Tag 4.1.12

Built from https://develop.svn.wordpress.org/tags/4.1.12@37841


git-svn-id: http://core.svn.wordpress.org/tags/4.1.12@37805 1a063a9b-81f0-0310-95a4-ce76da25c4cd

license.txt

@@ -1,6 +1,6 @@
 WordPress - Web publishing software
 
-Copyright 2018 by the contributors
+Copyright 2015 by the contributors
 
 This program is free software; you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by

readme.html

@@ -9,6 +9,7 @@
 <body>
 <h1 id="logo">
 	<a href="https://wordpress.org/"><img alt="WordPress" src="wp-admin/images/wordpress-logo.png" /></a>
+	<br /> Version 4.1.12
 </h1>
 <p style="text-align: center">Semantic Personal Publishing Platform</p>
 

wp-activate.php

@@ -18,50 +18,6 @@ if ( !is_multisite() ) {
 	die();
 }
 
-$valid_error_codes = array( 'already_active', 'blog_taken' );
-
-list( $activate_path ) = explode( '?', wp_unslash( $_SERVER['REQUEST_URI'] ) );
-$activate_cookie = 'wp-activate-' . COOKIEHASH;
-
-$key    = '';
-$result = null;
-
-if ( isset( $_GET['key'] ) && isset( $_POST['key'] ) && $_GET['key'] !== $_POST['key'] ) {
-	wp_die( __( 'A key value mismatch has been detected. Please follow the link provided in your activation email.' ), __( 'An error occurred during the activation' ), 400 );
-} elseif ( ! empty( $_GET['key'] ) ) {
-	$key = $_GET['key'];
-} elseif ( ! empty( $_POST['key'] ) ) {
-	$key = $_POST['key'];
-}
-
-if ( $key ) {
-	$redirect_url = remove_query_arg( 'key' );
-
-	if ( $redirect_url !== remove_query_arg( false ) ) {
-		setcookie( $activate_cookie, $key, 0, $activate_path, COOKIE_DOMAIN, is_ssl(), true );
-		wp_safe_redirect( $redirect_url );
-		exit;
-	} else {
-		$result = wpmu_activate_signup( $key );
-	}
-}
-
-if ( $result === null && isset( $_COOKIE[ $activate_cookie ] ) ) {
-	$key    = $_COOKIE[ $activate_cookie ];
-	$result = wpmu_activate_signup( $key );
-	setcookie( $activate_cookie, ' ', time() - YEAR_IN_SECONDS, $activate_path, COOKIE_DOMAIN, is_ssl(), true );
-}
-
-if ( $result === null || ( is_wp_error( $result ) && 'invalid_key' === $result->get_error_code() ) ) {
-	status_header( 404 );
-} elseif ( is_wp_error( $result ) ) {
-	$error_code = $result->get_error_code();
-
-	if ( ! in_array( $error_code, $valid_error_codes ) ) {
-		status_header( 400 );
-	}
-}
-
 if ( is_object( $wp_object_cache ) )
 	$wp_object_cache->cache_enabled = false;
 
@@ -107,13 +63,12 @@ function wpmu_activate_stylesheet() {
 	<?php
 }
 add_action( 'wp_head', 'wpmu_activate_stylesheet' );
-add_action( 'wp_head', 'wp_sensitive_page_meta' );
 
 get_header();
 ?>
 
 <div id="content" class="widecolumn">
-	<?php if ( ! $key ) { ?>
+	<?php if ( empty($_GET['key']) && empty($_POST['key']) ) { ?>
 
 		<h2><?php _e('Activation Key Required') ?></h2>
 		<form name="activateform" id="activateform" method="post" action="<?php echo network_site_url('wp-activate.php'); ?>">
@@ -127,25 +82,28 @@ get_header();
 		</form>
 
 	<?php } else {
-		if ( is_wp_error( $result ) && in_array( $result->get_error_code(), $valid_error_codes ) ) {
-			$signup = $result->get_error_data();
-			?>
-			<h2><?php _e('Your account is now active!'); ?></h2>
-			<?php
-			echo '<p class="lead-in">';
-			if ( $signup->domain . $signup->path == '' ) {
-				printf( __('Your account has been activated. You may now <a href="%1$s">log in</a> to the site using your chosen username of &#8220;%2$s&#8221;. Please check your email inbox at %3$s for your password and login instructions. If you do not receive an email, please check your junk or spam folder. If you still do not receive an email within an hour, you can <a href="%4$s">reset your password</a>.'), network_site_url( 'wp-login.php', 'login' ), $signup->user_login, $signup->user_email, wp_lostpassword_url() );
+
+		$key = !empty($_GET['key']) ? $_GET['key'] : $_POST['key'];
+		$result = wpmu_activate_signup( $key );
+		if ( is_wp_error($result) ) {
+			if ( 'already_active' == $result->get_error_code() || 'blog_taken' == $result->get_error_code() ) {
+			    $signup = $result->get_error_data();
+				?>
+				<h2><?php _e('Your account is now active!'); ?></h2>
+				<?php
+				echo '<p class="lead-in">';
+				if ( $signup->domain . $signup->path == '' ) {
+					printf( __('Your account has been activated. You may now <a href="%1$s">log in</a> to the site using your chosen username of &#8220;%2$s&#8221;. Please check your email inbox at %3$s for your password and login instructions. If you do not receive an email, please check your junk or spam folder. If you still do not receive an email within an hour, you can <a href="%4$s">reset your password</a>.'), network_site_url( 'wp-login.php', 'login' ), $signup->user_login, $signup->user_email, wp_lostpassword_url() );
+				} else {
+					printf( __('Your site at <a href="%1$s">%2$s</a> is active. You may now log in to your site using your chosen username of &#8220;%3$s&#8221;. Please check your email inbox at %4$s for your password and login instructions. If you do not receive an email, please check your junk or spam folder. If you still do not receive an email within an hour, you can <a href="%5$s">reset your password</a>.'), 'http://' . $signup->domain, $signup->domain, $signup->user_login, $signup->user_email, wp_lostpassword_url() );
+				}
+				echo '</p>';
 			} else {
-				printf( __('Your site at <a href="%1$s">%2$s</a> is active. You may now log in to your site using your chosen username of &#8220;%3$s&#8221;. Please check your email inbox at %4$s for your password and login instructions. If you do not receive an email, please check your junk or spam folder. If you still do not receive an email within an hour, you can <a href="%5$s">reset your password</a>.'), 'http://' . $signup->domain, $signup->domain, $signup->user_login, $signup->user_email, wp_lostpassword_url() );
+				?>
+				<h2><?php _e('An error occurred during the activation'); ?></h2>
+				<?php
+			    echo '<p>'.$result->get_error_message().'</p>';
 			}
-			echo '</p>';
-		} elseif ( $result === null || is_wp_error( $result ) ) {
-			?>
-			<h2><?php _e('An error occurred during the activation'); ?></h2>
-			<?php if ( is_wp_error( $result ) ) {
-				echo '<p>' . $result->get_error_message() . '</p>';
-			} ?>
-			<?php
 		} else {
 			$url = isset( $result['blog_id'] ) ? get_blogaddress_by_id( (int) $result['blog_id'] ) : '';
 			$user = get_userdata( (int) $result['user_id'] );

wp-admin/about.php

@@ -42,202 +42,7 @@ include( ABSPATH . 'wp-admin/admin-header.php' );
 </h2>
 
 <div class="changelog point-releases">
-	<h3><?php echo _n( 'Maintenance and Security Release', 'Maintenance and Security Releases', 32 ); ?></h3>
-	<p>
-		<?php
-		printf(
-			/* translators: %s: WordPress version number */
-			__( '<strong>Version %s</strong> addressed some security issues.' ),
-			'4.1.32'
-		);
-		?>
-		<?php
-		printf(
-			/* translators: %s: HelpHub URL */
-			__( 'For more information, see <a href="%s">the release notes</a>.' ),
-			sprintf(
-				/* translators: %s: WordPress version */
-				esc_url( __( 'https://wordpress.org/support/wordpress-version/version-%s/' ) ),
-				sanitize_title( '4.1.32' )
-			)
-		);
-		?>
-	</p>
-	<p>
-		<?php
-		printf(
-			/* translators: %s: WordPress version number */
-			__( '<strong>Version %s</strong> addressed some security issues.' ),
-			'4.1.31'
-		);
-		?>
-		<?php
-		printf(
-			/* translators: %s: HelpHub URL */
-			__( 'For more information, see <a href="%s">the release notes</a>.' ),
-			sprintf(
-				/* translators: %s: WordPress version */
-				esc_url( __( 'https://wordpress.org/support/wordpress-version/version-%s/' ) ),
-				sanitize_title( '4.1.31' )
-			)
-		);
-		?>
-	</p>
-	<p>
-		<?php
-		printf(
-			/* translators: %s: WordPress version number */
-			__( '<strong>Version %s</strong> addressed some security issues.' ),
-			'4.1.30'
-		);
-		?>
-		<?php
-		printf(
-			/* translators: %s: HelpHub URL */
-			__( 'For more information, see <a href="%s">the release notes</a>.' ),
-			sprintf(
-				/* translators: %s: WordPress version */
-				esc_url( __( 'https://wordpress.org/support/wordpress-version/version-%s/' ) ),
-				sanitize_title( '4.1.30' )
-			)
-		);
-		?>
-	</p>
-	<p>
-		<?php
-		printf(
-			/* translators: %s: WordPress version number */
-			__( '<strong>Version %s</strong> addressed one security issue.' ),
-			'4.1.29'
-		);
-		?>
-		<?php
-		printf(
-			/* translators: %s: HelpHub URL */
-			__( 'For more information, see <a href="%s">the release notes</a>.' ),
-			sprintf(
-				/* translators: %s: WordPress version */
-				esc_url( __( 'https://wordpress.org/support/wordpress-version/version-%s/' ) ),
-				sanitize_title( '4.1.29' )
-			)
-		);
-		?>
-	</p>
-	<p>
-		<?php
-		printf(
-			/* translators: %s: WordPress version number */
-			__( '<strong>Version %s</strong> addressed some security issues.' ),
-			'4.1.28'
-		);
-		?>
-		<?php
-		printf(
-			/* translators: %s: HelpHub URL */
-			__( 'For more information, see <a href="%s">the release notes</a>.' ),
-			sprintf(
-				/* translators: %s: WordPress version */
-				esc_url( __( 'https://wordpress.org/support/wordpress-version/version-%s/' ) ),
-				sanitize_title( '4.1.28' )
-			)
-		);
-		?>
-	</p>
-	<p>
-		<?php
-		printf(
-			/* translators: %s: WordPress version number */
-			__( '<strong>Version %s</strong> addressed some security issues.' ),
-			'4.1.27'
-		);
-		?>
-		<?php
-		printf(
-			/* translators: %s: HelpHub URL */
-			__( 'For more information, see <a href="%s">the release notes</a>.' ),
-			sprintf(
-				/* translators: %s: WordPress version */
-				esc_url( __( 'https://wordpress.org/support/wordpress-version/version-%s/' ) ),
-				sanitize_title( '4.1.27' )
-			)
-		);
-		?>
-	</p>
-	<p>
-		<?php
-		printf(
-			/* translators: %s: WordPress version number */
-			__( '<strong>Version %s</strong> addressed a security issue.' ),
-			'4.1.26'
-		);
-		?>
-		<?php
-		printf(
-			/* translators: %s: HelpHub URL */
-			__( 'For more information, see <a href="%s">the release notes</a>.' ),
-			sprintf(
-				/* translators: %s: WordPress version */
-				esc_url( __( 'https://wordpress.org/support/wordpress-version/version-%s/' ) ),
-				sanitize_title( '4.1.26' )
-			)
-		);
-		?>
-	</p>
-	<p>
-		<?php
-		/* translators: %s: WordPress version number */
-		printf( __( '<strong>Version %s</strong> addressed some security issues.' ), '4.1.25' );
-		?>
-		<?php
-		/* translators: %s: Codex URL */
-		printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_4.1.25' );
-		?>
-	</p>
-	<p><?php printf( __( '<strong>Version %s</strong> addressed one security issue.' ), '4.1.24' ); ?>
-		<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_4.1.24' ); ?>
-	</p>
-	<p><?php printf( _n( '<strong>Version %1$s</strong> addressed a security issue.',
-			'<strong>Version %1$s</strong> addressed some security issues.', 2 ), '4.1.23' ); ?>
-		<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_4.1.23' ); ?>
-	</p>
-	<p><?php printf( __( '<strong>Version %s</strong> addressed one security issue.' ), '4.1.22' ); ?>
-		<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_4.1.22' ); ?>
-	</p>
-	<p><?php printf( _n( '<strong>Version %1$s</strong> addressed a security issue.',
-			'<strong>Version %1$s</strong> addressed some security issues.', 4 ), '4.1.21' ); ?>
-		<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_4.1.21' ); ?>
-	</p>
-	<p><?php printf( __( '<strong>Version %s</strong> addressed one security issue.' ), '4.1.20' ); ?>
-		<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_4.1.20' ); ?>
-	</p>
-	<p><?php printf( _n( '<strong>Version %1$s</strong> addressed a security issue.',
-			'<strong>Version %1$s</strong> addressed some security issues.', 8 ), '4.1.19' ); ?>
-		<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_4.1.19' ); ?>
-	</p>
-	<p><?php printf( _n( '<strong>Version %1$s</strong> addressed a security issue.',
-			'<strong>Version %1$s</strong> addressed some security issues.', 5 ), '4.1.18' ); ?>
-		<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_4.1.18' ); ?>
-	</p>
-	<p><?php printf( _n( '<strong>Version %1$s</strong> addressed %2$s bug.',
-			'<strong>Version %1$s</strong> addressed %2$s bugs.', 1 ), '4.1.17', number_format_i18n( 1 ) ); ?>
-		<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_4.1.17' ); ?>
-	</p>
-	<p><?php printf( _n( '<strong>Version %1$s</strong> addressed a security issue.',
-			'<strong>Version %1$s</strong> addressed some security issues.', 5 ), '4.1.16' ); ?>
-		<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_4.1.16' ); ?>
-	</p>
-	<p><?php printf( _n( '<strong>Version %1$s</strong> addressed a security issue.',
-			'<strong>Version %1$s</strong> addressed some security issues.', 3 ), '4.1.15' ); ?>
-		<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_4.1.15' ); ?>
-	</p>
-	<p><?php printf( _n( '<strong>Version %1$s</strong> addressed a security issue.',
-			'<strong>Version %1$s</strong> addressed some security issues.', 8 ), '4.1.14' ); ?>
-		<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_4.1.14' ); ?>
-	</p>
-	<p><?php printf( _n( '<strong>Version %1$s</strong> addressed a security issue.',
-         '<strong>Version %1$s</strong> addressed some security issues.', 2 ), '4.1.13' ); ?>
-		<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_4.1.13' ); ?>
-	</p>
+	<h3><?php echo _n( 'Maintenance and Security Release', 'Maintenance and Security Releases', 12 ); ?></h3>
 	<p><?php printf( _n( '<strong>Version %1$s</strong> addressed a security issue.',
          '<strong>Version %1$s</strong> addressed some security issues.', 9 ), '4.1.12' ); ?>
 		<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_4.1.12' ); ?>
@@ -373,7 +178,7 @@ include( ABSPATH . 'wp-admin/admin-header.php' );
 <hr />
 
 <div class="changelog feature-list">
-	<h2><?php _e( 'Under the Hood' ); ?></h2>
+	<h2><?php _e( 'Under the Hood' ); ?></h3>
 
 	<div class="feature-section col two-col">
 		<div>

wp-admin/admin-header.php

@@ -58,13 +58,13 @@ wp_enqueue_script( 'svg-painter' );
 $admin_body_class = preg_replace('/[^a-z0-9_-]+/i', '-', $hook_suffix);
 ?>
 <script type="text/javascript">
-addLoadEvent = function(func){if(typeof jQuery!=='undefined')jQuery(document).ready(func);else if(typeof wpOnload!=='function'){wpOnload=func;}else{var oldonload=wpOnload;wpOnload=function(){oldonload();func();}}};
-var ajaxurl = '<?php echo esc_js( admin_url( 'admin-ajax.php', 'relative' ) ); ?>',
-	pagenow = '<?php echo esc_js( $current_screen->id ); ?>',
-	typenow = '<?php echo esc_js( $current_screen->post_type ); ?>',
-	adminpage = '<?php echo esc_js( $admin_body_class ); ?>',
-	thousandsSeparator = '<?php echo esc_js( $wp_locale->number_format['thousands_sep'] ); ?>',
-	decimalPoint = '<?php echo esc_js( $wp_locale->number_format['decimal_point'] ); ?>',
+addLoadEvent = function(func){if(typeof jQuery!="undefined")jQuery(document).ready(func);else if(typeof wpOnload!='function'){wpOnload=func;}else{var oldonload=wpOnload;wpOnload=function(){oldonload();func();}}};
+var ajaxurl = '<?php echo admin_url( 'admin-ajax.php', 'relative' ); ?>',
+	pagenow = '<?php echo $current_screen->id; ?>',
+	typenow = '<?php echo $current_screen->post_type; ?>',
+	adminpage = '<?php echo $admin_body_class; ?>',
+	thousandsSeparator = '<?php echo addslashes( $wp_locale->number_format['thousands_sep'] ); ?>',
+	decimalPoint = '<?php echo addslashes( $wp_locale->number_format['decimal_point'] ); ?>',
 	isRtl = <?php echo (int) is_rtl(); ?>;
 </script>
 <meta name="viewport" content="width=device-width,initial-scale=1.0">

wp-admin/async-upload.php

@@ -32,7 +32,7 @@ if ( ! ( isset( $_REQUEST['action'] ) && 'upload-attachment' == $_REQUEST['actio
 
 require_once( ABSPATH . 'wp-admin/admin.php' );
 
