3.1.4

git-svn-id: http://svn.automattic.com/wordpress/tags/3.1.4@18378 1a063a9b-81f0-0310-95a4-ce76da25c4cd

license.txt

@@ -279,3 +279,10 @@ POSSIBILITY OF SUCH DAMAGES.
 
 		     END OF TERMS AND CONDITIONS
 
+
+WRITTEN OFFER
+
+The source code for any program binaries or compressed scripts that are
+included with WordPress can be freely obtained at the following URL:
+
+	http://wordpress.org/download/source/

readme.html

@@ -8,7 +8,7 @@
 <body>
 <h1 id="logo">
 	<a href="http://wordpress.org/"><img alt="WordPress" src="wp-admin/images/wordpress-logo.png" width="250" height="68" /></a>
-	<br /> Version 3.1
+	<br /> Version 3.1.4
 </h1>
 <p style="text-align: center">Semantic Personal Publishing Platform</p>
 

wp-admin/admin-ajax.php

@@ -396,7 +396,7 @@ case 'delete-meta' :
 	if ( !$meta = get_post_meta_by_id( $id ) )
 		die('1');
 
-	if ( !current_user_can( 'edit_post', $meta->post_id ) )
+	if ( !current_user_can( 'edit_post', $meta->post_id ) || is_protected_meta( $meta->meta_key ) )
 		die('-1');
 	if ( delete_meta( $meta->meta_id ) )
 		die('1');
@@ -855,6 +855,8 @@ case 'add-meta' :
 			die('0'); // if meta doesn't exist
 		if ( !current_user_can( 'edit_post', $meta->post_id ) )
 			die('-1');
+		if ( is_protected_meta( $meta->meta_key ) )
+			die('-1');
 		if ( $meta->meta_value != stripslashes($value) || $meta->meta_key != stripslashes($key) ) {
 			if ( !$u = update_meta( $mid, $key, $value ) )
 				die('0'); // We know meta exists; we also know it's unchanged (or DB error, in which case there are bigger problems).

wp-admin/async-upload.php

@@ -30,6 +30,13 @@ if ( !current_user_can('upload_files') )
 
 // just fetch the detail form for that attachment
 if ( isset($_REQUEST['attachment_id']) && ($id = intval($_REQUEST['attachment_id'])) && $_REQUEST['fetch'] ) {
+	$post = get_post( $id );
+	if ( 'attachment' != $post->post_type )
+		wp_die( __( 'Unknown post type.' ) );
+	$post_type_object = get_post_type_object( 'attachment' );
+	if ( ! current_user_can( $post_type_object->cap->edit_post, $id ) )
+		wp_die( __( 'You are not allowed to edit this item.' ) );
+
 	if ( 2 == $_REQUEST['fetch'] ) {
 		add_filter('attachment_fields_to_edit', 'media_single_attachment_fields_to_edit', 10, 2);
 		echo get_media_item($id, array( 'send' => false, 'delete' => true ));

wp-admin/css/wp-admin.dev.css

@@ -1620,7 +1620,7 @@ tr.inline-edit-row td {
 }
 
 #wpbody-content .inline-edit-row-page .inline-edit-col-right,
-#owpbody-content .bulk-edit-row-post .inline-edit-col-right {
+#wpbody-content .bulk-edit-row-post .inline-edit-col-right {
 	margin-top: 27px;
 }
 
@@ -3575,9 +3575,9 @@ span.imgedit-scale-warn {
   16.0 - Themes
 ------------------------------------------------------------------------------*/
 
-.theme-install-php .tablenav { 
-	height:auto; 
-} 
+.theme-install-php .tablenav {
+	height:auto;
+}
 
 table#availablethemes {
 	border-spacing: 0;
@@ -3587,10 +3587,10 @@ table#availablethemes {
 	width: 100%;
 }
 
-table#availablethemes .no-items td{ 
-	border-width:0; 
-	padding:5px; 
-} 
+table#availablethemes .no-items td{
+	border-width:0;
+	padding:5px;
+}
 
 td.available-theme {
 	vertical-align: top;
@@ -3784,8 +3784,6 @@ h2 .nav-tab {
   17.0 - Plugins
 ------------------------------------------------------------------------------*/
 
-.plugins #description {width: 60%}
-
 .plugins .name,
 #pass-strength-result.strong,
 #pass-strength-result.short,
@@ -3839,8 +3837,9 @@ input.button-highlighted,
 	padding: 5px 7px 0;
 }
 
-#wpbody-content .plugins .plugin-title {
+#wpbody-content .plugins .plugin-title, #wpbody-content .plugins .theme-title {
 	padding-right: 12px;
+	white-space:nowrap;
 }
 
 .plugins .second, .plugins .row-actions-visible {

wp-admin/custom-background.php

@@ -337,7 +337,8 @@ if ( get_background_image() ) {
 			'post_title' => $filename,
 			'post_content' => $url,
 			'post_mime_type' => $type,
-			'guid' => $url
+			'guid' => $url,
+			'context' => 'custom-background'
 		);
 
 		// Save the data

wp-admin/custom-header.php

@@ -595,7 +595,9 @@ wp_nonce_field( 'custom-header-options', '_wpnonce-custom-header-options' ); ?>
 		'post_title' => $filename,
 		'post_content' => $url,
 		'post_mime_type' => $type,
-		'guid' => $url);
+		'guid' => $url,
+		'context' => 'custom-header'
+		);
 
 		// Save the data
 		$id = wp_insert_attachment($object, $file);
@@ -687,7 +689,8 @@ wp_nonce_field( 'custom-header-options', '_wpnonce-custom-header-options' ); ?>
 			'post_title' => basename($cropped),
 			'post_content' => $url,
 			'post_mime_type' => 'image/jpeg',
-			'guid' => $url
+			'guid' => $url,
+			'context' => 'custom-header'
 		);
 
 		// Update the attachment

wp-admin/edit-form-advanced.php

@@ -109,7 +109,7 @@ require_once('./includes/meta-boxes.php');
 add_meta_box('submitdiv', __('Publish'), 'post_submit_meta_box', $post_type, 'side', 'core');
 
 if ( current_theme_supports( 'post-formats' ) && post_type_supports( $post_type, 'post-formats' ) )
-	add_meta_box( 'formatdiv', __('Format'), 'post_format_meta_box', $post_type, 'side', 'core' );
+	add_meta_box( 'formatdiv', _x( 'Format', 'post format' ), 'post_format_meta_box', $post_type, 'side', 'core' );
 
 // all taxonomies
 foreach ( get_object_taxonomies($post_type) as $tax_name ) {
@@ -210,7 +210,7 @@ require_once('./admin-header.php');
 <?php endif; ?>
 <form name="post" action="post.php" method="post" id="post"<?php do_action('post_edit_form_tag'); ?>>
 <?php wp_nonce_field($nonce_action); ?>
-<input type="hidden" id="parent_id" name="parent_id" value="<?php echo esc_attr( $post->post_parent ); ?>" />
+<input type="hidden" name="parent_id" value="<?php echo esc_attr( $post->post_parent ); ?>" />
 <input type="hidden" id="user-id" name="user_ID" value="<?php echo (int) $user_ID ?>" />
 <input type="hidden" id="hiddenaction" name="action" value="<?php echo esc_attr( $form_action ) ?>" />
 <input type="hidden" id="originalaction" name="originalaction" value="<?php echo esc_attr( $form_action ) ?>" />

wp-admin/edit-tags.php

@@ -154,7 +154,7 @@ if ( ! empty($_REQUEST['_wp_http_referer']) ) {
 
 	if ( ! empty( $_REQUEST['paged'] ) )
 		$location = add_query_arg( 'paged', (int) $_REQUEST['paged'] );
-	
+
 	wp_redirect( $location );
 	exit;
 }

wp-admin/includes/class-wp-comments-list-table.php

@@ -48,7 +48,6 @@ class WP_Comments_List_Table extends WP_List_Table {
 			$comment_status = 'all';
 
 		$comment_type = !empty( $_REQUEST['comment_type'] ) ? $_REQUEST['comment_type'] : '';
-		error_log( var_export( $comment_type, true ) );
 
 		$search = ( isset( $_REQUEST['s'] ) ) ? $_REQUEST['s'] : '';
 

wp-admin/includes/class-wp-list-table.php

@@ -198,7 +198,7 @@ class WP_List_Table {
 
 		if ( ! empty( $_REQUEST['orderby'] ) )
 			echo '<input type="hidden" name="orderby" value="' . esc_attr( $_REQUEST['orderby'] ) . '" />';
-		if ( ! empty( $_REQUEST['order'] ) ) 
+		if ( ! empty( $_REQUEST['order'] ) )
 			echo '<input type="hidden" name="order" value="' . esc_attr( $_REQUEST['order'] ) . '" />';
 ?>
 <p class="search-box">
@@ -420,13 +420,7 @@ class WP_List_Table {
 		if ( $pending_comments )
 			echo '<strong>';
 
-		$link = "<a href='" . add_query_arg( 'p', $post_id, admin_url('edit-comments.php') ) . "' title='$pending_phrase' class='post-com-count'><span class='comment-count'>%s</span></a>";
-
-		comments_number(
-			sprintf( $link, /* translators: comment count link */ _x( '0', 'comment count' ) ),
-			sprintf( $link, /* translators: comment count link */ _x( '1', 'comment count' ) ),
-			sprintf( $link, /* translators: comment count link: % will be substituted by comment count */ _x( '%', 'comment count' ) )
-		);
+		echo "<a href='" . esc_url( add_query_arg( 'p', $post_id, admin_url( 'edit-comments.php' ) ) ) . "' title='" . esc_attr( $pending_phrase ) . "' class='post-com-count'><span class='comment-count'>" . number_format_i18n( get_comments_number() ) . "</span></a>";
 
 		if ( $pending_comments )
 			echo '</strong>';
@@ -482,7 +476,7 @@ class WP_List_Table {
 		$current = $this->get_pagenum();
 
 		$current_url = ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
-		
+
 		$current_url = remove_query_arg( array( 'hotkeys_highlight_last', 'hotkeys_highlight_first' ), $current_url );
 
 		$page_links = array();

wp-admin/includes/class-wp-ms-sites-list-table.php

@@ -72,7 +72,7 @@ class WP_MS_Sites_List_Table extends WP_List_Table {
 				$query .= " AND ( {$wpdb->blogs}.domain LIKE '$blog_s' ) ";
 			} else {
 				if ( $like_s != trim('/', $current_site->path) )
-					$blog_s = $current_site->path .= $like_s . $wild . '/';
+					$blog_s = $current_site->path . $like_s . $wild . '/';
 				else
 					$blog_s = $like_s;
 				$query .= " AND  ( {$wpdb->blogs}.path LIKE '$blog_s' )";

wp-admin/includes/class-wp-ms-themes-list-table.php

@@ -38,7 +38,7 @@ class WP_MS_Themes_List_Table extends WP_List_Table {
 	}
 
 	function get_table_classes() {
-		return array( 'widefat', 'fixed', 'plugins' );	// todo: remove and add CSS for .themes
+		return array( 'widefat', 'plugins' );	// todo: remove and add CSS for .themes
 	}
 
 	function ajax_user_can() {

wp-admin/includes/class-wp-plugin-install-list-table.php

@@ -152,7 +152,7 @@ class WP_Plugin_Install_List_Table extends WP_List_Table {
 			'code' => array(), 'pre' => array(), 'em' => array(),'strong' => array(),
 			'ul' => array(), 'ol' => array(), 'li' => array(), 'p' => array(), 'br' => array()
 		);
-		
+
 		list( $columns, $hidden ) = $this->get_column_info();
 
 		$style = array();

wp-admin/includes/class-wp-plugins-list-table.php

@@ -27,6 +27,10 @@ class WP_Plugins_List_Table extends WP_List_Table {
 			'plural' => 'plugins',
 		) );
 	}
+	
+	function get_table_classes() {
+		return array( 'widefat', $this->_args['plural'] );
+	}
 
 	function ajax_user_can() {
 		if ( is_multisite() ) {
@@ -191,13 +195,6 @@ class WP_Plugins_List_Table extends WP_List_Table {
 		return array();
 	}
 
-	function display_tablenav( $which ) {
-		global $status;
-
-		if ( !in_array( $status, array( 'mustuse', 'dropins' ) ) )
-			parent::display_tablenav( $which );
-	}
-
 	function get_views() {
 		global $totals, $status;
 
@@ -282,11 +279,19 @@ class WP_Plugins_List_Table extends WP_List_Table {
 	function extra_tablenav( $which ) {
 		global $status;
 
-		if ( 'recently_activated' == $status ) { ?>
-			<div class="alignleft actions">
-				<?php submit_button( __( 'Clear List' ), 'secondary', 'clear-recent-list', false ); ?>
-			</div>
-		<?php }
+		if ( ! in_array($status, array('recently_activated', 'mustuse', 'dropins') ) )
+			return;
+
+		echo '<div class="alignleft actions">';
+
+		if ( 'recently_activated' == $status )
+			submit_button( __( 'Clear List' ), 'secondary', 'clear-recent-list', false );
+		elseif ( 'top' == $which && 'mustuse' == $status )
+			echo '<p>' . __( 'Files in the <code>/wp-content/mu-plugins</code> directory are executed automatically.' ) . '</p>';
+		elseif ( 'top' == $which && 'dropins' == $status )
+			echo '<p>' . __( 'Drop-ins are advanced plugins in the <code>/wp-content</code> directory that replace WordPress functionality when present.' ) . '</p>';
+
+		echo '</div>';
 	}
 
 	function current_action() {

wp-admin/includes/class-wp-posts-list-table.php

@@ -310,6 +310,8 @@ class WP_Posts_List_Table extends WP_List_Table {
 		if ( empty( $posts ) )
 			$posts = $wp_query->posts;
 
+		add_filter( 'the_title', 'esc_html' );
+
 		if ( $this->hierarchical_display ) {
 			$this->_display_rows_hierarchical( $posts, $this->get_pagenum(), $per_page );
 		} else {
@@ -320,8 +322,6 @@ class WP_Posts_List_Table extends WP_List_Table {
 	function _display_rows( $posts ) {
 		global $post, $mode;
 
-		add_filter( 'the_title', 'esc_html' );
-
 		// Create array of post IDs.
 		$post_ids = array();
 
@@ -522,7 +522,6 @@ class WP_Posts_List_Table extends WP_List_Table {
 						}
 					}
 
-					$post->post_title = esc_html( $post->post_title );
 					$pad = str_repeat( '— ', $level );
 ?>
 			<td <?php echo $attributes ?>><strong><?php if ( $can_edit_post && $post->post_status != 'trash' ) { ?><a class="row-title" href="<?php echo $edit_link; ?>" title="<?php echo esc_attr( sprintf( __( 'Edit &#8220;%s&#8221;' ), $title ) ); ?>"><?php echo $pad; echo $title ?></a><?php } else { echo $pad; echo $title; }; _post_states( $post ); echo isset( $parent_name ) ? ' | ' . $post_type_object->labels->parent_item_colon . ' ' . esc_html( $parent_name ) : ''; ?></strong>

wp-admin/includes/class-wp-themes-list-table.php

@@ -66,7 +66,7 @@ class WP_Themes_List_Table extends WP_List_Table {
 			_e( 'No items found.' );
 			return;
 		}
-		
+
 		if ( is_multisite() ) {
 			if ( current_user_can( 'install_themes' ) && current_user_can( 'manage_network_themes' ) ) {
 				printf( __( 'You only have one theme enabled for this site right now. Visit the Network Admin to <a href="%1$s">enable</a> or <a href="%2$s">install</a> more themes.' ), network_admin_url( 'site-themes.php?id=' . $GLOBALS['blog_id'] ), network_admin_url( 'theme-install.php' ) );
@@ -88,23 +88,23 @@ class WP_Themes_List_Table extends WP_List_Table {
 		// Fallthrough.
 		printf( __( 'Only the current theme is available to you. Contact the %s administrator for information about accessing additional themes.' ), get_site_option( 'site_name' ) );
 	}
-	
-	function tablenav( $which = 'top' ) { 
+
+	function tablenav( $which = 'top' ) {
 		if ( $this->get_pagination_arg( 'total_pages' ) <= 1 )
 			return;
-		?> 
-		<div class="tablenav <?php echo $which; ?>"> 
-			<?php $this->pagination( $which ); ?> 
-		   <img src="<?php echo esc_url( admin_url( 'images/wpspin_light.gif' ) ); ?>" class="ajax-loading list-ajax-loading" alt="" /> 
-		  <br class="clear" /> 
-		</div> 
-		<?php 
+		?>
+		<div class="tablenav <?php echo $which; ?>">
+			<?php $this->pagination( $which ); ?>
+		   <img src="<?php echo esc_url( admin_url( 'images/wpspin_light.gif' ) ); ?>" class="ajax-loading list-ajax-loading" alt="" />
+		  <br class="clear" />
+		</div>
+		<?php
 	}
 
 	function display() {
 		// wp_nonce_field( "fetch-list-" . get_class( $this ), '_ajax_fetch_list_nonce' );
 ?>
-		<?php $this->tablenav( 'top' ); ?> 
+		<?php $this->tablenav( 'top' ); ?>
 
 		<table id="availablethemes" cellspacing="0" cellpadding="0">
 			<tbody id="the-list" class="list:themes">
@@ -112,7 +112,7 @@ class WP_Themes_List_Table extends WP_List_Table {
 			</tbody>
 		</table>
 
