2.6.3

git-svn-id: http://svn.automattic.com/wordpress/tags/2.6.3@9310 1a063a9b-81f0-0310-95a4-ce76da25c4cd

readme.html

@@ -8,7 +8,7 @@
 <body>
 <h1 id="logo" style="text-align: center">
 	<img alt="WordPress" src="wp-admin/images/wordpress-logo.png" />
-	<br /> Version 2.6
+	<br /> Version 2.6.1
 </h1>
 <p style="text-align: center">Semantic Personal Publishing Platform</p>
 
@@ -29,7 +29,7 @@
 
 <h1>Upgrading</h1>
 <p>Before you upgrade anything, make sure you have backup copies of any files you may have modified such as <code>index.php</code>.</p>
-<h2>Upgrading from any previous WordPress to 2.6:</h2>
+<h2>Upgrading from any previous WordPress to 2.6.1:</h2>
 <ol>
 	<li>Delete your old WP files, saving ones you've modified.</li>
 	<li>Upload the new files.</li>

wp-admin/admin-ajax.php

@@ -392,13 +392,16 @@ case 'add-comment' :
 
 	list($comments, $total) = _wp_get_comment_list( $status, $search, $start, 1 );
 
+	if ( get_option('show_avatars') )
+		add_filter( 'comment_author', 'floated_admin_avatar' );
+
 	if ( !$comments )
 		die('1');
 	$x = new WP_Ajax_Response();
 	foreach ( (array) $comments as $comment ) {
 		get_comment( $comment );
 		ob_start();
-			_wp_comment_row( $comment->comment_ID, $mode, false );
+			_wp_comment_row( $comment->comment_ID, $mode, $status );
 			$comment_list_item = ob_get_contents();
 		ob_end_clean();
 		$x->add( array(

wp-admin/admin-header.php

@@ -74,10 +74,7 @@ unset($hook_suffixes, $hook_suffix);
 </div>
 
 <?php
-$gears_compat = false;
-
-if ( ($is_gecko || $is_winIE) && strpos(strtolower($_SERVER['HTTP_USER_AGENT']), 'webkit') === false ) { 
-	$gears_compat = true;
+if ( ! $is_opera ) { 
 ?>
 	<div id="gears-info-box" class="info-box" style="display:none;">
 	<img src="images/gear.png" title="Gear" alt="" class="gears-img" />
@@ -93,7 +90,14 @@ if ( ($is_gecko || $is_winIE) && strpos(strtolower($_SERVER['HTTP_USER_AGENT']),
 	<div id="gears-msg2" style="display:none;">
 	<h3 class="info-box-title"><?php _e('Gears Status'); ?></h3>
 	<p><?php _e('Gears is installed on this computer but is not enabled for use with WordPress.'); ?></p> 
-	<p><?php _e('To enable it, make sure this web site is not on the denied list in Gears Settings under your browser\'s Tools menu, then click the button below.'); ?></p>
+	<p><?php 
+	
+	if ( $is_safari )
+		_e('To enable it, make sure this web site is not on the denied list in Gears Settings under the Safari menu, then click the button below.');
+	else
+		_e('To enable it, make sure this web site is not on the denied list in Gears Settings under your browser Tools menu, then click the button below.'); 
+	
+	?></p>
 	<p><strong><?php _e('However if this is a public or shared computer, Gears should not be enabled.'); ?></strong></p>
 	<div class="submit"><button class="button" onclick="wpGears.getPermission();"><?php _e('Enable Gears'); ?></button>
 	<button class="button" style="margin-left:10px;" onclick="document.getElementById('gears-info-box').style.display='none';"><?php _e('Cancel'); ?></button></div>
@@ -101,16 +105,22 @@ if ( ($is_gecko || $is_winIE) && strpos(strtolower($_SERVER['HTTP_USER_AGENT']),
 
 	<div id="gears-msg3" style="display:none;">
 	<h3 class="info-box-title"><?php _e('Gears Status'); ?></h3>
-	<p><?php _e('Gears is installed and enabled on this computer. You can disable it from your browser Tools menu.'); ?></p>
+	<p><?php
+	
+	if ( $is_safari )
+		_e('Gears is installed and enabled on this computer. You can disable it from the Safari menu.');
+	else
+		_e('Gears is installed and enabled on this computer. You can disable it from your browser Tools menu.'); 
+	
+	?></p>
 	<p><?php _e('If there are any errors, try disabling Gears, then reload the page and enable it again.'); ?></p>
 	<p><?php _e('Local storage status:'); ?> <span id="gears-wait"><span style="color:#f00;"><?php _e('Please wait! Updating files:'); ?></span> <span id="gears-upd-number"></span></span></p>
 	<div class="submit"><button class="button" onclick="document.getElementById('gears-info-box').style.display='none';"><?php _e('Close'); ?></button></div>
 	</div>
 	</div>
-
 <?php } ?>
 
-<div id="user_info"><p><?php printf(__('Howdy, <a href="%1$s">%2$s</a>!'), 'profile.php', $user_identity) ?> | <a href="<?php echo site_url('wp-login.php?action=logout', 'login') ?>" title="<?php _e('Log Out') ?>"><?php _e('Log Out'); ?></a> | <?php _e('<a href="http://codex.wordpress.org/">Help</a>') ?> | <?php _e('<a href="http://wordpress.org/support/">Forums</a>'); if ( $gears_compat ) { ?> | <span id="gears-menu"><a href="#" onclick="wpGears.message(1);return false;"><?php _e('Turbo') ?></a></span><?php } ?></p></div>
+<div id="user_info"><p><?php printf(__('Howdy, <a href="%1$s">%2$s</a>!'), 'profile.php', $user_identity) ?> | <a href="<?php echo site_url('wp-login.php?action=logout', 'login') ?>" title="<?php _e('Log Out') ?>"><?php _e('Log Out'); ?></a> | <?php _e('<a href="http://codex.wordpress.org/">Help</a>') ?> | <?php _e('<a href="http://wordpress.org/support/">Forums</a>'); if ( ! $is_opera ) { ?> | <span id="gears-menu"><a href="#" onclick="wpGears.message(1);return false;"><?php _e('Turbo') ?></a></span><?php } ?></p></div>
 
 <?php
 require(ABSPATH . 'wp-admin/menu-header.php');

wp-admin/css/colors-classic-rtl.css

@@ -1,3 +1,24 @@
+.post-com-count {
+}
+#adminmenu li a #awaiting-mod, #sidemenu li a #update-plugins {
+	background-image: url(../images/comment-stalk-rtl.gif);
+	background-position:right bottom;
+}
+#footer {
+	background-position:99% 10px;
+}
 #poststuff .closed .togbox, #poststuff .togbox {
-background-image: url(../images/toggle-arrow-rtl.gif) !important;
-}
+	background-image: url(../images/toggle-arrow-rtl.gif) !important;
+}
+.bar {
+	border-right-color: transparent;
+	border-left-color: #99d;
+}
+.plugins .togl {
+	border-right-color: transparent;
+	border-left-color: #ccc;
+}
+#upload-menu li.current {
+	border-right-color: transparent;
+	border-left-color: #448abd;
+}

wp-admin/css/colors-fresh-rtl.css

@@ -1,3 +1,24 @@
+.bar {
+	border-right-color: transparent;
+	border-left-color: #99d;
+}
+.post-com-count {
+}
+#adminmenu li a #awaiting-mod, #sidemenu li a #update-plugins {
+	background-image: url(../images/comment-stalk-rtl.gif);
+	background-position:right bottom;
+}
+#footer {
+	background-position:99% 10px;
+}
+.plugins .togl {
+	border-right-color: transparent;
+	border-left-color: #ccc;
+}
 #poststuff .closed .togbox, #poststuff .togbox {
-background-image: url(../images/toggle-arrow-rtl.gif) !important;
-}
+	background-image: url(../images/toggle-arrow-rtl.gif);
+}
+#upload-menu li.current {
+	border-right-color:transparent;
+	border-left-color: #448abd;
+}

wp-admin/css/dashboard-rtl.css

@@ -1,79 +1,62 @@
+/* Right Now */
 #rightnow {
-	margin-left: 15px;
+	margin-right:0;
+	margin-left: 7px;
 }
-
 #rightnow .reallynow span {
 	text-align: right;
 	float: right;
 }
-
 #rightnow .reallynow a {
 	text-align: left;
 	float: left;
 	margin: 1px 0 0 6px;
 }
-
-div.dashboard-widget-holder {
-	float: right;
+/* Widgets */
+div#dashboard-widgets-wrap {
+	margin-right:0;
+	margin-left:-13px;
+}
+div.dashboard-widget-holder {
+	float:right;
+}
+div.dashboard-widget {
+	margin-right:0;
+	margin-left: 20px;
 }
-
 h3.dashboard-widget-title span {
 	text-align: right;
 	float: right;
 }
-
-div.dashboard-widget-submit input {
-	font-family: sans-serif !important;
-}
-	
-#dashboard-widgets .widget_rss ul li a {
-	float:right;
-	font-weight:bold;
-	margin:0pt 0pt 0.2em 0.5em;
-}
-
-#dashboard-widgets .widget_rss ul li span.rss-date {
-	float: right;
-}
-
 h3.dashboard-widget-title small {
 	text-align: left;
-	float: left;
+	float:left;
 }
-div.dashboard-widget-content ul,
-div.dashboard-widget-content ol,
-div.dashboard-widget-content dl {
+div.dashboard-widget-submit input  {
+	font-family: Tahoma;
+}
+div.dashboard-widget-content ul, div.dashboard-widget-content ol, div.dashboard-widget-content dl {
 	padding-left:0;
 	padding-right:15px;
 }
-div#dashboard-widgets-wrap
-{
-	margin-right:0;
-	margin-left:-10px;
+#dashboard_secondary div.dashboard-widget-content ul li {
+	float:right;
 }
-
-div.dashboard-widget {
-	margin-right:0;
-	margin-left:20px;
+#dashboard_secondary div.dashboard-widget-content ul li .post {
+	font-family:arial;
+}
+#dashboard_secondary div.dashboard-widget-content ul li a {
+	border-right:0 none;
+	border-left: 1px solid #dadada;
+	height:110px;
+}
+#dashboard_secondary div.dashboard-widget-content ul li a cite {
+	font-family: Tahoma;
 }
-
 #dashboard-widgets .widget_rss ul li span.rss-date {
 	float:right;
 }
 #dashboard-widgets .widget_rss ul li a {
-	float:right;
-	margin:0 0 0.2em 0.5em;
-}
-#dashboard_secondary div.dashboard-widget-content ul li {
 	float: right;
-}
-#dashboard_secondary div.dashboard-widget-content ul li .post {
-	font-family: sans-serif !important;
-}
-#dashboard_secondary div.dashboard-widget-content ul li a {
-	border-right:0 none;
-	border-left:1px solid #DADADA;
-}
-#dashboard_secondary div.dashboard-widget-content ul li a cite {
-	font-family: sans-serif;
+	margin: 0 0 .2em .5em;
 }

wp-admin/css/global-rtl.css

@@ -1,34 +1,31 @@
-//* styles for use by people extending the WordPress interface */
-body, td { font-family: sans-serif; }
-
-textarea, input, select { font-family: sans-serif; }
-
-.alignleft { float: right; }
-.alignright { float: left; }
-
-.textleft { text-align: right; }
-.textright { text-align: left; }
-	
-.wrap h2 { font-family: sans-serif; }
-
+body, td {
+	font-family: Tahoma;
+}
+textarea, input, select {
+	font-family: Tahoma;
+}
+h1, h2, h3 {
+	font-family:arial;
+}
 .widefat td {
 	padding: 7px 10px 9px 15px;
 }
-
 .widefat th {
 	padding: 9px 10px 6px 15px;
 	text-align: right;
 }
-
 .widefat th input {
 	margin: 0 8px 0 0;
 }
-
 .widefat .check-column {
 	text-align: left;
 }
-
 .wrap h2 {
+	font-family:arial;
 	margin: 5px -4px 0 0;
-	padding: 0 0 7px 280px;
+	padding-right:0;
+	padding-left: 280px;
+}
+.wrap h2.long-header {
+	padding-left: 0;
 }

wp-admin/css/ie-rtl.css

@@ -1,53 +1,73 @@
-/* footer */
-body, td {
-	font-family: Tahoma,Verdana,sans-serif;
+#poststuff .postbox h3 {
+	padding-left:0;
+	padding-right: 23px;
 }
-
-.wrap {
-	text-align: right;
+* html #poststuff .postarea, * html #poststuff #titlediv {
+	margin-left:0;
+	margin-right: 3%;
 }
-
-.wrap h2 {
-	margin: 5px 0 0 4px;
+* html #poststuff h2 {
+	margin-right: 0;
 }
-
-#footer {
-	padding-left:50px;
-}
-#footer p {
-	background:none;
-	height:auto;
-	padding: 5px 5px 0;
-}
-
 #bh {
+	padding-right:0;
 	padding-left: 15px;
-	padding-right: 0px;
 }
-/* write post */
+div#dashboard-widgets {
+	padding-right:0;
+	padding-left: 1px;
+}
+#tagchecklist span a {
+	margin: 4px -9px 0 0;
+}
 #poststuff .togbox {
-	margin-right:-16px;
+	margin-left:0;
+	margin-right: -19px;
 }
-#poststuff h3 {
-	padding-right:20px;
+.widefat th input {
+	margin: 0 5px 0 0;
 }
-
-p#widget-search, p#post-search {
-	padding-left: 15px;
+/* ---------- add by navid */
+#dashmenu { /* fix top right bottom in admin */
+	direction:ltr;
 }
-
-.widefat th {
-	padding-bottom: 8px;
-}
-
-/* template editor */
-#template textarea {
+#sidemenu a { /* fix left admin buttom ex. plugins, options */
 	float:left;
 }
-
-/* Editor */
-
-.mceToolbar {
-	direction: ltr;
-	text-align: left;
-}
+.wrap h2 {
+	margin:5px 4px 0 0;
+}
+#editor-toolbar {/* fix hover in media uploader icon */
+	direction:ltr;
+}
+#TB_window { /* fix theme preview */
+	left:2%;
+}
+/* fix widget page */
+form#widgets-filter {
+	position:static;
+}
+#widget-search {
+	display:none;
+}
+/* fix manage comment page */
+ul.view-switch li {
+	float:left;
+}
+form#posts-filter {
+	position:static;
+}
+#post-search {
+	display:none;
+}
+#submenu {
+	margin-right: 20px;
+}
+/* Fixes for media-upload window */
+/* Center media-upload panel on screen */
+#TB_window { 
+	width: 670px; 
+	position: absolute; 
+	top: 50%; 
+	left: 50%; 
+	margin-right: 335px !important; }

wp-admin/css/install-rtl.css

@@ -1,26 +1,27 @@
 body {
-	font-size: 11px;
-	font-family: sans-serif !important;
+	font-family: Tahoma;
+}
+/* Half the page disapears on IE6 */
+* html body {
+	width: 700px; 
+	position: absolute; 
+	left: 50%; 
+	margin-right: 350px;
 }
 ul, ol {
 	padding: 5px 22px 5px 5px;
 }
+.step, th {
+	text-align:right;
+}
+.submit input, .button, .button-secondary  {
+	font-family: Tahoma;
+	margin-right:0;
+}
 .form-table th {
-	text-align: right;
-}
-input {
-	padding: 1px
-}
-#logo {
-	text-align: left;
-}
-#admin_email {
-	direction: ltr;
-	text-align: left;
-}
-.submit input, .button, .button-secondary {
-	font-family: sans-serif !important;
+	text-align:right;
 }
 h1 {
-	font-family: sans-serif;
-}
+	font-family:arial;
+	margin: 5px -4px 0 0;
+}

wp-admin/css/login-rtl.css

@@ -1,35 +1,37 @@
 body {
-	font-family: sans-serif;
-	direction: rtl;
-}
-#login form .submit input {
-	font-family: sans-serif !important;
+	font-family: Tahoma;
 }
 form {
 	margin-left:0;
-	margin-right:8px;
+	margin-right: 8px;
 }
 form .forgetmenot {
 	float:right;
 }
+#login form .submit input  {
+	font-family: Tahoma;
+}
 form .submit {
 	float:left;
 }
+#backtoblog a {
+	left:auto;
+	right:15px;
+}
 #login_error, .message {
-	margin:0 8px 16px 0;
+	margin: 0 8px 16px 0;
 }
 #nav {
-	margin: 0 8px 0 0;
+	margin:0 8px 0 0;
 }
 #user_pass, #user_login, #user_email {
 	margin-right:0;
 	margin-left: 6px;
-	direction:ltr;
 }
 h1 a {
 	text-decoration:none;
 }
-#backtoblog a {
-	left: auto;
-	right: 15px;
-}
+/* ltr input */
+#user_login, #user_pass {
+	direction:ltr;
+}

wp-admin/css/media-rtl.css

@@ -1,21 +1,66 @@
-ul#sidemenu {
-	left: auto;
-	right: 0;
+body#media-upload ul#sidemenu {
+	left:auto;
+	right:0;
+	width: 620px;
+}
+#search-filter {
+	text-align:left;
 }
 .align .field label {
-	display: block;
-	float: right;
-	padding: 0 25px 0 0;
-	margin: 5px 3px 5px 5px; 
+	padding: 0 28px 0 0;
+	margin: 0 0 0 1em;
 }
-.align .field input {
-	display: block;
-	float: right;
-	margin: 5px 15px 5px 0;
+.image-align-none-label, .image-align-left-label, .image-align-center-label, .image-align-right-label {
+	background-position:center right;
+}
+tr.image-size label {
+	margin: 0 0 0 1em;
+}
+.filename.original {
+	float: right;
+}
+.crunching {
+	text-align: left;
+	margin-right:0;
+	margin-left: 5px;
+}
+button.dismiss {
+	right:auto;
+	left:5px;
+}
+.file-error {
+	margin: 0 50px 5px 0;
+}
+.progress {
+	left:auto;
+	right:0;
+}
+.bar {
+	border-right-width:0;
+	border-left-width: 3px;
+	border-left-style: solid;
+}
+.media-item .pinkynail {
+	float:right;
+}
+.describe-toggle-on, .describe-toggle-off {
+	float: left;
+	margin-right:0;
+	margin-left: 20px;
+}
+/* Specific to Uploader */
+
+#media-upload .media-upload-form p {
+	margin: 0 0 1em 1em;
+}
+.filename {
+	float: right;
+	margin-left:0;
+	margin-right: 10px;
+}
+#media-upload .describe th.label {
+	text-align:right;
+}
+.menu_order {
+	float:left;
 }
-.image-align-none-label,
-.image-align-left-label,
-.image-align-center-label,
-.image-align-right-label {
-	background-position: center right;
-}

wp-admin/css/press-this-ie-rtl.css

@@ -1,7 +1,3 @@
-#menu { margin-right: 8px !important; }
-
-p.submit input { text-align: right !important; }
-
-li.ui-tabs-selected a { height: 25px; }
-
-#photo_directions span { right: 200px; left: auto; height: 8px; }
+.ui-tabs-nav {
+ 	margin-right: 0;
+}

wp-admin/css/press-this-ie.css

@@ -1,8 +1,7 @@
-
-#posting {
- 	position: static !important;
-}
- .ui-tabs-nav {
- 	margin-left: 0;
- 	border: 0 !important;
-}
+#posting {
+ 	position: static !important;
+}
+ .ui-tabs-nav {
+ 	margin-left: 0;
+ 	border: 0 !important;
+}

