3.0.6

git-svn-id: http://svn.automattic.com/wordpress/tags/3.0.6@17715 1a063a9b-81f0-0310-95a4-ce76da25c4cd

readme.html

@@ -8,7 +8,7 @@
 <body>
 <h1 id="logo">
 	<a href="http://wordpress.org/"><img alt="WordPress" src="wp-admin/images/wordpress-logo.png" width="250" height="68" /></a>
-	<br /> Version 3.0
+	<br /> Version 3.0.6
 </h1>
 <p style="text-align: center">Semantic Personal Publishing Platform</p>
 
@@ -70,7 +70,7 @@
 <dl>
 	<dt><a href="http://codex.wordpress.org/">The WordPress Codex</a></dt>
 		<dd>The Codex is the encyclopedia of all things WordPress. It is the most comprehensive source of information for WordPress available.</dd>
-	<dt><a href="http://wordpress.org/development/">The WordPress Blog</a></dt>
+	<dt><a href="http://wordpress.org/news/">The WordPress Blog</a></dt>
 		<dd>This is where you'll find the latest updates and news related to WordPress. Recent WordPress news appears in your administrative dashboard by default.</dd>
 	<dt><a href="http://planet.wordpress.org/">WordPress Planet</a></dt>
 		<dd>The WordPress Planet is a news aggregator that brings together posts from WordPress blogs around the web.</dd>
@@ -102,7 +102,7 @@
 <p>WordPress is the official continuation of <a href="http://cafelog.com/">b2/caf&#233;log</a>, which came from Michel V. The work has been continued by the <a href="http://wordpress.org/about/">WordPress developers</a>. If you would like to support WordPress, please consider <a href="http://wordpress.org/donate/" title="Donate to WordPress">donating</a>.</p>
 
 <h1>Copyright</h1>
-<p>WordPress is released under the <abbr title="GNU Public License">GPL</abbr>v2 (see <a href="license.txt">license.txt</a>).</p>
+<p>WordPress is free software, and is released under the terms of the <abbr title="GNU General Public License">GPL</abbr> version 2 or (at your option) any later version. See <a href="license.txt">license.txt</a>.</p>
 
 
 </body>

wp-admin/admin-ajax.php

@@ -552,7 +552,7 @@ case 'add-link-cat' : // From Blogroll -> Categories
 	break;
 case 'add-tag' : // From Manage->Tags
 	check_ajax_referer( 'add-tag' );
-
+	$post_type = !empty($_POST['post_type']) ? $_POST['post_type'] : 'post';
 	$taxonomy = !empty($_POST['taxonomy']) ? $_POST['taxonomy'] : 'post_tag';
 	$tax = get_taxonomy($taxonomy);
 
@@ -893,7 +893,7 @@ case 'add-meta' :
 			'supplemental' => array('postid' => $pid)
 		) );
 	} else { // Update?
-		$mid = (int) array_pop(array_keys($_POST['meta']));
+		$mid = (int) array_pop( $var_by_ref = array_keys($_POST['meta']) );
 		$key = $_POST['meta'][$mid]['key'];
 		$value = $_POST['meta'][$mid]['value'];
 		if ( '' == trim($key) )
@@ -956,7 +956,6 @@ case 'autosave' : // The name of this action is hardcoded in edit_post()
 	define( 'DOING_AUTOSAVE', true );
 
 	$nonce_age = check_ajax_referer( 'autosave', 'autosavenonce' );
-	global $current_user;
 
 	$_POST['post_category'] = explode(",", $_POST['catslist']);
 	if ( $_POST['post_type'] == 'page' || empty($_POST['post_category']) )
@@ -1145,7 +1144,7 @@ case 'menu-locations-save':
 	check_ajax_referer( 'add-menu_item', 'menu-settings-column-nonce' );
 	if ( ! isset( $_POST['menu-locations'] ) )
 		die('0');
-	set_theme_mod( 'nav_menu_locations', $_POST['menu-locations'] );
+	set_theme_mod( 'nav_menu_locations', array_map( 'absint', $_POST['menu-locations'] ) );
 	die('1');
 	break;
 case 'meta-box-order':
@@ -1232,14 +1231,15 @@ case 'inline-save':
 	// update the post
 	edit_post();
 
-	$post = array();
-	if ( 'page' == $_POST['post_type'] ) {
+	if ( in_array( $_POST['post_type'], get_post_types( array( 'show_ui' => true ) ) ) ) {
+		$post = array();
 		$post[] = get_post($_POST['post_ID']);
-		page_rows($post);
-	} elseif ( 'post' == $_POST['post_type'] || in_array($_POST['post_type'], get_post_types( array('public' => true) ) ) ) {
-		$mode = $_POST['post_view'];
-		$post[] = get_post($_POST['post_ID']);
-		post_rows($post);
+		if ( is_post_type_hierarchical( $_POST['post_type'] ) ) {
+			page_rows( $post );
+		} else {
+			$mode = $_POST['post_view'];
+			post_rows( $post );
+		}
 	}
 
 	exit;

wp-admin/admin.php

@@ -152,7 +152,7 @@ if ( isset($plugin_page) ) {
 		if ( file_exists(WPMU_PLUGIN_DIR . "/$plugin_page") )
 			include(WPMU_PLUGIN_DIR . "/$plugin_page");
 		else
-			include(ABSPATH . PLUGINDIR . "/$plugin_page");
+			include(WP_PLUGIN_DIR . "/$plugin_page");
 	}
 
 	include(ABSPATH . 'wp-admin/admin-footer.php');
@@ -200,6 +200,16 @@ if ( isset($plugin_page) ) {
 	exit();
 } else {
 	do_action("load-$pagenow");
+	// Backwards compatibility with old load-page-new.php, load-page.php,   
+	// and load-categories.php actions.  
+	if ( $typenow == 'page' ) {  
+		if ( $pagenow == 'post-new.php' )  
+			do_action( 'load-page-new.php' );  
+		elseif ( $pagenow == 'post.php' )  
+			do_action( 'load-page.php' );  
+	}  elseif ( $taxnow == 'category' && $pagenow == 'edit-tags.php' ) {
+		do_action( 'load-categories.php' );
+	}
 }
 
 if ( !empty($_REQUEST['action']) )

wp-admin/async-upload.php

@@ -30,6 +30,13 @@ if ( !current_user_can('upload_files') )
 
 // just fetch the detail form for that attachment
 if ( isset($_REQUEST['attachment_id']) && ($id = intval($_REQUEST['attachment_id'])) && $_REQUEST['fetch'] ) {
+	$post = get_post( $id );
+	if ( 'attachment' != $post->post_type )
+		wp_die( __( 'Unknown post type.' ) );
+	$post_type_object = get_post_type_object( 'attachment' );
+	if ( ! current_user_can( $post_type_object->cap->edit_post, $id ) )
+		wp_die( __( 'You are not allowed to edit this item.' ) );
+
 	if ( 2 == $_REQUEST['fetch'] ) {
 		add_filter('attachment_fields_to_edit', 'media_single_attachment_fields_to_edit', 10, 2);
 		echo get_media_item($id, array( 'send' => false, 'delete' => true ));

wp-admin/edit-attachment-rows.php

@@ -39,8 +39,8 @@ elseif ( !$is_trash && $post->post_status == 'trash' )
 	continue;
 
 $alt = ( 'alternate' == $alt ) ? '' : 'alternate';
-global $current_user;
-$post_owner = ( $current_user->ID == $post->post_author ? 'self' : 'other' );
+
+$post_owner = ( get_current_user_id() == $post->post_author ? 'self' : 'other' );
 $att_title = _draft_or_post_title();
 ?>
 	<tr id='post-<?php echo $id; ?>' class='<?php echo trim( $alt . ' author-' . $post_owner . ' status-' . $post->post_status ); ?>' valign="top">

wp-admin/edit-comments.php

@@ -239,8 +239,12 @@ foreach ( $stati as $status => $label ) {
 	if ( !empty( $_GET['s'] ) )
 		$link = add_query_arg( 's', esc_attr( stripslashes( $_GET['s'] ) ), $link );
 	*/
-	$status_links[] = "<li class='$status'><a href='$link'$class>" . sprintf(
-		_n( $label[0], $label[1], $num_comments->$status ),
+	if ( isset( $label[2] ) )
+		$translated_label = _nx( $label[0], $label[1], $num_comments->$status, $label[2] );
+	else
+		$translated_label = _n( $label[0], $label[1], $num_comments->$status );
+	$status_links[] = "<li class='$status'><a href='$link'$class>" . sprintf( 
+		$translated_label,
 		number_format_i18n( $num_comments->$status )
 	) . '</a>';
 }

wp-admin/edit-tags.php

@@ -19,6 +19,9 @@ if ( !taxonomy_exists($taxonomy) )
 
 $tax = get_taxonomy($taxonomy);
 
+if ( ! current_user_can($tax->cap->manage_terms) )
+	wp_die(__('Cheatin’ uh?'));
+
 $title = $tax->labels->name;
 
 if ( empty($post_type) || !in_array( $post_type, get_post_types( array('public' => true) ) ) )
@@ -121,6 +124,9 @@ case 'edit':
 	require_once ('admin-header.php');
 	$tag_ID = (int) $_GET['tag_ID'];
 
+	if ( !current_user_can($tax->cap->edit_terms) )
+		wp_die( __('You are not allowed to edit this item.') );
+
 	$tag = get_term($tag_ID, $taxonomy, OBJECT, 'edit');
 	include('./edit-tag-form.php');
 
@@ -382,6 +388,7 @@ if ( current_user_can($tax->cap->edit_terms) ) {
 <input type="hidden" name="action" value="add-tag" />
 <input type="hidden" name="screen" value="<?php echo esc_attr($current_screen->id); ?>" />
 <input type="hidden" name="taxonomy" value="<?php echo esc_attr($taxonomy); ?>" />
+<input type="hidden" name="post_type" value="<?php echo esc_attr($post_type); ?>" />
 <?php wp_nonce_field('add-tag'); ?>
 
 <div class="form-field form-required">

wp-admin/edit.php

@@ -43,12 +43,13 @@ if ( 'post' != $post_type ) {
 $pagenum = isset( $_GET['paged'] ) ? absint( $_GET['paged'] ) : 0;
 if ( empty($pagenum) )
 	$pagenum = 1;
-$per_page = 'edit_' . $post_type . '_per_page';
-$per_page = (int) get_user_option( $per_page );
+$edit_per_page = 'edit_' . $post_type . '_per_page';
+$per_page = (int) get_user_option( $edit_per_page );
 if ( empty( $per_page ) || $per_page < 1 )
 	$per_page = 20;
-// @todo filter based on type
-$per_page = apply_filters( 'edit_posts_per_page', $per_page );
+
+$per_page = apply_filters( $edit_per_page, $per_page );
+$per_page = apply_filters( 'edit_posts_per_page', $per_page, $post_type );
 
 // Handle bulk actions
 if ( isset($_GET['doaction']) || isset($_GET['doaction2']) || isset($_GET['delete_all']) || isset($_GET['delete_all2']) || isset($_GET['bulk_edit']) ) {

wp-admin/export.php

@@ -28,9 +28,9 @@ if ( isset( $_GET['download'] ) ) {
 		$author = isset($_GET['author']) ? $_GET['author'] : 'all';
 		$taxonomy = array();
 		foreach ( get_taxonomies( array( 'show_ui' => true ) ) as $tax )
-			$taxonomy[ $tax ] = ! empty( $_GET['taxonomy'][ $tax ] ) ? $_GET['taxonomy'][ $tax ] : 'all';
-		$post_type = isset($_GET['post_type']) ? stripslashes_deep($_GET['post_type']) : 'all';
-		$status = isset($_GET['status']) ? stripslashes_deep($_GET['status']) : 'all';
+			$taxonomy[ $tax ] = ! empty( $_GET['export_taxonomy'][ $tax ] ) ? $_GET['export_taxonomy'][ $tax ] : 'all';
+		$post_type = isset($_GET['export_post_type']) ? stripslashes_deep($_GET['export_post_type']) : 'all';
+		$status = isset($_GET['export_post_status']) ? stripslashes_deep($_GET['export_post_status']) : 'all';
 		$mm_start = isset($_GET['mm_start']) ? $_GET['mm_start'] : 'all';
 		$mm_end = isset($_GET['mm_end']) ? $_GET['mm_end'] : 'all';
 		if( $mm_start != 'all' ) {
@@ -108,7 +108,7 @@ foreach ( (array) $authors as $author ) {
 </td>
 </tr>
 <?php foreach ( get_taxonomies( array( 'show_ui' => true ), 'objects' ) as $tax_obj ) {
-	$term_dropdown = wp_dropdown_categories( array( 'taxonomy' => $tax_obj->name, 'hide_if_empty' => true, 'show_option_all' => __( 'All Terms' ), 'name' => 'taxonomy[' . $tax_obj->name . ']', 'id' => 'taxonomy-' . $tax_obj->name, 'class' => '', 'echo' => false ) );
+	$term_dropdown = wp_dropdown_categories( array( 'taxonomy' => $tax_obj->name, 'hide_if_empty' => true, 'show_option_all' => __( 'All Terms' ), 'name' => 'export_taxonomy[' . $tax_obj->name . ']', 'id' => 'taxonomy-' . $tax_obj->name, 'class' => '', 'echo' => false ) );
 	if ( $term_dropdown )
 		echo '<tr><th><label for="taxonomy-' . $tax_obj->name . '">' . $tax_obj->labels->name . '</label></th><td>' . $term_dropdown . '</td></tr>';
 }
@@ -116,7 +116,7 @@ foreach ( (array) $authors as $author ) {
 <tr>
 <th><label for="post_type"><?php _e('Content Types'); ?></label></th>
 <td>
-<select name="post_type" id="post_type">
+<select name="export_post_type" id="post_type">
 	<option value="all" selected="selected"><?php _e('All Content'); ?></option>
 	<?php foreach ( get_post_types( array( 'public' => true, 'can_export' => true ), 'objects' ) as $post_type_obj ) { ?>
 		<option value="<?php echo $post_type_obj->name; ?>"><?php echo $post_type_obj->labels->name; ?></option>
@@ -127,7 +127,7 @@ foreach ( (array) $authors as $author ) {
 <tr>
 <th><label for="status"><?php _e('Statuses'); ?></label></th>
 <td>
-<select name="status" id="status">
+<select name="export_post_status" id="status">
 	<option value="all" selected="selected"><?php _e('All Statuses'); ?></option>
 <?php foreach ( get_post_stati( array( 'internal' => false ), 'objects' ) as $post_status_obj ) { ?>
 	<option value="<?php echo $post_status_obj->name; ?>"><?php echo $post_status_obj->label; ?></option>

wp-admin/import.php

@@ -130,7 +130,7 @@ if (empty ($importers)) {
 }
 
 if ( current_user_can('install_plugins') )
-	echo '<p>' . sprintf('If the importer you need is not listed, <a href="%s">search the plugins directory</a> to see if an importer is available.', esc_url(admin_url('plugin-install.php?tab=search&type=tag&s=importer')) ) . '</p>';
+	echo '<p>' . sprintf( __('If the importer you need is not listed, <a href="%s">search the plugins directory</a> to see if an importer is available.'), esc_url(admin_url('plugin-install.php?tab=search&type=tag&s=importer')) ) . '</p>';
 ?>
 
 </div>

wp-admin/includes/bookmark.php

@@ -128,7 +128,7 @@ function get_link_to_edit( $link_id ) {
  * @return unknown
  */
 function wp_insert_link( $linkdata, $wp_error = false ) {
-	global $wpdb, $current_user;
+	global $wpdb;
 
 	$defaults = array( 'link_id' => 0, 'link_name' => '', 'link_url' => '', 'link_rating' => 0 );
 
@@ -166,7 +166,7 @@ function wp_insert_link( $linkdata, $wp_error = false ) {
 		$link_visible = 'Y';
 
 	if ( empty( $link_owner ) )
-		$link_owner = $current_user->id;
+		$link_owner = get_current_user_id();
 
 	if ( empty( $link_notes ) )
 		$link_notes = '';

wp-admin/includes/class-wp-importer.php

@@ -130,7 +130,8 @@ class WP_Importer {
 			}
 			if ( empty( $parsed['path'] ) )
 				$parsed['path'] = '/';
-			if ( !$blog = get_blog_info( $parsed['host'], $parsed['path'] ) ) {
+			$blog = get_blog_details( array( 'domain' => $parsed['host'], 'path' => $parsed['path'] ) );
+			if ( !$blog ) {
 				fwrite( STDERR, "Error: Could not find blog\n" );
 				exit();
 			}
@@ -215,7 +216,7 @@ class WP_Importer {
 	 * @return bool
 	 */
 	function is_user_over_quota() {
-		global $current_user, $current_blog;
+		global $current_blog;
 
 		if ( function_exists( 'upload_is_user_over_quota' ) ) {
 			if ( upload_is_user_over_quota( 1 ) ) {

wp-admin/includes/class-wp-upgrader.php

@@ -1127,7 +1127,7 @@ class Bulk_Upgrader_Skin extends WP_Upgrader_Skin {
 
 	function before($title = '') {
 		$this->in_loop = true;
-		printf( '<h4>' . $this->upgrader->strings['skin_before_update_header'] . ' <img alt="" src="' . admin_url( 'images/wpspin_light.gif' ) . '" class="hidden waiting-' . $this->upgrader->update_current . '" style="vertical-align:middle;"></h4>',  $title, $this->upgrader->update_current, $this->upgrader->update_count);
+		printf( '<h4>' . $this->upgrader->strings['skin_before_update_header'] . ' <img alt="" src="' . admin_url( 'images/wpspin_light.gif' ) . '" class="hidden waiting-' . $this->upgrader->update_current . '" style="vertical-align:middle;" /></h4>',  $title, $this->upgrader->update_current, $this->upgrader->update_count);
 		echo '<script type="text/javascript">jQuery(\'.waiting-' . esc_js($this->upgrader->update_current) . '\').show();</script>';
 		echo '<div class="update-messages hide-if-js" id="progress-' . esc_attr($this->upgrader->update_current) . '"><p>';
 		$this->flush_output();

wp-admin/includes/dashboard.php

@@ -67,8 +67,8 @@ function wp_dashboard_setup() {
 	if ( !isset( $widget_options['dashboard_primary'] ) ) {
 		$update = true;
 		$widget_options['dashboard_primary'] = array(
-			'link' => apply_filters( 'dashboard_primary_link',  __( 'http://wordpress.org/development/' ) ),
-			'url' => apply_filters( 'dashboard_primary_feed',  __( 'http://wordpress.org/development/feed/' ) ),
+			'link' => apply_filters( 'dashboard_primary_link',  __( 'http://wordpress.org/news/' ) ),
+			'url' => apply_filters( 'dashboard_primary_feed',  __( 'http://wordpress.org/news/feed/' ) ),
 			'title' => apply_filters( 'dashboard_primary_title', __( 'WordPress Blog' ) ),
 			'items' => 2,
 			'show_summary' => 1,

wp-admin/includes/export.php

@@ -69,7 +69,7 @@ function export_wp( $args = array() ) {
 	}
 
 	if ( $post_status && $post_status != 'all' )
-		$where .= $wpdb->prepare( "AND post_status = %s", $status );
+		$where .= $wpdb->prepare( "AND post_status = %s", $post_status );
 
 	// grab a snapshot of post IDs, just in case it changes during the export
 	$post_ids = $wpdb->get_col( "SELECT ID FROM $wpdb->posts $where ORDER BY post_date_gmt ASC" );

wp-admin/includes/file.php

@@ -937,7 +937,7 @@ function request_filesystem_credentials($form_post, $type = '', $error = false,
 		$error_string = __('<strong>Error:</strong> There was an error connecting to the server, Please verify the settings are correct.');
 		if ( is_wp_error($error) )
 			$error_string = $error->get_error_message();
-		echo '<div id="message" class="error"><p>' . $error_string . '</p></div>';
+		echo '<div id="message" class="error"><p>' . esc_html( $error_string ) . '</p></div>';
 	}
 
 	$types = array();

wp-admin/includes/media.php

@@ -493,6 +493,7 @@ function media_upload_image() {
 	$id = 0;
 
 	if ( isset($_POST['html-upload']) && !empty($_FILES) ) {
+		check_admin_referer('media-form');
 		// Upload File button was clicked
 		$id = media_handle_upload('async-upload', $_REQUEST['post_id']);
 		unset($_FILES);
@@ -598,6 +599,7 @@ function media_upload_audio() {
 	$id = 0;
 
 	if ( isset($_POST['html-upload']) && !empty($_FILES) ) {
+		check_admin_referer('media-form');
 		// Upload File button was clicked
 		$id = media_handle_upload('async-upload', $_REQUEST['post_id']);
 		unset($_FILES);
@@ -656,6 +658,7 @@ function media_upload_video() {
 	$id = 0;
 
 	if ( isset($_POST['html-upload']) && !empty($_FILES) ) {
+		check_admin_referer('media-form');
 		// Upload File button was clicked
 		$id = media_handle_upload('async-upload', $_REQUEST['post_id']);
 		unset($_FILES);
@@ -714,6 +717,7 @@ function media_upload_file() {
 	$id = 0;
 
 	if ( isset($_POST['html-upload']) && !empty($_FILES) ) {
+		check_admin_referer('media-form');
 		// Upload File button was clicked
 		$id = media_handle_upload('async-upload', $_REQUEST['post_id']);
 		unset($_FILES);
@@ -2135,7 +2139,7 @@ function type_url_form_video() {
 			</th>
 			<td class="field"><input id="insertonly[title]" name="insertonly[title]" value="" type="text" aria-required="true"></td>
 		</tr>
-		<tr><td></td><td class="help">' . __('Link text, e.g. &#8220;Lucy on YouTube&#8220;') . '</td></tr>
+		<tr><td></td><td class="help">' . __('Link text, e.g. &#8220;Lucy on YouTube&#8221;') . '</td></tr>
 	' . _insert_into_post_button('video') . '
 	</tbody></table>
 ';

wp-admin/includes/meta-boxes.php

@@ -501,8 +501,8 @@ function post_slug_meta_box($post) {
  * @param object $post
  */
 function post_author_meta_box($post) {
-	global $current_user, $user_ID;
-	$authors = get_editable_user_ids( $current_user->id, true, $post->post_type ); // TODO: ROLE SYSTEM
+	global $user_ID;
+	$authors = get_editable_user_ids( get_current_user_id(), true, $post->post_type ); // TODO: ROLE SYSTEM
 	if ( $post->post_author && !in_array($post->post_author, $authors) )
 		$authors[] = $post->post_author;
 ?>

wp-admin/includes/ms.php

@@ -178,17 +178,17 @@ function wpmu_delete_user( $id ) {
 }
 
 function confirm_delete_users( $users ) {
-	global $current_user;
+	$current_user = wp_get_current_user();
 	if ( !is_array( $users ) )
 		return false;
 
