories.php?message=3');
+	else
+		wp_redirect('edit-link-categories.php?message=5');
+
+	exit;
+break;
+}
+
+?>
--- a/wp-admin/link-import.php
+++ b/wp-admin/link-import.php
@@ -12,20 +12,21 @@ if (!$step) $step = 0;
 ?>
 <?php
 switch ($step) {
-    case 0:
-    {
-        include_once('admin-header.php');
-        if ( !current_user_can('manage_links') )
-            die (__("Cheatin&#8217; uh?"));
+	case 0: {
+		include_once('admin-header.php');
+		if ( !current_user_can('manage_links') )
+			wp_die(__('Cheatin&#8217; uh?'));

-        $opmltype = 'blogrolling'; // default.
+		$opmltype = 'blogrolling'; // default.
 ?>

 <div class="wrap">
+
 <h2><?php _e('Import your blogroll from another system') ?> </h2>
 <form enctype="multipart/form-data" action="link-import.php" method="post" name="blogroll">
+<?php wp_nonce_field('import-bookmarks') ?>

-<p><?php _e('If a program or website you use allows you to export your links or subscriptions as OPML you may import them here.'); ?>
+<p><?php _e('If a program or website you use allows you to export your links or subscriptions as OPML you may import them here.'); ?></p>
 <div style="width: 70%; margin: auto; height: 8em;">
 <input type="hidden" name="step" value="1" />
 <input type="hidden" name="MAX_FILE_SIZE" value="30000" />
@@ -39,94 +40,98 @@ switch ($step) {
 <input id="userfile" name="userfile" type="file" size="30" />
 </div>

-
 </div>

 <p style="clear: both; margin-top: 1em;"><?php _e('Now select a category you want to put these links in.') ?><br />
 <?php _e('Category:') ?> <select name="cat_id">
 <?php
-$categories = $wpdb->get_results("SELECT cat_id, cat_name, auto_toggle FROM $wpdb->linkcategories ORDER BY cat_id");
+$categories = get_terms('link_category', 'get=all');
 foreach ($categories as $category) {
 ?>
-<option value="<?php echo $category->cat_id; ?>"><?php echo $category->cat_id.': '.$category->cat_name; ?></option>
+<option value="<?php echo $category->term_id; ?>"><?php echo wp_specialchars(apply_filters('link_category', $category->name)); ?></option>
 <?php
 } // end foreach
 ?>
 </select></p>

-<p class="submit"><input type="submit" name="submit" value="<?php _e('Import OPML File') ?> &raquo;" /></p>
+<p class="submit"><input type="submit" name="submit" value="<?php _e('Import OPML File &raquo;') ?>" /></p>
 </form>

 </div>
 <?php
-                break;
-            } // end case 0
+		break;
+	} // end case 0

-    case 1: {
-                include_once('admin-header.php');
-                if ( !current_user_can('manage_links') )
-                    die (__("Cheatin' uh ?"));
+	case 1: {
+		check_admin_referer('import-bookmarks');
+
+		include_once('admin-header.php');
+		if ( !current_user_can('manage_links') )
+			wp_die(__('Cheatin&#8217; uh?'));
 ?>
 <div class="wrap">

-     <h2><?php _e('Importing...') ?></h2>
+<h2><?php _e('Importing...') ?></h2>
 <?php
-                $cat_id = $_POST['cat_id'];
-                if (($cat_id == '') || ($cat_id == 0)) {
-                    $cat_id  = 1;
-                }
+		$cat_id = abs( (int) $_POST['cat_id'] );
+		if ( $cat_id < 1 )
+			$cat_id  = 1;

-                $opml_url = $_POST['opml_url'];
-                if (isset($opml_url) && $opml_url != '' && $opml_url != 'http://') {
-					$blogrolling = true;
-                }
-                else // try to get the upload file.
-				{
-					$overrides = array('test_form' => false, 'test_type' => false);
-					$file = wp_handle_upload($_FILES['userfile'], $overrides);
+		$opml_url = $_POST['opml_url'];
+		if ( isset($opml_url) && $opml_url != '' && $opml_url != 'http://' ) {
+			$blogrolling = true;
+		} else { // try to get the upload file.
+			$overrides = array('test_form' => false, 'test_type' => false);
+			$file = wp_handle_upload($_FILES['userfile'], $overrides);

-					if ( isset($file['error']) )
-						die($file['error']);
+			if ( isset($file['error']) )
+				wp_die($file['error']);

-					$url = $file['url'];
-					$opml_url = $file['file'];
-					$blogrolling = false;
-				}
+			$url = $file['url'];
+			$opml_url = $file['file'];
+			$blogrolling = false;
+		}

-                if (isset($opml_url) && $opml_url != '') {
-                    $opml = wp_remote_fopen($opml_url);
-                    include_once('link-parse-opml.php');
+		if ( isset($opml_url) && $opml_url != '' ) {
+			if ( $blogrolling === true ) {
+				$opml = wp_remote_fopen($opml_url);
+			} else {
+				$opml = file_get_contents($opml_url);
+			}

