Commit b91e7736 authored by lechuck's avatar lechuck Committed by lechuck

Upgrade Wordpress to 3.5.2

parent 1e271199
......@@ -8,7 +8,7 @@
<body>
<h1 id="logo">
<a href="http://wordpress.org/"><img alt="WordPress" src="wp-admin/images/wordpress-logo.png" /></a>
<br /> Version 3.5.1
<br /> Version 3.5.2
</h1>
<p style="text-align: center">Semantic Personal Publishing Platform</p>
......
......@@ -34,7 +34,11 @@ include( ABSPATH . 'wp-admin/admin-header.php' );
</h2>
<div class="changelog point-releases">
<h3><?php echo _n( 'Maintenance and Security Release', 'Maintenance and Security Releases', 1 ); ?></h3>
<h3><?php echo _n( 'Maintenance and Security Release', 'Maintenance and Security Releases', 2 ); ?></h3>
<p><?php printf( _n( '<strong>Version %1$s</strong> addressed some security issues and fixed %2$s bug.',
'<strong>Version %1$s</strong> addressed some security issues and fixed %2$s bugs.', 12 ), '3.5.2', number_format_i18n( 12 ) ); ?>
<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'http://codex.wordpress.org/Version_3.5.2' ); ?>
</p>
<p><?php printf( _n( '<strong>Version %1$s</strong> addressed some security issues and fixed %2$s bug.',
'<strong>Version %1$s</strong> addressed some security issues and fixed %2$s bugs.', 37 ), '3.5.1', number_format_i18n( 37 ) ); ?>
<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'http://codex.wordpress.org/Version_3.5.1' ); ?>
......
......@@ -144,7 +144,7 @@ if ( post_type_supports($post_type, 'trackbacks') )
if ( post_type_supports($post_type, 'custom-fields') )
add_meta_box('postcustom', __('Custom Fields'), 'post_custom_meta_box', null, 'normal', 'core');
do_action('dbx_post_advanced');
do_action('dbx_post_advanced', $post);
if ( post_type_supports($post_type, 'comments') )
add_meta_box('commentstatusdiv', __('Discussion'), 'post_comment_status_meta_box', null, 'normal', 'core');
......@@ -296,7 +296,7 @@ if ( isset( $post_new_file ) && current_user_can( $post_type_object->cap->create
<?php if ( $message ) : ?>
<div id="message" class="updated"><p><?php echo $message; ?></p></div>
<?php endif; ?>
<form name="post" action="post.php" method="post" id="post"<?php do_action('post_edit_form_tag'); ?>>
<form name="post" action="post.php" method="post" id="post"<?php do_action('post_edit_form_tag', $post); ?>>
<?php wp_nonce_field($nonce_action); ?>
<input type="hidden" id="user-id" name="user_ID" value="<?php echo (int) $user_ID ?>" />
<input type="hidden" id="hiddenaction" name="action" value="<?php echo esc_attr( $form_action ) ?>" />
......@@ -354,7 +354,7 @@ wp_nonce_field( 'samplepermalink', 'samplepermalinknonce', false );
<?php
}
do_action( 'edit_form_after_title' );
do_action( 'edit_form_after_title', $post );
if ( post_type_supports($post_type, 'editor') ) {
?>
......@@ -383,16 +383,16 @@ if ( post_type_supports($post_type, 'editor') ) {
</div>
<?php } ?>
<?php do_action( 'edit_form_after_editor' ); ?>
<?php do_action( 'edit_form_after_editor', $post ); ?>
</div><!-- /post-body-content -->
<div id="postbox-container-1" class="postbox-container">
<?php
if ( 'page' == $post_type )
do_action('submitpage_box');
do_action('submitpage_box', $post);
else
do_action('submitpost_box');
do_action('submitpost_box', $post);
do_meta_boxes($post_type, 'side', $post);
......@@ -404,9 +404,9 @@ do_meta_boxes($post_type, 'side', $post);
do_meta_boxes(null, 'normal', $post);
if ( 'page' == $post_type )
do_action('edit_page_form');
do_action('edit_page_form', $post);
else
do_action('edit_form_advanced');
do_action('edit_form_advanced', $post);
do_meta_boxes(null, 'advanced', $post);
......@@ -414,7 +414,7 @@ do_meta_boxes(null, 'advanced', $post);
</div>
<?php
do_action('dbx_post_sidebar');
do_action('dbx_post_sidebar', $post);
?>
</div><!-- /post-body -->
......