-    screen_icon();
-    ?>
+	screen_icon();
+	?>
 	<h2><?php esc_html_e( 'Users' ); ?></h2>
 	<p><?php _e( 'Transfer or delete posts and links before deleting users.' ); ?></p>
 	<form action="ms-edit.php?action=dodelete" method="post">
 	<input type="hidden" name="dodelete" />
-    <?php
+	<?php
 	wp_nonce_field( 'ms-users-delete' );
 	$site_admins = get_super_admins();
 	$admin_out = "<option value='$current_user->ID'>$current_user->user_login</option>";
@@ -311,7 +311,8 @@ add_action( 'update_option_new_admin_email', 'update_option_new_admin_email', 10
 add_action( 'add_option_new_admin_email', 'update_option_new_admin_email', 10, 2 );
 
 function send_confirmation_on_profile_email() {
-	global $errors, $wpdb, $current_user;
+	global $errors, $wpdb;
+	$current_user = wp_get_current_user();
 	if ( ! is_object($errors) )
 		$errors = new WP_Error();
 
@@ -364,8 +365,7 @@ All at ###SITENAME###
 add_action( 'personal_options_update', 'send_confirmation_on_profile_email' );
 
 function new_user_email_admin_notice() {
-	global $current_user;
-	if ( strpos( $_SERVER['PHP_SELF'], 'profile.php' ) && isset( $_GET['updated'] ) && $email = get_option( $current_user->ID . '_new_email' ) )
+	if ( strpos( $_SERVER['PHP_SELF'], 'profile.php' ) && isset( $_GET['updated'] ) && $email = get_option( get_current_user_id() . '_new_email' ) )
 		echo "<div class='update-nag'>" . sprintf( __( "Your email address has not been updated yet. Please check your inbox at %s for a confirmation email." ), $email['newemail'] ) . "</div>";
 }
 add_action( 'admin_notices', 'new_user_email_admin_notice' );
@@ -598,7 +598,6 @@ function sync_category_tag_slugs( $term, $taxonomy ) {
 add_filter( 'get_term', 'sync_category_tag_slugs', 10, 2 );
 
 function redirect_user_to_blog() {
-	global $current_user;
 	$c = 0;
 	if ( isset( $_GET['c'] ) )
 		$c = (int) $_GET['c'];
@@ -608,7 +607,7 @@ function redirect_user_to_blog() {
 	}
 	$c ++;
 
-	$blog = get_active_blog_for_user( $current_user->ID );
+	$blog = get_active_blog_for_user( get_current_user_id() );
 	$dashboard_blog = get_dashboard_blog();
 	if ( is_object( $blog ) ) {
 		wp_redirect( get_admin_url( $blog->blog_id, '?c=' . $c ) ); // redirect and count to 5, "just in case"
@@ -619,16 +618,16 @@ function redirect_user_to_blog() {
 	   If the user is a member of only 1 blog and the user's primary_blog isn't set to that blog,
 	   then update the primary_blog record to match the user's blog
 	 */
-	$blogs = get_blogs_of_user( $current_user->ID );
+	$blogs = get_blogs_of_user( get_current_user_id() );
 
 	if ( !empty( $blogs ) ) {
 		foreach( $blogs as $blogid => $blog ) {
-			if ( $blogid != $dashboard_blog->blog_id && get_user_meta( $current_user->ID , 'primary_blog', true ) == $dashboard_blog->blog_id ) {
-				update_user_meta( $current_user->ID, 'primary_blog', $blogid );
+			if ( $blogid != $dashboard_blog->blog_id && get_user_meta( get_current_user_id() , 'primary_blog', true ) == $dashboard_blog->blog_id ) {
+				update_user_meta( get_current_user_id(), 'primary_blog', $blogid );
 				continue;
 			}
 		}
-		$blog = get_blog_details( get_user_meta( $current_user->ID, 'primary_blog', true ) );
+		$blog = get_blog_details( get_user_meta( get_current_user_id(), 'primary_blog', true ) );
 			wp_redirect( get_admin_url( $blog->blog_id, '?c=' . $c ) );
 		exit;
 	}
@@ -654,20 +653,20 @@ function mu_dropdown_languages( $lang_files = array(), $current = '' ) {
 		if ( $code_lang == 'en_US' ) { // American English
 			$flag = true;
 			$ae = __( 'American English' );
-			$output[$ae] = '<option value="' . esc_attr( $code_lang ) . '"' . selected( $current, $code_lang ) . '> ' . $ae . '</option>';
+			$output[$ae] = '<option value="' . esc_attr( $code_lang ) . '"' . selected( $current, $code_lang, false ) . '> ' . $ae . '</option>';
 		} elseif ( $code_lang == 'en_GB' ) { // British English
 			$flag = true;
 			$be = __( 'British English' );
-			$output[$be] = '<option value="' . esc_attr( $code_lang ) . '"' . selected( $current, $code_lang ) . '> ' . $be . '</option>';
+			$output[$be] = '<option value="' . esc_attr( $code_lang ) . '"' . selected( $current, $code_lang, false ) . '> ' . $be . '</option>';
 		} else {
 			$translated = format_code_lang( $code_lang );
-			$output[$translated] =  '<option value="' . esc_attr( $code_lang ) . '"' . selected( $current, $code_lang ) . '> ' . esc_html ( $translated ) . '</option>';
+			$output[$translated] =  '<option value="' . esc_attr( $code_lang ) . '"' . selected( $current, $code_lang, false ) . '> ' . esc_html ( $translated ) . '</option>';
 		}
 
 	}
 
 	if ( $flag === false ) // WordPress english
-		$output[] = '<option value=""' . selected( $current, '' ) . '>' . __( 'English' ) . "</option>";
+		$output[] = '<option value=""' . selected( $current, '', false ) . '>' . __( 'English' ) . "</option>";
 
 	// Order by name
 	uksort( $output, 'strnatcasecmp' );
@@ -697,12 +696,12 @@ function secret_salt_warning() {
 add_action( 'admin_notices', 'secret_salt_warning' );
 
 function admin_notice_feed() {
-	global $current_user, $current_screen;
+	global $current_screen;
 	if ( $current_screen->id != 'dashboard' )
 		return;
 
 	if ( !empty( $_GET['feed_dismiss'] ) ) {
-		update_user_option( $current_user->id, 'admin_feed_dismiss', $_GET['feed_dismiss'], true );
+		update_user_option( get_current_user_id(), 'admin_feed_dismiss', $_GET['feed_dismiss'], true );
 		return;
 	}
 
@@ -728,7 +727,7 @@ function admin_notice_feed() {
 add_action( 'admin_notices', 'admin_notice_feed' );
 
 function site_admin_notice() {
-	global $current_user, $wp_db_version;
+	global $wp_db_version;
 	if ( !is_super_admin() )
 		return false;
 	if ( get_site_option( 'wpmu_upgrade_site' ) != $wp_db_version )
@@ -760,7 +759,6 @@ function avoid_blog_page_permalink_collision( $data, $postarr ) {
 add_filter( 'wp_insert_post_data', 'avoid_blog_page_permalink_collision', 10, 2 );
 
 function choose_primary_blog() {
-	global $current_user;
 	?>
 	<table class="form-table">
 	<tr>
@@ -768,8 +766,8 @@ function choose_primary_blog() {
 		<th scope="row"><?php _e( 'Primary Site' ); ?></th>
 		<td>
 		<?php
-		$all_blogs = get_blogs_of_user( $current_user->ID );
-		$primary_blog = get_user_meta( $current_user->ID, 'primary_blog', true );
+		$all_blogs = get_blogs_of_user( get_current_user_id() );
+		$primary_blog = get_user_meta( get_current_user_id(), 'primary_blog', true );
 		if ( count( $all_blogs ) > 1 ) {
 			$found = false;
 			?>
@@ -783,13 +781,13 @@ function choose_primary_blog() {
 			<?php
 			if ( !$found ) {
 				$blog = array_shift( $all_blogs );
-				update_user_meta( $current_user->ID, 'primary_blog', $blog->userblog_id );
+				update_user_meta( get_current_user_id(), 'primary_blog', $blog->userblog_id );
 			}
 		} elseif ( count( $all_blogs ) == 1 ) {
 			$blog = array_shift( $all_blogs );
 			echo $blog->domain;
 			if ( $primary_blog != $blog->userblog_id ) // Set the primary blog again if it's out of sync with blog list.
-				update_user_meta( $current_user->ID, 'primary_blog', $blog->userblog_id );
+				update_user_meta( get_current_user_id(), 'primary_blog', $blog->userblog_id );
 		} else {
 			echo "N/A";
 		}

wp-admin/includes/nav-menu.php

@@ -324,7 +324,7 @@ function _wp_ajax_menu_quick_search( $request = array() ) {
 			while ( have_posts() ) {
 				the_post();
 				if ( 'markup' == $response_format ) {
-					echo walk_nav_menu_tree( array_map('wp_setup_nav_menu_item', array( get_post( get_the_ID() ) ) ), 0, (object) $args );
+					echo walk_nav_menu_tree( array_map('wp_setup_nav_menu_item', array( get_post( $var_by_ref = get_the_ID() ) ) ), 0, (object) $args );
 				} elseif ( 'json' == $response_format ) {
 					echo json_encode(
 						array(

wp-admin/includes/plugin.php

@@ -483,6 +483,7 @@ function activate_plugin( $plugin, $redirect = '', $network_wide = false) {
 		ob_start();
 		include(WP_PLUGIN_DIR . '/' . $plugin);
 		do_action( 'activate_plugin', trim( $plugin) );
+		do_action( 'activate_' . trim( $plugin ) );
 		if ( $network_wide ) {
 			$current[$plugin] = time();
 			update_site_option( 'active_sitewide_plugins', $current );
@@ -491,7 +492,6 @@ function activate_plugin( $plugin, $redirect = '', $network_wide = false) {
 			sort($current);
 			update_option('active_plugins', $current);
 		}
-		do_action( 'activate_' . trim( $plugin ) );
 		do_action( 'activated_plugin', trim( $plugin) );
 		if ( ob_get_length() > 0 ) {
 			$output = ob_get_clean();

wp-admin/includes/post.php

@@ -376,7 +376,8 @@ function get_default_post_to_edit( $post_type = 'post', $create_in_db = false )
 		$old_posts = $wpdb->get_col( "SELECT ID FROM $wpdb->posts WHERE post_status = 'auto-draft' AND DATE_SUB( NOW(), INTERVAL 7 DAY ) > post_date" );
 		foreach ( (array) $old_posts as $delete )
 			wp_delete_post( $delete, true ); // Force delete
-		$post = get_post( wp_insert_post( array( 'post_title' => __( 'Auto Draft' ), 'post_type' => $post_type, 'post_status' => 'auto-draft' ) ) );
+		$post_id = wp_insert_post( array( 'post_title' => __( 'Auto Draft' ), 'post_type' => $post_type, 'post_status' => 'auto-draft' ) );
+		$post = get_post( $post_id );
 	} else {
 		$post->ID = 0;
 		$post->post_author = '';
@@ -688,6 +689,8 @@ function get_post_meta_by_id( $mid ) {
 	$mid = (int) $mid;
 
 	$meta = $wpdb->get_row( $wpdb->prepare("SELECT * FROM $wpdb->postmeta WHERE meta_id = %d", $mid) );
+	if ( empty($meta) )
+		return false;
 	if ( is_serialized_string( $meta->meta_value ) )
 		$meta->meta_value = maybe_unserialize( $meta->meta_value );
 	return $meta;
@@ -893,9 +896,10 @@ function wp_edit_posts_query( $q = false ) {
 	$per_page = 'edit_' . $post_type . '_per_page';
 	$posts_per_page = (int) get_user_option( $per_page );
 	if ( empty( $posts_per_page ) || $posts_per_page < 1 )
-		$posts_per_page = 15;
-	$posts_per_page = apply_filters( $per_page, $posts_per_page );
+		$posts_per_page = 20;
 
+	$posts_per_page = apply_filters( $per_page, $posts_per_page );
+	$posts_per_page = apply_filters( 'edit_posts_per_page', $posts_per_page, $post_type );
 
 	$query = compact('post_type', 'post_status', 'perm', 'order', 'orderby', 'posts_per_page');
 
@@ -1170,8 +1174,6 @@ function _wp_post_thumbnail_html( $thumbnail_id = NULL ) {
  * @return bool|int False: not locked or locked by current user. Int: user ID of user with lock.
  */
 function wp_check_post_lock( $post_id ) {
-	global $current_user;
-
 	if ( !$post = get_post( $post_id ) )
 		return false;
 
@@ -1180,7 +1182,7 @@ function wp_check_post_lock( $post_id ) {
 
 	$time_window = apply_filters( 'wp_check_post_lock_window', AUTOSAVE_INTERVAL * 2 );
 
-	if ( $lock && $lock > time() - $time_window && $last != $current_user->ID )
+	if ( $lock && $lock > time() - $time_window && $last != get_current_user_id() )
 		return $last;
 	return false;
 }
@@ -1194,10 +1196,9 @@ function wp_check_post_lock( $post_id ) {
  * @return bool Returns false if the post doesn't exist of there is no current user
  */
 function wp_set_post_lock( $post_id ) {
-	global $current_user;
 	if ( !$post = get_post( $post_id ) )
 		return false;
-	if ( !$current_user || !$current_user->ID )
+	if ( 0 == get_current_user_id() )
 		return false;
 
 	$now = time();
@@ -1252,8 +1253,7 @@ function wp_create_post_autosave( $post_id ) {
 	if ( $old_autosave = wp_get_post_autosave( $post_id ) ) {
 		$new_autosave = _wp_post_revision_fields( $_POST, true );
 		$new_autosave['ID'] = $old_autosave->ID;
-		$current_user = wp_get_current_user();
-		$new_autosave['post_author'] = $current_user->ID;
+		$new_autosave['post_author'] = get_current_user_id();
 		return wp_update_post( $new_autosave );
 	}
 
@@ -1611,4 +1611,4 @@ tinyMCE.init(tinyMCEPreInit.mceInit);
 /* ]]> */
 </script>
 <?php
-}
+}

wp-admin/includes/schema.php

@@ -769,7 +769,7 @@ Thanks!
 			if ( ! empty ( $errstr ) )
 				$msg .= ' ' . sprintf( __( 'This resulted in an error message: %s' ), '<code>' . $errstr . '</code>' );
 			$msg .= '</p>';
-			$msg .= '<p>' . _e( 'To use a subdomain configuration, you must have a wildcard entry in your DNS. This usually means adding a <code>*</code> hostname record pointing at your web server in your DNS configuration tool.' ) . '</p>';
+			$msg .= '<p>' . __( 'To use a subdomain configuration, you must have a wildcard entry in your DNS. This usually means adding a <code>*</code> hostname record pointing at your web server in your DNS configuration tool.' ) . '</p>';
 			$msg .= '<p>' . __( 'You can still use your site but any subdomain you create may not be accessible. If you know your DNS is correct, ignore this message.' ) . '</p>';
 			return new WP_Error( 'no_wildcard_dns', $msg );
 		}

wp-admin/includes/template.php

@@ -847,7 +847,7 @@ function get_hidden_columns($screen) {
  * @param string $screen
  */
 function inline_edit_row( $screen ) {
-	global $current_user, $mode;
+	global $mode;
 
 	if ( is_string($screen) ) {
 		$screen = array('id' => 'edit-' . $screen, 'base' => 'edit', 'post_type' => $screen );
@@ -928,7 +928,7 @@ endif; // post_type_supports title ?>
 <?php endif; // $bulk
 
 	if ( post_type_supports( $screen->post_type, 'author' ) ) :
-		$authors = get_editable_user_ids( $current_user->id, true, $screen->post_type ); // TODO: ROLE SYSTEM
+		$authors = get_editable_user_ids( get_current_user_id(), true, $screen->post_type ); // TODO: ROLE SYSTEM
 		$authors_dropdown = '';
 		if ( $authors && count( $authors ) > 1 ) :
 			$users_opt = array('include' => $authors, 'name' => 'post_author', 'class'=> 'authors', 'multi' => 1, 'echo' => 0);
@@ -1185,16 +1185,16 @@ function get_inline_data($post) {
 	if ( ! current_user_can($post_type_object->cap->edit_post, $post->ID) )
 		return;
 
-	$title = esc_attr( get_the_title( $post->ID ) );
+	$title = htmlspecialchars( trim( $post->post_title ), ENT_QUOTES );
 
 	echo '
 <div class="hidden" id="inline_' . $post->ID . '">
 	<div class="post_title">' . $title . '</div>
 	<div class="post_name">' . apply_filters('editable_slug', $post->post_name) . '</div>
 	<div class="post_author">' . $post->post_author . '</div>
-	<div class="comment_status">' . $post->comment_status . '</div>
-	<div class="ping_status">' . $post->ping_status . '</div>
-	<div class="_status">' . $post->post_status . '</div>
+	<div class="comment_status">' . esc_html( $post->comment_status ) . '</div>
+	<div class="ping_status">' . esc_html( $post->ping_status ) . '</div>
+	<div class="_status">' . esc_html( $post->post_status ) . '</div>
 	<div class="jj">' . mysql2date( 'd', $post->post_date, false ) . '</div>
 	<div class="mm">' . mysql2date( 'm', $post->post_date, false ) . '</div>
 	<div class="aa">' . mysql2date( 'Y', $post->post_date, false ) . '</div>
@@ -1269,7 +1269,7 @@ function post_rows( $posts = array() ) {
  * @param unknown_type $mode
  */
 function _post_row($a_post, $pending_comments, $mode) {
-	global $post, $current_user, $current_screen;
+	global $post, $current_screen;
 	static $rowclass;
 
 	$global_post = $post;
@@ -1277,7 +1277,7 @@ function _post_row($a_post, $pending_comments, $mode) {
 	setup_postdata($post);
 
 	$rowclass = 'alternate' == $rowclass ? '' : 'alternate';
-	$post_owner = ( $current_user->ID == $post->post_author ? 'self' : 'other' );
+	$post_owner = ( get_current_user_id() == $post->post_author ? 'self' : 'other' );
 	$edit_link = get_edit_post_link( $post->ID );
 	$title = _draft_or_post_title();
 	$post_type_object = get_post_type_object($post->post_type);
@@ -1390,7 +1390,7 @@ function _post_row($a_post, $pending_comments, $mode) {
 			if ( !empty( $categories ) ) {
 				$out = array();
 				foreach ( $categories as $c )
-					$out[] = "<a href='edit.php?category_name=$c->slug'> " . esc_html(sanitize_term_field('name', $c->name, $c->term_id, 'category', 'display')) . "</a>";
+					$out[] = "<a href='edit.php?post_type={$post->post_type}&amp;category_name={$c->slug}'> " . esc_html(sanitize_term_field('name', $c->name, $c->term_id, 'category', 'display')) . "</a>";
 					echo join( ', ', $out );
 			} else {
 				_e('Uncategorized');
@@ -1406,7 +1406,7 @@ function _post_row($a_post, $pending_comments, $mode) {
 			if ( !empty( $tags ) ) {
 				$out = array();
 				foreach ( $tags as $c )
-					$out[] = "<a href='edit.php?tag=$c->slug'> " . esc_html(sanitize_term_field('name', $c->name, $c->term_id, 'post_tag', 'display')) . "</a>";
+					$out[] = "<a href='edit.php?post_type={$post->post_type}&amp;tag={$c->slug}'> " . esc_html(sanitize_term_field('name', $c->name, $c->term_id, 'post_tag', 'display')) . "</a>";
 				echo join( ', ', $out );
 			} else {
 				_e('No Tags');
@@ -1795,8 +1795,6 @@ function _page_rows( &$children_pages, &$count, $parent, $level, $pagenum, $per_
 function user_row( $user_object, $style = '', $role = '', $numposts = 0 ) {
 	global $wp_roles;
 
-	$current_user = wp_get_current_user();
-
 	if ( !( is_object( $user_object) && is_a( $user_object, 'WP_User' ) ) )
 		$user_object = new WP_User( (int) $user_object );
 	$user_object = sanitize_user_object($user_object, 'display');
@@ -1813,7 +1811,7 @@ function user_row( $user_object, $style = '', $role = '', $numposts = 0 ) {
 	if ( current_user_can( 'list_users' ) ) {
 		// Set up the user editing link
 		// TODO: make profile/user-edit determination a separate function
-		if ($current_user->ID == $user_object->ID) {
+		if ( get_current_user_id() == $user_object->ID) {
 			$edit_link = 'profile.php';
 		} else {
 			$edit_link = esc_url( add_query_arg( 'wp_http_referer', urlencode( esc_url( stripslashes( $_SERVER['REQUEST_URI'] ) ) ), "user-edit.php?user_id=$user_object->ID" ) );
@@ -1830,9 +1828,9 @@ function user_row( $user_object, $style = '', $role = '', $numposts = 0 ) {
 			$edit = "<strong>$user_object->user_login</strong><br />";
 		}
 
-		if ( !is_multisite() && $current_user->ID != $user_object->ID && current_user_can('delete_user', $user_object->ID) )
+		if ( !is_multisite() && get_current_user_id() != $user_object->ID && current_user_can('delete_user', $user_object->ID) )
 			$actions['delete'] = "<a class='submitdelete' href='" . wp_nonce_url("users.php?action=delete&amp;user=$user_object->ID", 'bulk-users') . "'>" . __('Delete') . "</a>";
-		if ( is_multisite() && $current_user->ID != $user_object->ID && current_user_can('remove_user', $user_object->ID) )
+		if ( is_multisite() && get_current_user_id() != $user_object->ID && current_user_can('remove_user', $user_object->ID) )
 			$actions['remove'] = "<a class='submitdelete' href='" . wp_nonce_url("users.php?action=remove&amp;user=$user_object->ID", 'bulk-users') . "'>" . __('Remove') . "</a>";
 		$actions = apply_filters('user_row_actions', $actions, $user_object);
 		$action_count = count($actions);
@@ -2225,8 +2223,6 @@ function _wp_comment_row( $comment_id, $mode, $comment_status, $checkbox = true,
  * @param unknown_type $mode
  */
 function wp_comment_reply($position = '1', $checkbox = false, $mode = 'single', $table_row = true) {
-	global $current_user;
-
 	// allow plugin to replace the popup content
 	$content = apply_filters( 'wp_comment_reply', '', array('position' => $position, 'checkbox' => $checkbox, 'mode' => $mode) );
 
@@ -2278,7 +2274,7 @@ function wp_comment_reply($position = '1', $checkbox = false, $mode = 'single',
 	<br class="clear" />
 	</p>
 
-	<input type="hidden" name="user_ID" id="user_ID" value="<?php echo $current_user->ID; ?>" />
+	<input type="hidden" name="user_ID" id="user_ID" value="<?php echo get_current_user_id(); ?>" />
 	<input type="hidden" name="action" id="action" value="" />
 	<input type="hidden" name="comment_ID" id="comment_ID" value="" />
 	<input type="hidden" name="comment_post_ID" id="comment_post_ID" value="" />

wp-admin/includes/update-core.php

@@ -274,7 +274,7 @@ function update_core($from, $to) {
 	$mysql_version  = $wpdb->db_version();
 	$required_php_version = '4.3';
 	$required_mysql_version = '4.1.2';
-	$wp_version = '3.0';
+	$wp_version = '3.0.6';
 	$php_compat     = version_compare( $php_version, $required_php_version, '>=' );
 	$mysql_compat   = version_compare( $mysql_version, $required_mysql_version, '>=' ) || file_exists( WP_CONTENT_DIR . '/db.php' );
 

wp-admin/includes/upgrade.php

@@ -152,9 +152,9 @@ function wp_install_defaults($user_id) {
 								'link_rss' => '',
 								'link_notes' => '');
 
