Upstream
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Changed to superglobals, and eliminated $use_cache (since we always do). 

git-svn-id: http://svn.automattic.com/wordpress/trunk@1108 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
saxmatt 2004-04-20 22:56:47 +00:00
parent e27e90a7b6
commit 10c6b7ea9c
49 changed files with 432 additions and 438 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
wp-admin/admin-header.php
View File

@ -10,7 +10,6 @@ function gethelp_link($this_file, $helptag) {
return $s;
}
if (!isset($use_cache)) $use_cache=1;
if (!isset($blogID)) $blog_ID=1;
if (!isset($debug)) $debug=0;
timer_start();
@ -37,14 +36,14 @@ $wpvarstoreset = array('profile','standalone','redirect','redirect_url','a','pop
for ($i=0; $i<count($wpvarstoreset); $i += 1) {
$wpvar = $wpvarstoreset[$i];
if (!isset($$wpvar)) {
if (empty($HTTP_POST_VARS["$wpvar"])) {
if (empty($HTTP_GET_VARS["$wpvar"])) {
if (empty($_POST["$wpvar"])) {
if (empty($_GET["$wpvar"])) {
$$wpvar = '';
} else {
$$wpvar = $HTTP_GET_VARS["$wpvar"];
$$wpvar = $_GET["$wpvar"];
}
} else {
$$wpvar = $HTTP_POST_VARS["$wpvar"];
$$wpvar = $_POST["$wpvar"];
}
}
}

32
wp-admin/categories.php
View File

@ -14,23 +14,23 @@ function add_magic_quotes($array) {
}
if (!get_magic_quotes_gpc()) {
$HTTP_GET_VARS = add_magic_quotes($HTTP_GET_VARS);
$HTTP_POST_VARS = add_magic_quotes($HTTP_POST_VARS);
$HTTP_COOKIE_VARS = add_magic_quotes($HTTP_COOKIE_VARS);
$_GET = add_magic_quotes($_GET);
$_POST = add_magic_quotes($_POST);
$_COOKIE = add_magic_quotes($_COOKIE);
}
$wpvarstoreset = array('action','standalone','cat');
for ($i=0; $i<count($wpvarstoreset); $i += 1) {
$wpvar = $wpvarstoreset[$i];
if (!isset($$wpvar)) {
if (empty($HTTP_POST_VARS["$wpvar"])) {
if (empty($HTTP_GET_VARS["$wpvar"])) {
if (empty($_POST["$wpvar"])) {
if (empty($_GET["$wpvar"])) {
$$wpvar = '';
} else {
$$wpvar = $HTTP_GET_VARS["$wpvar"];
$$wpvar = $_GET["$wpvar"];
}
} else {
$$wpvar = $HTTP_POST_VARS["$wpvar"];
$$wpvar = $_POST["$wpvar"];
}
}
}
@ -45,10 +45,10 @@ case 'addcat':
if ($user_level < 3)
die ('Cheatin&#8217; uh?');
$cat_name= addslashes(stripslashes(stripslashes($HTTP_POST_VARS['cat_name'])));
$cat_name= addslashes(stripslashes(stripslashes($_POST['cat_name'])));
$category_nicename = sanitize_title($cat_name);
$category_description = addslashes(stripslashes(stripslashes($HTTP_POST_VARS['category_description'])));
$cat = intval($HTTP_POST_VARS['cat']);
$category_description = addslashes(stripslashes(stripslashes($_POST['category_description'])));
$cat = intval($_POST['cat']);
$wpdb->query("INSERT INTO $tablecategories (cat_ID, cat_name, category_nicename, category_description, category_parent) VALUES ('0', '$cat_name', '$category_nicename', '$category_description', '$cat')");
@ -61,7 +61,7 @@ case 'Delete':
$standalone = 1;
require_once('admin-header.php');
$cat_ID = intval($HTTP_GET_VARS["cat_ID"]);
$cat_ID = intval($_GET["cat_ID"]);
$cat_name = get_catname($cat_ID);
$cat_name = addslashes($cat_name);
$category = $wpdb->get_row("SELECT * FROM $tablecategories WHERE cat_ID = " . $cat_ID);
@ -84,7 +84,7 @@ break;
case 'edit':
require_once ('admin-header.php');
$category = $wpdb->get_row("SELECT * FROM $tablecategories WHERE cat_ID = " . $HTTP_GET_VARS['cat_ID']);
$category = $wpdb->get_row("SELECT * FROM $tablecategories WHERE cat_ID = " . $_GET['cat_ID']);
$cat_name = stripslashes($category->cat_name);
?>
@ -92,7 +92,7 @@ case 'edit':
<h2>Edit Category</h2>
<form name="editcat" action="categories.php" method="post">
<input type="hidden" name="action" value="editedcat" />
<input type="hidden" name="cat_ID" value="<?php echo $HTTP_GET_VARS['cat_ID'] ?>" />
<input type="hidden" name="cat_ID" value="<?php echo $_GET['cat_ID'] ?>" />
<p>Category name:<br />
<input type="text" name="cat_name" value="<?php echo $cat_name; ?>" /></p>
<p>Category parent:<br />
@ -119,10 +119,10 @@ case 'editedcat':
if ($user_level < 3)
die ('Cheatin&#8217; uh?');
$cat_name = addslashes(stripslashes(stripslashes($HTTP_POST_VARS['cat_name'])));
$cat_ID = addslashes($HTTP_POST_VARS['cat_ID']);
$cat_name = addslashes(stripslashes(stripslashes($_POST['cat_name'])));
$cat_ID = addslashes($_POST['cat_ID']);
$category_nicename = sanitize_title($cat_name);
$category_description = $HTTP_POST_VARS['category_description'];
$category_description = $_POST['category_description'];
$wpdb->query("UPDATE $tablecategories SET cat_name = '$cat_name', category_nicename = '$category_nicename', category_description = '$category_description', category_parent = $cat WHERE cat_ID = $cat_ID");