wp-admin/css/press-this-rtl.css

@@ -1,59 +1,98 @@
 body {
-	font-family: sans-serif;
+	font-family: Tahoma;
 }
-
-#viewsite { 
-	right:auto; left: 8px; 
+.ui-tabs-nav {
+	padding-left:0;
+	padding-right:8px;
 }
-
-ul#menu { 
-	padding-right: 8px; 
+.ui-tabs-nav li {
+	float: right;
 }
-
-.ui-tabs-nav li { 
-	float: right; 
+.button {
+	font-family: Tahoma;
+	margin-left:0;
+	margin-right: 5px;
 }
-
-div#posting { 
-	padding-right:16px; padding-left: 0; 
+#wphead #viewsite {
+	margin-left:0;
+	margin-right: 10px;
 }
-
-div#categories { 
-	right: auto; left: 16px; 
+#viewsite {
+	right:auto;
+	left: 8px;
 }
-
-div#categories h2 { 
-	margin:0.5em 1em 0.5em 0; 
+#wphead #viewsite a {
+	font-family: Tahoma;
 }
-
-#jaxtag { 
-	padding-right :1em; padding-left: 0; 
+h1 {
+	right:auto;
+	left:0;
 }
-
-input#newtag { 
-	margin-left: 4px; width: 100px; 
+div#posting {
+	padding-left:0;
+	padding-right: 16px;
 }
-
-#photo_directions span { 
-	right: auto; left: 3px 
+#photo_directions span {
+	right:auto;
+	left:3px;
 }
-
-#TB_ajaxContent #options { 
-	right: auto; left: 25px; 
+#img_container a {
+	float:right;
 }
-
-#TB_ajaxContent {
-	text-align: right;
+#img_container a, #img_container a:link, #img_container a:visited {
+	margin:0 0 4px 4px;
 }
-
-#TB_ajaxContent #this_photo {
-	direction: ltr;
+div#categories {
+	right:auto;
+	left:16px;
 }
-
-.video_split #extra_fields { 
-	float: right; 
+div#categories h2 {
+	margin: .5em 1em .5em 0;
+}
+#tagsdiv #newtag {
+	margin-right:0;	
+	margin-left: 5px;	
+}
+#jaxtag {
+	padding-left:0;
+	padding-right: 1em;
+}
+#tagchecklist {
+	padding-left:0;
+	padding-right: 1em;
+}
+#tagchecklist span {
+	margin-right: 10px;
+	margin-left: .5em;
+	float: right;
+}
+#tagchecklist span a {
+	margin: 6px -9px 0pt 0;
+	float: right;
+}
+.submitbox {
+	float: left;
+}
+.submitbox .submit input {
+	text-align:right;
+}
+.video_split #extra_fields {
+	float:right;
+}
+.video_split .editor_area {
+	float: left;
+}
+.ac_results li {
+	text-align:right;
+}
+#TB_ajaxContent #options {
+	right:auto;
+	left:25px;
+}
+#post_status {
+	margin-left:0;
+	margin-right: 10px;
+}
+#footer {
+	padding: 10px 60px 0 0;
 }
-
-.video_split .editor_area { 
-	float: left; 
-}

wp-admin/css/press-this.css

@@ -4,6 +4,8 @@ body {
 	margin: 0px;
 	padding: 0px;
 }
+
+img { border: 0; }
 /* Tabs */
 @media projection , screen {
 	.ui-tabs-hide {

wp-admin/css/theme-editor-rtl.css

@@ -1,14 +1,15 @@
 #template textarea {
-	font-family: monospace !important;
+	font-family:monospace;
 }
 #templateside {
 	float:left;
 }
 #themeselector {
 	padding-right:0;
-	padding-left:5px;
+	padding-left: 5px;
+	float: left;
 }
 div.tablenav {
-	margin-left:210px;
 	margin-right:0;
-}
+	margin-left: 210px;
+}

wp-admin/css/widgets-rtl.css

@@ -1,51 +1,45 @@
+/* 2 column liquid layout */
 div.widget-liquid-left-holder {
-	clear:right;
-	float:right;
+	float: right;
+	clear: right;
 	margin-right:0;
-	margin-left:-310px;
+	margin-left: -310px;
 }
 div.widget-liquid-left {
 	margin-right:0;
-	margin-left:310px;
+	margin-left: 320px;
 }
 div.widget-liquid-right {
-	clear:left;
-	float:left;
+	float: left;
+	clear: left;
 }
 p#widget-search {
+	right:auto;
 	left:0;
-	right:auto
-}
-ul#widget-list li.widget-list-item h4.widget-title {
-	float:right;
-	text-align:right;
-}
-ul#widget-list li.widget-list-item div.widget-description {
-	margin:0 200px 0 0;
-	padding:0 4em 0 0;
-}
-.widget-control-save, .widget-control-remove {
-	float:right;
-	margin-right:0;
-	margin-left:8px;
 }
 h4.widget-title span {
 	float: right;
 }
 h4.widget-title a {
 	float: left;
-	margin: 0 1em 0 0;
+	margin-left:0;
+	margin-right: 1em;
 }
-li.widget-list-control-item h4.widget-title a, #dragHelper li.widget-list-control-item h4.widget-title a, #draghelper li.widget-list-control-item h4.widget-title a:visited {
-	right:auto;
-	left:1em;
+ul#widget-list li.widget-list-item h4.widget-title {
+	float:right;
 }
-
-ul.widget-control-list div.widget-control-actions {
+ul#widget-list li.widget-list-item div.widget-description {
+	margin: 0 200px 0 0;
+	padding: 0 4em 0 0;
+}
+.widget-control-save, .widget-control-remove {
 	margin-right:0;
-	margin-left:-10px;
+	margin-left: 8px;
+	float: right;
+}
+li.widget-list-control-item h4.widget-title a,
+#dragHelper li.widget-list-control-item h4.widget-title a,
+#draghelper li.widget-list-control-item h4.widget-title a:visited {
+	right:auto;
+	left: 1em;
 }
-ul.widget-control-list h4.widget-title,
-#dragHelper h4.widget-title {
-	text-align: right;
-}

wp-admin/edit-comments.php

@@ -30,6 +30,8 @@ if ( !empty( $_REQUEST['delete_comments'] ) ) {
 		}
 	endforeach;
 	$redirect_to = basename( __FILE__ ) . '?deleted=' . $comments_deleted . '&approved=' . $comments_approved . '&spam=' . $comments_spammed . '&unapproved=' . $comments_unapproved;
+	if ( isset($_REQUEST['apage']) )
+		$redirect_to = add_query_arg( 'apage', absint($_REQUEST['apage']), $redirect_to );
 	if ( !empty($_REQUEST['mode']) )
 		$redirect_to = add_query_arg('mode', $_REQUEST['mode'], $redirect_to);
 	if ( !empty($_REQUEST['comment_status']) )
@@ -175,6 +177,9 @@ if ( $page_links )
 <input type="submit" value="<?php _e('Delete'); ?>" name="deleteit" class="button-secondary delete" />
 <?php do_action('manage_comments_nav', $comment_status); ?>
 <?php wp_nonce_field('bulk-comments'); ?>
+<?php if ( isset($_GET['apage']) ) { ?>
+	<input type="hidden" name="apage" value="<?php echo absint( $_GET['apage'] ); ?>" />
+<?php } ?>
 </div>
 
 <br class="clear" />

wp-admin/edit-form-advanced.php

@@ -7,7 +7,9 @@ $messages[1] = sprintf( __( 'Post updated. Continue editing below or <a href="%s
 $messages[2] = __('Custom field updated.');
 $messages[3] = __('Custom field deleted.');
 $messages[4] = __('Post updated.');
-$messages[5] = sprintf( __('Post restored to revision from %s'), wp_post_revision_title( $_GET['revision'], false ) );
+
+if ( isset($_GET['revision']) )
+	$messages[5] = sprintf( __('Post restored to revision from %s'), wp_post_revision_title( (int) $_GET['revision'], false ) );
 
 $notice = false;
 $notices[1] = __( 'There is an autosave of this post that is more recent than the version below.  <a href="%s">View the autosave</a>.' );
@@ -71,14 +73,7 @@ $saveasdraft = '<input name="save" type="submit" id="save" class="button" tabind
 <input type="hidden" id="post_author" name="post_author" value="<?php echo attribute_escape( $post->post_author ); ?>" />
 <input type="hidden" id="post_type" name="post_type" value="<?php echo $post->post_type ?>" />
 <input type="hidden" id="original_post_status" name="original_post_status" value="<?php echo $post->post_status ?>" />
-<input name="referredby" type="hidden" id="referredby" value="<?php
-if ( !empty($_REQUEST['popupurl']) )
-	echo clean_url(stripslashes($_REQUEST['popupurl']));
-else if ( strpos( wp_get_referer(), '/wp-admin/' ) === false && $post_ID && url_to_postid(wp_get_referer()) === $post_ID  )
-	echo 'redo';
-else
-	echo clean_url(stripslashes(wp_get_referer()));
-?>" />
+<input name="referredby" type="hidden" id="referredby" value="<?php echo clean_url(stripslashes(wp_get_referer())); ?>" />
 <?php if ( 'draft' != $post->post_status ) wp_original_referer_field(true, 'previous'); ?>
 
 <?php echo $form_extra ?>
@@ -115,7 +110,7 @@ if ( current_user_can('publish_posts') OR ( $post->post_status == 'publish' AND
 </p>
 
 <?php if ( current_user_can( 'publish_posts' ) ) : ?>
-<p><label for="post_status_private" class="selectit"><input id="post_status_private" name="post_status" type="checkbox" value="private" <?php checked($post->post_status, 'private'); ?> tabindex="4" /> <?php _e('Keep this post private') ?></label></p>
+<p id="private-checkbox"><label for="post_status_private" class="selectit"><input id="post_status_private" name="post_status" type="checkbox" value="private" <?php checked($post->post_status, 'private'); ?> tabindex="4" /> <?php _e('Keep this post private') ?></label></p>
 <?php endif; ?>
 <?php
 if ($post_ID) {

wp-admin/edit-link-categories.php

@@ -10,12 +10,13 @@ if ( isset($_GET['deleteit']) && isset($_GET['delete']) ) {
 
 	foreach( (array) $_GET['delete'] as $cat_ID ) {
 		$cat_name = get_term_field('name', $cat_ID, 'link_category');
-
+		$default_cat_id = get_option('default_link_category');
+		
 		// Don't delete the default cats.
-		if ( $cat_ID == get_option('default_link_category') )
+		if ( $cat_ID == $default_cat_id )
 			wp_die(sprintf(__("Can&#8217;t delete the <strong>%s</strong> category: this is the default one"), $cat_name));
 
-		wp_delete_term($cat_ID, 'link_category');
+		wp_delete_term($cat_ID, 'link_category', array('default' => $default_cat_id));
 	}
 
 	$location = 'edit-link-categories.php';

wp-admin/edit-page-form.php

@@ -6,6 +6,9 @@ $messages[2] = __('Custom field updated.');
 $messages[3] = __('Custom field deleted.');
 $messages[4] = __('Page updated.');
 
+if ( isset($_GET['revision']) )
+	$messages[5] = sprintf( __('Page restored to revision from %s'), wp_post_revision_title( (int) $_GET['revision'], false ) );
+
 $notice = false;
 $notices[1] = __( 'There is an autosave of this page that is more recent than the version below.  <a href="%s">View the autosave</a>.' );
 
@@ -27,10 +30,6 @@ if (!isset($post_ID) || 0 == $post_ID) {
 $temp_ID = (int) $temp_ID;
 $user_ID = (int) $user_ID;
 
-$sendto = clean_url(stripslashes(wp_get_referer()));
-
-if ( 0 != $post_ID && $sendto == get_permalink($post_ID) )
-	$sendto = 'redo';
 ?>
 
 <?php if ( $notice ) : ?>
@@ -57,12 +56,7 @@ if (isset($mode) && 'bookmarklet' == $mode)
 <?php echo $form_extra ?>
 <input type="hidden" id="post_type" name="post_type" value="<?php echo $post->post_type ?>" />
 <input type="hidden" id="original_post_status" name="original_post_status" value="<?php echo $post->post_status ?>" />
-<input name="referredby" type="hidden" id="referredby" value="<?php
-if ( strpos( wp_get_referer(), '/wp-admin/' ) === false && $post_ID && url_to_postid(wp_get_referer()) === $post_ID )
-	echo 'redo';
-else
-	echo clean_url(stripslashes(wp_get_referer()));
-?>" />
+<input name="referredby" type="hidden" id="referredby" value="<?php echo clean_url(stripslashes(wp_get_referer())); ?>" />
 <?php if ( 'draft' != $post->post_status ) wp_original_referer_field(true, 'previous'); ?>
 
 <div id="poststuff">
@@ -95,7 +89,7 @@ if ( current_user_can('publish_pages') OR ( $post->post_status == 'publish' AND
 </select>
 </p>
 <?php if ( current_user_can( 'publish_posts' ) ) : ?> 
-<p><label for="post_status_private" class="selectit"><input id="post_status_private" name="post_status" type="checkbox" value="private" <?php checked($post->post_status, 'private'); ?> tabindex='4' /> <?php _e('Keep this page private') ?></label></p>
+<p id="private-checkbox"><label for="post_status_private" class="selectit"><input id="post_status_private" name="post_status" type="checkbox" value="private" <?php checked($post->post_status, 'private'); ?> tabindex='4' /> <?php _e('Keep this page private') ?></label></p>
 <?php endif; ?>
 
 <?php

wp-admin/edit-pages.php

@@ -122,7 +122,7 @@ endif;
 $pagenum = absint( $_GET['pagenum'] );
 if ( empty($pagenum) )
 	$pagenum = 1;
-if( !$per_page || $pre_page < 0 )
+if( !$per_page || $per_page < 0 )
 	$per_page = 20;
 
 $num_pages = ceil(count($posts) / $per_page);

wp-admin/gears-manifest.php

@@ -64,7 +64,7 @@ header( 'Content-Type: application/x-javascript; charset=UTF-8' );
 ?>
 {
 "betaManifestVersion" : 1,
-"version" : "<?php echo $man_version; ?>_20080710a",
+"version" : "<?php echo $man_version; ?>_20080810",
 "entries" : [
 <?php echo $defaults; ?>
 
@@ -103,20 +103,7 @@ header( 'Content-Type: application/x-javascript; charset=UTF-8' );
 { "url" : "images/no.png" },
 { "url" : "images/yes.png" },
 
-{ "url" : "../wp-includes/images/crystal/archive.png" },
-{ "url" : "../wp-includes/images/crystal/audio.png" },
-{ "url" : "../wp-includes/images/crystal/code.png" },
-{ "url" : "../wp-includes/images/crystal/default.png" },
-{ "url" : "../wp-includes/images/crystal/document.png" },
-{ "url" : "../wp-includes/images/crystal/interactive.png" },
-{ "url" : "../wp-includes/images/crystal/text.png" },
-{ "url" : "../wp-includes/images/crystal/video.png" },
-{ "url" : "../wp-includes/images/crystal/spreadsheet.png" },
-{ "url" : "../wp-includes/images/rss.png" },
-{ "url" : "../wp-includes/js/thickbox/loadingAnimation.gif" },
-{ "url" : "../wp-includes/js/thickbox/tb-close.png" },
-{ "url" : "../wp-includes/js/swfupload/swfupload_f9.swf" },
-
+<?php if ( is_file(ABSPATH.'/wp-includes/js/tinymce/tiny_mce.js') ) { ?>
 { "url" : "../wp-includes/js/tinymce/tiny_mce_popup.js?ver=311" },
 { "url" : "../wp-includes/js/tinymce/utils/mctabs.js?ver=311" },
 { "url" : "../wp-includes/js/tinymce/utils/validate.js?ver=311" },
@@ -131,7 +118,7 @@ header( 'Content-Type: application/x-javascript; charset=UTF-8' );
 { "url" : "../wp-includes/js/tinymce/themes/advanced/js/link.js?ver=311" },
 { "url" : "../wp-includes/js/tinymce/themes/advanced/js/source_editor.js?ver=311" },
 { "url" : "../wp-includes/js/tinymce/themes/advanced/js/anchor.js?ver=311" },
-{ "url" : "../wp-includes/js/tinymce/plugins/wpeditimage/js/editimage.js?ver=311d" },
+{ "url" : "../wp-includes/js/tinymce/plugins/wpeditimage/js/editimage.js?ver=311g" },
 { "url" : "../wp-includes/js/tinymce/tiny_mce.js?ver=311" },
 { "url" : "../wp-includes/js/tinymce/themes/advanced/editor_template.js?ver=311" },
 { "url" : "../wp-includes/js/tinymce/plugins/inlinepopups/editor_plugin.js?ver=311" },
@@ -148,7 +135,7 @@ header( 'Content-Type: application/x-javascript; charset=UTF-8' );
 { "url" : "../wp-includes/js/tinymce/plugins/paste/pastetext.htm?ver=311" },
 { "url" : "../wp-includes/js/tinymce/plugins/fullscreen/fullscreen.htm?ver=311" },
 { "url" : "../wp-includes/js/tinymce/plugins/inlinepopups/template.htm?ver=311" },
-{ "url" : "../wp-includes/js/tinymce/plugins/wpeditimage/editimage.html?ver=311d" },
+{ "url" : "../wp-includes/js/tinymce/plugins/wpeditimage/editimage.html?ver=311g" },
 { "url" : "../wp-includes/js/tinymce/wp-mce-help.php?ver=311" },
 
 { "url" : "../wp-includes/js/tinymce/themes/advanced/skins/wp_theme/ui.css?ver=311" },
@@ -161,7 +148,7 @@ header( 'Content-Type: application/x-javascript; charset=UTF-8' );
 { "url" : "../wp-includes/js/tinymce/plugins/media/css/media.css?ver=311" },
 { "url" : "../wp-includes/js/tinymce/plugins/paste/css/pasteword.css?ver=311" },
 { "url" : "../wp-includes/js/tinymce/plugins/paste/css/blank.css?ver=311" },
-{ "url" : "../wp-includes/js/tinymce/plugins/wpeditimage/css/editimage.css?ver=311d" },
+{ "url" : "../wp-includes/js/tinymce/plugins/wpeditimage/css/editimage.css?ver=311g" },
 { "url" : "../wp-includes/js/tinymce/plugins/wpeditimage/css/editimage-rtl.css?ver=311" },
 { "url" : "../wp-includes/js/tinymce/wordpress.css?ver=311" },
 
@@ -203,5 +190,20 @@ header( 'Content-Type: application/x-javascript; charset=UTF-8' );
 { "url" : "../wp-includes/js/tinymce/plugins/wordpress/img/image.gif" },
 { "url" : "../wp-includes/js/tinymce/plugins/wordpress/img/media.gif" },
 { "url" : "../wp-includes/js/tinymce/plugins/wordpress/img/video.gif" },
-{ "url" : "../wp-includes/js/tinymce/plugins/wordpress/img/audio.gif" }
+{ "url" : "../wp-includes/js/tinymce/plugins/wordpress/img/audio.gif" },
+<?php } ?>
+
+{ "url" : "../wp-includes/images/crystal/archive.png" },
+{ "url" : "../wp-includes/images/crystal/audio.png" },
+{ "url" : "../wp-includes/images/crystal/code.png" },
+{ "url" : "../wp-includes/images/crystal/default.png" },
+{ "url" : "../wp-includes/images/crystal/document.png" },
+{ "url" : "../wp-includes/images/crystal/interactive.png" },
+{ "url" : "../wp-includes/images/crystal/text.png" },
+{ "url" : "../wp-includes/images/crystal/video.png" },
+{ "url" : "../wp-includes/images/crystal/spreadsheet.png" },
+{ "url" : "../wp-includes/images/rss.png" },
+{ "url" : "../wp-includes/js/thickbox/loadingAnimation.gif" },
+{ "url" : "../wp-includes/js/thickbox/tb-close.png" },
+{ "url" : "../wp-includes/js/swfupload/swfupload_f9.swf" }
 ]}

wp-admin/import/textpattern.php

@@ -333,7 +333,7 @@ class Textpattern_Import {
 				$category1 = get_category_by_slug($Category1);
 				$category1 = $category1->term_id;
 				$category2 = get_category_by_slug($Category2);
-				$category2 = $category1->term_id;
+				$category2 = $category2->term_id;
 				if($cat1 = $category1) { $cats[1] = $cat1; }
 				if($cat2 = $category2) { $cats[2] = $cat2; }
 

wp-admin/includes/image.php

@@ -219,17 +219,17 @@ function wp_read_image_metadata( $file ) {
 		if ( !empty($info['APP13']) ) {
 			$iptc = iptcparse($info['APP13']);
 			if ( !empty($iptc['2#110'][0]) ) // credit
-				$meta['credit'] = trim( $iptc['2#110'][0] );
+				$meta['credit'] = utf8_encode(trim($iptc['2#110'][0]));
 			elseif ( !empty($iptc['2#080'][0]) ) // byline
-				$meta['credit'] = trim( $iptc['2#080'][0] );
+				$meta['credit'] = utf8_encode(trim($iptc['2#080'][0]));
 			if ( !empty($iptc['2#055'][0]) and !empty($iptc['2#060'][0]) ) // created datee and time
 				$meta['created_timestamp'] = strtotime($iptc['2#055'][0] . ' ' . $iptc['2#060'][0]);
 			if ( !empty($iptc['2#120'][0]) ) // caption
-				$meta['caption'] = trim( $iptc['2#120'][0] );
+				$meta['caption'] = utf8_encode(trim($iptc['2#120'][0]));
 			if ( !empty($iptc['2#116'][0]) ) // copyright
-				$meta['copyright'] = trim( $iptc['2#116'][0] );
+				$meta['copyright'] = utf8_encode(trim($iptc['2#116'][0]));
 			if ( !empty($iptc['2#005'][0]) ) // title
-				$meta['title'] = trim( $iptc['2#005'][0] );
+				$meta['title'] = utf8_encode(trim($iptc['2#005'][0]));
 		 }
 	}
 

wp-admin/includes/media.php

@@ -67,8 +67,7 @@ function get_image_send_to_editor($id, $alt, $title, $align, $url='', $rel = fal
 
 function image_add_caption( $html, $id, $alt, $title, $align, $url, $size ) {
 
-	// CAPTIONS_OFF is temporary. Do not use it.
-	if ( empty($alt) || ( defined('CAPTIONS_OFF') && true == CAPTIONS_OFF ) ) return $html;
+	if ( empty($alt) || apply_filters( 'disable_captions', '' ) ) return $html;
 	$id = ( 0 < (int) $id ) ? 'attachment_' . $id : '';
 
 	preg_match( '/width="([0-9]+)/', $html, $matches );
@@ -103,7 +102,7 @@ function media_handle_upload($file_id, $post_id, $post_data = array()) {
 	$file = wp_handle_upload($_FILES[$file_id], $overrides);
 
 	if ( isset($file['error']) )
-		return new wp_error( 'upload_error', $file['error'] );
+		return new WP_Error( 'upload_error', $file['error'] );
 