-                    $link_count = count($names);
-                    for ($i = 0; $i < $link_count; $i++) {
-                        if ('Last' == substr($titles[$i], 0, 4))
-                            $titles[$i] = '';
-                        if ('http' == substr($titles[$i], 0, 4))
-                            $titles[$i] = '';
-                        // FIXME:  Use wp_insert_link().
-                        $query = "INSERT INTO $wpdb->links (link_url, link_name, link_target, link_category, link_description, link_owner, link_rss)
-                                VALUES('{$urls[$i]}', '".$wpdb->escape($names[$i])."', '', $cat_id, '".$wpdb->escape($descriptions[$i])."', $user_ID, '{$feeds[$i]}')\n";
-                        $result = $wpdb->query($query);
-						echo sprintf('<p>'.__('Inserted <strong>%s</strong>').'</p>', $names[$i]);
-                    }
+			include_once('link-parse-opml.php');
+
+			$link_count = count($names);
+			for ( $i = 0; $i < $link_count; $i++ ) {
+				if ('Last' == substr($titles[$i], 0, 4))
+					$titles[$i] = '';
+				if ( 'http' == substr($titles[$i], 0, 4) )
+					$titles[$i] = '';
+				$link = array( 'link_url' => $urls[$i], 'link_name' => $wpdb->escape($names[$i]), 'link_category' => array($cat_id), 'link_description' => $wpdb->escape($descriptions[$i]), 'link_owner' => $user_ID, 'link_rss' => $feeds[$i]);
+				wp_insert_link($link);
+				echo sprintf('<p>'.__('Inserted <strong>%s</strong>').'</p>', $names[$i]);
+			}
 ?>
-     <p><?php printf(__('Inserted %1$d links into category %2$s. All done! Go <a href="%3$s">manage those links</a>.'), $link_count, $cat_id, 'link-manager.php') ?></p>
-<?php
-                } // end if got url
-                else
-                {
-                    echo "<p>" . __("You need to supply your OPML url. Press back on your browser and try again") . "</p>\n";
-                } // end else

-				if ( ! $blogrolling )
-					@unlink($opml_url);
+<p><?php printf(__('Inserted %1$d links into category %2$s. All done! Go <a href="%3$s">manage those links</a>.'), $link_count, $cat_id, 'link-manager.php') ?></p>
+
+<?php
+} // end if got url
+else
+{
+	echo "<p>" . __("You need to supply your OPML url. Press back on your browser and try again") . "</p>\n";
+} // end else
+
+if ( ! $blogrolling )
+	apply_filters( 'wp_delete_file', $opml_url);
+	@unlink($opml_url);
 ?>
 </div>
 <?php
-                break;
-            } // end case 1
+		break;
+	} // end case 1
 } // end switch

 include('admin-footer.php');

-?>
+?>
--- a/wp-admin/link-manager.php
+++ b/wp-admin/link-manager.php
@@ -1,253 +1,49 @@
 <?php
+
+
 // Links
 // Copyright (C) 2002, 2003 Mike Little -- mike@zed1.com

-require_once('admin.php');
+require_once ('admin.php');

-$title = __('Manage Links');
+wp_enqueue_script( 'listman' );
+
+wp_reset_vars(array('action', 'cat_id', 'linkurl', 'name', 'image', 'description', 'visible', 'target', 'category', 'link_id', 'submit', 'order_by', 'links_show_cat_id', 'rating', 'rel', 'notes', 'linkcheck[]'));
+
+if (empty ($cat_id))
+	$cat_id = 'all';
+
+if (empty ($order_by))
+	$order_by = 'order_name';
+
+$title = __('Manage Blogroll');
 $this_file = $parent_file = 'link-manager.php';
-$list_js = true;
+include_once ("./admin-header.php");

-$wpvarstoreset = array('action','cat_id', 'linkurl', 'name', 'image',
-                       'description', 'visible', 'target', 'category', 'link_id',
-                       'submit', 'order_by', 'links_show_cat_id', 'rating', 'rel',
-                       'notes', 'linkcheck[]');
+if (!current_user_can('manage_links'))
+	wp_die(__("You do not have sufficient permissions to edit the links for this blog."));