-header( 'Content-Type: text/plain; charset=' . get_option( 'blog_charset' ) );
+header( 'Content-Type: text/html; charset=' . get_option( 'blog_charset' ) );
 
 if ( isset( $_REQUEST['action'] ) && 'upload-attachment' === $_REQUEST['action'] ) {
 	include( ABSPATH . 'wp-admin/includes/ajax-actions.php' );

wp-admin/custom-background.php

@@ -516,7 +516,6 @@ if ( current_theme_supports( 'custom-background', 'default-color' ) )
 	 * @deprecated 3.5.0
 	 */
 	public function wp_set_background_image() {
-		check_ajax_referer( 'custom-background' );
 		if ( ! current_user_can('edit_theme_options') || ! isset( $_POST['attachment_id'] ) ) exit;
 		$attachment_id = absint($_POST['attachment_id']);
 		/** This filter is documented in wp-admin/includes/media.php */

wp-admin/custom-header.php

@@ -392,7 +392,7 @@ class Custom_Image_Header {
 <script type="text/javascript">
 /* <![CDATA[ */
 (function($){
-	var default_color = '<?php echo esc_js( $default_color ); ?>',
+	var default_color = '<?php echo $default_color; ?>',
 		header_text_fields;
 
 	function pickColor(color) {

wp-admin/customize.php

@@ -149,7 +149,7 @@ do_action( 'customize_controls_print_scripts' );
 							echo sprintf( __( 'You are previewing %s' ), '<strong class="theme-name">' . $wp_customize->theme()->display('Name') . '</strong>' );
 						} else {
 							/* translators: %s is the site/panel title in the Customize pane */
-							echo sprintf( __( 'You are customizing %s' ), '<strong class="theme-name site-title">' . get_bloginfo( 'name', 'display' ) . '</strong>' );
+							echo sprintf( __( 'You are customizing %s' ), '<strong class="theme-name site-title">' . get_bloginfo( 'name' ) . '</strong>' );
 						}
 					?></span>
 				</div>

wp-admin/includes/ajax-actions.php

@@ -950,8 +950,6 @@ function wp_ajax_replyto_comment( $action ) {
 			if ( wp_create_nonce( 'unfiltered-html-comment' ) != $_POST['_wp_unfiltered_html_comment'] ) {
 				kses_remove_filters(); // start with a clean slate
 				kses_init_filters(); // set up the filters
-				remove_filter( 'pre_comment_content', 'wp_filter_post_kses' );
-				add_filter( 'pre_comment_content', 'wp_filter_kses' );
 			}
 		}
 	} else {
@@ -1847,7 +1845,7 @@ function wp_ajax_upload_attachment() {
 			'success' => false,
 			'data'    => array(
 				'message'  => __( "You don't have permission to upload files." ),
-				'filename' => esc_html( $_FILES['async-upload']['name'] ),
+				'filename' => $_FILES['async-upload']['name'],
 			)
 		) );
 
@@ -1861,7 +1859,7 @@ function wp_ajax_upload_attachment() {
 				'success' => false,
 				'data'    => array(
 					'message'  => __( "You don't have permission to attach files to this post." ),
-					'filename' => esc_html( $_FILES['async-upload']['name'] ),
+					'filename' => $_FILES['async-upload']['name'],
 				)
 			) );
 
@@ -1871,11 +1869,7 @@ function wp_ajax_upload_attachment() {
 		$post_id = null;
 	}
 
-	$post_data = ! empty( $_REQUEST['post_data'] ) ? _wp_get_allowed_postdata( _wp_translate_postdata( false, (array) $_REQUEST['post_data'] ) ) : array();
-
-	if ( is_wp_error( $post_data ) ) {
-		wp_die( $post_data->get_error_message() );
-	}
+	$post_data = isset( $_REQUEST['post_data'] ) ? $_REQUEST['post_data'] : array();
 
 	// If the context is custom header or background, make sure the uploaded file is an image.
 	if ( isset( $post_data['context'] ) && in_array( $post_data['context'], array( 'custom-header', 'custom-background' ) ) ) {
@@ -1885,7 +1879,7 @@ function wp_ajax_upload_attachment() {
 				'success' => false,
 				'data'    => array(
 					'message'  => __( 'The uploaded file is not a valid image. Please try again.' ),
-					'filename' => esc_html( $_FILES['async-upload']['name'] ),
+					'filename' => $_FILES['async-upload']['name'],
 				)
 			) );
 
@@ -1900,7 +1894,7 @@ function wp_ajax_upload_attachment() {
 			'success' => false,
 			'data'    => array(
 				'message'  => $attachment_id->get_error_message(),
-				'filename' => esc_html( $_FILES['async-upload']['name'] ),
+				'filename' => $_FILES['async-upload']['name'],
 			)
 		) );
 

wp-admin/includes/class-wp-plugins-list-table.php

@@ -425,27 +425,27 @@ class WP_Plugins_List_Table extends WP_List_Table {
 			if ( $screen->in_admin( 'network' ) ) {
 				if ( $is_active ) {
 					if ( current_user_can( 'manage_network_plugins' ) )
-						$actions['deactivate'] = '<a href="' . wp_nonce_url('plugins.php?action=deactivate&amp;plugin=' . urlencode( $plugin_file ) . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'deactivate-plugin_' . $plugin_file) . '" title="' . esc_attr__('Deactivate this plugin') . '">' . __('Network Deactivate') . '</a>';
+						$actions['deactivate'] = '<a href="' . wp_nonce_url('plugins.php?action=deactivate&amp;plugin=' . $plugin_file . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'deactivate-plugin_' . $plugin_file) . '" title="' . esc_attr__('Deactivate this plugin') . '">' . __('Network Deactivate') . '</a>';
 				} else {
 					if ( current_user_can( 'manage_network_plugins' ) )
-						$actions['activate'] = '<a href="' . wp_nonce_url('plugins.php?action=activate&amp;plugin=' . urlencode( $plugin_file ) . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'activate-plugin_' . $plugin_file) . '" title="' . esc_attr__('Activate this plugin for all sites in this network') . '" class="edit">' . __('Network Activate') . '</a>';
+						$actions['activate'] = '<a href="' . wp_nonce_url('plugins.php?action=activate&amp;plugin=' . $plugin_file . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'activate-plugin_' . $plugin_file) . '" title="' . esc_attr__('Activate this plugin for all sites in this network') . '" class="edit">' . __('Network Activate') . '</a>';
 					if ( current_user_can( 'delete_plugins' ) && ! is_plugin_active( $plugin_file ) )
-						$actions['delete'] = '<a href="' . wp_nonce_url('plugins.php?action=delete-selected&amp;checked[]=' . urlencode( $plugin_file ) . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'bulk-plugins') . '" title="' . esc_attr__('Delete this plugin') . '" class="delete">' . __('Delete') . '</a>';
+						$actions['delete'] = '<a href="' . wp_nonce_url('plugins.php?action=delete-selected&amp;checked[]=' . $plugin_file . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'bulk-plugins') . '" title="' . esc_attr__('Delete this plugin') . '" class="delete">' . __('Delete') . '</a>';
 				}
 			} else {
 				if ( $is_active ) {
-					$actions['deactivate'] = '<a href="' . wp_nonce_url('plugins.php?action=deactivate&amp;plugin=' . urlencode( $plugin_file ) . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'deactivate-plugin_' . $plugin_file) . '" title="' . esc_attr__('Deactivate this plugin') . '">' . __('Deactivate') . '</a>';
+					$actions['deactivate'] = '<a href="' . wp_nonce_url('plugins.php?action=deactivate&amp;plugin=' . $plugin_file . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'deactivate-plugin_' . $plugin_file) . '" title="' . esc_attr__('Deactivate this plugin') . '">' . __('Deactivate') . '</a>';
 				} else {
-					$actions['activate'] = '<a href="' . wp_nonce_url('plugins.php?action=activate&amp;plugin=' . urlencode( $plugin_file ) . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'activate-plugin_' . $plugin_file) . '" title="' . esc_attr__('Activate this plugin') . '" class="edit">' . __('Activate') . '</a>';
+					$actions['activate'] = '<a href="' . wp_nonce_url('plugins.php?action=activate&amp;plugin=' . $plugin_file . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'activate-plugin_' . $plugin_file) . '" title="' . esc_attr__('Activate this plugin') . '" class="edit">' . __('Activate') . '</a>';
 
 					if ( ! is_multisite() && current_user_can('delete_plugins') )
-						$actions['delete'] = '<a href="' . wp_nonce_url('plugins.php?action=delete-selected&amp;checked[]=' . urlencode( $plugin_file ) . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'bulk-plugins') . '" title="' . esc_attr__('Delete this plugin') . '" class="delete">' . __('Delete') . '</a>';
+						$actions['delete'] = '<a href="' . wp_nonce_url('plugins.php?action=delete-selected&amp;checked[]=' . $plugin_file . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'bulk-plugins') . '" title="' . esc_attr__('Delete this plugin') . '" class="delete">' . __('Delete') . '</a>';
 				} // end if $is_active
 
 			 } // end if $screen->in_admin( 'network' )
 
 			if ( ( ! is_multisite() || $screen->in_admin( 'network' ) ) && current_user_can('edit_plugins') && is_writable(WP_PLUGIN_DIR . '/' . $plugin_file) )
-				$actions['edit'] = '<a href="plugin-editor.php?file=' . urlencode( $plugin_file ) . '" title="' . esc_attr__('Open this file in the Plugin Editor') . '" class="edit">' . __('Edit') . '</a>';
+				$actions['edit'] = '<a href="plugin-editor.php?file=' . $plugin_file . '" title="' . esc_attr__('Open this file in the Plugin Editor') . '" class="edit">' . __('Edit') . '</a>';
 		} // end if $context
 
 		$prefix = $screen->in_admin( 'network' ) ? 'network_admin_' : '';

wp-admin/includes/class-wp-posts-list-table.php

@@ -691,9 +691,8 @@ class WP_Posts_List_Table extends WP_List_Table {
 					echo '<div class="locked-info"><span class="locked-avatar">' . $locked_avatar . '</span> <span class="locked-text">' . $locked_text . "</span></div>\n";
 				}
 
-				if ( ! $this->hierarchical_display && 'excerpt' == $mode && current_user_can( 'read_post', $post->ID ) ) {
-						echo esc_html( get_the_excerpt() );
-				}
+				if ( ! $this->hierarchical_display && 'excerpt' == $mode && current_user_can( 'read_post', $post->ID ) )
+						the_excerpt();
 
 				$actions = array();
 				if ( $can_edit_post && 'trash' != $post->post_status ) {

wp-admin/includes/class-wp-upgrader.php

@@ -2326,12 +2326,8 @@ class File_Upload_Upgrader {
 			if ( ! ( ( $uploads = wp_upload_dir() ) && false === $uploads['error'] ) )
 				wp_die( $uploads['error'] );
 
-			$this->filename = sanitize_file_name( $_GET[ $urlholder ] );
+			$this->filename = $_GET[$urlholder];
 			$this->package = $uploads['basedir'] . '/' . $this->filename;
-
-			if ( 0 !== strpos( realpath( $this->package ), realpath( $uploads['basedir'] ) ) ) {
-				wp_die( __( 'Please select a file' ) );
-			}
 		}
 	}
 

wp-admin/includes/file.php

@@ -591,10 +591,6 @@ function _unzip_file_ziparchive($file, $to, $needed_dirs = array() ) {
 		if ( '__MACOSX/' === substr($info['name'], 0, 9) ) // Skip the OS X-created __MACOSX directory
 			continue;
 
-		if ( 0 !== validate_file( $info['name'] ) ) {
-			return new WP_Error( 'invalid_file_ziparchive', __( 'Could not extract file from archive.' ), $info['name'] );
-		}
-
 		$uncompressed_size += $info['size'];
 
 		if ( '/' == substr($info['name'], -1) ) // directory
@@ -748,10 +744,6 @@ function _unzip_file_pclzip($file, $to, $needed_dirs = array()) {
 		if ( '__MACOSX/' === substr($file['filename'], 0, 9) ) // Don't extract the OS X-created __MACOSX directory files
 			continue;
 
-		if ( 0 !== validate_file( $file['filename'] ) ) {
-			return new WP_Error( 'invalid_file_pclzip', __( 'Could not extract file from archive.' ), $file['filename'] );
-		}
-
 		if ( ! $wp_filesystem->put_contents( $to . $file['filename'], $file['content'], FS_CHMOD_FILE) )
 			return new WP_Error( 'copy_failed_pclzip', __( 'Could not copy file.' ), $file['filename'] );
 	}
@@ -1026,28 +1018,14 @@ function request_filesystem_credentials($form_post, $type = '', $error = false,
 
 	$credentials = get_option('ftp_credentials', array( 'hostname' => '', 'username' => ''));
 
-	$submitted_form = wp_unslash( $_POST );
-
-	// Verify nonce, or unset submitted form field values on failure
-	if ( ! isset( $_POST['_fs_nonce'] ) || ! wp_verify_nonce( $_POST['_fs_nonce'], 'filesystem-credentials' ) ) {
-		unset(
-			$submitted_form['hostname'],
-			$submitted_form['username'],
-			$submitted_form['password'],
-			$submitted_form['public_key'],
-			$submitted_form['private_key'],
-			$submitted_form['connection_type']
-		);
-	}
-
 	// If defined, set it to that, Else, If POST'd, set it to that, If not, Set it to whatever it previously was(saved details in option)
-	$credentials['hostname'] = defined('FTP_HOST') ? FTP_HOST : (!empty($submitted_form['hostname']) ? $submitted_form['hostname'] : $credentials['hostname']);
-	$credentials['username'] = defined('FTP_USER') ? FTP_USER : (!empty($submitted_form['username']) ? $submitted_form['username'] : $credentials['username']);
-	$credentials['password'] = defined('FTP_PASS') ? FTP_PASS : (!empty($submitted_form['password']) ? $submitted_form['password'] : '');
+	$credentials['hostname'] = defined('FTP_HOST') ? FTP_HOST : (!empty($_POST['hostname']) ? wp_unslash( $_POST['hostname'] ) : $credentials['hostname']);
+	$credentials['username'] = defined('FTP_USER') ? FTP_USER : (!empty($_POST['username']) ? wp_unslash( $_POST['username'] ) : $credentials['username']);
+	$credentials['password'] = defined('FTP_PASS') ? FTP_PASS : (!empty($_POST['password']) ? wp_unslash( $_POST['password'] ) : '');
 
 	// Check to see if we are setting the public/private keys for ssh
-	$credentials['public_key'] = defined('FTP_PUBKEY') ? FTP_PUBKEY : (!empty($submitted_form['public_key']) ? $submitted_form['public_key'] : '');
-	$credentials['private_key'] = defined('FTP_PRIKEY') ? FTP_PRIKEY : (!empty($submitted_form['private_key']) ? $submitted_form['private_key'] : '');
+	$credentials['public_key'] = defined('FTP_PUBKEY') ? FTP_PUBKEY : (!empty($_POST['public_key']) ? wp_unslash( $_POST['public_key'] ) : '');
+	$credentials['private_key'] = defined('FTP_PRIKEY') ? FTP_PRIKEY : (!empty($_POST['private_key']) ? wp_unslash( $_POST['private_key'] ) : '');
 
 	// Sanitize the hostname, Some people might pass in odd-data:
 	$credentials['hostname'] = preg_replace('|\w+://|', '', $credentials['hostname']); //Strip any schemes off
@@ -1064,8 +1042,8 @@ function request_filesystem_credentials($form_post, $type = '', $error = false,
 		$credentials['connection_type'] = 'ssh';
 	else if ( (defined('FTP_SSL') && FTP_SSL) && 'ftpext' == $type ) //Only the FTP Extension understands SSL
 		$credentials['connection_type'] = 'ftps';
-	else if ( !empty($submitted_form['connection_type']) )
-		$credentials['connection_type'] = $submitted_form['connection_type'];
+	else if ( !empty($_POST['connection_type']) )
+		$credentials['connection_type'] = wp_unslash( $_POST['connection_type'] );
 	else if ( !isset($credentials['connection_type']) ) //All else fails (And it's not defaulted to something else saved), Default to FTP
 		$credentials['connection_type'] = 'ftp';
 
@@ -1205,14 +1183,11 @@ jQuery(function($){
 
 <?php
 foreach ( (array) $extra_fields as $field ) {
-	if ( isset( $submitted_form[ $field ] ) )
-		echo '<input type="hidden" name="' . esc_attr( $field ) . '" value="' . esc_attr( $submitted_form[ $field ] ) . '" />';
+	if ( isset( $_POST[ $field ] ) )
+		echo '<input type="hidden" name="' . esc_attr( $field ) . '" value="' . esc_attr( wp_unslash( $_POST[ $field ] ) ) . '" />';
 }
+submit_button( __( 'Proceed' ), 'button', 'upgrade' );
 ?>
-	<p class="request-filesystem-credentials-action-buttons">
-		<?php wp_nonce_field( 'filesystem-credentials', '_fs_nonce', false, true ); ?>
-		<?php submit_button( __( 'Proceed' ), 'button', 'upgrade', false ); ?>
-	</p>
 </div>
 </form>
 <?php

wp-admin/includes/media.php

@@ -279,7 +279,7 @@ function media_handle_upload($file_id, $post_id, $post_data = array(), $override
 	$url = $file['url'];
 	$type = $file['type'];
 	$file = $file['file'];
-	$title = sanitize_text_field( $name );
+	$title = $name;
 	$content = '';
 
 	if ( preg_match( '#^audio#', $type ) ) {
@@ -450,7 +450,7 @@ wp_enqueue_style( 'ie' );
 <script type="text/javascript">
 //<![CDATA[
 addLoadEvent = function(func){if(typeof jQuery!="undefined")jQuery(document).ready(func);else if(typeof wpOnload!='function'){wpOnload=func;}else{var oldonload=wpOnload;wpOnload=function(){oldonload();func();}}};
-var ajaxurl = '<?php echo esc_js( admin_url( 'admin-ajax.php', 'relative' ) ); ?>', pagenow = 'media-upload-popup', adminpage = 'media-upload-popup',
+var ajaxurl = '<?php echo admin_url( 'admin-ajax.php', 'relative' ); ?>', pagenow = 'media-upload-popup', adminpage = 'media-upload-popup',
 isRtl = <?php echo (int) is_rtl(); ?>;
 //]]>
 </script>
@@ -2721,11 +2721,8 @@ function edit_form_image_editor( $post ) {
 	<label for="content"><strong><?php _e( 'Description' ); ?></strong><?php
 	if ( preg_match( '#^(audio|video)/#', $post->post_mime_type ) ) {
 		echo ': ' . __( 'Displayed on attachment pages.' );
-	}
-
-	?>
-	</label>
-	<?php wp_editor( format_to_edit( $post->post_content ), 'attachment_content', $editor_args ); ?>
+	} ?></label>
+	<?php wp_editor( $post->post_content, 'attachment_content', $editor_args ); ?>
 
