diff --git a/wp-admin/admin-ajax.php b/wp-admin/admin-ajax.php index 87fb3f343c..fc3ee63842 100644 --- a/wp-admin/admin-ajax.php +++ b/wp-admin/admin-ajax.php @@ -132,7 +132,7 @@ function _wp_ajax_delete_comment_response( $comment_id ) { $total = (int) @$_POST['_total']; $per_page = (int) @$_POST['_per_page']; $page = (int) @$_POST['_page']; - $url = clean_url( @$_POST['_url'], null, 'url' ); + $url = esc_url_raw( @$_POST['_url'] ); // JS didn't send us everything we need to know. Just die with success message if ( !$total || !$per_page || !$page || !$url ) die( (string) time() ); diff --git a/wp-admin/custom-header.php b/wp-admin/custom-header.php index 0ac3a11f26..fb07fe8013 100644 --- a/wp-admin/custom-header.php +++ b/wp-admin/custom-header.php @@ -278,7 +278,7 @@ class Custom_Image_Header {

-
+

@@ -354,7 +354,7 @@ class Custom_Image_Header { // Add the meta-data wp_update_attachment_metadata( $id, wp_generate_attachment_metadata( $id, $file ) ); - set_theme_mod('header_image', clean_url($url)); + set_theme_mod('header_image', esc_url($url)); do_action('wp_create_file_in_uploads', $file, $id); // For replication return $this->finished(); } elseif ( $width > HEADER_IMAGE_WIDTH ) { diff --git a/wp-admin/edit-form-advanced.php b/wp-admin/edit-form-advanced.php index 2efb5e7f1f..a246ea543b 100644 --- a/wp-admin/edit-form-advanced.php +++ b/wp-admin/edit-form-advanced.php @@ -87,10 +87,10 @@ function post_submit_meta_box($post) {
post_status ) { - $preview_link = clean_url(get_permalink($post->ID)); + $preview_link = esc_url(get_permalink($post->ID)); $preview_button = __('Preview Changes'); } else { - $preview_link = clean_url(apply_filters('preview_post_link', add_query_arg('preview', 'true', get_permalink($post->ID)))); + $preview_link = esc_url(apply_filters('preview_post_link', add_query_arg('preview', 'true', get_permalink($post->ID)))); $preview_button = __('Preview'); } ?> @@ -572,7 +572,7 @@ else - + post_status ) wp_original_referer_field(true, 'previous'); diff --git a/wp-admin/edit-form-comment.php b/wp-admin/edit-form-comment.php index 1713fbe1fd..022c39011d 100644 --- a/wp-admin/edit-form-comment.php +++ b/wp-admin/edit-form-comment.php @@ -130,7 +130,7 @@ $date = date_i18n( $datef, strtotime( $comment->comment_date ) ); - + diff --git a/wp-admin/edit-page-form.php b/wp-admin/edit-page-form.php index 6083027c01..2d436be76b 100644 --- a/wp-admin/edit-page-form.php +++ b/wp-admin/edit-page-form.php @@ -81,10 +81,10 @@ function page_submit_meta_box($post) {
post_status ) { - $preview_link = clean_url(get_permalink($post->ID)); + $preview_link = esc_url(get_permalink($post->ID)); $preview_button = __('Preview Changes'); } else { - $preview_link = clean_url(apply_filters('preview_post_link', add_query_arg('preview', 'true', get_permalink($post->ID)))); + $preview_link = esc_url(apply_filters('preview_post_link', add_query_arg('preview', 'true', get_permalink($post->ID)))); $preview_button = __('Preview'); } ?> @@ -420,7 +420,7 @@ if (isset($mode) && 'bookmarklet' == $mode) - + post_status ) wp_original_referer_field(true, 'previous'); ?>
diff --git a/wp-admin/edit.php b/wp-admin/edit.php index f0667433a4..eb6b9f1c49 100644 --- a/wp-admin/edit.php +++ b/wp-admin/edit.php @@ -251,8 +251,8 @@ do_action('restrict_manage_posts');
- id="view-switch-list" src="../wp-includes/images/blank.gif" width="20" height="20" title="" alt="" /> - id="view-switch-excerpt" src="../wp-includes/images/blank.gif" width="20" height="20" title="" alt="" /> + id="view-switch-list" src="../wp-includes/images/blank.gif" width="20" height="20" title="" alt="" /> + id="view-switch-excerpt" src="../wp-includes/images/blank.gif" width="20" height="20" title="" alt="" />
diff --git a/wp-admin/import/livejournal.php b/wp-admin/import/livejournal.php index 759d9129d9..bfebe718b9 100644 --- a/wp-admin/import/livejournal.php +++ b/wp-admin/import/livejournal.php @@ -186,7 +186,7 @@ class LJ_API_Import {

-

+

@@ -724,7 +724,7 @@ class LJ_API_Import { if ( empty( $this->username ) || empty( $this->password ) ) { ?>