 	$url = $file['url'];
 	$type = $file['type'];
@@ -143,7 +142,7 @@ function media_handle_sideload($file_array, $post_id, $desc = null, $post_data =
 	$file = wp_handle_sideload($file_array, $overrides);
 
 	if ( isset($file['error']) )
-		return new wp_error( 'upload_error', $file['error'] );
+		return new WP_Error( 'upload_error', $file['error'] );
 
 	$url = $file['url'];
 	$type = $file['type'];
@@ -281,7 +280,7 @@ function media_upload_form_handler() {
 	if ( isset($_POST['send']) ) {
 		$keys = array_keys($_POST['send']);
 		$send_id = (int) array_shift($keys);
-		$attachment = $_POST['attachments'][$send_id];
+		$attachment = stripslashes_deep( $_POST['attachments'][$send_id] );
 		$html = $attachment['post_title'];
 		if ( !empty($attachment['url']) ) {
 			if ( strpos($attachment['url'], 'attachment_id') || false !== strpos($attachment['url'], get_permalink($_POST['post_id'])) )
@@ -510,14 +509,8 @@ function image_attachment_fields_to_edit($form_fields, $post) {
 	if ( substr($post->post_mime_type, 0, 5) == 'image' ) {
 		$form_fields['post_title']['required'] = true;
 
-		// CAPTIONS_OFF is temporary. Do not use it.
-		if ( defined('CAPTIONS_OFF') && true == CAPTIONS_OFF ) {
-			$form_fields['post_excerpt']['label'] = __('Alternate Text');
-			$form_fields['post_excerpt']['helps'][] = __('Alt text for the image, e.g. "The Mona Lisa"');
-		} else {
-			$form_fields['post_excerpt']['label'] = __('Caption');
-			$form_fields['post_excerpt']['helps'][] = __('Also used as alternate text for the image');
-		}
+		$form_fields['post_excerpt']['label'] = __('Caption');
+		$form_fields['post_excerpt']['helps'][] = __('Also used as alternate text for the image');
 
 		$form_fields['post_content']['label'] = __('Description');
 
@@ -606,19 +599,13 @@ function get_attachment_fields_to_edit($post, $errors = null) {
 	$file = wp_get_attachment_url($post->ID);
 	$link = get_attachment_link($post->ID);
 
-	// CAPTIONS_OFF is temporary. Do not use it.
-	if ( defined('CAPTIONS_OFF') && true == CAPTIONS_OFF )
-		$alt = __('Alternate Text');
-	else
-		$alt = __('Caption');
-
 	$form_fields = array(
 		'post_title'   => array(
 			'label'      => __('Title'),
 			'value'      => $edit_post->post_title,
 		),
 		'post_excerpt' => array(
-			'label'      => $alt,
+			'label'      => __('Caption'),
 			'value'      => $edit_post->post_excerpt,
 		),
 		'post_content' => array(
@@ -631,11 +618,11 @@ function get_attachment_fields_to_edit($post, $errors = null) {
 			'input'      => 'html',
 			'html'       => "
 				<input type='text' name='attachments[$post->ID][url]' value='" . attribute_escape($file) . "' /><br />
-				<button type='button' class='button url-$post->ID' value=''>" . __('None') . "</button>
-				<button type='button' class='button url-$post->ID' value='" . attribute_escape($file) . "'>" . __('File URL') . "</button>
-				<button type='button' class='button url-$post->ID' value='" . attribute_escape($link) . "'>" . __('Post URL') . "</button>
+				<button type='button' class='button url-$post->ID' title=''>" . __('None') . "</button>
+				<button type='button' class='button url-$post->ID' title='" . attribute_escape($file) . "'>" . __('File URL') . "</button>
+				<button type='button' class='button url-$post->ID' title='" . attribute_escape($link) . "'>" . __('Post URL') . "</button>
 				<script type='text/javascript'>
-				jQuery('button.url-$post->ID').bind('click', function(){jQuery(this).siblings('input').val(this.value);});
+				jQuery('button.url-$post->ID').bind('click', function(){jQuery(this).siblings('input').val(jQuery(this).attr('title'));});
 				</script>\n",
 			'helps'      => __('Enter a link URL or click above for presets.'),
 		),
@@ -826,7 +813,7 @@ function get_media_item( $attachment_id, $args = null ) {
 		if ( !empty($field[$field['input']]) )
 			$item .= $field[$field['input']];
 		elseif ( $field['input'] == 'textarea' ) {
-			$item .= "<textarea type='text' id='$name' name='$name'>" . attribute_escape( $field['value'] ) . $aria_required . "</textarea>";
+			$item .= "<textarea type='text' id='$name' name='$name'" . $aria_required . ">" . htmlspecialchars( $field['value'] ) . "</textarea>";
 		} else {
 			$item .= "<input type='text' id='$name' name='$name' value='" . attribute_escape( $field['value'] ) . "'" . $aria_required . "/>";
 		}
@@ -884,7 +871,6 @@ function media_upload_form( $errors = null ) {
 	$post_id = intval($_REQUEST['post_id']);
 
 ?>
-<input type='hidden' name='post_id' value='<?php echo (int) $post_id; ?>' />
 <div id="media-upload-notice">
 <?php if (isset($errors['upload_notice']) ) { ?>
 	<?php echo $errors['upload_notice']; ?>
@@ -947,9 +933,8 @@ jQuery(function($){
 <div id="html-upload-ui">
 <?php do_action('pre-html-upload-ui'); ?>
 	<p>
-	<input type="file" name="async-upload" id="async-upload" /> <input type="submit" class="button" name="html-upload" value="<?php echo attribute_escape(__('Upload')); ?>" /> <a href="#" onClick="return top.tb_remove();"><?php _e('Cancel'); ?></a>
+	<input type="file" name="async-upload" id="async-upload" /> <input type="submit" class="button" name="html-upload" value="<?php echo attribute_escape(__('Upload')); ?>" /> <a href="#" onclick="return top.tb_remove();"><?php _e('Cancel'); ?></a>
 	</p>
-	<input type="hidden" name="post_id" id="post_id" value="<?php echo (int) $post_id; ?>" />
 	<br class="clear" />
 	<?php if ( is_lighttpd_before_150() ): ?>
 	<p><?php _e('If you want to use all capabilities of the uploader, like uploading multiple files at once, please upgrade to lighttpd 1.5.'); ?></p>
@@ -1021,7 +1006,7 @@ var addExtImage = {
 
 		if ( f.alt.value ) {
 			alt = f.alt.value.replace(/['"<>]+/g, '');
-<?php if ( ! defined('CAPTIONS_OFF') || true != CAPTIONS_OFF ) { // CAPTIONS_OFF is temporary. Do not use it. ?>
+<?php if ( ! apply_filters( 'disable_captions', '' ) ) { ?>
 			caption = f.alt.value.replace(/'/g, '&#39;').replace(/"/g, '&quot;').replace(/</g, '&lt;').replace(/>/g, '&gt;');
 <?php } ?>
 		}
@@ -1082,6 +1067,7 @@ var addExtImage = {
 </div>
 </div>
 <input type="submit" class="button savebutton" name="save" value="<?php echo attribute_escape( __( 'Save all changes' ) ); ?>" />
+</form>
 <?php
 	endif;
 }
@@ -1278,14 +1264,23 @@ jQuery(function($){
 }
 
 function type_form_image() {
-	$form = '
+
+	if ( apply_filters( 'disable_captions', '' ) ) {
+		$alt = __('Alternate Text');
+		$alt_help = __('Alt text for the image, e.g. "The Mona Lisa"');
+	} else {
+		$alt = __('Image Caption');
+		$alt_help = __('Also used as alternate text for the image');
+	}
+
+	return '
 	<table class="describe"><tbody>
 		<tr>
 			<th valign="top" scope="row" class="label" style="width:120px;">
 				<span class="alignleft"><label for="src">' . __('Source') . '</label></span>
 				<span class="alignright"><img id="status_img" src="images/required.gif" title="required" alt="required" /></span>
 			</th>
-			<td class="field"><input id="src" name="src" value="" type="text" aria-required="true" onblur="addExtImage.getImageData()"></td>
+			<td class="field"><input id="src" name="src" value="" type="text" aria-required="true" onblur="addExtImage.getImageData()" /></td>
 		</tr>
 
 		<tr>
@@ -1295,31 +1290,15 @@ function type_form_image() {
 			</th>
 			<td class="field"><p><input id="title" name="title" value="" type="text" aria-required="true" /></p></td>
 		</tr>
-';
-	// CAPTIONS_OFF is temporary. Do not use it.
-	if ( defined('CAPTIONS_OFF') && true == CAPTIONS_OFF ) {
-		$form .= '
-		<tr>
-			<th valign="top" scope="row" class="label">
-				<span class="alignleft"><label for="alt">' . __('Alternate Text') . '</label></span>
-			</th>
-			<td class="field"><input id="alt" name="alt" value="" type="text" aria-required="true" />
-			<p class="help">' . __('Alt text for the image, e.g. "The Mona Lisa"') . '</p></td>
-		</tr>
-';
 
-	} else {
-		$form .= '
 		<tr>
 			<th valign="top" scope="row" class="label">
-				<span class="alignleft"><label for="alt">' . __('Image Caption') . '</label></span>
+				<span class="alignleft"><label for="alt">' . $alt . '</label></span>
 			</th>
 			<td class="field"><input id="alt" name="alt" value="" type="text" aria-required="true" />
-			<p class="help">' . __('Also used as alternate text for the image') . '</p></td>
+			<p class="help">' . $alt_help . '</p></td>
 		</tr>
-';
-	}
-		$form .= '
+
 		<tr class="align">
 			<th valign="top" scope="row" class="label"><p><label for="align">' . __('Alignment') . '</label></p></th>
 			<td class="field">
@@ -1354,7 +1333,6 @@ function type_form_image() {
 	</tbody></table>
 ';
 
-	return $form;
 }
 
 function type_form_audio() {

wp-admin/includes/plugin.php

@@ -34,7 +34,7 @@ function get_plugin_data( $plugin_file ) {
 function get_plugins($plugin_folder = '') {
 	
 	if ( ! $cache_plugins = wp_cache_get('plugins', 'plugins') )
-		$cached_plugins = array();
+		$cache_plugins = array();
 	
 	if ( isset($cache_plugins[ $plugin_folder ]) )
 		return $cache_plugins[ $plugin_folder ];
@@ -239,14 +239,19 @@ function validate_active_plugins() {
 		return;
 	}
 
+	//Invalid is any plugin that is deactivated due to error.
+	$invalid = array(); 
+
 	// If a plugin file does not exist, remove it from the list of active
 	// plugins.
 	foreach ( $check_plugins as $check_plugin ) {
 		$result = validate_plugin($check_plugin);
 		if ( is_wp_error( $result ) ) {
+			$invalid[$check_plugin] = $result;
 			deactivate_plugins( $check_plugin, true);
 		}
 	}
+	return $invalid;
 }
 
 function validate_plugin($plugin) {

wp-admin/includes/post.php

@@ -603,7 +603,6 @@ function get_sample_permalink($id, $title=null, $name = null) {
 	$post->post_status = $original_status;
 	$post->post_date = $original_date;
 	$post->post_name = $original_name;
-	$post->post_title = $original_title;
 	return $permalink;
 }
 

wp-admin/includes/schema.php

@@ -15,11 +15,12 @@ if ( $wpdb->supports_collation() ) {
 
 $wp_queries="CREATE TABLE $wpdb->terms (
  term_id bigint(20) NOT NULL auto_increment,
- name varchar(55) NOT NULL default '',
+ name varchar(200) NOT NULL default '',
  slug varchar(200) NOT NULL default '',
  term_group bigint(10) NOT NULL default 0,
  PRIMARY KEY  (term_id),
- UNIQUE KEY slug (slug)
+ UNIQUE KEY slug (slug),
+ KEY name (name)
 ) $charset_collate;
 CREATE TABLE $wpdb->term_taxonomy (
  term_taxonomy_id bigint(20) NOT NULL auto_increment,

wp-admin/includes/taxonomy.php

@@ -133,7 +133,7 @@ function get_tags_to_edit( $post_id ) {
 
 	foreach ( $tags as $tag )
 		$tag_names[] = $tag->name;
-	$tags_to_edit = join( ', ', $tag_names );
+	$tags_to_edit = join( ',', $tag_names );
 	$tags_to_edit = attribute_escape( $tags_to_edit );
 	$tags_to_edit = apply_filters( 'tags_to_edit', $tags_to_edit );
 	return $tags_to_edit;

wp-admin/includes/template.php

@@ -670,7 +670,7 @@ function user_row( $user_object, $style = '', $role = '' ) {
 	} else {
 		$edit = $user_object->user_login;
 	}
-	$role_name = translate_with_context($wp_roles->role_names[$role]);
+	$role_name = $wp_roles->role_names[$role] ? translate_with_context($wp_roles->role_names[$role]) : __('None');
 	$r = "<tr id='user-$user_object->ID'$style>
 		<th scope='row' class='check-column'><input type='checkbox' name='users[]' id='user_{$user_object->ID}' class='$role' value='{$user_object->ID}' /></th>
 		<td><strong>$edit</strong></td>
@@ -715,7 +715,7 @@ function _wp_get_comment_list( $status = '', $s = false, $start, $num ) {
 			$approved
 			ORDER BY comment_date_gmt DESC LIMIT $start, $num");
 	} else {
-		$comments = $wpdb->get_results( "SELECT SQL_CALC_FOUND_ROWS * FROM $wpdb->comments USE INDEX (comment_date_gmt) WHERE $approved ORDER BY comment_date_gmt DESC LIMIT $start, $num" );
+		$comments = $wpdb->get_results( "SELECT SQL_CALC_FOUND_ROWS * FROM $wpdb->comments WHERE $approved ORDER BY comment_date_gmt DESC LIMIT $start, $num" );
 	}
 
 	update_comment_cache($comments);

wp-admin/includes/upgrade.php

@@ -543,6 +543,10 @@ function upgrade_230() {
 	$categories = $wpdb->get_results("SELECT * FROM $wpdb->categories ORDER BY cat_ID");
 	foreach ($categories as $category) {
 		$term_id = (int) $category->cat_ID;
+		$name = $category->cat_name;
+		$description = $category->category_description;
+		$slug = $category->category_nicename;
+		$parent = $category->category_parent;
 		$term_group = 0;
 
 		// Associate terms with the same slug in a term group and make slugs unique.

wp-admin/includes/user.php

@@ -259,7 +259,7 @@ function wp_delete_user($id, $reassign = 'novalue') {
 	} else {
 		$reassign = (int) $reassign;
 		$wpdb->query( $wpdb->prepare("UPDATE $wpdb->posts SET post_author = %d WHERE post_author = %d", $reassign, $id) );
-		$wpdb->query( $wpdb->prepare("UPDATE $wpdb->links SET link_owner = %d WHERE link_owner = %d}", $reassign, $id) );
+		$wpdb->query( $wpdb->prepare("UPDATE $wpdb->links SET link_owner = %d WHERE link_owner = %d", $reassign, $id) );
 	}
 
 	// FINALLY, delete user
@@ -392,4 +392,4 @@ class WP_User_Search {
 }
 endif;
 
-?>
+?>

wp-admin/install-helper.php

@@ -9,6 +9,7 @@ $debug = 0;
  ** Returns:  true if already exists or on successful completion
  **           false on error
  */
+if ( ! function_exists('maybe_create_table') ) :
 function maybe_create_table($table_name, $create_ddl) {
 	global $wpdb;
 	foreach ($wpdb->get_col("SHOW TABLES",0) as $table ) {
@@ -26,6 +27,7 @@ function maybe_create_table($table_name, $create_ddl) {
 	}
 	return false;
 }
+endif;
 
 /**
  ** maybe_add_column()
@@ -33,6 +35,7 @@ function maybe_create_table($table_name, $create_ddl) {
  ** Returns:  true if already exists or on successful completion
  **           false on error
  */
+if ( ! function_exists('maybe_add_column') ) :
 function maybe_add_column($table_name, $column_name, $create_ddl) {
 	global $wpdb, $debug;
 	foreach ($wpdb->get_col("DESC $table_name",0) as $column ) {
@@ -51,7 +54,7 @@ function maybe_add_column($table_name, $column_name, $create_ddl) {
 	}
 	return false;
 }
-
+endif;
 
 /**
  ** maybe_drop_column()

wp-admin/js/forms.js

@@ -1,5 +1,5 @@
 function checkAll(jQ) { // use attr( checked, fn )
-	jQuery(jQ).find( 'tbody :checkbox' ).attr( 'checked', function() {
+	jQuery(jQ).find( 'tbody:visible :checkbox' ).attr( 'checked', function() {
 		return jQuery(this).attr( 'checked' ) ? '' : 'checked';
 	} );
 }

wp-admin/js/wp-gears.js

@@ -25,15 +25,15 @@ wpGears = {
 	},
 
 	storeName : function() {
-      var name = window.location.protocol + window.location.host;
+		var name = window.location.protocol + window.location.host;
 
-      name = name.replace(/[\/\\:*"?<>|;,]+/g, '_'); // gears beta doesn't allow certain chars in the store name
-	  name = 'wp_' + name.substring(0, 60); // max length of name is 64 chars
+		name = name.replace(/[\/\\:*"?<>|;,]+/g, '_'); // gears beta doesn't allow certain chars in the store name
+		name = 'wp_' + name.substring(0, 60); // max length of name is 64 chars
 
-      return name;
-    },
+		return name;
+	},
 
-    message : function(show) {
+	message : function(show) {
 		var t = this, msg1 = t.I('gears-msg1'), msg2 = t.I('gears-msg2'), msg3 = t.I('gears-msg3'), num = t.I('gears-upd-number'), wait = t.I('gears-wait');
 
 		if ( ! msg1 ) return;
@@ -61,23 +61,32 @@ wpGears = {
 	I : function(id) {
 		return document.getElementById(id);
 	}
-}
+};
 
