diff --git a/readme.html b/readme.html
index 52f6759926cb9e9b50cef242a84e764b3696bc30..3eb6d9d58c2da862e5d921d2f845d61d1532003f 100644
--- a/readme.html
+++ b/readme.html
@@ -8,7 +8,7 @@
<body>
<h1 id="logo">
<a href="http://wordpress.org/"><img alt="WordPress" src="wp-admin/images/wordpress-logo.png" width="250" height="68" /></a>
- <br /> Version 3.0.1
+ <br /> Version 3.0.2
</h1>
<p style="text-align: center">Semantic Personal Publishing Platform</p>
@@ -102,7 +102,7 @@
<p>WordPress is the official continuation of <a href="http://cafelog.com/">b2/cafélog</a>, which came from Michel V. The work has been continued by the <a href="http://wordpress.org/about/">WordPress developers</a>. If you would like to support WordPress, please consider <a href="http://wordpress.org/donate/" title="Donate to WordPress">donating</a>.</p>
<h1>Copyright</h1>
-<p>WordPress is released under the <abbr title="GNU Public License">GPL</abbr>v2 (see <a href="license.txt">license.txt</a>).</p>
+<p>WordPress is released under the <abbr title="GNU Public License">GPL</abbr> (see <a href="license.txt">license.txt</a>).</p>
</body>
diff --git a/wp-admin/includes/file.php b/wp-admin/includes/file.php
index 6994a35faaad8f7d28db0f6729addaeca6d5463a..d79f2e34379b7fb1309449f144d1fe0c0cfcffb9 100644
--- a/wp-admin/includes/file.php
+++ b/wp-admin/includes/file.php
@@ -937,7 +937,7 @@ function request_filesystem_credentials($form_post, $type = '', $error = false,
$error_string = __('<strong>Error:</strong> There was an error connecting to the server, Please verify the settings are correct.');
if ( is_wp_error($error) )
$error_string = $error->get_error_message();
- echo '<div id="message" class="error"><p>' . $error_string . '</p></div>';
+ echo '<div id="message" class="error"><p>' . esc_html( $error_string ) . '</p></div>';
}
$types = array();
diff --git a/wp-admin/includes/plugin.php b/wp-admin/includes/plugin.php
index 2ff21f8c906211f4a6d88019e96954aa77048a1b..98ee2a1be7577d8649148a8b3c77e990baa2385b 100644
--- a/wp-admin/includes/plugin.php
+++ b/wp-admin/includes/plugin.php
@@ -483,6 +483,7 @@ function activate_plugin( $plugin, $redirect = '', $network_wide = false) {
ob_start();
include(WP_PLUGIN_DIR . '/' . $plugin);
do_action( 'activate_plugin', trim( $plugin) );
+ do_action( 'activate_' . trim( $plugin ) );
if ( $network_wide ) {
$current[$plugin] = time();
update_site_option( 'active_sitewide_plugins', $current );
@@ -491,7 +492,6 @@ function activate_plugin( $plugin, $redirect = '', $network_wide = false) {
sort($current);
update_option('active_plugins', $current);
}
- do_action( 'activate_' . trim( $plugin ) );
do_action( 'activated_plugin', trim( $plugin) );
if ( ob_get_length() > 0 ) {
$output = ob_get_clean();
diff --git a/wp-admin/includes/update-core.php b/wp-admin/includes/update-core.php
index 858a0f71c88f9c409a04a98f35b80155dad3a32d..1576765ad604b6e04fcd68cdbc42f91735150977 100644