2
wp-admin/edit-form-advanced.php
View File

@ -166,7 +166,7 @@ if ('publish' != $post_status || 0 == $post_ID) {
<?php
}
?>
<input name="referredby" type="hidden" id="referredby" value="<?php echo $HTTP_SERVER_VARS['HTTP_REFERER']; ?>" />
<input name="referredby" type="hidden" id="referredby" value="<?php echo $_SERVER['HTTP_REFERER']; ?>" />
</p>
<?php
if ('' != $pinged) {

2
wp-admin/edit-form-comment.php
View File

@ -71,7 +71,7 @@ edCanvas = document.getElementById('content');
?>
<p class="submit"><input type="submit" name="submit" value="<?php echo $submitbutton_text ?>" style="font-weight: bold;" tabindex="6" />
<input name="referredby" type="hidden" id="referredby" value="<?php echo $HTTP_SERVER_VARS['HTTP_REFERER']; ?>" />
<input name="referredby" type="hidden" id="referredby" value="<?php echo $_SERVER['HTTP_REFERER']; ?>" />
</p>

2
wp-admin/edit-form.php
View File

@ -109,7 +109,7 @@ edCanvas = document.getElementById('content');
<?php if ('bookmarklet' != $mode) {
echo '<input name="advanced" type="submit" id="advancededit" tabindex="7" value="' . __('Advanced Editing &raquo;') . '" />';
} ?>
<input name="referredby" type="hidden" id="referredby" value="<?php echo $HTTP_SERVER_VARS['HTTP_REFERER']; ?>" />
<input name="referredby" type="hidden" id="referredby" value="<?php echo $_SERVER['HTTP_REFERER']; ?>" />
</p>
</div>

2
wp-admin/import-b2.php
View File

@ -2,7 +2,7 @@
if (!file_exists('../wp-config.php')) die("There doesn't seem to be a wp-config.php file. Double check that you updated wp-config.sample.php with the proper database connection information and renamed it to wp-config.php.");
require_once('../wp-config.php');
require('upgrade-functions.php');
$step = $HTTP_GET_VARS['step'];
$step = $_GET['step'];
if (!$step) $step = 0;
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

8
wp-admin/import-blogger.php
View File

@ -4,14 +4,14 @@ $wpvarstoreset = array('action');
for ($i=0; $i<count($wpvarstoreset); $i += 1) {
$wpvar = $wpvarstoreset[$i];
if (!isset($$wpvar)) {
if (empty($HTTP_POST_VARS["$wpvar"])) {
if (empty($HTTP_GET_VARS["$wpvar"])) {
if (empty($_POST["$wpvar"])) {
if (empty($_GET["$wpvar"])) {
$$wpvar = '';
} else {
$$wpvar = $HTTP_GET_VARS["$wpvar"];
$$wpvar = $_GET["$wpvar"];
}
} else {
$$wpvar = $HTTP_POST_VARS["$wpvar"];
$$wpvar = $_POST["$wpvar"];
}
}
}

8
wp-admin/import-greymatter.php
View File

@ -12,14 +12,14 @@ $wpvarstoreset = array('action', 'gmpath', 'archivespath');
for ($i=0; $i<count($wpvarstoreset); $i += 1) {
$wpvar = $wpvarstoreset[$i];
if (!isset($$wpvar)) {
if (empty($HTTP_POST_VARS["$wpvar"])) {
if (empty($HTTP_GET_VARS["$wpvar"])) {
if (empty($_POST["$wpvar"])) {
if (empty($_GET["$wpvar"])) {
$$wpvar = '';
} else {
$$wpvar = $HTTP_GET_VARS["$wpvar"];
$$wpvar = $_GET["$wpvar"];
}
} else {
$$wpvar = $HTTP_POST_VARS["$wpvar"];
$$wpvar = $_POST["$wpvar"];
}
}
}

2
wp-admin/import-mt.php
View File

@ -5,7 +5,7 @@ define('MTEXPORT', '');
if (!file_exists('../wp-config.php')) die("There doesn't seem to be a wp-config.php file. You must install WordPress before you import any entries.");
require('../wp-config.php');
$step = $HTTP_GET_VARS['step'];
$step = $_GET['step'];
if (!$step) $step = 0;
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

2
wp-admin/import-textpattern.php
View File

@ -11,7 +11,7 @@ if (!file_exists('../wp-config.php')) die("There doesn't seem to be a wp-config.
require('../wp-config.php');
require('upgrade-functions.php');
$step = $HTTP_GET_VARS['step'];
$step = $_GET['step'];
if (!$step) $step = 0;
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

12
wp-admin/install-config.php
View File

@ -10,7 +10,7 @@ $configFile = file('../wp-config-sample.php');
if (!is_writable('../')) die("Sorry, I can't write to the directory. You'll have to either change the permissions on your WordPress directory or create your wp-config.php manually.");
$step = $HTTP_GET_VARS['step'];
$step = $_GET['step'];
if (!$step) $step = 0;
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
@ -104,11 +104,11 @@ switch($step) {
break;
case 2:
$dbname = $HTTP_POST_VARS['dbname'];
$uname = $HTTP_POST_VARS['uname'];
$passwrd = $HTTP_POST_VARS['pwd'];
$dbhost = $HTTP_POST_VARS['dbhost'];
$prefix = $HTTP_POST_VARS['prefix'];
$dbname = $_POST['dbname'];
$uname = $_POST['uname'];
$passwrd = $_POST['pwd'];
$dbhost = $_POST['dbhost'];
$prefix = $_POST['prefix'];
if (empty($prefix)) $prefix = 'wp_';
// Test the db connection.