and password so we can download your posts and comments.' ) ?>

-

+

-

+

link_url = clean_url( $_GET['linkurl']); + $link->link_url = esc_url( $_GET['linkurl']); else $link->link_url = ''; diff --git a/wp-admin/includes/class-wp-upgrader.php b/wp-admin/includes/class-wp-upgrader.php index 9cb623133e..9d3bb660c2 100644 --- a/wp-admin/includes/class-wp-upgrader.php +++ b/wp-admin/includes/class-wp-upgrader.php @@ -932,7 +932,7 @@ class Theme_Installer_Skin extends WP_Upgrader_Skin { $stylesheet = $this->upgrader->result['destination_name']; $template = !empty($theme_info['Template']) ? $theme_info['Template'] : $stylesheet; - $preview_link = htmlspecialchars( add_query_arg( array('preview' => 1, 'template' => $template, 'stylesheet' => $stylesheet, 'TB_iframe' => 'true' ), trailingslashit(clean_url(get_option('home'))) ) ); + $preview_link = htmlspecialchars( add_query_arg( array('preview' => 1, 'template' => $template, 'stylesheet' => $stylesheet, 'TB_iframe' => 'true' ), trailingslashit(esc_url(get_option('home'))) ) ); $activate_link = wp_nonce_url("themes.php?action=activate&template=" . urlencode($template) . "&stylesheet=" . urlencode($stylesheet), 'switch-theme_' . $template); $install_actions = array( @@ -991,7 +991,7 @@ class Theme_Upgrader_Skin extends WP_Upgrader_Skin { $stylesheet = $this->upgrader->result['destination_name']; $template = !empty($theme_info['Template']) ? $theme_info['Template'] : $stylesheet; - $preview_link = htmlspecialchars( add_query_arg( array('preview' => 1, 'template' => $template, 'stylesheet' => $stylesheet, 'TB_iframe' => 'true' ), trailingslashit(clean_url(get_option('home'))) ) ); + $preview_link = htmlspecialchars( add_query_arg( array('preview' => 1, 'template' => $template, 'stylesheet' => $stylesheet, 'TB_iframe' => 'true' ), trailingslashit(esc_url(get_option('home'))) ) ); $activate_link = wp_nonce_url("themes.php?action=activate&template=" . urlencode($template) . "&stylesheet=" . urlencode($stylesheet), 'switch-theme_' . $template); $update_actions = array( diff --git a/wp-admin/includes/comment.php b/wp-admin/includes/comment.php index fa9c8588c2..56e181afe6 100644 --- a/wp-admin/includes/comment.php +++ b/wp-admin/includes/comment.php @@ -89,7 +89,7 @@ function get_comment_to_edit( $id ) { $comment->comment_author = format_to_edit( $comment->comment_author ); $comment->comment_author_email = format_to_edit( $comment->comment_author_email ); - $comment->comment_author_url = clean_url($comment->comment_author_url); + $comment->comment_author_url = esc_url($comment->comment_author_url); $comment->comment_author_url = format_to_edit( $comment->comment_author_url ); return $comment; diff --git a/wp-admin/includes/dashboard.php b/wp-admin/includes/dashboard.php index a41e247c93..30f8a0293b 100644 --- a/wp-admin/includes/dashboard.php +++ b/wp-admin/includes/dashboard.php @@ -115,12 +115,12 @@ function wp_add_dashboard_widget( $widget_id, $widget_name, $callback, $control_ $wp_dashboard_control_callbacks[$widget_id] = $control_callback; if ( isset( $_GET['edit'] ) && $widget_id == $_GET['edit'] ) { list($url) = explode( '#', add_query_arg( 'edit', false ), 2 ); - $widget_name .= ' ' . __( 'Cancel' ) . ''; + $widget_name .= ' ' . __( 'Cancel' ) . ''; add_meta_box( $widget_id, $widget_name, '_wp_dashboard_control_callback', 'dashboard', 'normal', 'core' ); return; } list($url) = explode( '#', add_query_arg( 'edit', $widget_id ), 2 ); - $widget_name .= ' ' . __( 'Configure' ) . ''; + $widget_name .= ' ' . __( 'Configure' ) . ''; } $side_widgets = array('dashboard_quick_press', 'dashboard_recent_drafts', 'dashboard_primary', 'dashboard_secondary'); $location = 'normal'; @@ -357,14 +357,14 @@ function wp_dashboard_quick_press() { $drafts = false; if ( 'post' === strtolower( $_SERVER['REQUEST_METHOD'] ) && isset( $_POST['action'] ) && 0 === strpos( $_POST['action'], 'post-quickpress' ) && (int) $_POST['post_ID'] ) { $view = get_permalink( $_POST['post_ID'] ); - $edit = clean_url( get_edit_post_link( $_POST['post_ID'] ) ); + $edit = esc_url( get_edit_post_link( $_POST['post_ID'] ) ); if ( 'post-quickpress-publish' == $_POST['action'] ) { if ( current_user_can('publish_posts') ) - printf( '

' . __( 'Post Published. View post | Edit post' ) . '

', clean_url( $view ), $edit ); + printf( '

' . __( 'Post Published. View post | Edit post' ) . '

', esc_url( $view ), $edit ); else - printf( '

' . __( 'Post submitted. Preview post | Edit post' ) . '

', clean_url( add_query_arg( 'preview', 1, $view ) ), $edit ); + printf( '

' . __( 'Post submitted. Preview post | Edit post' ) . '

', esc_url( add_query_arg( 'preview', 1, $view ) ), $edit ); } else { - printf( '

' . __( 'Draft Saved. Preview post | Edit post' ) . '

', clean_url( add_query_arg( 'preview', 1, $view ) ), $edit ); + printf( '

' . __( 'Draft Saved. Preview post | Edit post' ) . '

', esc_url( add_query_arg( 'preview', 1, $view ) ), $edit ); $drafts_query = new WP_Query( array( 'post_type' => 'post', 'post_status' => 'draft', @@ -384,7 +384,7 @@ function wp_dashboard_quick_press() { $post = get_default_post_to_edit(); ?> -
+