 	</div>
 	<?php
@@ -2896,7 +2893,7 @@ function wp_add_id3_tag_data( &$metadata, $data ) {
 		if ( ! empty( $data[$version]['comments'] ) ) {
 			foreach ( $data[$version]['comments'] as $key => $list ) {
 				if ( 'length' !== $key && ! empty( $list ) ) {
-					$metadata[$key] = wp_kses_post( reset( $list ) );
+					$metadata[$key] = reset( $list );
 					// Fix bug in byte stream analysis.
 					if ( 'terms_of_use' === $key && 0 === strpos( $metadata[$key], 'yright notice.' ) )
 						$metadata[$key] = 'Cop' . $metadata[$key];

wp-admin/includes/misc.php

@@ -405,48 +405,24 @@ function set_screen_options() {
 					return;
 				break;
 			default:
-				$screen_option = false;
-
-				if ( '_page' === substr( $option, -5 ) || 'layout_columns' === $option ) {
-					/**
-					 * Filters a screen option value before it is set.
-					 *
-					 * The filter can also be used to modify non-standard [items]_per_page
-					 * settings. See the parent function for a full list of standard options.
-					 *
-					 * Returning false to the filter will skip saving the current option.
-					 *
-					 * @since 2.8.0
-					 * @since 5.4.2 Only applied to options ending with '_page',
-					 *              or the 'layout_columns' option.
-					 *
-					 * @see set_screen_options()
-					 *
-					 * @param mixed  $screen_option The value to save instead of the option value.
-					 *                              Default false (to skip saving the current option).
-					 * @param string $option        The option name.
-					 * @param int    $value         The option value.
-					 */
-					$screen_option = apply_filters( 'set-screen-option', $screen_option, $option, $value ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores
-				}
 
 				/**
 				 * Filter a screen option value before it is set.
 				 *
-				 * The dynamic portion of the hook, `$option`, refers to the option name.
+				 * The filter can also be used to modify non-standard [items]_per_page
+				 * settings. See the parent function for a full list of standard options.
 				 *
 				 * Returning false to the filter will skip saving the current option.
 				 *
-				 * @since 5.4.2
+				 * @since 2.8.0
 				 *
 				 * @see set_screen_options()
 				 *
-				 * @param mixed   $screen_option The value to save instead of the option value.
-				 *                               Default false (to skip saving the current option).
-				 * @param string  $option        The option name.
-				 * @param int     $value         The option value.
+				 * @param bool|int $value  Screen option value. Default false to skip.
+				 * @param string   $option The option name.
+				 * @param int      $value  The number of rows to use.
 				 */
-				$value = apply_filters( "set_screen_option_{$option}", $screen_option, $option, $value );
+				$value = apply_filters( 'set-screen-option', false, $option, $value );
 
 				if ( false === $value )
 					return;

wp-admin/includes/ms.php

@@ -956,7 +956,7 @@ function _thickbox_path_admin_subfolder() {
 ?>
 <script type="text/javascript">
 //<![CDATA[
-var tb_pathToImage = '<?php echo esc_js( includes_url( 'js/thickbox/loadingAnimation.gif', 'relative' ) ); ?>';
+var tb_pathToImage = "<?php echo includes_url( 'js/thickbox/loadingAnimation.gif', 'relative' ); ?>";
 //]]>
 </script>
 <?php

wp-admin/includes/post.php

@@ -175,27 +175,6 @@ function _wp_translate_postdata( $update = false, $post_data = null ) {
 	return $post_data;
 }
 
-/**
- * Returns only allowed post data fields
- *
- * @since 4.9.9
- *
- * @param array $post_data Array of post data. Defaults to the contents of $_POST.
- * @return object|bool WP_Error on failure, true on success.
- */
-function _wp_get_allowed_postdata( $post_data = null ) {
-	if ( empty( $post_data ) ) {
-		$post_data = $_POST;
-	}
-
-	// Pass through errors
-	if ( is_wp_error( $post_data ) ) {
-		return $post_data;
-	}
-
-	return array_diff_key( $post_data, array_flip( array( 'meta_input', 'file', 'guid' ) ) );
-}
-
 /**
  * Update an existing post with values provided in $_POST.
  *
@@ -262,7 +241,6 @@ function edit_post( $post_data = null ) {
 	$post_data = _wp_translate_postdata( true, $post_data );
 	if ( is_wp_error($post_data) )
 		wp_die( $post_data->get_error_message() );
-	$translated = _wp_get_allowed_postdata( $post_data );
 
 	// Post Formats
 	if ( isset( $post_data['post_format'] ) )
@@ -340,25 +318,25 @@ function edit_post( $post_data = null ) {
 		$attachment_data = isset( $post_data['attachments'][ $post_ID ] ) ? $post_data['attachments'][ $post_ID ] : array();
 
 		/** This filter is documented in wp-admin/includes/media.php */
-		$translated = apply_filters( 'attachment_fields_to_save', $translated, $attachment_data );
+		$post_data = apply_filters( 'attachment_fields_to_save', $post_data, $attachment_data );
 	}
 
 	add_meta( $post_ID );
 
 	update_post_meta( $post_ID, '_edit_last', get_current_user_id() );
 
-	$success = wp_update_post( $translated );
+	$success = wp_update_post( $post_data );
 	// If the save failed, see if we can sanity check the main fields and try again
 	if ( ! $success && is_callable( array( $wpdb, 'strip_invalid_text_for_column' ) ) ) {
 		$fields = array( 'post_title', 'post_content', 'post_excerpt' );
 
 		foreach( $fields as $field ) {
-			if ( isset( $translated[ $field ] ) ) {
-				$translated[ $field ] = $wpdb->strip_invalid_text_for_column( $wpdb->posts, $field, $translated[ $field ] );
+			if ( isset( $post_data[ $field ] ) ) {
+				$post_data[ $field ] = $wpdb->strip_invalid_text_for_column( $wpdb->posts, $field, $post_data[ $field ] );
 			}
 		}
 
-		wp_update_post( $translated );
+		wp_update_post( $post_data );
 	}
 
 	// Now that we have an ID we can fix any attachment anchor hrefs
@@ -516,9 +494,9 @@ function bulk_edit_posts( $post_data = null ) {
 			unset( $post_data['tax_input']['category'] );
 		}
 
-		$post_data['post_ID']        = $post_ID;
 		$post_data['post_type'] = $post->post_type;
 		$post_data['post_mime_type'] = $post->post_mime_type;
+		$post_data['guid'] = $post->guid;
 
 		foreach ( array( 'comment_status', 'ping_status', 'post_author' ) as $field ) {
 			if ( ! isset( $post_data[ $field ] ) ) {
@@ -526,12 +504,14 @@ function bulk_edit_posts( $post_data = null ) {
 			}
 		}
 
+		$post_data['ID'] = $post_ID;
+		$post_data['post_ID'] = $post_ID;
+
 		$post_data = _wp_translate_postdata( true, $post_data );
 		if ( is_wp_error( $post_data ) ) {
 			$skipped[] = $post_ID;
 			continue;
 		}
-		$post_data = _wp_get_allowed_postdata( $post_data );
 
 		$updated[] = wp_update_post( $post_data );
 
@@ -542,8 +522,8 @@ function bulk_edit_posts( $post_data = null ) {
 				unstick_post( $post_ID );
 		}
 
-		if ( isset( $shared_post_data['post_format'] ) )
-			set_post_format( $post_ID, $shared_post_data['post_format'] );
+		if ( isset( $post_data['post_format'] ) )
+			set_post_format( $post_ID, $post_data['post_format'] );
 	}
 
 	return array( 'updated' => $updated, 'skipped' => $skipped, 'locked' => $locked );
@@ -719,10 +699,9 @@ function wp_write_post() {
 	$translated = _wp_translate_postdata( false );
 	if ( is_wp_error($translated) )
 		return $translated;
-	$translated = _wp_get_allowed_postdata( $translated );
 
 	// Create the post.
-	$post_ID = wp_insert_post( $translated );
+	$post_ID = wp_insert_post( $_POST );
 	if ( is_wp_error( $post_ID ) )
 		return $post_ID;
 
@@ -1560,7 +1539,6 @@ function wp_create_post_autosave( $post_data ) {
 	$post_data = _wp_translate_postdata( true, $post_data );
 	if ( is_wp_error( $post_data ) )
 		return $post_data;
-	$post_data = _wp_get_allowed_postdata( $post_data );
 
 	$post_author = get_current_user_id();
 

wp-admin/includes/screen.php

@@ -448,9 +448,7 @@ final class WP_Screen {
 
 			switch ( $base ) {
 				case 'post' :
-					if ( isset( $_GET['post'] ) && isset( $_POST['post_ID'] ) && (int) $_GET['post'] !== (int) $_POST['post_ID'] )
-						wp_die( __( 'A post ID mismatch has been detected.' ), __( 'Sorry, you are not allowed to edit this item.' ), 400 );
-					elseif ( isset( $_GET['post'] ) )
+					if ( isset( $_GET['post'] ) )
 						$post_id = (int) $_GET['post'];
 					elseif ( isset( $_POST['post_ID'] ) )
 						$post_id = (int) $_POST['post_ID'];
@@ -972,8 +970,7 @@ final class WP_Screen {
 
 		switch ( $this->base ) {
 			case 'widgets':
-				$nonce = wp_create_nonce( 'widgets-access' );
-				$this->_screen_settings = '<p><a id="access-on" href="widgets.php?widgets-access=on&_wpnonce=' . urlencode( $nonce ) . '">' . __('Enable accessibility mode') . '</a><a id="access-off" href="widgets.php?widgets-access=off&_wpnonce=' . urlencode( $nonce ) . '">' . __('Disable accessibility mode') . "</a></p>\n";
+				$this->_screen_settings = '<p><a id="access-on" href="widgets.php?widgets-access=on">' . __('Enable accessibility mode') . '</a><a id="access-off" href="widgets.php?widgets-access=off">' . __('Disable accessibility mode') . "</a></p>\n";
 				break;
 			case 'post' :
 				$expand = '<div class="editor-expand hidden"><label for="editor-expand-toggle">';

wp-admin/includes/template.php

@@ -800,7 +800,7 @@ function page_template_dropdown( $default = '' ) {
 	ksort( $templates );
 	foreach ( array_keys( $templates ) as $template ) {
 		$selected = selected( $default, $templates[ $template ], false );
-		echo "\n\t<option value='" . esc_attr( $templates[ $template ] ) . "' $selected>" . esc_html( $template ) . "</option>";
+		echo "\n\t<option value='" . $templates[ $template ] . "' $selected>$template</option>";
 	}
 }
 
@@ -1547,12 +1547,12 @@ wp_enqueue_style( 'colors' );
 //<![CDATA[
 addLoadEvent = function(func){if(typeof jQuery!="undefined")jQuery(document).ready(func);else if(typeof wpOnload!='function'){wpOnload=func;}else{var oldonload=wpOnload;wpOnload=function(){oldonload();func();}}};
 function tb_close(){var win=window.dialogArguments||opener||parent||top;win.tb_remove();}
-var ajaxurl = '<?php echo esc_js( admin_url( 'admin-ajax.php', 'relative' ) ); ?>',
-	pagenow = '<?php echo esc_js( $current_screen->id ); ?>',
-	typenow = '<?php echo esc_js( $current_screen->post_type ); ?>',
-	adminpage = '<?php echo esc_js( $admin_body_class ); ?>',
-	thousandsSeparator = '<?php echo esc_js( $wp_locale->number_format['thousands_sep'] ); ?>',
-	decimalPoint = '<?php echo esc_js( $wp_locale->number_format['decimal_point'] ); ?>',
+var ajaxurl = '<?php echo admin_url( 'admin-ajax.php', 'relative' ); ?>',
+	pagenow = '<?php echo $current_screen->id; ?>',
+	typenow = '<?php echo $current_screen->post_type; ?>',
+	adminpage = '<?php echo $admin_body_class; ?>',
+	thousandsSeparator = '<?php echo addslashes( $wp_locale->number_format['thousands_sep'] ); ?>',
+	decimalPoint = '<?php echo addslashes( $wp_locale->number_format['decimal_point'] ); ?>',
 	isRtl = <?php echo (int) is_rtl(); ?>;
 //]]>
 </script>

wp-admin/includes/update-core.php

@@ -695,9 +695,6 @@ $_old_files = array(
 'wp-includes/js/jquery/ui/jquery.ui.tooltip.min.js',
 'wp-includes/js/jquery/ui/jquery.ui.widget.min.js',
 'wp-includes/js/tinymce/skins/wordpress/images/dashicon-no-alt.png',
-// 4.9.2
-'wp-includes/js/mediaelement/flashmediaelement.swf',
-'wp-includes/js/mediaelement/silverlightmediaelement.xap',
 );
 
 /**
@@ -1048,11 +1045,7 @@ function update_core($from, $to) {
 		$old_file = $to . $old_file;
 		if ( !$wp_filesystem->exists($old_file) )
 			continue;
-
-		// If the file isn't deleted, try writing an empty string to the file instead.
-		if ( ! $wp_filesystem->delete( $old_file, true ) && $wp_filesystem->is_file( $old_file ) ) {
-			$wp_filesystem->put_contents( $old_file, '' );
-		}
+		$wp_filesystem->delete($old_file, true);
 	}
 
 	// Remove any Genericons example.html's from the filesystem

wp-admin/js/custom-background.js

@@ -56,13 +56,11 @@
 			frame.on( 'select', function() {
 				// Grab the selected attachment.
 				var attachment = frame.state().get('selection').first();
-				var nonceValue = $( '#_wpnonce' ).val() || '';
 
 				// Run an AJAX request to set the background image.
 				$.post( ajaxurl, {
 					action: 'set-background-image',
 					attachment_id: attachment.id,
-					_ajax_nonce: nonceValue,
 					size: 'full'
 				}).done( function() {
 					// When the request completes, reload the window.

wp-admin/js/custom-background.min.js

@@ -1 +1 @@
-!function(a){a(document).ready(function(){var b,c=a("#custom-background-image");a("#background-color").wpColorPicker({change:function(a,b){c.css("background-color",b.color.toString())},clear:function(){c.css("background-color","")}}),a('input[name="background-position-x"]').change(function(){c.css("background-position",a(this).val()+" top")}),a('input[name="background-repeat"]').change(function(){c.css("background-repeat",a(this).val())}),a("#choose-from-library-link").click(function(c){var d=a(this);return c.preventDefault(),b?void b.open():(b=wp.media.frames.customBackground=wp.media({title:d.data("choose"),library:{type:"image"},button:{text:d.data("update"),close:!1}}),b.on("select",function(){var c=b.state().get("selection").first(),d=a("#_wpnonce").val()||"";a.post(ajaxurl,{action:"set-background-image",attachment_id:c.id,_ajax_nonce:d,size:"full"}).done(function(){window.location.reload()})}),void b.open())})})}(jQuery);
+!function(a){a(document).ready(function(){var b,c=a("#custom-background-image");a("#background-color").wpColorPicker({change:function(a,b){c.css("background-color",b.color.toString())},clear:function(){c.css("background-color","")}}),a('input[name="background-position-x"]').change(function(){c.css("background-position",a(this).val()+" top")}),a('input[name="background-repeat"]').change(function(){c.css("background-repeat",a(this).val())}),a("#choose-from-library-link").click(function(c){var d=a(this);return c.preventDefault(),b?void b.open():(b=wp.media.frames.customBackground=wp.media({title:d.data("choose"),library:{type:"image"},button:{text:d.data("update"),close:!1}}),b.on("select",function(){var c=b.state().get("selection").first();a.post(ajaxurl,{action:"set-background-image",attachment_id:c.id,size:"full"}).done(function(){window.location.reload()})}),void b.open())})})}(jQuery);

wp-admin/js/customize-controls.js

@@ -2003,16 +2003,6 @@
 			}
 		});
 
-		// Ensure preview nonce is included with every customized request, to allow post data to be read.
-		$.ajaxPrefilter( function injectPreviewNonce( options ) {
-			if ( ! /wp_customize=on/.test( options.data ) ) {
-				return;
-			}
-			options.data += '&' + $.param({
-				customize_preview_nonce: api.settings.nonce.preview
-			});
-		});
-
 		// Refresh the nonces if the preview sends updated nonces over.
 		api.previewer.bind( 'nonce', function( nonce ) {
 			$.extend( this.nonce, nonce );

wp-admin/js/media-gallery.js

@@ -1,7 +1,7 @@
 /* global ajaxurl */
 jQuery(function($){
 	$( 'body' ).bind( 'click.wp-gallery', function(e){
-		var target = $( e.target ), id, img_size, nonceValue;
+		var target = $( e.target ), id, img_size;
 
 		if ( target.hasClass( 'wp-set-header' ) ) {
 			( window.dialogArguments || opener || parent || top ).location.href = target.data( 'location' );
@@ -9,12 +9,10 @@ jQuery(function($){
 		} else if ( target.hasClass( 'wp-set-background' ) ) {
 			id = target.data( 'attachment-id' );
 			img_size = $( 'input[name="attachments[' + id + '][image-size]"]:checked').val();
-			nonceValue = $( '#_wpnonce' ).val() && '';
 
 			jQuery.post(ajaxurl, {
 				action: 'set-background-image',
 				attachment_id: id,
-				_ajax_nonce: nonceValue,
 				size: img_size
 			}, function(){
 				var win = window.dialogArguments || opener || parent || top;

wp-admin/js/media-gallery.min.js

@@ -1 +1 @@
-jQuery(function(a){a("body").bind("click.wp-gallery",function(b){var c,d,e,f=a(b.target);f.hasClass("wp-set-header")?((window.dialogArguments||opener||parent||top).location.href=f.data("location"),b.preventDefault()):f.hasClass("wp-set-background")&&(c=f.data("attachment-id"),d=a('input[name="attachments['+c+'][image-size]"]:checked').val(),e=a("#_wpnonce").val()&&"",jQuery.post(ajaxurl,{action:"set-background-image",attachment_id:c,_ajax_nonce:e,size:d},function(){var a=window.dialogArguments||opener||parent||top;a.tb_remove(),a.location.reload()}),b.preventDefault())})});
+jQuery(function(a){a("body").bind("click.wp-gallery",function(b){var c,d,e=a(b.target);e.hasClass("wp-set-header")?((window.dialogArguments||opener||parent||top).location.href=e.data("location"),b.preventDefault()):e.hasClass("wp-set-background")&&(c=e.data("attachment-id"),d=a('input[name="attachments['+c+'][image-size]"]:checked').val(),jQuery.post(ajaxurl,{action:"set-background-image",attachment_id:c,size:d},function(){var a=window.dialogArguments||opener||parent||top;a.tb_remove(),a.location.reload()}),b.preventDefault())})});

wp-admin/media-new.php

@@ -72,9 +72,9 @@ if ( get_user_setting('uploader') || isset( $_GET['browser-uploader'] ) )
 	<?php media_upload_form(); ?>
 