-	$default_links[] = array(	'link_url' => 'http://wordpress.org/development/',
+	$default_links[] = array(	'link_url' => 'http://wordpress.org/news/',
 								'link_name' => 'WordPress Blog',
-								'link_rss' => 'http://wordpress.org/development/feed/',
+								'link_rss' => 'http://wordpress.org/news/feed/',
 								'link_notes' => '');
 
 	$default_links[] = array(	'link_url' => 'http://wordpress.org/extend/ideas/',
@@ -1130,7 +1130,7 @@ function upgrade_300() {
 		$wpdb->update( $wpdb->postmeta, array( 'meta_value' => '' ), array( 'meta_key' => '_menu_item_target', 'meta_value' => '_self' ) );
 
 	// 3.0 screen options key name changes.
-	if ( !is_multisite() || is_main_site() ) {
+	if ( is_main_site() && !defined('DO_NOT_UPGRADE_GLOBAL_TABLES') ) {
 		$prefix = like_escape($wpdb->base_prefix);
 		$wpdb->query( "DELETE FROM $wpdb->usermeta WHERE meta_key LIKE '{$prefix}%meta-box-hidden%' OR meta_key LIKE '{$prefix}%closedpostboxes%' OR meta_key LIKE '{$prefix}%manage-%-columns-hidden%' OR meta_key LIKE '{$prefix}%meta-box-order%' OR meta_key LIKE '{$prefix}%metaboxorder%' OR meta_key LIKE '{$prefix}%screen_layout%'
 					 OR meta_key = 'manageedittagscolumnshidden' OR meta_key='managecategoriescolumnshidden' OR meta_key = 'manageedit-tagscolumnshidden' OR meta_key = 'manageeditcolumnshidden' OR meta_key = 'categories_per_page' OR meta_key = 'edit_tags_per_page'" );
@@ -1399,6 +1399,10 @@ function dbDelta($queries, $execute = true) {
 	if ($tables = $wpdb->get_col('SHOW TABLES;')) {
 		// For every table in the database
 		foreach ($tables as $table) {
+			// Upgrade global tables only for the main site. Don't upgrade at all if DO_NOT_UPGRADE_GLOBAL_TABLES is defined.
+			if ( in_array($table, $wpdb->tables('global')) && ( !is_main_site() || defined('DO_NOT_UPGRADE_GLOBAL_TABLES') ) )
+				continue;
+
 			// If a table query exists for the database table...
 			if ( array_key_exists(strtolower($table), $cqueries) ) {
 				// Clear the field and index arrays

wp-admin/includes/user.php

@@ -21,13 +21,13 @@
  */
 function add_user() {
 	if ( func_num_args() ) { // The hackiest hack that ever did hack
-		global $current_user, $wp_roles;
+		global $wp_roles;
 		$user_id = (int) func_get_arg( 0 );
 
 		if ( isset( $_POST['role'] ) ) {
 			$new_role = sanitize_text_field( $_POST['role'] );
 			// Don't let anyone with 'edit_users' (admins) edit their own role to something without it.
-			if ( $user_id != $current_user->id || $wp_roles->role_objects[$new_role]->has_cap( 'edit_users' ) ) {
+			if ( $user_id != get_current_user_id() || $wp_roles->role_objects[$new_role]->has_cap( 'edit_users' ) ) {
 				// If the new role isn't editable by the logged-in user die with error
 				$editable_roles = get_editable_roles();
 				if ( empty( $editable_roles[$new_role] ) )
@@ -54,7 +54,7 @@ function add_user() {
  * @return int user id of the updated user
  */
 function edit_user( $user_id = 0 ) {
-	global $current_user, $wp_roles, $wpdb;
+	global $wp_roles, $wpdb;
 	if ( $user_id != 0 ) {
 		$update = true;
 		$user->ID = (int) $user_id;
@@ -79,7 +79,7 @@ function edit_user( $user_id = 0 ) {
 		$potential_role = isset($wp_roles->role_objects[$new_role]) ? $wp_roles->role_objects[$new_role] : false;
 		// Don't let anyone with 'edit_users' (admins) edit their own role to something without it.
 		// Multisite super admins can freely edit their blog roles -- they possess all caps.
-		if ( ( is_multisite() && current_user_can( 'manage_sites' ) ) || $user_id != $current_user->id || ($potential_role && $potential_role->has_cap( 'edit_users' ) ) )
+		if ( ( is_multisite() && current_user_can( 'manage_sites' ) ) || $user_id != get_current_user_id() || ($potential_role && $potential_role->has_cap( 'edit_users' ) ) )
 			$user->role = $new_role;
 
 		// If the new role isn't editable by the logged-in user die with error

wp-admin/install.php

@@ -253,7 +253,7 @@ var pwsL10n = {
  empty: "<?php echo esc_js( __( 'Strength indicator' ) ); ?>",
  short: "<?php echo esc_js( __( 'Very weak' ) ); ?>",
  bad: "<?php echo esc_js( __( 'Weak' ) ); ?>",
- good: "<?php echo esc_js( __( 'Medium' ) ); ?>",
+ good: "<?php echo esc_js( _x( 'Medium', 'password strength' ) ); ?>",
  strong: "<?php echo esc_js( __( 'Strong' ) ); ?>",
  mismatch: "<?php echo esc_js( __( 'Mismatch' ) ); ?>"
 };

wp-admin/js/post.dev.js

@@ -36,30 +36,39 @@ tagBox = {
 	},
 
 	quickClicks : function(el) {
-		var thetags = $('.the-tags', el), tagchecklist = $('.tagchecklist', el), current_tags;
+		var thetags = $('.the-tags', el),
+			tagchecklist = $('.tagchecklist', el),
+			id = $(el).attr('id'),
+			current_tags, disabled;
 
 		if ( !thetags.length )
 			return;
 
-		var disabled = thetags.attr('disabled');
+		disabled = thetags.attr('disabled');
 
 		current_tags = thetags.val().split(',');
 		tagchecklist.empty();
 
 		$.each( current_tags, function( key, val ) {
-			var txt, button_id, id = $(el).attr('id');
+			var span, xbutton;
 
-			val = $.trim(val);
-			if ( !val.match(/^\s+$/) && '' != val ) {
-				button_id = id + '-check-num-' + key;
-				if ( disabled )
-		 			txt = '<span>' + val + '</span> ';
-				else
-		 			txt = '<span><a id="' + button_id + '" class="ntdelbutton">X</a>&nbsp;' + val + '</span> ';
-	 			tagchecklist.append(txt);
-				if ( ! disabled )
-		 			$( '#' + button_id ).click( function(){ tagBox.parseTags(this); });
+			val = $.trim( val );
+
+			if ( ! val )
+				return;
+
+			// Create a new span, and ensure the text is properly escaped.
+			span = $('<span />').text( val );
+
+			// If tags editing isn't disabled, create the X button.
+			if ( ! disabled ) {
+				xbutton = $( '<a id="' + id + '-check-num-' + key + '" class="ntdelbutton">X</a>' );
+				xbutton.click( function(){ tagBox.parseTags(this); });
+				span.prepend('&nbsp;').prepend( xbutton );
 			}
+
+			// Append the span to the tag list.
+			tagchecklist.append( span );
 		});
 	},
 

wp-admin/media-upload.php

@@ -35,6 +35,7 @@ if ( isset($_GET['inline']) ) {
 	$errors = array();
 
 	if ( isset($_POST['html-upload']) && !empty($_FILES) ) {
+		check_admin_referer('media-form');
 		// Upload File button was clicked
 		$id = media_handle_upload('async-upload', $_REQUEST['post_id']);
 		unset($_FILES);

wp-admin/menu.php

@@ -113,7 +113,7 @@ $menu[20] = array( __('Pages'), 'edit_pages', 'edit.php?post_type=page', '', 'me
 		if ( ! $tax->show_ui || ! in_array('page', (array) $tax->object_type, true) )
 			continue;
 
-		$submenu['edit.php?post_type=page'][$i++] = array( esc_attr( $tax->labels->name ), $tax->cap->manage_terms, 'edit-tags.php?taxonomy=' . $tax->name );
+		$submenu['edit.php?post_type=page'][$i++] = array( esc_attr( $tax->labels->name ), $tax->cap->manage_terms, 'edit-tags.php?post_type=page&taxonomy=' . $tax->name );
 	}
 	unset($tax);
 

wp-admin/ms-edit.php

@@ -104,7 +104,7 @@ switch ( $_GET['action'] ) {
 			$move_users = array();
 			foreach ( (array)$users as $user ) {
 				$user_meta_value = unserialize( $user->meta_value );
-				if ( is_array( $user_meta_value ) && array_pop( array_keys( $user_meta_value ) ) == 'subscriber' )
+				if ( is_array( $user_meta_value ) && array_pop( $var_by_ref = array_keys( $user_meta_value ) ) == 'subscriber' )
 					$move_users[] = $user->user_id;
 			}
 			if ( false == empty( $move_users ) ) {
@@ -118,7 +118,7 @@ switch ( $_GET['action'] ) {
 		update_site_option( 'dashboard_blog', $dashboard_blog_id );
 
 		$options = array( 'registrationnotification', 'registration', 'add_new_users', 'menu_items', 'mu_media_buttons', 'upload_space_check_disabled', 'blog_upload_space', 'upload_filetypes', 'site_name', 'first_post', 'first_page', 'first_comment', 'first_comment_url', 'first_comment_author', 'welcome_email', 'welcome_user_email', 'fileupload_maxk', 'admin_notice_feed', 'global_terms_enabled' );
-		$checked_options = array( 'mu_media_buttons' => array(), 'menu_items' => array(), 'registrationnotification' => 'no', 'upload_space_check_disabled' => 1 );
+		$checked_options = array( 'mu_media_buttons' => array(), 'menu_items' => array(), 'registrationnotification' => 'no', 'upload_space_check_disabled' => 1, 'add_new_users' => 0 );
 		foreach ( $checked_options as $option_name => $option_unchecked_value ) {
 			if ( ! isset( $_POST[$option_name] ) )
 				$_POST[$option_name] = $option_unchecked_value;
@@ -226,8 +226,9 @@ switch ( $_GET['action'] ) {
 		if ( is_array( $_POST['option'] ) ) {
 			$c = 1;
 			$count = count( $_POST['option'] );
+			$skip_options = array( 'allowedthemes' ); // Don't update these options since they are handled elsewhere in the form.
 			foreach ( (array) $_POST['option'] as $key => $val ) {
-				if ( $key === 0 || is_array( $val ) )
+				if ( $key === 0 || is_array( $val ) || in_array($key, $skip_options) )
 					continue; // Avoids "0 is a protected WP option and may not be modified" error when edit blog options
 				if ( $c == $count )
 					update_option( $key, stripslashes( $val ) );
@@ -264,7 +265,7 @@ switch ( $_GET['action'] ) {
 			reset( $newroles );
 			foreach ( (array) $newroles as $userid => $role ) {
 				$user = new WP_User( $userid );
-				if ( ! $user )
+				if ( empty( $user->ID ) )
 					continue;
 				$user->for_blog( $id );
 				$user->set_role( $role );
@@ -286,14 +287,14 @@ switch ( $_GET['action'] ) {
 				unset( $_POST['role'] );
 				$_POST['role'] = $newroles[ $userid ];
 				if ( $pass != '' ) {
-					$cap = $wpdb->get_var( "SELECT meta_value FROM {$wpdb->usermeta} WHERE user_id = '{$userid}' AND meta_key = '{$blog_prefix}capabilities' AND meta_value = 'a:0:{}'" );
+					$cap = $wpdb->get_var( $wpdb->prepare( "SELECT meta_value FROM {$wpdb->usermeta} WHERE user_id = %d AND meta_key = '{$blog_prefix}capabilities' AND meta_value = 'a:0:{}'", $userid ) );
 					$userdata = get_userdata($userid);
 					$_POST['pass1'] = $_POST['pass2'] = $pass;
 					$_POST['email'] = $userdata->user_email;
 					$_POST['rich_editing'] = $userdata->rich_editing;
 					edit_user( $userid );
 					if ( $cap == null )
-						$wpdb->query( "DELETE FROM {$wpdb->usermeta} WHERE user_id = '{$userid}' AND meta_key = '{$blog_prefix}capabilities' AND meta_value = 'a:0:{}'" );
+						$wpdb->query( $wpdb->prepare( "DELETE FROM {$wpdb->usermeta} WHERE user_id = %d AND meta_key = '{$blog_prefix}capabilities' AND meta_value = 'a:0:{}'", $userid ) );
 				}
 			}
 			unset( $_POST['role'] );

wp-admin/ms-sites.php

@@ -107,6 +107,9 @@ switch ( $action ) {
 		$blog_prefix = $wpdb->get_blog_prefix( $id );
 		$options = $wpdb->get_results( "SELECT * FROM {$blog_prefix}options WHERE option_name NOT LIKE '\_%' AND option_name NOT LIKE '%user_roles'" );
 		$details = get_blog_details( $id );
+		if ( $details->site_id != $wpdb->siteid )
+			wp_die( __( 'You do not have permission to access this page.' ) );
+
 		$editblog_roles = get_blog_option( $id, "{$blog_prefix}user_roles" );
 		$is_main_site = is_main_site( $id );
 		?>
@@ -197,7 +200,7 @@ switch ( $action ) {
 							?>
 								<tr class="form-field">
 									<th scope="row"><?php echo ucwords( str_replace( "_", " ", $option->option_name ) ) ?></th>
-									<td><textarea class="<?php echo $class; ?>" rows="5" cols="40" name="option[<?php echo esc_attr( $option->option_name ) ?>]" id="<?php echo esc_attr( $option->option_name ) ?>"<?php disabled( $disabled ) ?>><?php wp_htmledit_pre( $option->option_value ) ?></textarea></td>
+									<td><textarea class="<?php echo $class; ?>" rows="5" cols="40" name="option[<?php echo esc_attr( $option->option_name ) ?>]" id="<?php echo esc_attr( $option->option_name ) ?>"<?php disabled( $disabled ) ?>><?php echo wp_htmledit_pre( $option->option_value ) ?></textarea></td>
 								</tr>
 							<?php
 							} else {

wp-admin/nav-menus.php

@@ -290,9 +290,6 @@ switch ( $action ) {
 				if ( is_wp_error( $_nav_menu_selected_id ) ) {
 					$messages[] = '<div id="message" class="error"><p>' . $_nav_menu_selected_id->get_error_message() . '</p></div>';
 				} else {
-					if ( ( $_menu_locations = get_registered_nav_menus() ) && 1 == count( wp_get_nav_menus() ) )
-						set_theme_mod( 'nav_menu_locations', array( key( $_menu_locations ) => $_nav_menu_selected_id ) );
-					unset( $_menu_locations );
 					$_menu_object = wp_get_nav_menu_object( $_nav_menu_selected_id );
 					$nav_menu_selected_id = $_nav_menu_selected_id;
 					$nav_menu_selected_title = $_menu_object->name;
@@ -450,7 +447,7 @@ wp_nav_menu_setup();
 wp_initial_nav_menu_meta_boxes();
 
 if ( ! current_theme_supports( 'menus' ) && ! wp_get_nav_menus() )
-	echo '<div id="message" class="updated"><p>' . __('The current theme does not natively support menus, but you can use the &#8220;Custom Menu&#8221; widget to add any menus you create here to the theme&#8217;s sidebar.') . '</p></div>';
+	$messages[] = '<div id="message" class="updated"><p>' . __('The current theme does not natively support menus, but you can use the &#8220;Custom Menu&#8221; widget to add any menus you create here to the theme&#8217;s sidebar.') . '</p></div>';
 
 $help =  '<p>' . __('This feature is new in version 3.0; to use a custom menu in place of your theme&#8217;s default menus, support for this feature must be registered in the theme&#8217;s functions.php file. If your theme does not support the custom menus feature yet (the new default theme, Twenty Ten, does), you can learn about adding support yourself by following the below link.') . '</p>';
 $help .= '<p>' . __('You can create custom menus for your site. These menus may contain links to pages, categories, custom links or other content types (use the Screen Options tab to decide which ones to show on the screen). You can specify a different navigation label for a menu item as well as other attributes. You can create multiple menus. If your theme includes more than one menu, you can choose which custom menu to associate with each. You can also use custom menus in conjunction with the Custom Menus widget.') . '</p>';

wp-admin/plugins.php

@@ -255,11 +255,11 @@ if ( !empty($action) ) {
 						foreach ( $plugin_info as $plugin ) {
 							if ( $plugin['is_uninstallable'] ) {
 								/* translators: 1: plugin name, 2: plugin author */
-								echo '<li>', sprintf( __( '<strong>%1$s</strong> by <em>%2$s</em> (will also <strong>delete its data</strong>)' ), $plugin['Name'], $plugin['Author'] ), '</li>';
+								echo '<li>', sprintf( __( '<strong>%1$s</strong> by <em>%2$s</em> (will also <strong>delete its data</strong>)' ), esc_html($plugin['Name']), esc_html($plugin['Author']) ), '</li>';
 								$data_to_delete = true;
 							} else {
 								/* translators: 1: plugin name, 2: plugin author */
-								echo '<li>', sprintf( __('<strong>%1$s</strong> by <em>%2$s</em>' ), $plugin['Name'], $plugin['Author'] ), '</li>';
+								echo '<li>', sprintf( __('<strong>%1$s</strong> by <em>%2$s</em>' ), esc_html($plugin['Name']), esc_html($plugin['Author']) ), '</li>';
 							}
 						}
 						?>
@@ -289,7 +289,7 @@ if ( !empty($action) ) {
 					<ul class="code">
 					<?php
 						foreach ( (array)$files_to_delete as $file )
-							echo '<li>' . str_replace(WP_PLUGIN_DIR, '', $file) . '</li>';
+							echo '<li>' . esc_html(str_replace(WP_PLUGIN_DIR, '', $file)) . '</li>';
 					?>
 					</ul>
 				</div>
@@ -555,9 +555,10 @@ function print_plugins_table($plugins, $context = '') {
 				$description = '<p><strong>' . $dropins[ $plugin_file ][0] . '</strong></p>';
 			} else {
 				$is_active = false;
-				$description = '<strong>' . $dropins[ $plugin_file ][0] . ' <span class="attention">' . __('Inactive:') . '</span></strong> ' . sprintf( __( 'Requires <code>%s</code> in <code>wp-config.php</code>.' ), "define('" . $dropins[ $plugin_file ][1] . "', true);" ) . '</p>';
+				$description = '<p><strong>' . $dropins[ $plugin_file ][0] . ' <span class="attention">' . __('Inactive:') . '</span></strong> ' . sprintf( __( 'Requires <code>%s</code> in <code>wp-config.php</code>.' ), "define('" . $dropins[ $plugin_file ][1] . "', true);" ) . '</p>';
 			}
-			$description .= '<p>' . $plugin_data['Description'] . '</p>';
+			if ( $plugin_data['Description'] )
+				$description .= '<p>' . $plugin_data['Description'] . '</p>';
 		} else {
 			$is_active_for_network = is_plugin_active_for_network($plugin_file);
 			$is_active = $is_active_for_network || is_plugin_active( $plugin_file );
@@ -736,9 +737,9 @@ unset( $status_links );
 
 <?php
 if ( 'mustuse' == $status )
-	echo '<div class="clear"><p>' . __( 'Files in the <code>/wp-content/mu-plugins</code> directory are executed automatically.' ) . '</p>';
+	echo '<div class="clear"></div><p>' . __( 'Files in the <code>/wp-content/mu-plugins</code> directory are executed automatically.' ) . '</p>';
 elseif ( 'dropins' == $status )
-	echo '<div class="clear"><p>' . __( 'Drop-ins are advanced plugins in the <code>/wp-content</code> directory that replace WordPress functionality when present.' ) . '</p>';
+	echo '<div class="clear"></div><p>' . __( 'Drop-ins are advanced plugins in the <code>/wp-content</code> directory that replace WordPress functionality when present.' ) . '</p>';
 
 if ( !empty( $plugins ) && ( ! in_array( $status, array( 'mustuse', 'dropins' ) ) || $page_links ) ) :
 ?>
@@ -769,8 +770,6 @@ if ( $page_links )
 print_plugin_actions($status, "action2");
 ?>
 </div>
-<?php } elseif ( ! empty( $all_plugins ) ) { ?>
-<p><?php __( 'No plugins found.' ); ?></p>
 <?php } ?>
 </form>
 

wp-admin/press-this.php

@@ -52,7 +52,12 @@ function press_it() {
 		}
 	}
 	// set the post_content and status
-	$quick['post_status'] = isset($_POST['publish']) ? 'publish' : 'draft';
+	if ( isset( $_POST['publish'] ) && current_user_can( 'publish_posts' ) )
+		$quick['post_status'] = 'publish';
+	elseif ( isset( $_POST['review'] ) )
+		$quick['post_status'] = 'pending';
+	else
+		$quick['post_status'] = 'draft';
 	$quick['post_content'] = $content;
 	// error handling for media_sideload
 	if ( is_wp_error($upload) ) {
@@ -522,7 +527,7 @@ var photostorage = false;
 								</label>
 								<?php wp_dropdown_categories( array( 'taxonomy' => 'category', 'hide_empty' => 0, 'name' => 'newcategory_parent', 'orderby' => 'name', 'hierarchical' => 1, 'show_option_none' => '&mdash; ' . $tax->labels->parent_item . ' &mdash;', 'tab_index' => 3 ) ); ?>
 								<input type="button" id="category-add-submit" class="add:categorychecklist:category-add button category-add-sumbit" value="<?php echo esc_attr( $tax->labels->add_new_item ); ?>" tabindex="3" />
-								<?php wp_nonce_field( 'add-category', '_ajax_nonce', false ); ?>
+								<?php wp_nonce_field( 'add-category', '_ajax_nonce-add-category', false ); ?>
 								<span id="category-ajax-response"></span>
 							</p>
 						</div>

wp-admin/update-core.php

@@ -42,7 +42,7 @@ function list_core_update( $update ) {
 			elseif ( !$mysql_compat )
 				$message = sprintf( __('You cannot update because <a href="http://codex.wordpress.org/Version_%1$s">WordPress %1$s</a> requires MySQL version %2$s or higher. You are running version %3$s.'), $update->current, $update->mysql_version, $mysql_version );
 			else
-				$message = 	sprintf(__('You can update to <a href="http://codex.wordpress.org/Version_%1$s">WordPress %1$s</a> automatically or download the package and install it manually:'), $version_string);
+				$message = 	sprintf(__('You can update to <a href="http://codex.wordpress.org/Version_%1$s">WordPress %2$s</a> automatically or download the package and install it manually:'), $update->current, $version_string);
 			if ( !$mysql_compat || !$php_compat )
 				$show_buttons = false;
 		}

wp-admin/upgrade.php

@@ -86,7 +86,7 @@ switch ( $step ) :
 		wp_upgrade();
 