-for ($i=0; $i<count($wpvarstoreset); $i += 1) {
-    $wpvar = $wpvarstoreset[$i];
-    if (!isset($$wpvar)) {
-        if (empty($_POST["$wpvar"])) {
-            if (empty($_GET["$wpvar"])) {
-                $$wpvar = '';
-            } else {
-                $$wpvar = $_GET["$wpvar"];
-            }
-        } else {
-            $$wpvar = $_POST["$wpvar"];
-        }
-    }
+switch ($order_by) {
+	case 'order_id' :
+		$sqlorderby = 'id';
+		break;
+	case 'order_url' :
+		$sqlorderby = 'url';
+		break;
+	case 'order_desc' :
+		$sqlorderby = 'description';
+		break;
+	case 'order_owner' :
+		$sqlorderby = 'owner';
+		break;
+	case 'order_rating' :
+		$sqlorderby = 'rating';
+		break;
+	case 'order_name' :
+	default :
+		$sqlorderby = 'name';
+		break;
 }
-
-$links_show_cat_id = $_COOKIE['links_show_cat_id_' . COOKIEHASH];
-$links_show_order = $_COOKIE['links_show_order_' . COOKIEHASH];
-
-if ('' != $_POST['assign']) $action = 'assign';
-if ('' != $_POST['visibility']) $action = 'visibility';
-if ('' != $_POST['move']) $action = 'move';
-if ('' != $_POST['linkcheck']) $linkcheck = $_POST[linkcheck];
-
-switch ($action) {
-  case 'assign':
-  {
-    check_admin_referer();
-
-    // check the current user's level first.
-    if ( !current_user_can('manage_links') )
-      die (__("Cheatin' uh ?"));
-
-    //for each link id (in $linkcheck[]): if the current user level >= the
-    //userlevel of the owner of the link then we can proceed.
-
-    if (count($linkcheck) == 0) {
-        header('Location: ' . $this_file);
-        exit;
-    }
-    $all_links = join(',', $linkcheck);
-    $results = $wpdb->get_results("SELECT link_id, link_owner FROM $wpdb->links LEFT JOIN $wpdb->users ON link_owner = ID WHERE link_id in ($all_links)");
-    foreach ($results as $row) {
-       $ids_to_change[] = $row->link_id;
-    }
-
-    // should now have an array of links we can change
-    $all_links = join(',', $ids_to_change);
-    $q = $wpdb->query("update $wpdb->links SET link_owner='$newowner' WHERE link_id IN ($all_links)");
-
-    header('Location: ' . $this_file);
-    break;
-  }
-  case 'visibility':
-  {
-    check_admin_referer();
-
-    // check the current user's level first.
-    if ( !current_user_can('manage_links') )
-      die (__("Cheatin' uh ?"));
-
-    //for each link id (in $linkcheck[]): toggle the visibility
-    if (count($linkcheck) == 0) {
-        header('Location: ' . $this_file);
-        exit;
-    }
-    $all_links = join(',', $linkcheck);
-    $results = $wpdb->get_results("SELECT link_id, link_visible FROM $wpdb->links WHERE link_id in ($all_links)");
-    foreach ($results as $row) {
-        if ($row->link_visible == 'Y') { // ok to proceed
-            $ids_to_turnoff[] = $row->link_id;
-        } else {
-            $ids_to_turnon[] = $row->link_id;
-        }
-    }
-
-    // should now have two arrays of links to change
-    if (count($ids_to_turnoff)) {
-        $all_linksoff = join(',', $ids_to_turnoff);
-        $q = $wpdb->query("update $wpdb->links SET link_visible='N' WHERE link_id IN ($all_linksoff)");
-    }
-
-    if (count($ids_to_turnon)) {
-        $all_linkson = join(',', $ids_to_turnon);
-        $q = $wpdb->query("update $wpdb->links SET link_visible='Y' WHERE link_id IN ($all_linkson)");
-    }
-
-    header('Location: ' . $this_file);
-    break;
-  }
-  case 'move':
-  {
-    check_admin_referer();
-
-    // check the current user's level first.
-    if ( !current_user_can('manage_links') )
-      die (__("Cheatin' uh ?"));
-
-    //for each link id (in $linkcheck[]) change category to selected value
-    if (count($linkcheck) == 0) {
-        header('Location: ' . $this_file);
-        exit;
-    }
-    $all_links = join(',', $linkcheck);
-    // should now have an array of links we can change
-    $q = $wpdb->query("update $wpdb->links SET link_category='$category' WHERE link_id IN ($all_links)");
-
-    header('Location: ' . $this_file);
-    break;
-  }
-
-  case 'Add':
-  {
-    check_admin_referer();
-
-	add_link();
-	
-    header('Location: ' . $_SERVER['HTTP_REFERER'] . '?added=true');
-    break;
-  } // end Add
-
-  case 'editlink':
-  {
- 
-	check_admin_referer();
- 	
-	if (isset($links_show_cat_id) && ($links_show_cat_id != ''))
-		$cat_id = $links_show_cat_id;
-
-	if (!isset($cat_id) || ($cat_id == '')) {
-		if (!isset($links_show_cat_id) || ($links_show_cat_id == ''))
-			$cat_id = 'All';
-	}
-	$links_show_cat_id = $cat_id;
-
-	$link_id = (int) $_POST['link_id'];
-	edit_link($link_id);
-	
-    setcookie('links_show_cat_id_' . COOKIEHASH, $links_show_cat_id, time()+600);
-    wp_redirect($this_file);
-    break;
-  } // end Save
-
-  case 'Delete':
-  {
-    check_admin_referer();
-
-    if ( !current_user_can('manage_links') )
-      die (__("Cheatin' uh ?"));
-
-    $link_id = (int) $_GET['link_id'];
-
-	wp_delete_link($link_id);
-	
-    if (isset($links_show_cat_id) && ($links_show_cat_id != ''))
-        $cat_id = $links_show_cat_id;
-
-    if (!isset($cat_id) || ($cat_id == '')) {
-        if (!isset($links_show_cat_id) || ($links_show_cat_id == ''))
-        $cat_id = 'All';
-    }
-    $links_show_cat_id = $cat_id;
-    setcookie('links_show_cat_id_' . COOKIEHASH, $links_show_cat_id, time()+600);
-    wp_redirect($this_file);
-    break;
-  } // end Delete
-
-  case 'linkedit': {
-	$xfn_js = true;
-	include_once ('admin-header.php');
-	if ( !current_user_can('manage_links') )
-		die(__('You do not have sufficient permissions to edit the links for this blog.'));
-	
-	$link_id = (int) $_GET['link_id'];
-	
-	if ( !$link = get_link_to_edit($link_id) )
-		die( __('Link not found.') );
-	
-	include('edit-link-form.php');
-	break;
-  } // end linkedit
-  case __("Show"):
-  {
-    if (!isset($cat_id) || ($cat_id == '')) {
-        if (!isset($links_show_cat_id) || ($links_show_cat_id == ''))
-        $cat_id = 'All';
-    }
-    $links_show_cat_id = $cat_id;
-    if (!isset($order_by) || ($order_by == '')) {
-        if (!isset($links_show_order) || ($links_show_order == ''))
-        $order_by = 'order_name';
-    }
-    $links_show_order = $order_by;
-    //break; fall through
-  } // end Show
-  case "popup":
-  {
-    $link_url = stripslashes($_GET["linkurl"]);
-    $link_name = stripslashes($_GET["name"]);
-    //break; fall through
-  }
-  default:
-  {
-    if (isset($links_show_cat_id) && ($links_show_cat_id != ''))
-        $cat_id = $links_show_cat_id;
-
-    if (!isset($cat_id) || ($cat_id == '')) {
-        if (!isset($links_show_cat_id) || ($links_show_cat_id == ''))
-        $cat_id = 'All';
-    }
-    $links_show_cat_id = $cat_id;
-    if (isset($links_show_order) && ($links_show_order != ''))
-        $order_by = $links_show_order;
-
-    if (!isset($order_by) || ($order_by == ''))
-        $order_by = 'order_name';
-    $links_show_order = $order_by;
-
-    setcookie('links_show_cat_id_' . COOKIEHASH, $links_show_cat_id, time()+600);
-    setcookie('links_show_order_' . COOKIEHASH, $links_show_order, time()+600);
-    include_once ("./admin-header.php");
-    if ( !current_user_can('manage_links') )
-      die(__("You do not have sufficient permissions to edit the links for this blog."));
-
-    switch ($order_by)
-    {
-        case 'order_id':     $sqlorderby = 'id';          break;
-        case 'order_url':    $sqlorderby = 'url';         break;
-        case 'order_desc':   $sqlorderby = 'description'; break;
-        case 'order_owner':  $sqlorderby = 'owner';       break;
-        case 'order_rating': $sqlorderby = 'rating';      break;
-        case 'order_name':
-        default:             $sqlorderby = 'name';        break;
-    }
-
-  if ($action != "popup") {
 ?>
 <script type="text/javascript">
 <!--
@@ -265,181 +61,146 @@ function checkAll(form)
 //-->
 </script>