 	<script type="text/javascript">
-	var post_id = <?php echo absint( $post_id ); ?>, shortform = 3;
+	var post_id = <?php echo $post_id; ?>, shortform = 3;
 	</script>
-	<input type="hidden" name="post_id" id="post_id" value="<?php echo absint( $post_id ); ?>" />
+	<input type="hidden" name="post_id" id="post_id" value="<?php echo $post_id; ?>" />
 	<?php wp_nonce_field('media-form'); ?>
 	<div id="media-items" class="hide-if-no-js"></div>
 	</form>

wp-admin/network/site-users.php

@@ -178,7 +178,7 @@ require( ABSPATH . 'wp-admin/admin-header.php' ); ?>
 
 <script type="text/javascript">
 /* <![CDATA[ */
-var current_site_id = <?php echo absint( $id ); ?>;
+var current_site_id = <?php echo $id; ?>;
 /* ]]> */
 </script>
 

wp-admin/plugin-editor.php

@@ -93,9 +93,9 @@ default:
 			wp_die( $error );
 
 		if ( ( ! empty( $_GET['networkwide'] ) && ! is_plugin_active_for_network($file) ) || ! is_plugin_active($file) )
-			activate_plugin($file, "plugin-editor.php?file=" . urlencode( $file ) . "&phperror=1", ! empty( $_GET['networkwide'] ) ); // we'll override this later if the plugin can be included without fatal error
+			activate_plugin($file, "plugin-editor.php?file=$file&phperror=1", ! empty( $_GET['networkwide'] ) ); // we'll override this later if the plugin can be included without fatal error
 
-		wp_redirect( self_admin_url("plugin-editor.php?file=" . urlencode( $file ) . "&a=te&scrollto=$scrollto") );
+		wp_redirect( self_admin_url("plugin-editor.php?file=$file&a=te&scrollto=$scrollto") );
 		exit;
 	}
 
@@ -181,14 +181,14 @@ default:
 <big><?php
 	if ( is_plugin_active($plugin) ) {
 		if ( is_writeable($real_file) )
-			echo sprintf(__('Editing <strong>%s</strong> (active)'), esc_html( $file ) );
+			echo sprintf(__('Editing <strong>%s</strong> (active)'), $file);
 		else
-			echo sprintf(__('Browsing <strong>%s</strong> (active)'), esc_html( $file ) );
+			echo sprintf(__('Browsing <strong>%s</strong> (active)'), $file);
 	} else {
 		if ( is_writeable($real_file) )
-			echo sprintf(__('Editing <strong>%s</strong> (inactive)'), esc_html( $file ) );
+			echo sprintf(__('Editing <strong>%s</strong> (inactive)'), $file);
 		else
-			echo sprintf(__('Browsing <strong>%s</strong> (inactive)'), esc_html( $file ) );
+			echo sprintf(__('Browsing <strong>%s</strong> (inactive)'), $file);
 	}
 	?></big>
 </div>
@@ -232,7 +232,7 @@ foreach ( $plugin_files as $plugin_file ) :
 		continue;
 	}
 ?>
-		<li<?php echo $file == $plugin_file ? ' class="highlight"' : ''; ?>><a href="plugin-editor.php?file=<?php echo urlencode( $plugin_file ) ?>&amp;plugin=<?php echo urlencode( $plugin ) ?>"><?php echo esc_html( $plugin_file ); ?></a></li>
+		<li<?php echo $file == $plugin_file ? ' class="highlight"' : ''; ?>><a href="plugin-editor.php?file=<?php echo urlencode( $plugin_file ) ?>&amp;plugin=<?php echo urlencode( $plugin ) ?>"><?php echo $plugin_file ?></a></li>
 <?php endforeach; ?>
 	</ul>
 </div>

wp-admin/plugins.php

@@ -17,7 +17,7 @@ $pagenum = $wp_list_table->get_pagenum();
 
 $action = $wp_list_table->current_action();
 
-$plugin = isset($_REQUEST['plugin']) ? wp_unslash( $_REQUEST['plugin'] ) : '';
+$plugin = isset($_REQUEST['plugin']) ? $_REQUEST['plugin'] : '';
 $s = isset($_REQUEST['s']) ? urlencode($_REQUEST['s']) : '';
 
 // Clean up request URI from temporary args for screen options/paging uri's to work as expected.
@@ -37,10 +37,10 @@ if ( $action ) {
 
 			check_admin_referer('activate-plugin_' . $plugin);
 
-			$result = activate_plugin($plugin, self_admin_url('plugins.php?error=true&plugin=' . urlencode( $plugin ) ), is_network_admin() );
+			$result = activate_plugin($plugin, self_admin_url('plugins.php?error=true&plugin=' . $plugin), is_network_admin() );
 			if ( is_wp_error( $result ) ) {
 				if ( 'unexpected_output' == $result->get_error_code() ) {
-					$redirect = self_admin_url('plugins.php?error=true&charsout=' . strlen($result->get_error_data()) . '&plugin=' . urlencode( $plugin ) . "&plugin_status=$status&paged=$page&s=$s");
+					$redirect = self_admin_url('plugins.php?error=true&charsout=' . strlen($result->get_error_data()) . '&plugin=' . $plugin . "&plugin_status=$status&paged=$page&s=$s");
 					wp_redirect(add_query_arg('_error_nonce', wp_create_nonce('plugin-activation-error_' . $plugin), $redirect));
 					exit;
 				} else {
@@ -67,7 +67,7 @@ if ( $action ) {
 
 			check_admin_referer('bulk-plugins');
 
-			$plugins = isset( $_POST['checked'] ) ? (array) wp_unslash( $_POST['checked'] ) : array();
+			$plugins = isset( $_POST['checked'] ) ? (array) $_POST['checked'] : array();
 
 			if ( is_network_admin() ) {
 				foreach ( $plugins as $i => $plugin ) {
@@ -107,9 +107,9 @@ if ( $action ) {
 			check_admin_referer( 'bulk-plugins' );
 
 			if ( isset( $_GET['plugins'] ) )
-				$plugins = explode( ',', wp_unslash( $_GET['plugins'] ) );
+				$plugins = explode( ',', $_GET['plugins'] );
 			elseif ( isset( $_POST['checked'] ) )
-				$plugins = (array) wp_unslash( $_POST['checked'] );
+				$plugins = (array) $_POST['checked'];
 			else
 				$plugins = array();
 
@@ -181,7 +181,7 @@ if ( $action ) {
 
 			check_admin_referer('bulk-plugins');
 
-			$plugins = isset( $_POST['checked'] ) ? (array) wp_unslash( $_POST['checked'] ) : array();
+			$plugins = isset( $_POST['checked'] ) ? (array) $_POST['checked'] : array();
 			// Do not deactivate plugins which are already deactivated.
 			if ( is_network_admin() ) {
 				$plugins = array_filter( $plugins, 'is_plugin_active_for_network' );
@@ -214,7 +214,7 @@ if ( $action ) {
 			check_admin_referer('bulk-plugins');
 
 			//$_POST = from the plugin form; $_GET = from the FTP details screen.
-			$plugins = isset( $_REQUEST['checked'] ) ? (array) wp_unslash( $_REQUEST['checked'] ) : array();
+			$plugins = isset( $_REQUEST['checked'] ) ? (array) $_REQUEST['checked'] : array();
 			if ( empty( $plugins ) ) {
 				wp_redirect( self_admin_url("plugins.php?plugin_status=$status&paged=$page&s=$s") );
 				exit;
@@ -226,14 +226,6 @@ if ( $action ) {
 				exit;
 			}
 
-			// Bail on all if any paths are invalid.
-			// validate_file() returns truthy for invalid files
-			$invalid_plugin_files = array_filter( $plugins, 'validate_file' );
-			if ( $invalid_plugin_files ) {
-				wp_redirect( self_admin_url("plugins.php?plugin_status=$status&paged=$page&s=$s") );
-				exit;
-			}
-
 			include(ABSPATH . 'wp-admin/update.php');
 
 			$parent_file = 'plugins.php';

wp-admin/post.php

@@ -16,9 +16,7 @@ $submenu_file = 'edit.php';
 
 wp_reset_vars( array( 'action' ) );
 
-if ( isset( $_GET['post'] ) && isset( $_POST['post_ID'] ) && (int) $_GET['post'] !== (int) $_POST['post_ID'] )
-	wp_die( __( 'A post ID mismatch has been detected.' ), __( 'Sorry, you are not allowed to edit this item.' ), 400 );
-elseif ( isset( $_GET['post'] ) )
+if ( isset( $_GET['post'] ) )
  	$post_id = $post_ID = (int) $_GET['post'];
 elseif ( isset( $_POST['post_ID'] ) )
  	$post_id = $post_ID = (int) $_POST['post_ID'];
@@ -84,10 +82,6 @@ function redirect_post($post_id = '') {
 	exit;
 }
 
-if ( isset( $_POST['post_type'] ) && $post && $post_type !== $_POST['post_type'] ) {
-	wp_die( __( 'A post type mismatch has been detected.' ), __( 'Sorry, you are not allowed to edit this item.' ), 400 );
-}
-
 if ( isset( $_POST['deletepost'] ) )
 	$action = 'delete';
 elseif ( isset($_POST['wp-preview']) && 'dopreview' == $_POST['wp-preview'] )
@@ -227,7 +221,7 @@ case 'editattachment':
 
 	// Update the thumbnail filename
 	$newmeta = wp_get_attachment_metadata( $post_id, true );
-	$newmeta['thumb'] = wp_basename( $_POST['thumb'] );
+	$newmeta['thumb'] = $_POST['thumb'];
 
 	wp_update_attachment_metadata( $post_id, $newmeta );
 

wp-admin/press-this.php

@@ -32,25 +32,8 @@ function press_it() {
 	if ( !current_user_can('edit_post', $post_ID) )
 		wp_die(__('You are not allowed to edit this post.'));
 
-	// Only accept categories if the user actually can assign
-	$category_tax = get_taxonomy( 'category' );
-	if ( current_user_can( $category_tax->cap->assign_terms ) ) {
-		$post['post_category'] = ( ! empty( $_POST['post_category'] ) ) ? $_POST['post_category'] : array();
-	}
-
-	// Only accept taxonomies if the user can actually assign
-	if ( ! empty( $_POST['tax_input'] ) ) {
-		$tax_input = $_POST['tax_input'];
-		foreach ( $tax_input as $tax => $_ti ) {
-			$tax_object = get_taxonomy( $tax );
-			if ( ! $tax_object || ! current_user_can( $tax_object->cap->assign_terms ) ) {
-				unset( $tax_input[ $tax ] );
-			}
-		}
-
-		$post['tax_input'] = $tax_input;
-	}
-
+	$post['post_category'] = isset($_POST['post_category']) ? $_POST['post_category'] : '';
+	$post['tax_input'] = isset($_POST['tax_input']) ? $_POST['tax_input'] : '';
 	$post['post_title'] = isset($_POST['title']) ? $_POST['title'] : '';
 	$content = isset($_POST['content']) ? $_POST['content'] : '';
 
@@ -540,81 +523,75 @@ $admin_body_class .= ' locale-' . sanitize_html_class( strtolower( str_replace(
 				</div>
 			</div>
 
-			<?php
+			<?php $tax = get_taxonomy( 'category' ); ?>
+			<div id="categorydiv" class="postbox">
+				<div class="handlediv" title="<?php esc_attr_e( 'Click to toggle' ); ?>"><br /></div>
+				<h3 class="hndle"><?php _e('Categories') ?></h3>
+				<div class="inside">
+				<div id="taxonomy-category" class="categorydiv">
 
-			$tax = get_taxonomy( 'category' );
-			if ( current_user_can( $tax->cap->assign_terms ) ) :
-				?>
-				<div id="categorydiv" class="postbox">
-					<div class="handlediv" title="<?php esc_attr_e( 'Click to toggle' ); ?>"><br /></div>
-					<h3 class="hndle"><?php _e('Categories') ?></h3>
-					<div class="inside">
-					<div id="taxonomy-category" class="categorydiv">
+					<ul id="category-tabs" class="category-tabs">
+						<li class="tabs"><a href="#category-all"><?php echo $tax->labels->all_items; ?></a></li>
+						<li class="hide-if-no-js"><a href="#category-pop"><?php _e( 'Most Used' ); ?></a></li>
+					</ul>
 
-						<ul id="category-tabs" class="category-tabs">
-							<li class="tabs"><a href="#category-all"><?php echo $tax->labels->all_items; ?></a></li>
-							<li class="hide-if-no-js"><a href="#category-pop"><?php _e( 'Most Used' ); ?></a></li>
+					<div id="category-pop" class="tabs-panel" style="display: none;">
+						<ul id="categorychecklist-pop" class="categorychecklist form-no-clear" >
+							<?php $popular_ids = wp_popular_terms_checklist( 'category' ); ?>
 						</ul>
-
-						<div id="category-pop" class="tabs-panel" style="display: none;">
-							<ul id="categorychecklist-pop" class="categorychecklist form-no-clear" >
-								<?php $popular_ids = wp_popular_terms_checklist( 'category' ); ?>
-							</ul>
-						</div>
-
-						<div id="category-all" class="tabs-panel">
-							<ul id="categorychecklist" data-wp-lists="list:category" class="categorychecklist form-no-clear">
-								<?php wp_terms_checklist($post_ID, array( 'taxonomy' => 'category', 'popular_cats' => $popular_ids ) ) ?>
-							</ul>
-						</div>
-
-						<?php if ( current_user_can($tax->cap->edit_terms) ) : ?>
-							<div id="category-adder" class="wp-hidden-children">
-								<h4>
-									<a id="category-add-toggle" href="#category-add" class="hide-if-no-js">
-										<?php printf( __( '+ %s' ), $tax->labels->add_new_item ); ?>
-									</a>
-								</h4>
-								<p id="category-add" class="category-add wp-hidden-child">
-									<label class="screen-reader-text" for="newcategory"><?php echo $tax->labels->add_new_item; ?></label>
-									<input type="text" name="newcategory" id="newcategory" class="form-required form-input-tip" value="<?php echo esc_attr( $tax->labels->new_item_name ); ?>" aria-required="true"/>
-									<label class="screen-reader-text" for="newcategory_parent">
-										<?php echo $tax->labels->parent_item_colon; ?>
-									</label>
-									<?php wp_dropdown_categories( array( 'taxonomy' => 'category', 'hide_empty' => 0, 'name' => 'newcategory_parent', 'orderby' => 'name', 'hierarchical' => 1, 'show_option_none' => '&mdash; ' . $tax->labels->parent_item . ' &mdash;' ) ); ?>
-									<input type="button" id="category-add-submit" data-wp-lists="add:categorychecklist:category-add" class="button category-add-submit" value="<?php echo esc_attr( $tax->labels->add_new_item ); ?>" />
-									<?php wp_nonce_field( 'add-category', '_ajax_nonce-add-category', false ); ?>
-									<span id="category-ajax-response"></span>
-								</p>
-							</div>
-						<?php endif; ?>
 					</div>
+
+					<div id="category-all" class="tabs-panel">
+						<ul id="categorychecklist" data-wp-lists="list:category" class="categorychecklist form-no-clear">
+							<?php wp_terms_checklist($post_ID, array( 'taxonomy' => 'category', 'popular_cats' => $popular_ids ) ) ?>
+						</ul>
 					</div>
+
+					<?php if ( !current_user_can($tax->cap->assign_terms) ) : ?>
+					<p><em><?php _e('You cannot modify this Taxonomy.'); ?></em></p>
+					<?php endif; ?>
+					<?php if ( current_user_can($tax->cap->edit_terms) ) : ?>
+						<div id="category-adder" class="wp-hidden-children">
+							<h4>
+								<a id="category-add-toggle" href="#category-add" class="hide-if-no-js">
+									<?php printf( __( '+ %s' ), $tax->labels->add_new_item ); ?>
+								</a>
+							</h4>
+							<p id="category-add" class="category-add wp-hidden-child">
+								<label class="screen-reader-text" for="newcategory"><?php echo $tax->labels->add_new_item; ?></label>
+								<input type="text" name="newcategory" id="newcategory" class="form-required form-input-tip" value="<?php echo esc_attr( $tax->labels->new_item_name ); ?>" aria-required="true"/>
+								<label class="screen-reader-text" for="newcategory_parent">
+									<?php echo $tax->labels->parent_item_colon; ?>
+								</label>
+								<?php wp_dropdown_categories( array( 'taxonomy' => 'category', 'hide_empty' => 0, 'name' => 'newcategory_parent', 'orderby' => 'name', 'hierarchical' => 1, 'show_option_none' => '&mdash; ' . $tax->labels->parent_item . ' &mdash;' ) ); ?>
+								<input type="button" id="category-add-submit" data-wp-lists="add:categorychecklist:category-add" class="button category-add-submit" value="<?php echo esc_attr( $tax->labels->add_new_item ); ?>" />
+								<?php wp_nonce_field( 'add-category', '_ajax_nonce-add-category', false ); ?>
+								<span id="category-ajax-response"></span>
+							</p>
+						</div>
+					<?php endif; ?>
 				</div>
-			<?php endif;
-
-			$tax = get_taxonomy( 'post_tag' );
-			if ( current_user_can( $tax->cap->assign_terms ) ) :
-				?>
-				<div id="tagsdiv-post_tag" class="postbox">
-					<div class="handlediv" title="<?php esc_attr_e( 'Click to toggle' ); ?>"><br /></div>
-					<h3><span><?php _e('Tags'); ?></span></h3>
-					<div class="inside">
-						<div class="tagsdiv" id="post_tag">
-							<div class="jaxtag">
-								<label class="screen-reader-text" for="newtag"><?php _e('Tags'); ?></label>
-								<input type="hidden" name="tax_input[post_tag]" class="the-tags" id="tax-input[post_tag]" value="" />
-								<div class="ajaxtag">
-									<input type="text" name="newtag[post_tag]" class="newtag form-input-tip" size="16" autocomplete="off" value="" />
-									<input type="button" class="button tagadd" value="<?php esc_attr_e('Add'); ?>" />
-								</div>
-							</div>
-							<div class="tagchecklist"></div>
-						</div>
-						<p class="tagcloud-link"><a href="#titlediv" class="tagcloud-link" id="link-post_tag"><?php _e('Choose from the most used tags'); ?></a></p>
-					</div>
 				</div>
-			<?php endif; ?>
+			</div>
+
+			<div id="tagsdiv-post_tag" class="postbox">
+				<div class="handlediv" title="<?php esc_attr_e( 'Click to toggle' ); ?>"><br /></div>
+				<h3><span><?php _e('Tags'); ?></span></h3>
+				<div class="inside">
+					<div class="tagsdiv" id="post_tag">
+						<div class="jaxtag">
+							<label class="screen-reader-text" for="newtag"><?php _e('Tags'); ?></label>
+							<input type="hidden" name="tax_input[post_tag]" class="the-tags" id="tax-input[post_tag]" value="" />
+							<div class="ajaxtag">
+								<input type="text" name="newtag[post_tag]" class="newtag form-input-tip" size="16" autocomplete="off" value="" />
+								<input type="button" class="button tagadd" value="<?php esc_attr_e('Add'); ?>" />
+							</div>
+						</div>
+						<div class="tagchecklist"></div>
+					</div>
+					<p class="tagcloud-link"><a href="#titlediv" class="tagcloud-link" id="link-post_tag"><?php _e('Choose from the most used tags'); ?></a></p>
+				</div>
+			</div>
 		</div>
 	</div>
 	<div class="posting">

wp-admin/theme-editor.php

@@ -68,7 +68,7 @@ if ( empty( $file ) ) {
 	$relative_file = 'style.css';
 	$file = $allowed_files['style.css'];
 } else {
-	$relative_file = wp_unslash( $file );
+	$relative_file = $file;
 	$file = $theme->get_stylesheet_directory() . '/' . $relative_file;
 }
 