--- a/wp-admin/includes/update-core.php
+++ b/wp-admin/includes/update-core.php
@@ -274,7 +274,7 @@ function update_core($from, $to) {
$mysql_version = $wpdb->db_version();
$required_php_version = '4.3';
$required_mysql_version = '4.1.2';
- $wp_version = '3.0.1';
+ $wp_version = '3.0.2';
$php_compat = version_compare( $php_version, $required_php_version, '>=' );
$mysql_compat = version_compare( $mysql_version, $required_mysql_version, '>=' ) || file_exists( WP_CONTENT_DIR . '/db.php' );
diff --git a/wp-admin/plugins.php b/wp-admin/plugins.php
index bed5d5f6dff51a795d3a621447ef8d813438bb26..8ea2d8e6a05fcaf12121c30c8922b55442d2179c 100644
--- a/wp-admin/plugins.php
+++ b/wp-admin/plugins.php
@@ -255,11 +255,11 @@ if ( !empty($action) ) {
foreach ( $plugin_info as $plugin ) {
if ( $plugin['is_uninstallable'] ) {
/* translators: 1: plugin name, 2: plugin author */
- echo '<li>', sprintf( __( '<strong>%1$s</strong> by <em>%2$s</em> (will also <strong>delete its data</strong>)' ), $plugin['Name'], $plugin['Author'] ), '</li>';
+ echo '<li>', sprintf( __( '<strong>%1$s</strong> by <em>%2$s</em> (will also <strong>delete its data</strong>)' ), esc_html($plugin['Name']), esc_html($plugin['Author']) ), '</li>';
$data_to_delete = true;
} else {
/* translators: 1: plugin name, 2: plugin author */
- echo '<li>', sprintf( __('<strong>%1$s</strong> by <em>%2$s</em>' ), $plugin['Name'], $plugin['Author'] ), '</li>';
+ echo '<li>', sprintf( __('<strong>%1$s</strong> by <em>%2$s</em>' ), esc_html($plugin['Name']), esc_html($plugin['Author']) ), '</li>';
}
}
?>
@@ -289,7 +289,7 @@ if ( !empty($action) ) {
<ul class="code">
<?php
foreach ( (array)$files_to_delete as $file )
- echo '<li>' . str_replace(WP_PLUGIN_DIR, '', $file) . '</li>';
+ echo '<li>' . esc_html(str_replace(WP_PLUGIN_DIR, '', $file)) . '</li>';
?>
</ul>
</div>
diff --git a/wp-includes/canonical.php b/wp-includes/canonical.php
index 20520a41cc783c4cf7dc7ab4570f06eeea81c16b..91b394b9d1ecca2dc0ddd6809ef488ab69156f9f 100644
--- a/wp-includes/canonical.php
+++ b/wp-includes/canonical.php
@@ -103,10 +103,6 @@ function redirect_canonical($requested_url=null, $do_redirect=true) {
} elseif ( is_single() && !empty($_GET['p']) && ! $redirect_url ) {
if ( $redirect_url = get_permalink(get_query_var('p')) )
$redirect['query'] = remove_query_arg(array('p', 'post_type'), $redirect['query']);
- if ( get_query_var( 'page' ) ) {
- $redirect_url = trailingslashit( $redirect_url ) . user_trailingslashit( get_query_var( 'page' ), 'single_paged' );
- $redirect['query'] = remove_query_arg( 'page', $redirect['query'] );
- }
} elseif ( is_single() && !empty($_GET['name']) && ! $redirect_url ) {
if ( $redirect_url = get_permalink( $wp_query->get_queried_object_id() ) )
$redirect['query'] = remove_query_arg('name', $redirect['query']);
@@ -180,12 +176,18 @@ function redirect_canonical($requested_url=null, $do_redirect=true) {
}
