diff --git a/readme.html b/readme.html
index 164a542330dc5a24975ab03a620d6ddd989dba10..09f0376eb253447dee335cee4bdde77aa77668a5 100644
--- a/readme.html
+++ b/readme.html
@@ -9,7 +9,7 @@
<body>
<h1 id="logo">
<a href="https://wordpress.org/"><img alt="WordPress" src="wp-admin/images/wordpress-logo.png" /></a>
- <br /> Version 4.1.1
+ <br /> Version 4.1.3
</h1>
<p style="text-align: center">Semantic Personal Publishing Platform</p>
diff --git a/wp-admin/about.php b/wp-admin/about.php
index c8512135b29b3be794ce32dd7b0bc504202afec3..b0ec9a436614704898c1ca4009f535a0ec45012e 100644
--- a/wp-admin/about.php
+++ b/wp-admin/about.php
@@ -42,7 +42,15 @@ include( ABSPATH . 'wp-admin/admin-header.php' );
</h2>
<div class="changelog point-releases">
- <h3><?php echo _n( 'Maintenance Release', 'Maintenance Releases', 1 ); ?></h3>
+ <h3><?php echo _n( 'Maintenance and Security Release', 'Maintenance and Security Releases', 3 ); ?></h3>
+ <p><?php printf( _n( '<strong>Version %1$s</strong> addressed %2$s bug.',
+ '<strong>Version %1$s</strong> addressed %2$s bugs.', 1 ), '4.1.3', number_format_i18n( 1 ) ); ?>
+ <?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'http://codex.wordpress.org/Version_4.1.3' ); ?>
+ </p>
+ <p><?php printf( _n( '<strong>Version %1$s</strong> addressed a security issue.',
+ '<strong>Version %1$s</strong> addressed some security issues.', 8 ), '4.1.2' ); ?>
+ <?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'http://codex.wordpress.org/Version_4.1.2' ); ?>
+ </p>
<p><?php printf( _n( '<strong>Version %1$s</strong> addressed %2$s bug.',
'<strong>Version %1$s</strong> addressed %2$s bugs.', 21 ), '4.1.1', number_format_i18n( 21 ) ); ?>
<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'http://codex.wordpress.org/Version_4.1.1' ); ?>
diff --git a/wp-admin/includes/class-wp-comments-list-table.php b/wp-admin/includes/class-wp-comments-list-table.php
index 3814f98bcfbcbba77df4e42764432555f896bea8..35a193f1ce8cb4253863823cf5492b4aab22cd41 100644
--- a/wp-admin/includes/class-wp-comments-list-table.php
+++ b/wp-admin/includes/class-wp-comments-list-table.php
@@ -554,9 +554,9 @@ class WP_Comments_List_Table extends WP_List_Table {
if ( current_user_can( 'edit_post', $post->ID ) ) {
$post_link = "<a href='" . get_edit_post_link( $post->ID ) . "'>";
- $post_link .= get_the_title( $post->ID ) . '</a>';
+ $post_link .= esc_html( get_the_title( $post->ID ) ) . '</a>';
} else {
- $post_link = get_the_title( $post->ID );
+ $post_link = esc_html( get_the_title( $post->ID ) );
}
echo '<div class="response-links"><span class="post-com-count-wrapper">';
diff --git a/wp-admin/includes/dashboard.php b/wp-admin/includes/dashboard.php
index bf37176bae3c0f5eb43513ec13c2861547dc127d..75a5b1cb843374e15bfdc9ed9e52f7e3b009375a 100644
--- a/wp-admin/includes/dashboard.php
+++ b/wp-admin/includes/dashboard.php
@@ -518,7 +518,7 @@ function wp_dashboard_recent_drafts( $drafts = false ) {
function _wp_dashboard_recent_comments_row( &$comment, $show_date = true ) {
$GLOBALS['comment'] =& $comment;
- $comment_post_title = strip_tags(get_the_title( $comment->comment_post_ID ));
+ $comment_post_title = _draft_or_post_title( $comment->comment_post_ID );
if ( current_user_can( 'edit_post', $comment->comment_post_ID ) ) {
$comment_post_url = get_edit_post_link( $comment->comment_post_ID );
diff --git a/wp-admin/includes/template.php b/wp-admin/includes/template.php
index 425e40b0f09bef70bfb25aa619729f0ce54627a5..1087837cd6eb1acbd1d930f2b85a3f941e680637 100644
--- a/wp-admin/includes/template.php
+++ b/wp-admin/includes/template.php
@@ -1505,7 +1505,7 @@ function _draft_or_post_title( $post = 0 ) {
$title = get_the_title( $post );
if ( empty( $title ) )
$title = __( '(no title)' );
- return $title;
+ return esc_html( $title );
}
/**
diff --git a/wp-admin/js/nav-menu.js b/wp-admin/js/nav-menu.js
index dc2183c9a7fc8fc397ecbdfab1f56dfd0c3a2adc..33324b149bfe17a47d23f473bf0f7b6ee18e9de5 100644
--- a/wp-admin/js/nav-menu.js
+++ b/wp-admin/js/nav-menu.js
@@ -453,14 +453,14 @@ var wpNavMenu;
if ( ! isPrimaryMenuItem ) {
thisLink = menuItem.find( '.menus-move-left' ),
thisLinkText = menus.outFrom.replace( '%s', prevItemNameLeft );
- thisLink.prop( 'title', menus.moveOutFrom.replace( '%s', prevItemNameLeft ) ).html( thisLinkText ).css( 'display', 'inline' );
+ thisLink.prop( 'title', menus.moveOutFrom.replace( '%s', prevItemNameLeft ) ).text( thisLinkText ).css( 'display', 'inline' );
}
if ( 0 !== position ) {
if ( menuItem.find( '.menu-item-data-parent-id' ).val() !== menuItem.prev().find( '.menu-item-data-db-id' ).val() ) {
thisLink = menuItem.find( '.menus-move-right' ),
thisLinkText = menus.under.replace( '%s', prevItemNameRight );
- thisLink.prop( 'title', menus.moveUnder.replace( '%s', prevItemNameRight ) ).html( thisLinkText ).css( 'display', 'inline' );
+ thisLink.prop( 'title', menus.moveUnder.replace( '%s', prevItemNameRight ) ).text( thisLinkText ).css( 'display', 'inline' );
}
}
@@ -482,7 +482,7 @@ var wpNavMenu;
title = menus.subMenuFocus.replace( '%1$s', itemName ).replace( '%2$d', itemPosition ).replace( '%3$s', parentItemName );
}
- $this.prop('title', title).html( title );
+ $this.prop('title', title).text( title );
});
},
diff --git a/wp-admin/js/nav-menu.min.js b/wp-admin/js/nav-menu.min.js
index f270b494830c514675d2e261582ff3b7b2c08b5b..62befe4e20c12eb293191576cfddd542cce29f4a 100644
--- a/wp-admin/js/nav-menu.min.js
+++ b/wp-admin/js/nav-menu.min.js
@@ -1 +1 @@
-var wpNavMenu;!function(a){var b;b=wpNavMenu={options:{menuItemDepthPerLevel:30,globalMaxDepth:11},menuList:void 0,targetList:void 0,menusChanged:!1,isRTL:!("undefined"==typeof isRtl||!isRtl),negateIfRTL:"undefined"!=typeof isRtl&&isRtl?-1:1,init:function(){b.menuList=a("#menu-to-edit"),b.targetList=b.menuList,this.jQueryExtensions(),this.attachMenuEditListeners(),this.setupInputWithDefaultTitle(),this.attachQuickSearchListeners(),this.attachThemeLocationsListeners(),this.attachTabsPanelListeners(),this.attachUnsavedChangesListener(),b.menuList.length&&this.initSortables(),menus.oneThemeLocationNoMenus&&a("#posttype-page").addSelectedToMenu(b.addMenuItemToBottom),this.initManageLocations(),this.initAccessibility(),this.initToggles(),this.initPreviewing()},jQueryExtensions:function(){a.fn.extend({menuItemDepth:function(){var a=this.eq(0).css(b.isRTL?"margin-right":"margin-left");return b.pxToDepth(a&&-1!=a.indexOf("px")?a.slice(0,-2):0)},updateDepthClass:function(b,c){return this.each(function(){var d=a(this);c=c||d.menuItemDepth(),a(this).removeClass("menu-item-depth-"+c).addClass("menu-item-depth-"+b)})},shiftDepthClass:function(b){return this.each(function(){var c=a(this),d=c.menuItemDepth();a(this).removeClass("menu-item-depth-"+d).addClass("menu-item-depth-"+(d+b))})},childMenuItems:function(){var b=a();return this.each(function(){for(var c=a(this),d=c.menuItemDepth(),e=c.next();e.length&&e.menuItemDepth()>d;)b=b.add(e),e=e.next()}),b},shiftHorizontally:function(b){return this.each(function(){var c=a(this),d=c.menuItemDepth(),e=d+b;c.moveHorizontally(e,d)})},moveHorizontally:function(b,c){return this.each(function(){var d=a(this),e=d.childMenuItems(),f=b-c,g=d.find(".is-submenu");d.updateDepthClass(b,c).updateParentMenuItemDBId(),e&&e.each(function(){var b=a(this),c=b.menuItemDepth(),d=c+f;b.updateDepthClass(d,c).updateParentMenuItemDBId()}),0===b?g.hide():g.show()})},updateParentMenuItemDBId:function(){return this.each(function(){var b=a(this),c=b.find(".menu-item-data-parent-id"),d=parseInt(b.menuItemDepth(),10),e=d-1,f=b.prevAll(".menu-item-depth-"+e).first();c.val(0===d?0:f.find(".menu-item-data-db-id").val())})},hideAdvancedMenuItemFields:function(){return this.each(function(){var b=a(this);a(".hide-column-tog").not(":checked").each(function(){b.find(".field-"+a(this).val()).addClass("hidden-field")})})},addSelectedToMenu:function(c){return 0===a("#menu-to-edit").length?!1:this.each(function(){var d=a(this),e={},f=d.find(menus.oneThemeLocationNoMenus&&0===d.find(".tabs-panel-active .categorychecklist li input:checked").length?'#page-all li input[type="checkbox"]':".tabs-panel-active .categorychecklist li input:checked"),g=/menu-item\[([^\]]*)/;return c=c||b.addMenuItemToBottom,f.length?(d.find(".spinner").show(),a(f).each(function(){var d=a(this),f=g.exec(d.attr("name")),h="undefined"==typeof f[1]?0:parseInt(f[1],10);this.className&&-1!=this.className.indexOf("add-to-top")&&(c=b.addMenuItemToTop),e[h]=d.closest("li").getItemData("add-menu-item",h)}),void b.addItemToMenu(e,c,function(){f.removeAttr("checked"),d.find(".spinner").hide()})):!1})},getItemData:function(a,b){a=a||"menu-item";var c,d={},e=["menu-item-db-id","menu-item-object-id","menu-item-object","menu-item-parent-id","menu-item-position","menu-item-type","menu-item-title","menu-item-url","menu-item-description","menu-item-attr-title","menu-item-target","menu-item-classes","menu-item-xfn"];return b||"menu-item"!=a||(b=this.find(".menu-item-data-db-id").val()),b?(this.find("input").each(function(){var f;for(c=e.length;c--;)"menu-item"==a?f=e[c]+"["+b+"]":"add-menu-item"==a&&(f="menu-item["+b+"]["+e[c]+"]"),this.name&&f==this.name&&(d[e[c]]=this.value)}),d):d},setItemData:function(b,c,d){return c=c||"menu-item",d||"menu-item"!=c||(d=a(".menu-item-data-db-id",this).val()),d?(this.find("input").each(function(){var e,f=a(this);a.each(b,function(a,b){"menu-item"==c?e=a+"["+d+"]":"add-menu-item"==c&&(e="menu-item["+d+"]["+a+"]"),e==f.attr("name")&&f.val(b)})}),this):this}})},countMenuItems:function(b){return a(".menu-item-depth-"+b).length},moveMenuItem:function(c,d){var e,f,g,h=a("#menu-to-edit li"),i=h.length,j=c.parents("li.menu-item"),k=j.childMenuItems(),l=j.getItemData(),m=parseInt(j.menuItemDepth(),10),n=parseInt(j.index(),10),o=j.next(),p=o.childMenuItems(),q=parseInt(o.menuItemDepth(),10)+1,r=j.prev(),s=parseInt(r.menuItemDepth(),10),t=r.getItemData()["menu-item-db-id"];switch(d){case"up":if(f=n-1,0===n)break;0===f&&0!==m&&j.moveHorizontally(0,m),0!==s&&j.moveHorizontally(s,m),k?(e=j.add(k),e.detach().insertBefore(h.eq(f)).updateParentMenuItemDBId()):j.detach().insertBefore(h.eq(f)).updateParentMenuItemDBId();break;case"down":if(k){if(e=j.add(k),o=h.eq(e.length+n),p=0!==o.childMenuItems().length,p&&(g=parseInt(o.menuItemDepth(),10)+1,j.moveHorizontally(g,m)),i===n+e.length)break;e.detach().insertAfter(h.eq(n+e.length)).updateParentMenuItemDBId()}else{if(0!==p.length&&j.moveHorizontally(q,m),i===n+1)break;j.detach().insertAfter(h.eq(n+1)).updateParentMenuItemDBId()}break;case"top":if(0===n)break;k?(e=j.add(k),e.detach().insertBefore(h.eq(0)).updateParentMenuItemDBId()):j.detach().insertBefore(h.eq(0)).updateParentMenuItemDBId();break;case"left":if(0===m)break;j.shiftHorizontally(-1);break;case"right":if(0===n)break;if(l["menu-item-parent-id"]===t)break;j.shiftHorizontally(1)}c.focus(),b.registerChange(),b.refreshKeyboardAccessibility(),b.refreshAdvancedAccessibility()},initAccessibility:function(){var c=a("#menu-to-edit");b.refreshKeyboardAccessibility(),b.refreshAdvancedAccessibility(),c.on("click",".menus-move-up",function(c){b.moveMenuItem(a(this).parents("li.menu-item").find("a.item-edit"),"up"),c.preventDefault()}),c.on("click",".menus-move-down",function(c){b.moveMenuItem(a(this).parents("li.menu-item").find("a.item-edit"),"down"),c.preventDefault()}),c.on("click",".menus-move-top",function(c){b.moveMenuItem(a(this).parents("li.menu-item").find("a.item-edit"),"top"),c.preventDefault()}),c.on("click",".menus-move-left",function(c){b.moveMenuItem(a(this).parents("li.menu-item").find("a.item-edit"),"left"),c.preventDefault()}),c.on("click",".menus-move-right",function(c){b.moveMenuItem(a(this).parents("li.menu-item").find("a.item-edit"),"right"),c.preventDefault()})},refreshAdvancedAccessibility:function(){a(".menu-item-settings .field-move a").css("display","none"),a(".item-edit").each(function(){var b,c,d,e,f,g,h,i,j,k=a(this),l=k.closest("li.menu-item").first(),m=l.menuItemDepth(),n=0===m,o=k.closest(".menu-item-handle").find(".menu-item-title").text(),p=parseInt(l.index(),10),q=n?m:parseInt(m-1,10),r=l.prevAll(".menu-item-depth-"+q).first().find(".menu-item-title").text(),s=l.prevAll(".menu-item-depth-"+m).first().find(".menu-item-title").text(),t=a("#menu-to-edit li").length,u=l.nextAll(".menu-item-depth-"+m).length;0!==p&&(b=l.find(".menus-move-up"),b.prop("title",menus.moveUp).css("display","inline")),0!==p&&n&&(b=l.find(".menus-move-top"),b.prop("title",menus.moveToTop).css("display","inline")),p+1!