......@@ -183,6 +183,7 @@ class WP_Importer {
$headers = array();
$args = array();
$args['reject_unsafe_urls'] = true;
if ( true === $head )
$args['method'] = 'HEAD';
if ( !empty( $username ) && !empty( $password ) )
......
......@@ -98,7 +98,7 @@ class WP_Upgrader {
break;
default:
if ( ! $wp_filesystem->find_folder($dir) )
return new WP_Error('fs_no_folder', sprintf($this->strings['fs_no_folder'], $dir));
return new WP_Error( 'fs_no_folder', sprintf( $this->strings['fs_no_folder'], esc_html( basename( $dir ) ) ) );
break;
}
}
......@@ -1133,7 +1133,7 @@ class WP_Upgrader_Skin {
} elseif ( is_wp_error($errors) && $errors->get_error_code() ) {
foreach ( $errors->get_error_messages() as $message ) {
if ( $errors->get_error_data() )
$this->feedback($message . ' ' . $errors->get_error_data() );
$this->feedback($message . ' ' . esc_html( $errors->get_error_data() ) );
else
$this->feedback($message);
}
......@@ -1147,8 +1147,11 @@ class WP_Upgrader_Skin {
if ( strpos($string, '%') !== false ) {
$args = func_get_args();
$args = array_splice($args, 1);
if ( !empty($args) )
if ( $args ) {
$args = array_map( 'strip_tags', $args );
$args = array_map( 'esc_html', $args );
$string = vsprintf($string, $args);
}
}
if ( empty($string) )
return;
......@@ -1188,11 +1191,11 @@ class Plugin_Upgrader_Skin extends WP_Upgrader_Skin {
function after() {
$this->plugin = $this->upgrader->plugin_info();
if ( !empty($this->plugin) && !is_wp_error($this->result) && $this->plugin_active ){
echo '<iframe style="border:0;overflow:hidden" width="100%" height="170px" src="' . wp_nonce_url('update.php?action=activate-plugin&networkwide=' . $this->plugin_network_active . '&plugin=' . $this->plugin, 'activate-plugin_' . $this->plugin) .'"></iframe>';
echo '<iframe style="border:0;overflow:hidden" width="100%" height="170px" src="' . wp_nonce_url('update.php?action=activate-plugin&networkwide=' . $this->plugin_network_active . '&plugin=' . urlencode( $this->plugin ), 'activate-plugin_' . $this->plugin) .'"></iframe>';
}
$update_actions = array(
'activate_plugin' => '<a href="' . wp_nonce_url('plugins.php?action=activate&amp;plugin=' . $this->plugin, 'activate-plugin_' . $this->plugin) . '" title="' . esc_attr__('Activate this plugin') . '" target="_parent">' . __('Activate Plugin') . '</a>',
'activate_plugin' => '<a href="' . wp_nonce_url('plugins.php?action=activate&amp;plugin=' . urlencode( $this->plugin ), 'activate-plugin_' . $this->plugin) . '" title="' . esc_attr__('Activate this plugin') . '" target="_parent">' . __('Activate Plugin') . '</a>',
'plugins_page' => '<a href="' . self_admin_url('plugins.php') . '" title="' . esc_attr__('Go to plugins page') . '" target="_parent">' . __('Return to Plugins page') . '</a>'
);
if ( $this->plugin_active || ! $this->result || is_wp_error( $this->result ) || ! current_user_can( 'activate_plugins' ) )
......@@ -1244,8 +1247,11 @@ class Bulk_Upgrader_Skin extends WP_Upgrader_Skin {
if ( strpos($string, '%') !== false ) {
$args = func_get_args();
$args = array_splice($args, 1);
if ( !empty($args) )
if ( $args ) {
$args = array_map( 'strip_tags', $args );
$args = array_map( 'esc_html', $args );
$string = vsprintf($string, $args);
}
}
if ( empty($string) )
return;
......@@ -1269,7 +1275,7 @@ class Bulk_Upgrader_Skin extends WP_Upgrader_Skin {
if ( is_wp_error($error) ) {
foreach ( $error->get_error_messages() as $emessage ) {
if ( $error->get_error_data() )
$messages[] = $emessage . ' ' . $error->get_error_data();
$messages[] = $emessage . ' ' . esc_html( $error->get_error_data() );
else
$messages[] = $emessage;
}
......@@ -1430,12 +1436,12 @@ class Plugin_Installer_Skin extends WP_Upgrader_Skin {
$from = isset($_GET['from']) ? stripslashes($_GET['from']) : 'plugins';
if ( 'import' == $from )
$install_actions['activate_plugin'] = '<a href="' . wp_nonce_url('plugins.php?action=activate&amp;from=import&amp;plugin=' . $plugin_file, 'activate-plugin_' . $plugin_file) . '" title="' . esc_attr__('Activate this plugin') . '" target="_parent">' . __('Activate Plugin &amp; Run Importer') . '</a>';