-<div class="wrap">
-    <form name="cats" method="post" action="">
-    <table width="75%" cellpadding="3" cellspacing="3">
-      <tr>
-        <td>
-        <?php _e('<strong>Show</strong> links in category:'); ?><br />
-        </td>
-        <td>
-          <?php _e('<strong>Order</strong> by:');?>
-        </td>
-		<td>&nbsp;</td>
-      </tr>
-      <tr>
-        <td>
 <?php
-    $results = $wpdb->get_results("SELECT cat_id, cat_name, auto_toggle FROM $wpdb->linkcategories ORDER BY cat_id");
-    echo "        <select name=\"cat_id\">\n";
-    echo "          <option value=\"All\"";
-    if ($cat_id == 'All')
-      echo " selected='selected'";
-    echo "> " . __('All') . "</option>\n";
-    foreach ($results as $row) {
-      echo "          <option value=\"".$row->cat_id."\"";
-      if ($row->cat_id == $cat_id)
-        echo " selected='selected'";
-        echo ">".$row->cat_id.": ".wp_specialchars($row->cat_name);
-        if ($row->auto_toggle == 'Y')
-            echo ' '.__('(auto toggle)');
-        echo "</option>\n";
-    }
-    echo "        </select>\n";
+if ( isset($_GET['deleted']) ) {
+	echo '<div style="background-color: rgb(207, 235, 247);" id="message" class="updated fade"><p>';
+	$deleted = (int) $_GET['deleted'];
+	printf(__ngettext('%s link deleted.', '%s links deleted', $deleted), $deleted);
+	echo '</p></div>';
+}
 ?>
-        </td>
-        <td>
-          <select name="order_by">
-            <option value="order_id"     <?php if ($order_by == 'order_id')     echo " selected='selected'";?>><?php _e('Link ID') ?></option>
-            <option value="order_name"   <?php if ($order_by == 'order_name')   echo " selected='selected'";?>><?php _e('Name') ?></option>
-            <option value="order_url"    <?php if ($order_by == 'order_url')    echo " selected='selected'";?>><?php _e('URI') ?></option>
-            <option value="order_desc"   <?php if ($order_by == 'order_desc')   echo " selected='selected'";?>><?php _e('Description') ?></option>
-            <option value="order_owner"  <?php if ($order_by == 'order_owner')  echo " selected='selected'";?>><?php _e('Owner') ?></option>
-            <option value="order_rating" <?php if ($order_by == 'order_rating') echo " selected='selected'";?>><?php _e('Rating') ?></option>
-          </select>
-        </td>
-        <td>
-          <input type="submit" name="action" value="<?php _e('Show') ?>" />
-        </td>
-      </tr>
-    </table>
-    </form>

-</div>
-
-<form name="links" id="links" method="post" action="">
 <div class="wrap">

-    <input type="hidden" name="link_id" value="" />
-    <input type="hidden" name="action" value="" />
-    <input type="hidden" name="order_by" value="<?php echo wp_specialchars($order_by, 1); ?>" />
-    <input type="hidden" name="cat_id" value="<?php echo (int) $cat_id ?>" />
-  <table id="the-list-x" width="100%" cellpadding="3" cellspacing="3">
-    <tr>
-      <th width="15%"><?php _e('Name') ?></th>
-      <th><?php _e('URI') ?></th>
-      <th><?php _e('Category') ?></th>
-      <th><?php _e('rel') ?></th>
-      <th><?php _e('Image') ?></th>
-      <th><?php _e('Visible') ?></th>
-      <th colspan="2"><?php _e('Action') ?></th>
-      <th>&nbsp;</th>
-  </tr>
-<?php
-    $sql = "SELECT link_url, link_name, link_image, link_description, link_visible,
-            link_category AS cat_id, cat_name AS category, $wpdb->users.user_login, link_id,
-            link_rating, link_rel
-            FROM $wpdb->links
-            LEFT JOIN $wpdb->linkcategories ON $wpdb->links.link_category = $wpdb->linkcategories.cat_id
-            LEFT JOIN $wpdb->users ON $wpdb->users.ID = $wpdb->links.link_owner ";
+<h2><?php _e('Blogroll Management'); ?></h2>
+<p><?php _e('Here you <a href="link-add.php">add links</a> to sites that you visit often and share them on your blog. When you have a list of links in your sidebar to other blogs, it&#8217;s called a &#8220;blogroll.&#8221;'); ?></p>
+<form id="cats" method="get" action="">
+<p><?php
+$categories = get_terms('link_category', "hide_empty=1");
+$select_cat = "<select name=\"cat_id\">\n";
+$select_cat .= '<option value="all"'  . (($cat_id == 'all') ? " selected='selected'" : '') . '>' . __('All') . "</option>\n";
+foreach ((array) $categories as $cat)
+	$select_cat .= '<option value="' . $cat->term_id . '"' . (($cat->term_id == $cat_id) ? " selected='selected'" : '') . '>' . sanitize_term_field('name', $cat->name, $cat->term_id, 'link_category', 'display') . "</option>\n";
+$select_cat .= "</select>\n";

