diff --git a/wp-includes/widgets.php b/wp-includes/widgets.php index 26b6eacf01..223eb874f9 100644 --- a/wp-includes/widgets.php +++ b/wp-includes/widgets.php @@ -860,7 +860,7 @@ function wp_widget_rss($args, $number = 1) { echo "
  • $title$summary
    • "; } } else { - echo __('
  • An error has occured; the feed is probably down. Try again later.
    • '); + echo '
  • ' . __( 'An error has occurred; the feed is probably down. Try again later.' ) . '
    • '; } ?> diff --git a/wp-settings.php b/wp-settings.php index b69664abbc..9d2cd8cc80 100644 --- a/wp-settings.php +++ b/wp-settings.php @@ -1,28 +1,26 @@ $v ) - if ( !in_array($k, $noUnset) && isset($GLOBALS[$k]) ) { +if ( ini_get( 'register_globals' ) ) { + if ( isset( $_REQUEST['GLOBALS'] ) ) { + die( 'GLOBALS overwrite attempt detected. Exiting.' ); + } + + $no_unset = array( 'GLOBALS', '_GET', '_POST', '_COOKIE', '_REQUEST', '_SERVER', '_ENV', '_FILES', 'table_prefix' ); + $input = array_merge( $_GET, $_POST, $_COOKIE, $_SERVER, $_ENV, $_FILES, is_array( $_SESSION ) ? $_SESSION : array() ); + + foreach ( $input as $key => $val ) { + if ( !in_array( $key, $no_unset ) && isset( $GLOBALS[$k] ) ) { $GLOBALS[$k] = NULL; - unset($GLOBALS[$k]); + unset( $GLOBALS[$key] ); } + } + + unset( $no_unset, $input ); } -wp_unregister_GLOBALS(); - unset( $wp_filter, $cache_userdata, $cache_lastcommentmodified, $cache_lastpostdate, $cache_settings, $category_cache, $cache_categories ); -if ( ! isset($blog_id) ) +if ( !isset( $blog_id ) ) $blog_id = 1; // Fix for IIS, which doesn't set REQUEST_URI