 			$backto = !empty($_GET['backto']) ? stripslashes( urldecode( $_GET['backto'] ) ) :  __get_option( 'home' ) . '/';
-			$backto = esc_url_raw( $backto );
+			$backto = esc_url( $backto );
 			$backto = wp_validate_redirect($backto, __get_option( 'home' ) . '/');
 ?>
 <h2><?php _e( 'Upgrade Complete' ); ?></h2>

wp-admin/user-new.php

@@ -118,7 +118,7 @@ add_contextual_help($current_screen,
         '<li>' . __('Subscribers can read comments/comment/receive newsletters, etc.') . '</li>' .
     '</ul>' .
     '<p>' . __('You must assign a password to the new user, but don&#8217;t worry; when they log in for the first time they will be prompted to change it. The username, however, cannot be changed.') . '</p>' .
-    '<p>' . __('New users will receive an email letting them know they&#8217;ve been added as a user for your site. By default, this email will also contain their password. Uncheck the box if you do not the password to be included in the welcome email.') . '</p>' .
+    '<p>' . __('New users will receive an email letting them know they&#8217;ve been added as a user for your site. By default, this email will also contain their password. Uncheck the box if you don&#8217;t want the password to be included in the welcome email.') . '</p>' .
     '<p>' . __('Remember to click the Add User button at the bottom of this screen when you are finished.') . '</p>' .
     '<p><strong>' . __('For more information:') . '</strong></p>' .
     '<p>' . __('<a href="http://codex.wordpress.org/Users_Add_New_SubPanel" target="_blank">Documentation on Adding New Users</a>') . '</p>' .

wp-app.php

@@ -223,7 +223,7 @@ class AtomServer {
 	 */
 	function AtomServer() {
 
-		$this->script_name = array_pop(explode('/',$_SERVER['SCRIPT_NAME']));
+		$this->script_name = array_pop( $var_by_ref = explode( '/', $_SERVER['SCRIPT_NAME'] ) );
 		$this->app_base = site_url( $this->script_name . '/' );
 
 		$this->selectors = array(

wp-content/themes/twentyten/attachment.php

@@ -9,15 +9,17 @@
 
 get_header(); ?>
 
-		<div id="container">
+		<div id="container" class="single-attachment">
 			<div id="content" role="main">
 
 <?php if ( have_posts() ) while ( have_posts() ) : the_post(); ?>
 
-				<p class="page-title"><a href="<?php echo get_permalink( $post->post_parent ); ?>" title="<?php esc_attr( printf( __( 'Return to %s', 'twentyten' ), get_the_title( $post->post_parent ) ) ); ?>" rel="gallery"><?php
-					/* translators: %s - title of parent post */
-					printf( __( '<span class="meta-nav">&larr;</span> %s', 'twentyten' ), get_the_title( $post->post_parent ) );
-				?></a></p>
+				<?php if ( ! empty( $post->post_parent ) ) : ?>
+					<p class="page-title"><a href="<?php echo get_permalink( $post->post_parent ); ?>" title="<?php esc_attr( printf( __( 'Return to %s', 'twentyten' ), get_the_title( $post->post_parent ) ) ); ?>" rel="gallery"><?php
+						/* translators: %s - title of parent post */
+						printf( __( '<span class="meta-nav">&larr;</span> %s', 'twentyten' ), get_the_title( $post->post_parent ) );
+					?></a></p>
+				<?php endif; ?>
 
 				<div id="post-<?php the_ID(); ?>" <?php post_class(); ?>>
 					<h2 class="entry-title"><?php the_title(); ?></h2>

wp-content/themes/twentyten/editor-style.css

@@ -39,7 +39,7 @@ body, input, textarea {
 	line-height: 18px;
 }
 hr {
-	background-color: #E7E7E7;
+	background-color: #e7e7e7;
 	border:0;
 	height: 1px;
 	margin-bottom: 18px;
@@ -95,7 +95,7 @@ big {
 	font-size: 131.25%;
 }
 ins {
-	background: #FFFFCC;
+	background: #ffffcc;
 	border: none;
 	color: #333;
 }
@@ -142,14 +142,14 @@ sub {
 	top: .5ex;
 }
 a:link {
-	color:#0066CC;
+	color:#0066cc;
 }
 a:visited {
 	color:#743399;
 }
 a:active,
 a:hover {
-	color: #FF4B33;
+	color: #ff4b33;
 }
 p,
 ul,

wp-content/themes/twentyten/functions.php

@@ -203,64 +203,6 @@ function twentyten_admin_header_style() {
 }
 endif;
 
-/**
- * Makes some changes to the <title> tag, by filtering the output of wp_title().
- *
- * If we have a site description and we're viewing the home page or a blog posts
- * page (when using a static front page), then we will add the site description.
- *
- * If we're viewing a search result, then we're going to recreate the title entirely.
- * We're going to add page numbers to all titles as well, to the middle of a search
- * result title and the end of all other titles.
- *
- * The site title also gets added to all titles.
- *
- * @since Twenty Ten 1.0
- *
- * @param string $title Title generated by wp_title()
- * @param string $separator The separator passed to wp_title(). Twenty Ten uses a
- * 	vertical bar, "|", as a separator in header.php.
- * @return string The new title, ready for the <title> tag.
- */
-function twentyten_filter_wp_title( $title, $separator ) {
-	// Don't affect wp_title() calls in feeds.
-	if ( is_feed() )
-		return $title;
-
-	// The $paged global variable contains the page number of a listing of posts.
-	// The $page global variable contains the page number of a single post that is paged.
-	// We'll display whichever one applies, if we're not looking at the first page.
-	global $paged, $page;
-
-	if ( is_search() ) {
-		// If we're a search, let's start over:
-		$title = sprintf( __( 'Search results for %s', 'twentyten' ), '"' . get_search_query() . '"' );
-		// Add a page number if we're on page 2 or more:
-		if ( $paged >= 2 )
-			$title .= " $separator " . sprintf( __( 'Page %s', 'twentyten' ), $paged );
-		// Add the site name to the end:
-		$title .= " $separator " . get_bloginfo( 'name', 'display' );
-		// We're done. Let's send the new title back to wp_title():
-		return $title;
-	}
-
-	// Otherwise, let's start by adding the site name to the end:
-	$title .= get_bloginfo( 'name', 'display' );
-
-	// If we have a site description and we're on the home/front page, add the description:
-	$site_description = get_bloginfo( 'description', 'display' );
-	if ( $site_description && ( is_home() || is_front_page() ) )
-		$title .= " $separator " . $site_description;
-
-	// Add a page number if necessary:
-	if ( $paged >= 2 || $page >= 2 )
-		$title .= " $separator " . sprintf( __( 'Page %s', 'twentyten' ), max( $paged, $page ) );
-
-	// Return the new title to wp_title():
-	return $title;
-}
-add_filter( 'wp_title', 'twentyten_filter_wp_title', 10, 2 );
-
 /**
  * Get our wp_nav_menu() fallback, wp_page_menu(), to show a home link.
  *

wp-content/themes/twentyten/header.php

@@ -15,11 +15,23 @@
 <title><?php
 	/*
 	 * Print the <title> tag based on what is being viewed.
-	 * We filter the output of wp_title() a bit -- see
-	 * twentyten_filter_wp_title() in functions.php.
 	 */
+	global $page, $paged;
+
 	wp_title( '|', true, 'right' );
 
+	// Add the blog name.
+	bloginfo( 'name' );
+
+	// Add the blog description for the home/front page.
+	$site_description = get_bloginfo( 'description', 'display' );
+	if ( $site_description && ( is_home() || is_front_page() ) )
+		echo " | $site_description";
+
+	// Add a page number if necessary:
+	if ( $paged >= 2 || $page >= 2 )
+		echo ' | ' . sprintf( __( 'Page %s', 'twentyten' ), max( $paged, $page ) );
+
 	?></title>
 <link rel="profile" href="http://gmpg.org/xfn/11" />
 <link rel="stylesheet" type="text/css" media="all" href="<?php bloginfo( 'stylesheet_url' ); ?>" />

wp-content/themes/twentyten/languages/twentyten.pot

@@ -1,122 +1,53 @@
-# Translation of the WordPress theme Twenty Ten 1.0 by the WordPress team.
-# Copyright (C) 2010 the WordPress team
+# Copyright (C) 2010 Twenty Ten
 # This file is distributed under the same license as the Twenty Ten package.
-# FIRST AUTHOR <EMAIL@ADDRESS>, 2010.
-#
-#, fuzzy
 msgid ""
 msgstr ""
-"Project-Id-Version: Twenty Ten 1.0\n"
+"Project-Id-Version: Twenty Ten 1.1\n"
 "Report-Msgid-Bugs-To: http://wordpress.org/tag/twentyten\n"
-"POT-Creation-Date: 2010-06-15 16:21+0000\n"
+"POT-Creation-Date: 2011-01-01 21:26:51+00:00\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
 "PO-Revision-Date: 2010-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
-"MIME-Version: 1.0\n"
-"Content-Type: text/plain; charset=utf-8\n"
-"Content-Transfer-Encoding: 8bit\n"
-"Plural-Forms: nplurals=INTEGER; plural=EXPRESSION;\n"
 
-#: 404.php:16 loop.php:33
-msgid "Not Found"
+#. #-#-#-#-#  twentyten.pot (Twenty Ten 1.1)  #-#-#-#-#
+#. Theme URI of the plugin/theme
+#: footer.php:33
+msgid "http://wordpress.org/"
 msgstr ""
 
-#: 404.php:18
-msgid ""
-"Apologies, but the page you requested could not be found. Perhaps searching "
-"will help."
+#: footer.php:34
+msgid "Semantic Personal Publishing Platform"
 msgstr ""
 
-#: archive.php:33
-#, php-format
-msgid "Daily Archives: <span>%s</span>"
-msgstr ""
-
-#: archive.php:35
-#, php-format
-msgid "Monthly Archives: <span>%s</span>"
-msgstr ""
-
-#: archive.php:37
-#, php-format
-msgid "Yearly Archives: <span>%s</span>"
-msgstr ""
-
-#: archive.php:39
-msgid "Blog Archives"
-msgstr ""
-
-#: attachment.php:17
-#, php-format
-msgid "Return to %s"
-msgstr ""
-
-#. translators: %s - title of parent post
-#: attachment.php:19
-#, php-format
-msgid "<span class=\"meta-nav\">&larr;</span> %s"
-msgstr ""
-
-#: attachment.php:27
-#, php-format
-msgid "<span class=\"%1$s\">By</span> %2$s"
-msgstr ""
-
-#: attachment.php:31 functions.php:509
-#, php-format
-msgid "View all posts by %s"
-msgstr ""
-
-#: attachment.php:38
-#, php-format
-msgid "<span class=\"%1$s\">Published</span> %2$s"
-msgstr ""
-
-#: attachment.php:48
-#, php-format
-msgid "Full size is %s pixels"
-msgstr ""
-
-#: attachment.php:51
-msgid "Link to full-size image"
-msgstr ""
-
-#: attachment.php:58 attachment.php:105 loop.php:94 loop.php:117 loop.php:159
-#: onecolumn-page.php:27 page.php:32 single.php:53
-msgid "Edit"
-msgstr ""
-
-#: attachment.php:98 functions.php:299 loop.php:109 loop.php:137
-msgid "Continue reading <span class=\"meta-nav\">&rarr;</span>"
-msgstr ""
-
-#: attachment.php:99 loop.php:138 onecolumn-page.php:26 page.php:31
-#: single.php:31
-msgid "Pages:"
-msgstr ""
-
-#: author.php:27
-#, php-format
-msgid "Author Archives: %s"
-msgstr ""
-
-#: author.php:37 single.php:40
-#, php-format
-msgid "About %s"
+#: footer.php:35
+msgid "Proudly powered by %s."
 msgstr ""
 
 #: category.php:16
-#, php-format
 msgid "Category Archives: %s"
 msgstr ""
 
+#: sidebar.php:27
+msgid "Archives"
+msgstr ""
+
+#: sidebar.php:34
+msgid "Meta"
+msgstr ""
+
+#: tag.php:16
+msgid "Tag Archives: %s"
+msgstr ""
+
 #: comments.php:18
 msgid ""
 "This post is password protected. Enter the password to view any comments."
 msgstr ""
 
 #: comments.php:35
-#, php-format
 msgid "One Response to %2$s"
 msgid_plural "%1$s Responses to %2$s"
 msgstr[0] ""
@@ -134,183 +65,21 @@ msgstr ""
 msgid "Comments are closed."
 msgstr ""
 
-#. #-#-#-#-#  twentyten.pot (Twenty Ten 1.0)  #-#-#-#-#
-#. Theme URI of the plugin/theme
-#: footer.php:33
-msgid "http://wordpress.org/"
+#: 404.php:16 loop.php:33
+msgid "Not Found"
 msgstr ""
 
-#: footer.php:34
-msgid "Semantic Personal Publishing Platform"
-msgstr ""
-
-#: footer.php:35
-#, php-format
-msgid "Proudly powered by %s."
-msgstr ""
-
-#: functions.php:97
-msgid "Primary Navigation"
-msgstr ""
-
-#. translators: header image description
-#: functions.php:133
-msgid "Berries"
-msgstr ""
-
-#. translators: header image description
-#: functions.php:139
-msgid "Cherry Blossoms"
-msgstr ""
-
-#. translators: header image description
-#: functions.php:145
-msgid "Concave"
-msgstr ""
-
-#. translators: header image description
-#: functions.php:151
-msgid "Fern"
-msgstr ""
-
-#. translators: header image description
-#: functions.php:157
-msgid "Forest Floor"
-msgstr ""
-
-#. translators: header image description
-#: functions.php:163
-msgid "Inkwell"
-msgstr ""
-
-#. translators: header image description
-#: functions.php:169
-msgid "Path"
-msgstr ""
-
-#. translators: header image description
-#: functions.php:175
-msgid "Sunset"
-msgstr ""
-
-#: functions.php:237
-#, php-format
-msgid "Search results for %s"
-msgstr ""
-
-#: functions.php:240 functions.php:257
-#, php-format
-msgid "Page %s"
-msgstr ""
-
-#: functions.php:366
-#, php-format
-msgid "%s <span class=\"says\">says:</span>"
-msgstr ""
-
-#: functions.php:369
-msgid "Your comment is awaiting moderation."
-msgstr ""
-
-#. translators: 1: date, 2: time
-#: functions.php:376
-#, php-format
-msgid "%1$s at %2$s"
-msgstr ""
-
-#: functions.php:376 functions.php:393
-msgid "(Edit)"
-msgstr ""
-
-#: functions.php:393
-msgid "Pingback:"
-msgstr ""
-
-#: functions.php:412
-msgid "Primary Widget Area"
-msgstr ""
-
-#: functions.php:414
-msgid "The primary widget area"
-msgstr ""
-
-#: functions.php:423
-msgid "Secondary Widget Area"
-msgstr ""
-
-#: functions.php:425
-msgid "The secondary widget area"
-msgstr ""
-
-#: functions.php:434
-msgid "First Footer Widget Area"
-msgstr ""
-
-#: functions.php:436
-msgid "The first footer widget area"
-msgstr ""
-
-#: functions.php:445
-msgid "Second Footer Widget Area"
-msgstr ""
-
-#: functions.php:447
-msgid "The second footer widget area"
-msgstr ""
-
-#: functions.php:456
-msgid "Third Footer Widget Area"
-msgstr ""
-
-#: functions.php:458
-msgid "The third footer widget area"
-msgstr ""
-
-#: functions.php:467
-msgid "Fourth Footer Widget Area"
-msgstr ""
-
-#: functions.php:469
-msgid "The fourth footer widget area"
-msgstr ""
-
-#: functions.php:500
-#, php-format
+#: 404.php:18
 msgid ""
-"<span class=\"%1$s\">Posted on</span> %2$s <span class=\"meta-sep\">by</"
-"span> %3$s"
+"Apologies, but the page you requested could not be found. Perhaps searching "
+"will help."
 msgstr ""
 
-#: functions.php:526
-#, php-format
-msgid ""
-"This entry was posted in %1$s and tagged %2$s. Bookmark the <a href=\"%3$s\" "
-"title=\"Permalink to %4$s\" rel=\"bookmark\">permalink</a>."
-msgstr ""
-
-#: functions.php:528
-#, php-format
-msgid ""
-"This entry was posted in %1$s. Bookmark the <a href=\"%3$s\" title="
-"\"Permalink to %4$s\" rel=\"bookmark\">permalink</a>."
-msgstr ""
-
-#: functions.php:530
-#, php-format
-msgid ""
-"Bookmark the <a href=\"%3$s\" title=\"Permalink to %4$s\" rel=\"bookmark"
-"\">permalink</a>."
-msgstr ""
-
-#: header.php:71
-msgid "Skip to content"
-msgstr ""
-
-#: loop.php:25 loop.php:172
+#: loop.php:25 loop.php:173
 msgid "<span class=\"meta-nav\">&larr;</span> Older posts"
 msgstr ""
 
-#: loop.php:26 loop.php:173
+#: loop.php:26 loop.php:174
 msgid "Newer posts <span class=\"meta-nav\">&rarr;</span>"
 msgstr ""
 
@@ -320,58 +89,239 @@ msgid ""
 "searching will help find a related post."
 msgstr ""
 
-#: loop.php:60 loop.php:91
+#: loop.php:60 loop.php:92
 msgctxt "gallery category slug"
 msgid "gallery"
 msgstr ""
 
-#: loop.php:62 loop.php:82 loop.php:125
-#, php-format
+#: loop.php:62 loop.php:83 loop.php:126
 msgid "Permalink to %s"
 msgstr ""
 
-#: loop.php:81
-#, php-format
+#: loop.php:82
 msgid "This gallery contains <a %1$s>%2$s photos</a>."
 msgstr ""
 
-#: loop.php:91
+#: loop.php:92
 msgid "View posts in the Gallery category"
 msgstr ""
 
-#: loop.php:91
+#: loop.php:92
 msgid "More Galleries"
 msgstr ""
 
-#: loop.php:93 loop.php:116 loop.php:158
+#: loop.php:94 loop.php:117 loop.php:159
 msgid "Leave a comment"
 msgstr ""
 
-#: loop.php:93 loop.php:116 loop.php:158
+#: loop.php:94 loop.php:117 loop.php:159
 msgid "1 Comment"
 msgstr ""
 
-#: loop.php:93 loop.php:116 loop.php:158
+#: loop.php:94 loop.php:117 loop.php:159
 msgid "% Comments"
 msgstr ""
 
-#: loop.php:100
+#: loop.php:95 loop.php:118 loop.php:160 page.php:32 attachment.php:60
+#: attachment.php:107 onecolumn-page.php:27 single.php:53
+msgid "Edit"
+msgstr ""
+
+#: loop.php:101
 msgctxt "asides category slug"
 msgid "asides"
 msgstr ""
 
-#: loop.php:145
-#, php-format
+#: loop.php:110 loop.php:138 functions.php:241 attachment.php:100
+msgid "Continue reading <span class=\"meta-nav\">&rarr;</span>"
+msgstr ""
+
+#: loop.php:139 page.php:31 attachment.php:101 onecolumn-page.php:26
+#: single.php:31
+msgid "Pages:"
+msgstr ""
+
+#: loop.php:146
 msgid "<span class=\"%1$s\">Posted in</span> %2$s"
 msgstr ""
 
-#: loop.php:154
-#, php-format
+#: loop.php:155
 msgid "<span class=\"%1$s\">Tagged</span> %2$s"
 msgstr ""
 
+#: functions.php:97
+msgid "Primary Navigation"
+msgstr ""
+
+#: functions.php:133
+msgid "Berries"
+msgstr ""
+
+#: functions.php:139
+msgid "Cherry Blossoms"
+msgstr ""
+
+#: functions.php:145
+msgid "Concave"
+msgstr ""
+
+#: functions.php:151
+msgid "Fern"
+msgstr ""
+
+#: functions.php:157
+msgid "Forest Floor"
+msgstr ""
+
+#: functions.php:163
+msgid "Inkwell"
+msgstr ""
+
+#: functions.php:169
+msgid "Path"
+msgstr ""
+
+#: functions.php:175
+msgid "Sunset"
+msgstr ""
+
+#: functions.php:308
+msgid "%s <span class=\"says\">says:</span>"
+msgstr ""
+
+#: functions.php:311
+msgid "Your comment is awaiting moderation."
+msgstr ""
+
+#: functions.php:318
+msgid "%1$s at %2$s"
+msgstr ""
+
+#: functions.php:318 functions.php:335
+msgid "(Edit)"
+msgstr ""
+
+#: functions.php:335
+msgid "Pingback:"
+msgstr ""
+
+#: functions.php:354
+msgid "Primary Widget Area"
+msgstr ""
+
+#: functions.php:356
+msgid "The primary widget area"
+msgstr ""
+
+#: functions.php:365
+msgid "Secondary Widget Area"
+msgstr ""
+
+#: functions.php:367
+msgid "The secondary widget area"
+msgstr ""
+
+#: functions.php:376
+msgid "First Footer Widget Area"
+msgstr ""
+
+#: functions.php:378
+msgid "The first footer widget area"
+msgstr ""
+
+#: functions.php:387
+msgid "Second Footer Widget Area"
+msgstr ""
+
+#: functions.php:389
+msgid "The second footer widget area"
+msgstr ""
+
+#: functions.php:398
+msgid "Third Footer Widget Area"
+msgstr ""
+
+#: functions.php:400
+msgid "The third footer widget area"
+msgstr ""
+
+#: functions.php:409
+msgid "Fourth Footer Widget Area"
+msgstr ""
+
+#: functions.php:411
+msgid "The fourth footer widget area"
+msgstr ""
+
+#: functions.php:442
+msgid ""
+"<span class=\"%1$s\">Posted on</span> %2$s <span class=\"meta-sep\">by</"
+"span> %3$s"
+msgstr ""
+
+#: functions.php:451 attachment.php:33
+msgid "View all posts by %s"
+msgstr ""
+
+#: functions.php:468
+msgid ""
+"This entry was posted in %1$s and tagged %2$s. Bookmark the <a href=\"%3$s\" "
+"title=\"Permalink to %4$s\" rel=\"bookmark\">permalink</a>."
+msgstr ""
+
+#: functions.php:470
+msgid ""
+"This entry was posted in %1$s. Bookmark the <a href=\"%3$s\" title="
+"\"Permalink to %4$s\" rel=\"bookmark\">permalink</a>."
+msgstr ""
+
+#: functions.php:472
+msgid ""
+"Bookmark the <a href=\"%3$s\" title=\"Permalink to %4$s\" rel=\"bookmark"
+"\">permalink</a>."
+msgstr ""
+
+#: header.php:33
+msgid "Page %s"
+msgstr ""
+
+#: header.php:83
+msgid "Skip to content"
+msgstr ""
+
+#: author.php:27
+msgid "Author Archives: %s"
+msgstr ""
+
+#: author.php:37 single.php:40
+msgid "About %s"
+msgstr ""
+
+#: attachment.php:18
+msgid "Return to %s"
+msgstr ""
+
+#: attachment.php:20
+msgid "<span class=\"meta-nav\">&larr;</span> %s"
+msgstr ""
+
+#: attachment.php:29
+msgid "<span class=\"%1$s\">By</span> %2$s"
+msgstr ""
+
+#: attachment.php:40
+msgid "<span class=\"%1$s\">Published</span> %2$s"
+msgstr ""
+
+#: attachment.php:50
+msgid "Full size is %s pixels"
+msgstr ""
+
+#: attachment.php:53
+msgid "Link to full-size image"
+msgstr ""
+
 #: search.php:16
-#, php-format
 msgid "Search Results for: %s"
 msgstr ""
 