-    if (isset($cat_id) && ($cat_id != 'All')) {
-      $sql .= " WHERE link_category = $cat_id ";
-    }
-    $sql .= ' ORDER BY link_' . $sqlorderby;
+$select_order = "<select name=\"order_by\">\n";
+$select_order .= '<option value="order_id"' . (($order_by == 'order_id') ? " selected='selected'" : '') . '>' .  __('Link ID') . "</option>\n";
+$select_order .= '<option value="order_name"' . (($order_by == 'order_name') ? " selected='selected'" : '') . '>' .  __('Name') . "</option>\n";
+$select_order .= '<option value="order_url"' . (($order_by == 'order_url') ? " selected='selected'" : '') . '>' .  __('Address') . "</option>\n";
+$select_order .= '<option value="order_rating"' . (($order_by == 'order_rating') ? " selected='selected'" : '') . '>' .  __('Rating') . "</option>\n";
+$select_order .= "</select>\n";

-    // echo "$sql";
-    $links = $wpdb->get_results($sql);
-    if ($links) {
-        foreach ($links as $link) {
-      	    $link->link_name = wp_specialchars($link->link_name);
-      	    $link->link_category = wp_specialchars($link->link_category);
-      	    $link->link_description = wp_specialchars($link->link_description);
-            $link->link_url = wp_specialchars($link->link_url);
-            $short_url = str_replace('http://', '', $link->link_url);
-            $short_url = str_replace('www.', '', $short_url);
-            if ('/' == substr($short_url, -1))
-                $short_url = substr($short_url, 0, -1);
-            if (strlen($short_url) > 35)
-                $short_url =  substr($short_url, 0, 32).'...';
-
-            $image = ($link->link_image != null) ? __('Yes') : __('No');
-            $visible = ($link->link_visible == 'Y') ? __('Yes') : __('No');
-            ++$i;
-            $style = ($i % 2) ? '' : ' class="alternate"';
+printf(__('Currently showing %1$s links ordered by %2$s'), $select_cat, $select_order);
+?>
+<input type="submit" name="action" value="<?php _e('Update &raquo;') ?>" /></p>
+</form>
+<?php
+$link_columns = array(
+	'name'       => '<th width="15%">' . __('Name') . '</th>',
+	'url'       => '<th>' . __('URL') . '</th>',
+	'categories' => '<th>' . __('Categories') . '</th>',
+	'rel'      => '<th style="text-align: center">' . __('rel') . '</th>',
+	'visible'   => '<th style="text-align: center">' . __('Visible') . '</th>',
+	'action'   => '<th colspan="2" style="text-align: center">' . __('Action') . '</th>',
+);
+$link_columns = apply_filters('manage_link_columns', $link_columns);
 ?>
-    <tr id="link-<?php echo $link->link_id; ?>" valign="middle" <?php echo $style; ?>>
-		<td><strong><?php echo $link->link_name; ?></strong><br />
-<?php			
-        echo sprintf(__('Description: %s'), $link->link_description) . "</td>";
-        echo "<td><a href=\"$link->link_url\" title=\"" . sprintf(__('Visit %s'), $link->link_name) . "\">$short_url</a></td>";
-        echo <<<LINKS
-        <td>$link->category</td>
-        <td>$link->link_rel</td>
-        <td align='center'>$image</td>
-        <td align='center'>$visible</td>
-LINKS;
-            $show_buttons = 1; // default