2
wp-admin/install.php
View File

@ -4,7 +4,7 @@ if (!file_exists('../wp-config.php')) die("There doesn't seem to be a wp-config.
require_once('../wp-config.php');
require('upgrade-functions.php');
$step = $HTTP_GET_VARS['step'];
$step = $_GET['step'];
if (!$step) $step = 0;
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

18
wp-admin/link-add.php
View File

@ -32,9 +32,9 @@ function add_magic_quotes($array) {
return $array;
}
if (!get_magic_quotes_gpc()) {
$HTTP_GET_VARS = add_magic_quotes($HTTP_GET_VARS);
$HTTP_POST_VARS = add_magic_quotes($HTTP_POST_VARS);
$HTTP_COOKIE_VARS = add_magic_quotes($HTTP_COOKIE_VARS);
$_GET = add_magic_quotes($_GET);
$_POST = add_magic_quotes($_POST);
$_COOKIE = add_magic_quotes($_COOKIE);
}
$wpvarstoreset = array('action','standalone','cat_id', 'linkurl', 'name', 'image',
@ -44,19 +44,19 @@ $wpvarstoreset = array('action','standalone','cat_id', 'linkurl', 'name', 'image
for ($i=0; $i<count($wpvarstoreset); $i += 1) {
$wpvar = $wpvarstoreset[$i];
if (!isset($$wpvar)) {
if (empty($HTTP_POST_VARS["$wpvar"])) {
if (empty($HTTP_GET_VARS["$wpvar"])) {
if (empty($_POST["$wpvar"])) {
if (empty($_GET["$wpvar"])) {
$$wpvar = '';
} else {
$$wpvar = $HTTP_GET_VARS["$wpvar"];
$$wpvar = $_GET["$wpvar"];
}
} else {
$$wpvar = $HTTP_POST_VARS["$wpvar"];
$$wpvar = $_POST["$wpvar"];
}
}
}
$link_url = stripslashes($HTTP_GET_VARS['linkurl']);
$link_name = htmlentities(stripslashes(urldecode($HTTP_GET_VARS['name'])));
$link_url = stripslashes($_GET['linkurl']);
$link_name = htmlentities(stripslashes(urldecode($_GET['name'])));
require('admin-header.php');
?>

6
wp-admin/link-import.php
View File

@ -8,7 +8,7 @@ $parent_file = 'link-manager.php';
$title = 'Import Blogroll';
$this_file = 'link-import.php';
$step = $HTTP_POST_VARS['step'];
$step = $_POST['step'];
if (!$step) $step = 0;
?>
<?php
@ -88,12 +88,12 @@ switch ($step) {
<h2>Importing...</h2>
<?php
$cat_id = $HTTP_POST_VARS['cat_id'];
$cat_id = $_POST['cat_id'];
if (($cat_id == '') || ($cat_id == 0)) {
$cat_id = 1;
}
$opml_url = $HTTP_POST_VARS['opml_url'];
$opml_url = $_POST['opml_url'];
if (isset($opml_url) && $opml_url != '') {
$blogrolling = true;
}