-function gearsInit() {
+(function() {
 	if ( 'undefined' != typeof google && google.gears ) return;
 
 	var gf = false;
-	if ( 'undefined' != typeof GearsFactory ) { // Firefox
+	if ( 'undefined' != typeof GearsFactory ) {
 		gf = new GearsFactory();
-	} else { // IE
+	} else {
 		try {
 			gf = new ActiveXObject('Gears.Factory');
-		} catch (e) {}
+			if ( factory.getBuildInfo().indexOf('ie_mobile') != -1 )
+				gf.privateSetGlobalObject(this);
+		} catch (e) {
+			if ( ( 'undefined' != typeof navigator.mimeTypes ) && navigator.mimeTypes['application/x-googlegears'] ) {
+				gf = document.createElement("object");
+				gf.style.display = "none";
+				gf.width = 0;
+				gf.height = 0;
+				gf.type = "application/x-googlegears";
+				document.documentElement.appendChild(gf);
+			}
+		}
 	}
 
 	if ( ! gf ) return;
 	if ( 'undefined' == typeof google ) google = {};
 	if ( ! google.gears ) google.gears = { factory : gf };
-}
-
-gearsInit();
+})();

wp-admin/link-category.php

@@ -28,12 +28,13 @@ case 'delete':
 		wp_die(__('Cheatin’ uh?'));
 
 	$cat_name = get_term_field('name', $cat_ID, 'link_category');
+	$default_cat_id = get_option('default_link_category');
 
 	// Don't delete the default cats.
-    if ( $cat_ID == get_option('default_link_category') )
+    if ( $cat_ID == $default_cat_id )
 		wp_die(sprintf(__("Can&#8217;t delete the <strong>%s</strong> category: this is the default one"), $cat_name));
 
-	wp_delete_term($cat_ID, 'link_category');
+	wp_delete_term($cat_ID, 'link_category', array('default' => $default_cat_id));
 
 	$location = 'edit-link-categories.php';
 	if ( $referer = wp_get_original_referer() ) {
@@ -73,7 +74,9 @@ case 'editedcat':
 			$location = $referer;
 	}
 
-	if ( wp_update_term($cat_ID, 'link_category', $_POST) )
+	$update =  wp_update_term($cat_ID, 'link_category', $_POST);
+
+	if ( $update && !is_wp_error($update) )
 		$location = add_query_arg('message', 3, $location);
 	else
 		$location = add_query_arg('message', 5, $location);

wp-admin/options-permalink.php

@@ -163,9 +163,9 @@ $structures = array(
 
 <h3><?php _e('Optional'); ?></h3>
 <?php if ($is_apache) : ?>
-	<p><?php _e('If you like, you may enter custom structures for your category and tag <abbr title="Universal Resource Locator">URL</abbr>s here. For example, using <code>/topics/</code> as your category base would make your category links like <code>http://example.org/topics/uncategorized/</code>. If you leave these blank the defaults will be used.') ?></p>
+	<p><?php _e('If you like, you may enter custom structures for your category and tag <abbr title="Universal Resource Locator">URL</abbr>s here. For example, using <code>topics</code> as your category base would make your category links like <code>http://example.org/topics/uncategorized/</code>. If you leave these blank the defaults will be used.') ?></p>
 <?php else : ?>
-	<p><?php _e('If you like, you may enter custom structures for your category and tag <abbr title="Universal Resource Locator">URL</abbr>s here. For example, using <code>/topics/</code> as your category base would make your category links like <code>http://example.org/index.php/topics/uncategorized/</code>. If you leave these blank the defaults will be used.') ?></p>
+	<p><?php _e('If you like, you may enter custom structures for your category and tag <abbr title="Universal Resource Locator">URL</abbr>s here. For example, using <code>topics</code> as your category base would make your category links like <code>http://example.org/index.php/topics/uncategorized/</code>. If you leave these blank the defaults will be used.') ?></p>
 <?php endif; ?>
 
 <table class="form-table">

wp-admin/page.php

@@ -34,9 +34,7 @@ function redirect_page($page_ID) {
 	} elseif (!empty($referredby) && $referredby != $referer) {
 		$location = $_POST['referredby'];
 		$location = remove_query_arg('_wp_original_http_referer', $location);
-		if ( $_POST['referredby'] == 'redo' )
-			$location = get_permalink( $page_ID );
-		elseif ( false !== strpos($location, 'edit-pages.php') )
+		if ( false !== strpos($location, 'edit-pages.php') )
 			$location = add_query_arg('posted', $page_ID, $location);
 		elseif ( false !== strpos($location, 'wp-admin') )
 			$location = "page-new.php?posted=$page_ID";

wp-admin/plugins.php

@@ -165,8 +165,10 @@ wp_enqueue_script('admin-forms');
 $title = __('Manage Plugins');
 require_once('admin-header.php');
 
-validate_active_plugins();
-
+$invalid = validate_active_plugins();
+if( !empty($invalid) )
+	foreach($invalid as $plugin_file => $error)
+		echo '<div id="message" class="error"><p>' . sprintf(__('The plugin <code>%s</code> has been <strong>deactivated</strong> due to an error: %s'), wp_specialchars($plugin_file), $error->get_error_message()) . '</p></div>';
 ?>
 
 <?php if ( isset($_GET['error']) ) : ?>

wp-admin/post.php

@@ -36,9 +36,7 @@ function redirect_post($post_ID = '') {
 	} elseif (!empty($referredby) && $referredby != $referer) {
 		$location = $_POST['referredby'];
 		$location = remove_query_arg('_wp_original_http_referer', $location);
-		if ( $_POST['referredby'] == 'redo' )
-			$location = get_permalink( $post_ID );
-		elseif ( false !== strpos($location, 'edit.php') )
+		if ( false !== strpos($location, 'edit.php') )
 			$location = add_query_arg('posted', $post_ID, $location);		
 		elseif ( false !== strpos($location, 'wp-admin') )
 			$location = "post-new.php?posted=$post_ID";

wp-admin/press-this.php

@@ -34,13 +34,14 @@ function press_it() {
 			$content = $_REQUEST['content'];
 
 			foreach( (array) $_REQUEST['photo_src'] as $key => $image) {
-				// escape quote for matching
-				$quoted = preg_quote2($image);
-
+				
 				// see if files exist in content - we don't want to upload non-used selected files.
-				if( strpos($_REQUEST['content'], $quoted) !== false ) {
+				if( strpos($_REQUEST['content'], $image) !== false ) {
 					$upload = media_sideload_image($image, $post_ID, $_REQUEST['photo_description'][$key]);
+					 
 					// Replace the POSTED content <img> with correct uploaded ones.
+					// escape quote for matching
+					$quoted = preg_quote2($image);
 					if( !is_wp_error($upload) ) $content = preg_replace('/<img ([^>]*)src=(\"|\')'.$quoted.'(\2)([^>\/]*)\/*>/is', $upload, $content);
 				}
 			}
@@ -183,19 +184,21 @@ if($_REQUEST['ajax'] == 'photo_images') {
 
 		$host = parse_url($uri);
 
-		$pattern = '/<img ([^>]*)src=(\"|\')([^<>]+?\.(png|jpeg|jpg|jpe|gif)[^<>\'\"]*)(\2)([^>\/]*)\/*>/is';
+		$pattern = '/<img ([^>]*)src=(\"|\')([^<>]+?\.(png|jpeg|jpg|jpe|gif))[^<>\'\"]*(\2)([^>\/]*)\/*>/is';
 		preg_match_all($pattern, $content, $matches);
-
+		
 		if ( empty($matches[1]) ) return '';
 
 		$sources = array();
 		foreach ($matches[3] as $src) {
+			// if no http in url
 			if(strpos($src, 'http') === false)
-				if(strpos($src, '../') === false && strpos($src, './') === false)
+				// if it doesn't have a relative uri
+				if( strpos($src, '../') === false && strpos($src, './') === false && strpos($src, '/') === true)
 					$src = 'http://'.str_replace('//','/', $host['host'].'/'.$src);
 				else
-					$src = 'http://'.str_replace('//','/', $host['host'].'/'.$host['path'].'/'.$src);
-
+					$src = 'http://'.str_replace('//','/', $host['host'].'/'.dirname($host['path']).'/'.$src);
+			
 			$sources[] = clean_url($src);
 		}
 		return "'" . implode("','", $sources) . "'";
@@ -246,12 +249,12 @@ if($_REQUEST['ajax'] == 'photo_js') { ?>
 	}
 
 	function pick(img, desc) {
-		if (img) { 
-			length = jQuery('.photolist input').length;
+		if (img) {
+			if('object' == typeof jQuery('.photolist input') && jQuery('.photolist input').length != 0) length = jQuery('.photolist input').length;
 			if(length == 0) length = 1;
 			jQuery('.photolist').append('<input name="photo_src[' + length + ']" value="' + img +'" type="hidden"/>');
 			jQuery('.photolist').append('<input name="photo_description[' + length + ']" value="' + desc +'" type="hidden"/>');
-			append_editor("\n\n" + '<p><img src="' + img +'" alt="' + desc + '" /></p>');
+			append_editor("\n\n" + '<p><img src="' + img +'" alt="' + desc + '" class="aligncenter"/></p>');
 		}
 		tinyMCE.activeEditor.resizeToContent();
 		return false;
@@ -266,6 +269,7 @@ if($_REQUEST['ajax'] == 'photo_js') { ?>
 	}
 
 	jQuery(document).ready(function() {
+		jQuery('#extra_fields').html('<div class="photolist"></div><small id="photo_directions"><?php _e("Click images to select:") ?> <span><a href="#" id="photo_add_url" class="thickbox"><?php _e("Add from URL") ?> +</a></span></small><div class="titlewrap"><div id="img_container"></div></div>');
 		jQuery('#img_container').html(strtoappend);
 		jQuery('#photo_add_url').attr('href', '?ajax=thickbox_url&height=200&width=500');
 		tb_init('a.thickbox, area.thickbox, input.thickbox');
@@ -275,13 +279,7 @@ if($_REQUEST['ajax'] == 'photo_js') { ?>
 }
 
 if($_REQUEST['ajax'] == 'photo') { ?>
-		<div class="photolist"></div>
 
-		<small id="photo_directions"><?php _e('Click images to select:') ?> <span><a href="#" id="photo_add_url" class="thickbox"><?php _e('Add from URL') ?> +</a></span></small>
-
-		<div class="titlewrap">
-			<div id="img_container"></div>
-		</div>
 <?php die;
 }
 ?>
@@ -322,6 +320,7 @@ if($_REQUEST['ajax'] == 'photo') { ?>
 				editor_selector: "mceEditor",
 				language : "<?php echo $language; ?>",
 				width: "100%",
+				height: "300",
 				theme : "advanced",
 				theme_advanced_buttons1 : "bold,italic,underline,blockquote,separator,strikethrough,bullist,numlist,undo,redo,link,unlink",
 				theme_advanced_buttons2 : "",
@@ -445,7 +444,6 @@ if($_REQUEST['ajax'] == 'photo') { ?>
 				<?php } ?>
 				jQuery('#extra_fields').show();
 				jQuery('#extra_fields').before('<h2 id="waiting"><img src="images/loading.gif" alt="" /><?php echo js_escape( __( 'Loading...' ) ); ?></h2>');
-				jQuery('#extra_fields').load('<?php echo clean_url($_SERVER['PHP_SELF']).'/?ajax=photo&u='.attribute_escape($url); ?>');
 				jQuery.ajax({
 					type: "GET",
 					cache : false,
@@ -472,7 +470,7 @@ if($_REQUEST['ajax'] == 'photo') { ?>
 			show('video');
 		<?php } elseif ( preg_match("/vimeo\.com\/[0-9]+/i", $url) ) { ?>
 			show('video');
-			<?php  } elseif ( preg_match("/flickr\.com/i", $url) ) { ?>
+		<?php  } elseif ( preg_match("/flickr\.com/i", $url) ) { ?>
 			show('photo');
 		<?php } ?>
 	});
@@ -505,7 +503,7 @@ if($_REQUEST['ajax'] == 'photo') { ?>
 		<div class="editor_area">
 			<h2 id="content_type"><label for="content"><?php _e('Post') ?></label></h2>
 			<div class="editor-container">
-				<textarea name="content" id="content" style="width:100%;" class="mceEditor"><?php if ($selection) { echo wp_richedit_pre($selection); } ?><a href="<?php echo $url ?>"><?php echo $title; ?></a>.</textarea>
+				<textarea name="content" id="content" style="width:100%;" class="mceEditor" rows="15"><?php if ($selection) { echo wp_richedit_pre($selection); } ?><a href="<?php echo $url ?>"><?php echo $title; ?></a>.</textarea>
 			</div>
 		</div>
 	</div>

wp-admin/revision.php

@@ -134,9 +134,6 @@ if ( 'page' == $post->post_type ) {
 	$title = __( 'Post Revisions' );
 }
 
-// Converts post_author ID# into name
-add_filter( '_wp_post_revision_field_post_author', 'get_author_name' );
-
 require_once( 'admin-header.php' );
 