-		<?php $this->tablenav( 'bottom' ); ?> 
+		<?php $this->tablenav( 'bottom' ); ?>
 <?php
 	}
 

wp-admin/includes/class-wp-upgrader.php

@@ -1349,7 +1349,7 @@ class Theme_Installer_Skin extends WP_Upgrader_Skin {
 		$stylesheet = $this->upgrader->result['destination_name'];
 		$template = !empty($theme_info['Template']) ? $theme_info['Template'] : $stylesheet;
 
-		$preview_link = htmlspecialchars( add_query_arg( array('preview' => 1, 'template' => $template, 'stylesheet' => $stylesheet, 'TB_iframe' => 'true' ), trailingslashit(esc_url(get_option('home'))) ) );
+		$preview_link = htmlspecialchars( add_query_arg( array('preview' => 1, 'template' => $template, 'stylesheet' => $stylesheet, 'preview_iframe' => 1, 'TB_iframe' => 'true' ), trailingslashit(esc_url(get_option('home'))) ) );
 		$activate_link = wp_nonce_url("themes.php?action=activate&template=" . urlencode($template) . "&stylesheet=" . urlencode($stylesheet), 'switch-theme_' . $template);
 
 		$install_actions = array(

wp-admin/includes/class-wp-users-list-table.php

@@ -121,10 +121,13 @@ class WP_Users_List_Table extends WP_List_Table {
 	function get_bulk_actions() {
 		$actions = array();
 
-		if ( !is_multisite() && current_user_can( 'delete_users' ) )
-			$actions['delete'] = __( 'Delete' );
-		else
-			$actions['remove'] = __( 'Remove' );
+		if ( is_multisite() ) {
+			if ( current_user_can( 'remove_users' ) )
+				$actions['remove'] = __( 'Remove' );
+		} else {
+			if ( current_user_can( 'delete_users' ) )
+				$actions['delete'] = __( 'Delete' );
+		}
 
 		return $actions;
 	}
@@ -132,6 +135,8 @@ class WP_Users_List_Table extends WP_List_Table {
 	function extra_tablenav( $which ) {
 		if ( 'top' != $which )
 			return;
+		if ( ! current_user_can( 'promote_users' ) )
+			return;
 ?>
 	<div class="alignleft actions">
 		<label class="screen-reader-text" for="new_role"><?php _e( 'Change role to&hellip;' ) ?></label>

wp-admin/includes/dashboard.php

@@ -609,7 +609,7 @@ function wp_dashboard_recent_comments() {
 	$total_items = isset( $widgets['dashboard_recent_comments'] ) && isset( $widgets['dashboard_recent_comments']['items'] )
 		? absint( $widgets['dashboard_recent_comments']['items'] ) : 5;
 
-	while ( count( $comments ) < 5 && $possible = $wpdb->get_results( "SELECT * FROM $wpdb->comments c LEFT JOIN $wpdb->posts p ON c.comment_post_ID = p.ID WHERE p.post_status != 'trash' ORDER BY c.comment_date_gmt DESC LIMIT $start, 50" ) ) {
+	while ( count( $comments ) < $total_items && $possible = $wpdb->get_results( "SELECT * FROM $wpdb->comments c LEFT JOIN $wpdb->posts p ON c.comment_post_ID = p.ID WHERE p.post_status != 'trash' ORDER BY c.comment_date_gmt DESC LIMIT $start, 50" ) ) {
 
 		foreach ( $possible as $comment ) {
 			if ( count( $comments ) >= $total_items )

wp-admin/includes/deprecated.php

@@ -454,7 +454,7 @@ class WP_User_Search {
 	function WP_User_Search ($search_term = '', $page = '', $role = '') {
 		_deprecated_function( __FUNCTION__, '3.1', 'WP_User_Query' );
 
-		$this->search_term = $search_term;
+		$this->search_term = stripslashes( $search_term );
 		$this->raw_page = ( '' == $page ) ? false : (int) $page;
 		$this->page = (int) ( '' == $page ) ? 1 : $page;
 		$this->role = $role;
@@ -485,7 +485,7 @@ class WP_User_Search {
 			$searches = array();
 			$search_sql = 'AND (';
 			foreach ( array('user_login', 'user_nicename', 'user_email', 'user_url', 'display_name') as $col )
-				$searches[] = $col . " LIKE '%$this->search_term%'";
+				$searches[] = $wpdb->prepare( $col . ' LIKE %s', '%' . like_escape($this->search_term) . '%' );
 			$search_sql .= implode(' OR ', $searches);
 			$search_sql .= ')';
 		}

wp-admin/includes/export.php

@@ -241,6 +241,8 @@ function export_wp( $args = array() ) {
 		foreach ( (array) $results as $result )
 			$authors[] = get_userdata( $result->post_author );
 
+		$authors = array_filter( $authors );
+
 		foreach( $authors as $author ) {
 			echo "\t<wp:author>";
 			echo '<wp:author_id>' . $author->ID . '</wp:author_id>';

wp-admin/includes/import.php

@@ -80,12 +80,17 @@ function wp_import_handle_upload() {
 	$object = array( 'post_title' => $filename,
 		'post_content' => $url,
 		'post_mime_type' => $type,
-		'guid' => $url
+		'guid' => $url,
+		'context' => 'import',
+		'post_status' => 'private'
 	);
 
 	// Save the data
 	$id = wp_insert_attachment( $object, $file );
 
+	// schedule a cleanup for one day from now in case of failed import or missing wp_import_cleanup() call
+	wp_schedule_single_event( time() + 86400, 'importer_scheduled_cleanup', array( $id ) );
+
 	return array( 'file' => $file, 'id' => $id );
 }
 

wp-admin/includes/media.php

@@ -228,6 +228,10 @@ function media_handle_upload($file_id, $post_id, $post_data = array(), $override
 		'post_content' => $content,
 	), $post_data );
 
+	// This should never be set as it would then overwrite an existing attachment.
+	if ( isset( $attachment['ID'] ) )
+		unset( $attachment['ID'] );
+
 	// Save the data
 	$id = wp_insert_attachment($attachment, $file, $post_id);
 	if ( !is_wp_error($id) ) {
@@ -281,6 +285,10 @@ function media_handle_sideload($file_array, $post_id, $desc = null, $post_data =
 		'post_content' => $content,
 	), $post_data );
 
+	// This should never be set as it would then overwrite an existing attachment.
+	if ( isset( $attachment['ID'] ) )
+		unset( $attachment['ID'] );
+
 	// Save the attachment metadata
 	$id = wp_insert_attachment($attachment, $file, $post_id);
 	if ( !is_wp_error($id) )
@@ -419,6 +427,11 @@ function media_upload_form_handler() {
 
 	if ( !empty($_POST['attachments']) ) foreach ( $_POST['attachments'] as $attachment_id => $attachment ) {
 		$post = $_post = get_post($attachment_id, ARRAY_A);
+		$post_type_object = get_post_type_object( $post[ 'post_type' ] );
+
+		if ( !current_user_can( $post_type_object->cap->edit_post, $attachment_id ) )
+			continue;
+
 		if ( isset($attachment['post_content']) )
 			$post['post_content'] = $attachment['post_content'];
 		if ( isset($attachment['post_title']) )
@@ -499,6 +512,7 @@ function media_upload_image() {
 	$id = 0;
 
 	if ( isset($_POST['html-upload']) && !empty($_FILES) ) {
+		check_admin_referer('media-form');
 		// Upload File button was clicked
 		$id = media_handle_upload('async-upload', $_REQUEST['post_id']);
 		unset($_FILES);
@@ -604,6 +618,7 @@ function media_upload_audio() {
 	$id = 0;
 
 	if ( isset($_POST['html-upload']) && !empty($_FILES) ) {
+		check_admin_referer('media-form');
 		// Upload File button was clicked
 		$id = media_handle_upload('async-upload', $_REQUEST['post_id']);
 		unset($_FILES);
@@ -662,6 +677,7 @@ function media_upload_video() {
 	$id = 0;
 
 	if ( isset($_POST['html-upload']) && !empty($_FILES) ) {
+		check_admin_referer('media-form');
 		// Upload File button was clicked
 		$id = media_handle_upload('async-upload', $_REQUEST['post_id']);
 		unset($_FILES);
@@ -720,6 +736,7 @@ function media_upload_file() {
 	$id = 0;
 
 	if ( isset($_POST['html-upload']) && !empty($_FILES) ) {
+		check_admin_referer('media-form');
 		// Upload File button was clicked
 		$id = media_handle_upload('async-upload', $_REQUEST['post_id']);
 		unset($_FILES);
@@ -1188,7 +1205,7 @@ function get_media_item( $attachment_id, $args = null ) {
 	$toggle_on  = __( 'Show' );
 	$toggle_off = __( 'Hide' );
 
-	$filename = basename( $post->guid );
+	$filename = esc_html( basename( $post->guid ) );
 	$title = esc_attr( $post->post_title );
 
 	if ( $_tags = get_the_tags( $attachment_id ) ) {

wp-admin/includes/post.php

@@ -135,7 +135,13 @@ function edit_post( $post_data = null ) {
 	if ( empty($post_data) )
 		$post_data = &$_POST;
 
+	// Clear out any data in internal vars.
+	unset( $post_data['filter'] );
+
 	$post_ID = (int) $post_data['post_ID'];
+	$post = get_post( $post_ID );
+	$post_data['post_type'] = $post->post_type;
+	$post_data['post_mime_type'] = $post->post_mime_type;
 
 	$ptype = get_post_type_object($post_data['post_type']);
 	if ( !current_user_can( $ptype->cap->edit_post, $post_ID ) ) {
@@ -197,6 +203,8 @@ function edit_post( $post_data = null ) {
 				continue;
 			if ( $meta->post_id != $post_ID )
 				continue;
+			if ( is_protected_meta( $value['key'] ) )
+				continue;
 			update_meta( $key, $value['key'], $value['value'] );
 		}
 	}
@@ -207,6 +215,8 @@ function edit_post( $post_data = null ) {
 				continue;
 			if ( $meta->post_id != $post_ID )
 				continue;
+			if ( is_protected_meta( $meta->meta_key ) )
+				continue;
 			delete_meta( $key );
 		}
 	}
@@ -334,7 +344,8 @@ function bulk_edit_posts( $post_data = null ) {
 			continue;
 		}
 
-		$tax_names = get_object_taxonomies( get_post($post_ID) );
+		$post = get_post( $post_ID );
+		$tax_names = get_object_taxonomies( $post );
 		foreach ( $tax_names as $tax_name ) {
 			$taxonomy_obj = get_taxonomy($tax_name);
 			if (  isset( $tax_input[$tax_name]) && current_user_can( $taxonomy_obj->cap->assign_terms ) )
@@ -356,6 +367,9 @@ function bulk_edit_posts( $post_data = null ) {
 			unset( $post_data['tax_input']['category'] );
 		}
 
+		$post_data['post_mime_type'] = $post->post_mime_type;
+		$post_data['guid'] = $post->guid;
+
 		$post_data['ID'] = $post_ID;
 		$updated[] = wp_update_post( $post_data );
 
@@ -525,6 +539,11 @@ function wp_write_post() {
 			return new WP_Error( 'edit_posts', __( 'You are not allowed to create posts or drafts on this site.' ) );
 	}
 
+	$_POST['post_mime_type'] = '';
+
+	// Clear out any data in internal vars.
+	unset( $_POST['filter'] );
+
 	// Check for autosave collisions
 	// Does this need to be updated? ~ Mark
 	$temp_id = false;
@@ -544,6 +563,15 @@ function wp_write_post() {
 		}
 	}
 
+	// Edit don't write if we have a post id.
+	if ( isset( $_POST['ID'] ) ) {
+		$_POST['post_ID'] = $_POST['ID'];
+		unset ( $_POST['ID'] );
+	}
+	if ( isset( $_POST['post_ID'] ) ) {
+		return edit_post();
+	}
+
 	$translated = _wp_translate_postdata( false );
 	if ( is_wp_error($translated) )
 		return $translated;
@@ -630,8 +658,6 @@ function add_meta( $post_ID ) {
 	global $wpdb;
 	$post_ID = (int) $post_ID;
 
-	$protected = array( '_wp_attached_file', '_wp_attachment_metadata', '_wp_old_slug', '_wp_page_template' );
-
 	$metakeyselect = isset($_POST['metakeyselect']) ? stripslashes( trim( $_POST['metakeyselect'] ) ) : '';
 	$metakeyinput = isset($_POST['metakeyinput']) ? stripslashes( trim( $_POST['metakeyinput'] ) ) : '';
 	$metavalue = isset($_POST['metavalue']) ? maybe_serialize( stripslashes_deep( $_POST['metavalue'] ) ) : '';
@@ -648,7 +674,7 @@ function add_meta( $post_ID ) {
 		if ( $metakeyinput)
 			$metakey = $metakeyinput; // default
 
-		if ( in_array($metakey, $protected) )
+		if ( is_protected_meta( $metakey ) )
 			return false;
 
 		wp_cache_delete($post_ID, 'post_meta');
@@ -754,11 +780,9 @@ function has_meta( $postid ) {
 function update_meta( $meta_id, $meta_key, $meta_value ) {
 	global $wpdb;
 
-	$protected = array( '_wp_attached_file', '_wp_attachment_metadata', '_wp_old_slug', '_wp_page_template' );
-
 	$meta_key = stripslashes($meta_key);
 
-	if ( in_array($meta_key, $protected) )
+	if ( is_protected_meta( $meta_key ) )
 		return false;
 
 	if ( '' === trim( $meta_value ) )
@@ -991,7 +1015,12 @@ function wp_edit_attachments_query( $q = false ) {
 	$q['m']   = isset( $q['m'] ) ? (int) $q['m'] : 0;
 	$q['cat'] = isset( $q['cat'] ) ? (int) $q['cat'] : 0;
 	$q['post_type'] = 'attachment';
-	$q['post_status'] = isset( $q['status'] ) && 'trash' == $q['status'] ? 'trash' : 'inherit';
+	$post_type = get_post_type_object( 'attachment' );
+	$states = 'inherit';
+	if ( current_user_can( $post_type->cap->read_private_posts ) )
+		$states .= ',private';
+
+	$q['post_status'] = isset( $q['status'] ) && 'trash' == $q['status'] ? 'trash' : $states;
 	$media_per_page = (int) get_user_option( 'upload_per_page' );
 	if ( empty( $media_per_page ) || $media_per_page < 1 )
 		$media_per_page = 20;

wp-admin/includes/template.php

@@ -270,16 +270,16 @@ function get_inline_data($post) {
 	if ( ! current_user_can($post_type_object->cap->edit_post, $post->ID) )
 		return;
 
-	$title = esc_attr( trim( $post->post_title ) );
+	$title = esc_textarea( trim( $post->post_title ) );
 
 	echo '
 <div class="hidden" id="inline_' . $post->ID . '">
 	<div class="post_title">' . $title . '</div>
 	<div class="post_name">' . apply_filters('editable_slug', $post->post_name) . '</div>
 	<div class="post_author">' . $post->post_author . '</div>
-	<div class="comment_status">' . $post->comment_status . '</div>
-	<div class="ping_status">' . $post->ping_status . '</div>
-	<div class="_status">' . $post->post_status . '</div>
+	<div class="comment_status">' . esc_html( $post->comment_status ) . '</div>
+	<div class="ping_status">' . esc_html( $post->ping_status ) . '</div>
+	<div class="_status">' . esc_html( $post->post_status ) . '</div>
 	<div class="jj">' . mysql2date( 'd', $post->post_date, false ) . '</div>
 	<div class="mm">' . mysql2date( 'm', $post->post_date, false ) . '</div>
 	<div class="aa">' . mysql2date( 'Y', $post->post_date, false ) . '</div>
@@ -465,6 +465,10 @@ function list_meta( $meta ) {
  */
 function _list_meta_row( $entry, &$count ) {
 	static $update_nonce = false;
+
+	if ( is_protected_meta( $entry['meta_key'] ) )
+		return;
+
 	if ( !$update_nonce )
 		$update_nonce = wp_create_nonce( 'add-meta' );
 

wp-admin/includes/update-core.php

@@ -294,7 +294,7 @@ function update_core($from, $to) {
 	$mysql_version  = $wpdb->db_version();
 	$required_php_version = '4.3';
 	$required_mysql_version = '4.1.2';
-	$wp_version = '3.1';
+	$wp_version = '3.1.4';
 	$php_compat     = version_compare( $php_version, $required_php_version, '>=' );
 	$mysql_compat   = version_compare( $mysql_version, $required_mysql_version, '>=' ) || file_exists( WP_CONTENT_DIR . '/db.php' );
 

wp-admin/js/edit-comments.dev.js

@@ -218,10 +218,10 @@ setCommentsList = function() {
 	var refillTheExtraList = function(ev) {
 		// var args = $.query.get(), total_pages = listTable.get_total_pages(), per_page = $('input[name=_per_page]', '#comments-form').val(), r;
 		var args = $.query.get(), total_pages = $('.total-pages').text(), per_page = $('input[name=_per_page]', '#comments-form').val(), r;
-		
+
 		if (! args.paged)
 			args.paged = 1;
-		
+
 		if (args.paged > total_pages) {
 			return;
 		}

wp-admin/js/list-table.dev.js

@@ -29,12 +29,12 @@ window.listTable = {
 		$('select', context).each( function(){
 			var options = $('option', this),
 				anySelected = false;
-			
+
 			options.each( function(){
 				this.selected = this.defaultSelected;
 				anySelected = anySelected || this.defaultSelected;
 			});
-			
+
 			// If no options are selected within a single-select dropdown,
 			// select the first element by default.
 			if ( ! this.multiple && ! anySelected )

wp-admin/js/post.dev.js

@@ -36,7 +36,10 @@ tagBox = {
 	},
 
 	quickClicks : function(el) {
-		var thetags = $('.the-tags', el), tagchecklist = $('.tagchecklist', el), current_tags, disabled;
+		var thetags = $('.the-tags', el),
+			tagchecklist = $('.tagchecklist', el),
+			id = $(el).attr('id'),
+			current_tags, disabled;
 
 		if ( !thetags.length )
 			return;
@@ -47,19 +50,25 @@ tagBox = {
 		tagchecklist.empty();
 