@@ -385,12 +335,20 @@ msgid ""
 "different keywords."
 msgstr ""
 
-#: sidebar.php:27
-msgid "Archives"
+#: archive.php:33
+msgid "Daily Archives: <span>%s</span>"
 msgstr ""
 
-#: sidebar.php:34
-msgid "Meta"
+#: archive.php:35
+msgid "Monthly Archives: <span>%s</span>"
+msgstr ""
+
+#: archive.php:37
+msgid "Yearly Archives: <span>%s</span>"
+msgstr ""
+
+#: archive.php:39
+msgid "Blog Archives"
 msgstr ""
 
 #: single.php:18 single.php:58
@@ -404,21 +362,23 @@ msgid "&rarr;"
 msgstr ""
 
 #: single.php:44
-#, php-format
 msgid "View all posts by %s <span class=\"meta-nav\">&rarr;</span>"
 msgstr ""
 
-#: tag.php:16
-#, php-format
-msgid "Tag Archives: %s"
-msgstr ""
-
 #. Theme Name of the plugin/theme
 msgid "Twenty Ten"
 msgstr ""
 
 #. Description of the plugin/theme
-msgid "The 2010 default theme for WordPress."
+msgid ""
+"The 2010 theme for WordPress is stylish, customizable, simple, and readable "
+"-- make it yours with a custom menu, header image, and background. Twenty "
+"Ten supports six widgetized areas (two in the sidebar, four in the footer) "
+"and featured images (thumbnails for gallery posts and custom header images "
+"for posts and pages). It includes stylesheets for print and the admin Visual "
+"Editor, special styles for posts in the \"Asides\" and \"Gallery\" "
+"categories, and has an optional one-column page template that removes the "
+"sidebar."
 msgstr ""
 
 #. Author of the plugin/theme

wp-content/themes/twentyten/loop.php

@@ -68,22 +68,23 @@
 			<div class="entry-content">
 <?php if ( post_password_required() ) : ?>
 				<?php the_content(); ?>
-<?php else : ?>
-				<div class="gallery-thumb">
-<?php
-	$images = get_children( array( 'post_parent' => $post->ID, 'post_type' => 'attachment', 'post_mime_type' => 'image', 'orderby' => 'menu_order', 'order' => 'ASC', 'numberposts' => 999 ) );
-	$total_images = count( $images );
-	$image = array_shift( $images );
-	$image_img_tag = wp_get_attachment_image( $image->ID, 'thumbnail' );
-?>
-					<a class="size-thumbnail" href="<?php the_permalink(); ?>"><?php echo $image_img_tag; ?></a>
-				</div><!-- .gallery-thumb -->
-				<p><em><?php printf( __( 'This gallery contains <a %1$s>%2$s photos</a>.', 'twentyten' ),
-						'href="' . get_permalink() . '" title="' . sprintf( esc_attr__( 'Permalink to %s', 'twentyten' ), the_title_attribute( 'echo=0' ) ) . '" rel="bookmark"',
-						$total_images
-					); ?></em></p>
-
-				<?php the_excerpt(); ?>
+<?php else : ?>			
+				<?php 
+					$images = get_children( array( 'post_parent' => $post->ID, 'post_type' => 'attachment', 'post_mime_type' => 'image', 'orderby' => 'menu_order', 'order' => 'ASC', 'numberposts' => 999 ) );
+					if ( $images ) :
+						$total_images = count( $images );
+						$image = array_shift( $images );
+						$image_img_tag = wp_get_attachment_image( $image->ID, 'thumbnail' );
+				?>
+						<div class="gallery-thumb">
+							<a class="size-thumbnail" href="<?php the_permalink(); ?>"><?php echo $image_img_tag; ?></a>
+						</div><!-- .gallery-thumb -->
+						<p><em><?php printf( __( 'This gallery contains <a %1$s>%2$s photos</a>.', 'twentyten' ),
+								'href="' . get_permalink() . '" title="' . sprintf( esc_attr__( 'Permalink to %s', 'twentyten' ), the_title_attribute( 'echo=0' ) ) . '" rel="bookmark"',
+								$total_images
+							); ?></em></p>
+				<?php endif; ?>
+						<?php the_excerpt(); ?>
 <?php endif; ?>
 			</div><!-- .entry-content -->
 

wp-content/themes/twentyten/page.php

@@ -3,8 +3,8 @@
  * The template for displaying all pages.
  *
  * This is the template that displays all pages by default.
- * Please note that this is the wordpress construct of pages
- * and that other 'pages' on your wordpress site will use a
+ * Please note that this is the WordPress construct of pages
+ * and that other 'pages' on your WordPress site will use a
  * different template.
  *
  * @package WordPress
@@ -22,9 +22,9 @@ get_header(); ?>
 				<div id="post-<?php the_ID(); ?>" <?php post_class(); ?>>
 					<?php if ( is_front_page() ) { ?>
 						<h2 class="entry-title"><?php the_title(); ?></h2>
-					<?php } else { ?>	
+					<?php } else { ?>
 						<h1 class="entry-title"><?php the_title(); ?></h1>
-					<?php } ?>				
+					<?php } ?>
 
 					<div class="entry-content">
 						<?php the_content(); ?>

wp-content/themes/twentyten/style.css

@@ -1,14 +1,14 @@
 /*
 Theme Name: Twenty Ten
 Theme URI: http://wordpress.org/
-Description: The 2010 default theme for WordPress.
+Description: The 2010 theme for WordPress is stylish, customizable, simple, and readable -- make it yours with a custom menu, header image, and background. Twenty Ten supports six widgetized areas (two in the sidebar, four in the footer) and featured images (thumbnails for gallery posts and custom header images for posts and pages). It includes stylesheets for print and the admin Visual Editor, special styles for posts in the "Asides" and "Gallery" categories, and has an optional one-column page template that removes the sidebar.
 Author: the WordPress team
-Version: 1.0
+Version: 1.1
 Tags: black, blue, white, two-columns, fixed-width, custom-header, custom-background, threaded-comments, sticky-post, translation-ready, microformats, rtl-language-support, editor-style
 */
 
 
-/* Reset default browser CSS. Based on work by Eric Meyer: http://meyerweb.com/eric/tools/css/reset/index.html
+/* =Reset default browser CSS. Based on work by Eric Meyer: http://meyerweb.com/eric/tools/css/reset/index.html
 -------------------------------------------------------------- */
 
 html, body, div, span, applet, object, iframe,
@@ -20,18 +20,18 @@ b, u, i, center,
 dl, dt, dd, ol, ul, li,
 fieldset, form, label, legend,
 table, caption, tbody, tfoot, thead, tr, th, td {
+	background: transparent;
+	border: 0;
 	margin: 0;
 	padding: 0;
-	border: 0;
 	vertical-align: baseline;
-	background: transparent;
 }
 body {
 	line-height: 1;
 }
 h1, h2, h3, h4, h5, h6 {
-	font-weight: normal;
 	clear: both;
+	font-weight: normal;
 }
 ol, ul {
 	list-style: none;
@@ -51,9 +51,12 @@ table {
 	border-collapse: collapse;
 	border-spacing: 0;
 }
-a img { border: none; }
-
+a img {
+	border: none;
+}
 
+/* =Layout
+-------------------------------------------------------------- */
 
 /*
 LAYOUT: Two columns
@@ -112,7 +115,6 @@ textarea,
 .pingback a.url {
 	font-family: Georgia, "Bitstream Charter", serif;
 }
-
 h3#comments-title,
 h3#reply-title,
 #access .menu,
@@ -138,8 +140,7 @@ h3#reply-title,
 .reply,
 .widget-title,
 .wp-caption-text,
-input[type=submit]
-{
+input[type=submit] {
 	font-family: "Helvetica Neue", Arial, Helvetica, "Nimbus Sans L", sans-serif;
 }
 pre {
@@ -150,7 +151,6 @@ code {
 }
 
 
-
 /* =Structure
 -------------------------------------------------------------- */
 
@@ -165,8 +165,8 @@ div.menu,
 	width: 940px;
 }
 #wrapper {
-	margin-top: 20px;
 	background: #fff;
+	margin-top: 20px;
 	padding: 0 20px;
 }
 
@@ -184,9 +184,9 @@ div.menu,
 }
 #site-info {
 	float: left;
-	width: 700px;
-	font-weight: bold;
 	font-size: 14px;
+	font-weight: bold;
+	width: 700px;
 }
 #site-generator {
 	float: right;
@@ -194,15 +194,13 @@ div.menu,
 }
 
 
-
 /* =Global Elements
 -------------------------------------------------------------- */
 
-/* Main global 'theme' and typographic styles  */
+/* Main global 'theme' and typographic styles */
 body {
 	background: #f1f1f1;
 }
-
 body,
 input,
 textarea {
@@ -211,11 +209,11 @@ textarea {
 	line-height: 18px;
 }
 hr {
-	background-color: #E7E7E7;
-	border:0;
+	background-color: #e7e7e7;
+	border: 0;
+	clear: both;
 	height: 1px;
 	margin-bottom: 18px;
-	clear:both;
 }
 
 /* Text elements */
@@ -231,22 +229,22 @@ ol {
 	margin: 0 0 18px 1.5em;
 }
 ol ol {
-	list-style:upper-alpha;
+	list-style: upper-alpha;
 }
 ol ol ol {
-	list-style:lower-roman;
+	list-style: lower-roman;
 }
 ol ol ol ol {
-	list-style:lower-alpha;
+	list-style: lower-alpha;
 }
 ul ul,
 ol ol,
 ul ol,
 ol ul {
-	margin-bottom:0;
+	margin-bottom: 0;
 }
 dl {
-	margin:0 0 24px 0;
+	margin: 0 0 24px 0;
 }
 dt {
 	font-weight: bold;
@@ -290,13 +288,12 @@ acronym {
 	border-bottom: 1px dotted #666;
 	cursor: help;
 }
-
 sup,
 sub {
 	height: 0;
 	line-height: 1;
-	vertical-align: baseline;
 	position: relative;
+	vertical-align: baseline;
 }
 sup {
 	bottom: 1ex;
@@ -306,22 +303,22 @@ sub {
 }
 input[type="text"],
 textarea {
-	padding: 2px;
 	background: #f9f9f9;
 	border: 1px solid #ccc;
 	box-shadow: inset 1px 1px 1px rgba(0,0,0,0.1);
 	-moz-box-shadow: inset 1px 1px 1px rgba(0,0,0,0.1);
 	-webkit-box-shadow: inset 1px 1px 1px rgba(0,0,0,0.1);
+	padding: 2px;
 }
 a:link {
-	color:#0066CC;
+	color: #0066cc;
 }
 a:visited {
-	color:#743399;
+	color: #743399;
 }
 a:active,
 a:hover {
-	color: #FF4B33;
+	color: #ff4b33;
 }
 
 /* Text meant only for screen readers */
@@ -331,7 +328,6 @@ a:hover {
 }
 
 
-
 /* =Header
 -------------------------------------------------------------- */
 
@@ -340,10 +336,10 @@ a:hover {
 }
 #site-title {
 	float: left;
-	margin: 0 0 18px 0;
-	width: 700px;
 	font-size: 30px;
 	line-height: 36px;
+	margin: 0 0 18px 0;
+	width: 700px;
 }
 #site-title a {
 	color: #000;
@@ -360,28 +356,28 @@ a:hover {
 
 /* This is the custom header image */
 #branding img {
-	clear: both;
 	border-top: 4px solid #000;
-	display: block;
 	border-bottom: 1px solid #000;
+	clear: both;
+	display: block;
 }
 
 
-
 /* =Menu
 -------------------------------------------------------------- */
 
 #access {
 	background: #000;
+	display: block;
+	float: left;
 	margin: 0 auto;
 	width: 940px;
-	display:block;
-	float:left;
 }
 #access .menu-header,
 div.menu {
 	font-size: 13px;
 	margin-left: 12px;
+	width: 928px;
 }
 #access .menu-header ul,
 div.menu ul {
@@ -390,49 +386,49 @@ div.menu ul {
 }
 #access .menu-header li,
 div.menu li {
-	float:left;
+	float: left;
 	position: relative;
 }
 #access a {
-	display:block;
-	text-decoration:none;
-	color:#aaa;
-	padding:0 10px;
-	line-height:38px;
+	color: #aaa;
+	display: block;
+	line-height: 38px;
+	padding: 0 10px;
+	text-decoration: none;
 }
 #access ul ul {
-	display:none;
-	position:absolute;
-	top:38px;
-	left:0;
-	float:left;
 	box-shadow: 0px 3px 3px rgba(0,0,0,0.2);
 	-moz-box-shadow: 0px 3px 3px rgba(0,0,0,0.2);
 	-webkit-box-shadow: 0px 3px 3px rgba(0,0,0,0.2);
+	display: none;
+	position: absolute;
+	top: 38px;
+	left: 0;
+	float: left;
 	width: 180px;
 	z-index: 99999;
 }
 #access ul ul li {
-	min-width: 180px;	
+	min-width: 180px;
 }
 #access ul ul ul {
-	left:100%;
-	top:0;
+	left: 100%;
+	top: 0;
 }
 #access ul ul a {
-	background:#333;
-	height:auto;
-	line-height:1em;
-	padding:10px;
+	background: #333;
+	line-height: 1em;
+	padding: 10px;
 	width: 160px;
+	height: auto;
 }
 #access li:hover > a,
 #access ul ul :hover > a {
-	color:#fff;
-	background:#333;
+	background: #333;
+	color: #fff;
 }
 #access ul li:hover > ul {
-	display:block;
+	display: block;
 }
 #access ul li.current_page_item > a,
 #access ul li.current-menu-ancestor > a,
@@ -440,19 +436,20 @@ div.menu li {
 #access ul li.current-menu-parent > a {
 	color: #fff;
 }
-
 * html #access ul li.current_page_item a,
 * html #access ul li.current-menu-ancestor a,
 * html #access ul li.current-menu-item a,
 * html #access ul li.current-menu-parent a,
 * html #access ul li a:hover {
-	color:#fff;
+	color: #fff;
 }
 
+
 /* =Content
 -------------------------------------------------------------- */
 
 #main {
+	clear: both;
 	overflow: hidden;
 	padding: 40px 0 0 0;
 }
@@ -472,13 +469,13 @@ div.menu li {
 #content dd,
 #content pre,
 #content hr {
-	margin-bottom:24px;
+	margin-bottom: 24px;
 }
 #content ul ul,
 #content ol ol,
 #content ul ol,
 #content ol ul {
-	margin-bottom:0;
+	margin-bottom: 0;
 }
 #content pre,
 #content kbd,
@@ -501,13 +498,13 @@ div.menu li {
 #content h5,
 #content h6 {
 	color: #000;
-	margin: 0 0 20px 0;
 	line-height: 1.5em;
+	margin: 0 0 20px 0;
 }
 #content table {
 	border: 1px solid #e7e7e7;
-	text-align: left;
 	margin: 0 -1px 24px 0;
+	text-align: left;
 	width: 100%;
 }
 #content tr th,
@@ -523,17 +520,17 @@ div.menu li {
 	padding: 6px 24px;
 }
 #content tr.odd td {
-	background: #F2F7FC;
+	background: #f2f7fc;
 }
 .hentry {
 	margin: 0 0 48px 0;
 }
 .home .sticky {
-	background: #F2F7FC;
+	background: #f2f7fc;
 	border-top: 4px solid #000;
-	padding: 18px 20px;
 	margin-left: -20px;
 	margin-right: -20px;
+	padding: 18px 20px;
 }
 .single .hentry {
 	margin: 0 0 36px 0;
@@ -552,28 +549,28 @@ div.menu li {
 }
 .page-title a:link,
 .page-title a:visited {
-	color:#888;
+	color: #888;
 	text-decoration: none;
 }
 .page-title a:active,
 .page-title a:hover {
-	color: #FF4B33;
+	color: #ff4b33;
 }
 #content .entry-title {
 	color: #000;
 	font-size: 21px;
-	line-height: 1.3em;
 	font-weight: bold;
+	line-height: 1.3em;
 	margin-bottom: 0;
 }
 .entry-title a:link,
 .entry-title a:visited {
-	color:#000;
+	color: #000;
 	text-decoration: none;
 }
 .entry-title a:active,
 .entry-title a:hover {
-	color: #FF4B33;
+	color: #ff4b33;
 }
 .entry-meta {
 	color: #888;
@@ -596,7 +593,7 @@ div.menu li {
 	margin-bottom: 12px;
 }
 .entry-content fieldset {
-	border: 1px solid #E7E7E7;
+	border: 1px solid #e7e7e7;
 	margin: 0 0 24px 0;
 	padding: 24px;
 }
@@ -640,46 +637,46 @@ div.menu li {
 }
 .page-link {
 	color: #000;
-	font-weight:bold;
-	margin:0 0 22px 0;
-	word-spacing:0.5em;
+	font-weight: bold;
+	margin: 0 0 22px 0;
+	word-spacing: 0.5em;
 }
 .page-link a:link,
 .page-link a:visited {
 	background: #f1f1f1;
-	color:#333;
-	font-weight:normal;
-	padding:0.5em 0.75em;
-	text-decoration:none;
+	color: #333;
+	font-weight: normal;
+	padding: 0.5em 0.75em;
+	text-decoration: none;
 }
 .home .sticky .page-link a {
-	background: #D9E8F7;
+	background: #d9e8f7;
 }
 .page-link a:active,
 .page-link a:hover {
-	color: #FF4B33;
+	color: #ff4b33;
 }
-.page .edit-link {
+body.page .edit-link {
 	clear: both;
 	display: block;
 }
 #entry-author-info {
-	background: #F2F7FC;
+	background: #f2f7fc;
 	border-top: 4px solid #000;
-	padding: 18px 20px;
-	margin: 24px 0;
-	overflow: hidden;
 	clear: both;
 	font-size: 14px;
 	line-height: 20px;
+	margin: 24px 0;
+	overflow: hidden;
+	padding: 18px 20px;
 }
 #entry-author-info #author-avatar {
 	background: #fff;
 	border: 1px solid #e7e7e7;
 	float: left;
+	height: 60px;
 	margin: 0 -104px 0 0;
 	padding: 11px;
-	height: 60px;
 }
 #entry-author-info #author-description {
 	float: left;
@@ -687,15 +684,15 @@ div.menu li {
 }
 #entry-author-info h2 {
 	color: #000;
-	font-weight: bold;
 	font-size: 100%;
+	font-weight: bold;
 	margin-bottom: 0;
 }
 .entry-utility {
+	clear: both;
 	color: #888;
 	font-size: 12px;
 	line-height: 18px;
-	clear: both;
 }
 .entry-meta a,
 .entry-utility a {
@@ -703,22 +700,21 @@ div.menu li {
 }
 .entry-meta a:hover,
 .entry-utility a:hover {
-	color: #FF4B33;
+	color: #ff4b33;
 }
 #content .video-player {
 	padding: 0;
 }
 
 
-
-/* Asides
+/* =Asides
 -------------------------------------------------------------- */
 
 .home #content .category-asides p {
 	font-size: 14px;
 	line-height: 20px;
 	margin-bottom: 10px;
-	margin-top:0;
+	margin-top: 0;
 }
 .home .hentry.category-asides {
 	padding: 0;
@@ -728,42 +724,26 @@ div.menu li {
 }
 
 
-
-
-/* Gallery listing
+/* =Gallery listing
 -------------------------------------------------------------- */
 
-.category-gallery {
-	margin-bottom: 48px;
-}
-.category-gallery h2 {
-	margin-top: 10px;
-}
-.category-gallery .entry-meta {
-}
 .category-gallery .size-thumbnail img {
 	border: 10px solid #f1f1f1;
 	margin-bottom: 0;
 }
 .category-gallery .gallery-thumb {
 	float: left;
-	margin-right:20px;
+	margin-right: 20px;
 	margin-top: -4px;
 }
-.home #content .category-gallery .entry-content p {
-	display: inline;
-}
 .home #content .category-gallery .entry-utility {
-	padding-top:4px;
+	padding-top: 4px;
 }
 
 
-/* Attachment pages
+/* =Attachment pages
 -------------------------------------------------------------- */
 
-.entry-content .attachment img {
-	margin-bottom: 0;
-}
 .attachment .entry-content .entry-caption {
 	font-size: 140%;
 	margin-top: 24px;
@@ -776,13 +756,14 @@ div.menu li {
 }
 
 
-
-/* Images
+/* =Images
 -------------------------------------------------------------- */
 
 #content img {
 	margin: 0;
+	height: auto;
 	max-width: 640px;
+	width: auto;
 }
 #content .attachment img {
 	max-width: 900px;
@@ -808,31 +789,31 @@ div.menu li {
 	margin-left: auto;
 	margin-right: auto;
 }
-#content img.alignleft, 
-#content img.alignright, 
+#content img.alignleft,
+#content img.alignright,
 #content img.aligncenter {
 	margin-bottom: 12px;
 }
 #content .wp-caption {
 	background: #f1f1f1;
 	line-height: 18px;
-	text-align: center;
 	margin-bottom: 20px;
 	padding: 4px;
+	text-align: center;
 }
 #content .wp-caption img {
 	margin: 5px 5px 0;
 }
 #content .wp-caption p.wp-caption-text {
-	margin: 5px;
 	color: #888;
 	font-size: 12px;
+	margin: 5px;
 }
 #content .wp-smiley {
-	margin:0;
+	margin: 0;
 }
 #content .gallery {
-	margin: auto;
+	margin: 0 auto 18px;
 }
 #content .gallery .gallery-item {
 	float: left;
@@ -857,17 +838,20 @@ div.menu li {
 #content .gallery br+br {
 	display: none;
 }
-
+#content .attachment img { /* single attachment images should be centered */
+	display: block;
+	margin: 0 auto;
+}
 
 
 /* =Navigation
 -------------------------------------------------------------- */
 
 .navigation {
-	font-size:  12px;
+	color: #888;
+	font-size: 12px;
 	line-height: 18px;
 	overflow: hidden;
-	color: #888;
 }
 .navigation a:link,
 .navigation a:visited {
@@ -876,7 +860,7 @@ div.menu li {
 }
 .navigation a:active,
 .navigation a:hover {
-	color: #FF4B33;
+	color: #ff4b33;
 }
 .nav-previous {
 	float: left;
@@ -884,8 +868,8 @@ div.menu li {
 }
 .nav-next {
 	float: right;
+	text-align: right;
 	width: 50%;
-	text-align:right;
 }
 #nav-above {
 	margin: 0 0 18px 0;
@@ -902,7 +886,6 @@ div.menu li {
 }
 