 ?>

wp-admin/rtl.css

@@ -1,324 +1,363 @@
-html,#edit-slug-box,#trackback,#category_nicename,#slug,#dbuser,#dbpass,#dbname,#dbhost,#dbprefix,#dccharset,input[name=gmpath],input[name=archivespath],input[name=lastentry],input[name=email],input[name=url],input[name=aim],input[name=yim],input[name=jabber],#newcontent,#email,#newcomment_author_url,#pass1,#pass2,#siteurl,#home,#admin_email,#date_format,#time_format,#mailserver_url,#mailserver_login,#mailserver_pass,#ping_sites,#blog_charset,#moderation_keys,#blacklist_keys,#permalink_structure,#category_base,#tag_base,#upload_path,#upload_url_path,#insertonly[src],#insertonly[href],#mailserver_port,#thumbnail_size_w,#thumbnail_size_h,#medium_size_w,#medium_size_h,#posts_per_page,#posts_per_rss,#comment_max_links,#insertonly[src],#link_url,#link_image,#rss_uri,#user_login,#key
-{
-	direction:ltr;
-	text-align:left
+a:link, a:visited {
+	text-decoration:none;
 }
-
-body, td, .submit input, .button, .button-secondary, .button-highlighted, #your-profile legend, .quicktags, .search, #wpcontent select, #wphead #viewsite a, #wphead h1 {
-	font-family: sans-serif !important;
+a:hover {
+	text-decoration:underline;
 }
-
-.code, #quicktags #ed_code {
-	font-family: monospace !important;
+.plugins .togl {
+	border-right-width: 0;
+	border-left-width: 1px;
+	border-left-style: solid;
 }
-
-#wpwrap,#footer,#TB_title,.media-upload-form,#media-upload-header
-{
-	direction:rtl!important;
-	text-align:right!important
+form#upload th {
+	text-align:left;
 }
-
-#user_info
-{
-	left:15px;
-	right:auto
+td.available-theme {
+	text-align:right;
 }
-
-#wphead h1
-{
-	margin:0 0 0 15%;
-	padding:11px 15px 16px 170px
-}
-
-#wphead #viewsite
-{
-	margin-left:0;
-	margin-right:10px
-}
-
-#sidemenu
-{
-	float:left;
-	margin:-30px 315px 0 15px;
-	padding-left:0;
-	padding-right:10px
-}
-
-#dashmenu
-{
-	font-size:11px;
-	left:auto;
-	padding-left:0;
-	padding-right:9px;
-	right:0
-}
-
-#dashmenu a
-{
-	margin-left:8px;
-	margin-right:8px;
-}
-
-#adminmenu
-{
-	height:32px;
-	padding:5px 8px 0 0
-}
-
-#adminmenu li a
-{
-	display:block;
-	float:right;
-	font:700 16px/100% sans-serif;
-	margin:0 0 0 10px;
-	padding:5px 7px 9px
-}
-
-#adminmenu li a.current
-{
-	font-weight:700
-}
-
-#adminmenu li a #awaiting-mod
-{
-	background:url(images/comment-stalk-rtl.gif) -309px bottom !important;
-	font-family: sans-serif !important;
-	margin-left:-45px;
-	margin-right:.2em;
-	margin-top:-5px
-}
-
-#adminmenu li a:hover #awaiting-mod
-{
-	background-position: -229px bottom !important;
-}
-
-#adminmenu li a #awaiting-mod span
-{
-	left:0;
-	right:auto
-}
-
-#submenu li a
-{
-	display:block;
-	float:right;
-	margin:0 10px 10px 0;
-	padding:2px 4px
-}
-
-p#post-search
-{
-	left:0;
-	right:auto
-}
-
-.tablenav div
-{
-	float:right!important
-}
-
-.tablenav .delete 
-{
-	margin-left: 40px;
-	margin-right: 0;
-}
-
-ul.view-switch
-{
-	float:left;
-	margin:-28px 0 -2px 5px
-}
-
-#currenttheme img
-{
-	float:right;
-	margin-left:1em;
-	margin-right:0
-}
-
-form#themeselector
-{
-	float:left
-}
-
-.form-table input.tog
-{
-	float:right;
+#current-theme img {
+	float: right;
 	margin-right:0;
-	margin-left:2px;
+	margin-left: 1em;
 }
-
-.curtime
-{
-	background-position:right 2px;
+.quicktags, .search {
+	font-family: Tahoma;
+}
+/* 201 - 403
+=================================== */
+.side-info ul {
 	padding-left:0;
 	padding-right:18px;
 }
-
-#poststuff #edButtonPreview,#poststuff #edButtonHTML
-{
-	float:left;
-	margin-left:8px;
-	margin-right:0
+.submit input, .button, .button-secondary, .button-highlighted {
+	font-family: Tahoma;
 }
-
-#poststuff #media-buttons
-{
-	direction: rtl;
-	float:left;
-	margin-left:20px;
-	margin-right:0
+#wpcontent select  {
+	font-family: Tahoma;
 }
-
-#poststuff #media-buttons a
-{
-	margin-left:8px;
+/* #postdiv, #titlediv, #guiddiv, #poststuff .stuffbox {
+	margin:0 0 0 8px;
+} */
+#quicktags #ed_code {
+	font-family: Tahoma;
+}
+#searchform fieldset {
+	float:right;
+	margin: 0 0 1em 1.5ex;
+}
+#searchform fieldset legend {
+	padding: 0 1px .2em 0;
+}
+#searchform #post-query-submit {
+	float:right;
+}
+/* 404 - 804
+=================================== */
+#template div {
 	margin-right:0;
-	padding: 0 5px 2px 2px;
+	margin-left: 190px;
 }
-
-#poststuff .togbox
-{
+* html #template div {
+	margin-left: 0;
+}
+#your-profile legend {
+	font-family:arial;
+}
+#ajax-response.alignleft {
 	margin-left:0;
-	margin-right:-19px
+	margin-right: 2em;
 }
-
-#categorydiv ul#category-tabs,#linkcategorydiv ul#category-tabs
-{
+.page-numbers {
+	margin-right:0;
+	margin-left:3px;
+}
+.comment-column {
+	margin-left:0;
+	margin-right: 5px;
+}
+.tablenav a.button-secondary {
+	margin: 1px 0 0 8px;
+}
+#update-nag, .plugin-update {
+	clear:both;
+}
+/* .tablenav .tablenav-pages {
+	float:left;
+} */
+#user_info {
+	right:auto;
+	left:15px;
+}
+#wphead #viewsite {
+	margin-left:0;
+	margin-right:10px;
+}
+#wphead #viewsite a {
+	font-family: Tahoma;
+}
+#wphead h1 {
+	font-family:arial;
+	margin-right:0;
+	margin-left:15%;
+	padding: 11px 12px 16px 170px;
+}
+#dashmenu {
+	right:0;
+	left:auto;
+	padding-left:0;
+	padding-right: 9px;
+}
+#dashmenu a {
+	margin-right:0;
+	margin-left:8px;
+}
+#adminmenu {
+	padding-left:0;
+	padding-right:11px;
+}
+#adminmenu a {
+	font-family:arial;
+	font-weight:bold;
+	padding:6px 7px;
+}
+#adminmenu a.current, #sidemenu a.current {
+	font-weight:bold;
+}
+#sidemenu {
+	margin: -30px 0 0 15px;
+	float: left;
+	padding-left:0;
+	padding-right: 10px;
+	height: 1%; /* Peek-a-boo in IE6 */
+}
+#sidemenu a {
 	float:right;
-	margin:0 0 0 -120px;
-	text-align:left
 }
-
-ul#category-tabs li.ui-tabs-selected,#poststuff .togbox
-{
-	-khtml-border-bottom-left-radius:0;
-	-khtml-border-bottom-right-radius:3px;
-	-khtml-border-top-left-radius:0;
-	-khtml-border-top-right-radius:3px;
-	-moz-border-radius-bottomleft:0;
-	-moz-border-radius-bottomright:3px;
-	-moz-border-radius-topleft:0;
-	-moz-border-radius-topright:3px;
-	-webkit-border-bottom-left-radius:0;
-	-webkit-border-bottom-right-radius:3px;
-	-webkit-border-top-left-radius:0;
-	-webkit-border-top-right-radius:3px;
-	border-bottom-left-radius:0;
-	border-bottom-right-radius:3px;
-	border-top-left-radius:0;
-	border-top-right-radius:3px
+#submenu li {
+	padding: 0 17px 8px 0;
+	font-size:13px;
 }
-
-div.ui-tabs-panel
-{
-	margin:0 120px 0 0
+#adminmenu li a #awaiting-mod span, #sidemenu li a #update-plugins span {
+	right:auto;
+	left:0;
 }
-
-#tagchecklist span
-{
+#adminmenu li a:hover #awaiting-mod, #sidemenu li a:hover #update-plugins {
+	background-position: -160px top;
+}
+/* 804 - 1004
+=================================== */
+#footer {
+	padding: 10px 60px 0 0;
+}
+.form-table th {
+	text-align:right;
+}
+.form-table input.tog {
+	margin-right:0;
+	margin-left: 2px;
+	float: right;
+}
+.form-table table.color-palette {
 	float:right;
-	margin-left:25px;
-	margin-right:0
 }
-
+#pass-strength-result {
+	float:right;
+	margin-right:0;
+	margin-left: 5px;
+}
+#profile-page .form-table #rich_editing {
+	margin-right:0;
+	margin-left: 5px;
+}
+#tagsdiv #newtag {
+	margin-right:0;
+	margin-left: 5px;
+}
+#tagchecklist {
+	margin-left:0;
+	margin-right: 10px;
+}
+#tagchecklist strong {
+	margin-left:0;
+	margin-right: -8px;
+}
+#tagchecklist span {
+	margin-right:0;
+	margin-left: 25px;
+	float: right;
+}
 #tagchecklist span a {
 	margin: 6px -9px 0 0;
 	float: right;
 }
-
-
-.tablenav .tablenav-pages
-{
-	float:left !important;
-	width:200px
+/* 1005 - 1304
+=================================== */
+.ac_results li {
+	text-align:right;
 }
-
-.tablenav-pages .page-numbers
-{
-	display:block;
-	float:right
+#poststuff h2 {
+	clear:right;
 }
-
-.side-info ul
-{
-	padding-left:0;
-	padding-right:18px
+#poststuff .postbox, #poststuff .stuffbox, #titlediv, #poststuff .postarea {
+	margin-left: 8px;
+	margin-right: 20px;
 }
-
-.form-table table.color-palette {
-	float:right;
-}
-
-#pass-strength-result
-{
-	float:right;
+#edit-slug-buttons a.save {
 	margin-right:0;
-	margin-left:5px;
+	margin-left:4px;
 }
-
-td.comment p.comment-author img.avatar
-{
-	float:right !important;
-	margin-right:0 !important;
-	margin-left:8px !important;
+#poststuff #edButtonPreview, #poststuff #edButtonHTML {
+	margin: 5px 0 0 8px;
+	float: left;
 }
-
-#footer
-{
-	padding:10px 0 0
-}
-
-#footer p
-{
-	height:35px;
-	margin-right:20px;
-	padding:12px 40px 0 0;
-}
-
-#submenu,#wpbody
-{
-	clear:both;
-}
-
-#submenu li,ul.subsubsub li a
-{
-	padding:0;
-}
-
-table.widefat th,.form-table th
-{
-	text-align:right
-}
-
-.widefat th input {
-	margin: 0 8px 0 0;
-	padding: 0;
-}
-
-.available-theme,#tagchecklist span a
-{
-	float:right
-}
-#template div {
+#poststuff #media-buttons {
+	float: left;
 	margin-right:0;
-	margin-left:190px;
+	margin-left: 20px;
+}
+#poststuff #media-buttons a {
+	padding: 0 2px 2px 5px;
+}
+#poststuff .togbox {
+	margin-left:0;
+	margin-right: -21px;
+	-moz-border-radius-topleft:0;
+	-khtml-border-top-left-radius:0;
+	-webkit-border-top-left-radius:0;
+	border-top-left-radius:0;
+	-moz-border-radius-topright: 3px;
+	-khtml-border-top-right-radius: 3px;
+	-webkit-border-top-right-radius: 3px;
+	border-top-right-radius: 3px;
+	-moz-border-radius-bottomleft: 0;
+	-khtml-border-bottom-left-radius:0;
+	-webkit-border-bottom-left-radius:0;
+	border-bottom-left-radius:0;
+	-moz-border-radius-bottomright: 3px;
+	-khtml-border-bottom-right-radius: 3px;
+	-webkit-border-bottom-right-radius: 3px;
+	border-bottom-right-radius: 3px;
+}
+.submitbox .submitdelete {
+	margin-left:0;
+	margin-right:8px;
 }
 .submitbox .submit {
 	text-align:right;
 }
-
-#editorcontainer {
-	border:1px solid;
+.submitbox .submit input {
+	margin-right:0;
+	margin-left:3px;
 }
-
-.wrap h2 {
-	margin: 5px -4px 0 0;
-	padding-right: 0px;
-	padding-left: 280px;
+#categorydiv #category-adder {
+	margin-left:0;
+	margin-right: 120px;
+}
+#categorydiv ul#category-tabs {
+	float: right;
+	text-align: left;
+	margin: 0 0 0 -120px;
+}
+ul#category-tabs li.ui-tabs-selected {
+	-moz-border-radius-topleft:0;
+	-khtml-border-top-left-radius:0;
+	-webkit-border-top-left-radius:0;
+	border-top-left-radius:0;
+	-moz-border-radius-bottomleft:0;
+	-khtml-border-bottom-left-radius:0;
+	-webkit-border-bottom-left-radius:0;
+	border-bottom-left-radius:0;
+	-moz-border-radius-topright: 3px;
+	-khtml-border-top-right-radius: 3px;
+	-webkit-border-top-right-radius: 3px;
+	border-top-right-radius: 3px;
+	-moz-border-radius-bottomright: 3px;
+	-khtml-border-bottom-right-radius: 3px;
+	-webkit-border-bottom-right-radius: 3px;
+	border-bottom-right-radius: 3px;
+}
+div.ui-tabs-panel {
+	margin: 0 120px 0 5px;
+}
+/* 1305 - elakh! :-)
+=================================== */
+#categorydiv ul.categorychecklist ul {
+	margin-left:0;
+	margin-right: 18px;
+}
+#linkcategorydiv #category-adder {
+	margin-left:0;
+	margin-right: 120px;
+}
+#linkcategorydiv ul#category-tabs {
+	float: right;
+	text-align: left;
+	margin: 0 0 0 -120px;
+}
+#linkcategorydiv ul.categorychecklist ul {
+	margin-left:0;
+	margin-right: 18px;
+}
+p#tag-search, p#post-search {
+	right:auto;
+	left:0;
+}
+#posts-filter fieldset {
+	float: right;
+	margin: 0 0 1em 1.5ex;
+}
+#posts-filter fieldset legend {
+	padding: 0 1px .2em 0;
+}
+ul.view-switch {
+	float: left;
+	margin: -23px 0 -2px 5px;
+}
+ul.view-switch li {
+	float: right;
+}
+#the-comment-list td.comment p.comment-author {
+	margin-right: 0 ;
+}
+#the-comment-list p.comment-author img {
+	float: right;
+	margin-right:0;
+	margin-left: 8px;
+}
+#the-comment-list td.comment p {
+	margin-left:0;
+	margin-right: 8px;
+}
+.curtime {
+	background-position: right 2px;
+	padding-left:0;
+	padding-right: 18px;
+}
+.tablenav .delete {
+	margin-right:0;
+	margin-left: 20px;
+}
+#tTips {
+}
+td.action-links, th.action-links {
+	text-align:left;
+}
+.info-box {
+	left:auto;
+	right: 50%;
+	margin-left: 0;
+	margin-right: -225px;
+}
+.info-box .gears-img {
+	float: left;
+}
+/* LTR
+=================================== */
+#edit-slug-box, #trackback, #metakeyinput, #post_password, #link_url, #link_image, #rss_uri, #category_nicename, #slug, #dbuser, #dbpass, #dbname, #dbprefix, #dccharset, #gmpath, #archivespath, #lastentry, #dbhost, #pages-exclude, #newcontent, #email, #newcomment_author_url, #siteurl, #home, #admin_email, #date_format, #time_format, #gmt_offset, #mailserver_url, #mailserver_port, #mailserver_login, #mailserver_pass, #ping_sites, #posts_per_page, #posts_per_rss, #blog_charset, #moderation_keys, #blacklist_keys, #comment_max_links, #permalink_structure, #category_base, #tag_base, #upload_path, #upload_url_path, #thumbnail_size_w, #thumbnail_size_h, #medium_size_w, #medium_size_h, #user_login, #url, #pass1, #pass2, #aim, #yim, #jabber, #key, #src, #hostname, #username, #password, #rules {
+	direction:ltr;
+}
+/* TinyMCE
+=================================== */
+.clearlooks2 .mceTop .mceLeft {
+	width:100% !important;
 }
-
-div#message {
-	clear: both;
-}

wp-app.php

@@ -206,9 +206,7 @@ class AtomServer {
 
 				// authenticate regardless of the operation and set the current
 				// user. each handler will decide if auth is required or not.
-				$this->authenticate();
-				$u = wp_get_current_user();
-				if(!isset($u) || $u->ID == 0) {
+				if(!$this->authenticate()) {
 					if ($always_authenticate) {
 						$this->auth_required('Credentials required.');
 					}
@@ -394,6 +392,7 @@ EOD;
 			$this->auth_required(__('Sorry, you do not have the right to edit this post.'));
 
 		$publish = (isset($parsed->draft) && trim($parsed->draft) == 'yes') ? false : true;
+		$post_status = ($publish) ? 'publish' : 'draft';
 
 		extract($entry);
 
@@ -407,13 +406,6 @@ EOD;
 		$post_modified = $pubtimes[0];
 		$post_modified_gmt = $pubtimes[1];
 
-		// let's not go backwards and make something draft again.
-		if(!$publish && $post_status == 'draft') {
-			$post_status = ($publish) ? 'publish' : 'draft';
-		} elseif($publish) {
-			$post_status = 'publish';
-		}
-
 		$postdata = compact('ID', 'post_content', 'post_title', 'post_category', 'post_status', 'post_excerpt', 'post_date', 'post_date_gmt', 'post_modified', 'post_modified_gmt');
 		$this->escape($postdata);
 
@@ -1070,9 +1062,6 @@ EOD;
 	 * Access credential through various methods and perform login
 	 */
 	function authenticate() {
-		$login_data = array();
-		$already_md5 = false;
-
 		log_app("authenticate()",print_r($_ENV, true));
 
 		// if using mod_rewrite/ENV hack
@@ -1084,22 +1073,16 @@ EOD;
 
 		// If Basic Auth is working...
 		if(isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
-			$login_data = array('login' => $_SERVER['PHP_AUTH_USER'],	'password' => $_SERVER['PHP_AUTH_PW']);
-			log_app("Basic Auth",$login_data['login']);
-		} else {
-			// else, do cookie-based authentication
-			if (function_exists('wp_get_cookie_login')) {
-				$login_data = wp_get_cookie_login();
-				$already_md5 = true;
+			log_app("Basic Auth",$_SERVER['PHP_AUTH_USER']);
+			$user = wp_authenticate($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
+			if ( $user && !is_wp_error($user) ) {
+				wp_set_current_user($user->ID);
+				log_app("authenticate()", $_SERVER['PHP_AUTH_USER']);
+				return true;
 			}
 		}
 
-		// call wp_login and set current user
-		if (!empty($login_data) && wp_login($login_data['login'], $login_data['password'], $already_md5)) {
-			 $current_user = new WP_User(0, $login_data['login']);
-			 wp_set_current_user($current_user->ID);
-			log_app("authenticate()",$login_data['login']);
-		}
+		return false;
 	}
 
 	function get_accepted_content_type($types = NULL) {

wp-content/themes/default/images/header-img.php

@@ -1,77 +1,77 @@
-<?php
+<?php
 
-$img = 'kubrickheader.jpg';
+$img = 'kubrickheader.jpg';
 
-// If we don't have image processing support, redirect.
-if ( ! function_exists('imagecreatefromjpeg') )
-	die(header("Location: kubrickheader.jpg"));
+// If we don't have image processing support, redirect.
+if ( ! function_exists('imagecreatefromjpeg') )
+	die(header("Location: kubrickheader.jpg"));
 
-// Assign and validate the color values
-$default = false;
-$vars = array('upper'=>array('r1', 'g1', 'b1'), 'lower'=>array('r2', 'g2', 'b2'));
-foreach ( $vars as $var => $subvars ) {
-	if ( isset($_GET[$var]) ) {
-		foreach ( $subvars as $index => $subvar ) {
-			$length = strlen($_GET[$var]) / 3;
-			$v = substr($_GET[$var], $index * $length, $length);
-			if ( $length == 1 ) $v = '' . $v . $v;
-			$$subvar = hexdec( $v );
-			if ( $$subvar < 0 || $$subvar > 255 )
-				$default = true;
-		}
-	} else {
-		$default = true;
-	}
-}
+// Assign and validate the color values
+$default = false;
+$vars = array('upper'=>array('r1', 'g1', 'b1'), 'lower'=>array('r2', 'g2', 'b2'));
+foreach ( $vars as $var => $subvars ) {
+	if ( isset($_GET[$var]) ) {
+		foreach ( $subvars as $index => $subvar ) {
+			$length = strlen($_GET[$var]) / 3;
+			$v = substr($_GET[$var], $index * $length, $length);
+			if ( $length == 1 ) $v = '' . $v . $v;
+			$$subvar = hexdec( $v );
+			if ( $$subvar < 0 || $$subvar > 255 )
+				$default = true;
+		}
+	} else {
+		$default = true;
+	}
+}
 
-if ( $default )
-	list ( $r1, $g1, $b1, $r2, $g2, $b2 ) = array ( 105, 174, 231, 65, 128, 182 );
+if ( $default )
+	list ( $r1, $g1, $b1, $r2, $g2, $b2 ) = array ( 105, 174, 231, 65, 128, 182 );
 
-// Create the image
-$im = imagecreatefromjpeg($img);
+// Create the image
+$im = imagecreatefromjpeg($img);
 
-// Get the background color, define the rectangle height
-$white = imagecolorat( $im, 15, 15 );
-$h = 182;
+// Get the background color, define the rectangle height
+$white = imagecolorat( $im, 15, 15 );
+$h = 182;
 
-// Define the boundaries of the rounded edges ( y => array ( x1, x2 ) )
-$corners = array(
-	0 => array ( 25, 734 ),
-	1 => array ( 23, 736 ),
-	2 => array ( 22, 737 ),
-	3 => array ( 21, 738 ),
-	4 => array ( 21, 738 ),
-	177 => array ( 21, 738 ),
-	178 => array ( 21, 738 ),
-	179 => array ( 22, 737 ),
-	180 => array ( 23, 736 ),
-	181 => array ( 25, 734 ),
-	);
+// Define the boundaries of the rounded edges ( y => array ( x1, x2 ) )
+$corners = array(
+	0 => array ( 25, 734 ),
+	1 => array ( 23, 736 ),
+	2 => array ( 22, 737 ),
+	3 => array ( 21, 738 ),
+	4 => array ( 21, 738 ),
+	177 => array ( 21, 738 ),
+	178 => array ( 21, 738 ),
+	179 => array ( 22, 737 ),
+	180 => array ( 23, 736 ),
+	181 => array ( 25, 734 ),
+	);
 
-// Blank out the blue thing
-for ( $i = 0; $i < $h; $i++ ) {
-	$x1 = 19;
-	$x2 = 740;
-	imageline( $im, $x1, 18 + $i, $x2, 18 + $i, $white );
-}
+// Blank out the blue thing
+for ( $i = 0; $i < $h; $i++ ) {
+	$x1 = 19;
+	$x2 = 740;
+	imageline( $im, $x1, 18 + $i, $x2, 18 + $i, $white );
+}
 
-// Draw a new color thing
-for ( $i = 0; $i < $h; $i++ ) {
-	$x1 = 20;
-	$x2 = 739;
-	$r = ( $r2 - $r1 != 0 ) ? $r1 + ( $r2 - $r1 ) * ( $i / $h ) : $r1;
-	$g = ( $g2 - $g1 != 0 ) ? $g1 + ( $g2 - $g1 ) * ( $i / $h ) : $g1;
-	$b = ( $b2 - $b1 != 0 ) ? $b1 + ( $b2 - $b1 ) * ( $i / $h ) : $b1;
-	$color = imagecolorallocate( $im, $r, $g, $b );
-	if ( array_key_exists($i, $corners) ) {
-		imageline( $im, $x1, 18 + $i, $x2, 18 + $i, $white );
-		list ( $x1, $x2 ) = $corners[$i];
-	}
-	imageline( $im, $x1, 18 + $i, $x2, 18 + $i, $color );
-}
+// Draw a new color thing
+for ( $i = 0; $i < $h; $i++ ) {
+	$x1 = 20;
+	$x2 = 739;
+	$r = ( $r2 - $r1 != 0 ) ? $r1 + ( $r2 - $r1 ) * ( $i / $h ) : $r1;
+	$g = ( $g2 - $g1 != 0 ) ? $g1 + ( $g2 - $g1 ) * ( $i / $h ) : $g1;
+	$b = ( $b2 - $b1 != 0 ) ? $b1 + ( $b2 - $b1 ) * ( $i / $h ) : $b1;
+	$color = imagecolorallocate( $im, $r, $g, $b );
+	if ( array_key_exists($i, $corners) ) {
+		imageline( $im, $x1, 18 + $i, $x2, 18 + $i, $white );
+		list ( $x1, $x2 ) = $corners[$i];
+	}
+	imageline( $im, $x1, 18 + $i, $x2, 18 + $i, $color );
+}
 
-//die;
-header("Content-Type: image/jpeg");
-imagejpeg($im, '', 92);
-imagedestroy($im);
-?>
+//die;
+header("Content-Type: image/jpeg");
+imagejpeg($im, '', 92);
+imagedestroy($im);
+?>

wp-includes/Text/Diff.php

@@ -49,7 +49,8 @@ class Text_Diff {
             $engine = basename($engine);
         }
 
-        require_once 'Text/Diff/Engine/' . $engine . '.php';
+        // WP #7391
+        require_once dirname(__FILE__).'/Diff/Engine/' . $engine . '.php';
         $class = 'Text_Diff_Engine_' . $engine;
         $diff_engine = new $class();
 

wp-includes/Text/Diff/Renderer/inline.php

@@ -14,7 +14,9 @@
  */
 
 /** Text_Diff_Renderer */
-require_once 'Text/Diff/Renderer.php';
+
+// WP #7391
+require_once dirname(dirname(__FILE__)) . '/Renderer.php';
 
 /**
  * "Inline" diff renderer.