==t&&0!==p&&(b=l.find(".menus-move-down"),b.prop("title",menus.moveDown).css("display","inline")),0===p&&0!==u&&(b=l.find(".menus-move-down"),b.prop("title",menus.moveDown).css("display","inline")),n||(b=l.find(".menus-move-left"),c=menus.outFrom.replace("%s",r),b.prop("title",menus.moveOutFrom.replace("%s",r)).html(c).css("display","inline")),0!==p&&l.find(".menu-item-data-parent-id").val()!==l.prev().find(".menu-item-data-db-id").val()&&(b=l.find(".menus-move-right"),c=menus.under.replace("%s",s),b.prop("title",menus.moveUnder.replace("%s",s)).html(c).css("display","inline")),n?(d=a(".menu-item-depth-0"),e=d.index(l)+1,t=d.length,f=menus.menuFocus.replace("%1$s",o).replace("%2$d",e).replace("%3$d",t)):(g=l.prevAll(".menu-item-depth-"+parseInt(m-1,10)).first(),h=g.find(".menu-item-data-db-id").val(),i=g.find(".menu-item-title").text(),j=a('.menu-item .menu-item-data-parent-id[value="'+h+'"]'),e=a(j.parents(".menu-item").get().reverse()).index(l)+1,f=menus.subMenuFocus.replace("%1$s",o).replace("%2$d",e).replace("%3$s",i)),k.prop("title",f).html(f)})},refreshKeyboardAccessibility:function(){a(".item-edit").off("focus").on("focus",function(){a(this).off("keydown").on("keydown",function(c){var d,e=a(this),f=e.parents("li.menu-item"),g=f.getItemData();if((37==c.which||38==c.which||39==c.which||40==c.which)&&(e.off("keydown"),1!==a("#menu-to-edit li").length)){switch(d={38:"up",40:"down",37:"left",39:"right"},a("body").hasClass("rtl")&&(d={38:"up",40:"down",39:"left",37:"right"}),d[c.which]){case"up":b.moveMenuItem(e,"up");break;case"down":b.moveMenuItem(e,"down");break;case"left":b.moveMenuItem(e,"left");break;case"right":b.moveMenuItem(e,"right")}return a("#edit-"+g["menu-item-db-id"]).focus(),!1}})})},initPreviewing:function(){a("#menu-to-edit").on("change input",".edit-menu-item-title",function(b){var c,d,e=a(b.currentTarget);c=e.val(),d=e.closest(".menu-item").find(".menu-item-title"),c?d.text(c).removeClass("no-title"):d.text(navMenuL10n.untitled).addClass("no-title")})},initToggles:function(){postboxes.add_postbox_toggles("nav-menus"),columns.useCheckboxesForHidden(),columns.checked=function(b){a(".field-"+b).removeClass("hidden-field")},columns.unchecked=function(b){a(".field-"+b).addClass("hidden-field")},b.menuList.hideAdvancedMenuItemFields(),a(".hide-postbox-tog").click(function(){var b=a(".accordion-container li.accordion-section").filter(":hidden").map(function(){return this.id}).get().join(",");a.post(ajaxurl,{action:"closed-postboxes",hidden:b,closedpostboxesnonce:jQuery("#closedpostboxesnonce").val(),page:"nav-menus"})})},initSortables:function(){function c(a){var c;j=a.placeholder.prev(),k=a.placeholder.next(),j[0]==a.item[0]&&(j=j.prev()),k[0]==a.item[0]&&(k=k.next()),l=j.length?j.offset().top+j.height():0,m=k.length?k.offset().top+k.height()/3:0,h=k.length?k.menuItemDepth():0,i=j.length?(c=j.menuItemDepth()+1)>b.options.globalMaxDepth?b.options.globalMaxDepth:c:0}function d(a,b){a.placeholder.updateDepthClass(b,q),q=b}function e(){if(!s[0].className)return 0;var a=s[0].className.match(/menu-max-depth-(\d+)/);return a&&a[1]?parseInt(a[1],10):0}function f(c){var d,e=t;if(0!==c){if(c>0)d=p+c,d>t&&(e=d);else if(0>c&&p==t)for(;!a(".menu-item-depth-"+e,b.menuList).length&&e>0;)e--;s.removeClass("menu-max-depth-"+t).addClass("menu-max-depth-"+e),t=e}}var g,h,i,j,k,l,m,n,o,p,q=0,r=b.menuList.offset().left,s=a("body"),t=e();0!==a("#menu-to-edit li").length&&a(".drag-instructions").show(),r+=b.isRTL?b.menuList.width():0,b.menuList.sortable({handle:".menu-item-handle",placeholder:"sortable-placeholder",start:function(e,f){var h,i,j,k,l;b.isRTL&&(f.item[0].style.right="auto"),o=f.item.children(".menu-item-transport"),g=f.item.menuItemDepth(),d(f,g),j=f.item.next()[0]==f.placeholder[0]?f.item.next():f.item,k=j.childMenuItems(),o.append(k),h=o.outerHeight(),h+=h>0?1*f.placeholder.css("margin-top").slice(0,-2):0,h+=f.helper.outerHeight(),n=h,h-=2,f.placeholder.height(h),p=g,k.each(function(){var b=a(this).menuItemDepth();p=b>p?b:p}),i=f.helper.find(".menu-item-handle").outerWidth(),i+=b.depthToPx(p-g),i-=2,f.placeholder.width(i),l=f.placeholder.next(),l.css("margin-top",n+"px"),f.placeholder.detach(),a(this).sortable("refresh"),f.item.after(f.placeholder),l.css("margin-top",0),c(f)},stop:function(a,c){var d,e,h=q-g;d=o.children().insertAfter(c.item),e=c.item.find(".item-title .is-submenu"),q>0?e.show():e.hide(),0!==h&&(c.item.updateDepthClass(q),d.shiftDepthClass(h),f(h)),b.registerChange(),c.item.updateParentMenuItemDBId(),c.item[0].style.top=0,b.isRTL&&(c.item[0].style.left="auto",c.item[0].style.right=0),b.refreshKeyboardAccessibility(),b.refreshAdvancedAccessibility()},change:function(a,d){d.placeholder.parent().hasClass("menu")||(j.length?j.after(d.placeholder):b.menuList.prepend(d.placeholder)),c(d)},sort:function(e,f){var g=f.helper.offset(),j=b.isRTL?g.left+f.helper.width():g.left,o=b.negateIfRTL*b.pxToDepth(j-r);o>i||g.top<l?o=i:h>o&&(o=h),o!=q&&d(f,o),m&&g.top+n>m&&(k.after(f.placeholder),c(f),a(this).sortable("refreshPositions"))}})},initManageLocations:function(){a("#menu-locations-wrap form").submit(function(){window.onbeforeunload=null}),a(".menu-location-menus select").on("change",function(){var b=a(this).closest("tr").find(".locations-edit-menu-link");a(this).find("option:selected").data("orig")?b.show():b.hide()})},attachMenuEditListeners:function(){var b=this;a("#update-nav-menu").bind("click",function(a){if(a.target&&a.target.className){if(-1!=a.target.className.indexOf("item-edit"))return b.eventOnClickEditLink(a.target);if(-1!=a.target.className.indexOf("menu-save"))return b.eventOnClickMenuSave(a.target);if(-1!=a.target.className.indexOf("menu-delete"))return b.eventOnClickMenuDelete(a.target);if(-1!=a.target.className.indexOf("item-delete"))return b.eventOnClickMenuItemDelete(a.target);if(-1!=a.target.className.indexOf("item-cancel"))return b.eventOnClickCancelLink(a.target)}}),a('#add-custom-links input[type="text"]').keypress(function(b){13===b.keyCode&&(b.preventDefault(),a("#submit-customlinkdiv").click())})},setupInputWithDefaultTitle:function(){var b="input-with-default-title";a("."+b).each(function(){var c=a(this),d=c.attr("title"),e=c.val();if(c.data(b,d),""===e)c.val(d);else{if(d==e)return;c.removeClass(b)}}).focus(function(){var c=a(this);c.val()==c.data(b)&&c.val("").removeClass(b)}).blur(function(){var c=a(this);""===c.val()&&c.addClass(b).val(c.data(b))}),a(".blank-slate .input-with-default-title").focus()},attachThemeLocationsListeners:function(){var b=a("#nav-menu-theme-locations"),c={};c.action="menu-locations-save",c["menu-settings-column-nonce"]=a("#menu-settings-column-nonce").val(),b.find('input[type="submit"]').click(function(){return b.find("select").each(function(){c[this.name]=a(this).val()}),b.find(".spinner").show(),a.post(ajaxurl,c,function(){b.find(".spinner").hide()}),!1})},attachQuickSearchListeners:function(){var c;a(".quick-search").keypress(function(d){var e=a(this);return 13==d.which?(b.updateQuickSearchResults(e),!1):(c&&clearTimeout(c),void(c=setTimeout(function(){b.updateQuickSearchResults(e)},400)))}).attr("autocomplete","off")},updateQuickSearchResults:function(c){var d,e,f=2,g=c.val();g.length<f||(d=c.parents(".tabs-panel"),e={action:"menu-quick-search","response-format":"markup",menu:a("#menu").val(),"menu-settings-column-nonce":a("#menu-settings-column-nonce").val(),q:g,type:c.attr("name")},a(".spinner",d).show(),a.post(ajaxurl,e,function(a){b.processQuickSearchQueryResponse(a,e,d)}))},addCustomLink:function(c){var d=a("#custom-menu-item-url").val(),e=a("#custom-menu-item-name").val();return c=c||b.addMenuItemToBottom,""===d||"http://"==d?!1:(a(".customlinkdiv .spinner").show(),void this.addLinkToMenu(d,e,c,function(){a(".customlinkdiv .spinner").hide(),a("#custom-menu-item-name").val("").blur(),a("#custom-menu-item-url").val("http://")}))},addLinkToMenu:function(a,c,d,e){d=d||b.addMenuItemToBottom,e=e||function(){},b.addItemToMenu({"-1":{"menu-item-type":"custom","menu-item-url":a,"menu-item-title":c}},d,e)},addItemToMenu:function(b,c,d){var e,f=a("#menu").val(),g=a("#menu-settings-column-nonce").val();c=c||function(){},d=d||function(){},e={action:"add-menu-item",menu:f,"menu-settings-column-nonce":g,"menu-item":b},a.post(ajaxurl,e,function(b){var f=a("#menu-instructions");b=a.trim(b),c(b,e),a("li.pending").hide().fadeIn("slow"),a(".drag-instructions").show(),!f.hasClass("menu-instructions-inactive")&&f.siblings().length&&f.addClass("menu-instructions-inactive"),d()})},addMenuItemToBottom:function(c){a(c).hideAdvancedMenuItemFields().appendTo(b.targetList),b.refreshKeyboardAccessibility(),b.refreshAdvancedAccessibility()},addMenuItemToTop:function(c){a(c).hideAdvancedMenuItemFields().prependTo(b.targetList),b.refreshKeyboardAccessibility(),b.refreshAdvancedAccessibility()},attachUnsavedChangesListener:function(){a("#menu-management input, #menu-management select, #menu-management, #menu-management textarea, .menu-location-menus select").change(function(){b.registerChange()}),0!==a("#menu-to-edit").length||0!==a(".menu-location-menus select").length?window.onbeforeunload=function(){return b.menusChanged?navMenuL10n.saveAlert:void 0}:a("#menu-settings-column").find("input,select").end().find("a").attr("href","#").unbind("click")},registerChange:function(){b.menusChanged=!0},attachTabsPanelListeners:function(){a("#menu-settings-column").bind("click",function(c){var d,e,f,g,h=a(c.target);if(h.hasClass("nav-tab-link"))e=h.data("type"),f=h.parents(".accordion-section-content").first(),a("input",f).removeAttr("checked"),a(".tabs-panel-active",f).removeClass("tabs-panel-active").addClass("tabs-panel-inactive"),a("#"+e,f).removeClass("tabs-panel-inactive").addClass("tabs-panel-active"),a(".tabs",f).removeClass("tabs"),h.parent().addClass("tabs"),a(".quick-search",f).focus(),c.preventDefault();else if(h.hasClass("select-all")){if(d=/#(.*)$/.exec(c.target.href),d&&d[1])return g=a("#"+d[1]+" .tabs-panel-active .menu-item-title input"),g.length===g.filter(":checked").length?g.removeAttr("checked"):g.prop("checked",!0),!1}else{if(h.hasClass("submit-add-to-menu"))return b.registerChange(),c.target.id&&"submit-customlinkdiv"==c.target.id?b.addCustomLink(b.addMenuItemToBottom):c.target.id&&-1!=c.target.id.indexOf("submit-")&&a("#"+c.target.id.replace(/submit-/,"")).addSelectedToMenu(b.addMenuItemToBottom),!1;if(h.hasClass("page-numbers"))return a.post(ajaxurl,c.target.href.replace(/.*\?/,"").replace(/action=([^&]*)/,"")+"&action=menu-get-metabox",function(b){if(-1!=b.indexOf("replace-id")){var c=a.parseJSON(b),d=document.getElementById(c["replace-id"]),e=document.createElement("div"),f=document.createElement("div");c.markup&&d&&(f.innerHTML=c.markup?c.markup:"",d.parentNode.insertBefore(e,d),e.parentNode.removeChild(d),e.parentNode.insertBefore(f,e),e.parentNode.removeChild(e))}}),!1}})},eventOnClickEditLink:function(b){var c,d,e=/#(.*)$/.exec(b.href);return e&&e[1]&&(c=a("#"+e[1]),d=c.parent(),0!==d.length)?(d.hasClass("menu-item-edit-inactive")?(c.data("menu-item-data")||c.data("menu-item-data",c.getItemData()),c.slideDown("fast"),d.removeClass("menu-item-edit-inactive").addClass("menu-item-edit-active")):(c.slideUp("fast"),d.removeClass("menu-item-edit-active").addClass("menu-item-edit-inactive")),!1):void 0},eventOnClickCancelLink:function(b){var c=a(b).closest(".menu-item-settings"),d=a(b).closest(".menu-item");return d.removeClass("menu-item-edit-active").addClass("menu-item-edit-inactive"),c.setItemData(c.data("menu-item-data")).hide(),!1},eventOnClickMenuSave:function(){var c="",d=a("#menu-name"),e=d.val();return e&&e!=d.attr("title")&&e.replace(/\s+/,"")?(a("#nav-menu-theme-locations select").each(function(){c+='<input type="hidden" name="'+this.name+'" value="'+a(this).val()+'" />'}),a("#update-nav-menu").append(c),b.menuList.find(".menu-item-data-position").val(function(a){return a+1}),window.onbeforeunload=null,!0):(d.parent().addClass("form-invalid"),!1)},eventOnClickMenuDelete:function(){return window.confirm(navMenuL10n.warnDeleteMenu)?(window.onbeforeunload=null,!0):!1},eventOnClickMenuItemDelete:function(c){var d=parseInt(c.id.replace("delete-",""),10);return b.removeMenuItem(a("#menu-item-"+d)),b.registerChange(),!1},processQuickSearchQueryResponse:function(b,c,d){var e,f,g,h={},i=document.getElementById("nav-menu-meta"),j=/menu-item[(\[^]\]*/,k=a("<div>").html(b).find("li");return k.length?(k.each(function(){if(g=a(this),e=j.exec(g.html()),e&&e[1]){for(f=e[1];i.elements["menu-item["+f+"][menu-item-type]"]||h[f];)f--;h[f]=!0,f!=e[1]&&g.html(g.html().replace(new RegExp("menu-item\\["+e[1]+"\\]","g"),"menu-item["+f+"]"))}}),a(".categorychecklist",d).html(k),void a(".spinner",d).hide()):(a(".categorychecklist",d).html("<li><p>"+navMenuL10n.noResultsFound+"</p></li>"),void a(".spinner",d).hide())},removeMenuItem:function(b){var c=b.childMenuItems();b.addClass("deleting").animate({opacity:0,height:0},350,function(){var d=a("#menu-instructions");b.remove(),c.shiftDepthClass(-1).updateParentMenuItemDBId(),0===a("#menu-to-edit li").length&&(a(".drag-instructions").hide(),d.removeClass("menu-instructions-inactive"))})},depthToPx:function(a){return a*b.options.menuItemDepthPerLevel},pxToDepth:function(a){return Math.floor(a/b.options.menuItemDepthPerLevel)}},a(document).ready(function(){wpNavMenu.init()})}(jQuery);