72
wp-admin/link-manager.php
View File

@ -47,9 +47,9 @@ function add_magic_quotes($array) {
return $array;
}
if (!get_magic_quotes_gpc()) {
$HTTP_GET_VARS = add_magic_quotes($HTTP_GET_VARS);
$HTTP_POST_VARS = add_magic_quotes($HTTP_POST_VARS);
$HTTP_COOKIE_VARS = add_magic_quotes($HTTP_COOKIE_VARS);
$_GET = add_magic_quotes($_GET);
$_POST = add_magic_quotes($_POST);
$_COOKIE = add_magic_quotes($_COOKIE);
}
$wpvarstoreset = array('action','standalone','cat_id', 'linkurl', 'name', 'image',
@ -60,20 +60,20 @@ $wpvarstoreset = array('action','standalone','cat_id', 'linkurl', 'name', 'image
for ($i=0; $i<count($wpvarstoreset); $i += 1) {
$wpvar = $wpvarstoreset[$i];
if (!isset($$wpvar)) {
if (empty($HTTP_POST_VARS["$wpvar"])) {
if (empty($HTTP_GET_VARS["$wpvar"])) {
if (empty($_POST["$wpvar"])) {
if (empty($_GET["$wpvar"])) {
$$wpvar = '';
} else {
$$wpvar = $HTTP_GET_VARS["$wpvar"];
$$wpvar = $_GET["$wpvar"];
}
} else {
$$wpvar = $HTTP_POST_VARS["$wpvar"];
$$wpvar = $_POST["$wpvar"];
}
}
}
$links_show_cat_id = $HTTP_COOKIE_VARS['links_show_cat_id_' . $cookiehash];
$links_show_order = $HTTP_COOKIE_VARS['links_show_order_' . $cookiehash];
$links_show_cat_id = $_COOKIE['links_show_cat_id_' . $cookiehash];
$links_show_order = $_COOKIE['links_show_order_' . $cookiehash];
if (!empty($action2)) {
$action = $action2;
@ -175,17 +175,17 @@ switch ($action) {
$standalone = 1;
include_once('admin-header.php');
$link_url = $HTTP_POST_VARS['linkurl'];
$link_name = $HTTP_POST_VARS['name'];
$link_image = $HTTP_POST_VARS['image'];
$link_target = $HTTP_POST_VARS['target'];
$link_category = $HTTP_POST_VARS['category'];
$link_description = $HTTP_POST_VARS['description'];
$link_visible = $HTTP_POST_VARS['visible'];
$link_rating = $HTTP_POST_VARS['rating'];
$link_rel = $HTTP_POST_VARS['rel'];
$link_notes = $HTTP_POST_VARS['notes'];
$link_rss_uri = $HTTP_POST_VARS['rss_uri'];
$link_url = $_POST['linkurl'];
$link_name = $_POST['name'];
$link_image = $_POST['image'];
$link_target = $_POST['target'];
$link_category = $_POST['category'];
$link_description = $_POST['description'];
$link_visible = $_POST['visible'];
$link_rating = $_POST['rating'];
$link_rel = $_POST['rel'];
$link_notes = $_POST['notes'];
$link_rss_uri = $_POST['rss_uri'];
$auto_toggle = get_autotoggle($link_category);
if ($user_level < get_settings('links_minadminlevel'))
@ -202,7 +202,7 @@ switch ($action) {
. addslashes($link_image) . "', '$link_target', $link_category, '"
. addslashes($link_description) . "', '$link_visible', $user_ID, $link_rating, '" . addslashes($link_rel) . "', '" . addslashes($link_notes) . "', '$link_rss_uri')");
header('Location: ' . $HTTP_SERVER_VARS['HTTP_REFERER']);
header('Location: ' . $_SERVER['HTTP_REFERER']);
break;
} // end Add
@ -222,18 +222,18 @@ switch ($action) {
$standalone = 1;
include_once('admin-header.php');
$link_id = $HTTP_POST_VARS['link_id'];
$link_url = $HTTP_POST_VARS['linkurl'];
$link_name = $HTTP_POST_VARS['name'];
$link_image = $HTTP_POST_VARS['image'];
$link_target = $HTTP_POST_VARS['target'];
$link_category = $HTTP_POST_VARS['category'];
$link_description = $HTTP_POST_VARS['description'];
$link_visible = $HTTP_POST_VARS['visible'];
$link_rating = $HTTP_POST_VARS['rating'];
$link_rel = $HTTP_POST_VARS['rel'];
$link_notes = $HTTP_POST_VARS['notes'];
$link_rss_uri = $HTTP_POST_VARS['rss_uri'];
$link_id = $_POST['link_id'];
$link_url = $_POST['linkurl'];
$link_name = $_POST['name'];
$link_image = $_POST['image'];
$link_target = $_POST['target'];
$link_category = $_POST['category'];
$link_description = $_POST['description'];
$link_visible = $_POST['visible'];
$link_rating = $_POST['rating'];
$link_rel = $_POST['rel'];
$link_notes = $_POST['notes'];
$link_rss_uri = $_POST['rss_uri'];
$auto_toggle = get_autotoggle($link_category);
if ($user_level < get_settings('links_minadminlevel'))
@ -265,7 +265,7 @@ switch ($action) {
$standalone = 1;
include_once('admin-header.php');
$link_id = $HTTP_GET_VARS["link_id"];
$link_id = $_GET["link_id"];
if ($user_level < get_settings('links_minadminlevel'))
die ("Cheatin' uh ?");
@ -525,8 +525,8 @@ No</label></td>
} // end Show
case "popup":
{
$link_url = stripslashes($HTTP_GET_VARS["linkurl"]);
$link_name = stripslashes($HTTP_GET_VARS["name"]);
$link_url = stripslashes($_GET["linkurl"]);
$link_name = stripslashes($_GET["name"]);
//break; fall through
}
default:

18
wp-admin/moderation.php
View File

@ -15,30 +15,30 @@ function add_magic_quotes($array) {
}
if (!get_magic_quotes_gpc()) {
$HTTP_GET_VARS = add_magic_quotes($HTTP_GET_VARS);
$HTTP_POST_VARS = add_magic_quotes($HTTP_POST_VARS);
$HTTP_COOKIE_VARS = add_magic_quotes($HTTP_COOKIE_VARS);
$_GET = add_magic_quotes($_GET);
$_POST = add_magic_quotes($_POST);
$_COOKIE = add_magic_quotes($_COOKIE);
}
$wpvarstoreset = array('action','item_ignored','item_deleted','item_approved');
for ($i=0; $i<count($wpvarstoreset); $i += 1) {
$wpvar = $wpvarstoreset[$i];
if (!isset($$wpvar)) {
if (empty($HTTP_POST_VARS["$wpvar"])) {
if (empty($HTTP_GET_VARS["$wpvar"])) {
if (empty($_POST["$wpvar"])) {
if (empty($_GET["$wpvar"])) {
$$wpvar = '';
} else {
$$wpvar = $HTTP_GET_VARS["$wpvar"];
$$wpvar = $_GET["$wpvar"];
}
} else {
$$wpvar = $HTTP_POST_VARS["$wpvar"];
$$wpvar = $_POST["$wpvar"];
}
}
}
$comment = array();
if (isset($HTTP_POST_VARS["comment"])) {
foreach ($HTTP_POST_VARS["comment"] as $k => $v) {
if (isset($_POST["comment"])) {
foreach ($_POST["comment"] as $k => $v) {
$comment[intval($k)] = $v;
}
}

14
wp-admin/options-discussion.php
View File

@ -14,23 +14,23 @@ function add_magic_quotes($array) {
}
if (!get_magic_quotes_gpc()) {
$HTTP_GET_VARS = add_magic_quotes($HTTP_GET_VARS);
$HTTP_POST_VARS = add_magic_quotes($HTTP_POST_VARS);
$HTTP_COOKIE_VARS = add_magic_quotes($HTTP_COOKIE_VARS);
$_GET = add_magic_quotes($_GET);
$_POST = add_magic_quotes($_POST);
$_COOKIE = add_magic_quotes($_COOKIE);
}
$wpvarstoreset = array('action','standalone', 'option_group_id');
for ($i=0; $i<count($wpvarstoreset); $i += 1) {
$wpvar = $wpvarstoreset[$i];
if (!isset($$wpvar)) {
if (empty($HTTP_POST_VARS["$wpvar"])) {
if (empty($HTTP_GET_VARS["$wpvar"])) {
if (empty($_POST["$wpvar"])) {
if (empty($_GET["$wpvar"])) {
$$wpvar = '';
} else {
$$wpvar = $HTTP_GET_VARS["$wpvar"];
$$wpvar = $_GET["$wpvar"];
}
} else {
$$wpvar = $HTTP_POST_VARS["$wpvar"];
$$wpvar = $_POST["$wpvar"];
}
}
}