$install_actions['activate_plugin'] = '<a href="' . wp_nonce_url('plugins.php?action=activate&amp;from=import&amp;plugin=' . urlencode( $plugin_file ), 'activate-plugin_' . $plugin_file) . '" title="' . esc_attr__('Activate this plugin') . '" target="_parent">' . __('Activate Plugin &amp; Run Importer') . '</a>';
else
$install_actions['activate_plugin'] = '<a href="' . wp_nonce_url('plugins.php?action=activate&amp;plugin=' . $plugin_file, 'activate-plugin_' . $plugin_file) . '" title="' . esc_attr__('Activate this plugin') . '" target="_parent">' . __('Activate Plugin') . '</a>';
$install_actions['activate_plugin'] = '<a href="' . wp_nonce_url('plugins.php?action=activate&amp;plugin=' . urlencode( $plugin_file ), 'activate-plugin_' . $plugin_file) . '" title="' . esc_attr__('Activate this plugin') . '" target="_parent">' . __('Activate Plugin') . '</a>';
if ( is_multisite() && current_user_can( 'manage_network_plugins' ) ) {
$install_actions['network_activate'] = '<a href="' . wp_nonce_url('plugins.php?action=activate&amp;networkwide=1&amp;plugin=' . $plugin_file, 'activate-plugin_' . $plugin_file) . '" title="' . esc_attr__('Activate this plugin for all sites in this network') . '" target="_parent">' . __('Network Activate') . '</a>';
$install_actions['network_activate'] = '<a href="' . wp_nonce_url('plugins.php?action=activate&amp;networkwide=1&amp;plugin=' . urlencode( $plugin_file ), 'activate-plugin_' . $plugin_file) . '" title="' . esc_attr__('Activate this plugin for all sites in this network') . '" target="_parent">' . __('Network Activate') . '</a>';
unset( $install_actions['activate_plugin'] );
}
......@@ -1670,4 +1676,4 @@ class File_Upload_Upgrader {
return true;
}
}
\ No newline at end of file
}
......@@ -328,8 +328,14 @@ function wp_handle_upload( &$file, $overrides = false, $time = null ) {
// Move the file to the uploads dir
$new_file = $uploads['path'] . "/$filename";
if ( false === @ move_uploaded_file( $file['tmp_name'], $new_file ) )
return $upload_error_handler( $file, sprintf( __('The uploaded file could not be moved to %s.' ), $uploads['path'] ) );
if ( false === @ move_uploaded_file( $file['tmp_name'], $new_file ) ) {
if ( 0 === strpos( $uploads['basedir'], ABSPATH ) )
$error_path = str_replace( ABSPATH, '', $uploads['basedir'] ) . $uploads['subdir'];
else
$error_path = basename( $uploads['basedir'] ) . $uploads['subdir'];
return $upload_error_handler( $file, sprintf( __('The uploaded file could not be moved to %s.' ), $error_path ) );
}
// Set correct file permissions
$stat = stat( dirname( $new_file ));
......@@ -452,7 +458,11 @@ function wp_handle_sideload( &$file, $overrides = false, $time = null ) {
// Move the file to the uploads dir
$new_file = $uploads['path'] . "/$filename";
if ( false === @ rename( $file['tmp_name'], $new_file ) ) {
return $upload_error_handler( $file, sprintf( __('The uploaded file could not be moved to %s.' ), $uploads['path'] ) );
if ( 0 === strpos( $uploads['basedir'], ABSPATH ) )
$error_path = str_replace( ABSPATH, '', $uploads['basedir'] ) . $uploads['subdir'];
else
$error_path = basename( $uploads['basedir'] ) . $uploads['subdir'];
return $upload_error_handler( $file, sprintf( __('The uploaded file could not be moved to %s.' ), $error_path ) );
}
// Set correct file permissions
......@@ -487,7 +497,7 @@ function download_url( $url, $timeout = 300 ) {
if ( ! $tmpfname )
return new WP_Error('http_no_file', __('Could not create Temporary file.'));
$response = wp_remote_get( $url, array( 'timeout' => $timeout, 'stream' => true, 'filename' => $tmpfname ) );
$response = wp_remote_get( $url, array( 'timeout' => $timeout, 'stream' => true, 'filename' => $tmpfname, 'reject_unsafe_urls' => true ) );
if ( is_wp_error( $response ) ) {
unlink( $tmpfname );
......