 		$.each( current_tags, function( key, val ) {
-			var txt, button_id, id = $(el).attr('id');
+			var span, xbutton;
 
-			val = $.trim(val);
-			if ( !val.match(/^\s+$/) && '' != val ) {
-				button_id = id + '-check-num-' + key;
-				if ( disabled )
-		 			txt = '<span>' + val + '</span> ';
-				else
-		 			txt = '<span><a id="' + button_id + '" class="ntdelbutton">X</a>&nbsp;' + val + '</span> ';
-	 			tagchecklist.append(txt);
-				if ( ! disabled )
-		 			$( '#' + button_id ).click( function(){ tagBox.parseTags(this); });
+			val = $.trim( val );
+
+			if ( ! val )
+				return;
+
+			// Create a new span, and ensure the text is properly escaped.
+			span = $('<span />').text( val );
+
+			// If tags editing isn't disabled, create the X button.
+			if ( ! disabled ) {
+				xbutton = $( '<a id="' + id + '-check-num-' + key + '" class="ntdelbutton">X</a>' );
+				xbutton.click( function(){ tagBox.parseTags(this); });
+				span.prepend('&nbsp;').prepend( xbutton );
 			}
+
+			// Append the span to the tag list.
+			tagchecklist.append( span );
 		});
 	},
 

wp-admin/js/user-profile.dev.js

@@ -29,37 +29,39 @@
 		}
 	}
 
-	$(document).ready( function() {
+	$(document).ready(function() {
 		$('#pass1').val('').keyup( check_pass_strength );
 		$('#pass2').val('').keyup( check_pass_strength );
 		$('#pass-strength-result').show();
-		$('.color-palette').click(function(){$(this).siblings('input[name=admin_color]').attr('checked', 'checked')});
-		$('#nickname').blur(function(){
-			var str = $(this).val() || $('#user_login').val();
-			var select = $('#display_name');
-			var sel = select.children('option:selected').attr('id');
-			select.children('#display_nickname').remove();
-			if ( ! select.children('option[value=' + str + ']').length )
-				select.append('<option id="display_nickname" value="' + str + '">' + str + '</option>');
-			$('#'+sel).attr('selected', 'selected');
-		});
-		$('#first_name, #last_name').blur(function(){
-			var select = $('#display_name');
-			var first = $('#first_name').val(), last = $('#last_name').val();
-			var sel = select.children('option:selected').attr('id');
-			$('#display_firstname, #display_lastname, #display_firstlast, #display_lastfirst').remove();
-			if ( first && ! select.children('option[value=' + first + ']').length )
-				select.append('<option id="display_firstname" value="' + first + '">' + first + '</option>');
-			if ( last && ! select.children('option[value=' + last + ']').length )
-				select.append('<option id="display_lastname" value="' + last + '">' + last + '</option>');
-			if ( first && last ) {
-				if ( ! select.children('option[value=' + first + ' ' + last + ']').length )
-					select.append('<option id="display_firstlast" value="' + first + ' ' + last + '">' + first + ' ' + last + '</option>');
-				if ( ! select.children('option[value=' + last + ' ' + first + ']').length )
-					select.append('<option id="display_lastfirst" value="' + last + ' ' + first + '">' + last + ' ' + first + '</option>');
+		$('.color-palette').click(function(){$(this).siblings('input[name="admin_color"]').prop('checked', true)});
+		$('#first_name, #last_name, #nickname').blur(function(){
+			var select = $('#display_name'), current = select.find('option:selected').attr('id'), dub = [],
+				inputs = {
+					display_nickname : $('#nickname').val(),
+					display_username : $('#user_login').val(),
+					display_firstname : $('#first_name').val(),
+					display_lastname : $('#last_name').val()
+				};
+
+			if ( inputs.display_firstname && inputs.display_lastname ) {
+				inputs['display_firstlast'] = inputs.display_firstname + ' ' + inputs.display_lastname;
+				inputs['display_lastfirst'] = inputs.display_lastname + ' ' + inputs.display_firstname;
 			}
-			$('#'+sel).attr('selected', 'selected');
+
+			$('option', select).remove();
+			$.each(inputs, function( id, value ) {
+				var val = value.replace(/<\/?[a-z][^>]*>/gi, ''); 
+
+				if ( inputs[id].length && $.inArray( val, dub ) == -1 ) {
+					dub.push(val);
+					$('<option />', {
+					  	'id': id,
+						'text': val,
+						'selected': (id == current)
+					}).appendTo( select );
+				}
+			});
 		});
-    });
+	});
 
 })(jQuery);

wp-admin/js/user-profile.js

@@ -1 +1 @@
-(function(a){function b(){var e=a("#pass1").val(),d=a("#user_login").val(),c=a("#pass2").val(),f;a("#pass-strength-result").removeClass("short bad good strong");if(!e){a("#pass-strength-result").html(pwsL10n.empty);return}f=passwordStrength(e,d,c);switch(f){case 2:a("#pass-strength-result").addClass("bad").html(pwsL10n.bad);break;case 3:a("#pass-strength-result").addClass("good").html(pwsL10n.good);break;case 4:a("#pass-strength-result").addClass("strong").html(pwsL10n.strong);break;case 5:a("#pass-strength-result").addClass("short").html(pwsL10n.mismatch);break;default:a("#pass-strength-result").addClass("short").html(pwsL10n["short"])}}a(document).ready(function(){a("#pass1").val("").keyup(b);a("#pass2").val("").keyup(b);a("#pass-strength-result").show();a(".color-palette").click(function(){a(this).siblings("input[name=admin_color]").attr("checked","checked")});a("#nickname").blur(function(){var e=a(this).val()||a("#user_login").val();var c=a("#display_name");var d=c.children("option:selected").attr("id");c.children("#display_nickname").remove();if(!c.children("option[value="+e+"]").length){c.append('<option id="display_nickname" value="'+e+'">'+e+"</option>")}a("#"+d).attr("selected","selected")});a("#first_name, #last_name").blur(function(){var c=a("#display_name");var f=a("#first_name").val(),d=a("#last_name").val();var e=c.children("option:selected").attr("id");a("#display_firstname, #display_lastname, #display_firstlast, #display_lastfirst").remove();if(f&&!c.children("option[value="+f+"]").length){c.append('<option id="display_firstname" value="'+f+'">'+f+"</option>")}if(d&&!c.children("option[value="+d+"]").length){c.append('<option id="display_lastname" value="'+d+'">'+d+"</option>")}if(f&&d){if(!c.children("option[value="+f+" "+d+"]").length){c.append('<option id="display_firstlast" value="'+f+" "+d+'">'+f+" "+d+"</option>")}if(!c.children("option[value="+d+" "+f+"]").length){c.append('<option id="display_lastfirst" value="'+d+" "+f+'">'+d+" "+f+"</option>")}}a("#"+e).attr("selected","selected")})})})(jQuery);
+(function(a){function b(){var e=a("#pass1").val(),d=a("#user_login").val(),c=a("#pass2").val(),f;a("#pass-strength-result").removeClass("short bad good strong");if(!e){a("#pass-strength-result").html(pwsL10n.empty);return}f=passwordStrength(e,d,c);switch(f){case 2:a("#pass-strength-result").addClass("bad").html(pwsL10n.bad);break;case 3:a("#pass-strength-result").addClass("good").html(pwsL10n.good);break;case 4:a("#pass-strength-result").addClass("strong").html(pwsL10n.strong);break;case 5:a("#pass-strength-result").addClass("short").html(pwsL10n.mismatch);break;default:a("#pass-strength-result").addClass("short").html(pwsL10n["short"])}}a(document).ready(function(){a("#pass1").val("").keyup(b);a("#pass2").val("").keyup(b);a("#pass-strength-result").show();a(".color-palette").click(function(){a(this).siblings('input[name="admin_color"]').prop("checked",true)});a("#first_name, #last_name, #nickname").blur(function(){var c=a("#display_name"),e=c.find("option:selected").attr("id"),f=[],d={display_nickname:a("#nickname").val(),display_username:a("#user_login").val(),display_firstname:a("#first_name").val(),display_lastname:a("#last_name").val()};if(d.display_firstname&&d.display_lastname){d.display_firstlast=d.display_firstname+" "+d.display_lastname;d.display_lastfirst=d.display_lastname+" "+d.display_firstname}a("option",c).remove();a.each(d,function(i,g){var h=g.replace(/<\/?[a-z][^>]*>/gi,"");if(d[i].length&&a.inArray(h,f)==-1){f.push(h);a("<option />",{id:i,text:h,selected:(i==e)}).appendTo(c)}})})})})(jQuery);

wp-admin/media-upload.php

@@ -38,6 +38,7 @@ if ( isset($_GET['inline']) ) {
 	$errors = array();
 
 	if ( isset($_POST['html-upload']) && !empty($_FILES) ) {
+		check_admin_referer('media-form');
 		// Upload File button was clicked
 		$id = media_handle_upload('async-upload', $_REQUEST['post_id']);
 		unset($_FILES);

wp-admin/menu.php

@@ -191,13 +191,19 @@ else
 if ( current_user_can('list_users') ) {
 	$_wp_real_parent_file['profile.php'] = 'users.php'; // Back-compat for plugins adding submenus to profile.php.
 	$submenu['users.php'][5] = array(__('Users'), 'list_users', 'users.php');
-	$submenu['users.php'][10] = array(_x('Add New', 'user'), 'promote_users', 'user-new.php');
+	if ( current_user_can('create_users') )
+		$submenu['users.php'][10] = array(_x('Add New', 'user'), 'create_users', 'user-new.php');
+	else
+		$submenu['users.php'][10] = array(_x('Add New', 'user'), 'promote_users', 'user-new.php');
 
 	$submenu['users.php'][15] = array(__('Your Profile'), 'read', 'profile.php');
 } else {
 	$_wp_real_parent_file['users.php'] = 'profile.php';
 	$submenu['profile.php'][5] = array(__('Your Profile'), 'read', 'profile.php');
-	$submenu['profile.php'][10] = array(__('Add New User'), 'promote_users', 'user-new.php');
+	if ( current_user_can('create_users') )
+		$submenu['profile.php'][10] = array(__('Add New User'), 'create_users', 'user-new.php');
+	else
+		$submenu['profile.php'][10] = array(__('Add New User'), 'promote_users', 'user-new.php');
 }
 
 $menu[75] = array( __('Tools'), 'edit_posts', 'tools.php', '', 'menu-top menu-icon-tools', 'menu-tools', 'div' );

wp-admin/ms-delete-site.php

@@ -34,6 +34,8 @@ screen_icon();
 echo '<h2>' . esc_html( $title ) . '</h2>';
 
 if ( isset( $_POST['action'] ) && $_POST['action'] == 'deleteblog' && isset( $_POST['confirmdelete'] ) && $_POST['confirmdelete'] == '1' ) {
+	check_admin_referer( 'delete-blog' );
+
 	$hash = wp_generate_password( 20, false );
 	update_option( 'delete_blog_hash', $hash );
 
@@ -68,11 +70,12 @@ Webmaster
 	<p><?php _e( 'Remember, once deleted your site cannot be restored.' ) ?></p>
 
 	<form method="post" name="deletedirect">
+		<?php wp_nonce_field( 'delete-blog' ) ?>
 		<input type="hidden" name="action" value="deleteblog" />
 		<p><input id="confirmdelete" type="checkbox" name="confirmdelete" value="1" /> <label for="confirmdelete"><strong><?php printf( __( "I'm sure I want to permanently disable my site, and I am aware I can never get it back or use %s again." ), is_subdomain_install() ? $current_blog->domain : $current_blog->domain . $current_blog->path ); ?></strong></label></p>
 		<?php submit_button( __( 'Delete My Site Permanently' ) ); ?>
 	</form>
-	<?php
+ 	<?php
 }
 echo '</div>';
 

wp-admin/network.php

@@ -108,7 +108,6 @@ add_contextual_help($current_screen,
 	'<p>' . __('Choose subdomains or subdirectories; this can only be switched afterwards by reconfiguring your install. Fill out the network details, and click install. If this does not work, you may have to add a wildcard DNS record (for subdomains) or change to another setting in Permalinks (for subdirectories).') . '</p>' .
 	'<p>' . __('The next screen for Network will give you individually-generated lines of code to add to your wp-config.php and .htaccess files. Make sure the settings of your FTP client make files starting with a dot visible, so that you can find .htaccess; you may have to create this file if it really is not there. Make backup copies of those two files.') . '</p>' .
 	'<p>' . __('Add a <code>blogs.dir</code> directory under <code>/wp-content</code> and add the designated lines of code to wp-config.php (just before <code>/*...stop editing...*/</code>) and <code>.htaccess</code> (replacing the existing WordPress rules).') . '</p>' .
-	'<p>' . __('Refreshing your browser will take you to a screen with an archive of those added lines of code. A set of six links under Super Admin will appear at the top of the main left navigation menu. The multisite network is now enabled.') . '</p>' .
 	'<p>' . __('The choice of subdirectory sites is disabled if this setup is more than a month old because of permalink problems with &#8220;/blog/&#8221; from the main site. This disabling will be addressed soon in a future version.') . '</p>' .
 	'<p><strong>' . __('For more information:') . '</strong></p>' .
 	'<p>' . __('<a href="http://codex.wordpress.org/Create_A_Network" target="_blank">Documentation on Creating a Network</a>') . '</p>' .

wp-admin/network/admin.php

@@ -15,7 +15,7 @@ require_once( dirname( dirname( __FILE__ ) ) . '/admin.php' );
 if ( ! is_multisite() )
 	wp_die( __( 'Multisite support is not enabled.' ) );
 
-if ( ! is_main_site() ) {
+if ( ( $current_blog->domain != $current_site->domain ) || ( $current_blog->path != $current_site->path ) ) {
 	wp_redirect( network_admin_url() );
 	exit;
 }

wp-admin/network/settings.php

@@ -28,7 +28,6 @@ add_contextual_help($current_screen,
 	'<p>' . __('Upload settings control the size of the uploaded files and the amount of available upload space for each site. You can change the default value for specific sites when you edit a particular site. Allowed file types are also listed (space separated only).') . '</p>' .
 	'<p>' . __('Checkboxes for media upload buttons set which are shown in the visual editor. If unchecked, a generic upload button is still visible; other media types can still be uploaded if on the allowed file types list.') . '</p>' .
 	'<p>' . __('Menu setting enables/disables the plugin menus from appearing for non super admins, so that only super admins, not site admins, have access to activate plugins.') . '</p>' .
-	'<p>' . __('Super admins can no longer be added on the Options screen. You must now go to the list of existing users on Super Admin > Users and click on Username or the Edit action link below that name. This goes to an Edit User page where you can check a box to grant super admin privileges.') . '</p>' .
 	'<p><strong>' . __('For more information:') . '</strong></p>' .
 	'<p>' . __('<a href="http://codex.wordpress.org/Network_Admin_Settings_Screen" target="_blank">Documentation on Network Settings</a>') . '</p>' .
 	'<p>' . __('<a href="http://wordpress.org/support/" target="_blank">Support Forums</a>') . '</p>'

wp-admin/options-general.php

@@ -127,7 +127,7 @@ include('./admin-header.php');
 $new_admin_email = get_option( 'new_admin_email' );
 if ( $new_admin_email && $new_admin_email != get_option('admin_email') ) : ?>
 <div class="updated inline">
-<p><?php printf( __('There is a pending change of the admin e-mail to <code>%1$s</code>. <a href="%2$s">Cancel</a>'), $new_admin_email, esc_url( admin_url( 'options.php?dismiss=new_admin_email' ) ) ); ?></p>
+<p><?php printf( __('There is a pending change of the admin e-mail to <code>%1$s</code>. <a href="%2$s">Cancel</a>'), esc_html( $new_admin_email ), esc_url( admin_url( 'options.php?dismiss=new_admin_email' ) ) ); ?></p>
 </div>
 <?php endif; ?>
 </td>

wp-admin/plugins.php

@@ -407,13 +407,6 @@ if ( $s )
 <input type="hidden" name="plugin_status" value="<?php echo esc_attr($status) ?>" />
 <input type="hidden" name="paged" value="<?php echo esc_attr($page) ?>" />
 