 
-
 /* =Comments
 -------------------------------------------------------------- */
 #comments {
@@ -914,8 +897,8 @@ div.menu li {
 h3#comments-title,
 h3#reply-title {
 	color: #000;
-	font-weight: bold;
 	font-size: 20px;
+	font-weight: bold;
 	margin-bottom: 0;
 }
 h3#comments-title {
@@ -933,8 +916,8 @@ h3#comments-title {
 	position: relative;
 }
 .commentlist li:last-child {
-	border-bottom:none;
-	margin-bottom:0;
+	border-bottom: none;
+	margin-bottom: 0;
 }
 #comments .comment-body ul,
 #comments .comment-body ol {
@@ -975,7 +958,7 @@ h3#comments-title {
 }
 .comment-meta a:active,
 .comment-meta a:hover {
-	color: #FF4B33;
+	color: #ff4b33;
 }
 .commentlist .even {
 }
@@ -991,7 +974,7 @@ a.comment-edit-link {
 }
 .reply a:hover,
 a.comment-edit-link:hover {
-	color: #FF4B33;
+	color: #ff4b33;
 }
 .commentlist .children {
 	list-style: none;
@@ -1006,34 +989,32 @@ a.comment-edit-link:hover {
 	display: none;
 }
 #comments .pingback {
+	border-bottom: 1px solid #e7e7e7;
 	margin-bottom: 18px;
 	padding-bottom: 18px;
-	border-bottom: 1px solid #e7e7e7;
 }
 .commentlist li.comment+li.pingback {
 	margin-top: -6px;
 }
 #comments .pingback p {
 	color: #888;
+	display: block;
 	font-size: 12px;
 	line-height: 18px;
-	display:block;
 	margin: 0;
 }
 #comments .pingback .url {
-	font-style: italic;
 	font-size: 13px;
+	font-style: italic;
 }
 
-
-
 /* Comments form */
 input[type=submit] {
 	color: #333;
 }
 #respond {
-	margin: 24px 0;
 	border-top: 1px solid #e7e7e7;
+	margin: 24px 0;
 	overflow: hidden;
 	position: relative;
 }
@@ -1060,23 +1041,23 @@ h3#reply-title {
 }
 #cancel-comment-reply-link {
 	font-size: 12px;
-	line-height: 18px;
 	font-weight: normal;
+	line-height: 18px;
 }
 #respond .required {
-	color:#FF4B33;
-	font-weight:bold;
+	color: #ff4b33;
+	font-weight: bold;
 }
 #respond label {
 	color: #888;
 	font-size: 12px;
 }
 #respond input {
-	margin:0 0 9px;
-	width:98%;
+	margin: 0 0 9px;
+	width: 98%;
 }
 #respond textarea {
-	width:98%;
+	width: 98%;
 }
 #respond .form-allowed-tags {
 	color: #888;
@@ -1090,8 +1071,8 @@ h3#reply-title {
 	margin: 12px 0;
 }
 #respond .form-submit input {
-	width: auto;
 	font-size: 14px;
+	width: auto;
 }
 
 
@@ -1106,11 +1087,11 @@ h3#reply-title {
 	list-style: square;
 	margin-left: 1.3em;
 }
-.widget_search #s { /* This keeps the search inputs in line */
+.widget_search #s {/* This keeps the search inputs in line */
 	width: 60%;
 }
 .widget_search label {
-	display:none;
+	display: none;
 }
 .widget-container {
 	margin: 0 0 18px 0;
@@ -1134,17 +1115,17 @@ h3#reply-title {
 	line-height: 1.6em;
 }
 #wp-calendar {
-	width:100%;
+	width: 100%;
 }
 #wp-calendar caption {
-	font-weight: bold;
 	color: #222;
-	text-align: left;
-	font-size:14px;
+	font-size: 14px;
+	font-weight: bold;
 	padding-bottom: 4px;
+	text-align: left;
 }
 #wp-calendar thead {
-	font-size:11px;
+	font-size: 11px;
 }
 #wp-calendar thead th {
 }
@@ -1152,9 +1133,9 @@ h3#reply-title {
 	color: #aaa;
 }
 #wp-calendar tbody td {
-	padding: 3px 0 2px;
 	background: #f5f5f5;
-	border:1px solid #fff;
+	border: 1px solid #fff;
+	padding: 3px 0 2px;
 	text-align: center;
 }
 #wp-calendar tbody .pad {
@@ -1167,11 +1148,11 @@ h3#reply-title {
 	color: #000;
 }
 .widget_rss a.rsswidget:hover {
-	color: #FF4B33;
+	color: #ff4b33;
 }
 .widget_rss .widget-title img {
-	height: 11px;
 	width: 11px;
+	height: 11px;
 }
 
 /* Main sidebars */
@@ -1194,7 +1175,6 @@ h3#reply-title {
 }
 
 
-
 /* =Footer
 -------------------------------------------------------------- */
 
@@ -1204,8 +1184,8 @@ h3#reply-title {
 #colophon {
 	border-top: 4px solid #000;
 	margin-top: -4px;
-	padding: 18px 0;
 	overflow: hidden;
+	padding: 18px 0;
 }
 #site-info {
 	font-weight: bold;
@@ -1215,28 +1195,27 @@ h3#reply-title {
 	text-decoration: none;
 }
 #site-generator {
-	position: relative;
 	font-style: italic;
+	position: relative;
 }
 #site-generator a {
-	color: #666;
-	display:inline-block;
-	text-decoration: none;
 	background: url(images/wordpress.png) center left no-repeat;
-	padding-left: 20px;
+	color: #666;
+	display: inline-block;
 	line-height: 16px;
+	padding-left: 20px;
+	text-decoration: none;
 }
 #site-generator a:hover {
 	text-decoration: underline;
 }
 img#wpstats {
-	display:block;
+	display: block;
 	margin: 0 auto 10px;
 }
 
 
-
-/* Mobile Safari ( iPad, iPhone and iPod Touch )
+/* =Mobile Safari ( iPad, iPhone and iPod Touch )
 -------------------------------------------------------------- */
 
 pre {
@@ -1257,18 +1236,17 @@ code {
 }
 
 
-
 /* =Print Style
 -------------------------------------------------------------- */
 
 @media print {
 	body {
-		background:none !important;
+		background: none !important;
 	}
 	#wrapper {
-		float: none !important;
 		clear: both !important;
 		display: block !important;
+		float: none !important;
 		position: relative !important;
 	}
 	#header {
@@ -1281,9 +1259,9 @@ code {
 	#site-title,
 	#site-description {
 		float: none;
-		margin: 0;
-		padding:0;
 		line-height: 1.4em;
+		margin: 0;
+		padding: 0;
 	}
 	#site-title {
 		font-size: 13pt;
@@ -1308,13 +1286,13 @@ code {
 	#container,
 	#header,
 	#footer {
-		width: 100%;
 		margin: 0;
+		width: 100%;
 	}
 	#content,
 	.one-column #content {
-		width: 100%;
 		margin: 24pt 0 0;
+		width: 100%;
 	}
 	.wp-caption p {
 		font-size: 11pt;
@@ -1328,19 +1306,19 @@ code {
 		width: auto;
 	}
 	img#wpstats {
-		display:none
+		display: none;
 	}
 	#site-generator a {
+		margin: 0;
 		padding: 0;
-	margin: 0;
 	}
 	#entry-author-info {
 		border: 1px solid #e7e7e7;
 	}
 	#main {
-		display:inline;
+		display: inline;
 	}
 	.home .sticky {
 		border: none;
 	}
-}
+}

wp-includes/canonical.php

@@ -103,10 +103,6 @@ function redirect_canonical($requested_url=null, $do_redirect=true) {
 		} elseif ( is_single() && !empty($_GET['p']) && ! $redirect_url ) {
 			if ( $redirect_url = get_permalink(get_query_var('p')) )
 				$redirect['query'] = remove_query_arg(array('p', 'post_type'), $redirect['query']);
-			if ( get_query_var( 'page' ) ) {
-				$redirect_url = trailingslashit( $redirect_url ) . user_trailingslashit( get_query_var( 'page' ), 'single_paged' );
-				$redirect['query'] = remove_query_arg( 'page', $redirect['query'] );
-			}
 		} elseif ( is_single() && !empty($_GET['name'])  && ! $redirect_url ) {
 			if ( $redirect_url = get_permalink( $wp_query->get_queried_object_id() ) )
 				$redirect['query'] = remove_query_arg('name', $redirect['query']);
@@ -156,8 +152,8 @@ function redirect_canonical($requested_url=null, $do_redirect=true) {
 
 			$obj = $wp_query->get_queried_object();
 
-			if ( $term_count <= 1 && !empty($obj->term_id) && ( $tax_url = get_term_link((int)$obj->term_id, $obj->taxonomy) ) && !is_wp_error($tax_url) ) {
-
+			if ( $term_count <= 1 && !empty($obj->term_id) && ( $tax_url = get_term_link((int)$obj->term_id, $obj->taxonomy) )
+					&& !is_wp_error($tax_url) && $redirect['query'] ) {
 				if ( is_category() ) {
 					$redirect['query'] = remove_query_arg( array( 'category_name', 'category', 'cat'), $redirect['query']);
 				} elseif ( is_tag() ) {
@@ -180,12 +176,18 @@ function redirect_canonical($requested_url=null, $do_redirect=true) {
 
 			}
 		} elseif ( is_single() && strpos($wp_rewrite->permalink_structure, '%category%') !== false ) {
-			$category = get_term_by('slug', get_query_var('category_name'), 'category');
+			$category = get_category_by_path(get_query_var('category_name'));
 			$post_terms = wp_get_object_terms($wp_query->get_queried_object_id(), 'category', array('fields' => 'tt_ids'));
 			if ( (!$category || is_wp_error($category)) || ( !is_wp_error($post_terms) && !empty($post_terms) && !in_array($category->term_taxonomy_id, $post_terms) ) )
 				$redirect_url = get_permalink($wp_query->get_queried_object_id());
 		}
 
+		// Post Paging
+		if ( is_singular() && get_query_var('page') && $redirect_url ) {
+			$redirect_url = trailingslashit( $redirect_url ) . user_trailingslashit( get_query_var( 'page' ), 'single_paged' );
+			$redirect['query'] = remove_query_arg( 'page', $redirect['query'] );
+		}
+
 		// paging and feeds
 		if ( get_query_var('paged') || is_feed() || get_query_var('cpage') ) {
 			if ( !$redirect_url )
@@ -343,6 +345,16 @@ function redirect_canonical($requested_url=null, $do_redirect=true) {
 
 	if ( !$redirect_url || $redirect_url == $requested_url )
 		return false;
+		
+	// Hex encoded octets are case-insensitive. 
+	if ( false !== strpos($requested_url, '%') ) {
+		if ( !function_exists('lowercase_octets') ) {
+			function lowercase_octets($matches) { 
+				return strtolower( $matches[0] ); 
+			} 
+		}
+		$requested_url = preg_replace_callback('|%[a-fA-F0-9][a-fA-F0-9]|', 'lowercase_octets', $requested_url);
+	}
 
 	// Note that you can use the "redirect_canonical" filter to cancel a canonical redirect for whatever reason by returning FALSE
 	$redirect_url = apply_filters('redirect_canonical', $redirect_url, $requested_url);

wp-includes/capabilities.php

@@ -728,7 +728,7 @@ class WP_User {
 		$caps = call_user_func_array( 'map_meta_cap', $args );
 
 		// Multisite super admin has all caps by definition, Unless specifically denied.
-		if ( is_multisite() && is_super_admin() ) {
+		if ( is_multisite() && is_super_admin( $this->ID ) ) {
 			if ( in_array('do_not_allow', $caps) )
 				return false;
 			return true;
@@ -799,9 +799,6 @@ function map_meta_cap( $cap, $user_id ) {
 	case 'remove_user':
 		$caps[] = 'remove_users';
 		break;
-	case 'delete_user':
-		$caps[] = 'delete_users';
-		break;
 	case 'promote_user':
 		$caps[] = 'promote_users';
 		break;
@@ -812,7 +809,7 @@ function map_meta_cap( $cap, $user_id ) {
 		// Fall through
 	case 'edit_users':
 		// If multisite these caps are allowed only for super admins.
-		if ( is_multisite() && !is_super_admin() )
+		if ( is_multisite() && !is_super_admin( $user_id ) )
 			$caps[] = 'do_not_allow';
 		else
 			$caps[] = 'edit_users'; // Explicit due to primitive fall through
@@ -991,7 +988,7 @@ function map_meta_cap( $cap, $user_id ) {
 			$caps[] = 'read_private_pages';
 		break;
 	case 'unfiltered_upload':
-		if ( defined('ALLOW_UNFILTERED_UPLOADS') && ALLOW_UNFILTERED_UPLOADS && ( !is_multisite() || is_super_admin() )  )
+		if ( defined('ALLOW_UNFILTERED_UPLOADS') && ALLOW_UNFILTERED_UPLOADS && ( !is_multisite() || is_super_admin( $user_id ) )  )
 			$caps[] = $cap;
 		else
 			$caps[] = 'do_not_allow';
@@ -1028,10 +1025,13 @@ function map_meta_cap( $cap, $user_id ) {
 	case 'delete_user':
 	case 'delete_users':
 		// If multisite these caps are allowed only for super admins.
-		if ( is_multisite() && !is_super_admin() )
+		if ( is_multisite() && !is_super_admin( $user_id ) ) {
 			$caps[] = 'do_not_allow';
-		else
+		} else {
+			if ( 'delete_user' == $cap )
+				$cap = 'delete_users';
 			$caps[] = $cap;
+		}
 		break;
 	case 'create_users':
 		if ( is_multisite() && !get_site_option( 'add_new_users' ) )
@@ -1079,9 +1079,6 @@ function current_user_can( $capability ) {
 function current_user_can_for_blog( $blog_id, $capability ) {
 	$current_user = wp_get_current_user();
 
-    if ( is_multisite() && is_super_admin() )
-		return true;
-
 	if ( empty( $current_user ) )
 		return false;
 
@@ -1112,7 +1109,7 @@ function author_can( $post, $capability ) {
 
 	$author = new WP_User( $post->post_author );
 
-	if ( empty( $author ) )
+	if ( empty( $author->ID ) )
 		return false;
 
 	$args = array_slice( func_get_args(), 2 );

wp-includes/class-http.php

@@ -240,7 +240,7 @@ class WP_Http {
 
 		$arrURL = parse_url($url);
 
-		if ( empty( $url ) || empty($url['scheme'] ) )
+		if ( empty( $url ) || empty( $arrURL['scheme'] ) )
 			return new WP_Error('http_request_failed', __('A valid URL was not provided.'));
 
 		if ( $this->block_request( $url ) )

wp-includes/classes.php

@@ -474,7 +474,7 @@ class WP {
 	function handle_404() {
 		global $wp_query;
 
-		if ( ( 0 == count( $wp_query->posts ) ) && !is_404() && !is_robots() && !is_search() && !is_home() ) {
+		if ( !is_admin() && ( 0 == count( $wp_query->posts ) ) && !is_404() && !is_robots() && !is_search() && !is_home() ) {
 			// Don't 404 for these queries if they matched an object.
 			if ( ( is_tag() || is_category() || is_tax() || is_author() ) && $wp_query->get_queried_object() && !is_paged() ) {
 				if ( !is_404() )

wp-includes/comment-template.php

@@ -735,6 +735,33 @@ function trackback_url( $deprecated_echo = true ) {
 		return get_trackback_url();
 }
 
+/**
+ * Generates and displays the RDF for the trackback information of current post.
+ *
+ * Deprecated in 3.0.0, and restored in 3.0.1.
+ *
+ * @since 0.71
+ *
+ * @param int $deprecated Not used (Was $timezone = 0)
+ */
+function trackback_rdf( $deprecated = '' ) {
+	if ( !empty( $deprecated ) )
+		_deprecated_argument( __FUNCTION__, '2.5' );
+
+	echo '<rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+			xmlns:dc="http://purl.org/dc/elements/1.1/"
+			xmlns:trackback="http://madskills.com/public/xml/rss/module/trackback/">
+		<rdf:Description rdf:about="';
+	the_permalink();
+	echo '"'."\n";
+	echo '    dc:identifier="';
+	the_permalink();
+	echo '"'."\n";
+	echo '    dc:title="'.str_replace('--', '&#x2d;&#x2d;', wptexturize(strip_tags(get_the_title()))).'"'."\n";
+	echo '    trackback:ping="'.get_trackback_url().'"'." />\n";
+	echo '</rdf:RDF>';
+}
+
 /**
  * Whether the current post is open for comments.
  *
@@ -890,7 +917,7 @@ function comments_template( $file = '/comments.php', $separate_comments = false
 	elseif ( file_exists( TEMPLATEPATH . $file ) )
 		require( TEMPLATEPATH .  $file );
 	else // Backward compat code will be removed in a future release
-		require( WPINC . '/theme-compat/comments.php');
+		require( ABSPATH . WPINC . '/theme-compat/comments.php');
 }
 
 /**

wp-includes/comment.php

@@ -18,9 +18,8 @@
  * check fails. If any of the parameter contents match the blacklist of words,
  * then the check fails.
  *
- * If the comment is a trackback and part of the blogroll, then the trackback is
- * automatically whitelisted. If the comment author was approved before, then
- * the comment is automatically whitelisted.
+ * If the comment author was approved before, then the comment is
+ * automatically whitelisted.
  *
  * If none of the checks fail, then the failback is to set the check to pass
  * (return true).
@@ -80,16 +79,7 @@ function check_comment($author, $email, $url, $comment, $user_ip, $user_agent, $
 
 	// Comment whitelisting:
 	if ( 1 == get_option('comment_whitelist')) {
-		if ( 'trackback' == $comment_type || 'pingback' == $comment_type ) { // check if domain is in blogroll
-			$uri = parse_url($url);
-			$domain = $uri['host'];
-			$uri = parse_url( home_url() );
-			$home_domain = $uri['host'];
-			if ( $wpdb->get_var($wpdb->prepare("SELECT link_id FROM $wpdb->links WHERE link_url LIKE (%s) LIMIT 1", '%'.$domain.'%')) || $domain == $home_domain )
-				return true;
-			else
-				return false;
-		} elseif ( $author != '' && $email != '' ) {
+		if ( 'trackback' != $comment_type && 'pingback' != $comment_type && $author != '' && $email != '' ) {
 			// expected_slashed ($author, $email)
 			$ok_to_comment = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_author = '$author' AND comment_author_email = '$email' and comment_approved = '1' LIMIT 1");
 			if ( ( 1 == $ok_to_comment ) &&
@@ -1654,7 +1644,7 @@ function do_trackbacks($post_id) {
 				trackback($tb_ping, $post_title, $excerpt, $post_id);
 				$pinged[] = $tb_ping;
 			} else {
-				$wpdb->query( $wpdb->prepare("UPDATE $wpdb->posts SET to_ping = TRIM(REPLACE(to_ping, '$tb_ping', '')) WHERE ID = %d", $post_id) );
+				$wpdb->query( $wpdb->prepare("UPDATE $wpdb->posts SET to_ping = TRIM(REPLACE(to_ping, %s, '')) WHERE ID = %d", $tb_ping, $post_id) );
 			}
 		}
 	}

wp-includes/default-filters.php

@@ -31,10 +31,12 @@ foreach ( array( 'pre_term_description', 'pre_link_description', 'pre_link_notes
 	add_filter( $filter, 'wp_filter_kses' );
 }
 
-// Kses only for textarea saves displays
+// Kses only for textarea admin displays
 foreach ( array( 'term_description', 'link_description', 'link_notes', 'user_description' ) as $filter ) {
 	add_filter( $filter, 'wp_kses_data' );
 }
+if ( is_admin() )
+	add_filter( 'comment_text', 'wp_kses_post' );
 
 // Email saves
 foreach ( array( 'pre_comment_author_email', 'pre_user_email' ) as $filter ) {
@@ -73,6 +75,9 @@ foreach ( array( 'pre_term_slug' ) as $filter ) {
 foreach ( array( 'pre_post_type' ) as $filter ) {
 	add_filter( $filter, 'sanitize_user' );
 }
+foreach ( array( 'pre_post_status', 'pre_post_comment_status', 'pre_post_ping_status' ) as $filter ) {
+	add_filter( $filter, 'sanitize_key' );
+}
 
 // Places to balance tags on input
 foreach ( array( 'content_save_pre', 'excerpt_save_pre', 'comment_save_pre', 'pre_comment_content' ) as $filter ) {
@@ -88,7 +93,7 @@ foreach ( array( 'comment_author', 'term_name', 'link_name', 'link_description',
 
 // Format WordPress
 foreach ( array( 'the_content', 'the_title', 'comment_text' ) as $filter )
-	add_filter( $filter, 'capital_P_dangit' );
+	add_filter( $filter, 'capital_P_dangit', 11 );
 
 // Format titles
 foreach ( array( 'single_post_title', 'single_cat_title', 'single_tag_title', 'single_month_title', 'nav_menu_attr_title', 'nav_menu_description' ) as $filter ) {

wp-includes/default-widgets.php

@@ -1067,6 +1067,8 @@ class WP_Widget_Tag_Cloud extends WP_Widget {
 		if ( !$nav_menu )
 			return;
 
+		$instance['title'] = apply_filters('widget_title', $instance['title'], $instance, $this->id_base);
+
 		echo $args['before_widget'];
 
 		if ( !empty($instance['title']) )

wp-includes/deprecated.php

@@ -2501,19 +2501,6 @@ function funky_javascript_fix($text) {
 	return $text;
 }
 
-/**
- * Generates and displays the RDF for the trackback information of current post.
- *
- * @since 0.71
- * @deprecated 3.0.0
- *
- * @param int $deprecated Not used (Was $timezone = 0)
- */
-function trackback_rdf($deprecated = '') {
-	_deprecated_function( __FUNCTION__, '3.0' );
-	return '';
-}
-
 /**
  * Checks that the taxonomy name exists.
  *

wp-includes/formatting.php

@@ -2236,7 +2236,8 @@ function esc_url( $url, $protocols = null, $_context = 'display' ) {
 
 	// Replace ampersands and single quotes only when displaying.
 	if ( 'display' == $_context ) {
-		$url = preg_replace('/&([^#])(?![a-z]{2,8};)/', '&$1', $url);
+		$url = wp_kses_normalize_entities( $url );
+		$url = str_replace( '&', '&', $url );
 		$url = str_replace( "'", ''', $url );
 	}
 
@@ -2825,8 +2826,20 @@ function sanitize_text_field($str) {
  *
  * @since 3.0.0
  */
+
 function capital_P_dangit( $text ) {
-       return str_replace( 'Wordpress', 'WordPress', $text );
+	// Simple replacement for titles
+	if ( 'the_title' === current_filter() )
+		return str_replace( 'Wordpress', 'WordPress', $text );
+	// Still here? Use the more judicious replacement
+	static $dblq = false;
+	if ( false === $dblq )
+		$dblq = _x('“', 'opening curly quote');
+	return str_replace(
+		array( ' Wordpress', '‘Wordpress', $dblq . 'Wordpress', '>Wordpress', '(Wordpress' ),
+		array( ' WordPress', '‘WordPress', $dblq . 'WordPress', '>WordPress', '(WordPress' ),
+	$text );
+
 }
 