14
wp-admin/options-general.php
View File

@ -13,23 +13,23 @@ function add_magic_quotes($array) {
}
if (!get_magic_quotes_gpc()) {
$HTTP_GET_VARS = add_magic_quotes($HTTP_GET_VARS);
$HTTP_POST_VARS = add_magic_quotes($HTTP_POST_VARS);
$HTTP_COOKIE_VARS = add_magic_quotes($HTTP_COOKIE_VARS);
$_GET = add_magic_quotes($_GET);
$_POST = add_magic_quotes($_POST);
$_COOKIE = add_magic_quotes($_COOKIE);
}
$wpvarstoreset = array('action','standalone', 'option_group_id');
for ($i=0; $i<count($wpvarstoreset); $i += 1) {
$wpvar = $wpvarstoreset[$i];
if (!isset($$wpvar)) {
if (empty($HTTP_POST_VARS["$wpvar"])) {
if (empty($HTTP_GET_VARS["$wpvar"])) {
if (empty($_POST["$wpvar"])) {
if (empty($_GET["$wpvar"])) {
$$wpvar = '';
} else {
$$wpvar = $HTTP_GET_VARS["$wpvar"];
$$wpvar = $_GET["$wpvar"];
}
} else {
$$wpvar = $HTTP_POST_VARS["$wpvar"];
$$wpvar = $_POST["$wpvar"];
}
}
}

14
wp-admin/options-misc.php
View File

@ -14,23 +14,23 @@ function add_magic_quotes($array) {
}
if (!get_magic_quotes_gpc()) {
$HTTP_GET_VARS = add_magic_quotes($HTTP_GET_VARS);
$HTTP_POST_VARS = add_magic_quotes($HTTP_POST_VARS);
$HTTP_COOKIE_VARS = add_magic_quotes($HTTP_COOKIE_VARS);
$_GET = add_magic_quotes($_GET);
$_POST = add_magic_quotes($_POST);
$_COOKIE = add_magic_quotes($_COOKIE);
}
$wpvarstoreset = array('action','standalone', 'option_group_id');
for ($i=0; $i<count($wpvarstoreset); $i += 1) {
$wpvar = $wpvarstoreset[$i];
if (!isset($$wpvar)) {
if (empty($HTTP_POST_VARS["$wpvar"])) {
if (empty($HTTP_GET_VARS["$wpvar"])) {
if (empty($_POST["$wpvar"])) {
if (empty($_GET["$wpvar"])) {
$$wpvar = '';
} else {
$$wpvar = $HTTP_GET_VARS["$wpvar"];
$$wpvar = $_GET["$wpvar"];
}
} else {
$$wpvar = $HTTP_POST_VARS["$wpvar"];
$$wpvar = $_POST["$wpvar"];
}
}
}

20
wp-admin/options-permalink.php
View File

@ -14,32 +14,32 @@ function add_magic_quotes($array) {
}
if (!get_magic_quotes_gpc()) {
$HTTP_GET_VARS = add_magic_quotes($HTTP_GET_VARS);
$HTTP_POST_VARS = add_magic_quotes($HTTP_POST_VARS);
$HTTP_COOKIE_VARS = add_magic_quotes($HTTP_COOKIE_VARS);
$_GET = add_magic_quotes($_GET);
$_POST = add_magic_quotes($_POST);
$_COOKIE = add_magic_quotes($_COOKIE);
}
$wpvarstoreset = array('action','standalone', 'option_group_id');
for ($i=0; $i<count($wpvarstoreset); $i += 1) {
$wpvar = $wpvarstoreset[$i];
if (!isset($$wpvar)) {
if (empty($HTTP_POST_VARS["$wpvar"])) {
if (empty($HTTP_GET_VARS["$wpvar"])) {
if (empty($_POST["$wpvar"])) {
if (empty($_GET["$wpvar"])) {
$$wpvar = '';
} else {
$$wpvar = $HTTP_GET_VARS["$wpvar"];
$$wpvar = $_GET["$wpvar"];
}
} else {
$$wpvar = $HTTP_POST_VARS["$wpvar"];
$$wpvar = $_POST["$wpvar"];
}
}
}
require_once('optionhandler.php');
if ($HTTP_POST_VARS['Submit'] == 'Update') {
update_option('permalink_structure', $HTTP_POST_VARS['permalink_structure']);
$permalink_structure = $HTTP_POST_VARS['permalink_structure'];
if ($_POST['Submit'] == 'Update') {
update_option('permalink_structure', $_POST['permalink_structure']);
$permalink_structure = $_POST['permalink_structure'];
} else {
$permalink_structure = get_settings('permalink_structure');
}