-<?php
-if ( 'mustuse' == $status )
-	echo '<br class="clear" /><p>' . __( 'Files in the <code>/wp-content/mu-plugins</code> directory are executed automatically.' ) . '</p>';
-elseif ( 'dropins' == $status )
-	echo '<br class="clear" /><p>' . __( 'Drop-ins are advanced plugins in the <code>/wp-content</code> directory that replace WordPress functionality when present.' ) . '</p>';
-?>
-
 <?php $wp_list_table->display(); ?>
 </form>
 

wp-admin/press-this.php

@@ -56,7 +56,12 @@ function press_it() {
 		}
 	}
 	// set the post_content and status
-	$quick['post_status'] = isset($_POST['publish']) ? 'publish' : 'draft';
+	if ( isset( $_POST['publish'] ) && current_user_can( 'publish_posts' ) )
+		$quick['post_status'] = 'publish';
+	elseif ( isset( $_POST['review'] ) )
+		$quick['post_status'] = 'pending';
+	else
+		$quick['post_status'] = 'draft';
 	$quick['post_content'] = $content;
 	// error handling for media_sideload
 	if ( is_wp_error($upload) ) {
@@ -220,7 +225,7 @@ if ( !empty($_REQUEST['ajax']) ) {
 						$src = 'http://'.str_replace('//','/', $host['host'].'/'.$src);
 					else
 						$src = 'http://'.str_replace('//','/', $host['host'].'/'.dirname($host['path']).'/'.$src);
-				$sources[] = esc_attr($src);
+				$sources[] = esc_url($src);
 			}
 			return "'" . implode("','", $sources) . "'";
 		}

wp-admin/theme-editor.php

@@ -180,7 +180,7 @@ if ($allowed_files) :
 	$template_dir = $themes[$theme]['Template Dir'];
 	foreach ( $themes[$theme]['Template Files'] as $template_file ) {
 		// Don't show parent templates.
-		if ( $is_child_theme && strpos( $template_file, $themes[$theme]['Template Dir'] ) === 0 )
+		if ( $is_child_theme && strpos( $template_file, trailingslashit( $template_dir ) ) === 0 )
 			continue;
 
 		$description = trim( get_file_description($template_file) );
@@ -202,7 +202,7 @@ if ($allowed_files) :
 	$stylesheet_dir = $themes[$theme]['Stylesheet Dir'];
 	foreach ( $themes[$theme]['Stylesheet Files'] as $style_file ) {
 		// Don't show parent styles.
-		if ( $is_child_theme && strpos( $style_file, $themes[$theme]['Template Dir'] ) === 0 )
+		if ( $is_child_theme && strpos( $style_file, trailingslashit( $template_dir ) ) === 0 )
 			continue;
 
 		$description = trim( get_file_description($style_file) );

wp-admin/upgrade.php

@@ -86,7 +86,7 @@ switch ( $step ) :
 		wp_upgrade();
 
 			$backto = !empty($_GET['backto']) ? stripslashes( urldecode( $_GET['backto'] ) ) :  __get_option( 'home' ) . '/';
-			$backto = esc_url_raw( $backto );
+			$backto = esc_url( $backto );
 			$backto = wp_validate_redirect($backto, __get_option( 'home' ) . '/');
 ?>
 <h2><?php _e( 'Update Complete' ); ?></h2>

wp-admin/user-edit.php

@@ -97,14 +97,6 @@ if ( is_multisite() && IS_PROFILE_PAGE && isset( $_GET[ 'newuseremail' ] ) && $c
 }
 
 switch ($action) {
-case 'switchposts':
-
-check_admin_referer();
-
-/* TODO: Switch all posts from one user to another user */
-
-break;
-
 case 'update':
 
 check_admin_referer('update-user_' . $user_id);

wp-admin/user-new.php

@@ -9,8 +9,12 @@
 /** WordPress Administration Bootstrap */
 require_once('./admin.php');
 
-if ( ! current_user_can('create_users') && ! current_user_can('promote_users') )
-	wp_die(__('Cheatin’ uh?'));
+if ( is_multisite() ) {
+	if ( ! current_user_can( 'create_users' ) && ! current_user_can( 'promote_users' ) )
+		wp_die( __( 'Cheatin’ uh?' ) );
+} elseif ( ! current_user_can( 'create_users' ) ) {
+	wp_die( __( 'Cheatin’ uh?' ) );
+}
 
 if ( is_multisite() ) {
 	function admin_created_user_email( $text ) {

wp-admin/user/admin.php

@@ -16,7 +16,7 @@ if ( ! is_multisite() ) {
 	exit;
 }
 
-if ( ! is_main_site() ) {
+if ( ( $current_blog->domain != $current_site->domain ) || ( $current_blog->path != $current_site->path ) ) {
 	wp_redirect( user_admin_url() );
 	exit;
 }

wp-admin/users.php

@@ -48,6 +48,9 @@ switch ( $wp_list_table->current_action() ) {
 case 'promote':
 	check_admin_referer('bulk-users');
 
+	if ( ! current_user_can( 'promote_users' ) )
+		wp_die( __( 'You can’t edit that user.' ) );
+
 	if ( empty($_REQUEST['users']) ) {
 		wp_redirect($redirect);
 		exit();
@@ -197,13 +200,16 @@ break;
 case 'doremove':
 	check_admin_referer('remove-users');
 
+	if ( ! is_multisite() )
+		wp_die( __( 'You can’t remove users.' ) );
+
 	if ( empty($_REQUEST['users']) ) {
 		wp_redirect($redirect);
 		exit;
 	}
 
-	if ( !current_user_can('remove_users')  )
-		die(__('You can’t remove users.'));
+	if ( ! current_user_can( 'remove_users' ) )
+		wp_die( __( 'You can’t remove users.' ) );
 
 	$userids = $_REQUEST['users'];
 
@@ -231,6 +237,9 @@ case 'remove':
 
 	check_admin_referer('bulk-users');
 
+	if ( ! is_multisite() )
+		wp_die( __( 'You can’t remove users.' ) );
+
 	if ( empty($_REQUEST['users']) && empty($_REQUEST['user']) ) {
 		wp_redirect($redirect);
 		exit();
@@ -352,7 +361,7 @@ if ( ! empty($messages) ) {
 echo esc_html( $title );
 if ( current_user_can( 'create_users' ) ) { ?>
 	<a href="user-new.php" class="button add-new-h2"><?php echo esc_html_x( 'Add New', 'user' ); ?></a>
-<?php } elseif ( current_user_can( 'promote_users' ) ) { ?>
+<?php } elseif ( is_multisite() && current_user_can( 'promote_users' ) ) { ?>
 	<a href="user-new.php" class="button add-new-h2"><?php echo esc_html_x( 'Add Existing', 'user' ); ?></a>
 <?php }
 

wp-app.php

@@ -607,13 +607,13 @@ EOD;
 
 		$slug = '';
 		if ( isset( $_SERVER['HTTP_SLUG'] ) )
-			$slug = sanitize_file_name( $_SERVER['HTTP_SLUG'] );
+			$slug = $_SERVER['HTTP_SLUG'];
 		elseif ( isset( $_SERVER['HTTP_TITLE'] ) )
-			$slug = sanitize_file_name( $_SERVER['HTTP_TITLE'] );
+			$slug = $_SERVER['HTTP_TITLE'];
 		elseif ( empty( $slug ) ) // just make a random name
 			$slug = substr( md5( uniqid( microtime() ) ), 0, 7);
 		$ext = preg_replace( '|.*/([a-z0-9]+)|', '$1', $_SERVER['CONTENT_TYPE'] );
-		$slug = "$slug.$ext";
+		$slug = sanitize_file_name( "$slug.$ext" );
 		$file = wp_upload_bits( $slug, NULL, $bits);
 
 		log_app('wp_upload_bits returns:',print_r($file,true));

wp-content/themes/twentyten/functions.php

@@ -303,6 +303,9 @@ add_filter( 'use_default_gallery_style', '__return_false' );
 function twentyten_remove_gallery_css( $css ) {
 	return preg_replace( "#<style type='text/css'>(.*?)</style>#s", '', $css );
 }
+// Backwards compatibility with WordPress 3.0.
+if ( version_compare( $GLOBALS['wp_version'], '3.1', '<' ) )
+	add_filter( 'gallery_style', 'twentyten_remove_gallery_css' );
 
 if ( ! function_exists( 'twentyten_comment' ) ) :
 /**
@@ -443,6 +446,10 @@ add_action( 'widgets_init', 'twentyten_widgets_init' );
  * To override this in a child theme, remove the filter and optionally add your own
  * function tied to the widgets_init action hook.
  *
+ * This function uses a filter (show_recent_comments_widget_style) new in WordPress 3.1
+ * to remove the default style. Using Twenty Ten 1.2 in WordPress 3.0 will show the styles,
+ * but they won't have any effect on the widget in default Twenty Ten styling.
+ *
  * @since Twenty Ten 1.0
  */
 function twentyten_remove_recent_comments_style() {

wp-content/themes/twentyten/languages/twentyten.pot

@@ -4,7 +4,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: Twenty Ten 1.2\n"
 "Report-Msgid-Bugs-To: http://wordpress.org/tag/twentyten\n"
-"POT-Creation-Date: 2011-01-15 01:27:01+00:00\n"
+"POT-Creation-Date: 2011-06-13 13:27:47+00:00\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
@@ -16,6 +16,7 @@ msgstr ""
 msgid "Return to %s"
 msgstr ""
 
+#. translators: %s - title of parent post
 #: loop-attachment.php:23
 msgid "<span class=\"meta-nav\">&larr;</span> %s"
 msgstr ""
@@ -24,7 +25,7 @@ msgstr ""
 msgid "<span class=\"%1$s\">By</span> %2$s"
 msgstr ""
 
-#: loop-attachment.php:36 functions.php:469
+#: loop-attachment.php:36 functions.php:476
 msgid "View all posts by %s"
 msgstr ""
 
@@ -186,125 +187,134 @@ msgstr ""
 msgid "Primary Navigation"
 msgstr ""
 
+#. translators: header image description
 #: functions.php:140
 msgid "Berries"
 msgstr ""
 
+#. translators: header image description
 #: functions.php:146
 msgid "Cherry Blossoms"
 msgstr ""
 
+#. translators: header image description
 #: functions.php:152
 msgid "Concave"
 msgstr ""
 
+#. translators: header image description
 #: functions.php:158
 msgid "Fern"
 msgstr ""
 
+#. translators: header image description
 #: functions.php:164
 msgid "Forest Floor"
 msgstr ""
 
+#. translators: header image description
 #: functions.php:170
 msgid "Inkwell"
 msgstr ""
 
+#. translators: header image description
 #: functions.php:176
 msgid "Path"
 msgstr ""
 
+#. translators: header image description
 #: functions.php:182
 msgid "Sunset"
 msgstr ""
 
-#: functions.php:327
+#: functions.php:330
 msgid "%s <span class=\"says\">says:</span>"
 msgstr ""
 
-#: functions.php:330
+#: functions.php:333
 msgid "Your comment is awaiting moderation."
 msgstr ""
 
-#: functions.php:337
+#. translators: 1: date, 2: time
+#: functions.php:340
 msgid "%1$s at %2$s"
 msgstr ""
 
-#: functions.php:337 functions.php:354
+#: functions.php:340 functions.php:357
 msgid "(Edit)"
 msgstr ""
 
-#: functions.php:354
+#: functions.php:357
 msgid "Pingback:"
 msgstr ""
 
-#: functions.php:373
+#: functions.php:376
 msgid "Primary Widget Area"
 msgstr ""
 
-#: functions.php:375
+#: functions.php:378
 msgid "The primary widget area"
 msgstr ""
 
-#: functions.php:384
+#: functions.php:387
 msgid "Secondary Widget Area"
 msgstr ""
 
-#: functions.php:386
+#: functions.php:389
 msgid "The secondary widget area"
 msgstr ""
 
-#: functions.php:395
+#: functions.php:398
 msgid "First Footer Widget Area"
 msgstr ""
 
-#: functions.php:397
+#: functions.php:400
 msgid "The first footer widget area"
 msgstr ""
 
-#: functions.php:406
+#: functions.php:409
 msgid "Second Footer Widget Area"
 msgstr ""
 
-#: functions.php:408
+#: functions.php:411
 msgid "The second footer widget area"
 msgstr ""
 
-#: functions.php:417
+#: functions.php:420
 msgid "Third Footer Widget Area"
 msgstr ""
 
-#: functions.php:419
+#: functions.php:422
 msgid "The third footer widget area"
 msgstr ""
 
-#: functions.php:428
+#: functions.php:431
 msgid "Fourth Footer Widget Area"
 msgstr ""
 
-#: functions.php:430
+#: functions.php:433
 msgid "The fourth footer widget area"
 msgstr ""
 
-#: functions.php:460
+#: functions.php:467
 msgid ""
 "<span class=\"%1$s\">Posted on</span> %2$s <span class=\"meta-sep\">by</"
 "span> %3$s"
 msgstr ""
 
-#: functions.php:486
+#: functions.php:493
 msgid ""
 "This entry was posted in %1$s and tagged %2$s. Bookmark the <a href=\"%3$s\" "
 "title=\"Permalink to %4$s\" rel=\"bookmark\">permalink</a>."
 msgstr ""
 
-#: functions.php:488
+#: functions.php:495
 msgid ""
 "This entry was posted in %1$s. Bookmark the <a href=\"%3$s\" title="
 "\"Permalink to %4$s\" rel=\"bookmark\">permalink</a>."
 msgstr ""
 
-#: functions.php:490
+#: functions.php:497
 msgid ""
 "Bookmark the <a href=\"%3$s\" title=\"Permalink to %4$s\" rel=\"bookmark"
 "\">permalink</a>."

wp-content/themes/twentyten/loop.php

@@ -57,7 +57,7 @@
 
 <?php /* How to display posts of the Gallery format. The gallery category is the old way. */ ?>
 
-	<?php if ( 'gallery' == get_post_format( $post->ID ) || in_category( _x( 'gallery', 'gallery category slug', 'twentyten' ) ) ) : ?>
+	<?php if ( ( function_exists( 'get_post_format' ) && 'gallery' == get_post_format( $post->ID ) ) || in_category( _x( 'gallery', 'gallery category slug', 'twentyten' ) ) ) : ?>
 		<div id="post-<?php the_ID(); ?>" <?php post_class(); ?>>
 			<h2 class="entry-title"><a href="<?php the_permalink(); ?>" title="<?php printf( esc_attr__( 'Permalink to %s', 'twentyten' ), the_title_attribute( 'echo=0' ) ); ?>" rel="bookmark"><?php the_title(); ?></a></h2>
 
@@ -89,7 +89,7 @@
 			</div><!-- .entry-content -->
 
 			<div class="entry-utility">
-			<?php if ( 'gallery' == get_post_format( $post->ID ) ) : ?>
+			<?php if ( function_exists( 'get_post_format' ) && 'gallery' == get_post_format( $post->ID ) ) : ?>
 				<a href="<?php echo get_post_format_link( 'gallery' ); ?>" title="<?php esc_attr_e( 'View Galleries', 'twentyten' ); ?>"><?php _e( 'More Galleries', 'twentyten' ); ?></a>
 				<span class="meta-sep">|</span>
 			<?php elseif ( in_category( _x( 'gallery', 'gallery category slug', 'twentyten' ) ) ) : ?>
@@ -103,7 +103,7 @@
 
 <?php /* How to display posts of the Aside format. The asides category is the old way. */ ?>
 
-	<?php elseif ( 'aside' == get_post_format( $post->ID ) || in_category( _x( 'asides', 'asides category slug', 'twentyten' ) )  ) : ?>
+	<?php elseif ( ( function_exists( 'get_post_format' ) && 'aside' == get_post_format( $post->ID ) ) || in_category( _x( 'asides', 'asides category slug', 'twentyten' ) )  ) : ?>
 		<div id="post-<?php the_ID(); ?>" <?php post_class(); ?>>
 
 		<?php if ( is_archive() || is_search() ) : // Display excerpts for archives and search. ?>

wp-includes/admin-bar.php

@@ -145,9 +145,9 @@ function wp_admin_bar_shortlink_menu() {
 
 	if ( empty( $short ) )
 		return;
-	
+
 	$html = '<input class="shortlink-input" type="text" readonly="readonly" value="' . esc_attr( $short ) . '" />';
-	
+
 	$wp_admin_bar->add_menu( array(
 		'id' => $id,
 		'title' => __( 'Shortlink' ),
@@ -337,14 +337,14 @@ function show_admin_bar( $show ) {
  * @return bool Whether the admin bar should be showing.
  */
 function is_admin_bar_showing() {
-	global $show_admin_bar;
+	global $show_admin_bar, $pagenow;
 
 	/* For all these types of request we never want an admin bar period */
 	if ( defined('XMLRPC_REQUEST') || defined('APP_REQUEST') || defined('DOING_AJAX') || defined('IFRAME_REQUEST') )
 		return false;
 
 	if ( ! isset( $show_admin_bar ) ) {
-		if ( ! is_user_logged_in() ) {
+		if ( ! is_user_logged_in() || 'wp-login.php' == $pagenow ) {
 			$show_admin_bar = false;
 		} else {
 			$context = is_admin() ? 'admin' : 'front';

wp-includes/bookmark.php

@@ -213,22 +213,32 @@ function get_bookmarks($args = '') {
 
 	$orderby = strtolower($orderby);
 	$length = '';
-	switch ($orderby) {
+	switch ( $orderby ) {
 		case 'length':
 			$length = ", CHAR_LENGTH(link_name) AS length";
 			break;
 		case 'rand':
 			$orderby = 'rand()';
 			break;
+		case 'link_id':
+			$orderby = "$wpdb->links.link_id";
+			break;
 		default:
 			$orderparams = array();
-			foreach ( explode(',', $orderby) as $ordparam )
-				$orderparams[] = 'link_' . trim($ordparam);
+			foreach ( explode(',', $orderby) as $ordparam ) {
+				$ordparam = trim($ordparam);
+				if ( in_array( $ordparam, array( 'name', 'url', 'visible', 'rating', 'owner', 'updated' ) ) )
+					$orderparams[] = 'link_' . $ordparam;
+			}
 			$orderby = implode(',', $orderparams);
 	}
 