@@ -125,12 +125,10 @@ default:
  <div id="message" class="updated"><p><?php _e( 'File edited successfully.' ) ?></p></div>
 <?php endif;
 
-$file_description = get_file_description( $relative_file );
+$description = get_file_description( $file );
 $file_show = array_search( $file, array_filter( $allowed_files ) );
-$description = esc_html( $file_description );
-if ( $file_description != $file_show ) {
-	$description .= ' <span>(' . esc_html( $file_show ) . ')</span>';
-}
+if ( $description != $file_show )
+	$description .= ' <span>(' . $file_show . ')</span>';
 ?>
 <div class="wrap">
 <h2><?php echo esc_html( $title ); ?></h2>
@@ -179,9 +177,9 @@ if ( $allowed_files ) :
 		if ( 'style.css' == $filename )
 			echo "\t</ul>\n\t<h3>" . _x( 'Styles', 'Theme stylesheets in theme editor' ) . "</h3>\n\t<ul>\n";
 
-		$file_description = esc_html( get_file_description( $filename ) );
+		$file_description = get_file_description( $absolute_filename );
 		if ( $file_description != basename( $filename ) )
-			$file_description .= '<br /><span class="nonessential">(' . esc_html( $filename ) . ')</span>';
+			$file_description .= '<br /><span class="nonessential">(' . $filename . ')</span>';
 
 		if ( $absolute_filename == $file )
 			$file_description = '<span class="highlight">' . $file_description . '</span>';

wp-admin/themes.php

@@ -278,7 +278,7 @@ $can_delete = current_user_can( 'delete_themes' );
 	</tr>
 	<?php foreach ( $broken_themes as $broken_theme ) : ?>
 		<tr>
-			<td><?php echo $broken_theme->get( 'Name' ) ? $broken_theme->display( 'Name' ) : esc_html( $broken_theme->get_stylesheet() ); ?></td>
+			<td><?php echo $broken_theme->get( 'Name' ) ? $broken_theme->display( 'Name' ) : $broken_theme->get_stylesheet(); ?></td>
 			<td><?php echo $broken_theme->errors()->get_error_message(); ?></td>
 			<?php
 			if ( $can_delete ) {

wp-admin/update-core.php

@@ -240,8 +240,6 @@ function list_plugin_updates() {
 	<tbody class="plugins">
 <?php
 	foreach ( (array) $plugins as $plugin_file => $plugin_data) {
-		$plugin_data = (object) _get_plugin_data_markup_translate( $plugin_file, (array) $plugin_data, false, true );
-
 		$info = plugins_api('plugin_information', array('slug' => $plugin_data->update->slug ));
 		if ( is_wp_error( $info ) ) {
 			$info = false;

wp-admin/user-edit.php

@@ -205,7 +205,7 @@ include(ABSPATH . 'wp-admin/admin-header.php');
 	<p><strong><?php _e('User updated.') ?></strong></p>
 	<?php endif; ?>
 	<?php if ( $wp_http_referer && !IS_PROFILE_PAGE ) : ?>
-	<p><a href="<?php echo esc_url( wp_validate_redirect( esc_url_raw( $wp_http_referer ), self_admin_url( 'users.php' ) ) ); ?>"><?php _e('&larr; Back to Users'); ?></a></p>
+	<p><a href="<?php echo esc_url( $wp_http_referer ); ?>"><?php _e('&larr; Back to Users'); ?></a></p>
 	<?php endif; ?>
 </div>
 <?php endif; ?>

wp-admin/user-new.php

@@ -69,7 +69,7 @@ if ( isset($_REQUEST['action']) && 'adduser' == $_REQUEST['action'] ) {
 			add_existing_user_to_blog( array( 'user_id' => $user_id, 'role' => $_REQUEST[ 'role' ] ) );
 			$redirect = add_query_arg( array('update' => 'addnoconfirmation'), 'user-new.php' );
 		} else {
-			$newuser_key = wp_generate_password( 20, false );
+			$newuser_key = substr( md5( $user_id ), 0, 5 );
 			add_option( 'new_user_' . $newuser_key, array( 'user_id' => $user_id, 'email' => $user_details->user_email, 'role' => $_REQUEST[ 'role' ] ) );
 
 			$roles = get_editable_roles();

wp-admin/widgets.php

@@ -17,8 +17,6 @@ if ( ! current_user_can('edit_theme_options') )
 
 $widgets_access = get_user_setting( 'widgets_access' );
 if ( isset($_GET['widgets-access']) ) {
-	check_admin_referer( 'widgets-access' );
-
 	$widgets_access = 'on' == $_GET['widgets-access'] ? 'on' : 'off';
 	set_user_setting( 'widgets_access', $widgets_access );
 }

wp-comments-post.php

@@ -108,8 +108,6 @@ if ( $user->exists() ) {
 		) {
 			kses_remove_filters(); // start with a clean slate
 			kses_init_filters(); // set up the filters
-			remove_filter( 'pre_comment_content', 'wp_filter_post_kses' );
-			add_filter( 'pre_comment_content', 'wp_filter_kses' );
 		}
 	}
 } else {

wp-includes/cache.php

@@ -639,7 +639,7 @@ class WP_Object_Cache {
 		echo "</p>";
 		echo '<ul>';
 		foreach ($this->cache as $group => $cache) {
-			echo '<li><strong>Group:</strong> ' . esc_html( $group ) . ' - ( ' . number_format( strlen( serialize( $cache ) ) / KB_IN_BYTES, 2 ) . 'k )</li>';
+			echo "<li><strong>Group:</strong> $group - ( " . number_format( strlen( serialize( $cache ) ) / 1024, 2 ) . 'k )</li>';
 		}
 		echo '</ul>';
 	}

wp-includes/class-wp-customize-manager.php

@@ -175,24 +175,6 @@ final class WP_Customize_Manager {
 
 		$this->theme = wp_get_theme( isset( $_REQUEST['theme'] ) ? $_REQUEST['theme'] : null );
 
-		/*
-		 * Clear incoming post data if the user lacks a CSRF token (nonce). Note that the customizer
-		 * application will inject the customize_preview_nonce query parameter into all Ajax requests.
-		 * For similar behavior elsewhere in WordPress, see rest_cookie_check_errors() which logs out
-		 * a user when a valid nonce isn't present.
-		 */
-		$has_post_data_nonce = (
-			check_ajax_referer( 'preview-customize_' . $this->get_stylesheet(), 'nonce', false )
-			||
-			check_ajax_referer( 'save-customize_' . $this->get_stylesheet(), 'nonce', false )
-			||
-			check_ajax_referer( 'preview-customize_' . $this->get_stylesheet(), 'customize_preview_nonce', false )
-		);
-		if ( ! $has_post_data_nonce ) {
-			unset( $_POST['customized'] );
-			unset( $_REQUEST['customized'] );
-		}
-
 		if ( $this->is_theme_active() ) {
 			// Once the theme is loaded, we'll validate it.
 			add_action( 'after_setup_theme', array( $this, 'after_setup_theme' ) );

wp-includes/class-wp-theme.php

@@ -655,9 +655,8 @@ final class WP_Theme implements ArrayAccess {
 	private function markup_header( $header, $value, $translate ) {
 		switch ( $header ) {
 			case 'Name' :
-				if ( empty( $value ) ) {
-					$value = esc_html( $this->get_stylesheet() );
-				}
+				if ( empty( $value ) )
+					$value = $this->get_stylesheet();
 				break;
 			case 'Description' :
 				$value = wptexturize( $value );

wp-includes/class-wp-xmlrpc-server.php

@@ -331,11 +331,6 @@ class wp_xmlrpc_server extends IXR_Server {
 			if ( isset($meta['id']) ) {
 				$meta['id'] = (int) $meta['id'];
 				$pmeta = get_metadata_by_mid( 'post', $meta['id'] );
-
-				if ( ! $pmeta || $pmeta->post_id != $post_id ) {
-					continue;
-				}
-
 				if ( isset($meta['key']) ) {
 					$meta['key'] = wp_unslash( $meta['key'] );
 					if ( $meta['key'] !== $pmeta->meta_key )
@@ -1214,31 +1209,10 @@ class wp_xmlrpc_server extends IXR_Server {
 	 * @param array|IXR_Error $content_struct Post data to insert.
 	 */
 	protected function _insert_post( $user, $content_struct ) {
-		$defaults = array(
-			'post_status'    => 'draft',
-			'post_type'      => 'post',
-			'post_author'    => null,
-			'post_password'  => null,
-			'post_excerpt'   => null,
-			'post_content'   => null,
-			'post_title'     => null,
-			'post_date'      => null,
-			'post_date_gmt'  => null,
-			'post_format'    => null,
-			'post_name'      => null,
-			'post_thumbnail' => null,
-			'post_parent'    => null,
-			'ping_status'    => null,
-			'comment_status' => null,
-			'custom_fields'  => null,
-			'terms_names'    => null,
-			'terms'          => null,
-			'sticky'         => null,
-			'enclosure'      => null,
-			'ID'             => null,
-		);
+		$defaults = array( 'post_status' => 'draft', 'post_type' => 'post', 'post_author' => 0,
+			'post_password' => '', 'post_excerpt' => '', 'post_content' => '', 'post_title' => '' );
 
-		$post_data = wp_parse_args( array_intersect_key( $content_struct, $defaults ), $defaults );
+		$post_data = wp_parse_args( $content_struct, $defaults );
 
 		$post_type = get_post_type_object( $post_data['post_type'] );
 		if ( ! $post_type )
@@ -1419,6 +1393,9 @@ class wp_xmlrpc_server extends IXR_Server {
 
 			$post_data['tax_input'] = $terms;
 			unset( $post_data['terms'], $post_data['terms_names'] );
+		} else {
+			// do not allow direct submission of 'tax_input', clients must use 'terms' and/or 'terms_names'
+			unset( $post_data['tax_input'], $post_data['post_category'], $post_data['tags_input'] );
 		}
 
 		if ( isset( $post_data['post_format'] ) ) {
@@ -3292,21 +3269,6 @@ class wp_xmlrpc_server extends IXR_Server {
 		if ( ! get_post($post_id) )
 			return new IXR_Error( 404, __( 'Invalid post ID.' ) );
 
-		if (
-			'publish' === get_post_status( $post_id ) &&
-			! current_user_can( 'edit_post', $post_id ) &&
-			post_password_required( $post_id )
-		) {
-			return new IXR_Error( 403, __( 'Sorry, you are not allowed to comment on this post.' ) );
-		}
-
-		if (
-			'private' === get_post_status( $post_id ) &&
-			! current_user_can( 'read_post', $post_id )
-		) {
-			return new IXR_Error( 403, __( 'Sorry, you are not allowed to comment on this post.' ) );
-		}
-
 		$comment = array();
 		$comment['comment_post_ID'] = $post_id;
 
@@ -3623,10 +3585,8 @@ class wp_xmlrpc_server extends IXR_Server {
 		/** This action is documented in wp-includes/class-wp-xmlrpc-server.php */
 		do_action( 'xmlrpc_call', 'wp.getMediaItem' );
 
-		$attachment = get_post( $attachment_id );
-		if ( ! $attachment || 'attachment' !== $attachment->post_type ) {
+		if ( ! $attachment = get_post($attachment_id) )
 			return new IXR_Error( 404, __( 'Invalid attachment ID.' ) );
-		}
 
 		return $this->_prepare_media_item( $attachment );
 	}

wp-includes/class-wp.php

@@ -15,7 +15,7 @@ class WP {
 	 * @access public
 	 * @var array
 	 */
-	public $public_query_vars = array( 'm', 'p', 'posts', 'w', 'cat', 'withcomments', 'withoutcomments', 's', 'search', 'exact', 'sentence', 'calendar', 'page', 'paged', 'more', 'tb', 'pb', 'author', 'order', 'orderby', 'year', 'monthnum', 'day', 'hour', 'minute', 'second', 'name', 'category_name', 'tag', 'feed', 'author_name', 'pagename', 'page_id', 'error', 'comments_popup', 'attachment', 'attachment_id', 'subpost', 'subpost_id', 'preview', 'robots', 'taxonomy', 'term', 'cpage', 'post_type', 'embed' );
+	public $public_query_vars = array('m', 'p', 'posts', 'w', 'cat', 'withcomments', 'withoutcomments', 's', 'search', 'exact', 'sentence', 'calendar', 'page', 'paged', 'more', 'tb', 'pb', 'author', 'order', 'orderby', 'year', 'monthnum', 'day', 'hour', 'minute', 'second', 'name', 'category_name', 'tag', 'feed', 'author_name', 'static', 'pagename', 'page_id', 'error', 'comments_popup', 'attachment', 'attachment_id', 'subpost', 'subpost_id', 'preview', 'robots', 'taxonomy', 'term', 'cpage', 'post_type');
 
 	/**
 	 * Private query variables.
@@ -265,8 +265,6 @@ class WP {
 		foreach ( $this->public_query_vars as $wpvar ) {
 			if ( isset( $this->extra_query_vars[$wpvar] ) )
 				$this->query_vars[$wpvar] = $this->extra_query_vars[$wpvar];
-			elseif ( isset( $_GET[ $wpvar ] ) && isset( $_POST[ $wpvar ] ) && $_GET[ $wpvar ] !== $_POST[ $wpvar ] )
-				wp_die( __( 'A variable mismatch has been detected.' ), __( 'Sorry, you are not allowed to view this item.' ), 400 );
 			elseif ( isset( $_POST[$wpvar] ) )
 				$this->query_vars[$wpvar] = $_POST[$wpvar];
 			elseif ( isset( $_GET[$wpvar] ) )

wp-includes/feed.php

@@ -469,7 +469,7 @@ function rss_enclosure() {
 				 *
 				 * @param string $html_link_tag The HTML link tag with a URI and other attributes.
 				 */
-				echo apply_filters( 'rss_enclosure', '<enclosure url="' . esc_url( trim( $enclosure[0] ) ) . '" length="' . absint( trim( $enclosure[1] ) ) . '" type="' . esc_attr( $type ) . '" />' . "\n" );
+				echo apply_filters( 'rss_enclosure', '<enclosure url="' . trim( htmlspecialchars( $enclosure[0] ) ) . '" length="' . trim( $enclosure[1] ) . '" type="' . $type . '" />' . "\n" );
 			}
 		}
 	}
@@ -503,7 +503,7 @@ function atom_enclosure() {
 				 *
 				 * @param string $html_link_tag The HTML link tag with a URI and other attributes.
 				 */
-				echo apply_filters( 'atom_enclosure', '<link href="' . esc_url( trim( $enclosure[0] ) ) . '" rel="enclosure" length="' . absint( trim( $enclosure[1] ) ) . '" type="' . esc_attr( trim( $enclosure[2] ) ) . '" />' . "\n" );
+				echo apply_filters( 'atom_enclosure', '<link href="' . trim( htmlspecialchars( $enclosure[0] ) ) . '" rel="enclosure" length="' . trim( $enclosure[1] ) . '" type="' . trim( $enclosure[2] ) . '" />' . "\n" );
 			}
 		}
 	}

wp-includes/formatting.php

@@ -1166,24 +1166,6 @@ function remove_accents($string) {
 function sanitize_file_name( $filename ) {
 	$filename_raw = $filename;
 	$special_chars = array("?", "[", "]", "/", "\\", "=", "<", ">", ":", ";", ",", "'", "\"", "&", "$", "#", "*", "(", ")", "|", "~", "`", "!", "{", "}", chr(0));
-
-	// Check for support for utf8 in the installed PCRE library once and store the result in a static.
-	static $utf8_pcre = null;
-	if ( ! isset( $utf8_pcre ) ) {
-		// phpcs:ignore WordPress.PHP.NoSilencedErrors.Discouraged
-		$utf8_pcre = @preg_match( '/^./u', 'a' );
-	}
-
-	if ( ! seems_utf8( $filename ) ) {
-		$_ext     = pathinfo( $filename, PATHINFO_EXTENSION );
-		$_name    = pathinfo( $filename, PATHINFO_FILENAME );
-		$filename = sanitize_title_with_dashes( $_name ) . '.' . $_ext;
-	}
-
-	if ( $utf8_pcre ) {
-		$filename = preg_replace( "#\x{00a0}#siu", ' ', $filename );
-	}
-
 	/**
 	 * Filter the list of characters to remove from a filename.
 	 *
@@ -1193,6 +1175,7 @@ function sanitize_file_name( $filename ) {
 	 * @param string $filename_raw  Filename as it was passed into sanitize_file_name().
 	 */
 	$special_chars = apply_filters( 'sanitize_file_name_chars', $special_chars, $filename_raw );
+	$filename = preg_replace( "#\x{00a0}#siu", ' ', $filename );
 	$filename = str_replace( $special_chars, '', $filename );
 	$filename = str_replace( array( '%20', '+' ), '-', $filename );
 	$filename = preg_replace( '/[\r\n\t -]+/', '-', $filename );

wp-includes/functions.php

@@ -1492,11 +1492,6 @@ function wp_mkdir_p( $target ) {
 	if ( file_exists( $target ) )
 		return @is_dir( $target );
 