14
wp-admin/options-reading.php
View File

@ -14,23 +14,23 @@ function add_magic_quotes($array) {
}
if (!get_magic_quotes_gpc()) {
$HTTP_GET_VARS = add_magic_quotes($HTTP_GET_VARS);
$HTTP_POST_VARS = add_magic_quotes($HTTP_POST_VARS);
$HTTP_COOKIE_VARS = add_magic_quotes($HTTP_COOKIE_VARS);
$_GET = add_magic_quotes($_GET);
$_POST = add_magic_quotes($_POST);
$_COOKIE = add_magic_quotes($_COOKIE);
}
$wpvarstoreset = array('action','standalone', 'option_group_id');
for ($i=0; $i<count($wpvarstoreset); $i += 1) {
$wpvar = $wpvarstoreset[$i];
if (!isset($$wpvar)) {
if (empty($HTTP_POST_VARS["$wpvar"])) {
if (empty($HTTP_GET_VARS["$wpvar"])) {
if (empty($_POST["$wpvar"])) {
if (empty($_GET["$wpvar"])) {
$$wpvar = '';
} else {
$$wpvar = $HTTP_GET_VARS["$wpvar"];
$$wpvar = $_GET["$wpvar"];
}
} else {
$$wpvar = $HTTP_POST_VARS["$wpvar"];
$$wpvar = $_POST["$wpvar"];
}
}
}

14
wp-admin/options-writing.php
View File

@ -14,23 +14,23 @@ function add_magic_quotes($array) {
}
if (!get_magic_quotes_gpc()) {
$HTTP_GET_VARS = add_magic_quotes($HTTP_GET_VARS);
$HTTP_POST_VARS = add_magic_quotes($HTTP_POST_VARS);
$HTTP_COOKIE_VARS = add_magic_quotes($HTTP_COOKIE_VARS);
$_GET = add_magic_quotes($_GET);
$_POST = add_magic_quotes($_POST);
$_COOKIE = add_magic_quotes($_COOKIE);
}
$wpvarstoreset = array('action','standalone', 'option_group_id');
for ($i=0; $i<count($wpvarstoreset); $i += 1) {
$wpvar = $wpvarstoreset[$i];
if (!isset($$wpvar)) {
if (empty($HTTP_POST_VARS["$wpvar"])) {
if (empty($HTTP_GET_VARS["$wpvar"])) {
if (empty($_POST["$wpvar"])) {
if (empty($_GET["$wpvar"])) {
$$wpvar = '';
} else {
$$wpvar = $HTTP_GET_VARS["$wpvar"];
$$wpvar = $_GET["$wpvar"];
}
} else {
$$wpvar = $HTTP_POST_VARS["$wpvar"];
$$wpvar = $_POST["$wpvar"];
}
}
}

14
wp-admin/options.php
View File

@ -15,23 +15,23 @@ function add_magic_quotes($array) {
}
if (!get_magic_quotes_gpc()) {
$HTTP_GET_VARS = add_magic_quotes($HTTP_GET_VARS);
$HTTP_POST_VARS = add_magic_quotes($HTTP_POST_VARS);
$HTTP_COOKIE_VARS = add_magic_quotes($HTTP_COOKIE_VARS);
$_GET = add_magic_quotes($_GET);
$_POST = add_magic_quotes($_POST);
$_COOKIE = add_magic_quotes($_COOKIE);
}
$wpvarstoreset = array('action','standalone', 'option_group_id');
for ($i=0; $i<count($wpvarstoreset); $i += 1) {
$wpvar = $wpvarstoreset[$i];
if (!isset($$wpvar)) {
if (empty($HTTP_POST_VARS["$wpvar"])) {
if (empty($HTTP_GET_VARS["$wpvar"])) {
if (empty($_POST["$wpvar"])) {
if (empty($_GET["$wpvar"])) {
$$wpvar = '';
} else {
$$wpvar = $HTTP_GET_VARS["$wpvar"];
$$wpvar = $_GET["$wpvar"];
}
} else {
$$wpvar = $HTTP_POST_VARS["$wpvar"];
$$wpvar = $_POST["$wpvar"];
}
}
}