-	if ( 'link_id' == $orderby )
-		$orderby = "$wpdb->links.link_id";
+	if ( empty( $orderby ) )
+		$orderby = 'link_name';
+
+	$order = strtoupper( $order );
+	if ( '' !== $order && !in_array( $order, array( 'ASC', 'DESC' ) ) )
+		$order = 'ASC';
 
 	$visible = '';
 	if ( $hide_invisible )

wp-includes/canonical.php

@@ -35,9 +35,9 @@
  *		not needed or the string of the URL
  */
 function redirect_canonical( $requested_url = null, $do_redirect = true ) {
-	global $wp_rewrite, $is_iis7, $wp_query, $wpdb;
+	global $wp_rewrite, $is_IIS, $wp_query, $wpdb;
 
-	if ( is_trackback() || is_search() || is_comments_popup() || is_admin() || !empty($_POST) || is_preview() || is_robots() || ( $is_iis7 && !iis7_supports_permalinks() ) )
+	if ( is_trackback() || is_search() || is_comments_popup() || is_admin() || !empty($_POST) || is_preview() || is_robots() || $is_IIS )
 		return;
 
 	if ( !$requested_url ) {
@@ -141,8 +141,10 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) {
 				$redirect['query'] = remove_query_arg('year', $redirect['query']);
 		} elseif ( is_author() && !empty($_GET['author']) && preg_match( '|^[0-9]+$|', $_GET['author'] ) ) {
 			$author = get_userdata(get_query_var('author'));
-			if ( false !== $author && $redirect_url = get_author_posts_url($author->ID, $author->user_nicename) )
-				$redirect['query'] = remove_query_arg('author', $redirect['query']);
+			if ( ( false !== $author ) && $wpdb->get_var( $wpdb->prepare( "SELECT ID FROM $wpdb->posts WHERE $wpdb->posts.post_author = %d AND $wpdb->posts.post_status = 'publish' LIMIT 1", $author->ID ) ) ) {
+				if ( $redirect_url = get_author_posts_url($author->ID, $author->user_nicename) )
+					$redirect['query'] = remove_query_arg('author', $redirect['query']);
+			}
 		} elseif ( is_category() || is_tag() || is_tax() ) { // Terms (Tags/categories)
 
 			$term_count = 0;
@@ -150,7 +152,7 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) {
 				$term_count += count( $tax_query['terms'] );
 
 			$obj = $wp_query->get_queried_object();
-			if ( $term_count <= 1 && !empty($obj->term_id) && ( $tax_url = get_term_link((int)$obj->term_id, $obj->taxonomy) ) && !is_wp_error($tax_url) ) {
+			if ( $term_count <= 1 && !empty($obj->term_id) && ( $tax_url = get_term_link((int)$obj->term_id, $obj->taxonomy) ) && !is_wp_error($tax_url) && !empty($redirect['query']) ) {
 				if ( !empty($redirect['query']) ) {
 					if ( is_category() ) {
 						$redirect['query'] = remove_query_arg( array( 'category_name', 'category', 'cat'), $redirect['query']);
@@ -195,7 +197,7 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) {
 			}
 
 			$addl_path = '';
-			if ( is_feed() ) {
+			if ( is_feed() && in_array( get_query_var('feed'), $wp_rewrite->feeds ) ) {
 				$addl_path = !empty( $addl_path ) ? trailingslashit($addl_path) : '';
 				if ( get_query_var( 'withcomments' ) )
 					$addl_path .= 'comments/';

wp-includes/category-template.php

@@ -12,11 +12,19 @@
  * @since 1.0.0
  * @see get_term_link()
  *
- * @param int $category_id Category ID.
- * @return string|WP_Error Link on success, WP_Error if category does not exist.
+ * @param int|object $category Category ID or object.
+ * @return string Link on success, empty string if category does not exist.
  */
-function get_category_link( $category_id ) {
-	return get_term_link((int)$category_id, 'category');
+function get_category_link( $category ) {
+	if ( ! is_object( $category ) )
+		$category = (int) $category;
+
+	$category = get_term_link( $category, 'category' );
+
+	if ( is_wp_error( $category ) )
+		return '';
+
+	return $category;
 }
 
 /**
@@ -964,11 +972,19 @@ class Walker_CategoryDropdown extends Walker {
  * @since 2.3.0
  * @see get_term_link()
  *
- * @param int $tag_id Tag (term) ID.
- * @return string|WP_Error Link on success, WP_Error if tag does not exist.
+ * @param int|object $tag Tag ID or object.
+ * @return string Link on success, empty string if tag does not exist.
  */
-function get_tag_link( $tag_id ) {
-	return get_term_link( (int)$tag_id, 'post_tag');
+function get_tag_link( $tag ) {
+	if ( ! is_object( $tag ) )
+		$tag = (int) $tag;
+
+	$tag = get_term_link( $tag, 'post_tag' );
+
+	if ( is_wp_error( $tag ) )
+		return '';
+
+	return $tag;
 }
 
 /**

wp-includes/class-oembed.php

@@ -165,8 +165,8 @@ class WP_oEmbed {
 	function fetch( $provider, $url, $args = '' ) {
 		$args = wp_parse_args( $args, wp_embed_defaults() );
 
-		$provider = add_query_arg( 'maxwidth', $args['width'], $provider );
-		$provider = add_query_arg( 'maxheight', $args['height'], $provider );
+		$provider = add_query_arg( 'maxwidth', (int) $args['width'], $provider );
+		$provider = add_query_arg( 'maxheight', (int) $args['height'], $provider );
 		$provider = add_query_arg( 'url', urlencode($url), $provider );
 
 		foreach( array( 'json', 'xml' ) as $format ) {

wp-includes/class-pop3.php

@@ -12,7 +12,7 @@
  *
  * Licensed under the GNU GPL. For full terms see the file COPYING.
  * @license http://opensource.org/licenses/gpl-license.php GNU General Public License
- * 
+ *
  * pop3 class
  *
  * $Id$

wp-includes/class-wp-admin-bar.php

@@ -115,7 +115,7 @@ class WP_Admin_Bar {
 	function recursive_render( $id, &$menu_item ) { ?>
 		<?php
 		$is_parent =  ! empty( $menu_item['children'] );
-		
+
 		$menuclass = $is_parent ? 'menupop' : '';
 		if ( ! empty( $menu_item['meta']['class'] ) )
 			$menuclass .= ' ' . $menu_item['meta']['class'];

wp-includes/css/admin-bar-rtl.css

@@ -1 +1 @@
-#wpadminbar{background:#666 url(../images/admin-bar-sprite-rtl.png?d=08102010) 0 -222px repeat-x;direction:rtl;font-family:Tahoma,Arial,sans-serif;right:0;left:auto;}#wpadminbar .quicklinks ul{text-align:right;}#wpadminbar .quicklinks ul li{float:right;}#wpadminbar .quicklinks>ul>li>a{border-left:1px solid #686868;border-right:1px solid #808080;}#wpadminbar .quicklinks>ul>li:last-child>a{border-left:none;border-right:1px solid #808080;}#wpadminbar .quicklinks>ul>li:hover>a{border-right-color:#707070;border-left-color:#686868;}#wpadminbar .quicklinks li#wp-admin-bar-my-account-with-avatar a img{margin:-2px -5px 0 23px;}#wpadminbar .quicklinks li#wp-admin-bar-my-account-with-avatar ul{left:auto;right:30px;}#wpadminbar .quicklinks .menupop li:hover>ul,#wpadminbar .quicklinks .menupop li.hover>ul{margin-right:100%;margin-left:0;}#wpadminbar .quicklinks .menupop a>span{background:url(../images/admin-bar-sprite-rtl.png?d=11122010) left -58px no-repeat;padding-right:0;padding-left:.8em;}#wpadminbar .quicklinks .menupop ul li a>span{background:url(../images/admin-bar-sprite-rtl.png?d=11122010) left -29px no-repeat;padding-right:0;padding-left:1.5em;}#wpadminbar .quicklinks a{font-family:Tahoma,Arial,Helvetica,sans-serif;}#wpadminbar .quicklinks .menupop li a img.blavatar{margin-right:0;margin-left:8px;}#wpadminbar .quicklinks li#wp-admin-bar-my-account-with-avatar>a{background:url(../images/admin-bar-sprite-rtl.png?d=11122010) top right no-repeat;}#wpadminbar .quicklinks li#wp-admin-bar-my-account>a,#wpadminbar .quicklinks li#wp-admin-bar-my-account-with-avatar>a{border-right:none;border-left:1px solid #686868;}#wpadminbar #adminbarsearch{float:left;}#wpadminbar #adminbarsearch .adminbar-input{float:right;font-family:Tahoma,Arial,Helvetica,sans-serif;margin-right:0;margin-left:3px;-moz-box-shadow:inset 2px -2px 1px #cdcdcd;-webkit-box-shadow:inset -2px 2px 1px #cdcdcd;box-shadow:inset 2px -2px 1px #cdcdcd;}#wpadminbar #adminbarsearch .adminbar-button{float:right;font-family:Tahoma,Arial,Helvetica,sans-serif;}
+#wpadminbar{direction:rtl;font-family:Tahoma,Arial,sans-serif;right:0;left:auto;}#wpadminbar .quicklinks ul{text-align:right;}#wpadminbar .quicklinks ul li{float:right;}#wpadminbar .quicklinks>ul>li>a{border-left:1px solid #686868;border-right:1px solid #808080;}#wpadminbar .quicklinks>ul>li:last-child>a{border-left:none;border-right:1px solid #808080;}#wpadminbar .quicklinks>ul>li:hover>a{border-right-color:#707070;border-left-color:#686868;}#wpadminbar .quicklinks li#wp-admin-bar-my-account-with-avatar a img{margin:-2px -5px 0 23px;}#wpadminbar .quicklinks li#wp-admin-bar-my-account-with-avatar ul{left:auto;right:30px;}#wpadminbar .quicklinks .menupop li:hover>ul,#wpadminbar .quicklinks .menupop li.hover>ul{margin-right:100%;margin-left:0;}#wpadminbar .quicklinks .menupop a>span{background:url(../images/admin-bar-sprite-rtl.png?d=11122010) left -58px no-repeat;padding-right:0;padding-left:.8em;}#wpadminbar .quicklinks .menupop ul li a>span{background:url(../images/admin-bar-sprite-rtl.png?d=11122010) left -29px no-repeat;padding-right:0;padding-left:1.5em;}#wpadminbar .quicklinks a{font-family:Tahoma,Arial,Helvetica,sans-serif;}#wpadminbar .quicklinks .menupop li a img.blavatar{margin-right:0;margin-left:8px;}#wpadminbar .quicklinks li#wp-admin-bar-my-account-with-avatar>a{background:url(../images/admin-bar-sprite-rtl.png?d=11122010) top right no-repeat;}#wpadminbar .quicklinks li#wp-admin-bar-my-account>a,#wpadminbar .quicklinks li#wp-admin-bar-my-account-with-avatar>a{border-right:none;border-left:1px solid #686868;}#wpadminbar #adminbarsearch{float:left;}#wpadminbar #adminbarsearch .adminbar-input{float:right;font-family:Tahoma,Arial,Helvetica,sans-serif;margin-right:0;margin-left:3px;-moz-box-shadow:inset 2px -2px 1px #cdcdcd;-webkit-box-shadow:inset -2px 2px 1px #cdcdcd;box-shadow:inset 2px -2px 1px #cdcdcd;}#wpadminbar #adminbarsearch .adminbar-button{float:right;font-family:Tahoma,Arial,Helvetica,sans-serif;}

wp-includes/css/admin-bar-rtl.dev.css

@@ -1,5 +1,4 @@
 #wpadminbar {
-	background: #666 url(../images/admin-bar-sprite-rtl.png?d=08102010) 0 -222px repeat-x;
 	direction: rtl;
 	font-family: Tahoma, Arial ,sans-serif;
 	right: 0;

wp-includes/css/admin-bar.dev.css

@@ -192,6 +192,8 @@
 }
 
 #wpadminbar .quicklinks li#wp-admin-bar-my-account-with-avatar > a img {
+	width: 16px;
+	height: 16px;
 	display: inline;
 	border: 1px solid #999;
 	vertical-align: middle;
@@ -205,6 +207,10 @@
 	left: 30px;
 }
 
+#wpadminbar .quicklinks li#wp-admin-bar-my-account-with-avatar ul ul { 
+ 	left: 0; 
+}
+
 #wpadminbar .quicklinks .menupop li a img.blavatar {
 	vertical-align: middle;
 	margin: 0 8px 0 0;

wp-includes/default-filters.php

@@ -36,9 +36,10 @@ foreach ( array( 'pre_term_description', 'pre_link_description', 'pre_link_notes
 
 // Kses only for textarea admin displays
 if ( is_admin() ) {
-	foreach ( array( 'term_description', 'link_description', 'link_notes', 'user_description', 'comment_text' ) as $filter ) {
+	foreach ( array( 'term_description', 'link_description', 'link_notes', 'user_description' ) as $filter ) {
 		add_filter( $filter, 'wp_kses_data' );
 	}
+	add_filter( 'comment_text', 'wp_kses_post' );
 }
 
 // Email saves
@@ -57,14 +58,14 @@ foreach ( array( 'comment_author_email', 'user_email' ) as $filter ) {
 
 // Save URL
 foreach ( array( 'pre_comment_author_url', 'pre_user_url', 'pre_link_url', 'pre_link_image',
-	'pre_link_rss' ) as $filter ) {
+	'pre_link_rss', 'pre_post_guid' ) as $filter ) {
 	add_filter( $filter, 'wp_strip_all_tags' );
 	add_filter( $filter, 'esc_url_raw'       );
 	add_filter( $filter, 'wp_filter_kses'    );
 }
 
 // Display URL
-foreach ( array( 'user_url', 'link_url', 'link_image', 'link_rss', 'comment_url' ) as $filter ) {
+foreach ( array( 'user_url', 'link_url', 'link_image', 'link_rss', 'comment_url', 'post_guid' ) as $filter ) {
 	if ( is_admin() )
 		add_filter( $filter, 'wp_strip_all_tags' );
 	add_filter( $filter, 'esc_url'           );
@@ -81,6 +82,13 @@ foreach ( array( 'pre_term_slug' ) as $filter ) {
 foreach ( array( 'pre_post_type' ) as $filter ) {
 	add_filter( $filter, 'sanitize_user' );
 }
+foreach ( array( 'pre_post_status', 'pre_post_comment_status', 'pre_post_ping_status' ) as $filter ) {
+	add_filter( $filter, 'sanitize_key' );
+}
+
+// Mime types
+add_filter( 'pre_post_mime_type', 'sanitize_mime_type' );
+add_filter( 'post_mime_type', 'sanitize_mime_type' );
 
 // Places to balance tags on input
 foreach ( array( 'content_save_pre', 'excerpt_save_pre', 'comment_save_pre', 'pre_comment_content' ) as $filter ) {
@@ -212,9 +220,9 @@ add_action( 'wp_head',             'wp_shortlink_wp_head',          10, 0 );
 add_action( 'template_redirect',   'wp_shortlink_header',           11, 0 );
 
 // Login actions
-add_action( 'login_head',          'wp_enqueue_scripts',            1     );
 add_action( 'login_head',          'wp_print_head_scripts',         9     );
 add_action( 'login_footer',        'wp_print_footer_scripts'              );
+add_action( 'login_init',          'send_frame_options_header',     10, 0 );
 
 // Feed Generator Tags
 foreach ( array( 'rss2_head', 'commentsrss2_head', 'rss_head', 'rdf_header', 'atom_head', 'comments_atom_head', 'opml_head', 'app_head' ) as $action ) {
@@ -246,6 +254,8 @@ add_action( 'save_post',                  '_save_post_hook',          5, 2 );
 add_action( 'transition_post_status',     '_transition_post_status',  5, 3 );
 add_action( 'comment_form', 'wp_comment_form_unfiltered_html_nonce'        );
 add_action( 'wp_scheduled_delete',        'wp_scheduled_delete'            );
+add_action( 'admin_init',                 'send_frame_options_header', 10, 0 );
+add_action( 'importer_scheduled_cleanup', 'wp_delete_attachment'           );
 