-	// Do not allow path traversals.
-	if ( false !== strpos( $target, '../' ) || false !== strpos( $target, '..' . DIRECTORY_SEPARATOR ) ) {
-		return false;
-	}
-
 	// We need to find the permissions of the parent folder that exists and inherit that.
 	$target_parent = dirname( $target );
 	while ( '.' != $target_parent && ! is_dir( $target_parent ) ) {
@@ -1580,38 +1575,18 @@ function path_join( $base, $path ) {
 /**
  * Normalize a filesystem path.
  *
- * On windows systems, replaces backslashes with forward slashes
- * and forces upper-case drive letters.
- * Allows for two leading slashes for Windows network shares, but
- * ensures that all other duplicate slashes are reduced to a single.
+ * Replaces backslashes with forward slashes for Windows systems, and ensures
+ * no duplicate slashes exist.
  *
  * @since 3.9.0
- * @since 4.4.0 Ensures upper-case drive letters on Windows systems.
- * @since 4.5.0 Allows for Windows network shares.
- * @since 4.9.7 Allows for PHP file wrappers.
  *
  * @param string $path Path to normalize.
  * @return string Normalized path.
  */
 function wp_normalize_path( $path ) {
-	$wrapper = '';
-	if ( wp_is_stream( $path ) ) {
-		list( $wrapper, $path ) = explode( '://', $path, 2 );
-		$wrapper .= '://';
-	}
-
-	// Standardise all paths to use /
 	$path = str_replace( '\\', '/', $path );
-
-	// Replace multiple slashes down to a singular, allowing for network shares having two slashes.
-	$path = preg_replace( '|(?<=.)/+|', '/', $path );
-
-	// Windows paths should uppercase the drive letter
-	if ( ':' === substr( $path, 1, 1 ) ) {
-		$path = ucfirst( $path );
-	}
-
-	return $wrapper . $path;
+	$path = preg_replace( '|/+|','/', $path );
+	return $path;
 }
 
 /**
@@ -2093,7 +2068,7 @@ function wp_check_filetype( $filename, $mimes = null ) {
  * If it's determined that the extension does not match the file's real type,
  * then the "proper_filename" value will be set with a proper filename and extension.
  *
- * Currently this function only supports renaming images validated via wp_get_image_mime().
+ * Currently this function only supports validating images known to getimagesize().
  *
  * @since 3.0.0
  *
@@ -2118,15 +2093,14 @@ function wp_check_filetype_and_ext( $file, $filename, $mimes = null ) {
 		return compact( 'ext', 'type', 'proper_filename' );
 	}
 
-	// Validate image types.
-	if ( $type && 0 === strpos( $type, 'image/' ) ) {
+	// We're able to validate images using GD
+	if ( $type && 0 === strpos( $type, 'image/' ) && function_exists('getimagesize') ) {
 
 		// Attempt to figure out what type of image it actually is
-		$real_mime = wp_get_image_mime( $file );
+		$imgstats = @getimagesize( $file );
 
-		if ( ! $real_mime ) {
-			$type = $ext = false;
-		} elseif ( $real_mime != $type ) {
+		// If getimagesize() knows what kind of image it really is and if the real MIME doesn't match the claimed MIME
+		if ( !empty($imgstats['mime']) && $imgstats['mime'] != $type ) {
 			/**
 			 * Filter the list mapping image mime types to their respective extensions.
 			 *
@@ -2143,10 +2117,10 @@ function wp_check_filetype_and_ext( $file, $filename, $mimes = null ) {
 			) );
 
 			// Replace whatever is after the last period in the filename with the correct extension
-			if ( ! empty( $mime_to_ext[ $real_mime ] ) ) {
+			if ( ! empty( $mime_to_ext[ $imgstats['mime'] ] ) ) {
 				$filename_parts = explode( '.', $filename );
 				array_pop( $filename_parts );
-				$filename_parts[] = $mime_to_ext[ $real_mime ];
+				$filename_parts[] = $mime_to_ext[ $imgstats['mime'] ];
 				$new_filename = implode( '.', $filename_parts );
 
 				if ( $new_filename != $filename ) {
@@ -2156,67 +2130,10 @@ function wp_check_filetype_and_ext( $file, $filename, $mimes = null ) {
 				$wp_filetype = wp_check_filetype( $new_filename, $mimes );
 				$ext = $wp_filetype['ext'];
 				$type = $wp_filetype['type'];
-			} else {
-				$type = $ext = false;
 			}
 		}
 	}
 
-	// Validate files that didn't get validated during previous checks.
-	if ( $type && ! $real_mime && extension_loaded( 'fileinfo' ) ) {
-		$finfo = finfo_open( FILEINFO_MIME_TYPE );
-		$real_mime = finfo_file( $finfo, $file );
-		finfo_close( $finfo );
-
-		// fileinfo often misidentifies obscure files as one of these types
-		$nonspecific_types = array(
-			'application/octet-stream',
-			'application/encrypted',
-			'application/CDFV2-encrypted',
-			'application/zip',
-		);
-
-		/*
-		 * If $real_mime doesn't match the content type we're expecting from the file's extension,
-		 * we need to do some additional vetting. Media types and those listed in $nonspecific_types are
-		 * allowed some leeway, but anything else must exactly match the real content type.
-		 */
-		if ( in_array( $real_mime, $nonspecific_types, true ) ) {
-			// File is a non-specific binary type. That's ok if it's a type that generally tends to be binary.
-			if ( !in_array( substr( $type, 0, strcspn( $type, '/' ) ), array( 'application', 'video', 'audio' ) ) ) {
-				$type = $ext = false;
-			}
-		} elseif ( 0 === strpos( $real_mime, 'video/' ) || 0 === strpos( $real_mime, 'audio/' ) ) {
-			/*
-			 * For these types, only the major type must match the real value.
-			 * This means that common mismatches are forgiven: application/vnd.apple.numbers is often misidentified as application/zip,
-			 * and some media files are commonly named with the wrong extension (.mov instead of .mp4)
-			 */
-
-			if ( substr( $real_mime, 0, strcspn( $real_mime, '/' ) ) !== substr( $type, 0, strcspn( $type, '/' ) ) ) {
-				$type = $ext = false;
-			}
-		} else {
-			if ( $type !== $real_mime ) {
-				/*
-				 * Everything else including image/* and application/*: 
-				 * If the real content type doesn't match the file extension, assume it's dangerous.
-				 */
-				$type = $ext = false;
-			}
-
-		}
-	}
-
-	// The mime type must be allowed 
-	if ( $type ) {
-		$allowed = get_allowed_mime_types();
-
-		if ( ! in_array( $type, $allowed ) ) {
-			$type = $ext = false;
-		}
-	}
-
 	/**
 	 * Filter the "real" file type of the given file.
 	 *
@@ -2232,38 +2149,6 @@ function wp_check_filetype_and_ext( $file, $filename, $mimes = null ) {
 	return apply_filters( 'wp_check_filetype_and_ext', compact( 'ext', 'type', 'proper_filename' ), $file, $filename, $mimes );
 }
 
-/**
- * Returns the real mime type of an image file.
- *
- * This depends on exif_imagetype() or getimagesize() to determine real mime types.
- *
- * @since 4.7.1
- *
- * @param string $file Full path to the file.
- * @return string|false The actual mime type or false if the type cannot be determined.
- */
-function wp_get_image_mime( $file ) {
-	/*
-	 * Use exif_imagetype() to check the mimetype if available or fall back to
-	 * getimagesize() if exif isn't avaialbe. If either function throws an Exception
-	 * we assume the file could not be validated.
-	 */
-	try {
-		if ( is_callable( 'exif_imagetype' ) ) {
-			$mime = image_type_to_mime_type( exif_imagetype( $file ) );
-		} elseif ( function_exists( 'getimagesize' ) ) {
-			$imagesize = getimagesize( $file );
-			$mime = ( isset( $imagesize['mime'] ) ) ? $imagesize['mime'] : false;
-		} else {
-			$mime = false;
-		}
-	} catch ( Exception $e ) {
-		$mime = false;
-	}
-
-	return $mime;
-}
-
 /**
  * Retrieve list of mime types and file extensions.
  *
@@ -2400,9 +2285,8 @@ function get_allowed_mime_types( $user = null ) {
 	if ( function_exists( 'current_user_can' ) )
 		$unfiltered = $user ? user_can( $user, 'unfiltered_html' ) : current_user_can( 'unfiltered_html' );
 
-	if ( empty( $unfiltered ) ) {
-		unset( $t['htm|html'], $t['js'] );
-	}
+	if ( empty( $unfiltered ) )
+		unset( $t['htm|html'] );
 
 	/**
 	 * Filter list of allowed mime types and file extensions.
@@ -4925,29 +4809,3 @@ function wp_validate_boolean( $var ) {
 
 	return (bool) $var;
 }
-
-/**
- * Deletes a file if its path is within the given directory.
- *
- * @since 4.9.7
- *
- * @param string $file      Absolute path to the file to delete.
- * @param string $directory Absolute path to a directory.
- * @return bool True on success, false on failure.
- */
-function wp_delete_file_from_directory( $file, $directory ) {
-	$real_file = realpath( wp_normalize_path( $file ) );
-	$real_directory = realpath( wp_normalize_path( $directory ) );
-
-	if ( false === $real_file || false === $real_directory || strpos( wp_normalize_path( $real_file ), trailingslashit( wp_normalize_path( $real_directory ) ) ) !== 0 ) {
-		return false;
-	}
-
-	/** This filter is documented in wp-admin/custom-header.php */
-	$delete = apply_filters( 'wp_delete_file', $file );
-	if ( ! empty( $delete ) ) {
-		@unlink( $delete );
-	}
-
-	return true;
-}

wp-includes/general-template.php

@@ -2363,24 +2363,6 @@ function wp_no_robots() {
 	echo "<meta name='robots' content='noindex,follow' />\n";
 }
 
-/**
- * Display a noindex,noarchive meta tag and referrer origin-when-cross-origin meta tag.
- *
- * Outputs a noindex,noarchive meta tag that tells web robots not to index or cache the page content.
- * Outputs a referrer origin-when-cross-origin meta tag that tells the browser not to send the full
- * url as a referrer to other sites when cross-origin assets are loaded.
- *
- * Typical usage is as a wp_head callback. add_action( 'wp_head', 'wp_sensitive_page_meta' );
- *
- * @since 5.0.0
- */
-function wp_sensitive_page_meta() {
-	?>
-	<meta name='robots' content='noindex,noarchive' />
-	<meta name='referrer' content='strict-origin-when-cross-origin' />
-	<?php
-}
-
 /**
  * Whether the user should have a WYSIWIG editor.
  *
@@ -2531,14 +2513,12 @@ function language_attributes($doctype = 'html') {
 	if ( function_exists( 'is_rtl' ) && is_rtl() )
 		$attributes[] = 'dir="rtl"';
 
-	if ( $lang = get_bloginfo( 'language' ) ) {
-		if ( get_option( 'html_type' ) == 'text/html' || $doctype == 'html' ) {
-			$attributes[] = 'lang="' . esc_attr( $lang ) . '"';
-		}
+	if ( $lang = get_bloginfo('language') ) {
+		if ( get_option('html_type') == 'text/html' || $doctype == 'html' )
+			$attributes[] = "lang=\"$lang\"";
 
-		if ( get_option( 'html_type' ) != 'text/html' || $doctype == 'xhtml' ) {
-			$attributes[] = 'xml:lang="' . esc_attr( $lang ) . '"';
-		}
+		if ( get_option('html_type') != 'text/html' || $doctype == 'xhtml' )
+			$attributes[] = "xml:lang=\"$lang\"";
 	}
 
 	$output = implode(' ', $attributes);
@@ -3017,25 +2997,25 @@ function get_the_generator( $type = '' ) {
 
 	switch ( $type ) {
 		case 'html':
-			$gen = '<meta name="generator" content="WordPress ' . esc_attr( get_bloginfo( 'version' ) ) . '">';
+			$gen = '<meta name="generator" content="WordPress ' . get_bloginfo( 'version' ) . '">';
 			break;
 		case 'xhtml':
-			$gen = '<meta name="generator" content="WordPress ' . esc_attr( get_bloginfo( 'version' ) ) . '" />';
+			$gen = '<meta name="generator" content="WordPress ' . get_bloginfo( 'version' ) . '" />';
 			break;
 		case 'atom':
-			$gen = '<generator uri="https://wordpress.org/" version="' . esc_attr( get_bloginfo_rss( 'version' ) ) . '">WordPress</generator>';
+			$gen = '<generator uri="http://wordpress.org/" version="' . get_bloginfo_rss( 'version' ) . '">WordPress</generator>';
 			break;
 		case 'rss2':
-			$gen = '<generator>' . esc_url_raw( 'https://wordpress.org/?v=' . get_bloginfo_rss( 'version' ) ) . '</generator>';
+			$gen = '<generator>http://wordpress.org/?v=' . get_bloginfo_rss( 'version' ) . '</generator>';
 			break;
 		case 'rdf':
-			$gen = '<admin:generatorAgent rdf:resource="' . esc_url_raw( 'https://wordpress.org/?v=' . get_bloginfo_rss( 'version' ) ) . '" />';
+			$gen = '<admin:generatorAgent rdf:resource="http://wordpress.org/?v=' . get_bloginfo_rss( 'version' ) . '" />';
 			break;
 		case 'comment':
-			$gen = '<!-- generator="WordPress/' . esc_attr( get_bloginfo( 'version' ) ) . '" -->';
+			$gen = '<!-- generator="WordPress/' . get_bloginfo( 'version' ) . '" -->';
 			break;
 		case 'export':
-			$gen = '<!-- generator="WordPress/' . esc_attr( get_bloginfo_rss( 'version' ) ) . '" created="' . date( 'Y-m-d H:i' ) . '" -->';
+			$gen = '<!-- generator="WordPress/' . get_bloginfo_rss('version') . '" created="'. date('Y-m-d H:i') . '" -->';
 			break;
 	}
 

wp-includes/http.php

@@ -470,9 +470,8 @@ function wp_http_validate_url( $url ) {
 			$ip = $host;
 		} else {
 			$ip = gethostbyname( $host );
-			if ( $ip === $host ) { // Error condition for gethostbyname()
-				return false;
-			}
+			if ( $ip === $host ) // Error condition for gethostbyname()
+				$ip = false;
 		}
 		if ( $ip ) {
 			$parts = array_map( 'intval', explode( '.', $ip ) );

wp-includes/js/mce-view.js

@@ -131,14 +131,6 @@ window.wp = window.wp || {};
 				importStyles = this.type === 'video' || this.type === 'audio' || this.type === 'playlist';
 
 			if ( head || body.indexOf( '<script' ) !== -1 ) {
-				if ( body.indexOf( '[' ) !== -1 && body.indexOf( ']' ) !== -1 ) {
-					var shortcodesRegExp = new RegExp( '\\[\\/?(?:' + window.mceViewL10n.shortcodes.join( '|' ) + ')[^\\]]*?\\]', 'g' );
-					// Escape tags inside shortcode previews.
-					body = body.replace( shortcodesRegExp, function( match ) {
-						return match.replace( /</g, '&lt;' ).replace( />/g, '&gt;' );
-					} );
-				}
-
 				this.getNodes( function ( editor, node, content ) {
 					var dom = editor.dom,
 						styles = '',

wp-includes/js/plupload/handlers.js

@@ -328,24 +328,15 @@ function uploadError(fileObj, errorCode, message, uploader) {
 	}
 }
 
-function uploadSizeError( up, file ) {
-	var message, errorDiv;
+function uploadSizeError( up, file, over100mb ) {
+	var message;
 
-	message = pluploadL10n.file_exceeds_size_limit.replace('%s', file.name);
+	if ( over100mb )
+		message = pluploadL10n.big_upload_queued.replace('%s', file.name) + ' ' + pluploadL10n.big_upload_failed.replace('%1$s', '<a class="uploader-html" href="#">').replace('%2$s', '</a>');
+	else
+		message = pluploadL10n.file_exceeds_size_limit.replace('%s', file.name);
 
-	// Construct the error div.
-	errorDiv = jQuery( '<div />' )
-		.attr( {
-			'id':    'media-item-' + file.id,
-			'class': 'media-item error'
-		} )
-		.append(
-			jQuery( '<p />' )
-				.text( message )
-		);
-
-	// Append the error.
-	jQuery('#media-items').append( errorDiv );
+	jQuery('#media-items').append('<div id="media-item-' + file.id + '" class="media-item error"><p>' + message + '</p></div>');
 	up.removeFile(file);
 }
 

wp-includes/js/wplink.js

@@ -210,13 +210,6 @@ var wpLink;
 
 			attrs = wpLink.getAttrs();
 
-			var parser = document.createElement( 'a' );
-			parser.href = attrs.href;
-
-			if ( 'javascript:' === parser.protocol || 'data:' === parser.protocol ) { // jshint ignore:line
-				attrs.href = '';
-			}
-
 			// If there's no href, return.
 			if ( ! attrs.href || attrs.href == 'http://' )
 				return;
@@ -230,7 +223,7 @@ var wpLink;
 			}
 
 			if ( attrs.target ) {
-				html += ' rel="noopener" target="' + attrs.target + '"';
+				html += ' target="' + attrs.target + '"';
 			}
 
 			html += '>';
@@ -282,13 +275,6 @@ var wpLink;
 
 			link = editor.dom.getParent( editor.selection.getNode(), 'a[href]' );
 