} elseif ( is_single() && strpos($wp_rewrite->permalink_structure, '%category%') !== false ) {
- $category = get_term_by('slug', get_query_var('category_name'), 'category');
+ $category = get_category_by_path(get_query_var('category_name'));
$post_terms = wp_get_object_terms($wp_query->get_queried_object_id(), 'category', array('fields' => 'tt_ids'));
if ( (!$category || is_wp_error($category)) || ( !is_wp_error($post_terms) && !empty($post_terms) && !in_array($category->term_taxonomy_id, $post_terms) ) )
$redirect_url = get_permalink($wp_query->get_queried_object_id());
}
+ // Post Paging
+ if ( is_singular() && get_query_var('page') && $redirect_url ) {
+ $redirect_url = trailingslashit( $redirect_url ) . user_trailingslashit( get_query_var( 'page' ), 'single_paged' );
+ $redirect['query'] = remove_query_arg( 'page', $redirect['query'] );
+ }
+
// paging and feeds
if ( get_query_var('paged') || is_feed() || get_query_var('cpage') ) {
if ( !$redirect_url )
diff --git a/wp-includes/capabilities.php b/wp-includes/capabilities.php
index 3773b4a8577a3388970f0ed22cc645b04430e281..57a7cd7838bbdf134cd3ba82c75b1827c4ddb858 100644
--- a/wp-includes/capabilities.php
+++ b/wp-includes/capabilities.php
@@ -799,9 +799,6 @@ function map_meta_cap( $cap, $user_id ) {
case 'remove_user':
$caps[] = 'remove_users';
break;
- case 'delete_user':
- $caps[] = 'delete_users';
- break;
case 'promote_user':
$caps[] = 'promote_users';
break;
@@ -1028,10 +1025,13 @@ function map_meta_cap( $cap, $user_id ) {
case 'delete_user':
case 'delete_users':
// If multisite these caps are allowed only for super admins.
- if ( is_multisite() && !is_super_admin( $user_id ) )
+ if ( is_multisite() && !is_super_admin( $user_id ) ) {
$caps[] = 'do_not_allow';
- else
+ } else {
+ if ( 'delete_user' == $cap )
+ $cap = 'delete_users';
$caps[] = $cap;
+ }
break;
case 'create_users':
if ( is_multisite() && !get_site_option( 'add_new_users' ) )
@@ -1079,9 +1079,6 @@ function current_user_can( $capability ) {
function current_user_can_for_blog( $blog_id, $capability ) {
$current_user = wp_get_current_user();
- if ( is_multisite() && is_super_admin() )
- return true;
-
if ( empty( $current_user ) )
return false;
diff --git a/wp-includes/comment.php b/wp-includes/comment.php
index 4956fa77b621787ca649f3d86304f00ef14f1064..517cb9a74b5c91054231674d1d87ec2d7ff681a0 100644
--- a/wp-includes/comment.php
+++ b/wp-includes/comment.php
@@ -18,9 +18,8 @@
* check fails. If any of the parameter contents match the blacklist of words,
* then the check fails.
*
- * If the comment is a trackback and part of the blogroll, then the trackback is
- * automatically whitelisted. If the comment author was approved before, then
- * the comment is automatically whitelisted.
+ * If the comment author was approved before, then the comment is
+ * automatically whitelisted.
*
* If none of the checks fail, then the failback is to set the check to pass
* (return true).