 // Navigation menu actions
 add_action( 'delete_post',                '_wp_delete_post_menu_item'      );

wp-includes/formatting.php

@@ -718,7 +718,7 @@ function sanitize_file_name( $filename ) {
 		if ( preg_match("/^[a-zA-Z]{2,5}\d?$/", $part) ) {
 			$allowed = false;
 			foreach ( $mimes as $ext_preg => $mime_match ) {
-				$ext_preg = '!(^' . $ext_preg . ')$!i';
+				$ext_preg = '!^(' . $ext_preg . ')$!i';
 				if ( preg_match( $ext_preg, $part ) ) {
 					$allowed = true;
 					break;
@@ -1386,7 +1386,11 @@ function _make_email_clickable_cb($matches) {
 function make_clickable($ret) {
 	$ret = ' ' . $ret;
 	// in testing, using arrays here was found to be faster
-	$ret = preg_replace_callback('#(?<!=[\'"])(?<=[*\')+.,;:!&$\s>])(\()?([\w]+?://(?:[\w\\x80-\\xff\#%~/?@\[\]-]|[\'*(+.,;:!=&$](?![\b\)]|(\))?([\s]|$))|(?(1)\)(?![\s<.,;:]|$)|\)))+)#is', '_make_url_clickable_cb', $ret);
+	$save = @ini_set('pcre.recursion_limit', 10000);
+	$retval = preg_replace_callback('#(?<!=[\'"])(?<=[*\')+.,;:!&$\s>])(\()?([\w]+?://(?:[\w\\x80-\\xff\#%~/?@\[\]-]{1,2000}|[\'*(+.,;:!=&$](?![\b\)]|(\))?([\s]|$))|(?(1)\)(?![\s<.,;:]|$)|\)))+)#is', '_make_url_clickable_cb', $ret);
+	if (null !== $retval )
+		$ret = $retval;
+	@ini_set('pcre.recursion_limit', $save);
 	$ret = preg_replace_callback('#([\s>])((www|ftp)\.[\w\\x80-\\xff\#$%&~/.\-;:=,?@\[\]+]+)#is', '_make_web_ftp_clickable_cb', $ret);
 	$ret = preg_replace_callback('#([\s>])([.0-9a-z_+-]+)@(([0-9a-z-]+\.)+[0-9a-z]{2,})#i', '_make_email_clickable_cb', $ret);
 	// this one is not in an array because we need it to run last, for cleanup of accidental links within links
@@ -2436,7 +2440,14 @@ function sanitize_option($option, $value) {
 					add_settings_error('admin_email', 'invalid_admin_email', __('The email address entered did not appear to be a valid email address. Please enter a valid email address.'));
 			}
 			break;
-
+		case 'new_admin_email':
+			$value = sanitize_email($value);
+			if ( !is_email($value) ) {
+				$value = get_option( $option ); // Resets option to stored value in the case of failed sanitization
+				if ( function_exists('add_settings_error') )
+					add_settings_error('new_admin_email', 'invalid_admin_email', __('The email address entered did not appear to be a valid email address. Please enter a valid email address.'));
+			}
+			break;
 		case 'thumbnail_size_w':
 		case 'thumbnail_size_h':
 		case 'medium_size_w':
@@ -2530,6 +2541,11 @@ function sanitize_option($option, $value) {
 					add_settings_error('home', 'invalid_home', __('The Site address you entered did not appear to be a valid URL. Please enter a valid URL.'));
 			}
 			break;
+		case 'WPLANG':
+			$allowed = get_available_languages();
+			if ( ! in_array( $value, $allowed ) && ! empty( $value ) )
+				$value = get_option( $option );
+			break;
 
 		default :
 			$value = apply_filters("sanitize_option_{$option}", $value, $option);
@@ -2734,10 +2750,10 @@ function wp_html_excerpt( $str, $count ) {
  * @return string The processed content.
  */
 function links_add_base_url( $content, $base, $attrs = array('src', 'href') ) {
+	global $_links_add_base;
+	$_links_add_base = $base;
 	$attrs = implode('|', (array)$attrs);
-	return preg_replace_callback("!($attrs)=(['\"])(.+?)\\2!i",
-			create_function('$m', 'return _links_add_base($m, "' . $base . '");'),
-			$content);
+	return preg_replace_callback( "!($attrs)=(['\"])(.+?)\\2!i", '_links_add_base', $content );
 }
 
 /**
@@ -2747,14 +2763,14 @@ function links_add_base_url( $content, $base, $attrs = array('src', 'href') ) {
  * @access private
  *
  * @param string $m The matched link.
- * @param string $base The base URL to prefix to links.
  * @return string The processed link.
  */
-function _links_add_base($m, $base) {
+function _links_add_base($m) {
+	global $_links_add_base;
 	//1 = attribute name  2 = quotation mark  3 = URL
 	return $m[1] . '=' . $m[2] .
 		(strpos($m[3], 'http://') === false ?
-			path_join($base, $m[3]) :
+			path_join($_links_add_base, $m[3]) :
 			$m[3])
 		. $m[2];
 }
@@ -2775,10 +2791,10 @@ function _links_add_base($m, $base) {
  * @return string The processed content.
  */
 function links_add_target( $content, $target = '_blank', $tags = array('a') ) {
+	global $_links_add_target;
+	$_links_add_target = $target;
 	$tags = implode('|', (array)$tags);
-	return preg_replace_callback("!<($tags)(.+?)>!i",
-			create_function('$m', 'return _links_add_target($m, "' . $target . '");'),
-			$content);
+	return preg_replace_callback( "!<($tags)(.+?)>!i", '_links_add_target', $content );
 }
 
 /**
@@ -2788,13 +2804,13 @@ function links_add_target( $content, $target = '_blank', $tags = array('a') ) {
  * @access private
  *
  * @param string $m The matched link.
- * @param string $target The Target to add to the links.
  * @return string The processed link.
  */
-function _links_add_target( $m, $target ) {
+function _links_add_target( $m ) {
+	global $_links_add_target;
 	$tag = $m[1];
 	$link = preg_replace('|(target=[\'"](.*?)[\'"])|i', '', $m[2]);
-	return '<' . $tag . $link . ' target="' . $target . '">';
+	return '<' . $tag . $link . ' target="' . esc_attr( $_links_add_target ) . '">';
 }
 
 // normalize EOL characters and strip duplicate whitespace
@@ -2899,4 +2915,17 @@ function capital_P_dangit( $text ) {
 
 }
 
+/**
+ * Sanitize a mime type
+ *
+ * @since 3.1.3
+ *
+ * @param string $mime_type Mime type
+ * @return string Sanitized mime type
+ */
+function sanitize_mime_type( $mime_type ) {
+	$sani_mime_type = preg_replace( '/[^-+*.a-zA-Z0-9\/]/', '', $mime_type );
+	return apply_filters( 'sanitize_mime_type', $sani_mime_type, $mime_type );
+}
+
 ?>

wp-includes/functions.php

@@ -3034,6 +3034,9 @@ function wp_array_slice_assoc( $array, $keys ) {
  * @return array A list of objects or object fields
  */
 function wp_filter_object_list( $list, $args = array(), $operator = 'and', $field = false ) {
+	if ( ! is_array( $list ) )
+		return array();
+
 	$list = wp_list_filter( $list, $args, $operator );
 
 	if ( $field )
@@ -3057,6 +3060,9 @@ function wp_filter_object_list( $list, $args = array(), $operator = 'and', $fiel
  * @return array
  */
 function wp_list_filter( $list, $args = array(), $operator = 'AND' ) {
+	if ( ! is_array( $list ) )
+		return array();
+
 	if ( empty( $args ) )
 		return $list;
 
@@ -3066,7 +3072,7 @@ function wp_list_filter( $list, $args = array(), $operator = 'AND' ) {
 
 	foreach ( $list as $key => $obj ) {
 		$matched = count( array_intersect_assoc( (array) $obj, $args ) );
-		if ( ( 'AND' == $operator && $matched == $count ) 
+		if ( ( 'AND' == $operator && $matched == $count )
 		  || ( 'OR' == $operator && $matched <= $count )
 		  || ( 'NOT' == $operator && 0 == $matched ) ) {
 			$filtered[$key] = $obj;
@@ -4296,7 +4302,7 @@ function get_file_data( $file, $default_headers, $context = '' ) {
 	}
 
 	foreach ( $all_headers as $field => $regex ) {
-		preg_match( '/^[ \t\/*#]*' . preg_quote( $regex, '/' ) . ':(.*)$/mi', $file_data, ${$field});
+		preg_match( '/^[ \t\/*#@]*' . preg_quote( $regex, '/' ) . ':(.*)$/mi', $file_data, ${$field});
 		if ( !empty( ${$field} ) )
 			${$field} = _cleanup_header_comment( ${$field}[1] );
 		else
@@ -4476,4 +4482,16 @@ function wp_find_hierarchy_loop_tortoise_hare( $callback, $start, $override = ar
 	return false;
 }
 
+/**
+ * Send a HTTP header to limit rendering of pages to same origin iframes.
+ *
+ * @link https://developer.mozilla.org/en/the_x-frame-options_response_header
+ *
+ * @since 3.1.3
+ * @return none
+ */
+function send_frame_options_header() {
+	@header( 'X-Frame-Options: SAMEORIGIN' );
+}
+
 ?>

wp-includes/js/admin-bar.dev.js

@@ -53,11 +53,11 @@
 		/* remove the hover class for any objects not in the immediate element's ancestry */
 		i = q.length;
 		while ( i-- ) {
-			inA = false;	
+			inA = false;
 			ancestorLength = ancestors.length;
 			while( ancestorLength-- ) {
-				if ( ancestors[ ancestorLength ] == q[i][1] ) 
-					inA = true;	
+				if ( ancestors[ ancestorLength ] == q[i][1] )
+					inA = true;
 			}
 
 			if ( ! inA )

wp-includes/js/swfupload/license.txt

@@ -0,0 +1,32 @@
+/**
+ * SWFUpload: http://www.swfupload.org, http://swfupload.googlecode.com
+ *
+ * mmSWFUpload 1.0: Flash upload dialog - http://profandesign.se/swfupload/,  http://www.vinterwebb.se/
+ *
+ * SWFUpload is (c) 2006-2007 Lars Huring, Olov Nilzén and Mammon Media and is released under the MIT License:
+ * http://www.opensource.org/licenses/mit-license.php
+ *
+ * SWFUpload 2 is (c) 2007-2008 Jake Roberts and is released under the MIT License:
+ * http://www.opensource.org/licenses/mit-license.php
+ *
+ */
+
+The MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

wp-includes/link-template.php

@@ -847,6 +847,8 @@ function get_post_type_archive_link( $post_type ) {
 		$struct = ( true === $post_type_obj->has_archive ) ? $post_type_obj->rewrite['slug'] : $post_type_obj->has_archive;
 		if ( $post_type_obj->rewrite['with_front'] )
 			$struct = $wp_rewrite->front . $struct;
+		else
+			$struct = $wp_rewrite->root . $struct;
 		$link = home_url( user_trailingslashit( $struct, 'post_type_archive' ) );
 	} else {
 		$link = home_url( '?post_type=' . $post_type );
@@ -2411,7 +2413,7 @@ function wp_shortlink_wp_head() {
 	if ( empty( $shortlink ) )
 		return;
 
-	echo "<link rel='shortlink' href='" . esc_url_raw( $shortlink ) . "' />\n";
+	echo "<link rel='shortlink' href='" . esc_url( $shortlink ) . "' />\n";
 }
 
 /**

wp-includes/meta.php

@@ -45,6 +45,7 @@ function add_metadata($meta_type, $object_id, $meta_key, $meta_value, $unique =
 	// expected_slashed ($meta_key)
 	$meta_key = stripslashes($meta_key);
 	$meta_value = stripslashes_deep($meta_value);
+	$meta_value = sanitize_meta( $meta_key, $meta_value, $meta_type );
 
 	$check = apply_filters( "add_{$meta_type}_metadata", null, $object_id, $meta_key, $meta_value, $unique );
 	if ( null !== $check )
@@ -113,6 +114,7 @@ function update_metadata($meta_type, $object_id, $meta_key, $meta_value, $prev_v
 	// expected_slashed ($meta_key)
 	$meta_key = stripslashes($meta_key);
 	$meta_value = stripslashes_deep($meta_value);
+	$meta_value = sanitize_meta( $meta_key, $meta_value, $meta_type );
 
 	$check = apply_filters( "update_{$meta_type}_metadata", null, $object_id, $meta_key, $meta_value, $prev_value );
 	if ( null !== $check )
@@ -368,19 +370,19 @@ function update_meta_cache($meta_type, $object_ids) {
  *		Possible values: 'NUMERIC', 'BINARY', 'CHAR', 'DATE', 'DATETIME', 'DECIMAL', 'SIGNED', 'TIME', 'UNSIGNED'.
  *		Default: 'CHAR'
  *
- * @param string $meta_type
+ * @param string $type Type of meta
  * @param string $primary_table
  * @param string $primary_id_column
  * @param object $context (optional) The main query object
  * @return array( 'join' => $join_sql, 'where' => $where_sql )
  */
-function _get_meta_sql( $meta_query, $meta_type, $primary_table, $primary_id_column, $context = null ) {
+function _get_meta_sql( $meta_query, $type, $primary_table, $primary_id_column, $context = null ) {
 	global $wpdb;
 
-	if ( ! $meta_table = _get_meta_table( $meta_type ) )
+	if ( ! $meta_table = _get_meta_table( $type ) )
 		return false;
 
-	$meta_id_column = esc_sql( $meta_type . '_id' );
+	$meta_id_column = esc_sql( $type . '_id' );
 
 	$join = '';
 	$where = '';
@@ -442,7 +444,7 @@ function _get_meta_sql( $meta_query, $meta_type, $primary_table, $primary_id_col
 		$where .= $wpdb->prepare( " AND CAST($alias.meta_value AS {$meta_type}) {$meta_compare} {$meta_compare_string}", $meta_value );
 	}
 
-	return apply_filters_ref_array( 'get_meta_sql', array( compact( 'join', 'where' ), $meta_query, $meta_type, $primary_table, $primary_id_column, &$context ) );
+	return apply_filters_ref_array( 'get_meta_sql', array( compact( 'join', 'where' ), $meta_query, $type, $primary_table, $primary_id_column, &$context ) );
 }
 
 /**
@@ -488,4 +490,33 @@ function _get_meta_table($type) {
 
 	return $wpdb->$table_name;
 }
+
+/**
+ * Determine whether a meta key is protected
+ *
+ * @since 3.1.3
+ *
+ * @param string $meta_key Meta key
+ * @return bool True if the key is protected, false otherwise.
+ */
+function is_protected_meta( $meta_key, $meta_type = null ) {
+	$protected = (  '_' == $meta_key[0] );
+
+	return apply_filters( 'is_protected_meta', $protected, $meta_key, $meta_type );
+}
+
+/**
+ * Sanitize meta value
+ *
+ * @since 3.1.3
+ *
+ * @param string $meta_key Meta key
+ * @param mixed $meta_value Meta value to sanitize
+ * @param string $meta_type Type of meta
+ * @return mixed Sanitized $meta_value
+ */
+function sanitize_meta( $meta_key, $meta_value, $meta_type = null ) {
+	return apply_filters( 'sanitize_meta', $meta_value, $meta_key, $meta_type );
+}
+
 ?>

wp-includes/ms-functions.php

@@ -209,8 +209,10 @@ function add_user_to_blog( $blog_id, $user_id, $role ) {
 
 	$user = new WP_User($user_id);
 
-	if ( empty( $user->ID ) )
+	if ( empty( $user->ID ) ) {
+		restore_current_blog();
 		return new WP_Error('user_does_not_exist', __('That user does not exist.'));
+	}
 
 	if ( !get_user_meta($user_id, 'primary_blog', true) ) {
 		update_user_meta($user_id, 'primary_blog', $blog_id);
@@ -269,8 +271,10 @@ function remove_user_from_blog($user_id, $blog_id = '', $reassign = '') {
 
 	// wp_revoke_user($user_id);
 	$user = new WP_User($user_id);
-	if ( empty( $user->ID ) )
+	if ( empty( $user->ID ) ) {
+		restore_current_blog();
 		return new WP_Error('user_does_not_exist', __('That user does not exist.'));
+	}
 
 	$user->remove_all_caps();
 

wp-includes/pluggable.php

@@ -835,7 +835,7 @@ function check_admin_referer($action = -1, $query_arg = '_wpnonce') {
 	$adminurl = strtolower(admin_url());
 	$referer = strtolower(wp_get_referer());
 	$result = isset($_REQUEST[$query_arg]) ? wp_verify_nonce($_REQUEST[$query_arg], $action) : false;
-	if ( !$result && !(-1 == $action && strpos($referer, $adminurl) !== false) ) {
+	if ( !$result && !(-1 == $action && strpos($referer, $adminurl) === 0) ) {
 		wp_nonce_ays($action);
 		die();
 	}

wp-includes/post-template.php

@@ -1100,9 +1100,8 @@ class Walker_PageDropdown extends Walker {
 		if ( $page->ID == $args['selected'] )
 			$output .= ' selected="selected"';
 		$output .= '>';
-		$title = esc_html($page->post_title);
 		$title = apply_filters( 'list_pages', $page->post_title );
-		$output .= "$pad$title";
+		$output .= $pad . esc_html( $title );
 		$output .= "</option>\n";
 	}
 }

wp-includes/post.php

@@ -487,6 +487,9 @@ function get_post_mime_type($ID = '') {
 function get_post_format( $post = null ) {
 	$post = get_post($post);
 
+	if ( ! post_type_supports( $post->post_type, 'post-formats' ) )
+		return false;
+
 	$_format = get_the_terms( $post->ID, 'post_format' );
 
 	if ( empty( $_format ) )
@@ -554,12 +557,18 @@ function get_post_status($ID = '') {
 	if ( !is_object($post) )
 		return false;
 