-			var parser = document.createElement( 'a' );
-			parser.href = attrs.href;
-
-			if ( 'javascript:' === parser.protocol || 'data:' === parser.protocol ) { // jshint ignore:line
-				attrs.href = '';
-			}
-
 			// If the values are empty, unlink and return
 			if ( ! attrs.href || attrs.href == 'http://' ) {
 				editor.execCommand( 'unlink' );

wp-includes/kses.php

@@ -180,6 +180,15 @@ if ( ! CUSTOM_TAGS ) {
 			'lang' => true,
 			'xml:lang' => true,
 		),
+		'form' => array(
+			'action' => true,
+			'accept' => true,
+			'accept-charset' => true,
+			'enctype' => true,
+			'method' => true,
+			'name' => true,
+			'target' => true,
+		),
 		'h1' => array(
 			'align' => true,
 		),
@@ -531,7 +540,7 @@ function wp_kses( $string, $allowed_html, $allowed_protocols = array() ) {
  * @return string Filtered attribute.
  */
 function wp_kses_one_attr( $string, $element ) {
-	$uris = wp_kses_uri_attributes();
+	$uris = array('xmlns', 'profile', 'href', 'src', 'cite', 'classid', 'codebase', 'data', 'usemap', 'longdesc', 'action');
 	$allowed_html = wp_kses_allowed_html( 'post' );
 	$allowed_protocols = wp_allowed_protocols();
 	$string = wp_kses_no_null( $string, array( 'slash_zero' => 'keep' ) );
@@ -598,7 +607,6 @@ function wp_kses_one_attr( $string, $element ) {
  * Return a list of allowed tags and attributes for a given context.
  *
  * @since 3.5.0
- * @since 5.0.1 `form` removed as allowable HTML tag.
  *
  * @param string $context The context for which to retrieve tags. Allowed values are
  *  post | strip | data | entities or the name of a field filter such as pre_user_description.
@@ -623,27 +631,8 @@ function wp_kses_allowed_html( $context = '' ) {
 	switch ( $context ) {
 		case 'post':
 			/** This filter is documented in wp-includes/kses.php */
-			$tags = apply_filters( 'wp_kses_allowed_html', $allowedposttags, $context );
-
-			// 5.0.1 removed the `<form>` tag, allow it if a filter is allowing it's sub-elements `<input>` or `<select>`.
-			if ( ! CUSTOM_TAGS && ! isset( $tags['form'] ) && ( isset( $tags['input'] ) || isset( $tags['select'] ) ) ) {
-				$tags = $allowedposttags;
-
-				$tags['form'] = array(
-					'action' => true,
-					'accept' => true,
-					'accept-charset' => true,
-					'enctype' => true,
-					'method' => true,
-					'name' => true,
-					'target' => true,
-				);
-
-				/** This filter is documented in wp-includes/kses.php */
-				$tags = apply_filters( 'wp_kses_allowed_html', $tags, $context );
-			}
-
-			return $tags;
+			return apply_filters( 'wp_kses_allowed_html', $allowedposttags, $context );
+			break;
 		case 'user_description':
 		case 'pre_user_description':
 			$tags = $allowedtags;
@@ -723,56 +712,6 @@ function wp_kses_split( $string, $allowed_html, $allowed_protocols ) {
 	return preg_replace_callback( '%(<!--.*?(-->|$))|(<[^>]*(>|$)|>)%', '_wp_kses_split_callback', $string );
 }
 
-/**
- * Helper function listing HTML attributes containing a URL.
- *
- * This function returns a list of all HTML attributes that must contain
- * a URL according to the HTML specification.
- *
- * This list includes URI attributes both allowed and disallowed by KSES.
- *
- * @link https://developer.mozilla.org/en-US/docs/Web/HTML/Attributes
- *
- * @since 5.0.1
- *
- * @return array HTML attributes that must include a URL.
- */
-function wp_kses_uri_attributes() {
-	$uri_attributes = array(
-		'action',
-		'archive',
-		'background',
-		'cite',
-		'classid',
-		'codebase',
-		'data',
-		'formaction',
-		'href',
-		'icon',
-		'longdesc',
-		'manifest',
-		'poster',
-		'profile',
-		'src',
-		'usemap',
-		'xmlns',
-	);
-
-	/**
-	 * Filters the list of attributes that are required to contain a URL.
-	 *
-	 * Use this filter to add any `data-` attributes that are required to be
-	 * validated as a URL.
-	 *
-	 * @since 5.0.1
-	 *
-	 * @param array $uri_attributes HTML attributes requiring validation as a URL.
-	 */
-	$uri_attributes = apply_filters( 'wp_kses_uri_attributes', $uri_attributes );
-
-	return $uri_attributes;
-}
-
 /**
  * Callback for wp_kses_split.
  *
@@ -964,7 +903,7 @@ function wp_kses_hair($attr, $allowed_protocols) {
 	$attrarr = array();
 	$mode = 0;
 	$attrname = '';
-	$uris = wp_kses_uri_attributes();
+	$uris = array('xmlns', 'profile', 'href', 'src', 'cite', 'classid', 'codebase', 'data', 'usemap', 'longdesc', 'action');
 
 	# Loop through the whole attribute list
 
@@ -1373,8 +1312,7 @@ function wp_kses_html_error($string) {
  * @return string Sanitized content
  */
 function wp_kses_bad_protocol_once($string, $allowed_protocols, $count = 1 ) {
-	$string  = preg_replace( '/(&#0*58(?![;0-9])|&#x0*3a(?![;a-f0-9]))/i', '$1;', $string );
-	$string2 = preg_split( '/:|&#0*58;|&#x0*3a;|&colon;/i', $string, 2 );
+	$string2 = preg_split( '/:|&#0*58;|&#x0*3a;/i', $string, 2 );
 	if ( isset($string2[1]) && ! preg_match('%/\?%', $string2[0]) ) {
 		$string = trim( $string2[1] );
 		$protocol = wp_kses_bad_protocol_once2( $string2[0], $allowed_protocols );

wp-includes/media.php

@@ -2297,7 +2297,7 @@ function wp_embed_handler_googlevideo( $matches, $attr, $url, $rawattr ) {
  */
 function wp_embed_handler_youtube( $matches, $attr, $url, $rawattr ) {
 	global $wp_embed;
-	$embed = $wp_embed->autoembed( sprintf( "https://youtube.com/watch?v=%s", urlencode( $matches[2] ) ) );
+	$embed = $wp_embed->autoembed( "https://youtube.com/watch?v={$matches[2]}" );
 	/**
 	 * Filter the YoutTube embed output.
 	 *

wp-includes/meta.php

@@ -1550,9 +1550,8 @@ function _get_meta_table($type) {
  * @param string|null $meta_type
  * @return bool True if the key is protected, false otherwise.
  */
-function is_protected_meta( $meta_key, $meta_type = '' ) {
-	$sanitized_key = preg_replace( "/[^\x20-\x7E\p{L}]/", '', $meta_key );
-	$protected     = strlen( $sanitized_key ) > 0 && ( '_' === $sanitized_key[0] );
+function is_protected_meta( $meta_key, $meta_type = null ) {
+	$protected = ( '_' == $meta_key[0] );
 
 	/**
 	 * Filter whether a meta key is protected.

wp-includes/ms-deprecated.php

@@ -239,13 +239,10 @@ function wpmu_admin_do_redirect( $url = '' ) {
 	_deprecated_function( __FUNCTION__, '3.3' );
 
 	$ref = '';
-	if ( isset( $_GET['ref'] ) && isset( $_POST['ref'] ) && $_GET['ref'] !== $_POST['ref'] ) {
-		wp_die( __( 'A variable mismatch has been detected.' ), __( 'Sorry, you are not allowed to view this item.' ), 400 );
-	} elseif ( isset( $_POST['ref'] ) ) {
-		$ref = $_POST[ 'ref' ];
-	} elseif ( isset( $_GET['ref'] ) ) {
-		$ref = $_GET[ 'ref' ];
-	}
+	if ( isset( $_GET['ref'] ) )
+		$ref = $_GET['ref'];
+	if ( isset( $_POST['ref'] ) )
+		$ref = $_POST['ref'];
 
 	if ( $ref ) {
 		$ref = wpmu_admin_redirect_add_updated_param( $ref );
@@ -258,9 +255,7 @@ function wpmu_admin_do_redirect( $url = '' ) {
 	}
 
 	$url = wpmu_admin_redirect_add_updated_param( $url );
-	if ( isset( $_GET['redirect'] ) && isset( $_POST['redirect'] ) && $_GET['redirect'] !== $_POST['redirect'] ) {
-		wp_die( __( 'A variable mismatch has been detected.' ), __( 'Sorry, you are not allowed to view this item.' ), 400 );
-	} elseif ( isset( $_GET['redirect'] ) ) {
+	if ( isset( $_GET['redirect'] ) ) {
 		if ( substr( $_GET['redirect'], 0, 2 ) == 's_' )
 			$url .= '&action=blogs&s='. esc_html( substr( $_GET['redirect'], 2 ) );
 	} elseif ( isset( $_POST['redirect'] ) ) {

wp-includes/ms-functions.php

@@ -713,7 +713,7 @@ function wpmu_validate_blog_signup( $blogname, $blog_title, $user = '' ) {
 function wpmu_signup_blog( $domain, $path, $title, $user, $user_email, $meta = array() )  {
 	global $wpdb;
 
-	$key = substr( md5( time() . wp_rand() . $domain ), 0, 16 );
+	$key = substr( md5( time() . rand() . $domain ), 0, 16 );
 	$meta = serialize($meta);
 
 	$wpdb->insert( $wpdb->signups, array(
@@ -748,7 +748,7 @@ function wpmu_signup_user( $user, $user_email, $meta = array() ) {
 	// Format data
 	$user = preg_replace( '/\s+/', '', sanitize_user( $user, true ) );
 	$user_email = sanitize_email( $user_email );
-	$key = substr( md5( time() . wp_rand() . $user_email ), 0, 16 );
+	$key = substr( md5( time() . rand() . $user_email ), 0, 16 );
 	$meta = serialize($meta);
 
 	$wpdb->insert( $wpdb->signups, array(

wp-includes/pluggable.php

@@ -1063,9 +1063,9 @@ if ( !function_exists('check_admin_referer') ) :
  * @param int|string $action    Action nonce
  * @param string     $query_arg Where to look for nonce in $_REQUEST (since 2.5)
  */
-function check_admin_referer( $action = -1, $query_arg = '_wpnonce' ) {
-	if ( -1 === $action )
-		_doing_it_wrong( __FUNCTION__, __( 'You should specify a nonce action to be verified by using the first parameter.' ), '3.2.0' );
+function check_admin_referer($action = -1, $query_arg = '_wpnonce') {
+	if ( -1 == $action )
+		_doing_it_wrong( __FUNCTION__, __( 'You should specify a nonce action to be verified by using the first parameter.' ), '3.2' );
 
 	$adminurl = strtolower(admin_url());
 	$referer = strtolower(wp_get_referer());
@@ -1084,12 +1084,6 @@ function check_admin_referer( $action = -1, $query_arg = '_wpnonce' ) {
 	 * @param bool   $result Whether the admin request nonce was validated.
 	 */
 	do_action( 'check_admin_referer', $action, $result );
-
-	if ( ! $result && ! ( -1 === $action && strpos( $referer, $adminurl ) === 0 ) ) {
-		wp_nonce_ays( $action );
-		die();
-	}
-
 	return $result;
 }
 endif;
@@ -1104,9 +1098,6 @@ if ( !function_exists('check_ajax_referer') ) :
  * @param string     $query_arg Where to look for nonce in $_REQUEST (since 2.5)
  */
 function check_ajax_referer( $action = -1, $query_arg = false, $die = true ) {
-	if ( -1 === $action )
-		_doing_it_wrong( __FUNCTION__, __( 'You should specify a nonce action to be verified by using the first parameter.' ), '3.2.0' );
-
 	$nonce = '';
 
 	if ( $query_arg && isset( $_REQUEST[ $query_arg ] ) )
@@ -1195,7 +1186,7 @@ if ( !function_exists('wp_sanitize_redirect') ) :
  * @return string redirect-sanitized URL
  **/
 function wp_sanitize_redirect($location) {
-	$location = preg_replace('|[^a-z0-9-~+_.?#=&;,/:%!*\[\]()@]|i', '', $location);
+	$location = preg_replace('|[^a-z0-9-~+_.?#=&;,/:%!*\[\]()]|i', '', $location);
 	$location = wp_kses_no_null($location);
 
 	// remove %0d and %0a from location
@@ -1249,7 +1240,7 @@ if ( !function_exists('wp_validate_redirect') ) :
  * @return string redirect-sanitized URL
  **/
 function wp_validate_redirect($location, $default = '') {
-	$location = wp_sanitize_redirect( trim( $location, " \t\n\r\0\x08\x0B" ) );
+	$location = trim( $location );
 	// browsers will assume 'http' is your protocol, and will obey a redirect to a URL starting with '//'
 	if ( substr($location, 0, 2) == '//' )
 		$location = 'http:' . $location;
@@ -1268,14 +1259,6 @@ function wp_validate_redirect($location, $default = '') {
 	if ( isset($lp['scheme']) && !('http' == $lp['scheme'] || 'https' == $lp['scheme']) )
 		return $default;
 
-	if ( ! isset( $lp['host'] ) && ! empty( $lp['path'] ) && '/' !== $lp['path'][0] ) {
-		$path = '';
-		if ( ! empty( $_SERVER['REQUEST_URI'] ) ) {
-			$path = dirname( parse_url( 'http://placeholder' . $_SERVER['REQUEST_URI'], PHP_URL_PATH ) . '?' );
-		}
-		$location = '/' . ltrim( $path . '/', '/' ) . $location;
-	}
-
 	// Reject if certain components are set but host is not. This catches urls like https:host.com for which parse_url does not set the host field.
 	if ( ! isset( $lp['host'] ) && ( isset( $lp['scheme'] ) || isset( $lp['user'] ) || isset( $lp['pass'] ) || isset( $lp['port'] ) ) ) {
 		return $default;
@@ -2298,3 +2281,4 @@ function wp_text_diff( $left_string, $right_string, $args = null ) {
 	return $r;
 }
 endif;
+

wp-includes/post-template.php

@@ -290,9 +290,24 @@ function get_the_content( $more_link_text = null, $strip_teaser = false ) {
 		}
 	}
 
+	if ( $preview ) // Preview fix for JavaScript bug with foreign languages.
+		$output =	preg_replace_callback( '/\%u([0-9A-F]{4})/', '_convert_urlencoded_to_entities', $output );
+
 	return $output;
 }
 
+/**
+ * Preview fix for JavaScript bug with foreign languages.
+ *
+ * @since 3.1.0
+ * @access private
+ * @param array $match Match array from preg_replace_callback
+ * @return string
+ */
+function _convert_urlencoded_to_entities( $match ) {
+	return '&#' . base_convert( $match[1], 16, 10 ) . ';';
+}
+
 /**
  * Display the post excerpt.
  *

wp-includes/post.php

@@ -4176,10 +4176,10 @@ function get_page_by_path( $page_path, $output = OBJECT, $post_type = 'page' ) {
 	$page_path = str_replace('%2F', '/', $page_path);
 	$page_path = str_replace('%20', ' ', $page_path);
 	$parts = explode( '/', trim( $page_path, '/' ) );
+	$parts = esc_sql( $parts );
 	$parts = array_map( 'sanitize_title_for_query', $parts );
-	$escaped_parts = esc_sql( $parts );
 
-	$in_string = "'" . implode( "','", $escaped_parts ) . "'";
+	$in_string = "'" . implode( "','", $parts ) . "'";
 
 	if ( is_array( $post_type ) ) {
 		$post_types = $post_type;
@@ -4806,79 +4806,46 @@ function wp_delete_attachment( $post_id, $force_delete = false ) {
 	/** This action is documented in wp-includes/post.php */
 	do_action( 'deleted_post', $post_id );
 
-	wp_delete_attachment_files( $post_id, $meta, $backup_sizes, $file );
-
-	clean_post_cache( $post );
-
-	return $post;
-}
-
-/**
- * Deletes all files that belong to the given attachment.
- *
- * @since 4.9.7
- *
- * @param int    $post_id      Attachment ID.
- * @param array  $meta         The attachment's meta data.
- * @param array  $backup_sizes The meta data for the attachment's backup images.
- * @param string $file         Absolute path to the attachment's file.
- * @return bool True on success, false on failure.
- */
-function wp_delete_attachment_files( $post_id, $meta, $backup_sizes, $file ) {
-	global $wpdb;
-
 	$uploadpath = wp_upload_dir();
-	$deleted    = true;
 
 	if ( ! empty($meta['thumb']) ) {
 		// Don't delete the thumb if another attachment uses it.
 		if (! $wpdb->get_row( $wpdb->prepare( "SELECT meta_id FROM $wpdb->postmeta WHERE meta_key = '_wp_attachment_metadata' AND meta_value LIKE %s AND post_id <> %d", '%' . $wpdb->esc_like( $meta['thumb'] ) . '%', $post_id)) ) {
 			$thumbfile = str_replace(basename($file), $meta['thumb'], $file);
-			if ( ! empty( $thumbfile ) ) {
-				$thumbfile = path_join( $uploadpath['basedir'], $thumbfile );
-				$thumbdir  = path_join( $uploadpath['basedir'], dirname( $file ) );
-
-				if ( ! wp_delete_file_from_directory( $thumbfile, $thumbdir ) ) {
-					$deleted = false;
-				}
-			}
+			/** This filter is documented in wp-admin/custom-header.php */
+			$thumbfile = apply_filters( 'wp_delete_file', $thumbfile );
+			@ unlink( path_join($uploadpath['basedir'], $thumbfile) );
 		}
 	}
 
 	// Remove intermediate and backup images if there are any.
 	if ( isset( $meta['sizes'] ) && is_array( $meta['sizes'] ) ) {
-		$intermediate_dir = path_join( $uploadpath['basedir'], dirname( $file ) );
 		foreach ( $meta['sizes'] as $size => $sizeinfo ) {
 			$intermediate_file = str_replace( basename( $file ), $sizeinfo['file'], $file );
-			if ( ! empty( $intermediate_file ) ) {
-				$intermediate_file = path_join( $uploadpath['basedir'], $intermediate_file );
-
-				if ( ! wp_delete_file_from_directory( $intermediate_file, $intermediate_dir ) ) {
-					$deleted = false;
-				}
-			}
+			/** This filter is documented in wp-admin/custom-header.php */
+			$intermediate_file = apply_filters( 'wp_delete_file', $intermediate_file );
+			@ unlink( path_join( $uploadpath['basedir'], $intermediate_file ) );
 		}
 	}
 
 	if ( is_array($backup_sizes) ) {
-		$del_dir = path_join( $uploadpath['basedir'], dirname( $meta['file'] ) );
 		foreach ( $backup_sizes as $size ) {
 			$del_file = path_join( dirname($meta['file']), $size['file'] );
-			if ( ! empty( $del_file ) ) {
-				$del_file = path_join( $uploadpath['basedir'], $del_file );
-
-				if ( ! wp_delete_file_from_directory( $del_file, $del_dir ) ) {
-					$deleted = false;
-				}
-			}
+			/** This filter is documented in wp-admin/custom-header.php */
+			$del_file = apply_filters( 'wp_delete_file', $del_file );
+			@ unlink( path_join($uploadpath['basedir'], $del_file) );
 		}
 	}
 