wp-includes/bookmark-template.php

@@ -76,7 +76,7 @@ function _walk_bookmarks($bookmarks, $args = '' ) {
 
 		if ( $show_updated )
 			if ( '00' != substr($bookmark->link_updated_f, 0, 2) ) {
-				$title .= ' ';
+				$title .= ' (';
 				$title .= sprintf(__('Last updated: %s'), date(get_option('links_updated_date_format'), $bookmark->link_updated_f + (get_option('gmt_offset') * 3600)));
 				$title .= ')';
 			}

wp-includes/canonical.php

@@ -165,11 +165,12 @@ function redirect_canonical($requested_url=null, $do_redirect=true) {
 		} else {
 			foreach ( array('single', 'category', 'page', 'day', 'month', 'year') as $type ) {
 				$func = 'is_' . $type;
-				if ( call_user_func($func) )
+				if ( call_user_func($func) ) {
 					$user_ts_type = $type;
 					break;
 				}
 			}
+		}
 		$redirect['path'] = user_trailingslashit($redirect['path'], $user_ts_type);
 	} elseif ( is_home() ) {
 		$redirect['path'] = trailingslashit($redirect['path']);

wp-includes/class-snoopy.php

@@ -1,22 +1,12 @@
 <?php
-/**
- * Snoopy - the PHP net client
- * @author Monte Ohrt <monte@ispi.net>
- * @copyright 1999-2000 ispi, all rights reserved
- * @version 1.01
- * @license GNU Lesser GPL
- * @link http://snoopy.sourceforge.net/
- * @package Snoopy
- */
-
 if ( !in_array('Snoopy', get_declared_classes() ) ) :
-/**
- * Snoopy - the PHP net client
- *
- * @author Monte Ohrt <monte@ispi.net>
- * @copyright (c): 1999-2000 ispi, all rights reserved
- * @version 1.01
- *
+/*************************************************
+
+Snoopy - the PHP net client
+Author: Monte Ohrt <monte@ispi.net>
+Copyright (c): 1999-2008 New Digital Group, all rights reserved
+Version: 1.2.4
+
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
@@ -30,19 +20,15 @@ if ( !in_array('Snoopy', get_declared_classes() ) ) :
  * You should have received a copy of the GNU Lesser General Public
  * License along with this library; if not, write to the Free Software
  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
- *
- * You may contact the author of Snoopy by e-mail at:
- * monte@ispi.net
- *
- * Or, write to:
- * Monte Ohrt
- * CTO, ispi
- * 237 S. 70th suite 220
- * Lincoln, NE 68510
- *
- * @link http://snoopy.sourceforge.net/ The latest version of Snoopy can be
- *		obtained
- */
+
+You may contact the author of Snoopy by e-mail at:
+monte@ohrt.com
+
+The latest version of Snoopy can be obtained from:
+http://snoopy.sourceforge.net/
+
+*************************************************/
+
 class Snoopy
 {
 	/**** Public variables ****/
@@ -56,7 +42,7 @@ class Snoopy
 	var $proxy_user		=	"";					// proxy user to use
 	var $proxy_pass		=	"";					// proxy password to use
 
-	var $agent			=	"Snoopy v1.2.3";	// agent we masquerade as
+	var $agent			=	"Snoopy v1.2.4";	// agent we masquerade as
 	var	$referer		=	"";					// referer info to pass
 	var $cookies		=	array();			// array of cookies to pass
 												// $cookies["username"]="joe";
@@ -85,7 +71,7 @@ class Snoopy
 	var $error			=	"";					// error messages sent here
 	var	$response_code	=	"";					// response code returned from server
 	var	$headers		=	array();			// headers returned from server sent here
-	var	$maxlength		=	8192;				// max return data length (body)
+	var	$maxlength		=	500000;				// max return data length (body)
 	var $read_timeout	=	0;					// timeout on read operations, in seconds
 												// supported only since PHP 4 Beta 4
 												// set to 0 to disallow timeouts
@@ -727,13 +713,13 @@ class Snoopy
 							chr(176),
 							chr(39),
 							chr(128),
-							"ä",
-							"ö",
-							"ü",
-							"Ä",
-							"Ö",
-							"Ü",
-							"ß",
+							"<EFBFBD>",
+							"<EFBFBD>",
+							"<EFBFBD>",
+							"<EFBFBD>",
+							"<EFBFBD>",
+							"<EFBFBD>",
+							"<EFBFBD>",
 						);
 
 		$text = preg_replace($search,$replace,$document);
@@ -1020,8 +1006,7 @@ class Snoopy
 
 		$headerfile = tempnam($temp_dir, "sno");
 
-		$safer_URI = strtr( $URI, "\"", " " ); // strip quotes from the URI to avoid shell access
-		exec(escapeshellcmd($this->curl_path." -D \"$headerfile\"".$cmdline_params." \"".$safer_URI."\""),$results,$return);
+		exec($this->curl_path." -k -D \"$headerfile\"".$cmdline_params." \"".escapeshellcmd($URI)."\"",$results,$return);
 
 		if($return)
 		{
@@ -1245,9 +1230,7 @@ class Snoopy
 						if (!is_readable($file_name)) continue;
 
 						$fp = fopen($file_name, "r");
-						while (!feof($fp)) {
-							$file_content .= fread($fp, filesize($file_name));
-						}
+						$file_content = fread($fp, filesize($file_name));
 						fclose($fp);
 						$base_name = basename($file_name);
 
@@ -1264,5 +1247,4 @@ class Snoopy
 	}
 }
 endif;
-
 ?>

wp-includes/classes.php

@@ -110,7 +110,7 @@ class WP {
 					$query = preg_replace("!^.+\?!", '', $query);
 
 					// Substitute the substring matches into the query.
-					eval("\$query = \"$query\";");
+					eval("\$query = \"" . addslashes($query) . "\";");
 					$this->matched_query = $query;
 
 					// Parse the query.

wp-includes/cron.php

@@ -133,6 +133,7 @@ function wp_cron() {
 function wp_get_schedules() {
 	$schedules = array(
 		'hourly' => array( 'interval' => 3600, 'display' => __('Once Hourly') ),
+		'twicedaily' => array( 'interval' => 43200, 'display' => __('Twice Daily') ),
 		'daily' => array( 'interval' => 86400, 'display' => __('Once Daily') ),
 	);
 	return array_merge( apply_filters( 'cron_schedules', array() ), $schedules );

wp-includes/formatting.php

@@ -332,6 +332,9 @@ function sanitize_user( $username, $strict = false ) {
 	if ( $strict )
 		$username = preg_replace('|[^a-z0-9 _.\-@]|i', '', $username);
 
+	// Consolidate contiguous whitespace
+	$username = preg_replace('|\s+|', ' ', $username);
+
 	return apply_filters('sanitize_user', $username, $raw_username, $strict);
 }
 

wp-includes/functions.php

@@ -341,7 +341,7 @@ function get_option( $setting ) {
 
 		if ( false === $value ) {
 			if ( defined( 'WP_INSTALLING' ) )
-				$supress = $wpdb->suppress_errors();
+				$suppress = $wpdb->suppress_errors();
 			// expected_slashed ($setting)
 			$row = $wpdb->get_row( "SELECT option_value FROM $wpdb->options WHERE option_name = '$setting' LIMIT 1" );
 			if ( defined( 'WP_INSTALLING' ) )
@@ -630,12 +630,12 @@ function delete_option( $name ) {
  * @return mixed A scalar data
  */
 function maybe_serialize( $data ) {
-	if ( is_string( $data ) )
-		return $data;
-	elseif ( is_array( $data ) || is_object( $data ) )
+	if ( is_array( $data ) || is_object( $data ) )
 		return serialize( $data );
+
 	if ( is_serialized( $data ) )
 		return serialize( $data );
+
 	return $data;
 }
 
@@ -1481,15 +1481,21 @@ function path_join( $base, $path ) {
 function wp_upload_dir( $time = NULL ) {
 	$siteurl = get_option( 'siteurl' );
 	$upload_path = get_option( 'upload_path' );
-	if ( trim($upload_path) === '' )
-		$upload_path = WP_CONTENT_DIR . '/uploads';
-	$dir = $upload_path;
+	$upload_path = trim($upload_path);
+	if ( empty($upload_path) )
+		$dir = WP_CONTENT_DIR . '/uploads';
+	else 
+		$dir = $upload_path;
 
 	// $dir is absolute, $path is (maybe) relative to ABSPATH
-	$dir = path_join( ABSPATH, $upload_path );
-
-	if ( !$url = get_option( 'upload_url_path' ) )
-		$url = WP_CONTENT_URL . '/uploads';
+	$dir = path_join( ABSPATH, $dir );
+	
+	if ( !$url = get_option( 'upload_url_path' ) ) {
+		if ( empty($upload_path) or ( $upload_path == $dir ) )
+			$url = WP_CONTENT_URL . '/uploads';
+		else
+			$url = trailingslashit( $siteurl ) . $upload_path;
+	}
 
 	if ( defined('UPLOADS') ) {
 		$dir = ABSPATH . UPLOADS;
@@ -1517,8 +1523,9 @@ function wp_upload_dir( $time = NULL ) {
 		$message = sprintf( __( 'Unable to create directory %s. Is its parent directory writable by the server?' ), $dir );
 		return array( 'error' => $message );
 	}
-
+	
 	$uploads = array( 'path' => $dir, 'url' => $url, 'subdir' => $subdir, 'basedir' => $bdir, 'baseurl' => $burl, 'error' => false );
+
 	return apply_filters( 'upload_dir', $uploads );
 }
 

wp-includes/js/tinymce/plugins/wpeditimage/editimage.html

@@ -4,11 +4,11 @@
 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
 <title></title>
 
-<script type="text/javascript" src="js/editimage.js?ver=311d"></script>
+<script type="text/javascript" src="js/editimage.js?ver=311g"></script>
 <script type="text/javascript" src="../../utils/form_utils.js?ver=311"></script>
 
-<link rel="stylesheet" href="css/editimage.css?ver=311d" type="text/css" media="all" />
-<link rel="stylesheet" href="../../../../../wp-admin/css/media.css?ver=2.6-beta3" type="text/css" media="all" />
+<link rel="stylesheet" href="css/editimage.css?ver=311g" type="text/css" media="all" />
+<link rel="stylesheet" href="../../../../../wp-admin/css/media.css?ver=2.6.1" type="text/css" media="all" />
 <script type="text/javascript">
 if ( 'rtl' == tinyMCEPopup.editor.getParam('directionality','') )
 	document.write('<link rel="stylesheet" href="css/editimage-rtl.css?ver=311" type="text/css" media="all" />');

wp-includes/js/tinymce/plugins/wpeditimage/editor_plugin.js

@@ -15,7 +15,7 @@
 				if ( ed.dom.getAttrib(el, 'class').indexOf('mceItem') != -1 || el.nodeName != 'IMG' )
 					return;
 
-				tb_show('', url + '/editimage.html?ver=311c&TB_iframe=true');
+				tb_show('', url + '/editimage.html?ver=311g&TB_iframe=true');
 				tinymce.DOM.setStyle( ['TB_overlay','TB_window','TB_load'], 'z-index', '999999' );
 			});
 

wp-includes/js/tinymce/plugins/wpeditimage/js/editimage.js

@@ -79,7 +79,7 @@ var wpImage = {
 
 		for ( i = 0; i < styles.length; i++ ) {
 			var url = styles.item(i).href;
-			if ( url && url.indexOf('colors-') != -1 )
+			if ( url && url.indexOf('colors') != -1 )
 				document.write( '<link rel="stylesheet" href="'+url+'" type="text/css" media="all" />' );
 		}
 	},
@@ -245,10 +245,10 @@ var wpImage = {
 	},
 
 	setup : function() {
-		var t = this, h, c, el, id, link, fname, f = document.forms[0], ed = tinyMCEPopup.editor, d = t.I('img_demo'), dom = tinyMCEPopup.dom, DL, caption = null;
+		var t = this, h, c, el, id, link, fname, f = document.forms[0], ed = tinyMCEPopup.editor, d = t.I('img_demo'), dom = tinyMCEPopup.dom, DL, caption = '';
 		document.dir = tinyMCEPopup.editor.getParam('directionality','');
 
-		if ( ! tinyMCEPopup.editor.getParam('wpeditimage_do_captions', true) )
+		if ( tinyMCEPopup.editor.getParam('wpeditimage_disable_captions', false) )
 			t.I('cap_field').style.display = 'none';
 
 		tinyMCEPopup.restoreSelection();

wp-includes/js/tinymce/themes/advanced/skins/wp_theme/content.css

@@ -8,8 +8,8 @@ h4 {font-size: 1em}
 h5 {font-size: .83em}
 h6 {font-size: .75em}
 .mceItemTable, .mceItemTable td, .mceItemTable th, .mceItemTable caption, .mceItemVisualAid {border: 1px dashed #BBB;}
-a.mceItemAnchor {width:12px; line-height:6px; overflow:hidden; padding-left:12px; background:url(img/items.gif) no-repeat bottom left;}
-img.mceItemAnchor {width:12px; height:12px; background:url(img/items.gif) no-repeat;}
+a.mceItemAnchor {width:12px; line-height:6px; overflow:hidden; padding-left:12px; background:url(../default/img/items.gif) no-repeat bottom left;}
+img.mceItemAnchor {width:12px; height:12px; background:url(../default/img/items.gif) no-repeat;}
 img {border:0;}
 table {cursor:default}
 table td, table th {cursor:text}

wp-includes/js/tinymce/tiny_mce_config.php

@@ -130,7 +130,7 @@ $mce_buttons_3 = implode($mce_buttons_3, ',');
 $mce_buttons_4 = apply_filters('mce_buttons_4', array());
 $mce_buttons_4 = implode($mce_buttons_4, ',');
 
-$do_captions = ( defined('CAPTIONS_OFF') && true == CAPTIONS_OFF ) ? false : true;
+$no_captions = ( apply_filters( 'disable_captions', '' ) ) ? true : false;
 
 // TinyMCE init settings
 $initArray = array (
@@ -165,7 +165,7 @@ $initArray = array (
 	'tab_focus' => ':next',
 	'content_css' => "$mce_css",
 	'save_callback' => 'switchEditors.saveCallback',
-	'wpeditimage_do_captions' => $do_captions,
+	'wpeditimage_disable_captions' => $no_captions,
 	'plugins' => "$plugins",
 	// pass-through the settings for compression and caching, so they can be changed with "tiny_mce_before_init"
 	'disk_cache' => true,
@@ -225,7 +225,7 @@ if ( $compress && isset($_SERVER['HTTP_ACCEPT_ENCODING']) ) {
 // Setup cache info
 if ( $disk_cache ) {
 
-	$cacheKey = apply_filters('tiny_mce_version', '20080710');
+	$cacheKey = apply_filters('tiny_mce_version', '20080810');
 
 	foreach ( $initArray as $v )
 		$cacheKey .= $v;

wp-includes/js/tinymce/wordpress.css

@@ -76,20 +76,6 @@ pre {
 	font: 12px/18px "Courier New", monospace;
 }
 
-img.mceItemAnchor {
-	width: 12px;
-	height: 12px;
-	background: url(img/items.gif) no-repeat;
-}
-
-a.mceItemAnchor {
-	width: 12px;
-	line-height: 6px;
-	overflow: hidden;
-	padding-left: 12px;
-	background: url(img/items.gif) no-repeat bottom left;
-}
-
 .mceIEcenter {
 	text-align: center;
 }

wp-includes/js/wp-lists.js

@@ -88,6 +88,8 @@ var wpList = {
 			var res = wpAjax.parseAjaxResponse(r, s.response, s.element);
 			if ( !res || res.errors ) { return false; }
 
+			if ( true === res ) { return true; }
+
 			jQuery.each( res.responses, function() {
 				wpList.add.call( list, this.data, $.extend( {}, s, { // this.firstChild.nodevalue
 					pos: this.position || 0,

wp-includes/kses.php

@@ -431,6 +431,10 @@ function wp_kses_split2($string, $allowed_html, $allowed_protocols) {
 			$string = $newstring;
 		if ( $string == '' )
 			return '';
+		// prevent multiple dashes in comments
+		$string = preg_replace('/--+/', '-', $string);
+		// prevent three dashes closing a comment
+		$string = preg_replace('/-$/', '', $string);
 		return "<!--{$string}-->";
 	}
 	# Allow HTML comments
@@ -533,7 +537,8 @@ function wp_kses_attr($element, $attr, $allowed_html, $allowed_protocols) {
  * input. It will add quotes around attribute values that don't have any quotes
  * or apostrophes around them, to make it easier to produce HTML code that will
  * conform to W3C's HTML specification. It will also remove bad URL protocols
- * from attribute values.
+ * from attribute values.  It also reduces duplicate attributes by using the
+ * attribute defined first (foo='bar' foo='baz' will result in foo='bar').
  *
  * @since 1.0.0
  *
@@ -576,7 +581,9 @@ function wp_kses_hair($attr, $allowed_protocols) {
 					{
 					$working = 1;
 					$mode = 0;
-					$attrarr[] = array ('name' => $attrname, 'value' => '', 'whole' => $attrname, 'vless' => 'y');
+					if(FALSE === array_key_exists($attrname, $attrarr)) {
+						$attrarr[$attrname] = array ('name' => $attrname, 'value' => '', 'whole' => $attrname, 'vless' => 'y');
+					}
 					$attr = preg_replace('/^\s+/', '', $attr);
 				}
 
@@ -589,7 +596,9 @@ function wp_kses_hair($attr, $allowed_protocols) {
 					{
 					$thisval = wp_kses_bad_protocol($match[1], $allowed_protocols);
 
-					$attrarr[] = array ('name' => $attrname, 'value' => $thisval, 'whole' => "$attrname=\"$thisval\"", 'vless' => 'n');
+					if(FALSE === array_key_exists($attrname, $attrarr)) {
+						$attrarr[$attrname] = array ('name' => $attrname, 'value' => $thisval, 'whole' => "$attrname=\"$thisval\"", 'vless' => 'n');
+					}
 					$working = 1;
 					$mode = 0;
 					$attr = preg_replace('/^"[^"]*"(\s+|$)/', '', $attr);
@@ -601,7 +610,9 @@ function wp_kses_hair($attr, $allowed_protocols) {
 					{
 					$thisval = wp_kses_bad_protocol($match[1], $allowed_protocols);
 
-					$attrarr[] = array ('name' => $attrname, 'value' => $thisval, 'whole' => "$attrname='$thisval'", 'vless' => 'n');
+					if(FALSE === array_key_exists($attrname, $attrarr)) {
+						$attrarr[$attrname] = array ('name' => $attrname, 'value' => $thisval, 'whole' => "$attrname='$thisval'", 'vless' => 'n');
+					}
 					$working = 1;
 					$mode = 0;
 					$attr = preg_replace("/^'[^']*'(\s+|$)/", '', $attr);
@@ -613,7 +624,9 @@ function wp_kses_hair($attr, $allowed_protocols) {
 					{
 					$thisval = wp_kses_bad_protocol($match[1], $allowed_protocols);
 
-					$attrarr[] = array ('name' => $attrname, 'value' => $thisval, 'whole' => "$attrname=\"$thisval\"", 'vless' => 'n');
+					if(FALSE === array_key_exists($attrname, $attrarr)) {
+						$attrarr[$attrname] = array ('name' => $attrname, 'value' => $thisval, 'whole' => "$attrname=\"$thisval\"", 'vless' => 'n');
+					}
 					# We add quotes to conform to W3C's HTML spec.
 					$working = 1;
 					$mode = 0;
@@ -630,10 +643,10 @@ function wp_kses_hair($attr, $allowed_protocols) {
 		}
 	} # while
 
-	if ($mode == 1)
+	if ($mode == 1 && FALSE === array_key_exists($attrname, $attrarr))
 		# special case, for when the attribute list ends with a valueless
 		# attribute like "selected"
-		$attrarr[] = array ('name' => $attrname, 'value' => '', 'whole' => $attrname, 'vless' => 'y');
+		$attrarr[$attrname] = array ('name' => $attrname, 'value' => '', 'whole' => $attrname, 'vless' => 'y');
 
 	return $attrarr;
 }
@@ -1052,4 +1065,4 @@ function kses_init() {
 
 add_action('init', 'kses_init');
 add_action('set_current_user', 'kses_init');
-?>
+?>

wp-includes/l10n.php

@@ -242,21 +242,27 @@ function __ngettext_noop($single, $plural, $number=1, $domain = 'default') {
 function load_textdomain($domain, $mofile) {
 	global $l10n;
 
-	if (isset($l10n[$domain]))
-		return;
-
 	if ( is_readable($mofile))
 		$input = new CachedFileReader($mofile);
 	else
 		return;
 
-	$l10n[$domain] = new gettext_reader($input);
+	$gettext = new gettext_reader($input);
+
+	if (isset($l10n[$domain])) {
+		$l10n[$domain]->load_tables();
+		$gettext->load_tables();
+		$l10n[$domain]->cache_translations = array_merge($gettext->cache_translations, $l10n[$domain]->cache_translations);
+	} else
+		$l10n[$domain] = $gettext;
+
+	unset($input, $gettext);
 }
 
 /**
  * load_default_textdomain() - Loads default translated strings based on locale
  *
- * Loads the .mo file in LANGDIR constant path from WordPress root.
+ * Loads the .mo file in WP_LANG_DIR constant path from WordPress root.
  * The translated (.mo) file is named based off of the locale.
  *
  * @since 1.5.0
@@ -264,7 +270,7 @@ function load_textdomain($domain, $mofile) {
 function load_default_textdomain() {
 	$locale = get_locale();
 