@@ -525,12 +525,12 @@ function _wp_dashboard_recent_comments_row( &$comment, $show_date = true ) { $comment_post_url = get_edit_post_link( $comment->comment_post_ID ); $comment_post_title = strip_tags(get_the_title( $comment->comment_post_ID )); $comment_post_link = "$comment_post_title"; - $comment_link = '#'; + $comment_link = '#'; - $delete_url = clean_url( wp_nonce_url( "comment.php?action=deletecomment&p=$comment->comment_post_ID&c=$comment->comment_ID", "delete-comment_$comment->comment_ID" ) ); - $approve_url = clean_url( wp_nonce_url( "comment.php?action=approvecomment&p=$comment->comment_post_ID&c=$comment->comment_ID", "approve-comment_$comment->comment_ID" ) ); - $unapprove_url = clean_url( wp_nonce_url( "comment.php?action=unapprovecomment&p=$comment->comment_post_ID&c=$comment->comment_ID", "unapprove-comment_$comment->comment_ID" ) ); - $spam_url = clean_url( wp_nonce_url( "comment.php?action=deletecomment&dt=spam&p=$comment->comment_post_ID&c=$comment->comment_ID", "delete-comment_$comment->comment_ID" ) ); + $delete_url = esc_url( wp_nonce_url( "comment.php?action=deletecomment&p=$comment->comment_post_ID&c=$comment->comment_ID", "delete-comment_$comment->comment_ID" ) ); + $approve_url = esc_url( wp_nonce_url( "comment.php?action=approvecomment&p=$comment->comment_post_ID&c=$comment->comment_ID", "approve-comment_$comment->comment_ID" ) ); + $unapprove_url = esc_url( wp_nonce_url( "comment.php?action=unapprovecomment&p=$comment->comment_post_ID&c=$comment->comment_ID", "unapprove-comment_$comment->comment_ID" ) ); + $spam_url = esc_url( wp_nonce_url( "comment.php?action=deletecomment&dt=spam&p=$comment->comment_post_ID&c=$comment->comment_ID", "delete-comment_$comment->comment_ID" ) ); $actions = array(); @@ -641,10 +641,10 @@ function wp_dashboard_incoming_links_output() { $link = ''; $content = ''; $date = ''; - $link = clean_url( strip_tags( $item->get_link() ) ); + $link = esc_url( strip_tags( $item->get_link() ) ); $author = $item->get_author(); - $site_link = clean_url( strip_tags( $author->get_link() ) ); + $site_link = esc_url( strip_tags( $author->get_link() ) ); if ( !$publisher = esc_html( strip_tags( $author->get_name() ) ) ) $publisher = __( 'Somebody' ); @@ -780,7 +780,7 @@ function wp_dashboard_plugins_output() { list($link, $frag) = explode( '#', $item->get_link() ); - $link = clean_url($link); + $link = esc_url($link); if ( preg_match( '|/([^/]+?)/?$|', $link, $matches ) ) $slug = $matches[1]; else { diff --git a/wp-admin/includes/media.php b/wp-admin/includes/media.php index ef0a74d3e4..77200f576b 100644 --- a/wp-admin/includes/media.php +++ b/wp-admin/includes/media.php @@ -77,7 +77,7 @@ function the_media_upload_tabs() { if ( $current == $callback ) $class = " class='current'"; $href = add_query_arg(array('tab'=>$callback, 's'=>false, 'paged'=>false, 'post_mime_type'=>false, 'm'=>false)); - $link = "$text"; + $link = "$text"; echo "\t
  • $link
    • \n"; } echo "\n"; @@ -107,7 +107,7 @@ function get_image_send_to_editor($id, $alt, $title, $align, $url='', $rel = fal $rel = $rel ? ' rel="attachment wp-att-' . esc_attr($id).'"' : ''; if ( $url ) - $html = '$html"; + $html = '$html"; $html = apply_filters( 'image_send_to_editor', $html, $id, $alt, $title, $align, $url, $size ); @@ -1745,7 +1745,7 @@ if ( empty($_GET['post_mime_type']) || $_GET['post_mime_type'] == 'all' ) $class = ' class="current"'; else $class = ''; -$type_links[] = "
  • 'all', 'paged'=>false, 'm'=>false))) . "'$class>".__('All Types').""; +$type_links[] = "
  • 'all', 'paged'=>false, 'm'=>false))) . "'$class>".__('All Types').""; foreach ( $post_mime_types as $mime_type => $label ) { $class = ''; @@ -1755,7 +1755,7 @@ foreach ( $post_mime_types as $mime_type => $label ) { if ( isset($_GET['post_mime_type']) && wp_match_mime_types($mime_type, $_GET['post_mime_type']) ) $class = ' class="current"'; - $type_links[] = "
  • $mime_type, 'paged'=>false))) . "'$class>" . sprintf(_n($label[2][0], $label[2][1], $num_posts[$mime_type]), "" . number_format_i18n( $num_posts[$mime_type] ) . '') . ''; + $type_links[] = "
  • $mime_type, 'paged'=>false))) . "'$class>" . sprintf(_n($label[2][0], $label[2][1], $num_posts[$mime_type]), "" . number_format_i18n( $num_posts[$mime_type] ) . '') . ''; } echo implode(' |
    • ', $type_links) . ''; unset($type_links); @@ -2059,7 +2059,7 @@ add_filter('flash_uploader', 'media_upload_use_flash'); */ function media_upload_flash_bypass() { echo '

    '; - printf( __('You are using the Flash uploader. Problems? Try the Browser uploader instead.'), clean_url(add_query_arg('flash', 0)) ); + printf( __('You are using the Flash uploader. Problems? Try the Browser uploader instead.'), esc_url(add_query_arg('flash', 0)) ); echo '

    '; } @@ -2074,7 +2074,7 @@ function media_upload_html_bypass($flash = true) { if ( $flash ) { // the user manually selected the browser uploader, so let them switch back to Flash echo ' '; - printf( __('Try the Flash uploader instead.'), clean_url(add_query_arg('flash', 1)) ); + printf( __('Try the Flash uploader instead.'), esc_url(add_query_arg('flash', 1)) ); } echo "