190
wp-admin/post.php
View File

@ -15,9 +15,9 @@ function add_magic_quotes($array) {
}
if (!get_magic_quotes_gpc()) {
$HTTP_GET_VARS = add_magic_quotes($HTTP_GET_VARS);
$HTTP_POST_VARS = add_magic_quotes($HTTP_POST_VARS);
$HTTP_COOKIE_VARS = add_magic_quotes($HTTP_COOKIE_VARS);
$_GET = add_magic_quotes($_GET);
$_POST = add_magic_quotes($_POST);
$_COOKIE = add_magic_quotes($_COOKIE);
}
$wpvarstoreset = array('action', 'safe_mode', 'withcomments', 'posts', 'poststart', 'postend', 'content', 'edited_post_title', 'comment_error', 'profile', 'trackback_url', 'excerpt', 'showcomments', 'commentstart', 'commentend', 'commentorder');
@ -25,14 +25,14 @@ $wpvarstoreset = array('action', 'safe_mode', 'withcomments', 'posts', 'poststar
for ($i=0; $i<count($wpvarstoreset); $i += 1) {
$wpvar = $wpvarstoreset[$i];
if (!isset($$wpvar)) {
if (empty($HTTP_POST_VARS["$wpvar"])) {
if (empty($HTTP_GET_VARS["$wpvar"])) {
if (empty($_POST["$wpvar"])) {
if (empty($_GET["$wpvar"])) {
$$wpvar = '';
} else {
$$wpvar = $HTTP_GET_VARS["$wpvar"];
$$wpvar = $_GET["$wpvar"];
}
} else {
$$wpvar = $HTTP_POST_VARS["$wpvar"];
$$wpvar = $_POST["$wpvar"];
}
}
}
@ -58,43 +58,43 @@ switch($action) {
$standalone = 1;
require_once('admin-header.php');
$post_pingback = intval($HTTP_POST_VARS['post_pingback']);
$content = balanceTags($HTTP_POST_VARS['content']);
$post_pingback = intval($_POST['post_pingback']);
$content = balanceTags($_POST['content']);
$content = format_to_post($content);
$excerpt = balanceTags($HTTP_POST_VARS['excerpt']);
$excerpt = balanceTags($_POST['excerpt']);
$excerpt = format_to_post($excerpt);
$post_title = addslashes($HTTP_POST_VARS['post_title']);
$post_categories = $HTTP_POST_VARS['post_category'];
$post_title = addslashes($_POST['post_title']);
$post_categories = $_POST['post_category'];
if(get_settings('use_geo_positions')) {
$latstr = $HTTP_POST_VARS['post_latf'];
$lonstr = $HTTP_POST_VARS['post_lonf'];
$latstr = $_POST['post_latf'];
$lonstr = $_POST['post_lonf'];
if((strlen($latstr) > 2) && (strlen($lonstr) > 2 ) ) {
$post_latf = floatval($HTTP_POST_VARS['post_latf']);
$post_lonf = floatval($HTTP_POST_VARS['post_lonf']);
$post_latf = floatval($_POST['post_latf']);
$post_lonf = floatval($_POST['post_lonf']);
}
}
$post_status = $HTTP_POST_VARS['post_status'];
$post_status = $_POST['post_status'];
if (empty($post_status)) $post_status = get_settings('default_post_status');
$comment_status = $HTTP_POST_VARS['comment_status'];
$comment_status = $_POST['comment_status'];
if (empty($comment_status)) $comment_status = get_settings('default_comment_status');
$ping_status = $HTTP_POST_VARS['ping_status'];
$ping_status = $_POST['ping_status'];
if (empty($ping_status)) $ping_status = get_settings('default_ping_status');
$post_password = addslashes(stripslashes($HTTP_POST_VARS['post_password']));
$post_password = addslashes(stripslashes($_POST['post_password']));
$post_name = sanitize_title($post_title);
$trackback = $HTTP_POST_VARS['trackback_url'];
$trackback = $_POST['trackback_url'];
// Format trackbacks
$trackback = preg_replace('|\s+|', '\n', $trackback);
if ($user_level == 0)
die (__('Cheatin&#8217; uh?'));
if (($user_level > 4) && (!empty($HTTP_POST_VARS['edit_date']))) {
$aa = $HTTP_POST_VARS['aa'];
$mm = $HTTP_POST_VARS['mm'];
$jj = $HTTP_POST_VARS['jj'];
$hh = $HTTP_POST_VARS['hh'];
$mn = $HTTP_POST_VARS['mn'];
$ss = $HTTP_POST_VARS['ss'];
if (($user_level > 4) && (!empty($_POST['edit_date']))) {
$aa = $_POST['aa'];
$mm = $_POST['mm'];
$jj = $_POST['jj'];
$hh = $_POST['hh'];
$mn = $_POST['mn'];
$ss = $_POST['ss'];
$jj = ($jj > 31) ? 31 : $jj;
$hh = ($hh > 23) ? $hh - 24 : $hh;
$mn = ($mn > 59) ? $mn - 60 : $mn;
@ -106,8 +106,8 @@ switch($action) {
$now_gmt = current_time('mysql', 1);
}
if (!empty($HTTP_POST_VARS['mode'])) {
switch($HTTP_POST_VARS['mode']) {
if (!empty($_POST['mode'])) {
switch($_POST['mode']) {
case 'bookmarklet':
$location = 'bookmarklet.php?a=b';
break;
@ -123,10 +123,10 @@ switch($action) {
}
// What to do based on which button they pressed
if ('' != $HTTP_POST_VARS['saveasdraft']) $post_status = 'draft';
if ('' != $HTTP_POST_VARS['saveasprivate']) $post_status = 'private';
if ('' != $HTTP_POST_VARS['publish']) $post_status = 'publish';
if ('' != $HTTP_POST_VARS['advanced']) $post_status = 'draft';
if ('' != $_POST['saveasdraft']) $post_status = 'draft';
if ('' != $_POST['saveasprivate']) $post_status = 'private';
if ('' != $_POST['publish']) $post_status = 'publish';
if ('' != $_POST['advanced']) $post_status = 'draft';
if((get_settings('use_geo_positions')) && (strlen($latstr) > 2) && (strlen($lonstr) > 2) ) {
@ -147,7 +147,7 @@ switch($action) {
$post_ID = $wpdb->get_var("SELECT ID FROM $tableposts ORDER BY ID DESC LIMIT 1");
if ('' != $HTTP_POST_VARS['advanced'])
if ('' != $_POST['advanced'])
$location = "post.php?action=edit&post=$post_ID";
@ -219,7 +219,7 @@ switch($action) {
$standalone = 0;
require_once('admin-header.php');
$post = $HTTP_GET_VARS['post'];
$post = $_GET['post'];
if ($user_level > 0) {
$postdata = get_postdata($post);
$authordata = get_userdata($postdata['Author_ID']);
@ -277,18 +277,18 @@ When you&#8217;re promoted, just reload this page and you&#8217;ll be able to bl
if (!isset($blog_ID)) {
$blog_ID = 1;
}