\ No newline at end of file
+var wpNavMenu;!function(a){var b;b=wpNavMenu={options:{menuItemDepthPerLevel:30,globalMaxDepth:11},menuList:void 0,targetList:void 0,menusChanged:!1,isRTL:!("undefined"==typeof isRtl||!isRtl),negateIfRTL:"undefined"!=typeof isRtl&&isRtl?-1:1,init:function(){b.menuList=a("#menu-to-edit"),b.targetList=b.menuList,this.jQueryExtensions(),this.attachMenuEditListeners(),this.setupInputWithDefaultTitle(),this.attachQuickSearchListeners(),this.attachThemeLocationsListeners(),this.attachTabsPanelListeners(),this.attachUnsavedChangesListener(),b.menuList.length&&this.initSortables(),menus.oneThemeLocationNoMenus&&a("#posttype-page").addSelectedToMenu(b.addMenuItemToBottom),this.initManageLocations(),this.initAccessibility(),this.initToggles(),this.initPreviewing()},jQueryExtensions:function(){a.fn.extend({menuItemDepth:function(){var a=this.eq(0).css(b.isRTL?"margin-right":"margin-left");return b.pxToDepth(a&&-1!=a.indexOf("px")?a.slice(0,-2):0)},updateDepthClass:function(b,c){return this.each(function(){var d=a(this);c=c||d.menuItemDepth(),a(this).removeClass("menu-item-depth-"+c).addClass("menu-item-depth-"+b)})},shiftDepthClass:function(b){return this.each(function(){var c=a(this),d=c.menuItemDepth();a(this).removeClass("menu-item-depth-"+d).addClass("menu-item-depth-"+(d+b))})},childMenuItems:function(){var b=a();return this.each(function(){for(var c=a(this),d=c.menuItemDepth(),e=c.next();e.length&&e.menuItemDepth()>d;)b=b.add(e),e=e.next()}),b},shiftHorizontally:function(b){return this.each(function(){var c=a(this),d=c.menuItemDepth(),e=d+b;c.moveHorizontally(e,d)})},moveHorizontally:function(b,c){return this.each(function(){var d=a(this),e=d.childMenuItems(),f=b-c,g=d.find(".is-submenu");d.updateDepthClass(b,c).updateParentMenuItemDBId(),e&&e.each(function(){var b=a(this),c=b.menuItemDepth(),d=c+f;b.updateDepthClass(d,c).updateParentMenuItemDBId()}),0===b?g.hide():g.show()})},updateParentMenuItemDBId:function(){return this.each(function(){var b=a(this),c=b.find(".menu-item-data-parent-id"),d=parseInt(b.menuItemDepth(),10),e=d-1,f=b.prevAll(".menu-item-depth-"+e).first();c.val(0===d?0:f.find(".menu-item-data-db-id").val())})},hideAdvancedMenuItemFields:function(){return this.each(function(){var b=a(this);a(".hide-column-tog").not(":checked").each(function(){b.find(".field-"+a(this).val()).addClass("hidden-field")})})},addSelectedToMenu:function(c){return 0===a("#menu-to-edit").length?!1:this.each(function(){var d=a(this),e={},f=d.find(menus.oneThemeLocationNoMenus&&0===d.find(".tabs-panel-active .categorychecklist li input:checked").length?'#page-all li input[type="checkbox"]':".tabs-panel-active .categorychecklist li input:checked"),g=/menu-item\[([^\]]*)/;return c=c||b.addMenuItemToBottom,f.length?(d.find(".spinner").show(),a(f).each(function(){var d=a(this),f=g.exec(d.attr("name")),h="undefined"==typeof f[1]?0:parseInt(f[1],10);this.className&&-1!=this.className.indexOf("add-to-top")&&(c=b.addMenuItemToTop),e[h]=d.closest("li").getItemData("add-menu-item",h)}),void b.addItemToMenu(e,c,function(){f.removeAttr("checked"),d.find(".spinner").hide()})):!1})},getItemData:function(a,b){a=a||"menu-item";var c,d={},e=["menu-item-db-id","menu-item-object-id","menu-item-object","menu-item-parent-id","menu-item-position","menu-item-type","menu-item-title","menu-item-url","menu-item-description","menu-item-attr-title","menu-item-target","menu-item-classes","menu-item-xfn"];return b||"menu-item"!=a||(b=this.find(".menu-item-data-db-id").val()),b?(this.find("input").each(function(){var f;for(c=e.length;c--;)"menu-item"==a?f=e[c]+"["+b+"]":"add-menu-item"==a&&(f="menu-item["+b+"]["+e[c]+"]"),this.name&&f==this.name&&(d[e[c]]=this.value)}),d):d},setItemData:function(b,c,d){return c=c||"menu-item",d||"menu-item"!=c||(d=a(".menu-item-data-db-id",this).val()),d?(this.find("input").each(function(){var e,f=a(this);a.each(b,function(a,b){"menu-item"==c?e=a+"["+d+"]":"add-menu-item"==c&&(e="menu-item["+d+"]["+a+"]"),e==f.attr("name")&&f.val(b)})}),this):this}})},countMenuItems:function(b){return a(".menu-item-depth-"+b).length},moveMenuItem:function(c,d){var e,f,g,h=a("#menu-to-edit li"),i=h.length,j=c.parents("li.menu-item"),k=j.childMenuItems(),l=j.getItemData(),m=parseInt(j.menuItemDepth(),10),n=parseInt(j.index(),10),o=j.next(),p=o.childMenuItems(),q=parseInt(o.menuItemDepth(),10)+1,r=j.prev(),s=parseInt(r.menuItemDepth(),10),t=r.getItemData()["menu-item-db-id"];switch(d){case"up":if(f=n-1,0===n)break;0===f&&0!==m&&j.moveHorizontally(0,m),0!==s&&j.moveHorizontally(s,m),k?(e=j.add(k),e.detach().insertBefore(h.eq(f)).updateParentMenuItemDBId()):j.detach().insertBefore(h.eq(f)).updateParentMenuItemDBId();break;case"down":if(k){if(e=j.add(k),o=h.eq(e.length+n),p=0!==o.childMenuItems().length,p&&(g=parseInt(o.menuItemDepth(),10)+1,j.moveHorizontally(g,m)),i===n+e.length)break;e.detach().insertAfter(h.eq(n+e.length)).updateParentMenuItemDBId()}else{if(0!==p.length&&j.moveHorizontally(q,m),i===n+1)break;j.detach().insertAfter(h.eq(n+1)).updateParentMenuItemDBId()}break;case"top":if(0===n)break;k?(e=j.add(k),e.detach().insertBefore(h.eq(0)).updateParentMenuItemDBId()):j.detach().insertBefore(h.eq(0)).updateParentMenuItemDBId();break;case"left":if(0===m)break;j.shiftHorizontally(-1);break;case"right":if(0===n)break;if(l["menu-item-parent-id"]===t)break;j.shiftHorizontally(1)}c.focus(),b.registerChange(),b.refreshKeyboardAccessibility(),b.refreshAdvancedAccessibility()},initAccessibility:function(){var c=a("#menu-to-edit");b.refreshKeyboardAccessibility(),b.refreshAdvancedAccessibility(),c.on("click",".menus-move-up",function(c){b.moveMenuItem(a(this).parents("li.menu-item").find("a.item-edit"),"up"),c.preventDefault()}),c.on("click",".menus-move-down",function(c){b.moveMenuItem(a(this).parents("li.menu-item").find("a.item-edit"),"down"),c.preventDefault()}),c.on("click",".menus-move-top",function(c){b.moveMenuItem(a(this).parents("li.menu-item").find("a.item-edit"),"top"),c.preventDefault()}),c.on("click",".menus-move-left",function(c){b.moveMenuItem(a(this).parents("li.menu-item").find("a.item-edit"),"left"),c.preventDefault()}),c.on("click",".menus-move-right",function(c){b.moveMenuItem(a(this).parents("li.menu-item").find("a.item-edit"),"right"),c.preventDefault()})},refreshAdvancedAccessibility:function(){a(".menu-item-settings .field-move a").css("display","none"),a(".item-edit").each(function(){var b,c,d,e,f,g,h,i,j,k=a(this),l=k.closest("li.menu-item").first(),m=l.menuItemDepth(),n=0===m,o=k.closest(".menu-item-handle").find(".menu-item-title").text(),p=parseInt(l.index(),10),q=n?m:parseInt(m-1,10),r=l.prevAll(".menu-item-depth-"+q).first().find(".menu-item-title").text(),s=l.prevAll(".menu-item-depth-"+m).first().find(".menu-item-title").text(),t=a("#menu-to-edit li").length,u=l.nextAll(".menu-item-depth-"+m).length;0!==p&&(b=l.find(".menus-move-up"),b.prop("title",menus.moveUp).css("display","inline")),0!==p&&n&&(b=l.find(".menus-move-top"),b.prop("title",menus.moveToTop).css("display","inline")),p+1!==t&&0!==p&&(b=l.find(".menus-move-down"),b.prop("title",menus.moveDown).css("display","inline")),0===p&&0!==u&&(b=l.find(".menus-move-down"),b.prop("title",menus.moveDown).css("display","inline")),n||(b=l.find(".menus-move-left"),c=menus.outFrom.replace("%s",r),b.prop("title",menus.moveOutFrom.replace("%s",r)).text(c).css("display","inline")),0!==p&&l.find(".menu-item-data-parent-id").val()!==l.prev().find(".menu-item-data-db-id").val()&&(b=l.find(".menus-move-right"),c=menus.under.replace("%s",s),b.prop("title",menus.moveUnder.replace("%s",s)).text(c).css("display","inline")),n?(d=a(".menu-item-depth-0"),e=d.index(l)+1,t=d.length,f=menus.menuFocus.replace("%1$s",o).replace("%2$d",e).replace("%3$d",t)):(g=l.prevAll(".menu-item-depth-"+parseInt(m-1,10)).first(),h=g.find(".menu-item-data-db-id").val(),i=g.find(".menu-item-title").text(),j=a('.menu-item .menu-item-data-parent-id[value="'+h+'"]'),e=a(j.parents(".menu-item").get().reverse()).index(l)+1,f=menus.subMenuFocus.replace("%1$s",o).replace("%2$d",e).replace("%3$s",i)),k.prop("title",f).text(f)})},refreshKeyboardAccessibility:function(){a(".item-edit").off("focus").on("focus",function(){a(this).off("keydown").on("keydown",function(c){var d,e=a(this),f=e.parents("li.menu-item"),g=f.getItemData();if((37==c.which||38==c.which||39==c.which||40==c.which)&&(e.off("keydown"),1!==a("#menu-to-edit li").length)){switch(d={38:"up",40:"down",37:"left",39:"right"},a("body").hasClass("rtl")&&(d={38:"up",40:"down",39:"left",37:"right"}),d[c.which]){case"up":b.moveMenuItem(e,"up");break;case"down":b.moveMenuItem(e,"down");break;case"left":b.moveMenuItem(e,"left");break;case"right":b.moveMenuItem(e,"right")}return a("#edit-"+g["menu-item-db-id"]).focus(),!1}})})},initPreviewing:function(){a("#menu-to-edit").on("change input",".edit-menu-item-title",function(b){var c,d,e=a(b.currentTarget);c=e.val(),d=e.closest(".menu-item").find(".menu-item-title"),c?d.text(c).removeClass("no-title"):d.text(navMenuL10n.untitled).addClass("no-title")})},initToggles:function(){postboxes.add_postbox_toggles("nav-menus"),columns.useCheckboxesForHidden(),columns.checked=function(b){a(".field-"+b).removeClass("hidden-field")},columns.unchecked=function(b){a(".field-"+b).addClass("hidden-field")},b.menuList.hideAdvancedMenuItemFields(),a(".hide-postbox-tog").click(function(){var b=a(".accordion-container li.accordion-section").filter(":hidden").map(function(){return this.id}).get().join(",");a.post(ajaxurl,{action:"closed-postboxes",hidden:b,closedpostboxesnonce:jQuery("#closedpostboxesnonce").val(),page:"nav-menus"})})},initSortables:function(){function c(a){var c;j=a.placeholder.prev(),k=a.placeholder.next(),j[0]==a.item[0]&&(j=j.prev()),k[0]==a.item[0]&&(k=k.next()),l=j.length?j.offset().top+j.height():0,m=k.length?k.offset().top+k.height()/3:0,h=k.length?k.menuItemDepth():0,i=j.length?(c=j.menuItemDepth()+1)>b.options.globalMaxDepth?b.options.globalMaxDepth:c:0}function d(a,b){a.placeholder.updateDepthClass(b,q),q=b}function e(){if(!s[0].className)return 0;var a=s[0].className.match(/menu-max-depth-(\d+)/);return a&&a[1]?parseInt(a[1],10):0}function f(c){var d,e=t;if(0!==c){if(c>0)d=p+c,d>t&&(e=d);else if(0>c&&p==t)for(;!a(".menu-item-depth-"+e,b.menuList).length&&e>0;)e--;s.removeClass("menu-max-depth-"+t).addClass("menu-max-depth-"+e),t=e}}var g,h,i,j,k,l,m,n,o,p,q=0,r=b.menuList.offset().left,s=a("body"),t=e();0!==a("#menu-to-edit li").length&&a(".drag-instructions").show(),r+=b.isRTL?b.menuList.width():0,b.menuList.sortable({handle:".menu-item-handle",placeholder:"sortable-placeholder",start:function(e,f){var h,i,j,k,l;b.isRTL&&(f.item[0].style.right="auto"),o=f.item.children(".menu-item-transport"),g=f.item.menuItemDepth(),d(f,g),j=f.item.next()[0]==f.placeholder[0]?f.item.next():f.item,k=j.childMenuItems(),o.append(k),h=o.outerHeight(),h+=h>0?1*f.placeholder.css("margin-top").slice(0,-2):0,h+=f.helper.outerHeight(),n=h,h-=2,f.placeholder.height(h),p=g,k.each(function(){var b=a(this).menuItemDepth();p=b>p?b:p}),i=f.helper.find(".menu-item-handle").outerWidth(),i+=b.depthToPx(p-g),i-=2,f.placeholder.width(i),l=f.placeholder.next(),l.css("margin-top",n+"px"),f.placeholder.detach(),a(this).sortable("refresh"),f.item.after(f.placeholder),l.css("margin-top",0),c(f)},stop:function(a,c){var d,e,h=q-g;d=o.children().insertAfter(c.item),e=c.item.find(".item-title .is-submenu"),q>0?e.show():e.hide(),0!