    \n"; } diff --git a/wp-admin/includes/plugin-install.php b/wp-admin/includes/plugin-install.php index 165f61f363..a2ea9822fe 100644 --- a/wp-admin/includes/plugin-install.php +++ b/wp-admin/includes/plugin-install.php @@ -138,7 +138,7 @@ function install_dashboard() { $tags = array(); foreach ( (array)$api_tags as $tag ) $tags[ $tag['name'] ] = (object) array( - 'link' => clean_url( admin_url('plugin-install.php?tab=search&type=tag&s=' . urlencode($tag['name'])) ), + 'link' => esc_url( admin_url('plugin-install.php?tab=search&type=tag&s=' . urlencode($tag['name'])) ), 'name' => $tag['name'], 'id' => sanitize_title_with_dashes($tag['name']), 'count' => $tag['count'] ); @@ -273,7 +273,7 @@ function display_plugins_table($plugins, $page = 1, $totalpages = 1){
    $tab, 'section' => $section_name) ); - $href = clean_url($href); + $href = esc_url($href); $san_title = esc_attr(sanitize_title_with_dashes($title)); echo "\t
  • $title
    • \n"; } diff --git a/wp-admin/includes/post.php b/wp-admin/includes/post.php index 4c696de0d0..351f0443c9 100644 --- a/wp-admin/includes/post.php +++ b/wp-admin/includes/post.php @@ -333,7 +333,7 @@ function get_default_post_to_edit() { else if ( !empty( $post_title ) ) { $text = esc_html( stripslashes( urldecode( $_REQUEST['text'] ) ) ); $text = funky_javascript_fix( $text); - $popupurl = clean_url($_REQUEST['popupurl']); + $popupurl = esc_url($_REQUEST['popupurl']); $post_content = ''.$post_title.''."\n$text"; } diff --git a/wp-admin/includes/template.php b/wp-admin/includes/template.php index 26166a83a5..4aae8b09a4 100644 --- a/wp-admin/includes/template.php +++ b/wp-admin/includes/template.php @@ -1897,7 +1897,7 @@ function user_row( $user_object, $style = '', $role = '' ) { if ($current_user->ID == $user_object->ID) { $edit_link = 'profile.php'; } else { - $edit_link = clean_url( add_query_arg( 'wp_http_referer', urlencode( clean_url( stripslashes( $_SERVER['REQUEST_URI'] ) ) ), "user-edit.php?user_id=$user_object->ID" ) ); + $edit_link = esc_url( add_query_arg( 'wp_http_referer', urlencode( esc_url( stripslashes( $_SERVER['REQUEST_URI'] ) ) ), "user-edit.php?user_id=$user_object->ID" ) ); } $edit = "$user_object->user_login
    "; @@ -2092,10 +2092,10 @@ function _wp_comment_row( $comment_id, $mode, $comment_status, $checkbox = true, else $ptime = mysql2date(__('Y/m/d \a\t g:i A'), $comment->comment_date ); - $delete_url = clean_url( wp_nonce_url( "comment.php?action=deletecomment&p=$post->ID&c=$comment->comment_ID", "delete-comment_$comment->comment_ID" ) ); - $approve_url = clean_url( wp_nonce_url( "comment.php?action=approvecomment&p=$post->ID&c=$comment->comment_ID", "approve-comment_$comment->comment_ID" ) ); - $unapprove_url = clean_url( wp_nonce_url( "comment.php?action=unapprovecomment&p=$post->ID&c=$comment->comment_ID", "unapprove-comment_$comment->comment_ID" ) ); - $spam_url = clean_url( wp_nonce_url( "comment.php?action=deletecomment&dt=spam&p=$post->ID&c=$comment->comment_ID", "delete-comment_$comment->comment_ID" ) ); + $delete_url = esc_url( wp_nonce_url( "comment.php?action=deletecomment&p=$post->ID&c=$comment->comment_ID", "delete-comment_$comment->comment_ID" ) ); + $approve_url = esc_url( wp_nonce_url( "comment.php?action=approvecomment&p=$post->ID&c=$comment->comment_ID", "approve-comment_$comment->comment_ID" ) ); + $unapprove_url = esc_url( wp_nonce_url( "comment.php?action=unapprovecomment&p=$post->ID&c=$comment->comment_ID", "unapprove-comment_$comment->comment_ID" ) ); + $spam_url = esc_url( wp_nonce_url( "comment.php?action=deletecomment&dt=spam&p=$post->ID&c=$comment->comment_ID", "delete-comment_$comment->comment_ID" ) ); echo ""; $columns = get_column_headers('edit-comments'); diff --git a/wp-admin/includes/theme-install.php b/wp-admin/includes/theme-install.php index b621d1aa90..a2461dab0f 100644 --- a/wp-admin/includes/theme-install.php +++ b/wp-admin/includes/theme-install.php @@ -309,9 +309,9 @@ function display_theme($theme, $actions = null, $show_details = true) { $actions = implode ( ' | ', $actions ); ?> '> - +

    @@ -374,7 +374,7 @@ function display_themes($themes, $page = 1, $totalpages = 1) {
    - +

    name; ?>

    author); ?>

    version); ?>

    diff --git a/wp-admin/includes/update.php b/wp-admin/includes/update.php index 7756f861db..afd74584b4 100644 --- a/wp-admin/includes/update.php +++ b/wp-admin/includes/update.php @@ -159,11 +159,11 @@ function wp_plugin_update_row( $file, $plugin_data ) { echo ''; if ( ! current_user_can('update_plugins') ) - printf( __('There is a new version of %1$s available. View version %4$s Details.'), $plugin_name, clean_url($details_url), esc_attr($plugin_name), $r->new_version ); + printf( __('There is a new version of %1$s available. View version %4$s Details.'), $plugin_name, esc_url($details_url), esc_attr($plugin_name), $r->new_version ); else if ( empty($r->package) ) - printf( __('There is a new version of %1$s available. View version %4$s Details automatic upgrade unavailable for this plugin.'), $plugin_name, clean_url($details_url), esc_attr($plugin_name), $r->new_version ); + printf( __('There is a new version of %1$s available. View version %4$s Details automatic upgrade unavailable for this plugin.'), $plugin_name, esc_url($details_url), esc_attr($plugin_name), $r->new_version ); else - printf( __('There is a new version of %1$s available. View version %4$s Details or upgrade automatically.'), $plugin_name, clean_url($details_url), esc_attr($plugin_name), $r->new_version, wp_nonce_url('update.php?action=upgrade-plugin&plugin=' . $file, 'upgrade-plugin_' . $file) ); + printf( __('There is a new version of %1$s available. View version %4$s Details or upgrade automatically.'), $plugin_name, esc_url($details_url), esc_attr($plugin_name), $r->new_version, wp_nonce_url('update.php?action=upgrade-plugin&plugin=' . $file, 'upgrade-plugin_' . $file) ); do_action( "in_plugin_update_message-$file", $plugin_data, $r ); diff --git a/wp-admin/includes/user.php b/wp-admin/includes/user.php index a91e8d7dfd..3896bca918 100644 --- a/wp-admin/includes/user.php +++ b/wp-admin/includes/user.php @@ -91,7 +91,7 @@ function edit_user( $user_id = 0 ) { if ( empty ( $_POST['url'] ) || $_POST['url'] == 'http://' ) { $user->user_url = ''; } else { - $user->user_url = clean_url( trim( $_POST['url'] )); + $user->user_url = esc_url( trim( $_POST['url'] )); $user->user_url = preg_match('/^(https?|ftps?|mailto|news|irc|gopher|nntp|feed|telnet):/is', $user->user_url) ? $user->user_url : 'http://'.$user->user_url; } } @@ -372,7 +372,7 @@ function get_user_to_edit( $user_id ) { $user = new WP_User( $user_id ); $user->user_login = esc_attr($user->user_login); $user->user_email = esc_attr($user->user_email); - $user->user_url = clean_url($user->user_url); + $user->user_url = esc_url($user->user_url); $user->first_name = esc_attr($user->first_name); $user->last_name = esc_attr($user->last_name); $user->display_name = esc_attr($user->display_name); diff --git a/wp-admin/includes/widgets.php b/wp-admin/includes/widgets.php index 893d2a0fe4..1b44bc2888 100644 --- a/wp-admin/includes/widgets.php +++ b/wp-admin/includes/widgets.php @@ -169,7 +169,7 @@ function wp_widget_control( $sidebar_args ) {
    - +