......@@ -2270,9 +2270,7 @@ function multisite_over_quota_message() {
*
* @since 3.5.0
*/
function edit_form_image_editor() {
$post = get_post();
function edit_form_image_editor( $post ) {
$open = isset( $_GET['image-editor'] );
if ( $open )
require_once ABSPATH . 'wp-admin/includes/image-edit.php';
......
......@@ -65,15 +65,24 @@ function _wp_translate_postdata( $update = false, $post_data = null ) {
}
}
if ( ! $update && isset( $post_data['user_ID'] ) && ( $post_data['post_author'] != $post_data['user_ID'] )
if ( isset( $post_data['user_ID'] ) && ( $post_data['post_author'] != $post_data['user_ID'] )
&& ! current_user_can( $ptype->cap->edit_others_posts ) ) {
if ( 'page' == $post_data['post_type'] )
return new WP_Error( 'edit_others_pages', __( 'You are not allowed to create pages as this user.' ) );
else
return new WP_Error( 'edit_others_posts', __( 'You are not allowed to create posts as this user.' ) );
if ( $update ) {
if ( 'page' == $post_data['post_type'] )
return new WP_Error( 'edit_others_pages', __( 'You are not allowed to edit pages as this user.' ) );
else
return new WP_Error( 'edit_others_posts', __( 'You are not allowed to edit posts as this user.' ) );
} else {
if ( 'page' == $post_data['post_type'] )
return new WP_Error( 'edit_others_pages', __( 'You are not allowed to create pages as this user.' ) );
else
return new WP_Error( 'edit_others_posts', __( 'You are not allowed to create posts as this user.' ) );
}
}
if ( ! empty( $post_data['post_status'] ) )
$post_data['post_status'] = sanitize_key( $post_data['post_status'] );
// What to do based on which button they pressed
if ( isset($post_data['saveasdraft']) && '' != $post_data['saveasdraft'] )
$post_data['post_status'] = 'draft';
......@@ -92,10 +101,12 @@ function _wp_translate_postdata( $update = false, $post_data = null ) {
$post_id = false;
$previous_status = $post_id ? get_post_field( 'post_status', $post_id ) : false;
$published_statuses = array( 'publish', 'future' );
// Posts 'submitted for approval' present are submitted to $_POST the same as if they were being published.
// Change status from 'publish' to 'pending' if user lacks permissions to publish or to resave published posts.
if ( isset($post_data['post_status']) && ('publish' == $post_data['post_status'] && !current_user_can( $ptype->cap->publish_posts )) )
if ( $previous_status != 'publish' || !current_user_can( 'edit_post', $post_id ) )
if ( isset($post_data['post_status']) && (in_array( $post_data['post_status'], $published_statuses ) && !current_user_can( $ptype->cap->publish_posts )) )
if ( ! in_array( $previous_status, $published_statuses ) || !current_user_can( 'edit_post', $post_id ) )
$post_data['post_status'] = 'pending';
if ( ! isset($post_data['post_status']) )
......
......@@ -536,7 +536,7 @@ function populate_options() {
'can_compress_scripts', 'page_uris', 'update_core', 'update_plugins', 'update_themes', 'doing_cron',
'random_seed', 'rss_excerpt_length', 'secret', 'use_linksupdate', 'default_comment_status_page',
'wporg_popular_tags', 'what_to_show', 'rss_language', 'language', 'enable_xmlrpc', 'enable_app',
'autoembed_urls', 'default_post_edit_rows',
'embed_autourls', 'default_post_edit_rows',
);
foreach ( $unusedoptions as $option )
delete_option($option);
......
......@@ -536,6 +536,8 @@ $_old_files = array(
'wp-includes/js/jquery/ui/jquery.effects.transfer.min.js',
'wp-includes/js/jquery/ui/jquery.effects.fold.min.js',
'wp-admin/options-privacy.php',
// 3.5.2
'wp-includes/js/swfupload/swfupload-all.js',
);
/**
......