 ?>

wp-includes/functions.php

@@ -2125,7 +2125,7 @@ function wp_upload_dir( $time = null ) {
 	$siteurl = get_option( 'siteurl' );
 	$upload_path = get_option( 'upload_path' );
 	$upload_path = trim($upload_path);
-	$main_override = defined( 'MULTISITE' ) && is_main_site();
+	$main_override = is_multisite() && defined( 'MULTISITE' ) && is_main_site();
 	if ( empty($upload_path) ) {
 		$dir = WP_CONTENT_DIR . '/uploads';
 	} else {

wp-includes/general-template.php

@@ -32,7 +32,7 @@ function get_header( $name = null ) {
 
 	// Backward compat code will be removed in a future release
 	if ('' == locate_template($templates, true))
-		load_template( WPINC . '/theme-compat/header.php');
+		load_template( ABSPATH . WPINC . '/theme-compat/header.php');
 }
 
 /**
@@ -61,7 +61,7 @@ function get_footer( $name = null ) {
 
 	// Backward compat code will be removed in a future release
 	if ('' == locate_template($templates, true))
-		load_template( WPINC . '/theme-compat/footer.php');
+		load_template( ABSPATH . WPINC . '/theme-compat/footer.php');
 }
 
 /**
@@ -90,7 +90,7 @@ function get_sidebar( $name = null ) {
 
 	// Backward compat code will be removed in a future release
 	if ('' == locate_template($templates, true))
-		load_template( WPINC . '/theme-compat/sidebar.php');
+		load_template( ABSPATH . WPINC . '/theme-compat/sidebar.php');
 }
 
 /**
@@ -1721,10 +1721,11 @@ function rich_edit_exists() {
  * @return bool
  */
 function user_can_richedit() {
-	global $wp_rich_edit, $pagenow;
+	global $wp_rich_edit, $pagenow, $is_iphone;
 
 	if ( !isset( $wp_rich_edit) ) {
 		if ( get_user_option( 'rich_editing' ) == 'true' &&
+			!$is_iphone && // this includes all Safari mobile browsers
 			( ( preg_match( '!AppleWebKit/(\d+)!', $_SERVER['HTTP_USER_AGENT'], $match ) && intval($match[1]) >= 420 ) ||
 				!preg_match( '!opera[ /][2-8]|konqueror|safari!i', $_SERVER['HTTP_USER_AGENT'] ) )
 				&& 'comment.php' != $pagenow ) {

wp-includes/kses.php

@@ -1,26 +1,33 @@
 <?php
 /**
- * HTML/XHTML filter that only allows some elements and attributes
+ * kses 0.2.2 - HTML/XHTML filter that only allows some elements and attributes
+ * Copyright (C) 2002, 2003, 2005  Ulf Harnhammar
+ *
+ * This program is free software and open source software; you can redistribute
+ * it and/or modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the License,
+ * or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA  or visit
+ * http://www.gnu.org/licenses/gpl.html
+ * 
+ * [kses strips evil scripts!]
  *
  * Added wp_ prefix to avoid conflicts with existing kses users
  *
  * @version 0.2.2
  * @copyright (C) 2002, 2003, 2005
- * @author Ulf Harnhammar <metaur@users.sourceforge.net>
+ * @author Ulf Harnhammar <http://advogato.org/person/metaur/>
  *
  * @package External
  * @subpackage KSES
- *
- * @internal
- * *** CONTACT INFORMATION ***
- * E-mail:      metaur at users dot sourceforge dot net
- * Web page:    http://sourceforge.net/projects/kses
- * Paper mail:  Ulf Harnhammar
- *              Ymergatan 17 C
- *              753 25  Uppsala
- *              SWEDEN
- *
- * [kses strips evil scripts!]
  */
 
 /**
@@ -670,7 +677,7 @@ function wp_kses_attr($element, $attr, $allowed_html, $allowed_protocols) {
 					break;
 				}
 
-			if ( $arreach['name'] == 'style' ) {
+			if ( strtolower($arreach['name']) == 'style' ) {
 				$orig_value = $arreach['value'];
 
 				$value = safecss_filter_attr($orig_value);
@@ -762,7 +769,7 @@ function wp_kses_hair($attr, $allowed_protocols) {
 					# "value"
 					{
 					$thisval = $match[1];
-					if ( in_array($attrname, $uris) )
+					if ( in_array(strtolower($attrname), $uris) )
 						$thisval = wp_kses_bad_protocol($thisval, $allowed_protocols);
 
 					if(FALSE === array_key_exists($attrname, $attrarr)) {
@@ -778,7 +785,7 @@ function wp_kses_hair($attr, $allowed_protocols) {
 					# 'value'
 					{
 					$thisval = $match[1];
-					if ( in_array($attrname, $uris) )
+					if ( in_array(strtolower($attrname), $uris) )
 						$thisval = wp_kses_bad_protocol($thisval, $allowed_protocols);
 
 					if(FALSE === array_key_exists($attrname, $attrarr)) {
@@ -794,7 +801,7 @@ function wp_kses_hair($attr, $allowed_protocols) {
 					# value
 					{
 					$thisval = $match[1];
-					if ( in_array($attrname, $uris) )
+					if ( in_array(strtolower($attrname), $uris) )
 						$thisval = wp_kses_bad_protocol($thisval, $allowed_protocols);
 
 					if(FALSE === array_key_exists($attrname, $attrarr)) {
@@ -1017,14 +1024,9 @@ function wp_kses_html_error($string) {
  * @return string Sanitized content
  */
 function wp_kses_bad_protocol_once($string, $allowed_protocols) {
-	global $_kses_allowed_protocols;
-	$_kses_allowed_protocols = $allowed_protocols;
-
-	$string2 = preg_split('/:|&#58;|&#x3a;/i', $string, 2);
-	if ( isset($string2[1]) && !preg_match('%/\?%', $string2[0]) )
-		$string = wp_kses_bad_protocol_once2($string2[0]) . trim($string2[1]);
-	else
-		$string = preg_replace_callback('/^((&[^;]*;|[\sA-Za-z0-9])*)'.'(:|&#58;|&#[Xx]3[Aa];)\s*/', 'wp_kses_bad_protocol_once2', $string);
+	$string2 = preg_split( '/:|&#0*58;|&#x0*3a;/i', $string, 2 );
+	if ( isset($string2[1]) && ! preg_match('%/\?%', $string2[0]) )
+		$string = wp_kses_bad_protocol_once2( $string2[0], $allowed_protocols ) . trim( $string2[1] );
 
 	return $string;
 }
@@ -1038,29 +1040,19 @@ function wp_kses_bad_protocol_once($string, $allowed_protocols) {
  * @access private
  * @since 1.0.0
  *
- * @param mixed $matches string or preg_replace_callback() matches array to check for bad protocols
+ * @param string $string URI scheme to check against the whitelist
+ * @param string $allowed_protocols Allowed protocols
  * @return string Sanitized content
  */
-function wp_kses_bad_protocol_once2($matches) {
-	global $_kses_allowed_protocols;
-
-	if ( is_array($matches) ) {
-		if ( empty($matches[1]) )
-			return '';
-
-		$string = $matches[1];
-	} else {
-		$string = $matches;
-	}
-
+function wp_kses_bad_protocol_once2( $string, $allowed_protocols ) {
 	$string2 = wp_kses_decode_entities($string);
 	$string2 = preg_replace('/\s/', '', $string2);
 	$string2 = wp_kses_no_null($string2);
 	$string2 = strtolower($string2);
 
 	$allowed = false;
-	foreach ( (array) $_kses_allowed_protocols as $one_protocol)
-		if (strtolower($one_protocol) == $string2) {
+	foreach ( (array) $allowed_protocols as $one_protocol )
+		if ( strtolower($one_protocol) == $string2 ) {
 			$allowed = true;
 			break;
 		}
@@ -1373,10 +1365,10 @@ function safecss_filter_attr( $css, $deprecated = '' ) {
 	$css = wp_kses_no_null($css);
 	$css = str_replace(array("\n","\r","\t"), '', $css);
 
-	if ( preg_match( '%[\\(&]|/\*%', $css ) ) // remove any inline css containing \ ( & or comments
+	if ( preg_match( '%[\\(&=}]|/\*%', $css ) ) // remove any inline css containing \ ( & } = or comments
 		return '';
 
-	$css_array = split( ';', trim( $css ) );
+	$css_array = explode( ';', trim( $css ) );
 	$allowed_attr = apply_filters( 'safe_style_css', array( 'text-align', 'margin', 'color', 'float',
 	'border', 'background', 'background-color', 'border-bottom', 'border-bottom-color',
 	'border-bottom-style', 'border-bottom-width', 'border-collapse', 'border-color', 'border-left',

wp-includes/link-template.php

@@ -108,7 +108,7 @@ function get_permalink($id = 0, $leavename = false) {
 	elseif ( $post->post_type == 'attachment' )
 		return get_attachment_link($post->ID);
 	elseif ( in_array($post->post_type, get_post_types( array('_builtin' => false) ) ) )
-		return get_post_permalink($post, $leavename, $sample);
+		return get_post_permalink($post->ID, $leavename, $sample);
 
 	$permalink = get_option('permalink_structure');
 
@@ -204,7 +204,7 @@ function get_post_permalink( $id = 0, $leavename = false, $sample = false ) {
 		$post_link = home_url($post_link);
 	}
 
-	return apply_filters('post_type_link', $post_link, $id, $leavename, $sample);
+	return apply_filters('post_type_link', $post_link, $post, $leavename, $sample);
 }
 
 /**
@@ -2215,7 +2215,7 @@ function wp_shortlink_wp_head() {
 	if ( empty( $shortlink ) )
 		return;
 
-	echo "<link rel='shortlink' href='" . esc_url_raw( $shortlink ) . "' />\n";
+	echo "<link rel='shortlink' href='" . esc_url( $shortlink ) . "' />\n";
 }
 
 /**

wp-includes/load.php

@@ -579,7 +579,7 @@ function is_multisite() {
 	if ( defined( 'MULTISITE' ) )
 		return MULTISITE;
 
-	if ( defined( 'VHOST' ) || defined( 'SUNRISE' ) )
+	if ( defined( 'SUBDOMAIN_INSTALL' ) || defined( 'VHOST' ) || defined( 'SUNRISE' ) )
 		return true;
 
 	return false;

wp-includes/meta.php

@@ -113,7 +113,7 @@ function update_metadata($meta_type, $object_id, $meta_key, $meta_value, $prev_v
 	if ( empty($prev_value) ) {
 		$old_value = get_metadata($meta_type, $object_id, $meta_key);
 		if ( count($old_value) == 1 ) {
-			if ( $old_value[0] == $meta_value )
+			if ( $old_value[0] === $meta_value )
 				return false;
 		}
 	}

wp-includes/ms-blogs.php

@@ -371,7 +371,7 @@ function update_blog_option( $id, $key, $value, $refresh = true ) {
 }
 
 function switch_to_blog( $new_blog, $validate = false ) {
-	global $wpdb, $table_prefix, $blog_id, $switched, $switched_stack, $wp_roles, $current_user, $wp_object_cache;
+	global $wpdb, $table_prefix, $blog_id, $switched, $switched_stack, $wp_roles, $wp_object_cache;
 
 	if ( empty($new_blog) )
 		$new_blog = $blog_id;
@@ -406,9 +406,12 @@ function switch_to_blog( $new_blog, $validate = false ) {
 			$wp_roles->__construct();
 		$wpdb->suppress_errors( false );
 	}
-
-	if ( is_object( $current_user ) )
-		$current_user->for_blog( $blog_id );
+ 
+	if ( did_action('init') ) {
+		$current_user = wp_get_current_user();	
+		if ( is_object( $current_user ) )
+			$current_user->for_blog( $blog_id );
+	}
 
 	if ( is_object( $wp_object_cache ) && isset( $wp_object_cache->global_groups ) )
 		$global_groups = $wp_object_cache->global_groups;
@@ -430,7 +433,7 @@ function switch_to_blog( $new_blog, $validate = false ) {
 }
 
 function restore_current_blog() {
-	global $table_prefix, $wpdb, $blog_id, $switched, $switched_stack, $wp_roles, $current_user, $wp_object_cache;
+	global $table_prefix, $wpdb, $blog_id, $switched, $switched_stack, $wp_roles, $wp_object_cache;
 
 	if ( !$switched )
 		return false;
@@ -460,8 +463,11 @@ function restore_current_blog() {
 		$wpdb->suppress_errors( false );
 	}
 
-	if ( is_object( $current_user ) )
-		$current_user->for_blog( $blog_id );
+	if ( did_action('init') ) {
+		$current_user = wp_get_current_user();
+		if ( is_object( $current_user ) )
+			$current_user->for_blog( $blog_id );
+	}
 
 	if ( is_object( $wp_object_cache ) && isset( $wp_object_cache->global_groups ) )
 		$global_groups = $wp_object_cache->global_groups;

wp-includes/ms-deprecated.php

@@ -48,10 +48,10 @@ function is_site_admin( $user_login = '' ) {
 		if ( !$user_id )
 			return false;
 	} else {
-		$user = new WP_User( null, $user_login) ;
-		if ( empty( $user->id ) )
+		$user = get_user_by( 'login', $user_login );
+		if ( empty( $user->ID ) )
 			return false;
-		$user_id = $user->id;
+		$user_id = $user->ID;
 	}
 
 	return is_super_admin( $user_id );

wp-includes/ms-files.php

@@ -29,14 +29,14 @@ if ( !is_file( $file ) ) {
 	die( '404 — File not found.' );
 }
 
-$mime = wp_check_filetype( $_SERVER[ 'REQUEST_URI' ] );
+$mime = wp_check_filetype( $file );
 if( false === $mime[ 'type' ] && function_exists( 'mime_content_type' ) )
 	$mime[ 'type' ] = mime_content_type( $file );
 
 if( $mime[ 'type' ] )
 	$mimetype = $mime[ 'type' ];
 else
-	$mimetype = 'image/' . substr( $_SERVER[ 'REQUEST_URI' ], strrpos( $_SERVER[ 'REQUEST_URI' ], '.' ) + 1 );
+	$mimetype = 'image/' . substr( $file, strrpos( $file, '.' ) + 1 );
 
 header( 'Content-type: ' . $mimetype ); // always send this
 if ( false === strpos( $_SERVER['SERVER_SOFTWARE'], 'Microsoft-IIS' ) )

wp-includes/ms-functions.php

@@ -209,7 +209,7 @@ function add_user_to_blog( $blog_id, $user_id, $role ) {
 
 	$user = new WP_User($user_id);
 
-	if ( empty($user) || !$user->ID )
+	if ( empty( $user->ID ) )
 		return new WP_Error('user_does_not_exist', __('That user does not exist.'));
 
 	if ( !get_user_meta($user_id, 'primary_blog', true) ) {
@@ -253,6 +253,9 @@ function remove_user_from_blog($user_id, $blog_id = '', $reassign = '') {
 
 	// wp_revoke_user($user_id);
 	$user = new WP_User($user_id);
+	if ( empty( $user->ID ) )
+		return new WP_Error('user_does_not_exist', __('That user does not exist.'));
+
 	$user->remove_all_caps();
 
 	$blogs = get_blogs_of_user($user_id);
@@ -372,8 +375,9 @@ function wpmu_admin_redirect_add_updated_param( $url = '' ) {
 }
 
 function is_blog_user( $blog_id = 0 ) {
-	global $current_user, $wpdb;
-
+	global $wpdb;
+ 
+	$current_user = wp_get_current_user();
 	if ( !$blog_id )
 		$blog_id = $wpdb->blogid;
 
@@ -652,7 +656,7 @@ function wpmu_signup_blog_notification($domain, $path, $title, $user, $user_emai
 	$message_headers = "From: \"{$from_name}\" <{$admin_email}>\n" . "Content-Type: text/plain; charset=\"" . get_option('blog_charset') . "\"\n";
 	$message = sprintf( apply_filters( 'wpmu_signup_blog_notification_email', __( "To activate your blog, please click the following link:\n\n%s\n\nAfter you activate, you will receive *another email* with your login.\n\nAfter you activate, you can visit your site here:\n\n%s" ) ), $activate_url, esc_url( "http://{$domain}{$path}" ), $key );
 	// TODO: Don't hard code activation link.
-	$subject = sprintf( apply_filters( 'wpmu_signup_blog_notification_subject', __( '[%1s] Activate %2s' ) ), $from_name, esc_url( 'http://' . $domain . $path ) );
+	$subject = sprintf( apply_filters( 'wpmu_signup_blog_notification_subject', __( '[%1$s] Activate %2$s' ) ), $from_name, esc_url( 'http://' . $domain . $path ) );
 	wp_mail($user_email, $subject, $message, $message_headers);
 	return true;
 }
@@ -669,7 +673,7 @@ function wpmu_signup_user_notification($user, $user_email, $key, $meta = '') {
 	$message_headers = "From: \"{$from_name}\" <{$admin_email}>\n" . "Content-Type: text/plain; charset=\"" . get_option('blog_charset') . "\"\n";
 	$message = sprintf( apply_filters( 'wpmu_signup_user_notification_email', __( "To activate your user, please click the following link:\n\n%s\n\nAfter you activate, you will receive *another email* with your login.\n\n" ) ), site_url( "wp-activate.php?key=$key" ), $key );
 	// TODO: Don't hard code activation link.
-	$subject = sprintf( __( apply_filters( 'wpmu_signup_user_notification_subject', '[%1s] Activate %2s' ) ), $from_name, $user);
+	$subject = sprintf( __( apply_filters( 'wpmu_signup_user_notification_subject', '[%1$s] Activate %2$s' ) ), $from_name, $user);
 	wp_mail($user_email, $subject, $message, $message_headers);
 	return true;
 }
@@ -1319,17 +1323,13 @@ function fix_phpmailer_messageid( $phpmailer ) {
 
 function is_user_spammy( $username = 0 ) {
 	if ( $username == 0 ) {
-		global $current_user;
-		$user_id = $current_user->ID;
+		$user_id = get_current_user_id();
 	} else {
 		$user_id = get_user_id_from_string( $username );
 	}
 	$u = new WP_User( $user_id );
 
-	if ( $u->spam == 1 )
-		return true;
-
-	return false;
+	return ( isset( $u->spam ) && $u->spam == 1 );
 }
 
 function update_blog_public( $old_value, $value ) {
@@ -1360,8 +1360,9 @@ function get_dashboard_blog() {
 }
 
 function is_user_option_local( $key, $user_id = 0, $blog_id = 0 ) {
-	global $current_user, $wpdb;
+	global $wpdb;
 
+	$current_user = wp_get_current_user();
 	if ( $user_id == 0 )
 		$user_id = $current_user->ID;
 	if ( $blog_id == 0 )

wp-includes/ms-load.php

@@ -182,11 +182,10 @@ function wpmu_current_site() {
 	}
 
 	// Still no dice.
-	// @todo Update or remove WPMU codex link.
 	if ( 1 == count( $sites ) )
 		wp_die( sprintf( /*WP_I18N_BLOG_DOESNT_EXIST*/'That site does not exist. Please try <a href="%s">%s</a>.'/*/WP_I18N_BLOG_DOESNT_EXIST*/, $sites[0]->domain . $sites[0]->path ) );
 	else
-		wp_die( /*WP_I18N_NO_SITE_DEFINED*/'No site defined on this host. If you are the owner of this site, please check <a href="http://codex.wordpress.org/Debugging_WPMU">Debugging WPMU</a> for help.'/*/WP_I18N_NO_SITE_DEFINED*/ );
+		wp_die( /*WP_I18N_NO_SITE_DEFINED*/'No site defined on this host. If you are the owner of this site, please check <a href="http://codex.wordpress.org/Debugging_a_WordPress_Network">Debugging a WordPress Network</a> for help.'/*/WP_I18N_NO_SITE_DEFINED*/ );
 }
 
 /**
@@ -194,8 +193,6 @@ function wpmu_current_site() {
  *
  * Used when a blog's tables do not exist. Checks for a missing $wpdb->site table as well.
  *
- * @todo update Codex link for 3.0.0
- *
  * @access private
  * @since 3.0.0
  */
@@ -213,7 +210,7 @@ function ms_not_installed() {
 	else
 		$msg .= '<p>' . sprintf( /*WP_I18N_NO_SITE_FOUND*/'<strong>Could not find site <code>%1$s</code>.</strong> Searched for table <code>%2$s</code> in database <code>%3$s</code>. Is that right?'/*/WP_I18N_NO_SITE_FOUND*/, rtrim( $domain . $path, '/' ), $wpdb->blogs, DB_NAME ) . '</p>';
 	$msg .= '<p><strong>' . /*WP_I18N_WHAT_DO_I_DO*/'What do I do now?'/*WP_I18N_WHAT_DO_I_DO*/ . '</strong> ';
-	$msg .= /*WP_I18N_RTFM*/'Read the <a target="_blank" href="http://codex.wordpress.org/Debugging_WPMU">bug report</a> page. Some of the guidelines there may help you figure out what went wrong.'/*/WP_I18N_RTFM*/;
+	$msg .= /*WP_I18N_RTFM*/'Read the <a target="_blank" href="http://codex.wordpress.org/Debugging_a_WordPress_Network">bug report</a> page. Some of the guidelines there may help you figure out what went wrong.'/*/WP_I18N_RTFM*/;
 	$msg .= ' ' . /*WP_I18N_STUCK*/'If you&#8217;re still stuck with this message, then check that your database contains the following tables:'/*/WP_I18N_STUCK*/ . '</p><ul>';
 	foreach ( $wpdb->tables('global') as $t => $table ) {
 		if ( 'sitecategories' == $t )

wp-includes/nav-menu-template.php

@@ -71,11 +71,15 @@ class Walker_Nav_Menu extends Walker {
 		$class_names = $value = '';
 
 		$classes = empty( $item->classes ) ? array() : (array) $item->classes;
+		$classes[] = 'menu-item-' . $item->ID;
 
 		$class_names = join( ' ', apply_filters( 'nav_menu_css_class', array_filter( $classes ), $item ) );
 		$class_names = ' class="' . esc_attr( $class_names ) . '"';
 
-		$output .= $indent . '<li id="menu-item-'. $item->ID . '"' . $value . $class_names .'>';
+		$id = apply_filters( 'nav_menu_item_id', 'menu-item-'. $item->ID, $item, $args );
+		$id = strlen( $id ) ? ' id="' . esc_attr( $id ) . '"' : '';
+
+		$output .= $indent . '<li' . $id . $value . $class_names .'>';
 
 		$attributes  = ! empty( $item->attr_title ) ? ' title="'  . esc_attr( $item->attr_title ) .'"' : '';
 		$attributes .= ! empty( $item->target )     ? ' target="' . esc_attr( $item->target     ) .'"' : '';
@@ -351,7 +355,9 @@ function _wp_menu_item_classes_by_context( &$menu_items ) {
 		} elseif ( 'custom' == $menu_item->object ) {
 			$current_url = ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
 			$item_url = strpos( $menu_item->url, '#' ) ? substr( $menu_item->url, 0, strpos( $menu_item->url, '#' ) ) : $menu_item->url;
-			if ( $item_url == $current_url ) {
+			$_indexless_current = preg_replace( '/index.php$/', '', $current_url );
+			
+			if ( in_array( $item_url, array( $current_url, $_indexless_current ) ) ) {
 				$classes[] = 'current-menu-item';
 				$_anc_id = (int) $menu_item->db_id;
 