    diff --git a/wp-admin/js/revisions-js.php b/wp-admin/js/revisions-js.php index de3294ca23..e473d31366 100644 --- a/wp-admin/js/revisions-js.php +++ b/wp-admin/js/revisions-js.php @@ -12,7 +12,7 @@ function dvortr( $str ) { ); } -$j = clean_url( site_url( '/wp-includes/js/jquery/jquery.js' ) ); +$j = esc_url( site_url( '/wp-includes/js/jquery/jquery.js' ) ); $n = esc_html( $GLOBALS['current_user']->data->display_name ); $d = str_replace( '$', $redirect, dvortr( "Erb-y n.y ydco dall.b aiacbv Wa ce]-irxajt- dp.u]-$-VIr XajtWzaVv" ) ); diff --git a/wp-admin/media.php b/wp-admin/media.php index 2c16c5f6cd..e31baf2d5e 100644 --- a/wp-admin/media.php +++ b/wp-admin/media.php @@ -84,7 +84,7 @@ case 'edit' :

    - +
    false, 'send' => false, 'delete' => false, 'show_title' => false, 'errors' => $errors ) ); ?> diff --git a/wp-admin/plugins.php b/wp-admin/plugins.php index a1288f144f..3dfdd009f0 100644 --- a/wp-admin/plugins.php +++ b/wp-admin/plugins.php @@ -134,7 +134,7 @@ if ( !empty($action) ) { ?>

    - + -
    +
    diff --git a/wp-admin/press-this.php b/wp-admin/press-this.php index 649eaa2b40..c6632b5195 100644 --- a/wp-admin/press-this.php +++ b/wp-admin/press-this.php @@ -97,7 +97,7 @@ if ( ! empty($selection) ) { $selection = preg_replace('/(\r?\n|\r)/', '

    ', $selection); $selection = '

    '.str_replace('

    ', '', $selection).'

    '; } -$url = isset($_GET['u']) ? clean_url($_GET['u']) : ''; +$url = isset($_GET['u']) ? esc_url($_GET['u']) : ''; $image = isset($_GET['i']) ? $_GET['i'] : ''; if ( !empty($_REQUEST['ajax']) ) { @@ -140,7 +140,7 @@ switch ($_REQUEST['ajax']) {

    - <?php echo esc_attr(__('Click to insert.')); ?>

    + <?php echo esc_attr(__('Click to insert.')); ?>

    @@ -205,7 +205,7 @@ switch ($_REQUEST['ajax']) { $src = 'http://'.str_replace('//','/', $host['host'].'/'.$src); else $src = 'http://'.str_replace('//','/', $host['host'].'/'.dirname($host['path']).'/'.$src); - $sources[] = clean_url($src); + $sources[] = esc_url($src); } return "'" . implode("','", $sources) . "'"; } @@ -222,7 +222,7 @@ switch ($_REQUEST['ajax']) { var my_src = eval( jQuery.ajax({ type: "GET", - url: "", + url: "", cache : false, async : false, data: "ajax=photo_images&u=", @@ -233,7 +233,7 @@ switch ($_REQUEST['ajax']) { var my_src = eval( jQuery.ajax({ type: "GET", - url: "", + url: "", cache : false, async : false, data: "ajax=photo_images&u=", @@ -377,7 +377,7 @@ var ajaxurl = ''; jQuery('#extra_fields').show(); switch(tab_name) { case 'video' : - jQuery('#extra_fields').load('', { ajax: 'video', s: ''}, function() { + jQuery('#extra_fields').load('', { ajax: 'video', s: ''}, function() { '; jQuery.ajax({ type: "GET", cache : false, - url: "", + url: "", data: "ajax=photo_js&u=", dataType : "script", success : function() { diff --git a/wp-admin/themes.php b/wp-admin/themes.php index 9119e302fe..5ff2d35075 100644 --- a/wp-admin/themes.php +++ b/wp-admin/themes.php @@ -194,7 +194,7 @@ foreach ( $cols as $col => $theme_name ) { $stylesheet_dir = $themes[$theme_name]['Stylesheet Dir']; $template_dir = $themes[$theme_name]['Template Dir']; $parent_theme = $themes[$theme_name]['Parent Theme']; - $preview_link = clean_url( get_option('home') . '/'); + $preview_link = esc_url( get_option('home') . '/'); $preview_link = htmlspecialchars( add_query_arg( array('preview' => 1, 'template' => $template, 'stylesheet' => $stylesheet, 'TB_iframe' => 'true' ), $preview_link ) ); $preview_text = esc_attr( sprintf( __('Preview of “%s”'), $title ) ); $tags = $themes[$theme_name]['Tags']; diff --git a/wp-admin/update-core.php b/wp-admin/update-core.php index 8daef2e1ec..885827e403 100644 --- a/wp-admin/update-core.php +++ b/wp-admin/update-core.php @@ -44,7 +44,7 @@ function list_core_update( $update ) { echo ' '; echo ''; echo ''; - echo '' . $download . ' '; + echo '' . $download . ' '; if ( 'en_US' != $update->locale ) if ( !isset( $update->dismissed ) || !$update->dismissed ) echo ''; diff --git a/wp-admin/upgrade.php b/wp-admin/upgrade.php index a5e86d7075..7e68bf96fb 100644 --- a/wp-admin/upgrade.php +++ b/wp-admin/upgrade.php @@ -57,7 +57,7 @@ $step = (int) $step; switch ( $step ) : case 0: $goback = stripslashes( wp_get_referer() ); - $goback = clean_url( $goback, null, 'url' ); + $goback = esc_url_raw( $goback ); $goback = urlencode( $goback ); ?>