-            if ($show_buttons) {
-        echo '<td><a href="link-manager.php?link_id=' . $link->link_id . '&amp;action=linkedit" class="edit">' . __('Edit') . '</a></td>';
-        echo '<td><a href="link-manager.php?link_id=' . $link->link_id . '&amp;action=Delete"' .  " onclick=\"return deleteSomething( 'link', $link->link_id , '" . sprintf(__("You are about to delete the &quot;%s&quot; link to %s.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), wp_specialchars($link->link_name,1), wp_specialchars($link->link_url)) . '\' );" class="delete">' . __('Delete') . '</a></td>';
-        echo '<td><input type="checkbox" name="linkcheck[]" value="' . $link->link_id . '" /></td>';
-            } else {
-              echo "<td>&nbsp;</td><td>&nbsp;</td><td>&nbsp;</td>\n";
-            }
+<?php
+if ( 'all' == $cat_id )
+	$cat_id = '';
+$links = get_bookmarks( "category=$cat_id&hide_invisible=0&orderby=$sqlorderby&hide_empty=0" );
+if ( $links ) {
+?>
+
+<form id="links" method="post" action="link.php">
+<?php wp_nonce_field('bulk-bookmarks') ?>
+<input type="hidden" name="link_id" value="" />
+<input type="hidden" name="action" value="" />
+<input type="hidden" name="order_by" value="<?php echo attribute_escape($order_by); ?>" />
+<input type="hidden" name="cat_id" value="<?php echo (int) $cat_id ?>" />
+<table class="widefat">
+	<thead>
+	<tr>
+<?php foreach($link_columns as $column_display_name) {
+	echo $column_display_name;
+} ?>
+	<th style="text-align: center"><input type="checkbox" onclick="checkAll(document.getElementById('links'));" /></th>
+	</tr>
+	</thead>
+	<tbody id="the-list">
+<?php
+	foreach ($links as $link) {
+		$link = sanitize_bookmark($link);
+		$link->link_name = attribute_escape($link->link_name);
+		$link->link_category = wp_get_link_cats($link->link_id);
+		$short_url = str_replace('http://', '', $link->link_url);
+		$short_url = str_replace('www.', '', $short_url);
+		if ('/' == substr($short_url, -1))
+			$short_url = substr($short_url, 0, -1);
+		if (strlen($short_url) > 35)
+			$short_url = substr($short_url, 0, 32).'...';
+
+		$visible = ($link->link_visible == 'Y') ? __('Yes') : __('No');
+		++ $i;
+		$style = ($i % 2) ? '' : ' class="alternate"';
+		?><tr id="link-<?php echo $link->link_id; ?>" valign="middle" <?php echo $style; ?>><?php
+		foreach($link_columns as $column_name=>$column_display_name) {
+			switch($column_name) {
+				case 'name':
+					?><td><strong><?php echo $link->link_name; ?></strong><br /><?php
+					echo $link->link_description . "</td>";
+					break;
+				case 'url':
+					echo "<td><a href='$link->link_url' title='".sprintf(__('Visit %s'), $link->link_name)."'>$short_url</a></td>";
+					break;
+				case 'categories':
+					?><td><?php
+					$cat_names = array();
+					foreach ($link->link_category as $category) {
+						$cat = get_term($category, 'link_category', OBJECT, 'display');
+						if ( is_wp_error( $cat ) )
+							echo $cat->get_error_message();
+						$cat_name = $cat->name;
+						if ( $cat_id != $category )
+							$cat_name = "<a href='link-manager.php?cat_id=$category'>$cat_name</a>";
+						$cat_names[] = $cat_name;
+					}
+					echo implode(', ', $cat_names);
+					?> </td><?php
+					break;
+				case 'rel':
+					?><td><?php echo $link->link_rel; ?></td><?php
+					break;
+				case 'visible':
+					?><td align='center'><?php echo $visible; ?></td><?php
+					break;
+				case 'action':
+					echo '<td><a href="link.php?link_id='.$link->link_id.'&amp;action=edit" class="edit">'.__('Edit').'</a></td>';
+					echo '<td><a href="' . wp_nonce_url('link.php?link_id='.$link->link_id.'&amp;action=delete', 'delete-bookmark_' . $link->link_id ) . '"'." onclick=\"return deleteSomething( 'link', $link->link_id , '".js_escape(sprintf(__("You are about to delete the '%s' link to %s.\n'Cancel' to stop, 'OK' to delete."), $link->link_name, $link->link_url )).'\' );" class="delete">'.__('Delete').'</a></td>';
+					break;
+				default:
+					?>
+					<td><?php do_action('manage_link_custom_column', $column_name, $link->link_id); ?></td>
+					<?php
+					break;
+
+			}
+		}
+		echo '<td align="center"><input type="checkbox" name="linkcheck[]" value="'.$link->link_id.'" /></td>';
 		echo "\n    </tr>\n";
-        }
-    }
+	}
 ?>
+	</tbody>
 </table>

 <div id="ajax-response"></div>

-</div>
-
-<div class="wrap">
-  <table width="100%" cellpadding="3" cellspacing="3">
-    <tr><th colspan="4"><?php _e('Manage Multiple Links:') ?></th></tr>
-    <tr><td colspan="4"><?php _e('Use the checkboxes on the right to select multiple links and choose an action below:') ?></td></tr>
-    <tr>
-        <td>
-          <?php _e('Assign ownership to:'); ?>
-<?php
-    $results = $wpdb->get_results("SELECT ID, user_login FROM $wpdb->users ORDER BY ID");
-    echo "          <select name=\"newowner\" size=\"1\">\n";
-    foreach ($results as $row) {
-      echo "            <option value=\"".$row->ID."\"";
-      echo ">".$row->user_login;
-      echo "</option>\n";
-    }
-    echo "          </select>\n";
-?>
-        <input name="assign" type="submit" id="assign" value="<?php _e('Go') ?>" />
-        </td>
-        <td>
-          <input name="visibility" type="submit" id="visibility" value="<?php _e('Toggle Visibility') ?>" />
-        </td>
-        <td>
-          <?php _e('Move to category:'); link_category_dropdown('category'); ?> <input name="move" type="submit" id="move" value="<?php _e('Go') ?>" />
-        </td>
-        <td align="right">
-          <a href="#" onclick="checkAll(document.getElementById('links')); return false; "><?php _e('Toggle Checkboxes') ?></a>
-        </td>
-    </tr>
-</table>
-
-<?php
-  } // end if !popup
-?>
-</div>
+<p class="submit"><input type="submit" class="button" name="deletebookmarks" id="deletebookmarks" value="<?php _e('Delete Checked Links &raquo;') ?>" onclick="return confirm('<?php echo js_escape(__("You are about to delete these links permanently.\n'Cancel' to stop, 'OK' to delete.")); ?>')" /></p>
 </form>

+<?php } ?>

-<?php
-    break;
-  } // end default
-} // end case
-?>
+</div>

 <?php include('admin-footer.php'); ?>
--- a/wp-admin/link-parse-opml.php
+++ b/wp-admin/link-parse-opml.php
@@ -4,12 +4,12 @@ require_once('../wp-config.php');
 // columns we wish to find are:  link_url, link_name, link_target, link_description
 // we need to map XML attribute names to our columns
 $opml_map = array('URL'         => 'link_url',
-                  'HTMLURL'     => 'link_url',
-                  'TEXT'        => 'link_name',
-                  'TITLE'       => 'link_name',
-                  'TARGET'      => 'link_target',
-                  'DESCRIPTION' => 'link_description',
-                  'XMLURL'      => 'link_rss'
+	'HTMLURL'     => 'link_url',
+	'TEXT'        => 'link_name',
+	'TITLE'       => 'link_name',
+	'TARGET'      => 'link_target',
+	'DESCRIPTION' => 'link_description',
+	'XMLURL'      => 'link_rss'
 );