==h&&(c.item.updateDepthClass(q),d.shiftDepthClass(h),f(h)),b.registerChange(),c.item.updateParentMenuItemDBId(),c.item[0].style.top=0,b.isRTL&&(c.item[0].style.left="auto",c.item[0].style.right=0),b.refreshKeyboardAccessibility(),b.refreshAdvancedAccessibility()},change:function(a,d){d.placeholder.parent().hasClass("menu")||(j.length?j.after(d.placeholder):b.menuList.prepend(d.placeholder)),c(d)},sort:function(e,f){var g=f.helper.offset(),j=b.isRTL?g.left+f.helper.width():g.left,o=b.negateIfRTL*b.pxToDepth(j-r);o>i||g.top<l?o=i:h>o&&(o=h),o!=q&&d(f,o),m&&g.top+n>m&&(k.after(f.placeholder),c(f),a(this).sortable("refreshPositions"))}})},initManageLocations:function(){a("#menu-locations-wrap form").submit(function(){window.onbeforeunload=null}),a(".menu-location-menus select").on("change",function(){var b=a(this).closest("tr").find(".locations-edit-menu-link");a(this).find("option:selected").data("orig")?b.show():b.hide()})},attachMenuEditListeners:function(){var b=this;a("#update-nav-menu").bind("click",function(a){if(a.target&&a.target.className){if(-1!=a.target.className.indexOf("item-edit"))return b.eventOnClickEditLink(a.target);if(-1!=a.target.className.indexOf("menu-save"))return b.eventOnClickMenuSave(a.target);if(-1!=a.target.className.indexOf("menu-delete"))return b.eventOnClickMenuDelete(a.target);if(-1!=a.target.className.indexOf("item-delete"))return b.eventOnClickMenuItemDelete(a.target);if(-1!=a.target.className.indexOf("item-cancel"))return b.eventOnClickCancelLink(a.target)}}),a('#add-custom-links input[type="text"]').keypress(function(b){13===b.keyCode&&(b.preventDefault(),a("#submit-customlinkdiv").click())})},setupInputWithDefaultTitle:function(){var b="input-with-default-title";a("."+b).each(function(){var c=a(this),d=c.attr("title"),e=c.val();if(c.data(b,d),""===e)c.val(d);else{if(d==e)return;c.removeClass(b)}}).focus(function(){var c=a(this);c.val()==c.data(b)&&c.val("").removeClass(b)}).blur(function(){var c=a(this);""===c.val()&&c.addClass(b).val(c.data(b))}),a(".blank-slate .input-with-default-title").focus()},attachThemeLocationsListeners:function(){var b=a("#nav-menu-theme-locations"),c={};c.action="menu-locations-save",c["menu-settings-column-nonce"]=a("#menu-settings-column-nonce").val(),b.find('input[type="submit"]').click(function(){return b.find("select").each(function(){c[this.name]=a(this).val()}),b.find(".spinner").show(),a.post(ajaxurl,c,function(){b.find(".spinner").hide()}),!1})},attachQuickSearchListeners:function(){var c;a(".quick-search").keypress(function(d){var e=a(this);return 13==d.which?(b.updateQuickSearchResults(e),!1):(c&&clearTimeout(c),void(c=setTimeout(function(){b.updateQuickSearchResults(e)},400)))}).attr("autocomplete","off")},updateQuickSearchResults:function(c){var d,e,f=2,g=c.val();g.length<f||(d=c.parents(".tabs-panel"),e={action:"menu-quick-search","response-format":"markup",menu:a("#menu").val(),"menu-settings-column-nonce":a("#menu-settings-column-nonce").val(),q:g,type:c.attr("name")},a(".spinner",d).show(),a.post(ajaxurl,e,function(a){b.processQuickSearchQueryResponse(a,e,d)}))},addCustomLink:function(c){var d=a("#custom-menu-item-url").val(),e=a("#custom-menu-item-name").val();return c=c||b.addMenuItemToBottom,""===d||"http://"==d?!1:(a(".customlinkdiv .spinner").show(),void this.addLinkToMenu(d,e,c,function(){a(".customlinkdiv .spinner").hide(),a("#custom-menu-item-name").val("").blur(),a("#custom-menu-item-url").val("http://")}))},addLinkToMenu:function(a,c,d,e){d=d||b.addMenuItemToBottom,e=e||function(){},b.addItemToMenu({"-1":{"menu-item-type":"custom","menu-item-url":a,"menu-item-title":c}},d,e)},addItemToMenu:function(b,c,d){var e,f=a("#menu").val(),g=a("#menu-settings-column-nonce").val();c=c||function(){},d=d||function(){},e={action:"add-menu-item",menu:f,"menu-settings-column-nonce":g,"menu-item":b},a.post(ajaxurl,e,function(b){var f=a("#menu-instructions");b=a.trim(b),c(b,e),a("li.pending").hide().fadeIn("slow"),a(".drag-instructions").show(),!f.hasClass("menu-instructions-inactive")&&f.siblings().length&&f.addClass("menu-instructions-inactive"),d()})},addMenuItemToBottom:function(c){a(c).hideAdvancedMenuItemFields().appendTo(b.targetList),b.refreshKeyboardAccessibility(),b.refreshAdvancedAccessibility()},addMenuItemToTop:function(c){a(c).hideAdvancedMenuItemFields().prependTo(b.targetList),b.refreshKeyboardAccessibility(),b.refreshAdvancedAccessibility()},attachUnsavedChangesListener:function(){a("#menu-management input, #menu-management select, #menu-management, #menu-management textarea, .menu-location-menus select").change(function(){b.registerChange()}),0!==a("#menu-to-edit").length||0!==a(".menu-location-menus select").length?window.onbeforeunload=function(){return b.menusChanged?navMenuL10n.saveAlert:void 0}:a("#menu-settings-column").find("input,select").end().find("a").attr("href","#").unbind("click")},registerChange:function(){b.menusChanged=!0},attachTabsPanelListeners:function(){a("#menu-settings-column").bind("click",function(c){var d,e,f,g,h=a(c.target);if(h.hasClass("nav-tab-link"))e=h.data("type"),f=h.parents(".accordion-section-content").first(),a("input",f).removeAttr("checked"),a(".tabs-panel-active",f).removeClass("tabs-panel-active").addClass("tabs-panel-inactive"),a("#"+e,f).removeClass("tabs-panel-inactive").addClass("tabs-panel-active"),a(".tabs",f).removeClass("tabs"),h.parent().addClass("tabs"),a(".quick-search",f).focus(),c.preventDefault();else if(h.hasClass("select-all")){if(d=/#(.*)$/.exec(c.target.href),d&&d[1])return g=a("#"+d[1]+" .tabs-panel-active .menu-item-title input"),g.length===g.filter(":checked").length?g.removeAttr("checked"):g.prop("checked",!0),!1}else{if(h.hasClass("submit-add-to-menu"))return b.registerChange(),c.target.id&&"submit-customlinkdiv"==c.target.id?b.addCustomLink(b.addMenuItemToBottom):c.target.id&&-1!=c.target.id.indexOf("submit-")&&a("#"+c.target.id.replace(/submit-/,"")).addSelectedToMenu(b.addMenuItemToBottom),!1;if(h.hasClass("page-numbers"))return a.post(ajaxurl,c.target.href.replace(/.*\?/,"").replace(/action=([^&]*)/,"")+"&action=menu-get-metabox",function(b){if(-1!=b.indexOf("replace-id")){var c=a.parseJSON(b),d=document.getElementById(c["replace-id"]),e=document.createElement("div"),f=document.createElement("div");c.markup&&d&&(f.innerHTML=c.markup?c.markup:"",d.parentNode.insertBefore(e,d),e.parentNode.removeChild(d),e.parentNode.insertBefore(f,e),e.parentNode.removeChild(e))}}),!1}})},eventOnClickEditLink:function(b){var c,d,e=/#(.*)$/.exec(b.href);return e&&e[1]&&(c=a("#"+e[1]),d=c.parent(),0!==d.length)?(d.hasClass("menu-item-edit-inactive")?(c.data("menu-item-data")||c.data("menu-item-data",c.getItemData()),c.slideDown("fast"),d.removeClass("menu-item-edit-inactive").addClass("menu-item-edit-active")):(c.slideUp("fast"),d.removeClass("menu-item-edit-active").addClass("menu-item-edit-inactive")),!1):void 0},eventOnClickCancelLink:function(b){var c=a(b).closest(".menu-item-settings"),d=a(b).closest(".menu-item");return d.removeClass("menu-item-edit-active").addClass("menu-item-edit-inactive"),c.setItemData(c.data("menu-item-data")).hide(),!1},eventOnClickMenuSave:function(){var c="",d=a("#menu-name"),e=d.val();return e&&e!=d.attr("title")&&e.replace(/\s+/,"")?(a("#nav-menu-theme-locations select").each(function(){c+='<input type="hidden" name="'+this.name+'" value="'+a(this).val()+'" />'}),a("#update-nav-menu").append(c),b.menuList.find(".menu-item-data-position").val(function(a){return a+1}),window.onbeforeunload=null,!0):(d.parent().addClass("form-invalid"),!1)},eventOnClickMenuDelete:function(){return window.confirm(navMenuL10n.warnDeleteMenu)?(window.onbeforeunload=null,!0):!1},eventOnClickMenuItemDelete:function(c){var d=parseInt(c.id.replace("delete-",""),10);return b.removeMenuItem(a("#menu-item-"+d)),b.registerChange(),!1},processQuickSearchQueryResponse:function(b,c,d){var e,f,g,h={},i=document.getElementById("nav-menu-meta"),j=/menu-item[(\[^]\]*/,k=a("<div>").html(b).find("li");return k.length?(k.each(function(){if(g=a(this),e=j.exec(g.html()),e&&e[1]){for(f=e[1];i.elements["menu-item["+f+"][menu-item-type]"]||h[f];)f--;h[f]=!0,f!=e[1]&&g.html(g.html().replace(new RegExp("menu-item\\["+e[1]+"\\]","g"),"menu-item["+f+"]"))}}),a(".categorychecklist",d).html(k),void a(".spinner",d).hide()):(a(".categorychecklist",d).html("<li><p>"+navMenuL10n.noResultsFound+"</p></li>"),void a(".spinner",d).hide())},removeMenuItem:function(b){var c=b.childMenuItems();b.addClass("deleting").animate({opacity:0,height:0},350,function(){var d=a("#menu-instructions");b.remove(),c.shiftDepthClass(-1).updateParentMenuItemDBId(),0===a("#menu-to-edit li").length&&(a(".drag-instructions").hide(),d.removeClass("menu-instructions-inactive"))})},depthToPx:function(a){return a*b.options.menuItemDepthPerLevel},pxToDepth:function(a){return Math.floor(a/b.options.menuItemDepthPerLevel)}},a(document).ready(function(){wpNavMenu.init()})}(jQuery);
\ No newline at end of file
diff --git a/wp-admin/update-core.php b/wp-admin/update-core.php
index 0c7d297b9e83cfeaeb1c827f168df3b0beede0fa..600db23eee9a197c63585b968545c6bae7833c0b 100644
--- a/wp-admin/update-core.php
+++ b/wp-admin/update-core.php
@@ -390,14 +390,14 @@ function do_core_upgrade( $reinstall = false ) {
<h2><?php _e('Update WordPress'); ?></h2>
<?php
- if ( false === ( $credentials = request_filesystem_credentials( $url, '', false, ABSPATH, array(), $allow_relaxed_file_ownership ) ) ) {
+ if ( false === ( $credentials = request_filesystem_credentials( $url, '', false, ABSPATH, array( 'version', 'locale' ), $allow_relaxed_file_ownership ) ) ) {
echo '</div>';
return;
}
if ( ! WP_Filesystem( $credentials, ABSPATH, $allow_relaxed_file_ownership ) ) {
// Failed to connect, Error and request again
- request_filesystem_credentials( $url, '', true, ABSPATH, array(), $allow_relaxed_file_ownership );
+ request_filesystem_credentials( $url, '', true, ABSPATH, array( 'version', 'locale' ), $allow_relaxed_file_ownership );
echo '</div>';
return;
}
diff --git a/wp-content/plugins/akismet/_inc/akismet.css b/wp-content/plugins/akismet/_inc/akismet.css
index ff076aab2ba1fde44618e6e9a47a9bb83c27063a..b754ec678e9519e79fa5803a90017d8134acbaf4 100644
--- a/wp-content/plugins/akismet/_inc/akismet.css
+++ b/wp-content/plugins/akismet/_inc/akismet.css
@@ -340,11 +340,16 @@ h2.ak-header {
text-align: center;
}
-.akismet-settings th.strictness {
+.akismet-settings th:first-child {
vertical-align: top;
padding-top: 15px;
}
+.akismet-settings th.akismet-api-key {
+ vertical-align: middle;
+ padding-top: 0;
+}
+
.akismet-settings input[type=text] {
width: 75%;
}
diff --git a/wp-content/plugins/akismet/_inc/akismet.js b/wp-content/plugins/akismet/_inc/akismet.js
index 7da76cd52e0bef9bd6afabf627cdd3b12e1d694b..5e857d16128bc7d4bbcf8dbaacbde1507ea31c32 100644
--- a/wp-content/plugins/akismet/_inc/akismet.js
+++ b/wp-content/plugins/akismet/_inc/akismet.js
@@ -18,9 +18,11 @@ jQuery( function ( $ ) {
var thisId = $(this).attr('commentid');
$(this).insertAfter('#comment-' + thisId + ' .author strong:first').show();
});
- $('#the-comment-list').find('tr.comment, tr[id ^= "comment-"]').find('.column-author a[title ^= "http://"], .column-author a[title ^= "https://"]').each(function () {
+ $('#the-comment-list').find('tr.comment, tr[id ^= "comment-"]').find('.column-author a[title]').each(function () {
+ // Comment author URLs are the only URL with a title attribute in the author column.
var thisTitle = $(this).attr('title');
- thisCommentId = $(this).parents('tr:first').attr('id').split("-");
+
+ var thisCommentId = $(this).parents('tr:first').attr('id').split("-");
$(this).attr("id", "author_comment_url_"+ thisCommentId[1]);
diff --git a/wp-content/plugins/akismet/akismet.php b/wp-content/plugins/akismet/akismet.php
index dc42c2ae302f0f3b2920c9c38cd5266efac95189..5cdd32a49e0e04178a835680d335bff55ffc3b90 100644
--- a/wp-content/plugins/akismet/akismet.php
+++ b/wp-content/plugins/akismet/akismet.php
@@ -6,7 +6,7 @@
Plugin Name: Akismet
Plugin URI: http://akismet.com/
Description: Used by millions, Akismet is quite possibly the best way in the world to <strong>protect your blog from comment and trackback spam</strong>. It keeps your site protected from spam even while you sleep. To get started: 1) Click the "Activate" link to the left of this description, 2) <a href="http://akismet.com/get/">Sign up for an Akismet API key</a>, and 3) Go to your Akismet configuration page, and save your API key.