-	// Unattached attachments are assumed to be published.
-	if ( ('attachment' == $post->post_type) && ('inherit' == $post->post_status) && ( 0 == $post->post_parent) )
-		return 'publish';
+	if ( 'attachment' == $post->post_type ) {
+		if ( 'private' == $post->post_status )
+			return 'private';
 
-	if ( ('attachment' == $post->post_type) && $post->post_parent && ($post->ID != $post->post_parent) )
-		return get_post_status($post->post_parent);
+		// Unattached attachments are assumed to be published
+		if ( ( 'inherit' == $post->post_status ) && ( 0 == $post->post_parent) )
+			return 'publish';
+
+		// Inherit status from the parent
+		if ( $post->post_parent && ( $post->ID != $post->post_parent ) )
+			return get_post_status($post->post_parent);
+	}
 
 	return $post->post_status;
 }
@@ -982,6 +991,11 @@ function register_post_type($post_type, $args = array()) {
 
 		if ( $args->has_archive ) {
 			$archive_slug = $args->has_archive === true ? $args->rewrite['slug'] : $args->has_archive;
+			if ( $args->rewrite['with_front'] )
+				$archive_slug = substr( $wp_rewrite->front, 1 ) . $archive_slug;
+			else
+				$archive_slug = $wp_rewrite->root . $archive_slug;
+
 			$wp_rewrite->add_rule( "{$archive_slug}/?$", "index.php?post_type=$post_type", 'top' );
 			if ( $args->rewrite['feeds'] && $wp_rewrite->feeds ) {
 				$feeds = '(' . trim( implode( '|', $wp_rewrite->feeds ) ) . ')';
@@ -2396,6 +2410,9 @@ function wp_insert_post($postarr, $wp_error = false) {
 		'post_content' => '', 'post_title' => '');
 
 	$postarr = wp_parse_args($postarr, $defaults);
+
+	unset( $postarr[ 'filter' ] );
+
 	$postarr = sanitize_post($postarr, 'db');
 
 	// export array as variables
@@ -3407,6 +3424,43 @@ function &get_pages($args = '') {
 
 	$where_post_type = $wpdb->prepare( "post_type = '%s' AND post_status = '%s'", $post_type, $post_status );
 
+	$orderby_array = array();
+	$allowed_keys = array('author', 'post_author', 'date', 'post_date', 'title', 'post_title', 'modified',
+						  'post_modified', 'modified_gmt', 'post_modified_gmt', 'menu_order', 'parent', 'post_parent',
+						  'ID', 'rand', 'comment_count');
+	foreach ( explode( ',', $sort_column ) as $orderby ) {
+		$orderby = trim( $orderby );
+		if ( !in_array( $orderby, $allowed_keys ) )
+			continue;
+
+		switch ( $orderby ) {
+			case 'menu_order':
+				break;
+			case 'ID':
+				$orderby = "$wpdb->posts.ID";
+				break;
+			case 'rand':
+				$orderby = 'RAND()';
+				break;
+			case 'comment_count':
+				$orderby = "$wpdb->posts.comment_count";
+				break;
+			default:
+				if ( 0 === strpos( $orderby, 'post_' ) )
+					$orderby = "$wpdb->posts." . $orderby;
+				else
+					$orderby = "$wpdb->posts.post_" . $orderby;
+		}
+
+		$orderby_array[] = $orderby;
+
+	}
+	$sort_column = ! empty( $orderby_array ) ? implode( ',', $orderby_array ) : "$wpdb->posts.post_title";
+
+	$sort_order = strtoupper( $sort_order );
+	if ( '' !== $sort_order && !in_array( $sort_order, array( 'ASC', 'DESC' ) ) )
+		$sort_order = 'ASC';
+
 	$query = "SELECT * FROM $wpdb->posts $join WHERE ($where_post_type) $where ";
 	$query .= $author_query;
 	$query .= " ORDER BY " . $sort_column . " " . $sort_order ;
@@ -3524,15 +3578,17 @@ function is_local_attachment($url) {
 function wp_insert_attachment($object, $file = false, $parent = 0) {
 	global $wpdb, $user_ID;
 
-	$defaults = array('post_status' => 'draft', 'post_type' => 'post', 'post_author' => $user_ID,
+	$defaults = array('post_status' => 'inherit', 'post_type' => 'post', 'post_author' => $user_ID,
 		'ping_status' => get_option('default_ping_status'), 'post_parent' => 0,
 		'menu_order' => 0, 'to_ping' =>  '', 'pinged' => '', 'post_password' => '',
-		'guid' => '', 'post_content_filtered' => '', 'post_excerpt' => '', 'import_id' => 0);
+		'guid' => '', 'post_content_filtered' => '', 'post_excerpt' => '', 'import_id' => 0, 'context' => '');
 
 	$object = wp_parse_args($object, $defaults);
 	if ( !empty($parent) )
 		$object['post_parent'] = $parent;
 
+	unset( $object[ 'filter' ] );
+
 	$object = sanitize_post($object, 'db');
 
 	// export array as variables
@@ -3542,7 +3598,9 @@ function wp_insert_attachment($object, $file = false, $parent = 0) {
 		$post_author = $user_ID;
 
 	$post_type = 'attachment';
-	$post_status = 'inherit';
+
+	if ( ! in_array( $post_status, array( 'inherit', 'private' ) ) )
+		$post_status = 'inherit';
 
 	// Make sure we set a valid category.
 	if ( !isset($post_category) || 0 == count($post_category) || !is_array($post_category) ) {
@@ -3645,6 +3703,9 @@ function wp_insert_attachment($object, $file = false, $parent = 0) {
 	if ( isset($post_parent) && $post_parent < 0 )
 		add_post_meta($post_ID, '_wp_attachment_temp_parent', $post_parent, true);
 
+	if ( ! empty( $context ) )
+		add_post_meta( $post_ID, '_wp_attachment_context', $context, true );
+
 	if ( $update) {
 		do_action('edit_attachment', $post_ID);
 	} else {
@@ -5066,27 +5127,26 @@ function get_post_format_strings() {
 }
 
 /**
- * Retrieves an array of (translated and sanitized) post format slugs.
+ * Retrieves an array of post format slugs.
  *
  * @since 3.1.0
  *
- * @uses sanitize_title_with_dashes()
- * @return array The array of (translated and sanitized) post format slugs.
+ * @return array The array of post format slugs.
  */
 function get_post_format_slugs() {
+	// 3.2-early: use array_combine() and array_keys( get_post_format_strings() )
 	$slugs = array(
-		'standard' => _x( 'standard', 'Post format slug' ),
-		'aside'    => _x( 'aside',    'Post format slug' ),
-		'chat'     => _x( 'chat',     'Post format slug' ),
-		'gallery'  => _x( 'gallery',  'Post format slug' ),
-		'link'     => _x( 'link',     'Post format slug' ),
-		'image'    => _x( 'image',    'Post format slug' ),
-		'quote'    => _x( 'quote',    'Post format slug' ),
-		'status'   => _x( 'status',   'Post format slug' ),
-		'video'    => _x( 'video',    'Post format slug' ),
-		'audio'    => _x( 'audio',    'Post format slug' ),
+		'standard' => 'standard', // Special case. any value that evals to false will be considered standard
+		'aside'    => 'aside',
+		'chat'     => 'chat',
+		'gallery'  => 'gallery',
+		'link'     => 'link',
+		'image'    => 'image',
+		'quote'    => 'quote',
+		'status'   => 'status',
+		'video'    => 'video',
+		'audio'    => 'audio',
 	);
-	$slugs = array_map( 'sanitize_title_with_dashes', $slugs );
 	return $slugs;
 }
 
@@ -5152,7 +5212,7 @@ function get_post_format_link( $format ) {
 function _post_format_request( $qvs ) {
 	if ( ! isset( $qvs['post_format'] ) )
 		return $qvs;
-	$slugs = array_flip( get_post_format_slugs() );
+	$slugs = get_post_format_slugs();
 	if ( isset( $slugs[ $qvs['post_format'] ] ) )
 		$qvs['post_format'] = 'post-format-' . $slugs[ $qvs['post_format'] ];
 	$tax = get_taxonomy( 'post_format' );
@@ -5171,9 +5231,8 @@ function _post_format_link( $link, $term, $taxonomy ) {
 	global $wp_rewrite;
 	if ( 'post_format' != $taxonomy )
 		return $link;
-	$slugs = get_post_format_slugs();
 	if ( $wp_rewrite->get_extra_permastruct( $taxonomy ) ) {
-		return str_replace( "/{$term->slug}", '/' . $slugs[ str_replace( 'post-format-', '', $term->slug ) ], $link );
+		return str_replace( "/{$term->slug}", '/' . str_replace( 'post-format-', '', $term->slug ), $link );
 	} else {
 		$link = remove_query_arg( 'post_format', $link );
 		return add_query_arg( 'post_format', str_replace( 'post-format-', '', $term->slug ), $link );
@@ -5235,4 +5294,4 @@ function _post_format_wp_get_object_terms( $terms ) {
 }
 add_filter( 'wp_get_object_terms', '_post_format_wp_get_object_terms' );
 
-?>
+?>

wp-includes/query.php

@@ -1231,13 +1231,22 @@ class WP_Query {
 	var $is_post_type_archive = false;
 
 	/**
-	 * Whether the tax query has been parsed once.
+	 * Stores the ->query_vars state like md5(serialize( $this->query_vars ) ) so we know
+	 * whether we have to re-parse because something has changed
 	 *
 	 * @since 3.1.0
 	 * @access private
-	 * @var bool
 	 */
-	var $parsed_tax_query = false;
+	var $query_vars_hash = false;
+
+	/**
+	 * Whether query vars have changed since the initial parse_query() call.  Used to catch modifications to query vars made
+	 * via pre_get_posts hooks.
+	 *
+	 * @since 3.1.1
+	 * @access private
+	 */
+	var $query_vars_changed = true;
 
 	/**
 	 * Resets query flags to false.
@@ -1312,7 +1321,7 @@ class WP_Query {
 	 * @access public
 	 */
 	function parse_query_vars() {
-		$this->parse_query('');
+		$this->parse_query();
 	}
 
 	/**
@@ -1383,16 +1392,19 @@ class WP_Query {
 	 * @since 1.5.0
 	 * @access public
 	 *
-	 * @param string|array $query
+	 * @param string|array $query Optional query.
 	 */
-	function parse_query($query) {
-		if ( !empty($query) || !isset($this->query) ) {
+	function parse_query( $query =  '' ) {
+		if ( ! empty( $query ) ) {
 			$this->init();
-			$this->query = $this->query_vars = wp_parse_args($query);
+			$this->query = $this->query_vars = wp_parse_args( $query );
+		} elseif ( ! isset( $this->query ) ) {
+			$this->query = $this->query_vars;
 		}
 
 		$this->query_vars = $this->fill_query_vars($this->query_vars);
 		$qv = &$this->query_vars;
+		$this->query_vars_changed = true;
 
 		if ( ! empty($qv['robots']) )
 			$this->is_robots = true;
@@ -1494,11 +1506,11 @@ class WP_Query {
 				$this->is_date = true;
 			}
 
-			$this->parsed_tax_query = false;
+			$this->query_vars_hash = false;
 			$this->parse_tax_query( $qv );
 
 			foreach ( $this->tax_query->queries as $tax_query ) {
-				if ( 'IN' == $tax_query['operator'] ) {
+				if ( 'NOT IN' != $tax_query['operator'] ) {
 					switch ( $tax_query['taxonomy'] ) {
 						case 'category':
 							$this->is_category = true;
@@ -1568,7 +1580,7 @@ class WP_Query {
 
 		// Correct is_* for page_on_front and page_for_posts
 		if ( $this->is_home && 'page' == get_option('show_on_front') && get_option('page_on_front') ) {
-			$_query = wp_parse_args($query);
+			$_query = wp_parse_args($this->query);
 			// pagename can be set and empty depending on matched rewrite rules. Ignore an empty pagename.
 			if ( isset($_query['pagename']) && '' == $_query['pagename'] )
 				unset($_query['pagename']);
@@ -1613,8 +1625,12 @@ class WP_Query {
 				$qv['post_type'] = sanitize_key($qv['post_type']);
 		}
 
-		if ( !empty($qv['post_status']) )
-			$qv['post_status'] = preg_replace('|[^a-z0-9_,-]|', '', $qv['post_status']);
+		if ( ! empty( $qv['post_status'] ) ) {
+			if ( is_array( $qv['post_status'] ) )
+				$qv['post_status'] = array_map('sanitize_key', $qv['post_status']);
+			else
+				$qv['post_status'] = preg_replace('|[^a-z0-9_,-]|', '', $qv['post_status']);
+		}
 
 		if ( $this->is_posts_page && ( ! isset($qv['withcomments']) || ! $qv['withcomments'] ) )
 			$this->is_comment_feed = false;
@@ -1625,8 +1641,10 @@ class WP_Query {
 		if ( '404' == $qv['error'] )
 			$this->set_404();
 
-		if ( !empty($query) )
-			do_action_ref_array('parse_query', array(&$this));
+		$this->query_vars_hash = md5( serialize( $this->query_vars ) );
+		$this->query_vars_changed = false;
+
+		do_action_ref_array('parse_query', array(&$this));
 	}
 
 	/*
@@ -1653,6 +1671,9 @@ class WP_Query {
 		}
 
 		foreach ( $GLOBALS['wp_taxonomies'] as $taxonomy => $t ) {
+			if ( 'post_tag' == $taxonomy )
+				continue;	// Handled further down in the $q['tag'] block
+
 			if ( $t->query_var && !empty( $q[$t->query_var] ) ) {
 				$tax_query_defaults = array(
 					'taxonomy' => $taxonomy,
@@ -1681,7 +1702,7 @@ class WP_Query {
 		}
 
 		// Category stuff
-		if ( !empty($q['cat']) && '0' != $q['cat'] && !$this->is_singular && !$this->parsed_tax_query ) {
+		if ( !empty($q['cat']) && '0' != $q['cat'] && !$this->is_singular && $this->query_vars_changed ) {
 			$q['cat'] = ''.urldecode($q['cat']).'';
 			$q['cat'] = addslashes_gpc($q['cat']);
 			$cat_array = preg_split('/[,\s]+/', $q['cat']);
@@ -1719,7 +1740,7 @@ class WP_Query {
 				'taxonomy' => 'category',
 				'terms' => $q['category__not_in'],
 				'operator' => 'NOT IN',
-				'include_children' => false 
+				'include_children' => false
 			);
 		}
 
@@ -1735,7 +1756,7 @@ class WP_Query {
 		}
 
 		// Tag stuff
-		if ( '' != $q['tag'] && !$this->is_singular && !$this->parsed_tax_query ) {
+		if ( '' != $q['tag'] && !$this->is_singular && $this->query_vars_changed ) {
 			if ( strpos($q['tag'], ',') !== false ) {
 				$tags = preg_split('/[,\s]+/', $q['tag']);
 				foreach ( (array) $tags as $tag ) {
@@ -1789,7 +1810,7 @@ class WP_Query {
 		}
 
 		if ( !empty($q['tag_slug__in']) ) {
-			$q['tag_slug__in'] = array_map('sanitize_title', (array) $q['tag_slug__in']);
+			$q['tag_slug__in'] = array_map('sanitize_title', array_unique( (array) $q['tag_slug__in'] ) );
 			$tax_query[] = array(
 				'taxonomy' => 'post_tag',
 				'terms' => $q['tag_slug__in'],
@@ -1798,7 +1819,7 @@ class WP_Query {
 		}
 
 		if ( !empty($q['tag_slug__and']) ) {
-			$q['tag_slug__and'] = array_map('sanitize_title', (array) $q['tag_slug__and']);
+			$q['tag_slug__and'] = array_map('sanitize_title', array_unique( (array) $q['tag_slug__and'] ) );
 			$tax_query[] = array(
 				'taxonomy' => 'post_tag',
 				'terms' => $q['tag_slug__and'],
@@ -1807,8 +1828,6 @@ class WP_Query {
 			);
 		}
 
-		$this->parsed_tax_query = true;
-
 		$this->tax_query = new WP_Tax_Query( $tax_query );
 	}
 
@@ -1871,13 +1890,24 @@ class WP_Query {
 	function &get_posts() {
 		global $wpdb, $user_ID, $_wp_using_ext_object_cache;
 
+		$this->parse_query();
+
 		do_action_ref_array('pre_get_posts', array(&$this));
 
 		// Shorthand.
 		$q = &$this->query_vars;
 
+		// Fill again in case pre_get_posts unset some vars.
 		$q = $this->fill_query_vars($q);
 
+		// Set a flag if a pre_get_posts hook changed the query vars.
+		$hash = md5( serialize( $this->query_vars ) );
+		if ( $hash != $this->query_vars_hash ) {
+			$this->query_vars_changed = true;
+			$this->query_vars_hash = $hash;
+		}
+		unset($hash);
+
 		// First let's clear some variables
 		$distinct = '';
 		$whichauthor = '';
@@ -2144,12 +2174,14 @@ class WP_Query {
 		$search = apply_filters_ref_array('posts_search', array( $search, &$this ) );
 