-	$mofile = ABSPATH . LANGDIR . "/$locale.mo";
+	$mofile = WP_LANG_DIR . "/$locale.mo";
 
 	load_textdomain('default', $mofile);
 }

wp-includes/link-template.php

@@ -479,7 +479,7 @@ function get_edit_post_link( $id = 0, $context = 'display' ) {
 		break;
 	endswitch;
 	
-	return apply_filters( 'get_edit_post_link', get_bloginfo( 'wpurl' ) . "/wp-admin/$file.php?{$action}$var=$post->ID", $post->ID );
+	return apply_filters( 'get_edit_post_link', admin_url("$file.php?{$action}$var=$post->ID"), $post->ID, $context );
 }
 
 function edit_post_link( $link = 'Edit This', $before = '', $after = '' ) {
@@ -509,7 +509,7 @@ function get_edit_comment_link( $comment_id = 0 ) {
 			return;
 	}
 
-	$location = get_bloginfo( 'wpurl' ) . '/wp-admin/comment.php?action=editcomment&c=' . $comment->comment_ID;
+	$location = admin_url('comment.php?action=editcomment&c=') . $comment->comment_ID;
 	return apply_filters( 'get_edit_comment_link', $location );
 }
 

wp-includes/media.php

@@ -355,9 +355,6 @@ add_shortcode('caption', 'img_caption_shortcode');
 
 function img_caption_shortcode($attr, $content = null) {
 
-	if ( defined('CAPTIONS_OFF') && true == CAPTIONS_OFF )
-		return $content;
-
 	// Allow plugins/themes to override the default caption template.
 	$output = apply_filters('img_caption_shortcode', '', $attr, $content);
 	if ( $output != '' )

wp-includes/pluggable.php

@@ -1289,11 +1289,53 @@ function wp_generate_password($length = 12, $special_chars = true) {
 
 	$password = '';
 	for ( $i = 0; $i < $length; $i++ )
-		$password .= substr($chars, mt_rand(0, strlen($chars) - 1), 1);
+		$password .= substr($chars, wp_rand(0, strlen($chars) - 1), 1);
 	return $password;
 }
 endif;
 
+if ( !function_exists('wp_rand') ) :
+ /**
+ * Generates a random number
+ *
+ * @since 2.6.2
+ *
+ * @param int $min Lower limit for the generated number (optional, default is 0)
+ * @param int $max Upper limit for the generated number (optional, default is 4294967295)
+ * @return int A random number between min and max
+ */
+function wp_rand( $min = 0, $max = 0 ) {
+	global $rnd_value;
+
+	$seed = get_option('random_seed');
+
+	// Reset $rnd_value after 14 uses
+	// 32(md5) + 40(sha1) + 40(sha1) / 8 = 14 random numbers from $rnd_value
+	if ( strlen($rnd_value) < 8 ) {
+		$rnd_value = md5( uniqid(microtime() . mt_rand(), true ) . $seed );
+		$rnd_value .= sha1($rnd_value);
+		$rnd_value .= sha1($rnd_value . $seed);
+		$seed = md5($seed . $rnd_value);
+		update_option('random_seed', $seed);
+	}
+
+	// Take the first 8 digits for our value
+	$value = substr($rnd_value, 0, 8);
+
+	// Strip the first eight, leaving the remainder for the next call to wp_rand().
+	$rnd_value = substr($rnd_value, 8);
+
+	$value = abs(hexdec($value));
+
+	// Reduce the value to be within the min - max range
+	// 4294967295 = 0xffffffff = max random number
+	if ( $max != 0 )
+		$value = $min + (($max - $min + 1) * ($value / (4294967295 + 1)));
+
+	return abs(intval($value)); 
+}
+endif;
+
 if ( !function_exists('wp_set_password') ) :
 /**
  * Updates the user's password with a new encrypted one.
@@ -1512,10 +1554,6 @@ function wp_text_diff( $left_string, $right_string, $args = null ) {
 	$defaults = array( 'title' => '', 'title_left' => '', 'title_right' => '' );
 	$args = wp_parse_args( $args, $defaults );
 
-	// PEAR Text_Diff is lame; it includes things from include_path rather than it's own path.
-	// Not sure of the ramifications of disttributing modified code.
-	ini_set('include_path', '.' . PATH_SEPARATOR . ABSPATH . WPINC );
-
 	if ( !class_exists( 'WP_Text_Diff_Renderer_Table' ) )
 		require( ABSPATH . WPINC . '/wp-diff.php' );
 
@@ -1534,8 +1572,6 @@ function wp_text_diff( $left_string, $right_string, $args = null ) {
 	$renderer  = new WP_Text_Diff_Renderer_Table();
 	$diff = $renderer->render($text_diff);
 
-	ini_restore('include_path');
-
 	if ( !$diff )
 		return '';
 

wp-includes/post.php

@@ -465,7 +465,7 @@ function get_posts($args = null) {
 		'order' => 'DESC', 'include' => '',
 		'exclude' => '', 'meta_key' => '',
 		'meta_value' =>'', 'post_type' => 'post',
-		'post_parent' => 0
+		'post_parent' => 0, 'suppress_filters' => true
 	);
 
 	$r = wp_parse_args( $args, $defaults );
@@ -511,6 +511,10 @@ function get_posts($args = null) {
 function add_post_meta($post_id, $meta_key, $meta_value, $unique = false) {
 	global $wpdb;
 
+	// make sure meta is added to the post, not a revision
+	if ( $the_post = wp_is_post_revision($post_id) )
+		$post_id = $the_post;
+
 	// expected_slashed ($meta_key)
 	$meta_key = stripslashes($meta_key);
 
@@ -590,27 +594,20 @@ function get_post_meta($post_id, $key, $single = false) {
 
 	$meta_cache = wp_cache_get($post_id, 'post_meta');
 
-	if ( isset($meta_cache[$key]) ) {
-		if ( $single ) {
-			return maybe_unserialize( $meta_cache[$key][0] );
-		} else {
-			return maybe_unserialize( $meta_cache[$key] );
-		}
-	}
-
 	if ( !$meta_cache ) {
 		update_postmeta_cache($post_id);
 		$meta_cache = wp_cache_get($post_id, 'post_meta');
 	}
 
-	if ( $single ) {
-		if ( isset($meta_cache[$key][0]) )
-			return maybe_unserialize($meta_cache[$key][0]);
-		else
-			return '';
-	} else {
-		return maybe_unserialize($meta_cache[$key]);
+	if ( isset($meta_cache[$key]) ) {
+		if ( $single ) {
+			return maybe_unserialize( $meta_cache[$key][0] );
+		} else {
+			return array_map('maybe_unserialize', $meta_cache[$key]);
+		}
 	}
+
+	return '';
 }
 
 /**
@@ -1272,14 +1269,14 @@ function wp_insert_post($postarr = array(), $wp_error = false) {
 	}
 
 	// If the post date is empty (due to having been new or a draft) and status is not 'draft', set date to now
-	if (empty($post_date)) {
+	if ( empty($post_date) || '0000-00-00 00:00:00' == $post_date ) {
 		if ( !in_array($post_status, array('draft', 'pending')) )
 			$post_date = current_time('mysql');
 		else
 			$post_date = '0000-00-00 00:00:00';
 	}
 
-	if (empty($post_date_gmt)) {
+	if ( empty($post_date_gmt) || '0000-00-00 00:00:00' == $post_date_gmt ) {
 		if ( !in_array($post_status, array('draft', 'pending')) )
 			$post_date_gmt = get_gmt_from_date($post_date);
 		else
@@ -3113,7 +3110,6 @@ function _wp_post_revision_fields( $post = null, $autosave = false ) {
 		// Allow these to be versioned
 		$fields = array(
 			'post_title' => __( 'Title' ),
-			'post_author' => __( 'Author' ),
 			'post_content' => __( 'Content' ),
 			'post_excerpt' => __( 'Excerpt' ),
 		);
@@ -3122,7 +3118,7 @@ function _wp_post_revision_fields( $post = null, $autosave = false ) {
 		$fields = apply_filters( '_wp_post_revision_fields', $fields );
 
 		// WP uses these internally either in versioning or elsewhere - they cannot be versioned
-		foreach ( array( 'ID', 'post_name', 'post_parent', 'post_date', 'post_date_gmt', 'post_status', 'post_type', 'comment_count' ) as $protect )
+		foreach ( array( 'ID', 'post_name', 'post_parent', 'post_date', 'post_date_gmt', 'post_status', 'post_type', 'comment_count', 'post_author' ) as $protect )
 			unset( $fields[$protect] );
 	}
 
@@ -3294,7 +3290,7 @@ function _wp_put_post_revision( $post = null, $autosave = false ) {
 	if ( !$post || empty($post['ID']) )
 		return;
 
-	if ( isset($post['post_type']) && 'revision' == $post_post['type'] )
+	if ( isset($post['post_type']) && 'revision' == $post['post_type'] )
 		return new WP_Error( 'post_type', __( 'Cannot create a revision of a revision' ) );
 
 	$post = _wp_post_revision_fields( $post, $autosave );

wp-includes/query.php

@@ -773,9 +773,9 @@ class WP_Query {
 			$qv['post_type'] = sanitize_user($qv['post_type'], true);
 
 		if ( !empty($qv['post_status']) )
-			$qv['post_status'] = sanitize_user($qv['post_status'], true);
+			$qv['post_status'] = preg_replace('|[^a-z0-9_,-]|', '', $qv['post_status']);
 
-		if ( $this->is_posts_page && !$qv['withcomments'] )
+		if ( $this->is_posts_page && ( ! isset($qv['withcomments']) || ! $qv['withcomments'] ) )
 			$this->is_comment_feed = false;
 
 		$this->is_singular = $this->is_single || $this->is_page || $this->is_attachment;
@@ -829,7 +829,12 @@ class WP_Query {
 		$join = '';
 		$search = '';
 		$groupby = '';
+		$fields = "$wpdb->posts.*";
 		$post_status_join = false;
+		$page = 1;
+
+		if ( !isset($q['suppress_filters']) )
+			$q['suppress_filters'] = false;
 
 		if ( !isset($q['post_type']) ) {
 			if ( $this->is_search )
@@ -1123,9 +1128,9 @@ class WP_Query {
 			$whichcat .= " AND $wpdb->term_taxonomy.taxonomy = 'post_tag' ";
 			$include_tags = "'" . implode("', '", $q['tag_slug__in']) . "'";
 			$whichcat .= " AND $wpdb->terms.slug IN ($include_tags) ";
-			$reqtag = is_term( $q['tag_slug__in'][0], 'post_tag' );
+			$reqtag = get_term_by( 'slug', $q['tag_slug__in'][0], 'post_tag' );
 			if ( !empty($reqtag) )
-				$q['tag_id'] = $reqtag['term_id'];
+				$q['tag_id'] = $reqtag->term_id;
 		}
 
 		if ( !empty($q['tag__not_in']) ) {
@@ -1361,8 +1366,10 @@ class WP_Query {
 
 		// Apply filters on where and join prior to paging so that any
 		// manipulations to them are reflected in the paging by day queries.
-		$where = apply_filters('posts_where', $where);
-		$join = apply_filters('posts_join', $join);
+		if ( !$q['suppress_filters'] ) {
+			$where = apply_filters('posts_where', $where);
+			$join = apply_filters('posts_join', $join);
+		}
 
 		// Paging
 		if ( empty($q['nopaging']) && !$this->is_singular ) {
@@ -1394,9 +1401,11 @@ class WP_Query {
 				$cgroupby = '';
 			}
 
-			$cjoin = apply_filters('comment_feed_join', $cjoin);
-			$cwhere = apply_filters('comment_feed_where', $cwhere);
-			$cgroupby = apply_filters('comment_feed_groupby', $cgroupby);
+			if ( !$q['suppress_filters'] ) {
+				$cjoin = apply_filters('comment_feed_join', $cjoin);
+				$cwhere = apply_filters('comment_feed_where', $cwhere);
+				$cgroupby = apply_filters('comment_feed_groupby', $cgroupby);
+			}
 
 			$this->comments = (array) $wpdb->get_results("SELECT $distinct $wpdb->comments.* FROM $wpdb->comments $cjoin $cwhere $cgroupby ORDER BY comment_date_gmt DESC LIMIT " . get_option('posts_per_rss'));
 			$this->comment_count = count($this->comments);
@@ -1414,28 +1423,33 @@ class WP_Query {
 				$where = "AND 0";
 		}
 
+		$orderby = $q['orderby'];
+
 		// Apply post-paging filters on where and join.  Only plugins that
 		// manipulate paging queries should use these hooks.
-
-		$where = apply_filters('posts_where_paged', $where);
-		$groupby = apply_filters('posts_groupby', $groupby);
-		$join = apply_filters('posts_join_paged', $join);
-		$orderby = apply_filters('posts_orderby', $q['orderby']);
-		$distinct = apply_filters('posts_distinct', $distinct);
-		$fields = apply_filters('posts_fields', "$wpdb->posts.*");
-		$limits = apply_filters( 'post_limits', $limits );
+		if ( !$q['suppress_filters'] ) {
+			$where = apply_filters('posts_where_paged', $where);
+			$groupby = apply_filters('posts_groupby', $groupby);
+			$join = apply_filters('posts_join_paged', $join);
+			$orderby = apply_filters('posts_orderby', $orderby);
+			$distinct = apply_filters('posts_distinct', $distinct);
+			$fields = apply_filters('posts_fields', $fields);
+			$limits = apply_filters( 'post_limits', $limits );
+		}
 
 		// Announce current selection parameters.  For use by caching plugins.
 		do_action( 'posts_selection', $where . $groupby . $orderby . $limits . $join );
 
 		// Filter again for the benefit of caching plugins.  Regular plugins should use the hooks above.
-		$where = apply_filters('posts_where_request', $where);
-		$groupby = apply_filters('posts_groupby_request', $groupby);
-		$join = apply_filters('posts_join_request', $join);
-		$orderby = apply_filters('posts_orderby_request', $orderby);
-		$distinct = apply_filters('posts_distinct_request', $distinct);
-		$fields = apply_filters('posts_fields_request', $fields);
-		$limits = apply_filters( 'post_limits_request', $limits );
+		if ( !$q['suppress_filters'] ) {
+			$where = apply_filters('posts_where_request', $where);
+			$groupby = apply_filters('posts_groupby_request', $groupby);
+			$join = apply_filters('posts_join_request', $join);
+			$orderby = apply_filters('posts_orderby_request', $orderby);
+			$distinct = apply_filters('posts_distinct_request', $distinct);
+			$fields = apply_filters('posts_fields_request', $fields);
+			$limits = apply_filters( 'post_limits_request', $limits );
+		}
 
 		if ( ! empty($groupby) )
 			$groupby = 'GROUP BY ' . $groupby;
@@ -1445,12 +1459,14 @@ class WP_Query {
 		if ( !empty($limits) )
 			$found_rows = 'SQL_CALC_FOUND_ROWS';
 
-		$request = " SELECT $found_rows $distinct $fields FROM $wpdb->posts $join WHERE 1=1 $where $groupby $orderby $limits";
-		$this->request = apply_filters('posts_request', $request);
+		$this->request = " SELECT $found_rows $distinct $fields FROM $wpdb->posts $join WHERE 1=1 $where $groupby $orderby $limits";
+		if ( !$q['suppress_filters'] )
+			$this->request = apply_filters('posts_request', $this->request);
 
 		$this->posts = $wpdb->get_results($this->request);
 		// Raw results filter.  Prior to status checks.
-		$this->posts = apply_filters('posts_results', $this->posts);
+		if ( !$q['suppress_filters'] )
+			$this->posts = apply_filters('posts_results', $this->posts);
 
 		if ( !empty($this->posts) && $this->is_comment_feed && $this->is_singular ) {
 			$cjoin = apply_filters('comment_feed_join', '');
@@ -1497,7 +1513,8 @@ class WP_Query {
 			}
 		}
 
-		$this->posts = apply_filters('the_posts', $this->posts);
+		if ( !$q['suppress_filters'] )
+			$this->posts = apply_filters('the_posts', $this->posts);
 
 		update_post_caches($this->posts);
 

wp-includes/rewrite.php

@@ -67,8 +67,10 @@ function add_rewrite_endpoint($name, $places) {
   * @author Mark Jaquith 
   */
 function _wp_filter_taxonomy_base( $base ) {
-	if ( !empty( $base ) )
-		$base = preg_replace( '|^/index\.php/|', '/', $base );
+	if ( !empty( $base ) ) {
+		$base = preg_replace( '|^/index\.php/|', '', $base );
+		$base = trim( $base, '/' );
+	}
 	return $base;
 }
 
@@ -150,7 +152,7 @@ function url_to_postid($url) {
 			$query = preg_replace("!^.+\?!", '', $query);
 
 			// Substitute the substring matches into the query.
-			eval("\$query = \"$query\";");
+			eval("\$query = \"" . addslashes($query) . "\";");
 			// Filter out non-public query vars
 			global $wp;
 			parse_str($query, $query_vars);
@@ -445,9 +447,9 @@ class WP_Rewrite {
 		}
 
 		if (empty($this->category_base))
-			$this->category_structure = $this->front . 'category/';
+			$this->category_structure = trailingslashit( $this->front . 'category' );
 		else
-			$this->category_structure = $this->category_base . '/';
+			$this->category_structure = trailingslashit( '/' . $this->root . $this->category_base );
 
 		$this->category_structure .= '%category%';
 
@@ -465,9 +467,9 @@ class WP_Rewrite {
 		}
 
 		if (empty($this->tag_base))
-			$this->tag_structure = $this->front . 'tag/';
+			$this->tag_structure = trailingslashit( $this->front . 'tag' );
 		else
-			$this->tag_structure = $this->tag_base . '/';
+			$this->tag_structure = trailingslashit( '/' . $this->root . $this->tag_base );
 
 		$this->tag_structure .= '%tag%';
 
@@ -993,8 +995,8 @@ class WP_Rewrite {
 		if ($this->using_index_permalinks()) {
 			$this->root = $this->index . '/';
 		}
-		$this->category_base = ( ( $this->using_index_permalinks() ) ? '/' . $this->index : '' ) . get_option( 'category_base' );
-		$this->tag_base = ( ( $this->using_index_permalinks() ) ? '/' . $this->index : '' ) . get_option( 'tag_base' );
+		$this->category_base = get_option( 'category_base' );
+		$this->tag_base = get_option( 'tag_base' );
 		unset($this->category_structure);
 		unset($this->author_structure);
 		unset($this->date_structure);

wp-includes/script-loader.php

@@ -37,7 +37,7 @@ function wp_default_scripts( &$scripts ) {
 	$scripts->add( 'editor_functions', '/wp-admin/js/editor.js', false, '20080710' );
 
 	// Modify this version when tinyMCE plugins are changed.
-	$mce_version = apply_filters('tiny_mce_version', '20080710');
+	$mce_version = apply_filters('tiny_mce_version', '20080810');
 	$scripts->add( 'tiny_mce', '/wp-includes/js/tinymce/tiny_mce_config.php', array('editor_functions'), $mce_version );
 
 	$scripts->add( 'prototype', '/wp-includes/js/prototype.js', false, '1.6');
@@ -50,7 +50,7 @@ function wp_default_scripts( &$scripts ) {
 
 	$scripts->add( 'autosave', '/wp-includes/js/autosave.js', array('schedule', 'wp-ajax-response'), '20080622' );
 
-	$scripts->add( 'wp-lists', '/wp-includes/js/wp-lists.js', array('wp-ajax-response'), '20080411' );
+	$scripts->add( 'wp-lists', '/wp-includes/js/wp-lists.js', array('wp-ajax-response'), '20080729' );
 	$scripts->localize( 'wp-lists', 'wpListL10n', array(
 		'url' => admin_url('admin-ajax.php')
 	) );
@@ -125,7 +125,7 @@ function wp_default_scripts( &$scripts ) {
 			'pending' => __('%i% pending') // must look like: "# blah blah"
 		) );
 		$scripts->add( 'admin-users', '/wp-admin/js/users.js', array('wp-lists'), '20070823' );
-		$scripts->add( 'admin-forms', '/wp-admin/js/forms.js', false, '20080401');
+		$scripts->add( 'admin-forms', '/wp-admin/js/forms.js', array('jquery'), '20080729');
 		$scripts->add( 'xfn', '/wp-admin/js/xfn.js', false, '3517' );
 		$scripts->add( 'upload', '/wp-admin/js/upload.js', array('jquery'), '20070518' );
 		$scripts->add( 'postbox', '/wp-admin/js/postbox.js', array('jquery'), '20080128' );
@@ -194,7 +194,7 @@ function wp_default_scripts( &$scripts ) {
 			'count' => __('Word count: %d')
 		));
 		