-Version: 3.0.4
+Version: 3.1.1
Author: Automattic
Author URI: http://automattic.com/wordpress-plugins/
License: GPLv2 or later
@@ -35,8 +35,8 @@ if ( !function_exists( 'add_action' ) ) {
exit;
}
-define( 'AKISMET_VERSION', '3.0.4' );
-define( 'AKISMET__MINIMUM_WP_VERSION', '3.1' );
+define( 'AKISMET_VERSION', '3.1.1' );
+define( 'AKISMET__MINIMUM_WP_VERSION', '3.2' );
define( 'AKISMET__PLUGIN_URL', plugin_dir_url( __FILE__ ) );
define( 'AKISMET__PLUGIN_DIR', plugin_dir_path( __FILE__ ) );
define( 'AKISMET_DELETE_LIMIT', 100000 );
diff --git a/wp-content/plugins/akismet/class.akismet.php b/wp-content/plugins/akismet/class.akismet.php
index bcc5163e769245103dae4cee5f8f8e3a042eed9e..5c786526e19fb4bd1b27cbb57d6a4c746119996d 100644
--- a/wp-content/plugins/akismet/class.akismet.php
+++ b/wp-content/plugins/akismet/class.akismet.php
@@ -23,7 +23,7 @@ class Akismet {
self::$initiated = true;
add_action( 'wp_insert_comment', array( 'Akismet', 'auto_check_update_meta' ), 10, 2 );
- add_action( 'preprocess_comment', array( 'Akismet', 'auto_check_comment' ), 1 );
+ add_filter( 'preprocess_comment', array( 'Akismet', 'auto_check_comment' ), 1 );
add_action( 'akismet_scheduled_delete', array( 'Akismet', 'delete_old_comments' ) );
add_action( 'akismet_scheduled_delete', array( 'Akismet', 'delete_old_comments_meta' ) );
add_action( 'akismet_schedule_cron_recheck', array( 'Akismet', 'cron_recheck' ) );
@@ -42,6 +42,9 @@ class Akismet {
add_action( 'transition_comment_status', array( 'Akismet', 'transition_comment_status' ), 10, 3 );
+ // Run this early in the pingback call, before doing a remote fetch of the source uri
+ add_action( 'xmlrpc_call', array( 'Akismet', 'pre_check_pingback' ) );
+
if ( '3.0.5' == $GLOBALS['wp_version'] ) {
remove_filter( 'comment_text', 'wp_kses_data' );
if ( is_admin() )
@@ -161,6 +164,7 @@ class Akismet {
if ( function_exists('wp_next_scheduled') && function_exists('wp_schedule_single_event') ) {
if ( !wp_next_scheduled( 'akismet_schedule_cron_recheck' ) ) {
wp_schedule_single_event( time() + 1200, 'akismet_schedule_cron_recheck' );
+ do_action( 'akismet_scheduled_recheck', 'invalid-response-' . $response[1] );
}
}
@@ -180,7 +184,7 @@ class Akismet {
self::set_last_comment( $commentdata );
self::fix_scheduled_recheck();
- return self::$last_comment;
+ return $commentdata;
}
public static function get_last_comment() {
@@ -547,6 +551,7 @@ class Akismet {
if ( get_option( 'akismet_alert_code' ) || $status == 'invalid' ) {
// since there is currently a problem with the key, reschedule a check for 6 hours hence
wp_schedule_single_event( time() + 21600, 'akismet_schedule_cron_recheck' );
+ do_action( 'akismet_scheduled_recheck', 'key-problem-' . get_option( 'akismet_alert_code' ) . '-' . $status );
return false;
}
@@ -608,6 +613,7 @@ class Akismet {
delete_comment_meta( $comment_id, 'akismet_rechecking' );
wp_schedule_single_event( time() + 1200, 'akismet_schedule_cron_recheck' );
+ do_action( 'akismet_scheduled_recheck', 'check-db-comment-' . $status );
return;
}
delete_comment_meta( $comment_id, 'akismet_rechecking' );
@@ -616,6 +622,7 @@ class Akismet {
$remaining = $wpdb->get_var( "SELECT COUNT(*) FROM {$wpdb->commentmeta} WHERE meta_key = 'akismet_error'" );
if ( $remaining && !wp_next_scheduled('akismet_schedule_cron_recheck') ) {
wp_schedule_single_event( time() + 1200, 'akismet_schedule_cron_recheck' );
+ do_action( 'akismet_scheduled_recheck', 'remaining' );
}
}
@@ -633,6 +640,7 @@ class Akismet {
if ( $future_check > $check_range ) {
wp_clear_scheduled_hook( 'akismet_schedule_cron_recheck' );
wp_schedule_single_event( time() + 300, 'akismet_schedule_cron_recheck' );
+ do_action( 'akismet_scheduled_recheck', 'fix-scheduled-recheck' );
}
}
@@ -809,11 +817,71 @@ class Akismet {
'timeout' => 15
);
- $akismet_url = "http://{$http_host}/1.1/{$path}";
+ $akismet_url = $http_akismet_url = "http://{$http_host}/1.1/{$path}";
+
+ /**
+ * Try SSL first; if that fails, try without it and don't try it again for a while.
+ */
+
+ $ssl = $ssl_failed = false;
+
+ // Check if SSL requests were disabled fewer than X hours ago.
+ $ssl_disabled = get_option( 'akismet_ssl_disabled' );
+
+ if ( $ssl_disabled && $ssl_disabled < ( time() - 60 * 60 * 24 ) ) { // 24 hours
+ $ssl_disabled = false;
+ delete_option( 'akismet_ssl_disabled' );
+ }
+ else if ( $ssl_disabled ) {
+ do_action( 'akismet_ssl_disabled' );
+ }
+
+ if ( ! $ssl_disabled && function_exists( 'wp_http_supports') && ( $ssl = wp_http_supports( array( 'ssl' ) ) ) ) {
+ $akismet_url = set_url_scheme( $akismet_url, 'https' );
+
+ do_action( 'akismet_https_request_pre' );
+ }
+
$response = wp_remote_post( $akismet_url, $http_args );
+
Akismet::log( compact( 'akismet_url', 'http_args', 'response' ) );
- if ( is_wp_error( $response ) )
+
+ if ( $ssl && is_wp_error( $response ) ) {
+ do_action( 'akismet_https_request_failure', $response );
+
+ // Intermittent connection problems may cause the first HTTPS
+ // request to fail and subsequent HTTP requests to succeed randomly.
+ // Retry the HTTPS request once before disabling SSL for a time.
+ $response = wp_remote_post( $akismet_url, $http_args );
+
+ Akismet::log( compact( 'akismet_url', 'http_args', 'response' ) );
+
+ if ( is_wp_error( $response ) ) {
+ $ssl_failed = true;
+
+ do_action( 'akismet_https_request_failure', $response );
+
+ do_action( 'akismet_http_request_pre' );
+
+ // Try the request again without SSL.
+ $response = wp_remote_post( $http_akismet_url, $http_args );
+
+ Akismet::log( compact( 'http_akismet_url', 'http_args', 'response' ) );
+ }
+ }
+
+ if ( is_wp_error( $response ) ) {
+ do_action( 'akismet_request_failure', $response );
+
return array( '', '' );
+ }
+
+ if ( $ssl_failed ) {
+ // The request failed when using SSL but succeeded without it. Disable SSL for future requests.
+ update_option( 'akismet_ssl_disabled', time() );
+
+ do_action( 'akismet_https_disabled' );
+ }
return array( $response['headers'], $response['body'] );
}
@@ -956,4 +1024,65 @@ p {
error_log( print_r( compact( 'akismet_debug' ), true ) );
}
}
+
+ public static function pre_check_pingback( $method ) {
+ if ( $method !== 'pingback.ping' )
+ return;
+
+ global $wp_xmlrpc_server;
+
+ if ( !is_object( $wp_xmlrpc_server ) )
+ return false;
+
+ // Lame: tightly coupled with the IXR class.
+ $args = $wp_xmlrpc_server->message->params;
+
+ if ( !empty( $args[1] ) ) {
+ $post_id = url_to_postid( $args[1] );
+
+ // If this gets through the pre-check, make sure we properly identify the outbound request as a pingback verification
+ Akismet::pingback_forwarded_for( null, $args[0] );
+ add_filter( 'http_request_args', array( 'Akismet', 'pingback_forwarded_for' ), 10, 2 );
+
+ $comment = array(
+ 'comment_author_url' => $args[0],
+ 'comment_post_ID' => $post_id,
+ 'comment_author' => '',
+ 'comment_author_email' => '',
+ 'comment_content' => '',
+ 'comment_type' => 'pingback',
+ 'akismet_pre_check' => '1',
+ 'comment_pingback_target' => $args[1],
+ );
+
+ $comment = Akismet::auto_check_comment( $comment );
+
+ if ( isset( $comment['akismet_result'] ) && 'true' == $comment['akismet_result'] ) {
+ // Lame: tightly coupled with the IXR classes. Unfortunately the action provides no context and no way to return anything.
+ $wp_xmlrpc_server->error( new IXR_Error( 0, 'Invalid discovery target' ) );
+ }
+ }
+ }
+
+ public static function pingback_forwarded_for( $r, $url ) {
+ static $urls = array();
+
+ // Call this with $r == null to prime the callback to add headers on a specific URL
+ if ( is_null( $r ) && !in_array( $url, $urls ) ) {
+ $urls[] = $url;
+ }
+
+ // Add X-Pingback-Forwarded-For header, but only for requests to a specific URL (the apparent pingback source)
+ if ( is_array( $r ) && is_array( $r['headers'] ) && !isset( $r['headers']['X-Pingback-Forwarded-For'] ) && in_array( $url, $urls ) ) {
+ $remote_ip = preg_replace( '/[^a-fx0-9:.,]/i', '', $_SERVER['REMOTE_ADDR'] );
+
+ // Note: this assumes REMOTE_ADDR is correct, and it may not be if a reverse proxy or CDN is in use
+ $r['headers']['X-Pingback-Forwarded-For'] = $remote_ip;
+
+ // Also identify the request as a pingback verification in the UA string so it appears in logs
+ $r['user-agent'] .= '; verifying pingback from ' . $remote_ip;
+ }
+
+ return $r;
+ }
}
\ No newline at end of file
diff --git a/wp-content/plugins/akismet/readme.txt b/wp-content/plugins/akismet/readme.txt
index beed79bb9a4cd4575167262f9ffccab41366443b..4efc81ffc550e31027aeab126e8ef6e35ff52189 100644
--- a/wp-content/plugins/akismet/readme.txt
+++ b/wp-content/plugins/akismet/readme.txt
@@ -1,9 +1,9 @@
=== Akismet ===
Contributors: matt, ryan, andy, mdawaffe, tellyworth, josephscott, lessbloat, eoigal, cfinke, automattic, jgs
Tags: akismet, comments, spam
-Requires at least: 3.1
-Tested up to: 4.1
-Stable tag: 3.0.4
+Requires at least: 3.2
+Tested up to: 4.1.1
+Stable tag: 3.1.1
License: GPLv2 or later
Akismet checks your comments against the Akismet Web service to see if they look like spam or not.
@@ -30,6 +30,18 @@ Upload the Akismet plugin to your blog, Activate it, then enter your [Akismet.co
== Changelog ==
+= 3.1.1 =
+*Release Date - 17th March, 2015*
+
+* Improvements to the "Remove comment author URL" JavaScript
+* Include the pingback pre-check from the 2.6 branch.
+
+= 3.1 =
+*Release Date - 11th March, 2015*
+
+* Use HTTPS by default for all requests to Akismet.
+* Fix for a situation where Akismet might strip HTML from a comment.