 $map = $opml_map;
@@ -20,24 +20,24 @@ $map = $opml_map;
 **/
 function startElement($parser, $tagName, $attrs) {
 	global $updated_timestamp, $all_links, $map;
-    global $names, $urls, $targets, $descriptions, $feeds;
+	global $names, $urls, $targets, $descriptions, $feeds;

 	if ($tagName == 'OUTLINE') {
-        foreach (array_keys($map) as $key) {
-            if (isset($attrs[$key])) {
-                $$map[$key] = $attrs[$key];
-            }
-        }
+		foreach (array_keys($map) as $key) {
+			if (isset($attrs[$key])) {
+				$$map[$key] = $attrs[$key];
+			}
+		}

-        //echo("got data: link_url = [$link_url], link_name = [$link_name], link_target = [$link_target], link_description = [$link_description]<br />\n");
+		//echo("got data: link_url = [$link_url], link_name = [$link_name], link_target = [$link_target], link_description = [$link_description]<br />\n");

-        // save the data away.
-        $names[] = $link_name;
-        $urls[] = $link_url;
-        $targets[] = $link_target;
+		// save the data away.
+		$names[] = $link_name;
+		$urls[] = $link_url;
+		$targets[] = $link_target;
 		$feeds[] = $link_rss;
-        $descriptions[] = $link_description;
-    } // end if outline
+		$descriptions[] = $link_description;
+	} // end if outline
 }

 /**
@@ -55,9 +55,9 @@ $xml_parser = xml_parser_create();
 xml_set_element_handler($xml_parser, "startElement", "endElement");

 if (!xml_parse($xml_parser, $opml, true)) {
-    echo(sprintf(__('XML error: %1$s at line %2$s'),
-                   xml_error_string(xml_get_error_code($xml_parser)),
-                   xml_get_current_line_number($xml_parser)));
+	echo(sprintf(__('XML error: %1$s at line %2$s'),
+	xml_error_string(xml_get_error_code($xml_parser)),
+	xml_get_current_line_number($xml_parser)));
 }