......@@ -1277,6 +1277,16 @@ function upgrade_network() {
// 3.5
if ( $wp_current_db_version < 21823 )
update_site_option( 'ms_files_rewriting', '1' );
// 3.5.2
if ( $wp_current_db_version < 22442 ) {
$illegal_names = get_site_option( 'illegal_names' );
if ( is_array( $illegal_names ) && count( $illegal_names ) === 1 ) {
$illegal_name = reset( $illegal_names );
$illegal_names = explode( ' ', $illegal_name );
update_site_option( 'illegal_names', $illegal_names );
}
}
}
// The functions we use to actually do stuff
......
......@@ -57,7 +57,7 @@ if ( isset($_GET['action']) ) {
require_once(ABSPATH . 'wp-admin/admin-header.php');
$nonce = 'upgrade-plugin_' . $plugin;
$url = 'update.php?action=upgrade-plugin&plugin=' . $plugin;
$url = 'update.php?action=upgrade-plugin&plugin=' . urlencode( $plugin );
$upgrader = new Plugin_Upgrader( new Plugin_Upgrader_Skin( compact('title', 'nonce', 'url', 'plugin') ) );
$upgrader->upgrade($plugin);
......@@ -70,9 +70,9 @@ if ( isset($_GET['action']) ) {
check_admin_referer('activate-plugin_' . $plugin);
if ( ! isset($_GET['failure']) && ! isset($_GET['success']) ) {
wp_redirect( admin_url('update.php?action=activate-plugin&failure=true&plugin=' . $plugin . '&_wpnonce=' . $_GET['_wpnonce']) );
wp_redirect( admin_url('update.php?action=activate-plugin&failure=true&plugin=' . urlencode( $plugin ) . '&_wpnonce=' . $_GET['_wpnonce']) );
activate_plugin( $plugin, '', ! empty( $_GET['networkwide'] ), true );
wp_redirect( admin_url('update.php?action=activate-plugin&success=true&plugin=' . $plugin . '&_wpnonce=' . $_GET['_wpnonce']) );
wp_redirect( admin_url('update.php?action=activate-plugin&success=true&plugin=' . urlencode( $plugin ) . '&_wpnonce=' . $_GET['_wpnonce']) );
die();
}
iframe_header( __('Plugin Reactivation'), true );
......@@ -107,7 +107,7 @@ if ( isset($_GET['action']) ) {
$title = sprintf( __('Installing Plugin: %s'), $api->name . ' ' . $api->version );
$nonce = 'install-plugin_' . $plugin;
$url = 'update.php?action=install-plugin&plugin=' . $plugin;
$url = 'update.php?action=install-plugin&plugin=' . urlencode( $plugin );
if ( isset($_GET['from']) )
$url .= '&from=' . urlencode(stripslashes($_GET['from']));
......@@ -132,7 +132,7 @@ if ( isset($_GET['action']) ) {
$submenu_file = 'plugin-install.php';
require_once(ABSPATH . 'wp-admin/admin-header.php');
$title = sprintf( __('Installing Plugin from uploaded file: %s'), basename( $file_upload->filename ) );
$title = sprintf( __('Installing Plugin from uploaded file: %s'), esc_html( basename( $file_upload->filename ) ) );
$nonce = 'plugin-upload';
$url = add_query_arg(array('package' => $file_upload->id), 'update.php?action=upload-plugin');
$type = 'upload'; //Install plugin type, From Web or an Upload.
......@@ -160,7 +160,7 @@ if ( isset($_GET['action']) ) {
require_once(ABSPATH . 'wp-admin/admin-header.php');
$nonce = 'upgrade-theme_' . $theme;
$url = 'update.php?action=upgrade-theme&theme=' . $theme;
$url = 'update.php?action=upgrade-theme&theme=' . urlencode( $theme );
$upgrader = new Theme_Upgrader( new Theme_Upgrader_Skin( compact('title', 'nonce', 'url', 'theme') ) );
$upgrader->upgrade($theme);
......@@ -213,7 +213,7 @@ if ( isset($_GET['action']) ) {
$title = sprintf( __('Installing Theme: %s'), $api->name . ' ' . $api->version );
$nonce = 'install-theme_' . $theme;
$url = 'update.php?action=install-theme&theme=' . $theme;
$url = 'update.php?action=install-theme&theme=' . urlencode( $theme );
$type = 'web'; //Install theme type, From Web or an Upload.