-		$scripts->add( 'wp-gears', '/wp-admin/js/wp-gears.js', false, '20080511' );
+		$scripts->add( 'wp-gears', '/wp-admin/js/wp-gears.js', false, '20080721' );
 		$scripts->localize( 'wp-gears', 'wpGearsL10n', array(
 			'updateCompleted' => __('Update completed.'),
 			'error' => __('Error:')

wp-includes/streams.php

@@ -58,21 +58,39 @@ class StringReader {
   function StringReader($str='') {
     $this->_str = $str;
     $this->_pos = 0;
+    // If string functions are overloaded, we need to use the mb versions
+    $this->is_overloaded = ((ini_get("mbstring.func_overload") & 2) != 0) && function_exists('mb_substr');
+  }
+
+  function _substr($string, $start, $length) {
+	if ($this->is_overloaded) {
+		return mb_substr($string,$start,$length,'ascii');
+	} else {
+		return substr($string,$start,$length);
+	}
+  }
+
+  function _strlen($string) {
+	if ($this->is_overloaded) {
+		return mb_strlen($string,'ascii');
+	} else {
+		return strlen($string);
+	}
   }
 
   function read($bytes) {
-    $data = substr($this->_str, $this->_pos, $bytes);
+	  $data = $this->_substr($this->_str, $this->_pos, $bytes);
     $this->_pos += $bytes;
-    if (strlen($this->_str)<$this->_pos)
-      $this->_pos = strlen($this->_str);
+    if ($this->_strlen($this->_str)<$this->_pos)
+      $this->_pos = $this->_strlen($this->_str);
 
     return $data;
   }
 
   function seekto($pos) {
     $this->_pos = $pos;
-    if (strlen($this->_str)<$this->_pos)
-      $this->_pos = strlen($this->_str);
+    if ($this->_strlen($this->_str)<$this->_pos)
+      $this->_pos = $this->_strlen($this->_str);
     return $this->_pos;
   }
 
@@ -81,9 +99,8 @@ class StringReader {
   }
 
   function length() {
-    return strlen($this->_str);
+    return $this->_strlen($this->_str);
   }
-
 }
 
 
@@ -149,17 +166,18 @@ class FileReader {
 // over it (it assumes knowledge of StringReader internals)
 class CachedFileReader extends StringReader {
   function CachedFileReader($filename) {
+    parent::StringReader();
+
     if (file_exists($filename)) {
 
       $length=filesize($filename);
       $fd = fopen($filename,'rb');
 
       if (!$fd) {
-	$this->error = 3; // Cannot read file, probably permissions
-	return false;
+        $this->error = 3; // Cannot read file, probably permissions
+        return false;
       }
       $this->_str = fread($fd, $length);
-	  $this->_pos = 0;
 	  fclose($fd);
 
     } else {

wp-includes/taxonomy.php

@@ -761,20 +761,36 @@ function &get_terms($taxonomies, $args = '') {
 function is_term($term, $taxonomy = '') {
 	global $wpdb;
 
+	$select = "SELECT term_id FROM $wpdb->terms as t WHERE ";
+	$tax_select = "SELECT tt.term_id, tt.term_taxonomy_id FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy as tt ON tt.term_id = t.term_id WHERE ";
+
 	if ( is_int($term) ) {
 		if ( 0 == $term )
 			return 0;
-		$where = $wpdb->prepare( "t.term_id = %d", $term );
-	} else {
-		if ( '' === $term = sanitize_title($term) )
-			return 0;
-		$where = $wpdb->prepare( "t.slug = %s", $term );
+		$where = 't.term_id = %d';
+		if ( !empty($taxonomy) )
+			return $wpdb->get_row( $wpdb->prepare( $tax_select . $where . " AND tt.taxonomy = %s", $term, $taxonomy ), ARRAY_A );
+		else
+			return $wpdb->get_var( $wpdb->prepare( $select . $where, $term ) );
 	}
 
-	if ( !empty($taxonomy) )
-		return $wpdb->get_row( $wpdb->prepare("SELECT tt.term_id, tt.term_taxonomy_id FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy as tt ON tt.term_id = t.term_id WHERE $where AND tt.taxonomy = %s", $taxonomy), ARRAY_A);
+	if ( '' === $slug = sanitize_title($term) )
+		return 0;
 
-	return $wpdb->get_var("SELECT term_id FROM $wpdb->terms as t WHERE $where");
+	$where = 't.slug = %s';
+	$else_where = 't.name = %s';
+
+	if ( !empty($taxonomy) ) {
+		if ( $result = $wpdb->get_row( $wpdb->prepare("SELECT tt.term_id, tt.term_taxonomy_id FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy as tt ON tt.term_id = t.term_id WHERE $where AND tt.taxonomy = %s", $slug, $taxonomy), ARRAY_A) )
+			return $result;
+			
+		return $wpdb->get_row( $wpdb->prepare("SELECT tt.term_id, tt.term_taxonomy_id FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy as tt ON tt.term_id = t.term_id WHERE $else_where AND tt.taxonomy = %s", $term, $taxonomy), ARRAY_A);
+	}
+
+	if ( $result = $wpdb->get_var( $wpdb->prepare("SELECT term_id FROM $wpdb->terms as t WHERE $where", $slug) ) )
+		return $result;
+
+	return $wpdb->get_var( $wpdb->prepare("SELECT term_id FROM $wpdb->terms as t WHERE $else_where", $term) );
 }
 
 /**
@@ -1199,6 +1215,9 @@ function wp_insert_term( $term, $taxonomy, $args = array() ) {
 	if ( is_int($term) && 0 == $term )
 		return new WP_Error('invalid_term_id', __('Invalid term ID'));
 
+	if ( '' == trim($term) )
+		return new WP_Error('empty_term_name', __('A name is required for this term'));
+
 	$defaults = array( 'alias_of' => '', 'description' => '', 'parent' => 0, 'slug' => '');
 	$args = wp_parse_args($args, $defaults);
 	$args['name'] = $term;
@@ -1469,6 +1488,9 @@ function wp_update_term( $term, $taxonomy, $args = array() ) {
 	$name = stripslashes($name);
 	$description = stripslashes($description);
 
+	if ( '' == trim($name) )
+		return new WP_Error('empty_term_name', __('A name is required for this term'));
+
 	$empty_slug = false;
 	if ( empty($slug) ) {
 		$empty_slug = true;

wp-includes/theme.php

@@ -486,12 +486,17 @@ function preview_theme() {
 	if ( !current_user_can( 'switch_themes' ) )
 		return;
 
-	$_GET[template] = preg_replace('|[^a-z0-9_-]|i', '', $_GET[template]);
+	$_GET[template] = preg_replace('|[^a-z0-9_.-]|i', '', $_GET[template]);
+
+	if ( validate_file($_GET[template]) )
+		return;
 
 	add_filter('template', create_function('', "return '$_GET[template]';") );
 
 	if ( isset($_GET['stylesheet']) ) {
-		$_GET[stylesheet] = preg_replace('|[^a-z0-9_-]|i', '', $_GET[stylesheet]);
+		$_GET[stylesheet] = preg_replace('|[^a-z0-9_.-]|i', '', $_GET[stylesheet]);
+		if ( validate_file($_GET[stylesheet]) )
+			return;
 		add_filter('stylesheet', create_function('', "return '$_GET[stylesheet]';") );
 	}
 

wp-includes/update.php

@@ -90,22 +90,17 @@ function wp_update_plugins() {
 	if ( !function_exists('fsockopen') || defined('WP_INSTALLING') )
 		return false;
 
-	$current = get_option( 'update_plugins' );
-
-	$time_not_changed = isset( $current->last_checked ) && 43200 > ( time() - $current->last_checked );
-
 	// If running blog-side, bail unless we've not checked in the last 12 hours
-	if ( !function_exists( 'get_plugins' ) ) {
-		if ( $time_not_changed )
-			return false;
+	if ( !function_exists( 'get_plugins' ) )
 		require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
-	}
 
 	$plugins = get_plugins();
 	$active  = get_option( 'active_plugins' );
+	$current = get_option( 'update_plugins' );
 
 	$new_option = '';
 	$new_option->last_checked = time();
+	$time_not_changed = isset( $current->last_checked ) && 43200 > ( time() - $current->last_checked );
 
 	$plugin_changed = false;
 	foreach ( $plugins as $file => $p ) {
@@ -120,6 +115,12 @@ function wp_update_plugins() {
 			$plugin_changed = true;
 	}
 
+	foreach ( (array) $current->response as $plugin_file => $update_details ) {
+		if ( ! isset($plugins[ $plugin_file ]) ) {
+			$plugin_changed = true;
+		}
+	}
+
 	// Bail if we've checked in the last 12 hours and if nothing has changed
 	if ( $time_not_changed && !$plugin_changed )
 		return false;
@@ -154,9 +155,19 @@ function wp_update_plugins() {
 
 	update_option( 'update_plugins', $new_option );
 }
-if ( defined( 'WP_ADMIN' ) && WP_ADMIN )
-	add_action( 'admin_init', 'wp_update_plugins' );
-else
-	add_action( 'init', 'wp_update_plugins' );
 
-?>
+function _maybe_update_plugins() {
+	$current = get_option( 'update_plugins' );
+	if ( isset( $current->last_checked ) && 43200 > ( time() - $current->last_checked ) )
+		return;
+	wp_update_plugins();
+}
+
+add_action( 'load-plugins.php', 'wp_update_plugins' );
+add_action( 'admin_init', '_maybe_update_plugins' );
+add_action( 'wp_update_plugins', 'wp_update_plugins' );
+
+if ( !wp_next_scheduled('wp_update_plugins') )
+	wp_schedule_event(time(), 'twicedaily', 'wp_update_plugins');
+
+?>

wp-includes/vars.php

@@ -34,10 +34,12 @@ if ( is_admin() ) {
 }
 
 // Simple browser detection
-$is_lynx = $is_gecko = $is_winIE = $is_macIE = $is_opera = $is_NS4 = false;
+$is_lynx = $is_gecko = $is_winIE = $is_macIE = $is_opera = $is_NS4 = $is_safari = false;
 
 if (strpos($_SERVER['HTTP_USER_AGENT'], 'Lynx') !== false) {
 	$is_lynx = true;
+} elseif ( strpos(strtolower($_SERVER['HTTP_USER_AGENT']), 'webkit') !== false ) {
+	$is_safari = true;
 } elseif (strpos($_SERVER['HTTP_USER_AGENT'], 'Gecko') !== false) {
 	$is_gecko = true;
 } elseif (strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false && strpos($_SERVER['HTTP_USER_AGENT'], 'Win') !== false) {
@@ -66,4 +68,4 @@ $is_apache = ((strpos($_SERVER['SERVER_SOFTWARE'], 'Apache') !== false) || (strp
  */
 $is_IIS = (strpos($_SERVER['SERVER_SOFTWARE'], 'Microsoft-IIS') !== false) ? true : false;
 
-?>
+?>

wp-includes/version.php

@@ -8,13 +8,13 @@
  *
  * @global string $wp_version
  */
-$wp_version = '2.6';
+$wp_version = '2.6.3';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
  *
  * @global int $wp_db_version
  */
-$wp_db_version = 8201;
+$wp_db_version = 8204;
 
 ?>

wp-includes/widgets.php

@@ -57,7 +57,7 @@ function register_sidebar($args = array()) {
 		'after_title' => "</h2>\n",
 	);
 
-	$sidebar = array_merge($defaults, $args);
+	$sidebar = array_merge($defaults, (array) $args);
 
 	$wp_registered_sidebars[$sidebar['id']] = $sidebar;
 
@@ -1043,7 +1043,7 @@ function wp_widget_recent_comments_register() {
 function wp_widget_rss($args, $widget_args = 1) {
 	extract($args, EXTR_SKIP);
 	if ( is_numeric($widget_args) )
-		$widget_args = array( 'number' => $widegt_args );
+		$widget_args = array( 'number' => $widget_args );
 	$widget_args = wp_parse_args( $widget_args, array( 'number' => -1 ) );
 	extract($widget_args, EXTR_SKIP);
 
@@ -1125,18 +1125,11 @@ function wp_widget_rss_output( $rss, $args = array() ) {
 			if ( empty($title) )
 				$title = __('Untitled');
 			$desc = '';
-				if ( isset( $item['description'] ) && is_string( $item['description'] ) )
-					$desc = str_replace(array("\n", "\r"), ' ', attribute_escape(strip_tags(html_entity_decode($item['description'], ENT_QUOTES))));
-				elseif ( isset( $item['summary'] ) && is_string( $item['summary'] ) )
-					$desc = str_replace(array("\n", "\r"), ' ', attribute_escape(strip_tags(html_entity_decode($item['summary'], ENT_QUOTES))));
-
 			$summary = '';
 			if ( isset( $item['description'] ) && is_string( $item['description'] ) )
-				$summary = $item['description'];
+				$desc = $summary = str_replace(array("\n", "\r"), ' ', attribute_escape(strip_tags(html_entity_decode($item['description'], ENT_QUOTES))));
 			elseif ( isset( $item['summary'] ) && is_string( $item['summary'] ) )
-				$summary = $item['summary'];
-
-			$desc = str_replace(array("\n", "\r"), ' ', attribute_escape(strip_tags(html_entity_decode($summary, ENT_QUOTES))));
+				$desc = $summary = str_replace(array("\n", "\r"), ' ', attribute_escape(strip_tags(html_entity_decode($item['summary'], ENT_QUOTES))));
 
 			if ( $show_summary ) {
 				$desc = '';
@@ -1169,8 +1162,12 @@ function wp_widget_rss_output( $rss, $args = array() ) {
 					$author = ' <cite>' . wp_specialchars( strip_tags( $item['author_name'] ) ) . '</cite>';
 			}
 
-			echo "<li><a class='rsswidget' href='$link' title='$desc'>$title</a>{$date}{$summary}{$author}</li>";
-		}
+			if ( $link == '' ) {
+				echo "<li>$title{$date}{$summary}{$author}</li>"; 
+			} else {
+				echo "<li><a class='rsswidget' href='$link' title='$desc'>$title</a>{$date}{$summary}{$author}</li>"; 
+			}
+}
 		echo '</ul>';
 	} else {
 		echo '<ul><li>' . __( 'An error has occurred; the feed is probably down. Try again later.' ) . '</li></ul>';

wp-includes/wp-diff.php

@@ -1,9 +1,9 @@
 <?php
 
 if ( !class_exists( 'Text_Diff' ) ) {
-	require( 'Text/Diff.php' );
-	require( 'Text/Diff/Renderer.php' );
-	require( 'Text/Diff/Renderer/inline.php' );
+	require( dirname(__FILE__).'/Text/Diff.php' );
+	require( dirname(__FILE__).'/Text/Diff/Renderer.php' );
+	require( dirname(__FILE__).'/Text/Diff/Renderer/inline.php' );
 }
 
 

wp-login.php

@@ -129,6 +129,13 @@ function retrieve_password() {
 	do_action('retreive_password', $user_login);  // Misspelled and deprecated
 	do_action('retrieve_password', $user_login);
 
+	$allow = apply_filters('allow_password_reset', true, $user_data->ID);
+
+	if ( ! $allow )
+		return new WP_Error('no_password_reset', __('Password reset is not allowed for this user'));
+	else if ( is_wp_error($allow) )
+		return $allow;
+		
 	$key = $wpdb->get_var($wpdb->prepare("SELECT user_activation_key FROM $wpdb->users WHERE user_login = %s", $user_login));
 	if ( empty($key) ) {
 		// Generate something random for a key...
@@ -417,6 +424,8 @@ default:
 
 	$user = wp_signon('', $secure_cookie);
 
+	$redirect_to = apply_filters('login_redirect', $redirect_to, isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '', $user);
+
 	if ( !is_wp_error($user) ) {
 		// If the user can't edit posts, send them to their profile.
 		if ( !$user->has_cap('edit_posts') && ( empty( $redirect_to ) || $redirect_to == 'wp-admin/' ) )

wp-settings.php

@@ -68,6 +68,10 @@ if ( empty( $_SERVER['REQUEST_URI'] ) ) {
 	}
 	else
 	{
+		// Use ORIG_PATH_INFO if there is no PATH_INFO
+		if ( !isset($_SERVER['PATH_INFO']) && isset($_SERVER['ORIG_PATH_INFO']) )
+			$_SERVER['PATH_INFO'] = $_SERVER['ORIG_PATH_INFO'];
+
 		// Some IIS + PHP configurations puts the script-name in the path-info (No need to append it twice)
 		if ( isset($_SERVER['PATH_INFO']) ) {
 			if ( $_SERVER['PATH_INFO'] == $_SERVER['SCRIPT_NAME'] )
@@ -97,7 +101,7 @@ if ( empty($PHP_SELF) )
 	$_SERVER['PHP_SELF'] = $PHP_SELF = preg_replace("/(\?.*)?$/",'',$_SERVER["REQUEST_URI"]);
 
 if ( version_compare( '4.3', phpversion(), '>' ) ) {
-	die( sprintf( /*WP_I18N_OLD_PHP*/'Your server is running PHP version %s but WordPress requires at least 4.3.'/*/WP_I18N_OLD_PHP*/, php_version() ) );
+	die( sprintf( /*WP_I18N_OLD_PHP*/'Your server is running PHP version %s but WordPress requires at least 4.3.'/*/WP_I18N_OLD_PHP*/, phpversion() ) );
 }
 
 if ( !defined('WP_CONTENT_DIR') )
@@ -417,7 +421,7 @@ if ( get_option('active_plugins') ) {
 	$current_plugins = get_option('active_plugins');
 	if ( is_array($current_plugins) ) {
 		foreach ($current_plugins as $plugin) {
-			if ('' != $plugin && file_exists(WP_PLUGIN_DIR . '/' . $plugin))
+			if ( '' != $plugin && 0 == validate_file($plugin) && file_exists(WP_PLUGIN_DIR . '/' . $plugin) )
 				include_once(WP_PLUGIN_DIR . '/' . $plugin);
 		}
 	}

xmlrpc.php

@@ -39,11 +39,11 @@ header('Content-Type: text/xml; charset=' . get_option('blog_charset'), true);
     <engineLink>http://wordpress.org/</engineLink>
     <homePageLink><?php bloginfo_rss('url') ?></homePageLink>
     <apis>
-      <api name="WordPress" blogID="1" preferred="true" apiLink="<?php bloginfo_rss('wpurl') ?>/xmlrpc.php" />
-      <api name="Movable Type" blogID="1" preferred="false" apiLink="<?php bloginfo_rss('wpurl') ?>/xmlrpc.php" />
-      <api name="MetaWeblog" blogID="1" preferred="false" apiLink="<?php bloginfo_rss('wpurl') ?>/xmlrpc.php" />
-      <api name="Blogger" blogID="1" preferred="false" apiLink="<?php bloginfo_rss('wpurl') ?>/xmlrpc.php" />
-      <api name="Atom" blogID="" preferred="false" apiLink="<?php echo apply_filters('atom_service_url', (get_bloginfo('url')."/wp-app.php/service"))?>" />
+      <api name="WordPress" blogID="1" preferred="true" apiLink="<?php echo site_url('xmlrpc.php') ?>" />
+      <api name="Movable Type" blogID="1" preferred="false" apiLink="<?php echo site_url('xmlrpc.php') ?>" />
+      <api name="MetaWeblog" blogID="1" preferred="false" apiLink="<?php echo site_url('xmlrpc.php') ?>" />
+      <api name="Blogger" blogID="1" preferred="false" apiLink="<?php echo site_url('xmlrpc.php') ?>" />
+      <api name="Atom" blogID="" preferred="false" apiLink="<?php echo apply_filters('atom_service_url', site_url('wp-app.php/service') ) ?>" />
     </apis>
   </service>
 </rsd>