 		// Taxonomies
-		$this->parse_tax_query( $q );
+		if ( !$this->is_singular ) {
+			$this->parse_tax_query( $q );
 
-		$clauses = $this->tax_query->get_sql( $wpdb->posts, 'ID' );
+			$clauses = $this->tax_query->get_sql( $wpdb->posts, 'ID' );
 
-		$join .= $clauses['join'];
-		$where .= $clauses['where'];
+			$join .= $clauses['join'];
+			$where .= $clauses['where'];
+		}
 
 		if ( $this->is_tax ) {
 			if ( empty($post_type) ) {
@@ -2203,10 +2235,6 @@ class WP_Query {
 			}
 		}
 
-		if ( !empty( $this->tax_query->queries ) || !empty( $q['meta_key'] ) ) {
-			$groupby = "{$wpdb->posts}.ID";
-		}
-
 		// Author/user stuff
 
 		if ( empty($q['author']) || ($q['author'] == '0') ) {
@@ -2361,13 +2389,15 @@ class WP_Query {
 			$read_private_cap = 'read_private_' . $post_type_cap . 's';
 		}
 
-		if ( isset($q['post_status']) && '' != $q['post_status'] ) {
+		if ( ! empty( $q['post_status'] ) ) {
 			$statuswheres = array();
-			$q_status = explode(',', $q['post_status']);
+			$q_status = $q['post_status'];
+			if ( ! is_array( $q_status ) )
+				$q_status = explode(',', $q_status);
 			$r_status = array();
 			$p_status = array();
 			$e_status = array();
-			if ( $q['post_status'] == 'any' ) {
+			if ( in_array('any', $q_status) ) {
 				foreach ( get_post_stati( array('exclude_from_search' => true) ) as $status )
 					$e_status[] = "$wpdb->posts.post_status <> '$status'";
 			} else {
@@ -2436,12 +2466,26 @@ class WP_Query {
 			$where .= ')';
 		}
 
+		// Parse the meta query again if query vars have changed.
+		if ( $this->query_vars_changed ) {
+			$meta_query_hash = md5( serialize( $q['meta_query'] ) );
+			$_meta_query = $q['meta_query'];
+			unset( $q['meta_query'] );
+			_parse_meta_query( $q );
+			if ( md5( serialize( $q['meta_query'] ) ) != $meta_query_hash && is_array( $_meta_query ) )
+				$q['meta_query'] = array_merge( $_meta_query, $q['meta_query'] );
+		}
+
 		if ( !empty( $q['meta_query'] ) ) {
 			$clauses = call_user_func_array( '_get_meta_sql', array( $q['meta_query'], 'post', $wpdb->posts, 'ID', &$this) );
 			$join .= $clauses['join'];
 			$where .= $clauses['where'];
 		}
 
+		if ( ! empty( $this->tax_query->queries ) || ! empty( $q['meta_query'] ) ) {
+			$groupby = "{$wpdb->posts}.ID";
+		}
+
 		// Apply filters on where and join prior to paging so that any
 		// manipulations to them are reflected in the paging by day queries.
 		if ( !$q['suppress_filters'] ) {
@@ -2851,8 +2895,9 @@ class WP_Query {
 	 * @param string $query URL query string.
 	 * @return array List of posts.
 	 */
-	function &query($query) {
-		$this->parse_query($query);
+	function &query( $query ) {
+		$this->init();
+		$this->query = $this->query_vars = wp_parse_args( $query );
 		return $this->get_posts();
 	}
 
@@ -2888,6 +2933,9 @@ class WP_Query {
 			if ( $term && ! is_wp_error($term) )  {
 				$this->queried_object = $term;
 				$this->queried_object_id = (int) $term->term_id;
+
+				if ( $this->is_category )
+					_make_cat_compat( $this->queried_object );
 			}
 		} elseif ( $this->is_post_type_archive ) {
 			$this->queried_object = get_post_type_object( $this->get('post_type') );

wp-includes/rewrite.php

@@ -1857,6 +1857,8 @@ class WP_Rewrite {
 	function add_permastruct($name, $struct, $with_front = true, $ep_mask = EP_NONE) {
 		if ( $with_front )
 			$struct = $this->front . $struct;
+		else
+			$struct = $this->root . $struct;
 		$this->extra_permastructs[$name] = array($struct, $ep_mask);
 	}
 

wp-includes/script-loader.php

@@ -259,10 +259,10 @@ function wp_default_scripts( &$scripts ) {
 		'l10n_print_after' => 'try{convertEntities(pwsL10n);}catch(e){};'
 	) );
 
-	$scripts->add( 'user-profile', "/wp-admin/js/user-profile$suffix.js", array( 'jquery', 'password-strength-meter' ), '20110113' );
+	$scripts->add( 'user-profile', "/wp-admin/js/user-profile$suffix.js", array( 'jquery', 'password-strength-meter' ), '20110628' );
 	$scripts->add_data( 'user-profile', 'group', 1 );
 
-	$scripts->add( 'admin-bar', "/wp-includes/js/admin-bar$suffix.js", false, '20110112a' );
+	$scripts->add( 'admin-bar', "/wp-includes/js/admin-bar$suffix.js", false, '20110131' );
 	$scripts->add_data( 'admin-bar', 'group', 1 );
 
 	$scripts->add( 'wplink', "/wp-includes/js/tinymce/plugins/wplink/js/wplink$suffix.js", array('jquery'), '20110111' );
@@ -312,7 +312,7 @@ function wp_default_scripts( &$scripts ) {
 		$scripts->add( 'postbox', "/wp-admin/js/postbox$suffix.js", array('jquery-ui-sortable'), '20091012' );
 		$scripts->add_data( 'postbox', 'group', 1 );
 
-		$scripts->add( 'post', "/wp-admin/js/post$suffix.js", array('suggest', 'wp-lists', 'postbox'), '20101222' );
+		$scripts->add( 'post', "/wp-admin/js/post$suffix.js", array('suggest', 'wp-lists', 'postbox'), '20110203' );
 		$scripts->add_data( 'post', 'group', 1 );
 		$scripts->localize( 'post', 'postL10n', array(
 			'tagsUsed' =>  __('Tags used on this post:'),
@@ -471,7 +471,7 @@ function wp_default_styles( &$styles ) {
 	// Any rtl stylesheets that don't have a .dev version for ltr
 	$no_suffix = array( 'farbtastic' );
 
-	$styles->add( 'wp-admin', "/wp-admin/css/wp-admin$suffix.css", array(), '20110127' );
+	$styles->add( 'wp-admin', "/wp-admin/css/wp-admin$suffix.css", array(), '20110214' );
 
 	$styles->add( 'ie', "/wp-admin/css/ie$suffix.css", array(), '20101102' );
 	$styles->add_data( 'ie', 'conditional', 'lte IE 7' );
@@ -502,7 +502,7 @@ function wp_default_styles( &$styles ) {
 	$styles->add( 'jcrop', '/wp-includes/js/jcrop/jquery.Jcrop.css', array(), '0.9.8' );
 	$styles->add( 'imgareaselect', '/wp-includes/js/imgareaselect/imgareaselect.css', array(), '0.9.1' );
 	$styles->add( 'nav-menu', "/wp-admin/css/nav-menu$suffix.css", array(), '20100907' );
-	$styles->add( 'admin-bar', "/wp-includes/css/admin-bar$suffix.css", array(), '20110122' );
+	$styles->add( 'admin-bar', "/wp-includes/css/admin-bar$suffix.css", array(), '20110325' );
 	$styles->add( 'wp-jquery-ui-dialog', "/wp-includes/css/jquery-ui-dialog$suffix.css", array(), '20101224' );
 	$styles->add( 'wplink', "/wp-includes/js/tinymce/plugins/wplink/css/wplink$suffix.css", array(), '20101224' );
 

wp-includes/taxonomy.php

@@ -15,6 +15,8 @@
  * Creates the initial taxonomies when 'init' action is fired.
  */
 function create_initial_taxonomies() {
+	global $wp_rewrite;
+
 	register_taxonomy( 'category', 'post', array(
 		'hierarchical' => true,
 	 	'update_count_callback' => '_update_post_term_count',
@@ -22,7 +24,7 @@ function create_initial_taxonomies() {
 		'rewrite' => did_action( 'init' ) ? array(
 					'hierarchical' => true,
 					'slug' => get_option('category_base') ? get_option('category_base') : 'category',
-					'with_front' => false) : false,
+					'with_front' => ( get_option('category_base') && ! $wp_rewrite->using_index_permalinks() ) ? false : true ) : false,
 		'public' => true,
 		'show_ui' => true,
 		'_builtin' => true,
@@ -34,7 +36,7 @@ function create_initial_taxonomies() {
 		'query_var' => 'tag',
 		'rewrite' => did_action( 'init' ) ? array(
 					'slug' => get_option('tag_base') ? get_option('tag_base') : 'tag',
-					'with_front' => false) : false,
+					'with_front' => ( get_option('category_base') && ! $wp_rewrite->using_index_permalinks() ) ? false : true ) : false,
 		'public' => true,
 		'show_ui' => true,
 		'_builtin' => true,
@@ -87,8 +89,8 @@ function create_initial_taxonomies() {
 		'public' => true,
 		'hierarchical' => false,
 		'labels' => array(
-			'name' => __( 'Format' ),
-			'singular_name' => __( 'Format' ),
+			'name' => _x( 'Format', 'post format' ),
+			'singular_name' => _x( 'Format', 'post format' ),
 		),
 		'query_var' => true,
 		'rewrite' => $rewrite,
@@ -329,7 +331,7 @@ function register_taxonomy( $taxonomy, $object_type, $args = array() ) {
 			$tag = '([^/]+)';
 
 		$wp_rewrite->add_rewrite_tag("%$taxonomy%", $tag, $args['query_var'] ? "{$args['query_var']}=" : "taxonomy=$taxonomy&term=");
-		$wp_rewrite->add_permastruct($taxonomy, "{$wp_rewrite->root}{$args['rewrite']['slug']}/%$taxonomy%", $args['rewrite']['with_front']);
+		$wp_rewrite->add_permastruct($taxonomy, "{$args['rewrite']['slug']}/%$taxonomy%", $args['rewrite']['with_front']);
 	}
 
 	if ( is_null($args['show_ui']) )
@@ -887,7 +889,10 @@ function get_term_by($field, $value, $taxonomy, $output = OBJECT, $filter = 'raw
 		$value = stripslashes($value);
 		$field = 't.name';
 	} else {
-		return get_term( (int) $value, $taxonomy, $output, $filter);
+		$term = get_term( (int) $value, $taxonomy, $output, $filter);
+		if ( is_wp_error( $term ) )
+			$term = false;
+		return $term;
 	}
 
 	$term = $wpdb->get_row( $wpdb->prepare( "SELECT t.*, tt.* FROM $wpdb->terms AS t INNER JOIN $wpdb->term_taxonomy AS tt ON t.term_id = tt.term_id WHERE tt.taxonomy = %s AND $field = %s LIMIT 1", $taxonomy, $value) );
@@ -1189,6 +1194,8 @@ function &get_terms($taxonomies, $args = '') {
 		$orderby = '';
 	elseif ( empty($_orderby) || 'id' == $_orderby )
 		$orderby = 't.term_id';
+	else
+		$orderby = 't.name';
 
 	$orderby = apply_filters( 'get_terms_orderby', $orderby, $args );
 
@@ -1197,6 +1204,10 @@ function &get_terms($taxonomies, $args = '') {
 	else
 		$order = '';
 
+	$order = strtoupper( $order );
+	if ( '' !== $order && !in_array( $order, array( 'ASC', 'DESC' ) ) )
+		$order = 'ASC';
+
 	$where = "tt.taxonomy IN ('" . implode("', '", $taxonomies) . "')";
 	$inclusions = '';
 	if ( !empty($include) ) {
@@ -1250,8 +1261,10 @@ function &get_terms($taxonomies, $args = '') {
 		$where .= " AND t.slug = '$slug'";
 	}
 
-	if ( !empty($name__like) )
-		$where .= " AND t.name LIKE '" . like_escape( $name__like ) . "%'";
+	if ( !empty($name__like) ) {
+		$name__like = like_escape( $name__like );
+		$where .= $wpdb->prepare( " AND t.name LIKE %s", $name__like . '%' );
+	}
 
 	if ( '' !== $parent ) {
 		$parent = (int) $parent;
@@ -1273,7 +1286,7 @@ function &get_terms($taxonomies, $args = '') {
 
 	if ( !empty($search) ) {
 		$search = like_escape($search);
-		$where .= " AND (t.name LIKE '%$search%')";
+		$where .= $wpdb->prepare( " AND (t.name LIKE %s)", '%' . $search . '%');
 	}
 
 	$selects = array();
@@ -2842,7 +2855,9 @@ function get_term_link( $term, $taxonomy = '') {
 	$t = get_taxonomy($taxonomy);
 
 	if ( empty($termlink) ) {
-		if ( $t->query_var )
+		if ( 'category' == $taxonomy )
+			$termlink = '?cat=' . $term->term_id;
+		elseif ( $t->query_var )
 			$termlink = "?$t->query_var=$slug";
 		else
 			$termlink = "?taxonomy=$taxonomy&term=$slug";

wp-includes/theme.php

@@ -1435,7 +1435,7 @@ function get_header_image() {
 	else
 		$url = str_replace( 'https://', 'http://', $url );
 
-	return $url;
+	return esc_url_raw( $url );
 }
 
 /**

wp-includes/user.php

@@ -438,7 +438,7 @@ class WP_User_Query {
 			$where = get_posts_by_author_sql('post');
 			$this->query_from .= " LEFT OUTER JOIN (
 				SELECT post_author, COUNT(*) as post_count
-				FROM wp_posts
+				FROM $wpdb->posts
 				$where
 				GROUP BY post_author
 			) p ON ({$wpdb->users}.ID = p.post_author)
@@ -542,13 +542,13 @@ class WP_User_Query {
 	 */
 	function query() {
 		global $wpdb;
-		
+
 		if ( is_array( $this->query_vars['fields'] ) || 'all' == $this->query_vars['fields'] ) {
 			$this->results = $wpdb->get_results("SELECT $this->query_fields $this->query_from $this->query_where $this->query_orderby $this->query_limit");
 		} else {
 			$this->results = $wpdb->get_col("SELECT $this->query_fields $this->query_from $this->query_where $this->query_orderby $this->query_limit");
 		}
-		
+
 		if ( $this->query_vars['count_total'] )
 			$this->total_users = $wpdb->get_var("SELECT COUNT(*) $this->query_from $this->query_where");
 

wp-includes/version.php

@@ -22,21 +22,21 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  *
  * @global string $wp_version
  */
-$wp_version = '3.1-RC3-17365';
+$wp_version = '3.1.4';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
  *
  * @global int $wp_db_version
  */
-$wp_db_version = 17056;
+$wp_db_version = 17516;
 
 /**
  * Holds the TinyMCE version
  *
  * @global string $tinymce_version
  */
-$tinymce_version = '3393';
+$tinymce_version = '3393a';
 
 /**
  * Holds the cache manifest version

wp-includes/wp-db.php

@@ -644,6 +644,7 @@ class wpdb {
 		if ( is_multisite() ) {
 			if ( null === $blog_id )
 				$blog_id = $this->blogid;
+			$blog_id = (int) $blog_id;
 			if ( defined( 'MULTISITE' ) && ( 0 == $blog_id || 1 == $blog_id ) )
 				return $this->base_prefix;
 			else
@@ -1050,12 +1051,7 @@ class wpdb {
 <p>If you're unsure what these terms mean you should probably contact your host. If you still need help you can always visit the <a href='http://wordpress.org/support/'>WordPress Support Forums</a>.</p>
 "/*/WP_I18N_DB_CONN_ERROR*/, $this->dbhost ), 'db_connect_fail' );
 
-			// If show errors is disabled then we need to die anyway as we don't have a working DB connection
-			// unless we're trying to test the initial connection, in which case setup-config.php will handle.
-			if ( defined( 'WP_SETUP_CONFIG' ) )
-				return;
-
-			die();
+			return;
 		}
 
 		$this->set_charset( $this->dbh );

wp-login.php

@@ -79,7 +79,8 @@ function login_header($title = 'Log In', $message = '', $wp_error = '') {
 <?php
 	}
 
-	do_action('login_head'); ?>
+	do_action( 'login_enqueue_scripts' );
+	do_action( 'login_head' ); ?>
 </head>
 <body class="login">
 <?php   if ( !is_multisite() ) { ?>
@@ -367,7 +368,8 @@ if ( SITECOOKIEPATH != COOKIEPATH )
 	setcookie(TEST_COOKIE, 'WP Cookie check', 0, SITECOOKIEPATH, COOKIE_DOMAIN);
 
 // allow plugins to override the default actions, and to add extra actions if they want
-do_action('login_form_' . $action);
+do_action( 'login_init' );
+do_action( 'login_form_' . $action );
 
 $http_post = ('POST' == $_SERVER['REQUEST_METHOD']);
 switch ($action) {

wp-settings.php

@@ -258,7 +258,7 @@ load_default_textdomain();
 // Find the blog locale.
 $locale = get_locale();
 $locale_file = WP_LANG_DIR . "/$locale.php";
-if ( is_readable( $locale_file ) )
+if ( ( 0 === validate_file( $locale ) ) && is_readable( $locale_file ) )
 	require( $locale_file );
 unset($locale_file);