$upgrader = new Theme_Upgrader( new Theme_Installer_Skin( compact('title', 'url', 'nonce', 'plugin', 'api') ) );
......@@ -238,7 +238,7 @@ if ( isset($_GET['action']) ) {
require_once(ABSPATH . 'wp-admin/admin-header.php');
$title = sprintf( __('Installing Theme from uploaded file: %s'), basename( $file_upload->filename ) );
$title = sprintf( __('Installing Theme from uploaded file: %s'), esc_html( basename( $file_upload->filename ) ) );
$nonce = 'theme-upload';
$url = add_query_arg(array('package' => $file_upload->id), 'update.php?action=upload-theme');
$type = 'upload'; //Install plugin type, From Web or an Upload.
......
......@@ -3,4 +3,9 @@ Deny from all
<FilesMatch "^akismet\.(css|js)$">
Allow from all
</FilesMatch>
#allow access to any image
<FilesMatch "^(.+)\.(png|gif)$">
Allow from all
</FilesMatch>
\ No newline at end of file
This diff is collapsed.
#submitted-on { position: relative; }
#the-comment-list .author .akismet-user-comment-count { display: inline; }
#the-comment-list .author a span { text-decoration: none; color: #999; }
#the-comment-list .remove_url { margin-left: 3px; color: #999; padding: 2px 3px 2px 0; }
#the-comment-list .remove_url:hover { color: #A7301F; font-weight: bold; padding: 2px 2px 2px 0; }
#dashboard_recent_comments .akismet-status { display: none; } /* never show the flagged by text on the dashboard */
.akismet-status { float: right; }
.akismet-status a { color: #AAA; font-style: italic; }
span.comment-link a { text-decoration: underline; }
span.comment-link:after { content: " " attr(title) " "; color: #aaa; text-decoration: none; }
.mshot-arrow { width: 0; height: 0; border-top: 10px solid transparent; border-bottom: 10px solid transparent; border-right:10px solid #5C5C5C; position: absolute; left: -6px; top: 91px; }
.mshot-container { background: #5C5C5C; position: absolute; top: -94px; padding: 7px; width: 450px; height: 338px; z-index: 20000; -moz-border-radius:6px; border-radius:6px; -webkit-border-radius:6px; }
\ No newline at end of file
#submitted-on{position:relative}#the-comment-list .author .akismet-user-comment-count{display:inline}#the-comment-list .author a span{text-decoration:none;color:#999}#the-comment-list .remove_url{margin-left:3px;color:#999;padding:2px 3px 2px 0}#the-comment-list .remove_url:hover{color:#A7301F;font-weight:bold;padding:2px 2px 2px 0}#dashboard_recent_comments .akismet-status{display:none}.akismet-status{float:right}.akismet-status a{color:#AAA;font-style:italic}span.comment-link a{text-decoration:underline}span.comment-link:after{content:" "attr(title) " ";color:#aaa;text-decoration:none}.mshot-arrow{width:0;height:0;border-top:10px solid transparent;border-bottom:10px solid transparent;border-right:10px solid #5C5C5C;position:absolute;left:-6px;top:91px}.mshot-container{background:#5C5C5C;position:absolute;top:-94px;padding:7px;width:450px;height:338px;z-index:20000;-moz-border-radius:6px;border-radius:6px;-webkit-border-radius:6px}h2.ak-header{padding-left:38px;background:url('img/logo.png') no-repeat 0 9px;margin-bottom:14px;line-height:32px}.key-status{padding:0.4em 1em;color:#fff;font-weight:bold;text-align:center;-webkit-border-radius:3px;border-radius:3px;border-width:1px;border-style:solid;max-width:23.3em}input#key{width:25.3em !important}input#key.valid{border-color:#4F800D}input#key.invalid,input#key.failed{border-color:#888}.key-status.under-input{margin-top:-5px;padding-bottom:0px}.key-status.invalid,.key-status.failed{background-color:#888}.key-status.valid{background-color:#4F800D}.key-status.some{background-color:#993300}.key-status.empty{display:none}table.network-status th,table.network-status td{padding:0.4em;margin:0;text-align:center}table.network-status{border-color:#dfdfdf;border-width:0 0 1px 1px;border-style:solid;border-spacing:0;width:25.6em}table.network-status th,table.network-status td{border-color:#dfdfdf;border-width:1px 1px 0 0;border-style:solid;margin:0;border-spacing:0}table.network-status td.key-status{border-radius:0px;-webkit-border-radius:0px}
\ No newline at end of file
jQuery(document).ready(function () {
jQuery( '.switch-have-key' ).click( function() {
var no_key = jQuery( this ).parents().find('div.no-key');
var have_key = jQuery( this ).parents().find('div.have-key');
no_key.addClass( 'hidden' );
have_key.removeClass( 'hidden' );
return false;
});
jQuery( 'p.need-key a' ).click( function(){
document.akismet_activate.submit();
});
jQuery('.akismet-status').each(function () {
var thisId = jQuery(this).attr('commentid');
jQuery(this).prependTo('#comment-' + thisId + ' .column-comment div:first-child');
......