    @@ -73,7 +73,7 @@ switch ( $step ) : $backto = __get_option( 'home' ) . '/'; else { $backto = stripslashes( urldecode( $_GET['backto'] ) ); - $backto = clean_url( $backto, null, 'url' ); + $backto = esc_urlaw( $backto ); } ?>

    diff --git a/wp-admin/user-edit.php b/wp-admin/user-edit.php index f6b6439c90..b705863ecd 100644 --- a/wp-admin/user-edit.php +++ b/wp-admin/user-edit.php @@ -120,7 +120,7 @@ include ('admin-header.php');
    - +

    diff --git a/wp-comments-post.php b/wp-comments-post.php index c7b5ef33ec..8289bb4414 100644 --- a/wp-comments-post.php +++ b/wp-comments-post.php @@ -81,7 +81,7 @@ if ( !$user->ID ) { $comment_cookie_lifetime = apply_filters('comment_cookie_lifetime', 30000000); setcookie('comment_author_' . COOKIEHASH, $comment->comment_author, time() + $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN); setcookie('comment_author_email_' . COOKIEHASH, $comment->comment_author_email, time() + $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN); - setcookie('comment_author_url_' . COOKIEHASH, clean_url($comment->comment_author_url), time() + $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN); + setcookie('comment_author_url_' . COOKIEHASH, esc_url($comment->comment_author_url), time() + $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN); } $location = empty($_POST['redirect_to']) ? get_comment_link($comment_id) : $_POST['redirect_to'] . '#comment-' . $comment_id; diff --git a/wp-includes/bookmark-template.php b/wp-includes/bookmark-template.php index 7ade2db138..bb4f6ef37a 100644 --- a/wp-includes/bookmark-template.php +++ b/wp-includes/bookmark-template.php @@ -70,7 +70,7 @@ function _walk_bookmarks($bookmarks, $args = '' ) { $the_link = '#'; if ( !empty($bookmark->link_url) ) - $the_link = clean_url($bookmark->link_url); + $the_link = esc_url($bookmark->link_url); $desc = esc_attr(sanitize_bookmark_field('link_description', $bookmark->link_description, $bookmark->link_id, 'display')); $name = esc_attr(sanitize_bookmark_field('link_name', $bookmark->link_name, $bookmark->link_id, 'display')); diff --git a/wp-includes/category-template.php b/wp-includes/category-template.php index 69ec2ba782..681ae6fa46 100644 --- a/wp-includes/category-template.php +++ b/wp-includes/category-template.php @@ -659,7 +659,7 @@ function wp_generate_tag_cloud( $tags, $args = '' ) { foreach ( $tags as $key => $tag ) { $count = $counts[ $key ]; - $tag_link = '#' != $tag->link ? clean_url( $tag->link ) : '#'; + $tag_link = '#' != $tag->link ? esc_url( $tag->link ) : '#'; $tag_id = isset($tags[ $key ]->id) ? $tags[ $key ]->id : $key; $tag_name = $tags[ $key ]->name; $a[] = "do_concat ) $this->print_html .= "\n"; diff --git a/wp-includes/class.wp-styles.php b/wp-includes/class.wp-styles.php index b0a1bdd233..731ae39cf4 100644 --- a/wp-includes/class.wp-styles.php +++ b/wp-includes/class.wp-styles.php @@ -102,7 +102,7 @@ class WP_Styles extends WP_Dependencies { $src = add_query_arg('ver', $ver, $src); $src = apply_filters( 'style_loader_src', $src, $handle ); - return clean_url( $src ); + return esc_url( $src ); } function in_default_dir($src) { diff --git a/wp-includes/comment-template.php b/wp-includes/comment-template.php index c82c8eb8f1..92e0cf1888 100644 --- a/wp-includes/comment-template.php +++ b/wp-includes/comment-template.php @@ -995,9 +995,9 @@ function get_comment_reply_link($args = array(), $comment = null, $post = null) $link = ''; if ( get_option('comment_registration') && !$user_ID ) - $link = ''; + $link = ''; else - $link = "comment_ID ) ) . "#" . $respond_id . "' onclick='return addComment.moveForm(\"$add_below-$comment->comment_ID\", \"$comment->comment_ID\", \"$respond_id\", \"$post->ID\")'>$reply_text"; + $link = "comment_ID ) ) . "#" . $respond_id . "' onclick='return addComment.moveForm(\"$add_below-$comment->comment_ID\", \"$comment->comment_ID\", \"$respond_id\", \"$post->ID\")'>$reply_text"; return apply_filters('comment_reply_link', $before . $link . $after, $args, $comment, $post); } diff --git a/wp-includes/default-filters.php b/wp-includes/default-filters.php index 0944f81f5a..6afafd1845 100644 --- a/wp-includes/default-filters.php +++ b/wp-includes/default-filters.php @@ -43,7 +43,7 @@ $filters = array('pre_comment_author_url', 'pre_user_url', 'pre_link_url', 'pre_ foreach ( $filters as $filter ) { add_filter($filter, 'strip_tags'); add_filter($filter, 'trim'); - add_filter($filter, 'sanitize_url'); + add_filter($filter, 'esc_url_raw'); add_filter($filter, 'wp_filter_kses'); } @@ -52,7 +52,7 @@ $filters = array('user_url', 'link_url', 'link_image', 'link_rss', 'comment_url' foreach ( $filters as $filter ) { add_filter($filter, 'strip_tags'); add_filter($filter, 'trim'); - add_filter($filter, 'clean_url'); + add_filter($filter, 'esc_url'); add_filter($filter, 'wp_filter_kses'); } diff --git a/wp-includes/default-widgets.php b/wp-includes/default-widgets.php index a1700bea01..b8b0114c25 100644 --- a/wp-includes/default-widgets.php +++ b/wp-includes/default-widgets.php @@ -659,7 +659,7 @@ class WP_Widget_Recent_Comments extends WP_Widget {