 // Free up memory used by the XML parser
--- a/wp-admin/link.php
+++ b/wp-admin/link.php
@@ -0,0 +1,106 @@
+<?php
+require_once ('admin.php');
+
+wp_reset_vars(array('action', 'cat_id', 'linkurl', 'name', 'image', 'description', 'visible', 'target', 'category', 'link_id', 'submit', 'order_by', 'links_show_cat_id', 'rating', 'rel', 'notes', 'linkcheck[]'));
+
+if ( ! current_user_can('manage_links') )
+	wp_die( __('You do not have sufficient permissions to edit the links for this blog.') );
+
+if ('' != $_POST['deletebookmarks'])
+	$action = 'deletebookmarks';
+if ('' != $_POST['move'])
+	$action = 'move';
+if ('' != $_POST['linkcheck'])
+	$linkcheck = $_POST[linkcheck];
+
+$this_file = 'link-manager.php';
+
+switch ($action) {
+	case 'deletebookmarks' :
+		check_admin_referer('bulk-bookmarks');
+
+		//for each link id (in $linkcheck[]) change category to selected value
+		if (count($linkcheck) == 0) {
+			wp_redirect($this_file);
+			exit;
+		}
+
+		$deleted = 0;
+		foreach ($linkcheck as $link_id) {
+			$link_id = (int) $link_id;
+
+			if ( wp_delete_link($link_id) )
+				$deleted++;
+		}
+
+		wp_redirect("$this_file?deleted=$deleted");
+		exit;
+		break;
+
+	case 'move' :
+		check_admin_referer('bulk-bookmarks');
+
+		//for each link id (in $linkcheck[]) change category to selected value
+		if (count($linkcheck) == 0) {
+			wp_redirect($this_file);
+			exit;
+		}
+		$all_links = join(',', $linkcheck);
+		// should now have an array of links we can change
+		//$q = $wpdb->query("update $wpdb->links SET link_category='$category' WHERE link_id IN ($all_links)");
+
+		wp_redirect($this_file);
+		exit;
+		break;
+
+	case 'add' :
+		check_admin_referer('add-bookmark');
+
+		add_link();
+
+		wp_redirect( wp_get_referer() . '?added=true' );
+		exit;
+		break;
+
+	case 'save' :
+		$link_id = (int) $_POST['link_id'];
+		check_admin_referer('update-bookmark_' . $link_id);
+
+		edit_link($link_id);
+
+		wp_redirect($this_file);
+		exit;
+		break;
+
+	case 'delete' :
+		$link_id = (int) $_GET['link_id'];
+		check_admin_referer('delete-bookmark_' . $link_id);
+
+		wp_delete_link($link_id);
+
+		wp_redirect($this_file);
+		exit;
+		break;
+
+	case 'edit' :
+		wp_enqueue_script( array('xfn', 'dbx-admin-key?pagenow=link.php') );
+		if ( current_user_can( 'manage_categories' ) )
+			wp_enqueue_script( 'ajaxlinkcat' );
+		$parent_file = 'link-manager.php';
+		$submenu_file = 'link-manager.php';
+		$title = __('Edit Link');
+
+		$link_id = (int) $_GET['link_id'];
+
+		if (!$link = get_link_to_edit($link_id))
+			wp_die(__('Link not found.'));
+
+		include_once ('admin-header.php');
+		include ('edit-link-form.php');
+		include ('admin-footer.php');
+		break;
+
+	default :
+		break;
+}
+?>
--- a/wp-admin/list-manipulation.js
+++ b/wp-admin/list-manipulation.js
@@ -1,96 +0,0 @@
-var listItems;
-var reg_color = '#FFFFFF';
-var alt_color = '#F1F1F1';
-
-addLoadEvent(getListItems);
-
-function deleteSomething( what, id, message ) {
-	what.replace('-', ' ');
-	if (!message) message = 'Are you sure you want to delete this ' + what + '?';
-	if ( confirm(message) ) {
-		return ajaxDelete( what.replace(' ', '-'), id );
-	} else {
-		return false;
-	}
-}
-
-function getResponseElement() {
-	var p = document.getElementById('ajax-response-p');
-	if (!p) {
-		p = document.createElement('p');
-		p.id = 'ajax-response-p';
-		document.getElementById('ajax-response').appendChild(p);
-		return p;
-	}
-}
-
-function ajaxDelete(what, id) {
-	ajaxDel = new sack('list-manipulation.php');
-	if ( ajaxDel.failed ) return true;
-	ajaxDel.myResponseElement = getResponseElement();
-	ajaxDel.method = 'POST';
-	ajaxDel.onLoading = function() { ajaxDel.myResponseElement.innerHTML = 'Sending Data...'; };
-	ajaxDel.onLoaded = function() { ajaxDel.myResponseElement.innerHTML = 'Data Sent...'; };
-	ajaxDel.onInteractive = function() { ajaxDel.myResponseElement.innerHTML = 'Processing Data...'; };
-	ajaxDel.onCompletion = function() { removeThisItem( what + '-' + id ); };
-	ajaxDel.runAJAX('action=delete-' + what + '&id=' + id);
-	return false;
-}
-
-function removeThisItem(id) {
-	var response = ajaxDel.response;
-	if ( isNaN(response) ) { alert(response); }
-	response = parseInt(response, 10);
-	if ( -1 == response ) { ajaxDel.myResponseElement.innerHTML = "You don't have permission to do that."; }
-	else if ( 0 == response ) { ajaxDel.myResponseElement.interHTML = "Something odd happened.  Try refreshing the page? Either that or what you tried to delete never existed in the first place."; }
-	else if ( 1 == response ) {
-		theItem = document.getElementById(id);
-		Fat.fade_element(id,null,700,'#FF3333');
-		setTimeout('theItem.parentNode.removeChild(theItem)', 705);
-		var pos = getListPos(id);
-		listItems.splice(pos,1);
-		recolorList(pos);
-		ajaxDel.myResponseElement.parentNode.removeChild(ajaxDel.myResponseElement);
-		
-	}
-}
-
-function getListPos(id) {
-	for (var i = 0; i < listItems.length; i++) {
-		if (id == listItems[i]) {
-			var pos = i;
-			break;
-		}
-	}
-	return pos;
-}	
-
-function getListItems() {
-	if (list) return;
-	listItems = new Array();
-	var extra = false;
-	var list = document.getElementById('the-list');
-	if (!list) { var list = document.getElementById('the-list-x'); extra = true; }
-	if (list) {
-		var items = list.getElementsByTagName('tr');
-		if (!items[0]) { items = list.getElementsByTagName('li'); }
-		for (var i=0; i<items.length; i++) { listItems.push(items[i].id); }
-		if (extra) { listItems.splice(0,1); }
-	}
-}
-
-function recolorList(pos,dur,from) {
-	if (!pos) pos = 0;
-
-	if (!from) {
-		reg_from = alt_color;
-		alt_from = reg_color;
-	} else {
-		reg_from = from;
-		alt_from = from;
-	}
-	for (var i = pos; i < listItems.length; i++) {
-		if (i % 2 == 1) Fat.fade_element(listItems[i],null,dur,reg_from,reg_color);
-		else Fat.fade_element(listItems[i],null,dur,alt_from,alt_color);
-	}
-}
--- a/wp-admin/list-manipulation.php
+++ b/wp-admin/list-manipulation.php
@@ -1,81 +0,0 @@
-<?php
-require_once('../wp-config.php');
-require_once('admin-functions.php');
-require_once('admin-db.php');
-
-get_currentuserinfo();
-if ( !is_user_logged_in() )
-	die('-1');
-
-function grab_results() {
-	global $ajax_results;
-	$ajax_results = func_get_arg(0);
-}
-
-function get_out_now() { exit; }
-add_action('shutdown', 'get_out_now', -1);
-
-//	check_admin_referer();
-
-switch ( $_POST['action'] ) :
-case 'delete-link' :
-	$id = (int) $_POST['id'];
-	if ( !current_user_can('manage_links') )
-		die ('-1');
-
-	if ( $wpdb->query("DELETE FROM $wpdb->links WHERE link_id = '$id'") )
-		die('1');
-	else	die('0');
-	break;
-case 'delete-post' :
-case 'delete-page' :
-	$id = (int) $_POST['id'];
-	if ( !current_user_can('edit_post', $id) )	{
-		die('-1');
-	}
-
-	if ( wp_delete_post($id) ) {
-		die('1');
-	} else	die('0');
-	break;
-case 'delete-cat' :
-	if ( !current_user_can('manage_categories') )
-		die ('-1');
-
-	$id = (int) $_POST['id'];
-	$cat_name = get_catname($cat_ID);
-
-	if ( wp_delete_category($id) )
-		die('1');
-	else	die('0');
-	break;
-case 'delete-comment' :
-	$id = (int) $_POST['id'];
-
-	if ( !$comment = get_comment($id) )
-		die('0');
-	if ( !current_user_can('edit_post', $comment->comment_post_ID) )	
-		die('-1');
-
-	if ( wp_delete_comment($comment->comment_ID) ) {
-		die('1');
-	} else {
-		die('0');
-	}
-	break;
-case 'delete-link-category' :
-	$id = (int) $_POST['id'];
-	if ( 1 == $id )
-		die('0');
-	if ( !current_user_can('manage_links') )
-		die('-1');
-
-	if ( $wpdb->query("DELETE FROM $wpdb->linkcategories WHERE cat_id='$id'") ) {
-		$wpdb->query("UPDATE $wpdb->links SET link_category=1 WHERE link_category='$id'");
-		die('1');
-	} else {
-		die('0');
-	}
-	break;
-endswitch;		
-?>
--- a/Show More
+++ b/Show More