-	if ( ! wp_delete_file_from_directory( $file, $uploadpath['basedir'] ) ) {
-		$deleted = false;
-	}
+	/** This filter is documented in wp-admin/custom-header.php */
+	$file = apply_filters( 'wp_delete_file', $file );
 
-	return $deleted;
+	if ( ! empty($file) )
+		@ unlink($file);
+
+	clean_post_cache( $post );
+
+	return $post;
 }
 
 /**

wp-includes/query.php

@@ -1396,6 +1396,7 @@ class WP_Query {
 			, 'attachment'
 			, 'attachment_id'
 			, 'name'
+			, 'static'
 			, 'pagename'
 			, 'page_id'
 			, 'second'
@@ -1590,7 +1591,11 @@ class WP_Query {
 			$this->is_single = true;
 		} elseif ( $qv['p'] ) {
 			$this->is_single = true;
-		} elseif ( '' != $qv['pagename'] || !empty($qv['page_id']) ) {
+		} elseif ( ('' !== $qv['hour']) && ('' !== $qv['minute']) &&('' !== $qv['second']) && ('' != $qv['year']) && ('' != $qv['monthnum']) && ('' != $qv['day']) ) {
+			// If year, month, day, hour, minute, and second are set, a single
+			// post is being queried.
+			$this->is_single = true;
+		} elseif ( '' != $qv['static'] || '' != $qv['pagename'] || !empty($qv['page_id']) ) {
 			$this->is_page = true;
 			$this->is_single = false;
 		} else {
@@ -2905,15 +2910,14 @@ class WP_Query {
 
 		if ( 'any' == $post_type ) {
 			$in_search_post_types = get_post_types( array('exclude_from_search' => false) );
-			if ( empty( $in_search_post_types ) ) {
+			if ( empty( $in_search_post_types ) )
 				$where .= ' AND 1=0 ';
-			} else {
-				$where .= " AND {$wpdb->posts}.post_type IN ('" . join( "', '", array_map( 'esc_sql', $in_search_post_types ) ) . "')";
-			}
+			else
+				$where .= " AND $wpdb->posts.post_type IN ('" . join("', '", $in_search_post_types ) . "')";
 		} elseif ( !empty( $post_type ) && is_array( $post_type ) ) {
-			$where .= " AND {$wpdb->posts}.post_type IN ('" . join("', '", esc_sql( $post_type ) ) . "')";
+			$where .= " AND $wpdb->posts.post_type IN ('" . join("', '", $post_type) . "')";
 		} elseif ( ! empty( $post_type ) ) {
-			$where .= $wpdb->prepare( " AND {$wpdb->posts}.post_type = %s", $post_type );
+			$where .= " AND $wpdb->posts.post_type = '$post_type'";
 			$post_type_object = get_post_type_object ( $post_type );
 		} elseif ( $this->is_attachment ) {
 			$where .= " AND $wpdb->posts.post_type = 'attachment'";

wp-includes/script-loader.php

@@ -706,9 +706,6 @@ function wp_just_in_time_script_localization() {
 		'blog_id' => get_current_blog_id(),
 	) );
 
-	wp_localize_script( 'mce-view', 'mceViewL10n', array(
-		'shortcodes' => ! empty( $GLOBALS['shortcode_tags'] ) ? array_keys( $GLOBALS['shortcode_tags'] ) : array()
-	) );
 }
 
 /**

wp-includes/user.php

@@ -1885,7 +1885,7 @@ function wp_insert_user( $userdata ) {
 	$data = wp_unslash( $compacted );
 
 	if ( $update ) {
-		if ( $user_email !== $old_user_data->user_email || $user_pass !== $old_user_data->user_pass ) {
+		if ( $user_email !== $old_user_data->user_email ) {
 			$data['user_activation_key'] = '';
 		}
 		$wpdb->update( $wpdb->users, $data, compact( 'ID' ) );

wp-includes/version.php

@@ -4,7 +4,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '4.1.32';
+$wp_version = '4.1.12';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.

wp-includes/wp-db.php

@@ -1076,22 +1076,19 @@ class wpdb {
 	function _real_escape( $string ) {
 		if ( $this->dbh ) {
 			if ( $this->use_mysqli ) {
-				$escaped = mysqli_real_escape_string( $this->dbh, $string );
+				return mysqli_real_escape_string( $this->dbh, $string );
 			} else {
-				$escaped = mysql_real_escape_string( $string, $this->dbh );
+				return mysql_real_escape_string( $string, $this->dbh );
 			}
-		} else {
-			$class = get_class( $this );
-			if ( function_exists( '__' ) ) {
-				/* translators: %s: database access abstraction class, usually wpdb or a class extending wpdb */
-				_doing_it_wrong( $class, sprintf( __( '%s must set a database connection for use with escaping.' ), $class ), '3.6.0' );
-			} else {
-				_doing_it_wrong( $class, sprintf( '%s must set a database connection for use with escaping.', $class ), '3.6.0' );
-			}
-			$escaped = addslashes( $string );
 		}
 
-		return $this->add_placeholder_escape( $escaped );
+		$class = get_class( $this );
+		if ( function_exists( '__' ) ) {
+			_doing_it_wrong( $class, sprintf( __( '%s must set a database connection for use with escaping.' ), $class ), E_USER_NOTICE );
+		} else {
+			_doing_it_wrong( $class, sprintf( '%s must set a database connection for use with escaping.', $class ), E_USER_NOTICE );
+		}
+		return addslashes( $string );
 	}
 
 	/**
@@ -1165,120 +1162,58 @@ class wpdb {
 	/**
 	 * Prepares a SQL query for safe execution. Uses sprintf()-like syntax.
 	 *
-	 * The following placeholders can be used in the query string:
+	 * The following directives can be used in the query format string:
 	 *   %d (integer)
 	 *   %f (float)
 	 *   %s (string)
+	 *   %% (literal percentage sign - no argument needed)
 	 *
-	 * All placeholders MUST be left unquoted in the query string. A corresponding argument MUST be passed for each placeholder.
+	 * All of %d, %f, and %s are to be left unquoted in the query string and they need an argument passed for them.
+	 * Literals (%) as parts of the query must be properly written as %%.
 	 *
-	 * For compatibility with old behavior, numbered or formatted string placeholders (eg, %1$s, %5s) will not have quotes
-	 * added by this function, so should be passed with appropriate quotes around them for your usage.
+	 * This function only supports a small subset of the sprintf syntax; it only supports %d (integer), %f (float), and %s (string).
+	 * Does not support sign, padding, alignment, width or precision specifiers.
+	 * Does not support argument numbering/swapping.
 	 *
-	 * Literal percentage signs (%) in the query string must be written as %%. Percentage wildcards (for example,
-	 * to use in LIKE syntax) must be passed via a substitution argument containing the complete LIKE string, these
-	 * cannot be inserted directly in the query string. Also see {@see esc_like()}.
+	 * May be called like {@link http://php.net/sprintf sprintf()} or like {@link http://php.net/vsprintf vsprintf()}.
 	 *
-	 * Arguments may be passed as individual arguments to the method, or as a single array containing all arguments. A combination
-	 * of the two is not supported.
+	 * Both %d and %s should be left unquoted in the query string.
 	 *
-	 * Examples:
-	 *     $wpdb->prepare( "SELECT * FROM `table` WHERE `column` = %s AND `field` = %d OR `other_field` LIKE %s", array( 'foo', 1337, '%bar' ) );
-	 *     $wpdb->prepare( "SELECT DATE_FORMAT(`field`, '%%c') FROM `table` WHERE `column` = %s", 'foo' );
+	 *     wpdb::prepare( "SELECT * FROM `table` WHERE `column` = %s AND `field` = %d", 'foo', 1337 )
+	 *     wpdb::prepare( "SELECT DATE_FORMAT(`field`, '%%c') FROM `table` WHERE `column` = %s", 'foo' );
 	 *
-	 * @link https://secure.php.net/sprintf Description of syntax.
+	 * @link http://php.net/sprintf Description of syntax.
 	 * @since 2.3.0
 	 *
-	 * @param string      $query    Query statement with sprintf()-like placeholders
-	 * @param array|mixed $args     The array of variables to substitute into the query's placeholders if being called with an array of arguments,
-	 *                              or the first variable to substitute into the query's placeholders if being called with individual arguments.
-	 * @param mixed       $args,... further variables to substitute into the query's placeholders if being called wih individual arguments.
-	 * @return string|void Sanitized query string, if there is a query to prepare.
+	 * @param string $query Query statement with sprintf()-like placeholders
+	 * @param array|mixed $args The array of variables to substitute into the query's placeholders if being called like
+	 * 	{@link http://php.net/vsprintf vsprintf()}, or the first variable to substitute into the query's placeholders if
+	 * 	being called like {@link http://php.net/sprintf sprintf()}.
+	 * @param mixed $args,... further variables to substitute into the query's placeholders if being called like
+	 * 	{@link http://php.net/sprintf sprintf()}.
+	 * @return null|false|string Sanitized query string, null if there is no query, false if there is an error and string
+	 * 	if there was something to prepare
 	 */
 	public function prepare( $query, $args ) {
-		if ( is_null( $query ) ) {
+		if ( is_null( $query ) )
 			return;
-		}
 
 		// This is not meant to be foolproof -- but it will catch obviously incorrect usage.
 		if ( strpos( $query, '%' ) === false ) {
-			wp_load_translations_early();
-			_doing_it_wrong( 'wpdb::prepare', sprintf( __( 'The query argument of %s must have a placeholder.' ), 'wpdb::prepare()' ), '3.9.0' );
+			_doing_it_wrong( 'wpdb::prepare', sprintf( __( 'The query argument of %s must have a placeholder.' ), 'wpdb::prepare()' ), '3.9' );
 		}
 
 		$args = func_get_args();
 		array_shift( $args );
-
-		// If args were passed as an array (as in vsprintf), move them up.
-		$passed_as_array = false;
-		if ( is_array( $args[0] ) && count( $args ) == 1 ) {
-			$passed_as_array = true;
+		// If args were passed as an array (as in vsprintf), move them up
+		if ( isset( $args[0] ) && is_array($args[0]) )
 			$args = $args[0];
-		}
-
-		foreach ( $args as $arg ) {
-			if ( ! is_scalar( $arg ) && ! is_null( $arg ) ) {
-				wp_load_translations_early();
-				_doing_it_wrong( 'wpdb::prepare', sprintf( __( 'Unsupported value type (%s).' ), gettype( $arg ) ), '4.8.2' );
-			}
-		}
-
-		/*
-		 * Specify the formatting allowed in a placeholder. The following are allowed:
-		 *
-		 * - Sign specifier. eg, $+d
-		 * - Numbered placeholders. eg, %1$s
-		 * - Padding specifier, including custom padding characters. eg, %05s, %'#5s
-		 * - Alignment specifier. eg, %05-s
-		 * - Precision specifier. eg, %.2f
-		 */
-		$allowed_format = '(?:[1-9][0-9]*[$])?[-+0-9]*(?: |0|\'.)?[-+0-9]*(?:\.[0-9]+)?';
-
-		/*
-		 * If a %s placeholder already has quotes around it, removing the existing quotes and re-inserting them
-		 * ensures the quotes are consistent.
-		 *
-		 * For backwards compatibility, this is only applied to %s, and not to placeholders like %1$s, which are frequently
-		 * used in the middle of longer strings, or as table name placeholders.
-		 */
-		$query = str_replace( "'%s'", '%s', $query ); // Strip any existing single quotes.
-		$query = str_replace( '"%s"', '%s', $query ); // Strip any existing double quotes.
-		$query = preg_replace( '/(?<!%)%s/', "'%s'", $query ); // Quote the strings, avoiding escaped strings like %%s.
-
-		$query = preg_replace( "/(?<!%)(%($allowed_format)?f)/" , '%\\2F', $query ); // Force floats to be locale unaware.
-
-		$query = preg_replace( "/%(?:%|$|(?!($allowed_format)?[sdF]))/", '%%\\1', $query ); // Escape any unescaped percents.
-
-		// Count the number of valid placeholders in the query.
-		$placeholders = preg_match_all( "/(^|[^%]|(%%)+)%($allowed_format)?[sdF]/", $query, $matches );
-
-		if ( count( $args ) !== $placeholders ) {
-			if ( 1 === $placeholders && $passed_as_array ) {
-				// If the passed query only expected one argument, but the wrong number of arguments were sent as an array, bail.
-				wp_load_translations_early();
-				_doing_it_wrong( 'wpdb::prepare', __( 'The query only expected one placeholder, but an array of multiple placeholders was sent.' ), '4.9.0' );
-
-				return;
-			} else {
-				/*
-				 * If we don't have the right number of placeholders, but they were passed as individual arguments,
-				 * or we were expecting multiple arguments in an array, throw a warning.
-				 */
-				wp_load_translations_early();
-				_doing_it_wrong( 'wpdb::prepare',
-					/* translators: 1: number of placeholders, 2: number of arguments passed */
-					sprintf( __( 'The query does not contain the correct number of placeholders (%1$d) for the number of arguments passed (%2$d).' ),
-						$placeholders,
-						count( $args ) ),
-					'4.8.3'
-				);
-			}
-		}
-
+		$query = str_replace( "'%s'", '%s', $query ); // in case someone mistakenly already singlequoted it
+		$query = str_replace( '"%s"', '%s', $query ); // doublequote unquoting
+		$query = preg_replace( '|(?<!%)%f|' , '%F', $query ); // Force floats to be locale unaware
+		$query = preg_replace( '|(?<!%)%s|', "'%s'", $query ); // quote the strings, avoiding escaped strings like %%s
 		array_walk( $args, array( $this, 'escape_by_ref' ) );
-		$query = @vsprintf( $query, $args );
-
-		return $this->add_placeholder_escape( $query );
+		return @vsprintf( $query, $args );
 	}
 
 	/**
@@ -1793,64 +1728,6 @@ class wpdb {
 		}
 	}
 
-	/**
-	 * Generates and returns a placeholder escape string for use in queries returned by ::prepare().
-	 *
-	 * @since 4.8.3
-	 *
-	 * @return string String to escape placeholders.
-	 */
-	public function placeholder_escape() {
-		static $placeholder;
-
-		if ( ! $placeholder ) {
-			// If ext/hash is not present, compat.php's hash_hmac() does not support sha256.
-			$algo = function_exists( 'hash' ) ? 'sha256' : 'sha1';
-			// Old WP installs may not have AUTH_SALT defined.
-			$salt = defined( 'AUTH_SALT' ) && AUTH_SALT ? AUTH_SALT : (string) rand();
-
-			$placeholder = '{' . hash_hmac( $algo, uniqid( $salt, true ), $salt ) . '}';
-		}
-
-		/*
-		 * Add the filter to remove the placeholder escaper. Uses priority 0, so that anything
-		 * else attached to this filter will recieve the query with the placeholder string removed.
-		 */
-		if ( ! has_filter( 'query', array( $this, 'remove_placeholder_escape' ) ) ) {
-			add_filter( 'query', array( $this, 'remove_placeholder_escape' ), 0 );
-		}
-
-		return $placeholder;
-	}
-
-	/**
-	 * Adds a placeholder escape string, to escape anything that resembles a printf() placeholder.
-	 *
-	 * @since 4.8.3
-	 *
-	 * @param string $query The query to escape.
-	 * @return string The query with the placeholder escape string inserted where necessary.
-	 */
-	public function add_placeholder_escape( $query ) {
-		/*
-		 * To prevent returning anything that even vaguely resembles a placeholder,
-		 * we clobber every % we can find.
-		 */
-		return str_replace( '%', $this->placeholder_escape(), $query );
-	}
-
-	/**
-	 * Removes the placeholder escape strings from a query.
-	 *
-	 * @since 4.8.3
-	 *
-	 * @param string $query The query from which the placeholder will be removed.
-	 * @return string The query with the placeholder removed.
-	 */
-	public function remove_placeholder_escape( $query ) {
-		return str_replace( $this->placeholder_escape(), '%', $query );
-	}
-
 	/**
 	 * Insert a row into a table.
 	 *
@@ -2786,8 +2663,7 @@ class wpdb {
 					}
 
 					if ( is_array( $value['length'] ) ) {
-						$length = sprintf( '%.0f', $value['length']['length'] );
-						$queries[ $col ] = $this->prepare( "CONVERT( LEFT( CONVERT( %s USING $charset ), $length ) USING {$this->charset} )", $value['value'] );
+						$queries[ $col ] = $this->prepare( "CONVERT( LEFT( CONVERT( %s USING $charset ), %.0f ) USING {$this->charset} )", $value['value'], $value['length']['length'] );
 					} else if ( 'binary' !== $charset ) {
 						// If we don't have a length, there's no need to convert binary - it will always return the same result.
 						$queries[ $col ] = $this->prepare( "CONVERT( CONVERT( %s USING $charset ) USING {$this->charset} )", $value['value'] );

wp-login.php

@@ -14,10 +14,10 @@ require( dirname(__FILE__) . '/wp-load.php' );
 // Redirect to https login if forced to use SSL
 if ( force_ssl_admin() && ! is_ssl() ) {
 	if ( 0 === strpos($_SERVER['REQUEST_URI'], 'http') ) {
-		wp_safe_redirect( set_url_scheme( $_SERVER['REQUEST_URI'], 'https' ) );
+		wp_redirect( set_url_scheme( $_SERVER['REQUEST_URI'], 'https' ) );
 		exit();
 	} else {
-		wp_safe_redirect( 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
+		wp_redirect( 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
 		exit();
 	}
 }
@@ -34,7 +34,7 @@ function login_header( $title = 'Log In', $message = '', $wp_error = '' ) {
 	global $error, $interim_login, $action;
 
 	// Don't index any of these forms
-	add_action( 'login_head', 'wp_sensitive_page_meta' );
+	add_action( 'login_head', 'wp_no_robots' );
 
 	if ( wp_is_mobile() )
 		add_action( 'login_head', 'wp_login_viewport_meta' );

wp-mail.php

@@ -14,12 +14,6 @@ require(dirname(__FILE__) . '/wp-load.php');
 if ( ! apply_filters( 'enable_post_by_email_configuration', true ) )
 	wp_die( __( 'This action has been disabled by the administrator.' ) );
 
-$mailserver_url = get_option( 'mailserver_url' );
-
-if ( 'mail.example.com' === $mailserver_url || empty( $mailserver_url ) ) {
-	wp_die( __( 'This action has been disabled by the administrator.' ), 403 );
-}
-
 /**
  * Fires to allow a plugin to do a complete takeover of Post by Email.
  *