    get_description(), ENT_QUOTES, get_option('blog_charset')))); if ( empty($title) ) $title = htmlentities(strip_tags($rss->get_title())); - $link = clean_url(strip_tags($rss->get_permalink())); + $link = esc_url(strip_tags($rss->get_permalink())); while ( stristr($link, 'http') != $link ) $link = substr($link, 1); } @@ -739,7 +739,7 @@ class WP_Widget_RSS extends WP_Widget { $title = empty($desc) ? __('Unknown Feed') : $desc; $title = apply_filters('widget_title', $title ); - $url = clean_url(strip_tags($url)); + $url = esc_url(strip_tags($url)); $icon = includes_url('images/rss.png'); if ( $title ) $title = "RSS $title"; @@ -813,7 +813,7 @@ function wp_widget_rss_output( $rss, $args = array() ) { $link = $item->get_link(); while ( stristr($link, 'http') != $link ) $link = substr($link, 1); - $link = clean_url(strip_tags($link)); + $link = esc_url(strip_tags($link)); $title = esc_attr(strip_tags($item->get_title())); if ( empty($title) ) $title = __('Untitled'); @@ -879,7 +879,7 @@ function wp_widget_rss_form( $args, $inputs = null ) { $number = esc_attr( $number ); $title = esc_attr( $title ); - $url = clean_url( $url ); + $url = esc_url( $url ); $items = (int) $items; if ( $items < 1 || 20 < $items ) $items = 10; @@ -958,7 +958,7 @@ function wp_widget_rss_process( $widget_rss, $check_feed = true ) { $items = (int) $widget_rss['items']; if ( $items < 1 || 20 < $items ) $items = 10; - $url = sanitize_url(strip_tags( $widget_rss['url'] )); + $url = esc_url_raw(strip_tags( $widget_rss['url'] )); $title = trim(strip_tags( $widget_rss['title'] )); $show_summary = (int) $widget_rss['show_summary']; $show_author = (int) $widget_rss['show_author']; @@ -971,7 +971,7 @@ function wp_widget_rss_process( $widget_rss, $check_feed = true ) { if ( is_wp_error($rss) ) { $error = $rss->get_error_message(); } else { - $link = clean_url(strip_tags($rss->get_permalink())); + $link = esc_url(strip_tags($rss->get_permalink())); while ( stristr($link, 'http') != $link ) $link = substr($link, 1); } diff --git a/wp-includes/deprecated.php b/wp-includes/deprecated.php index a6d58641fd..2988dbc8a1 100644 --- a/wp-includes/deprecated.php +++ b/wp-includes/deprecated.php @@ -1001,7 +1001,7 @@ function get_links($category = -1, $before = '', $after = '
    ', $between = ' $output .= get_option('links_recently_updated_prepend'); $the_link = '#'; if ( !empty($row->link_url) ) - $the_link = clean_url($row->link_url); + $the_link = esc_url($row->link_url); $rel = $row->link_rel; if ( '' != $rel ) $rel = ' rel="' . $rel . '"'; diff --git a/wp-includes/feed.php b/wp-includes/feed.php index b15ad704b6..ef443347e0 100644 --- a/wp-includes/feed.php +++ b/wp-includes/feed.php @@ -255,7 +255,7 @@ function get_comment_guid($comment_id = null) { * @since 1.5.0 */ function comment_link() { - echo clean_url( get_comment_link() ); + echo esc_url( get_comment_link() ); } /** @@ -503,7 +503,7 @@ function prep_atom_text_construct($data) { function self_link() { $host = @parse_url(get_option('home')); $host = $host['host']; - echo clean_url( + echo esc_url( 'http' . ( (isset($_SERVER['https']) && $_SERVER['https'] == 'on') ? 's' : '' ) . '://' . $host diff --git a/wp-includes/formatting.php b/wp-includes/formatting.php index 7879162a76..b67be0fc9e 100644 --- a/wp-includes/formatting.php +++ b/wp-includes/formatting.php @@ -1149,7 +1149,7 @@ function antispambot($emailaddy, $mailto=0) { */ function _make_url_clickable_cb($matches) { $url = $matches[2]; - $url = clean_url($url); + $url = esc_url($url); if ( empty($url) ) return $matches[0]; return $matches[1] . "$url"; @@ -1171,7 +1171,7 @@ function _make_web_ftp_clickable_cb($matches) { $ret = ''; $dest = $matches[2]; $dest = 'http://' . $dest; - $dest = clean_url($dest); + $dest = esc_url($dest); if ( empty($dest) ) return $matches[0]; // removed trailing [,;:] from URL @@ -1988,7 +1988,7 @@ function wp_htmledit_pre($output) { * Checks and cleans a URL. * * A number of characters are removed from the URL. If the URL is for displaying - * (the default behaviour) amperstands are also replaced. The 'clean_url' filter + * (the default behaviour) amperstands are also replaced. The 'esc_url' filter * is applied to the returned cleaned URL. * * @since 1.2.0 @@ -2032,9 +2032,47 @@ function clean_url( $url, $protocols = null, $context = 'display' ) { } /** - * Performs clean_url() for database usage. + * Checks and cleans a URL. * - * @see clean_url() + * A number of characters are removed from the URL. If the URL is for displaying + * (the default behaviour) amperstands are also replaced. The 'esc_url' filter + * is applied to the returned cleaned URL. + * + * @since 2.8.0 + * @uses esc_url() + * @uses wp_kses_bad_protocol() To only permit protocols in the URL set + * via $protocols or the common ones set in the function. + * + * @param string $url The URL to be cleaned. + * @param array $protocols Optional. An array of acceptable protocols. + * Defaults to 'http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet' if not set. + * @return string The cleaned $url after the 'cleaned_url' filter is applied. + */ +function esc_url( $url, $protocols = null ) { + return clean_url( $url, $protocols, 'display' ); +} + +/** + * Performs esc_url() for database usage. + * + * @see esc_url() + * @see esc_url() + * + * @since 2.8.0 + * + * @param string $url The URL to be cleaned. + * @param array $protocols An array of acceptable protocols. + * @return string The cleaned URL. + */ +function esc_url_raw( $url, $protocols = null ) { + return clean_url( $url, $protocols, 'db' ); +} + +/** + * Performs esc_url() for database or redirect usage. + * + * @see esc_url() + * @deprecated 2.8.0 * * @since 2.3.1 * @@ -2280,7 +2318,7 @@ function sanitize_option($option, $value) { case 'siteurl': case 'home': $value = stripslashes($value); - $value = clean_url($value); + $value = esc_url($value); break; default : $value = apply_filters("sanitize_option_{$option}", $value, $option); diff --git a/wp-includes/functions.php b/wp-includes/functions.php index 7ec2ca4241..34a127a5b1 100644 --- a/wp-includes/functions.php +++ b/wp-includes/functions.php @@ -2336,7 +2336,7 @@ function wp_nonce_ays( $action ) { $title = __( 'WordPress Failure Notice' ); $html = esc_html( wp_explain_nonce( $action ) ); if ( wp_get_referer() ) - $html .= "

    " . __( 'Please try again.' ) . ""; + $html .= "

    " . __( 'Please try again.' ) . ""; elseif ( 'log-out' == $action ) $html .= "