......@@ -6,7 +6,7 @@
Plugin Name: Akismet
Plugin URI: http://akismet.com/?return=true
Description: Used by millions, Akismet is quite possibly the best way in the world to <strong>protect your blog from comment and trackback spam</strong>. It keeps your site protected from spam even while you sleep. To get started: 1) Click the "Activate" link to the left of this description, 2) <a href="http://akismet.com/get/?return=true">Sign up for an Akismet API key</a>, and 3) Go to your Akismet configuration page, and save your API key.
Version: 2.5.7
Version: 2.5.8
Author: Automattic
Author URI: http://automattic.com/wordpress-plugins/
License: GPLv2 or later
......@@ -34,7 +34,7 @@ if ( !function_exists( 'add_action' ) ) {
exit;
}
define('AKISMET_VERSION', '2.5.7');
define('AKISMET_VERSION', '2.5.8');
define('AKISMET_PLUGIN_URL', plugin_dir_url( __FILE__ ));
/** If you hardcode a WP.com API key here, all key config screens will be hidden */
......
=== Akismet ===
Contributors: matt, ryan, andy, mdawaffe, tellyworth, josephscott, lessbloat, automattic
Contributors: matt, ryan, andy, mdawaffe, tellyworth, josephscott, lessbloat, eoigal, automattic
Tags: akismet, comments, spam
Requires at least: 3.0
Tested up to: 3.5
Stable tag: 2.5.7
Tested up to: 3.6
Stable tag: 2.5.8
License: GPLv2 or later
Akismet checks your comments against the Akismet web service to see if they look like spam or not.
......@@ -31,6 +31,11 @@ Upload the Akismet plugin to your blog, Activate it, then enter your [Akismet.co
== Changelog ==
= 2.5.8 =
* Simplify the activation process for new users
* Remove the reporter_ip parameter
* Minor preventative security improvements
= 2.5.7 =
* FireFox Stats iframe preview bug
* Fix mshots preview when using https
......
......@@ -4,7 +4,7 @@ msgid ""
msgstr ""
"Project-Id-Version: Twenty Eleven 1.5\n"
"Report-Msgid-Bugs-To: http://wordpress.org/tags/twentyeleven\n"
"POT-Creation-Date: 2013-01-01 00:19:40+00:00\n"
"POT-Creation-Date: 2013-04-26 13:58:43+00:00\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
......@@ -253,8 +253,8 @@ msgstr ""
#: content-single.php:39
msgid ""
"This entry was posted by <a href=\"%6$s\">%5$s</a>. Bookmark the <a href=\"%3"
"$s\" title=\"Permalink to %4$s\" rel=\"bookmark\">permalink</a>."
"This entry was posted by <a href=\"%6$s\">%5$s</a>. Bookmark the <a href="
"\"%3$s\" title=\"Permalink to %4$s\" rel=\"bookmark\">permalink</a>."
msgstr ""
#: content-single.php:64
......
......@@ -4,7 +4,7 @@ msgid ""
msgstr ""
"Project-Id-Version: Twenty Twelve 1.1\n"
"Report-Msgid-Bugs-To: http://wordpress.org/tags/twentytwelve\n"
"POT-Creation-Date: 2013-01-01 00:19:44+00:00\n"
"POT-Creation-Date: 2013-04-26 13:58:46+00:00\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
......@@ -240,6 +240,7 @@ msgstr ""
msgid "Reply"
msgstr ""
#. Translators: used between list items, there is a space after the comma.
#: functions.php:332 functions.php:335
msgid ", "
msgstr ""
......@@ -248,6 +249,8 @@ msgstr ""
msgid "View all posts by %s"
msgstr ""
#. Translators: 1 is category, 2 is tag, 3 is the date and 4 is the author's
#. name.