+
= 3.0.4 =
*Release Date - 11th December, 2014*
diff --git a/wp-content/plugins/akismet/views/config.php b/wp-content/plugins/akismet/views/config.php
index 154f2b2c052a301bcea69cee9121c936ccc63fa4..232d10789e6c61d6f635d8029901f0ac5c597856 100644
--- a/wp-content/plugins/akismet/views/config.php
+++ b/wp-content/plugins/akismet/views/config.php
@@ -64,13 +64,43 @@
<tbody>
<?php if ( !defined( 'WPCOM_API_KEY' ) ):?>
<tr>
- <th width="10%" align="left" scope="row"><?php esc_html_e('API Key', 'akismet');?></th>
+ <th class="akismet-api-key" width="10%" align="left" scope="row"><?php esc_html_e('API Key', 'akismet');?></th>
<td width="5%"/>
<td align="left">
<span class="api-key"><input id="key" name="key" type="text" size="15" maxlength="12" value="<?php echo esc_attr( get_option('wordpress_api_key') ); ?>" class="regular-text code <?php echo $akismet_user->status;?>"></span>
</td>
</tr>
<?php endif; ?>
+ <?php if ( isset( $_GET['ssl_status'] ) ) { ?>
+ <tr>
+ <th align="left" scope="row"><?php esc_html_e( 'SSL Status', 'akismet' ); ?></th>
+ <td></td>
+ <td align="left">
+ <p>
+ <?php
+
+ if ( ! function_exists( 'wp_http_supports' ) ) {
+ ?><b><?php esc_html_e( 'Disabled.', 'akismet' ); ?></b> <?php printf( esc_html( 'Your WordPress installation does not include the function %s; upgrade to the latest version of WordPress.', 'akismet' ), '<code>wp_http_supports</code>' ); ?><?php
+ }
+ else if ( ! wp_http_supports( array( 'ssl' ) ) ) {
+ ?><b><?php esc_html_e( 'Disabled.', 'akismet' ); ?></b> <?php esc_html_e( 'Your Web server cannot make SSL requests; contact your Web host and ask them to add support for SSL requests.', 'akismet' ); ?><?php
+ }
+ else {
+ $ssl_disabled = get_option( 'akismet_ssl_disabled' );
+
+ if ( $ssl_disabled ) {
+ ?><b><?php esc_html_e( 'Temporarily disabled.', 'akismet' ); ?></b> <?php esc_html_e( 'Akismet encountered a problem with a previous SSL request and disabled it temporarily. It will begin using SSL for requests again shortly.', 'akismet' ); ?><?php
+ }
+ else {
+ ?><b><?php esc_html_e( 'Enabled.', 'akismet' ); ?></b> <?php esc_html_e( 'All systems functional.', 'akismet' ); ?><?php
+ }
+ }
+
+ ?>
+ </p>
+ </td>
+ </tr>
+ <?php } ?>
<tr>
<th align="left" scope="row"><?php esc_html_e('Comments', 'akismet');?></th>
<td></td>
@@ -95,7 +125,7 @@
printf(
_n(
- 'Spam in the <a href="%s">spam folder</a> older than 1 day is deleted automatically.',
+ 'Spam in the <a href="%1$s">spam folder</a> older than 1 day is deleted automatically.',
'Spam in the <a href="%1$s">spam folder</a> older than %2$d days is deleted automatically.',
$delete_interval,
'akismet'
diff --git a/wp-content/plugins/akismet/views/notice.php b/wp-content/plugins/akismet/views/notice.php
index 60f2e8ce0dd55a668655f2bb2bdf6b78e75db48a..c2fc45afa0149e19ae84478b0973ef7728c25d12 100644
--- a/wp-content/plugins/akismet/views/notice.php
+++ b/wp-content/plugins/akismet/views/notice.php
@@ -93,7 +93,7 @@
<div class="wrap alert critical">
<?php if ( $level == 'yellow' ): ?>
<h3 class="key-status failed"><?php esc_html_e("You're using your Akismet key on more sites than your Pro subscription allows.", 'akismet'); ?></h3>
- <p class="description"><?php printf( __('If you would like to use Akismet on more than 10 sites, you will need to <a href="%s" target="_blank">upgrade to an Enterprise subscription</a>. If you have any questions, please <a href="%s" target="_blank">get in touch with our support team</a>', 'akismet'), 'https://akismet.com/account/upgrade/', 'https://akismet.com/contact/'); ?></p>
+ <p class="description"><?php printf( __('Your Pro subscription allows the use of Akismet on only one site. Please <a href="http://docs.akismet.com/billing/add-more-sites/">purchase additional Pro subscriptions</a> or upgrade to an Enterprise subscription that allows the use of Akismet on unlimited sites.<br /><br />If you have any questions, please get in touch with our support team.', 'akismet'), 'https://akismet.com/account/upgrade/', 'https://akismet.com/contact/'); ?></p>
<?php elseif ( $level == 'red' ): ?>
<h3 class="key-status failed"><?php esc_html_e("You're using Akismet on far too many sites for your Pro subscription.", 'akismet'); ?></h3>
<p class="description"><?php printf( __('To continue your service, <a href="%s" target="_blank">upgrade to an Enterprise subscription</a>, which covers an unlimited number of sites. Please <a href="%s" target="_blank">contact our support team</a> with any questions.', 'akismet'), 'https://akismet.com/account/upgrade/', 'https://akismet.com/contact/'); ?></p>
diff --git a/wp-content/plugins/akismet/wrapper.php b/wp-content/plugins/akismet/wrapper.php
index 12641c7ec7559595f5a26de2fc78e5c83a2ee530..a77d4ce933e0465015644d830172b534dc3e3ab2 100644
--- a/wp-content/plugins/akismet/wrapper.php
+++ b/wp-content/plugins/akismet/wrapper.php
@@ -7,46 +7,32 @@ $akismet_api_host = Akismet::get_api_key() . '.rest.akismet.com';
$akismet_api_port = 80;
function akismet_test_mode() {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet::is_test_mode()' );
-
return Akismet::is_test_mode();
}
function akismet_http_post( $request, $host, $path, $port = 80, $ip = null ) {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet::http_post()' );
-
$path = str_replace( '/1.1/', '', $path );
return Akismet::http_post( $request, $path, $ip );
}
function akismet_microtime() {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet::_get_microtime()' );
-
return Akismet::_get_microtime();
}
function akismet_delete_old() {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet::delete_old_comments()' );
-
return Akismet::delete_old_comments();
}
function akismet_delete_old_metadata() {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet::delete_old_comments_meta()' );
-
return Akismet::delete_old_comments_meta();
}
function akismet_check_db_comment( $id, $recheck_reason = 'recheck_queue' ) {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet::check_db_comment()' );
-
return Akismet::check_db_comment( $id, $recheck_reason );
}
function akismet_rightnow() {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet_Admin::rightnow_stats()' );
-
if ( !class_exists( 'Akismet_Admin' ) )
return false;
@@ -63,13 +49,9 @@ function akismet_load_js_and_css() {
_deprecated_function( __FUNCTION__, '3.0' );
}
function akismet_nonce_field( $action = -1 ) {
- _deprecated_function( __FUNCTION__, '3.0', 'wp_nonce_field' );
-
return wp_nonce_field( $action );
}
function akismet_plugin_action_links( $links, $file ) {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet_Admin::plugin_action_links()' );
-
return Akismet_Admin::plugin_action_links( $links, $file );
}
function akismet_conf() {
@@ -79,21 +61,15 @@ function akismet_stats_display() {
_deprecated_function( __FUNCTION__, '3.0' );
}
function akismet_stats() {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet_Admin::dashboard_stats()' );
-
return Akismet_Admin::dashboard_stats();
}
function akismet_admin_warnings() {
_deprecated_function( __FUNCTION__, '3.0' );
}
function akismet_comment_row_action( $a, $comment ) {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet_Admin::comment_row_action()' );
-
return Akismet_Admin::comment_row_actions( $a, $comment );
}
function akismet_comment_status_meta_box( $comment ) {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet_Admin::comment_status_meta_box()' );
-
return Akismet_Admin::comment_status_meta_box( $comment );
}
function akismet_comments_columns( $columns ) {
@@ -105,63 +81,39 @@ function akismet_comment_column_row( $column, $comment_id ) {
_deprecated_function( __FUNCTION__, '3.0' );
}
function akismet_text_add_link_callback( $m ) {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet_Admin::text_add_link_callback()' );
-
return Akismet_Admin::text_add_link_callback( $m );
}
function akismet_text_add_link_class( $comment_text ) {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet_Admin::text_add_link_class()' );
-
return Akismet_Admin::text_add_link_class( $comment_text );
}
function akismet_check_for_spam_button( $comment_status ) {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet_Admin::check_for_spam_button()' );
-
return Akismet_Admin::check_for_spam_button( $comment_status );
}
function akismet_submit_nonspam_comment( $comment_id ) {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet::submit_nonspam_comment()' );
-
return Akismet::submit_nonspam_comment( $comment_id );
}
function akismet_submit_spam_comment( $comment_id ) {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet::submit_spam_comment()' );
-
return Akismet::submit_spam_comment( $comment_id );
}
function akismet_transition_comment_status( $new_status, $old_status, $comment ) {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet::transition_comment_status()' );
-
return Akismet::transition_comment_status( $new_status, $old_status, $comment );
}
function akismet_spam_count( $type = false ) {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet_Admin::get_spam_count()' );
-
return Akismet_Admin::get_spam_count( $type );
}
function akismet_recheck_queue() {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet_Admin::recheck_queue()' );
-
return Akismet_Admin::recheck_queue();
}
function akismet_remove_comment_author_url() {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet_Admin::remove_comment_author_url()' );
-
return Akismet_Admin::remove_comment_author_url();
}
function akismet_add_comment_author_url() {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet_Admin::add_comment_author_url()' );
-
return Akismet_Admin::add_comment_author_url();
}
function akismet_check_server_connectivity() {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet_Admin::check_server_connectivity()' );
-
return Akismet_Admin::check_server_connectivity();
}
function akismet_get_server_connectivity( $cache_timeout = 86400 ) {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet_Admin::()' );
-
return Akismet_Admin::get_server_connectivity( $cache_timeout );
}
function akismet_server_connectivity_ok() {
@@ -170,101 +122,63 @@ function akismet_server_connectivity_ok() {
return true;
}
function akismet_admin_menu() {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet_Admin::admin_menu()' );
-
return Akismet_Admin::admin_menu();
}
function akismet_load_menu() {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet_Admin::load_menu()' );
-
return Akismet_Admin::load_menu();
}
function akismet_init() {
_deprecated_function( __FUNCTION__, '3.0' );
}
function akismet_get_key() {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet::get_api_key()' );
-
return Akismet::get_api_key();
}
function akismet_check_key_status( $key, $ip = null ) {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet::check_key_status()' );
-
return Akismet::check_key_status( $key, $ip );
}
function akismet_update_alert( $response ) {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet::update_alert()' );
-
return Akismet::update_alert( $response );
}
function akismet_verify_key( $key, $ip = null ) {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet::verify_key()' );
-
return Akismet::verify_key( $key, $ip );
}
function akismet_get_user_roles( $user_id ) {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet::get_user_roles()' );
-
return Akismet::get_user_roles( $user_id );
}
function akismet_result_spam( $approved ) {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet::comment_is_spam()' );
-
return Akismet::comment_is_spam( $approved );
}
function akismet_result_hold( $approved ) {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet::comment_needs_moderation()' );
-
return Akismet::comment_needs_moderation( $approved );
}
function akismet_get_user_comments_approved( $user_id, $comment_author_email, $comment_author, $comment_author_url ) {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet::get_user_comments_approved()' );
-
return Akismet::get_user_comments_approved( $user_id, $comment_author_email, $comment_author, $comment_author_url );
}
function akismet_update_comment_history( $comment_id, $message, $event = null ) {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet::update_comment_history()' );
-
return Akismet::update_comment_history( $comment_id, $message, $event );
}
function akismet_get_comment_history( $comment_id ) {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet::get_comment_history()' );
-
return Akismet::get_comment_history( $comment_id );
}
function akismet_cmp_time( $a, $b ) {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet::_cmp_time()' );
-
return Akismet::_cmp_time( $a, $b );
}
function akismet_auto_check_update_meta( $id, $comment ) {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet::auto_check_update_meta()' );
-
return Akismet::auto_check_update_meta( $id, $comment );
}
function akismet_auto_check_comment( $commentdata ) {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet::auto_check_comment()' );
-
return Akismet::auto_check_comment( $commentdata );
}
function akismet_get_ip_address() {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet::get_ip_address()' );
-
return Akismet::get_ip_address();
}
function akismet_cron_recheck() {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet::cron_recheck()' );
-
return Akismet::cron_recheck();
}
function akismet_add_comment_nonce() {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet::add_comment_nonce()' );
-
return Akismet::add_comment_nonce( $post_id );
}
function akismet_fix_scheduled_recheck() {
- _deprecated_function( __FUNCTION__, '3.0', 'Akismet::fix_scheduled_recheck()' );
-
return Akismet::fix_scheduled_recheck();
}
function akismet_spam_comments() {
@@ -290,4 +204,10 @@ function akismet_kill_proxy_check( $option ) {
_deprecated_function( __FUNCTION__, '3.0' );
return 0;
+}
+function akismet_pingback_forwarded_for( $r, $url ) {
+ return Akismet::pingback_forwarded_for( $r, $url );
+}
+function akismet_pre_check_pingback( $method ) {
+ return Akismet::pre_check_pingback( $method );
}
\ No newline at end of file
diff --git a/wp-includes/capabilities.php b/wp-includes/capabilities.php
index 894a149e3dec039e9454721f9d11ce793d7c2432..bdb5c7a2d9962dc1e6530eb5e05728b37d716acf 100644
--- a/wp-includes/capabilities.php
+++ b/wp-includes/capabilities.php
@@ -1374,21 +1374,25 @@ function current_user_can( $capability ) {
* @return bool
*/
function current_user_can_for_blog( $blog_id, $capability ) {
- if ( is_multisite() )
- switch_to_blog( $blog_id );
+ $switched = is_multisite() ? switch_to_blog( $blog_id ) : false;
$current_user = wp_get_current_user();
- if ( empty( $current_user ) )
+ if ( empty( $current_user ) ) {
+ if ( $switched ) {
+ restore_current_blog();
+ }
return false;
+ }
$args = array_slice( func_get_args(), 2 );
$args = array_merge( array( $capability ), $args );
$can = call_user_func_array( array( $current_user, 'has_cap' ), $args );
- if ( is_multisite() )
+ if ( $switched ) {
restore_current_blog();
+ }
return $can;
}
diff --git a/wp-includes/class-wp-editor.php b/wp-includes/class-wp-editor.php
index 521c0ee67b93f7163a14197a79df2d26cdc2e611..6148583d0c2b4262143dc281d3eb173a3c6f3361 100644
--- a/wp-includes/class-wp-editor.php
+++ b/wp-includes/class-wp-editor.php
@@ -117,12 +117,6 @@ final class _WP_Editors {
// A cookie (set when a user resizes the editor) overrides the height.
$cookie = (int) get_user_setting( 'ed_size' );
- // Upgrade an old TinyMCE cookie if it is still around, and the new one isn't.
- if ( ! $cookie && isset( $_COOKIE['TinyMCE_content_size'] ) ) {
- parse_str( $_COOKIE['TinyMCE_content_size'], $cookie );
- $cookie = $cookie['ch'];
- }
-
if ( $cookie )
$set['editor_height'] = $cookie;
}
diff --git a/wp-includes/formatting.php b/wp-includes/formatting.php
index 3d4d1f20c7fc4dbcc670282e9201786ef091aeb8..7bd354afed9abff9372f8f60ea86ffb8f1eb226b 100644
--- a/wp-includes/formatting.php
+++ b/wp-includes/formatting.php
@@ -1309,21 +1309,23 @@ function sanitize_title_with_dashes( $title, $raw_title = '', $context = 'displa
}
/**
- * Ensures a string is a valid SQL order by clause.
+ * Ensures a string is a valid SQL 'order by' clause.
*
- * Accepts one or more columns, with or without ASC/DESC, and also accepts
- * RAND().
+ * Accepts one or more columns, with or without a sort order (ASC / DESC).
+ * e.g. 'column_1', 'column_1, column_2', 'column_1 ASC, column_2 DESC' etc.
+ *
+ * Also accepts 'RAND()'.
*
* @since 2.5.1
*
- * @param string $orderby Order by string to be checked.
- * @return false|string Returns the order by clause if it is a match, false otherwise.
+ * @param string $orderby Order by clause to be validated.
+ * @return string|bool Returns $orderby if valid, false otherwise.
*/
-function sanitize_sql_orderby( $orderby ){
- preg_match('/^\s*([a-z0-9_]+(\s+(ASC|DESC))?(\s*,\s*|\s*$))+|^\s*RAND\(\s*\)\s*$/i', $orderby, $obmatches);
- if ( !$obmatches )
- return false;
- return $orderby;
+function sanitize_sql_orderby( $orderby ) {
+ if ( preg_match( '/^\s*(([a-z0-9_]+|`[a-z0-9_]+`)(\s+(ASC|DESC))?\s*(,\s*(?=[a-z0-9_`])|$))+$/i', $orderby ) || preg_match( '/^\s*RAND\(\s*\)\s*$/i', $orderby ) ) {
+ return $orderby;
+ }
+ return false;
}
/**
diff --git a/wp-includes/functions.php b/wp-includes/functions.php
index 76013c934e6186668067bc609cbf9bbbec0f1923..d903349cfbe827e4b1df9a79ab3c4f9c9312008f 100644
--- a/wp-includes/functions.php
+++ b/wp-includes/functions.php
@@ -2049,7 +2049,7 @@ function wp_check_filetype( $filename, $mimes = null ) {
$ext = false;
foreach ( $mimes as $ext_preg => $mime_match ) {
- $ext_preg = '!\.(' . $ext_preg . ')(\?.*)?$!i';
+ $ext_preg = '!\.(' . $ext_preg . ')$!i';
if ( preg_match( $ext_preg, $filename, $ext_matches ) ) {
$type = $mime_match;
$ext = $ext_matches[1];
diff --git a/wp-includes/js/plupload/plupload.flash.swf b/wp-includes/js/plupload/plupload.flash.swf
index 6493572bdf005ad7765d58f79f2ef65660fba931..47a83cea7f498765155b407c891ce6c501a6b220 100644
Binary files a/wp-includes/js/plupload/plupload.flash.swf and b/wp-includes/js/plupload/plupload.flash.swf differ
diff --git a/wp-includes/version.php b/wp-includes/version.php
index 4a10c0b57bfec755255748c2439972611cf62476..b3bb8584a3ec8ac5bc50c6e42a92cdd995fc2961 100644
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@@ -4,7 +4,7 @@
*
* @global string $wp_version
*/
-$wp_version = '4.1.1';
+$wp_version = '4.1.3';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
diff --git a/wp-includes/wp-db.php b/wp-includes/wp-db.php
index 1656df7be76959d8b66f51438f0bac18587e107e..b3eed896ec4d5915b8ad51ac69d7ed6d409c54a4 100644
--- a/wp-includes/wp-db.php
+++ b/wp-includes/wp-db.php
@@ -143,6 +143,43 @@ class wpdb {
*/
protected $result;
+ /**
+ * Cached column info, for sanity checking data before inserting
+ *
+ * @since 4.2.0
+ * @access protected
+ * @var array
+ */
+ protected $col_meta = array();
+
+ /**
+ * Calculated character sets on tables
+ *
+ * @since 4.2.0
+ * @access protected
+ * @var array
+ */
+ protected $table_charset = array();
+
+ /**
+ * Whether text fields in the current query need to be sanity checked.