@@ -362,8 +368,7 @@ function _wp_menu_item_classes_by_context( &$menu_items ) {
 					$active_ancestor_item_ids[] = $_anc_id;
 				}
 
-				if ( untrailingslashit($current_url) == home_url() ) {
-					$classes[] = 'menu-item-home';
+				if ( in_array( home_url(), array( untrailingslashit( $current_url ), untrailingslashit( $_indexless_current ) ) ) ) {
 					// Back compat for home limk to match wp_page_menu()
 					$classes[] = 'current_page_item';
 				}
@@ -371,6 +376,9 @@ function _wp_menu_item_classes_by_context( &$menu_items ) {
 				$active_parent_object_ids[] = (int) $menu_item->post_parent;
 				$active_object = $menu_item->object;
 			}
+			
+			if ( untrailingslashit($item_url) == home_url() )
+				$classes[] = 'menu-item-home';
 		}
 
 		// back-compat with wp_page_menu: add "current_page_parent" to static home page link for any non-page query
@@ -433,7 +441,7 @@ function _wp_menu_item_classes_by_context( &$menu_items ) {
  * Retrieve the HTML list content for nav menu items.
  *
  * @uses Walker_Nav_Menu to create HTML list content.
- * @since 2.1.0
+ * @since 3.0.0
  * @see Walker::walk() for parameters and return description.
  */
 function walk_nav_menu_tree( $items, $depth, $r ) {
@@ -443,4 +451,19 @@ function walk_nav_menu_tree( $items, $depth, $r ) {
 	return call_user_func_array( array(&$walker, 'walk'), $args );
 }
 
+/**
+ * Prevents a menu item ID from being used more than once.
+ *
+ * @since 3.0.1
+ * @access private
+ */
+function _nav_menu_item_id_use_once( $id, $item ) {
+	static $_used_ids = array();
+	if ( in_array( $item->ID, $_used_ids ) )
+		return '';
+	$_used_ids[] = $item->ID;
+	return $id;
+}
+add_filter( 'nav_menu_item_id', '_nav_menu_item_id_use_once', 10, 2 );
+
 ?>

wp-includes/nav-menu.php

@@ -78,6 +78,23 @@ function register_nav_menus( $locations = array() ) {
 	$_wp_registered_nav_menus = array_merge( (array) $_wp_registered_nav_menus, $locations );
 }
 
+/**
+ * Unregisters a navigation menu for a theme.
+ *
+ * @param array $location the menu location identifier
+ *
+ * @return bool True on success, false on failure.
+ */
+function unregister_nav_menu( $location ) {
+	global $_wp_registered_nav_menus;
+
+	if ( is_array( $_wp_registered_nav_menus ) && isset( $_wp_registered_nav_menus[$location] ) ) {
+		unset( $_wp_registered_nav_menus[$location] );
+		return true;
+	}
+	return false;
+}
+
 /**
  * Register a navigation menu for a theme.
  *

wp-includes/pluggable.php

@@ -825,7 +825,7 @@ function check_admin_referer($action = -1, $query_arg = '_wpnonce') {
 	$adminurl = strtolower(admin_url());
 	$referer = strtolower(wp_get_referer());
 	$result = isset($_REQUEST[$query_arg]) ? wp_verify_nonce($_REQUEST[$query_arg], $action) : false;
-	if ( !$result && !(-1 == $action && strpos($referer, $adminurl) !== false) ) {
+	if ( !$result && !(-1 == $action && strpos($referer, $adminurl) === 0) ) {
 		wp_nonce_ays($action);
 		die();
 	}

wp-includes/post.php

@@ -2077,6 +2077,12 @@ function wp_get_single_post($postid = 0, $mode = OBJECT) {
 
 	$post = get_post($postid, $mode);
 
+	if ( 
+		( OBJECT == $mode && empty( $post->ID ) ) ||
+		( OBJECT != $mode && empty( $post['ID'] ) )
+	)
+		return ( OBJECT == $mode ? null : array() );
+
 	// Set categories and tags
 	if ( $mode == OBJECT ) {
 		$post->post_category = array();
@@ -2418,7 +2424,7 @@ function wp_update_post($postarr = array()) {
 		$post_cats = $post['post_category'];
 
 	// Drafts shouldn't be assigned a date unless explicitly done so by the user
-	if ( in_array($post['post_status'], array('draft', 'pending', 'auto-draft')) && empty($postarr['edit_date']) &&
+	if ( isset( $post['post_status'] ) && in_array($post['post_status'], array('draft', 'pending', 'auto-draft')) && empty($postarr['edit_date']) &&
 			 ('0000-00-00 00:00:00' == $post['post_date_gmt']) )
 		$clear_date = true;
 	else
@@ -2531,7 +2537,7 @@ function wp_unique_post_slug( $slug, $post_ID, $post_status, $post_type, $post_p
 	if ( ! is_array( $feeds ) )
 		$feeds = array();
 
-	$hierarchical_post_types = apply_filters( 'hierarchical_post_types', array( 'page' ) );
+	$hierarchical_post_types = get_post_types( array('hierarchical' => true) );
 	if ( 'attachment' == $post_type ) {
 		// Attachment slugs must be unique across all types.
 		$check_sql = "SELECT post_name FROM $wpdb->posts WHERE post_name = %s AND ID != %d LIMIT 1";

wp-includes/query.php

@@ -2738,7 +2738,8 @@ class WP_Query {
 			$this->queried_object = $term;
 			$this->queried_object_id = $term->term_id;
 		} elseif ( $this->is_posts_page ) {
-			$this->queried_object = & get_page(get_option('page_for_posts'));
+			$page_for_posts = get_option('page_for_posts');
+			$this->queried_object = & get_page( $page_for_posts );
 			$this->queried_object_id = (int) $this->queried_object->ID;
 		} elseif ( $this->is_single && !is_null($this->post) ) {
 			$this->queried_object = $this->post;

wp-includes/script-loader.php

@@ -275,7 +275,7 @@ function wp_default_scripts( &$scripts ) {
 		$scripts->add( 'postbox', "/wp-admin/js/postbox$suffix.js", array('jquery-ui-sortable'), '20091012' );
 		$scripts->add_data( 'postbox', 'group', 1 );
 
-		$scripts->add( 'post', "/wp-admin/js/post$suffix.js", array('suggest', 'wp-lists', 'postbox'), '20100526' );
+		$scripts->add( 'post', "/wp-admin/js/post$suffix.js", array('suggest', 'wp-lists', 'postbox'), '20110203' );
 		$scripts->add_data( 'post', 'group', 1 );
 		$scripts->localize( 'post', 'postL10n', array(
 			'tagsUsed' =>  __('Tags used on this post:'),

wp-includes/taxonomy.php

@@ -1630,11 +1630,11 @@ function wp_insert_term( $term, $taxonomy, $args = array() ) {
 	if ( $term_id = term_exists($slug) ) {
 		$existing_term = $wpdb->get_row( $wpdb->prepare( "SELECT name FROM $wpdb->terms WHERE term_id = %d", $term_id), ARRAY_A );
 		// We've got an existing term in the same taxonomy, which matches the name of the new term:
-		if ( is_taxonomy_hierarchical($taxonomy) && $existing_term['name'] == $name && term_exists( (int) $term_id, $taxonomy ) ) {
+		if ( is_taxonomy_hierarchical($taxonomy) && $existing_term['name'] == $name && $exists = term_exists( (int) $term_id, $taxonomy ) ) {
 			// Hierarchical, and it matches an existing term, Do not allow same "name" in the same level.
 			$siblings = get_terms($taxonomy, array('fields' => 'names', 'get' => 'all', 'parent' => (int)$parent) );
 			if ( in_array($name, $siblings) ) {
-				return new WP_Error('term_exists', __('A term with the name provided already exists with this parent.'));
+				return new WP_Error('term_exists', __('A term with the name provided already exists with this parent.'), $exists['term_id']);
 			} else {
 				$slug = wp_unique_term_slug($slug, (object) $args);
 				if ( false === $wpdb->insert( $wpdb->terms, compact( 'name', 'slug', 'term_group' ) ) )
@@ -1647,9 +1647,9 @@ function wp_insert_term( $term, $taxonomy, $args = array() ) {
 			if ( false === $wpdb->insert( $wpdb->terms, compact( 'name', 'slug', 'term_group' ) ) )
 				return new WP_Error('db_insert_error', __('Could not insert term into the database'), $wpdb->last_error);
 			$term_id = (int) $wpdb->insert_id;
-		} elseif ( term_exists( (int) $term_id, $taxonomy ) )  {
+		} elseif ( $exists = term_exists( (int) $term_id, $taxonomy ) )  {
 			// Same name, same slug.
-			return new WP_Error('term_exists', __('A term with the name provided already exists.'));
+			return new WP_Error('term_exists', __('A term with the name provided already exists.'), $exists['term_id']);
 		}
 	} else {
 		// This term does not exist at all in the database, Create it.

wp-includes/theme.php

@@ -1023,7 +1023,7 @@ function get_comments_popup_template() {
 
 	// Backward compat code will be removed in a future release
 	if ('' == $template)
-		$template = WPINC . '/theme-compat/comments-popup.php';
+		$template = ABSPATH . WPINC . '/theme-compat/comments-popup.php';
 
 	return apply_filters('comments_popup_template', $template);
 }
@@ -1629,7 +1629,7 @@ function add_theme_support( $feature ) {
  */
 function remove_theme_support( $feature ) {
 	// Blacklist: for internal registrations not used directly by themes.
-	if ( in_array( $feature, array( 'custom-background', 'custom-header', 'editor-style', 'widgets' ) ) )
+	if ( in_array( $feature, array( 'custom-background', 'custom-header', 'editor-style', 'widgets', 'menus' ) ) )
 		return false;
 
 	global $_wp_theme_features;

wp-includes/update.php

@@ -211,36 +211,43 @@ function wp_update_themes( ) {
 		require_once( ABSPATH . 'wp-includes/theme.php' );
 
 	$installed_themes = get_themes( );
-	$current_theme = get_site_transient( 'update_themes' );
-	if ( ! is_object($current_theme) )
-		$current_theme = new stdClass;
+	$last_update = get_site_transient( 'update_themes' );
+	if ( ! is_object($last_update) )
+		$last_update = new stdClass;
 
-	$new_option = new stdClass;
-	$new_option->last_checked = time( );
 	$timeout = 'load-themes.php' == current_filter() ? 3600 : 43200; //Check for updated every 60 minutes if hitting the themes page, Else, check every 12 hours
-	$time_not_changed = isset( $current_theme->last_checked ) && $timeout > ( time( ) - $current_theme->last_checked );
+	$time_not_changed = isset( $last_update->last_checked ) && $timeout > ( time( ) - $last_update->last_checked );
 
 	$themes = array();
 	$checked = array();
-	$themes['current_theme'] = (array) $current_theme;
+	$exclude_fields = array('Template Files', 'Stylesheet Files', 'Status', 'Theme Root', 'Theme Root URI', 'Template Dir', 'Stylesheet Dir', 'Description', 'Tags', 'Screenshot');
+
+	// Put slug of current theme into request.
+	$themes['current_theme'] = get_option( 'stylesheet' );
+
 	foreach ( (array) $installed_themes as $theme_title => $theme ) {
 		$themes[$theme['Stylesheet']] = array();
 		$checked[$theme['Stylesheet']] = $theme['Version'];
 
-		foreach ( (array) $theme as $key => $value )
-			$themes[$theme['Stylesheet']][$key] = $value;
+		$themes[$theme['Stylesheet']]['Name'] = $theme['Name'];
+		$themes[$theme['Stylesheet']]['Version'] = $theme['Version'];
+
+		foreach ( (array) $theme as $key => $value ) {
+			if ( !in_array($key, $exclude_fields) )
+				$themes[$theme['Stylesheet']][$key] = $value;
+		}
 	}
 
 	$theme_changed = false;
 	foreach ( $checked as $slug => $v ) {
-		$new_option->checked[ $slug ] = $v;
+		$update_request->checked[ $slug ] = $v;
 
-		if ( !isset( $current_theme->checked[ $slug ] ) || strval($current_theme->checked[ $slug ]) !== strval($v) )
+		if ( !isset( $last_update->checked[ $slug ] ) || strval($last_update->checked[ $slug ]) !== strval($v) )
 			$theme_changed = true;
 	}
 
-	if ( isset ( $current_theme->response ) && is_array( $current_theme->response ) ) {
-		foreach ( $current_theme->response as $slug => $update_details ) {
+	if ( isset ( $last_update->response ) && is_array( $last_update->response ) ) {
+		foreach ( $last_update->response as $slug => $update_details ) {
 			if ( ! isset($checked[ $slug ]) ) {
 				$theme_changed = true;
 				break;
@@ -252,10 +259,8 @@ function wp_update_themes( ) {
 		return false;
 
 	// Update last_checked for current to prevent multiple blocking requests if request hangs
-	$current_theme->last_checked = time();
-	set_site_transient( 'update_themes', $current_theme );
-
-	$current_theme->template = get_option( 'template' );
+	$last_update->last_checked = time();
+	set_site_transient( 'update_themes', $last_update );
 
 	$options = array(
 		'timeout' => ( ( defined('DOING_CRON') && DOING_CRON ) ? 30 : 3),
@@ -271,13 +276,15 @@ function wp_update_themes( ) {
 	if ( 200 != $raw_response['response']['code'] )
 		return false;
 
+	$new_update = new stdClass;
+	$new_update->last_checked = time( );
 	$response = unserialize( $raw_response['body'] );
 	if ( $response ) {
-		$new_option->checked = $checked;
-		$new_option->response = $response;
+		$new_update->checked = $checked;
+		$new_update->response = $response;
 	}
 
-	set_site_transient( 'update_themes', $new_option );
+	set_site_transient( 'update_themes', $new_update );
 }
 
 function _maybe_update_core() {

wp-includes/version.php

@@ -1,21 +1,35 @@
 <?php
-/**
- * This holds the version number in a separate file so we can bump it without cluttering the SVN
- */
+/*
+WordPress - Web publishing software
+
+This program is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License
+as published by the Free Software Foundation; either version 2
+of the License, or (at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+*/
 
 /**
  * The WordPress version string
  *
  * @global string $wp_version
  */
-$wp_version = '3.0';
+$wp_version = '3.0.6';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
  *
  * @global int $wp_db_version
  */
-$wp_db_version = 15260;
+$wp_db_version = 15477;
 
 /**
  * Holds the TinyMCE version

wp-includes/wp-db.php

@@ -1402,7 +1402,7 @@ class wpdb {
 			// Return an array of row objects with keys from column 1
 			// (Duplicates are discarded)
 			foreach ( $this->last_result as $row ) {
-				$key = array_shift( get_object_vars( $row ) );
+				$key = array_shift( $var_by_ref = get_object_vars( $row ) );
 				if ( ! isset( $new_array[ $key ] ) )
 					$new_array[ $key ] = $row;
 			}

wp-signup.php

@@ -153,7 +153,8 @@ function validate_user_form() {
 }
 
 function signup_another_blog($blogname = '', $blog_title = '', $errors = '') {
-	global $current_user, $current_site;
+	global $current_site;
+	$current_user = wp_get_current_user();
 
 	if ( ! is_wp_error($errors) ) {
 		$errors = new WP_Error();
@@ -197,7 +198,7 @@ function signup_another_blog($blogname = '', $blog_title = '', $errors = '') {
 }
 
 function validate_another_blog_signup() {
-	global $wpdb, $current_user, $blogname, $blog_title, $errors, $domain, $path;
+	global $wpdb, $blogname, $blog_title, $errors, $domain, $path;
 	$current_user = wp_get_current_user();
 	if ( !is_user_logged_in() )
 		die();

xmlrpc.php

@@ -933,9 +933,15 @@ class wp_xmlrpc_server extends IXR_Server {
 			"category_description"	=> $category["description"]
 		);
 
-		$cat_id = wp_insert_category($new_category);
-		if ( !$cat_id )
+		$cat_id = wp_insert_category($new_category, true);
+		if ( is_wp_error( $cat_id ) ) {
+			if ( 'term_exists' == $cat_id->get_error_code() )
+				return (int) $cat_id->get_error_data();
+			else
+				return(new IXR_Error(500, __("Sorry, the new category failed.")));
+		} elseif ( ! $cat_id ) {
 			return(new IXR_Error(500, __("Sorry, the new category failed.")));
+		}
 
 		return($cat_id);
 	}
@@ -1150,9 +1156,12 @@ class wp_xmlrpc_server extends IXR_Server {
 
 		do_action('xmlrpc_call', 'wp.deleteComment');
 
-		if ( ! get_comment($comment_ID) )
+		if ( !$comment = get_comment( $comment_ID ) )
 			return new IXR_Error( 404, __( 'Invalid comment ID.' ) );
 
+		if ( !current_user_can( 'edit_post', $comment->comment_post_ID ) )
+			return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );
+
 		return wp_delete_comment($comment_ID);
 	}
 
@@ -1179,11 +1188,14 @@ class wp_xmlrpc_server extends IXR_Server {
 		if ( !current_user_can( 'moderate_comments' ) )
 			return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );
 
-		do_action('xmlrpc_call', 'wp.editComment');
-
-		if ( ! get_comment($comment_ID) )
+		if ( !$comment = get_comment( $comment_ID ) )
 			return new IXR_Error( 404, __( 'Invalid comment ID.' ) );
 
+		if ( !current_user_can( 'edit_post', $comment->comment_post_ID ) )
+			return new IXR_Error( 403, __( 'You are not allowed to moderate comments on this site.' ) );
+
+		do_action('xmlrpc_call', 'wp.editComment');
+
 		if ( isset($content_struct['status']) ) {
 			$statuses = get_comment_statuses();
 			$statuses = array_keys($statuses);
@@ -1411,7 +1423,7 @@ class wp_xmlrpc_server extends IXR_Server {
 		if ( !$user = $this->login($username, $password) )
 			return $this->error;
 
-		if ( !current_user_can( 'edit_posts' ) )
+		if ( !current_user_can( 'edit_pages' ) )
 			return new IXR_Error( 403, __( 'You are not allowed access to details about this site.' ) );
 
 		do_action('xmlrpc_call', 'wp.getPageStatusList');
@@ -1951,7 +1963,7 @@ class wp_xmlrpc_server extends IXR_Server {
 		if ( !$actual_post || $actual_post['post_type'] != 'post' )
 			return new IXR_Error(404, __('Sorry, no such post.'));
 
-		if ( !current_user_can('edit_post', $post_ID) )
+		if ( !current_user_can('delete_post', $post_ID) )
 			return new IXR_Error(401, __('Sorry, you do not have the right to delete this post.'));
 
 		$result = wp_delete_post($post_ID);
@@ -1981,30 +1993,42 @@ class wp_xmlrpc_server extends IXR_Server {
 		$username  = $args[1];
 		$password   = $args[2];
 		$content_struct = $args[3];
-		$publish     = $args[4];
+		$publish     = isset( $args[4] ) ? $args[4] : 0;
 
 		if ( !$user = $this->login($username, $password) )
 			return $this->error;
 
 		do_action('xmlrpc_call', 'metaWeblog.newPost');
 
-		$cap = ( $publish ) ? 'publish_posts' : 'edit_posts';
-		$error_message = __( 'Sorry, you are not allowed to publish posts on this site.' );
-		$post_type = 'post';
 		$page_template = '';
 		if ( !empty( $content_struct['post_type'] ) ) {
 			if ( $content_struct['post_type'] == 'page' ) {
-				$cap = ( $publish ) ? 'publish_pages' : 'edit_pages';
+				if ( $publish || 'publish' == $content_struct['page_status'])
+					$cap  = 'publish_pages';
+				else
+					$cap = 'edit_pages';
 				$error_message = __( 'Sorry, you are not allowed to publish pages on this site.' );
 				$post_type = 'page';
 				if ( !empty( $content_struct['wp_page_template'] ) )
 					$page_template = $content_struct['wp_page_template'];
 			} elseif ( $content_struct['post_type'] == 'post' ) {
-				// This is the default, no changes needed
+				if ( $publish || 'publish' == $content_struct['post_status'])
+					$cap  = 'publish_posts';
+				else
+					$cap = 'edit_posts';
+				$error_message = __( 'Sorry, you are not allowed to publish posts on this site.' );
+				$post_type = 'post';
 			} else {
 				// No other post_type values are allowed here
 				return new IXR_Error( 401, __( 'Invalid post type.' ) );
 			}
+		} else {
+			if ( $publish || 'publish' == $content_struct['post_status'])
+				$cap  = 'publish_posts';
+			else
+				$cap = 'edit_posts';
+			$error_message = __( 'Sorry, you are not allowed to publish posts on this site.' );
+			$post_type = 'post';
 		}
 
 		if ( !current_user_can( $cap ) )
@@ -2269,17 +2293,32 @@ class wp_xmlrpc_server extends IXR_Server {
 		$page_template = '';
 		if ( !empty( $content_struct['post_type'] ) ) {
 			if ( $content_struct['post_type'] == 'page' ) {
-				$cap = ( $publish ) ? 'publish_pages' : 'edit_pages';
+				if ( $publish || 'publish' == $content_struct['page_status'] )
+					$cap  = 'publish_pages';
+				else
+					$cap = 'edit_pages';
 				$error_message = __( 'Sorry, you are not allowed to publish pages on this site.' );
 				$post_type = 'page';
 				if ( !empty( $content_struct['wp_page_template'] ) )
 					$page_template = $content_struct['wp_page_template'];
 			} elseif ( $content_struct['post_type'] == 'post' ) {
-				// This is the default, no changes needed
+				if ( $publish || 'publish' == $content_struct['post_status'] )
+					$cap  = 'publish_posts';
+				else
+					$cap = 'edit_posts';
+				$error_message = __( 'Sorry, you are not allowed to publish posts on this site.' );
+				$post_type = 'post';
 			} else {
 				// No other post_type values are allowed here
 				return new IXR_Error( 401, __( 'Invalid post type.' ) );
 			}
+		} else {
+			if ( $publish || 'publish' == $content_struct['post_status'] )
+				$cap  = 'publish_posts';
+			else
+				$cap = 'edit_posts';
+			$error_message = __( 'Sorry, you are not allowed to publish posts on this site.' );
+			$post_type = 'post';
 		}
 
 		if ( !current_user_can( $cap ) )
@@ -3095,7 +3134,7 @@ class wp_xmlrpc_server extends IXR_Server {
 
 		do_action('xmlrpc_call', 'mt.publishPost');
 
-		if ( !current_user_can('edit_post', $post_ID) )
+		if ( !current_user_can('publish_posts') || !current_user_can('edit_post', $post_ID) )
 			return new IXR_Error(401, __('Sorry, you cannot edit this post.'));
 
 		$postdata = wp_get_single_post($post_ID,ARRAY_A);
@@ -3333,4 +3372,4 @@ class wp_xmlrpc_server extends IXR_Server {
 
 $wp_xmlrpc_server = new wp_xmlrpc_server();
 $wp_xmlrpc_server->serve_request();
-?>
+?>