#: functions.php:352
msgid ""
"This entry was posted in %1$s and tagged %2$s on %3$s<span class=\"by-author"
......@@ -276,8 +279,9 @@ msgstr ""
msgid ""
"<span class=\"meta-prep meta-prep-entry-date\">Published </span> <span class="
"\"entry-date\"><time class=\"entry-date\" datetime=\"%1$s\">%2$s</time></"
"span> at <a href=\"%3$s\" title=\"Link to full-size image\">%4$s &times; %5"
"$s</a> in <a href=\"%6$s\" title=\"Return to %7$s\" rel=\"gallery\">%8$s</a>."
"span> at <a href=\"%3$s\" title=\"Link to full-size image\">%4$s &times; "
"%5$s</a> in <a href=\"%6$s\" title=\"Return to %7$s\" rel=\"gallery\">%8$s</"
"a>."
msgstr ""
#: image.php:41
......
......@@ -66,7 +66,11 @@ class WP_SimplePie_File extends SimplePie_File {
$this->method = SIMPLEPIE_FILE_SOURCE_REMOTE;
if ( preg_match('/^http(s)?:\/\//i', $url) ) {
$args = array( 'timeout' => $this->timeout, 'redirection' => $this->redirects);
$args = array(
'timeout' => $this->timeout,
'redirection' => $this->redirects,
'reject_unsafe_urls' => true,
);
if ( !empty($this->headers) )
$args['headers'] = $this->headers;
......@@ -85,10 +89,8 @@ class WP_SimplePie_File extends SimplePie_File {
$this->status_code = wp_remote_retrieve_response_code( $res );
}
} else {
if ( ! file_exists($url) || ( ! $this->body = file_get_contents($url) ) ) {
$this->error = 'file_get_contents could not read the file';
$this->success = false;
}
$this->error = '';
$this->success = false;
}
}
}
......
......@@ -86,7 +86,8 @@ class WP_Http {
'timeout' => apply_filters( 'http_request_timeout', 5),
'redirection' => apply_filters( 'http_request_redirection_count', 5),
'httpversion' => apply_filters( 'http_request_version', '1.0'),
'user-agent' => apply_filters( 'http_headers_useragent', 'WordPress/' . $wp_version . '; ' . get_bloginfo( 'url' ) ),
'user-agent' => apply_filters( 'http_headers_useragent', 'WordPress/' . $wp_version . '; ' . get_bloginfo( 'url' ) ),
'reject_unsafe_urls' => apply_filters( 'http_request_reject_unsafe_urls', false ),
'blocking' => true,
'headers' => array(),
'cookies' => array(),
......@@ -108,15 +109,21 @@ class WP_Http {
$r = wp_parse_args( $args, $defaults );
$r = apply_filters( 'http_request_args', $r, $url );
// Certain classes decrement this, store a copy of the original value for loop purposes.
$r['_redirection'] = $r['redirection'];
// The transports decrement this, store a copy of the original value for loop purposes.
if ( ! isset( $r['_redirection'] ) )
$r['_redirection'] = $r['redirection'];
// Allow plugins to short-circuit the request
$pre = apply_filters( 'pre_http_request', false, $r, $url );
if ( false !== $pre )
return $pre;
$arrURL = parse_url( $url );
if ( $r['reject_unsafe_urls'] )
$url = wp_http_validate_url( $url );
if ( function_exists( 'wp_kses_bad_protocol' ) )
$url = wp_kses_bad_protocol( $url, array( 'http', 'https', 'ssl' ) );
$arrURL = @parse_url( $url );
if ( empty( $url ) || empty( $arrURL['scheme'] ) )
return new WP_Error('http_request_failed', __('A valid URL was not provided.'));
......@@ -777,7 +784,7 @@ class WP_Http_Fsockopen {
// If location is found, then assume redirect and redirect to location.
if ( isset($arrHeaders['headers']['location']) && 0 !== $r['_redirection'] ) {
if ( $r['redirection']-- > 0 ) {
return $this->request( WP_HTTP::make_absolute_url( $arrHeaders['headers']['location'], $url ), $r);
return wp_remote_request( WP_HTTP::make_absolute_url( $arrHeaders['headers']['location'], $url ), $r);
} else {
return new WP_Error('http_request_failed', __('Too many redirects.'));
}
......@@ -887,7 +894,8 @@ class WP_Http_Streams {
array(
'method' => strtoupper($r['method']),
'user_agent' => $r['user-agent'],
'max_redirects' => <