+ *
+ * @since 4.2.0
+ * @access protected
+ * @var bool
+ */
+ protected $check_current_query = true;
+
+ /**
+ * Flag to ensure we don't run into recursion problems when checking the collation.
+ *
+ * @since 4.2.0
+ * @access private
+ * @see wpdb::check_safe_collation()
+ * @var boolean
+ */
+ private $checking_collation = false;
+
/**
* Saved info on the table column
*
@@ -647,6 +684,14 @@ class wpdb {
* @param mixed $value The value to set
*/
public function __set( $name, $value ) {
+ $protected_members = array(
+ 'col_meta',
+ 'table_charset',
+ 'check_current_query',
+ );
+ if ( in_array( $name, $protected_members, true ) ) {
+ return;
+ }
$this->$name = $value;
}
@@ -716,7 +761,7 @@ class wpdb {
$query = $this->prepare( 'SET NAMES %s', $charset );
if ( ! empty( $collate ) )
$query .= $this->prepare( ' COLLATE %s', $collate );
- mysqli_query( $query, $dbh );
+ mysqli_query( $dbh, $query );
}
} else {
if ( function_exists( 'mysql_set_charset' ) && $this->has_cap( 'set_charset' ) ) {
@@ -1541,6 +1586,7 @@ class wpdb {
*/
public function query( $query ) {
if ( ! $this->ready ) {
+ $this->check_current_query = true;
return false;
}
@@ -1561,6 +1607,19 @@ class wpdb {
// Log how the function was called
$this->func_call = "\$db->query(\"$query\")";
+ // If we're writing to the database, make sure the query will write safely.
+ if ( $this->check_current_query && ! $this->check_ascii( $query ) ) {
+ $stripped_query = $this->strip_invalid_text_from_query( $query );
+ // strip_invalid_text_from_query() can perform queries, so we need
+ // to flush again, just to make sure everything is clear.
+ $this->flush();
+ if ( $stripped_query !== $query ) {
+ $this->insert_id = 0;
+ return false;
+ }
+ }
+
+ $this->check_current_query = true;
// Keep track of the last query for debug..
$this->last_query = $query;
@@ -1730,23 +1789,29 @@ class wpdb {
* @return int|false The number of rows affected, or false on error.
*/
function _insert_replace_helper( $table, $data, $format = null, $type = 'INSERT' ) {
- if ( ! in_array( strtoupper( $type ), array( 'REPLACE', 'INSERT' ) ) )
+ if ( ! in_array( strtoupper( $type ), array( 'REPLACE', 'INSERT' ) ) ) {
+ return false;
+ }
+
+ $data = $this->process_fields( $table, $data, $format );
+ if ( false === $data ) {
return false;
- $this->insert_id = 0;
- $formats = $format = (array) $format;
- $fields = array_keys( $data );
- $formatted_fields = array();
- foreach ( $fields as $field ) {
- if ( !empty( $format ) )
- $form = ( $form = array_shift( $formats ) ) ? $form : $format[0];
- elseif ( isset( $this->field_types[$field] ) )
- $form = $this->field_types[$field];
- else
- $form = '%s';
- $formatted_fields[] = $form;
}
- $sql = "{$type} INTO `$table` (`" . implode( '`,`', $fields ) . "`) VALUES (" . implode( ",", $formatted_fields ) . ")";
- return $this->query( $this->prepare( $sql, $data ) );
+
+ $formats = $values = array();
+ foreach ( $data as $value ) {
+ $formats[] = $value['format'];
+ $values[] = $value['value'];
+ }
+
+ $fields = '`' . implode( '`, `', array_keys( $data ) ) . '`';
+ $formats = implode( ', ', $formats );
+
+ $sql = "$type INTO `$table` ($fields) VALUES ($formats)";
+
+ $this->insert_id = 0;
+ $this->check_current_query = false;
+ return $this->query( $this->prepare( $sql, $values ) );
}
/**
@@ -1769,34 +1834,36 @@ class wpdb {
* @return int|false The number of rows updated, or false on error.
*/
public function update( $table, $data, $where, $format = null, $where_format = null ) {
- if ( ! is_array( $data ) || ! is_array( $where ) )
+ if ( ! is_array( $data ) || ! is_array( $where ) ) {
return false;
+ }
- $formats = $format = (array) $format;
- $bits = $wheres = array();
- foreach ( (array) array_keys( $data ) as $field ) {
- if ( !empty( $format ) )
- $form = ( $form = array_shift( $formats ) ) ? $form : $format[0];
- elseif ( isset($this->field_types[$field]) )
- $form = $this->field_types[$field];
- else
- $form = '%s';
- $bits[] = "`$field` = {$form}";
+ $data = $this->process_fields( $table, $data, $format );
+ if ( false === $data ) {
+ return false;
+ }
+ $where = $this->process_fields( $table, $where, $where_format );
+ if ( false === $where ) {
+ return false;
}
- $where_formats = $where_format = (array) $where_format;
- foreach ( (array) array_keys( $where ) as $field ) {
- if ( !empty( $where_format ) )
- $form = ( $form = array_shift( $where_formats ) ) ? $form : $where_format[0];
- elseif ( isset( $this->field_types[$field] ) )
- $form = $this->field_types[$field];
- else
- $form = '%s';
- $wheres[] = "`$field` = {$form}";
+ $fields = $conditions = $values = array();
+ foreach ( $data as $field => $value ) {
+ $fields[] = "`$field` = " . $value['format'];
+ $values[] = $value['value'];
}
+ foreach ( $where as $field => $value ) {
+ $conditions[] = "`$field` = " . $value['format'];
+ $values[] = $value['value'];
+ }
+
+ $fields = implode( ', ', $fields );
+ $conditions = implode( ' AND ', $conditions );
- $sql = "UPDATE `$table` SET " . implode( ', ', $bits ) . ' WHERE ' . implode( ' AND ', $wheres );
- return $this->query( $this->prepare( $sql, array_merge( array_values( $data ), array_values( $where ) ) ) );
+ $sql = "UPDATE `$table` SET $fields WHERE $conditions";
+
+ $this->check_current_query = false;
+ return $this->query( $this->prepare( $sql, $values ) );
}
/**
@@ -1816,27 +1883,132 @@ class wpdb {
* @return int|false The number of rows updated, or false on error.
*/
public function delete( $table, $where, $where_format = null ) {
- if ( ! is_array( $where ) )
+ if ( ! is_array( $where ) ) {
+ return false;
+ }
+
+ $where = $this->process_fields( $table, $where, $where_format );
+ if ( false === $where ) {
+ return false;
+ }
+
+ $conditions = $values = array();
+ foreach ( $where as $field => $value ) {
+ $conditions[] = "`$field` = " . $value['format'];
+ $values[] = $value['value'];
+ }
+
+ $conditions = implode( ' AND ', $conditions );
+
+ $sql = "DELETE FROM `$table` WHERE $conditions";
+
+ $this->check_current_query = false;
+ return $this->query( $this->prepare( $sql, $values ) );
+ }
+
+ /**
+ * Processes arrays of field/value pairs and field formats.
+ *
+ * This is a helper method for wpdb's CRUD methods, which take field/value
+ * pairs for inserts, updates, and where clauses. This method first pairs
+ * each value with a format. Then it determines the charset of that field,
+ * using that to determine if any invalid text would be stripped. If text is
+ * stripped, then field processing is rejected and the query fails.
+ *
+ * @since 4.2.0
+ * @access protected
+ *
+ * @param string $table Table name.
+ * @param array $data Field/value pair.
+ * @param mixed $format Format for each field.
+ * @return array|bool Returns an array of fields that contain paired values
+ * and formats. Returns false for invalid values.
+ */
+ protected function process_fields( $table, $data, $format ) {
+ $data = $this->process_field_formats( $data, $format );
+ $data = $this->process_field_charsets( $data, $table );
+ if ( false === $data ) {
return false;
+ }
- $wheres = array();
+ $converted_data = $this->strip_invalid_text( $data );
- $where_formats = $where_format = (array) $where_format;
+ if ( $data !== $converted_data ) {
+ return false;
+ }
- foreach ( array_keys( $where ) as $field ) {
- if ( !empty( $where_format ) ) {
- $form = ( $form = array_shift( $where_formats ) ) ? $form : $where_format[0];
+ return $data;
+ }
+
+ /**
+ * Prepares arrays of value/format pairs as passed to wpdb CRUD methods.
+ *
+ * @since 4.2.0
+ * @access protected
+ *
+ * @param array $data Array of fields to values.
+ * @param mixed $format Formats to be mapped to the values in $data.
+ * @return array Array, keyed by field names with values being an array
+ * of 'value' and 'format' keys.
+ */
+ protected function process_field_formats( $data, $format ) {
+ $formats = $original_formats = (array) $format;
+
+ foreach ( $data as $field => $value ) {
+ $value = array(
+ 'value' => $value,
+ 'format' => '%s',
+ );
+
+ if ( ! empty( $format ) ) {
+ $value['format'] = array_shift( $formats );
+ if ( ! $value['format'] ) {
+ $value['format'] = reset( $original_formats );
+ }
} elseif ( isset( $this->field_types[ $field ] ) ) {
- $form = $this->field_types[ $field ];
+ $value['format'] = $this->field_types[ $field ];
+ }
+
+ $data[ $field ] = $value;
+ }
+
+ return $data;
+ }
+
+ /**
+ * Adds field charsets to field/value/format arrays generated by
+ * the {@see wpdb::process_field_formats()} method.
+ *
+ * @since 4.2.0
+ * @access protected
+ *
+ * @param array $data As it comes from the {@see wpdb::process_field_formats()} method.
+ * @param string $table Table name.
+ * @return The same array as $data with additional 'charset' keys.
+ */
+ protected function process_field_charsets( $data, $table ) {
+ foreach ( $data as $field => $value ) {
+ if ( '%d' === $value['format'] || '%f' === $value['format'] ) {
+ // We can skip this field if we know it isn't a string.
+ // This checks %d/%f versus ! %s because it's sprintf() could take more.
+ $value['charset'] = false;
+ } elseif ( $this->check_ascii( $value['value'] ) ) {
+ // If it's ASCII, then we don't need the charset. We can skip this field.
+ $value['charset'] = false;
} else {
- $form = '%s';
+ $value['charset'] = $this->get_col_charset( $table, $field );
+ if ( is_wp_error( $value['charset'] ) ) {
+ return false;
+ }
+
+ // This isn't ASCII. Don't have strip_invalid_text() re-check.
+ $value['ascii'] = false;
}
- $wheres[] = "$field = $form";
+ $data[ $field ] = $value;
}
- $sql = "DELETE FROM $table WHERE " . implode( ' AND ', $wheres );
- return $this->query( $this->prepare( $sql, $where ) );
+ return $data;
}
/**
@@ -1856,6 +2028,10 @@ class wpdb {
public function get_var( $query = null, $x = 0, $y = 0 ) {
$this->func_call = "\$db->get_var(\"$query\", $x, $y)";
+ if ( $this->check_safe_collation( $query ) ) {
+ $this->check_current_query = false;
+ }
+
if ( $query ) {
$this->query( $query );
}
@@ -1884,6 +2060,11 @@ class wpdb {
*/
public function get_row( $query = null, $output = OBJECT, $y = 0 ) {
$this->func_call = "\$db->get_row(\"$query\",$output,$y)";
+
+ if ( $this->check_safe_collation( $query ) ) {
+ $this->check_current_query = false;
+ }
+
if ( $query ) {
$this->query( $query );
} else {
@@ -1921,6 +2102,10 @@ class wpdb {
* @return array Database query result. Array indexed from 0 by SQL result row number.
*/
public function get_col( $query = null , $x = 0 ) {
+ if ( $this->check_safe_collation( $query ) ) {
+ $this->check_current_query = false;
+ }
+
if ( $query ) {
$this->query( $query );
}
@@ -1949,6 +2134,10 @@ class wpdb {
public function get_results( $query = null, $output = OBJECT ) {
$this->func_call = "\$db->get_results(\"$query\", $output)";
+ if ( $this->check_safe_collation( $query ) ) {
+ $this->check_current_query = false;
+ }
+
if ( $query ) {
$this->query( $query );
} else {
@@ -1990,6 +2179,527 @@ class wpdb {
return null;
}
+ /**
+ * Retrieves the character set for the given table.
+ *
+ * @since 4.2.0
+ * @access protected
+ *
+ * @param string $table Table name.
+ * @return string|WP_Error Table character set, {@see WP_Error} object if it couldn't be found.
+ */
+ protected function get_table_charset( $table ) {
+ $tablekey = strtolower( $table );
+
+ /**
+ * Filter the table charset value before the DB is checked.
+ *
+ * Passing a non-null value to the filter will effectively short-circuit
+ * checking the DB for the charset, returning that value instead.
+ *
+ * @since 4.2.0
+ *
+ * @param string $charset The character set to use. Default null.
+ * @param string $table The name of the table being checked.
+ */
+ $charset = apply_filters( 'pre_get_table_charset', null, $table );
+ if ( null !== $charset ) {
+ return $charset;
+ }
+
+ if ( isset( $this->table_charset[ $tablekey ] ) ) {
+ return $this->table_charset[ $tablekey ];
+ }
+
+ $charsets = $columns = array();
+ $results = $this->get_results( "SHOW FULL COLUMNS FROM `$table`" );
+ if ( ! $results ) {
+ return new WP_Error( 'wpdb_get_table_charset_failure' );
+ }
+
+ foreach ( $results as $column ) {
+ $columns[ strtolower( $column->Field ) ] = $column;
+ }
+
+ $this->col_meta[ $tablekey ] = $columns;
+
+ foreach ( $columns as $column ) {
+ if ( ! empty( $column->Collation ) ) {
+ list( $charset ) = explode( '_', $column->Collation );
+ $charsets[ strtolower( $charset ) ] = true;
+ }
+
+ list( $type ) = explode( '(', $column->Type );
+
+ // A binary/blob means the whole query gets treated like this.
+ if ( in_array( strtoupper( $type ), array( 'BINARY', 'VARBINARY', 'TINYBLOB', 'MEDIUMBLOB', 'BLOB', 'LONGBLOB' ) ) ) {
+ $this->table_charset[ $tablekey ] = 'binary';
+ return 'binary';
+ }
+ }
+
+ // utf8mb3 is an alias for utf8.
+ if ( isset( $charsets['utf8mb3'] ) ) {
+ $charsets['utf8'] = true;
+ unset( $charsets['utf8mb3'] );
+ }
+
+ // Check if we have more than one charset in play.
+ $count = count( $charsets );
+ if ( 1 === $count ) {
+ $charset = key( $charsets );
+ } elseif ( 0 === $count ) {
+ // No charsets, assume this table can store whatever.
+ $charset = false;
+ } else {
+ // More than one charset. Remove latin1 if present and recalculate.
+ unset( $charsets['latin1'] );
+ $count = count( $charsets );
+ if ( 1 === $count ) {
+ // Only one charset (besides latin1).
+ $charset = key( $charsets );
+ } elseif ( 2 === $count && isset( $charsets['utf8'], $charsets['utf8mb4'] ) ) {
+ // Two charsets, but they're utf8 and utf8mb4, use utf8.
+ $charset = 'utf8';
+ } else {
+ // Two mixed character sets. ascii.
+ $charset = 'ascii';
+ }
+ }
+
+ $this->table_charset[ $tablekey ] = $charset;
+ return $charset;
+ }
+
+ /**
+ * Retrieves the character set for the given column.
+ *
+ * @since 4.2.0
+ * @access public
+ *
+ * @param string $table Table name.