@@ -80,16 +79,7 @@ function check_comment($author, $email, $url, $comment, $user_ip, $user_agent, $
// Comment whitelisting:
if ( 1 == get_option('comment_whitelist')) {
- if ( 'trackback' == $comment_type || 'pingback' == $comment_type ) { // check if domain is in blogroll
- $uri = parse_url($url);
- $domain = $uri['host'];
- $uri = parse_url( home_url() );
- $home_domain = $uri['host'];
- if ( $wpdb->get_var($wpdb->prepare("SELECT link_id FROM $wpdb->links WHERE link_url LIKE (%s) LIMIT 1", '%'.$domain.'%')) || $domain == $home_domain )
- return true;
- else
- return false;
- } elseif ( $author != '' && $email != '' ) {
+ if ( 'trackback' != $comment_type && 'pingback' != $comment_type && $author != '' && $email != '' ) {
// expected_slashed ($author, $email)
$ok_to_comment = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_author = '$author' AND comment_author_email = '$email' and comment_approved = '1' LIMIT 1");
if ( ( 1 == $ok_to_comment ) &&
@@ -1654,7 +1644,7 @@ function do_trackbacks($post_id) {
trackback($tb_ping, $post_title, $excerpt, $post_id);
$pinged[] = $tb_ping;
} else {
- $wpdb->query( $wpdb->prepare("UPDATE $wpdb->posts SET to_ping = TRIM(REPLACE(to_ping, '$tb_ping', '')) WHERE ID = %d", $post_id) );
+ $wpdb->query( $wpdb->prepare("UPDATE $wpdb->posts SET to_ping = TRIM(REPLACE(to_ping, %s, '')) WHERE ID = %d", $tb_ping, $post_id) );
}
}
}
diff --git a/wp-includes/functions.php b/wp-includes/functions.php
index 9606f01646f4fff6900329093e51ed86032a1920..8cd9ba79c95e8767c9880a2f3cf5e9c4795c7b06 100644
--- a/wp-includes/functions.php
+++ b/wp-includes/functions.php
@@ -2125,7 +2125,7 @@ function wp_upload_dir( $time = null ) {
$siteurl = get_option( 'siteurl' );
$upload_path = get_option( 'upload_path' );
$upload_path = trim($upload_path);
- $main_override = defined( 'MULTISITE' ) && is_main_site();
+ $main_override = is_multisite() && defined( 'MULTISITE' ) && is_main_site();
if ( empty($upload_path) ) {
$dir = WP_CONTENT_DIR . '/uploads';
} else {
diff --git a/wp-includes/load.php b/wp-includes/load.php
index a514498a29e2c9b3b8a7332cc6821c01c4cff442..94058caf284c6b4ce89dcb502e5d1850e81cae0a 100644
--- a/wp-includes/load.php
+++ b/wp-includes/load.php
@@ -579,7 +579,7 @@ function is_multisite() {
if ( defined( 'MULTISITE' ) )
return MULTISITE;
- if ( defined( 'VHOST' ) || defined( 'SUNRISE' ) )
+ if ( defined( 'SUBDOMAIN_INSTALL' ) || defined( 'VHOST' ) || defined( 'SUNRISE' ) )
return true;
return false;
diff --git a/wp-includes/ms-files.php b/wp-includes/ms-files.php
index f5af8e0370ac2903ce9687f7f2cf9b26162b34a3..5ec6d1ddc1aea9d7d60d9780fa15f3430e1bc9f7 100644
--- a/wp-includes/ms-files.php
+++ b/wp-includes/ms-files.php
@@ -29,14 +29,14 @@ if ( !is_file( $file ) ) {
die( '404 — File not found.' );
}
-$mime = wp_check_filetype( $_SERVER[ 'REQUEST_URI' ] );
+$mime = wp_check_filetype( $file );
if( false === $mime[ 'type' ] && function_exists( 'mime_content_type' ) )
$mime[ 'type' ] = mime_content_type( $file );
if( $mime[ 'type' ] )
$mimetype = $mime[ 'type' ];
else
- $mimetype = 'image/' . substr( $_SERVER[ 'REQUEST_URI' ], strrpos( $_SERVER[ 'REQUEST_URI' ], '.' ) + 1 );
+ $mimetype = 'image/' . substr( $file, strrpos( $file, '.' ) + 1 );
header( 'Content-type: ' . $mimetype ); // always send this
if ( false === strpos( $_SERVER['SERVER_SOFTWARE'], 'Microsoft-IIS' ) )
diff --git a/wp-includes/version.php b/wp-includes/version.php
index 731ce598be6f5869a83e9230b2e4e823a4c1e1af..150a31cd61494dd822e30aadd32c8e7c471821bf 100644
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@@ -8,7 +8,7 @@
*
* @global string $wp_version
*/
-$wp_version = '3.0.1';
+$wp_version = '3.0.2';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.