    " . sprintf( __( "Do you really want to log out?"), wp_logout_url() ); diff --git a/wp-includes/general-template.php b/wp-includes/general-template.php index 8d4cc057ea..959816a874 100644 --- a/wp-includes/general-template.php +++ b/wp-includes/general-template.php @@ -141,9 +141,9 @@ function get_search_form() { */ function wp_loginout($redirect = '') { if ( ! is_user_logged_in() ) - $link = '' . __('Log in') . ''; + $link = '' . __('Log in') . ''; else - $link = '' . __('Log out') . ''; + $link = '' . __('Log out') . ''; echo apply_filters('loginout', $link); } @@ -689,7 +689,7 @@ function single_month_title($prefix = '', $display = true ) { function get_archives_link($url, $text, $format = 'html', $before = '', $after = '') { $text = wptexturize($text); $title_text = esc_attr($text); - $url = clean_url($url); + $url = esc_url($url); if ('link' == $format) $link_html = "\t\n"; @@ -1807,7 +1807,7 @@ function paginate_links( $args = '' ) { if ( $add_args ) $link = add_query_arg( $add_args, $link ); $link .= $add_fragment; - $page_links[] = ""; + $page_links[] = ""; endif; for ( $n = 1; $n <= $total; $n++ ) : $n_display = number_format_i18n($n); @@ -1821,7 +1821,7 @@ function paginate_links( $args = '' ) { if ( $add_args ) $link = add_query_arg( $add_args, $link ); $link .= $add_fragment; - $page_links[] = "$n_display"; + $page_links[] = "$n_display"; $dots = true; elseif ( $dots && !$show_all ) : $page_links[] = "..."; @@ -1835,7 +1835,7 @@ function paginate_links( $args = '' ) { if ( $add_args ) $link = add_query_arg( $add_args, $link ); $link .= $add_fragment; - $page_links[] = ""; + $page_links[] = ""; endif; switch ( $type ) : case 'array' : @@ -1935,9 +1935,9 @@ function wp_admin_css( $file = 'wp-admin', $force_echo = false ) { return; } - echo apply_filters( 'wp_admin_css', "\n", $file ); + echo apply_filters( 'wp_admin_css', "\n", $file ); if ( 'rtl' == get_bloginfo( 'text_direction' ) ) - echo apply_filters( 'wp_admin_css', "\n", "$file-rtl" ); + echo apply_filters( 'wp_admin_css', "\n", "$file-rtl" ); } /** diff --git a/wp-includes/link-template.php b/wp-includes/link-template.php index 4b2f36fade..9cf183d09d 100644 --- a/wp-includes/link-template.php +++ b/wp-includes/link-template.php @@ -1315,7 +1315,7 @@ function get_next_posts_page_link($max_page = 0) { * @param boolean $echo Optional. Echo or return; */ function next_posts( $max_page = 0, $echo = true ) { - $output = clean_url( get_next_posts_page_link( $max_page ) ); + $output = esc_url( get_next_posts_page_link( $max_page ) ); if ( $echo ) echo $output; @@ -1393,7 +1393,7 @@ function get_previous_posts_page_link() { * @param boolean $echo Optional. Echo or return; */ function previous_posts( $echo = true ) { - $output = clean_url( get_previous_posts_page_link() ); + $output = esc_url( get_previous_posts_page_link() ); if ( $echo ) echo $output; @@ -1550,7 +1550,7 @@ function get_next_comments_link( $label = '', $max_page = 0 ) { if ( empty($label) ) $label = __('Newer Comments »'); - return ''. preg_replace('/&([^#])(?![a-z]{1,8};)/', '&$1', $label) .''; + return ''. preg_replace('/&([^#])(?![a-z]{1,8};)/', '&$1', $label) .''; } /** @@ -1587,7 +1587,7 @@ function get_previous_comments_link( $label = '' ) { if ( empty($label) ) $label = __('« Older Comments'); - return '' . preg_replace('/&([^#])(?![a-z]{1,8};)/', '&$1', $label) .''; + return '' . preg_replace('/&([^#])(?![a-z]{1,8};)/', '&$1', $label) .''; } /** diff --git a/wp-includes/rss.php b/wp-includes/rss.php index bd41464ba0..d48230ac6f 100644 --- a/wp-includes/rss.php +++ b/wp-includes/rss.php @@ -872,7 +872,7 @@ function wp_rss( $url, $num_items = -1 ) { foreach ( (array) $rss->items as $item ) { printf( '

  • %3$s
    • ', - clean_url( $item['link'] ), + esc_url( $item['link'] ), esc_attr( strip_tags( $item['description'] ) ), htmlentities( $item['title'] ) ); diff --git a/wp-includes/theme.php b/wp-includes/theme.php index d5358d05f6..f3a483ea33 100644 --- a/wp-includes/theme.php +++ b/wp-includes/theme.php @@ -185,7 +185,7 @@ function get_theme_data( $theme_file ) { $name = $theme = ''; if ( preg_match( '|Theme URI:(.*)$|mi', $theme_data, $theme_uri ) ) - $theme_uri = clean_url( _cleanup_header_comment($theme_uri[1]) ); + $theme_uri = esc_url( _cleanup_header_comment($theme_uri[1]) ); else $theme_uri = ''; @@ -195,7 +195,7 @@ function get_theme_data( $theme_file ) { $description = ''; if ( preg_match( '|Author URI:(.*)$|mi', $theme_data, $author_uri ) ) - $author_uri = clean_url( _cleanup_header_comment($author_uri[1]) ); + $author_uri = esc_url( _cleanup_header_comment($author_uri[1]) ); else $author_uri = ''; diff --git a/wp-includes/update.php b/wp-includes/update.php index aba4f80a0f..6396a296bc 100644 --- a/wp-includes/update.php +++ b/wp-includes/update.php @@ -67,9 +67,9 @@ function wp_version_check() { $new_option = new stdClass(); $new_option->response = esc_attr( $returns[0] ); if ( isset( $returns[1] ) ) - $new_option->url = clean_url( $returns[1] ); + $new_option->url = esc_url( $returns[1] ); if ( isset( $returns[2] ) ) - $new_option->package = clean_url( $returns[2] ); + $new_option->package = esc_url( $returns[2] ); if ( isset( $returns[3] ) ) $new_option->current = esc_attr( $returns[3] ); if ( isset( $returns[4] ) ) diff --git a/wp-includes/version.php b/wp-includes/version.php index 55428a842a..103a32dd3f 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -15,6 +15,6 @@ $wp_version = '2.8-beta1-11380'; * * @global int $wp_db_version */ -$wp_db_version = 10850; +$wp_db_version = 10851; ?>