+ * @param string $column Column name.
+ * @return mixed Column character set as a string. False if the column has no
+ * character set. {@see WP_Error} object if there was an error.
+ */
+ public function get_col_charset( $table, $column ) {
+ $tablekey = strtolower( $table );
+ $columnkey = strtolower( $column );
+
+ /**
+ * Filter the column charset value before the DB is checked.
+ *
+ * Passing a non-null value to the filter will short-circuit
+ * checking the DB for the charset, returning that value instead.
+ *
+ * @since 4.2.0
+ *
+ * @param string $charset The character set to use. Default null.
+ * @param string $table The name of the table being checked.
+ * @param string $column The name of the column being checked.
+ */
+ $charset = apply_filters( 'pre_get_col_charset', null, $table, $column );
+ if ( null !== $charset ) {
+ return $charset;
+ }
+
+ // Skip this entirely if this isn't a MySQL database.
+ if ( false === $this->is_mysql ) {
+ return false;
+ }
+
+ if ( empty( $this->table_charset[ $tablekey ] ) ) {
+ // This primes column information for us.
+ $table_charset = $this->get_table_charset( $table );
+ if ( is_wp_error( $table_charset ) ) {
+ return $table_charset;
+ }
+ }
+
+ // If still no column information, return the table charset.
+ if ( empty( $this->col_meta[ $tablekey ] ) ) {
+ return $this->table_charset[ $tablekey ];
+ }
+
+ // If this column doesn't exist, return the table charset.
+ if ( empty( $this->col_meta[ $tablekey ][ $columnkey ] ) ) {
+ return $this->table_charset[ $tablekey ];
+ }
+
+ // Return false when it's not a string column.
+ if ( empty( $this->col_meta[ $tablekey ][ $columnkey ]->Collation ) ) {
+ return false;
+ }
+
+ list( $charset ) = explode( '_', $this->col_meta[ $tablekey ][ $columnkey ]->Collation );
+ return $charset;
+ }
+
+ /**
+ * Check if a string is ASCII.
+ *
+ * The negative regex is faster for non-ASCII strings, as it allows
+ * the search to finish as soon as it encounters a non-ASCII character.
+ *
+ * @since 4.2.0
+ * @access protected
+ *
+ * @param string $string String to check.
+ * @return bool True if ASCII, false if not.
+ */
+ protected function check_ascii( $string ) {
+ if ( function_exists( 'mb_check_encoding' ) ) {
+ if ( mb_check_encoding( $string, 'ASCII' ) ) {
+ return true;
+ }
+ } elseif ( ! preg_match( '/[^\x00-\x7F]/', $string ) ) {
+ return true;
+ }
+
+ return false;
+ }
+
+ /**
+ * Check if the query is accessing a collation considered safe on the current version of MySQL.
+ *
+ * @since 4.2.0
+ * @access protected
+ *
+ * @param string $query The query to check.
+ * @return bool True if the collation is safe, false if it isn't.
+ */
+ protected function check_safe_collation( $query ) {
+ if ( $this->checking_collation ) {
+ return true;
+ }
+
+ // We don't need to check the collation for queries that don't read data.
+ $query = ltrim( $query, "\r\n\t (" );
+ if ( preg_match( '/^(?:SHOW|DESCRIBE|DESC|EXPLAIN)\s/i', $query ) ) {
+ return true;
+ }
+
+ // All-ASCII queries don't need extra checking.
+ if ( $this->check_ascii( $query ) ) {
+ return true;
+ }
+
+ $table = $this->get_table_from_query( $query );
+ if ( ! $table ) {
+ return false;
+ }
+
+ $this->checking_collation = true;
+ $collation = $this->get_table_charset( $table );
+ $this->checking_collation = false;
+
+ // Tables with no collation, or latin1 only, don't need extra checking.
+ if ( false === $collation || 'latin1' === $collation ) {
+ return true;
+ }
+
+ $table = strtolower( $table );
+ if ( empty( $this->col_meta[ $table ] ) ) {
+ return false;
+ }
+
+ // If any of the columns don't have one of these collations, it needs more sanity checking.
+ foreach( $this->col_meta[ $table ] as $col ) {
+ if ( empty( $col->Collation ) ) {
+ continue;
+ }
+
+ if ( ! in_array( $col->Collation, array( 'utf8_general_ci', 'utf8_bin', 'utf8mb4_general_ci', 'utf8mb4_bin' ), true ) ) {
+ return false;
+ }
+ }
+
+ return true;
+ }
+
+ /**
+ * Strips any invalid characters based on value/charset pairs.
+ *
+ * @since 4.2.0
+ * @access protected
+ *
+ * @param array $data Array of value arrays. Each value array has the keys
+ * 'value' and 'charset'. An optional 'ascii' key can be
+ * set to false to avoid redundant ASCII checks.
+ * @return array|WP_Error The $data parameter, with invalid characters removed from
+ * each value. This works as a passthrough: any additional keys
+ * such as 'field' are retained in each value array. If we cannot
+ * remove invalid characters, a {@see WP_Error} object is returned.
+ */
+ // If any of the columns don't have one of these collations, it needs more sanity checking.
+ protected function strip_invalid_text( $data ) {
+ // Some multibyte character sets that we can check in PHP.
+ $mb_charsets = array(
+ 'ascii' => 'ASCII',
+ 'big5' => 'BIG-5',
+ 'eucjpms' => 'eucJP-win',
+ 'gb2312' => 'EUC-CN',
+ 'ujis' => 'EUC-JP',
+ 'utf32' => 'UTF-32',
+ );
+
+ $supported_charsets = array();
+ if ( function_exists( 'mb_list_encodings' ) ) {
+ $supported_charsets = mb_list_encodings();
+ }
+
+ $db_check_string = false;
+
+ foreach ( $data as &$value ) {
+ $charset = $value['charset'];
+
+ // Column isn't a string, or is latin1, which will will happily store anything.
+ if ( false === $charset || 'latin1' === $charset ) {
+ continue;
+ }
+
+ if ( ! is_string( $value['value'] ) ) {
+ continue;
+ }
+
+ // ASCII is always OK.
+ if ( ! isset( $value['ascii'] ) && $this->check_ascii( $value['value'] ) ) {
+ continue;
+ }
+
+ // Convert the text locally.
+ if ( $supported_charsets ) {
+ if ( isset( $mb_charsets[ $charset ] ) && in_array( $mb_charsets[ $charset ], $supported_charsets ) ) {
+ $value['value'] = mb_convert_encoding( $value['value'], $mb_charsets[ $charset ], $mb_charsets[ $charset ] );
+ continue;
+ }
+ }
+
+ // utf8 can be handled by regex, which is a bunch faster than a DB lookup.
+ if ( 'utf8' === $charset || 'utf8mb3' === $charset || 'utf8mb4' === $charset ) {
+ $regex = '/
+ (
+ (?: [\x00-\x7F] # single-byte sequences 0xxxxxxx
+ | [\xC2-\xDF][\x80-\xBF] # double-byte sequences 110xxxxx 10xxxxxx
+ | \xE0[\xA0-\xBF][\x80-\xBF] # triple-byte sequences 1110xxxx 10xxxxxx * 2
+ | [\xE1-\xEC][\x80-\xBF]{2}
+ | \xED[\x80-\x9F][\x80-\xBF]
+ | [\xEE-\xEF][\x80-\xBF]{2}';
+
+ if ( 'utf8mb4' === $charset) {
+ $regex .= '
+ | \xF0[\x90-\xBF][\x80-\xBF]{2} # four-byte sequences 11110xxx 10xxxxxx * 3
+ | [\xF1-\xF3][\x80-\xBF]{3}
+ | \xF4[\x80-\x8F][\x80-\xBF]{2}
+ ';
+ }
+
+ $regex .= '){1,50} # ...one or more times
+ )
+ | . # anything else
+ /x';
+ $value['value'] = preg_replace( $regex, '$1', $value['value'] );
+ continue;
+ }
+
+ // We couldn't use any local conversions, send it to the DB.
+ $value['db'] = $db_check_string = true;
+ }
+ unset( $value ); // Remove by reference.
+
+ if ( $db_check_string ) {
+ $queries = array();
+ foreach ( $data as $col => $value ) {
+ if ( ! empty( $value['db'] ) ) {
+ if ( ! isset( $queries[ $value['charset'] ] ) ) {
+ $queries[ $value['charset'] ] = array();
+ }
+
+ // Split the CONVERT() calls by charset, so we can make sure the connection is right
+ $queries[ $value['charset'] ][ $col ] = $this->prepare( "CONVERT( %s USING {$value['charset']} )", $value['value'] );
+ unset( $data[ $col ]['db'] );
+ }
+ }
+
+ $connection_charset = $this->charset;
+ foreach ( $queries as $charset => $query ) {
+ if ( ! $query ) {
+ continue;
+ }
+
+ // Change the charset to match the string(s) we're converting
+ if ( $charset !== $connection_charset ) {
+ $connection_charset = $charset;
+ $this->set_charset( $this->dbh, $charset );
+ }
+
+ $this->check_current_query = false;
+
+ $row = $this->get_row( "SELECT " . implode( ', ', $query ), ARRAY_N );
+ if ( ! $row ) {
+ $this->set_charset( $this->dbh, $connection_charset );
+ return new WP_Error( 'wpdb_strip_invalid_text_failure' );
+ }
+
+ $cols = array_keys( $query );
+ $col_count = count( $cols );
+ for ( $ii = 0; $ii < $col_count; $ii++ ) {
+ $data[ $cols[ $ii ] ]['value'] = $row[ $ii ];
+ }
+ }
+
+ // Don't forget to change the charset back!
+ if ( $connection_charset !== $this->charset ) {
+ $this->set_charset( $this->dbh );
+ }
+ }
+
+ return $data;
+ }
+
+ /**
+ * Strips any invalid characters from the query.
+ *
+ * @since 4.2.0
+ * @access protected
+ *
+ * @param string $query Query to convert.
+ * @return string|WP_Error The converted query, or a {@see WP_Error} object if the conversion fails.
+ */
+ protected function strip_invalid_text_from_query( $query ) {
+ $table = $this->get_table_from_query( $query );
+ if ( $table ) {
+ $charset = $this->get_table_charset( $table );
+ if ( is_wp_error( $charset ) ) {
+ return $charset;
+ }
+
+ // We can't reliably strip text from tables containing binary/blob columns
+ if ( 'binary' === $charset ) {
+ return $query;
+ }
+ } else {
+ $charset = $this->charset;
+ }
+
+ $data = array(
+ 'value' => $query,
+ 'charset' => $charset,
+ 'ascii' => false,
+ );
+
+ $data = $this->strip_invalid_text( array( $data ) );
+ if ( is_wp_error( $data ) ) {
+ return $data;
+ }
+
+ return $data[0]['value'];
+ }
+
+ /**
+ * Strips any invalid characters from the string for a given table and column.
+ *
+ * @since 4.2.0
+ * @access public
+ *
+ * @param string $table Table name.
+ * @param string $column Column name.
+ * @param string $value The text to check.
+ * @return string|WP_Error The converted string, or a `WP_Error` object if the conversion fails.
+ */
+ public function strip_invalid_text_for_column( $table, $column, $value ) {
+ if ( ! is_string( $value ) || $this->check_ascii( $value ) ) {
+ return $value;
+ }
+
+ $charset = $this->get_col_charset( $table, $column );
+ if ( ! $charset ) {
+ // Not a string column.
+ return $value;
+ } elseif ( is_wp_error( $charset ) ) {
+ // Bail on real errors.
+ return $charset;
+ }
+
+ $data = array(
+ $column => array(
+ 'value' => $value,
+ 'charset' => $charset,
+ 'ascii' => false,
+ )
+ );
+
+ $data = $this->strip_invalid_text( $data );
+ if ( is_wp_error( $data ) ) {
+ return $data;
+ }
+
+ return $data[ $column ]['value'];
+ }
+
+ /**
+ * Find the first table name referenced in a query.
+ *
+ * @since 4.2.0
+ * @access protected
+ *
+ * @param string $query The query to search.
+ * @return string|false $table The table name found, or false if a table couldn't be found.
+ */
+ protected function get_table_from_query( $query ) {
+ // Remove characters that can legally trail the table name.
+ $query = rtrim( $query, ';/-#' );
+
+ // Allow (select...) union [...] style queries. Use the first query's table name.
+ $query = ltrim( $query, "\r\n\t (" );
+
+ /*
+ * Strip everything between parentheses except nested selects and use only 1,000
+ * chars of the query.
+ */
+ $query = preg_replace( '/\((?!\s*select)[^(]*?\)/is', '()', substr( $query, 0, 1000 ) );
+
+ // Quickly match most common queries.
+ if ( preg_match( '/^\s*(?:'
+ . 'SELECT.*?\s+FROM'
+ . '|INSERT(?:\s+LOW_PRIORITY|\s+DELAYED|\s+HIGH_PRIORITY)?(?:\s+IGNORE)?(?:\s+INTO)?'
+ . '|REPLACE(?:\s+LOW_PRIORITY|\s+DELAYED)?(?:\s+INTO)?'
+ . '|UPDATE(?:\s+LOW_PRIORITY)?(?:\s+IGNORE)?'
+ . '|DELETE(?:\s+LOW_PRIORITY|\s+QUICK|\s+IGNORE)*(?:\s+FROM)?'
+ . ')\s+`?([\w-]+)`?/is', $query, $maybe ) ) {
+ return $maybe[1];
+ }
+
+ // SHOW TABLE STATUS and SHOW TABLES
+ if ( preg_match( '/^\s*(?:'
+ . 'SHOW\s+TABLE\s+STATUS.+(?:LIKE\s+|WHERE\s+Name\s*=\s*)'
+ . '|SHOW\s+(?:FULL\s+)?TABLES.+(?:LIKE\s+|WHERE\s+Name\s*=\s*)'
+ . ')\W([\w-]+)\W/is', $query, $maybe ) ) {
+ return $maybe[1];
+ }
+
+ // Big pattern for the rest of the table-related queries.
+ if ( preg_match( '/^\s*(?:'
+ . '(?:EXPLAIN\s+(?:EXTENDED\s+)?)?SELECT.*?\s+FROM'
+ . '|DESCRIBE|DESC|EXPLAIN|HANDLER'
+ . '|(?:LOCK|UNLOCK)\s+TABLE(?:S)?'
+ . '|(?:RENAME|OPTIMIZE|BACKUP|RESTORE|CHECK|CHECKSUM|ANALYZE|REPAIR).*\s+TABLE'
+ . '|TRUNCATE(?:\s+TABLE)?'
+ . '|CREATE(?:\s+TEMPORARY)?\s+TABLE(?:\s+IF\s+NOT\s+EXISTS)?'
+ . '|ALTER(?:\s+IGNORE)?\s+TABLE'
+ . '|DROP\s+TABLE(?:\s+IF\s+EXISTS)?'
+ . '|CREATE(?:\s+\w+)?\s+INDEX.*\s+ON'
+ . '|DROP\s+INDEX.*\s+ON'
+ . '|LOAD\s+DATA.*INFILE.*INTO\s+TABLE'
+ . '|(?:GRANT|REVOKE).*ON\s+TABLE'
+ . '|SHOW\s+(?:.*FROM|.*TABLE)'
+ . ')\s+\(*\s*`?([\w-]+)`?\s*\)*/is', $query, $maybe ) ) {
+ return $maybe[1];
+ }
+
+ return false;
+ }
+
/**
* Load the column metadata from the last query.
*