$post_ID = $HTTP_POST_VARS['post_ID'];
$post_categories = $HTTP_POST_VARS['post_category'];
$post_ID = $_POST['post_ID'];
$post_categories = $_POST['post_category'];
if (!$post_categories) $post_categories[] = 1;
$post_autobr = intval($HTTP_POST_VARS['post_autobr']);
$content = balanceTags($HTTP_POST_VARS['content']);
$post_autobr = intval($_POST['post_autobr']);
$content = balanceTags($_POST['content']);
$content = format_to_post($content);
$excerpt = balanceTags($HTTP_POST_VARS['excerpt']);
$excerpt = balanceTags($_POST['excerpt']);
$excerpt = format_to_post($excerpt);
$post_title = addslashes($HTTP_POST_VARS['post_title']);
$post_title = addslashes($_POST['post_title']);
if(get_settings('use_geo_positions')) {
$latf = floatval($HTTP_POST_VARS["post_latf"]);
$lonf = floatval($HTTP_POST_VARS["post_lonf"]);
$latf = floatval($_POST["post_latf"]);
$lonf = floatval($_POST["post_lonf"]);
$latlonaddition = "";
if( ($latf != null) && ($latf <= 90 ) && ($latf >= -90) && ($lonf != null) && ($lonf <= 360) && ($lonf >= -360) ) {
pingGeoUrl($post_ID);
@ -297,28 +297,28 @@ When you&#8217;re promoted, just reload this page and you&#8217;ll be able to bl
$latlonaddition = " post_lat=null, post_lon=null, ";
}
}
$prev_status = $HTTP_POST_VARS['prev_status'];
$post_status = $HTTP_POST_VARS['post_status'];
$comment_status = $HTTP_POST_VARS['comment_status'];
$prev_status = $_POST['prev_status'];
$post_status = $_POST['post_status'];
$comment_status = $_POST['comment_status'];
if (empty($comment_status)) $comment_status = get_settings('default_comment_status');
$ping_status = $HTTP_POST_VARS['ping_status'];
$ping_status = $_POST['ping_status'];
if (empty($ping_status)) $ping_status = get_settings('default_ping_status');
$post_password = addslashes($HTTP_POST_VARS['post_password']);
$post_password = addslashes($_POST['post_password']);
$post_name = sanitize_title($_POST['post_name']);
if (empty($post_name)) $post_name = sanitize_title($post_title);
$trackback = $HTTP_POST_VARS['trackback_url'];
$trackback = $_POST['trackback_url'];
// Format trackbacks
$trackback = preg_replace('|\s+|', '\n', $trackback);
if ('' != $HTTP_POST_VARS['publish']) $post_status = 'publish';
if ('' != $_POST['publish']) $post_status = 'publish';
if (($user_level > 4) && (!empty($HTTP_POST_VARS['edit_date']))) {
$aa = $HTTP_POST_VARS['aa'];
$mm = $HTTP_POST_VARS['mm'];
$jj = $HTTP_POST_VARS['jj'];
$hh = $HTTP_POST_VARS['hh'];
$mn = $HTTP_POST_VARS['mn'];
$ss = $HTTP_POST_VARS['ss'];
if (($user_level > 4) && (!empty($_POST['edit_date']))) {
$aa = $_POST['aa'];
$mm = $_POST['mm'];
$jj = $_POST['jj'];
$hh = $_POST['hh'];
$mn = $_POST['mn'];
$ss = $_POST['ss'];
$jj = ($jj > 31) ? 31 : $jj;
$hh = ($hh > 23) ? $hh - 24 : $hh;
$mn = ($mn > 59) ? $mn - 60 : $mn;
@ -399,8 +399,8 @@ When you&#8217;re promoted, just reload this page and you&#8217;ll be able to bl
add_meta($post_ID);
if ($HTTP_POST_VARS['save']) {
$location = $HTTP_SERVER_VARS['HTTP_REFERER'];
if ($_POST['save']) {
$location = $_SERVER['HTTP_REFERER'];
} else {
$location = 'post.php';
}
@ -416,7 +416,7 @@ When you&#8217;re promoted, just reload this page and you&#8217;ll be able to bl
if ($user_level == 0)
die ('Cheatin&#8217; uh?');
$post_id = intval($HTTP_GET_VARS['post']);
$post_id = intval($_GET['post']);
$postdata = get_postdata($post_id) or die(sprintf(__('Oops, no post with this ID. <a href="%s">Go back</a>!'), 'post.php'));
$authordata = get_userdata($postdata['Author_ID']);
@ -444,7 +444,7 @@ When you&#8217;re promoted, just reload this page and you&#8217;ll be able to bl
sleep($sleep_after_edit);
}
$sendback = $HTTP_SERVER_VARS['HTTP_REFERER'];
$sendback = $_SERVER['HTTP_REFERER'];
if (strstr($sendback, 'post.php')) $sendback = get_settings('siteurl') .'/wp-admin/post.php';
header ('Location: ' . $sendback);
do_action('delete_post', $post_ID);
@ -462,7 +462,7 @@ When you&#8217;re promoted, just reload this page and you&#8217;ll be able to bl
die (__('Cheatin&#8217; uh?'));
}
$comment = $HTTP_GET_VARS['comment'];
$comment = $_GET['comment'];
$commentdata = get_commentdata($comment, 1, true) or die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'javascript:history.go(-1)'));
$content = $commentdata['comment_content'];
$content = format_to_edit($content);
@ -479,8 +479,8 @@ When you&#8217;re promoted, just reload this page and you&#8217;ll be able to bl
if ($user_level == 0)
die (__('Cheatin&#8217; uh?'));
$comment = $HTTP_GET_VARS['comment'];
$p = $HTTP_GET_VARS['p'];
$comment = $_GET['comment'];
$p = $_GET['p'];
$commentdata = get_commentdata($comment, 1, true) or die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
echo "<div class=\"wrap\">\n";
@ -515,9 +515,9 @@ When you&#8217;re promoted, just reload this page and you&#8217;ll be able to bl
die (__('Cheatin&#8217; uh?'));
$comment = $HTTP_GET_VARS['comment'];
$p = $HTTP_GET_VARS['p'];
if (isset($HTTP_GET_VARS['noredir'])) {
$comment = $_GET['comment'];
$p = $_GET['p'];
if (isset($_GET['noredir'])) {
$noredir = true;
} else {
$noredir = false;
@ -533,8 +533,8 @@ When you&#8217;re promoted, just reload this page and you&#8217;ll be able to bl
wp_set_comment_status($comment, "delete");
do_action('delete_comment', $comment);
if (($HTTP_SERVER_VARS['HTTP_REFERER'] != "") && (false == $noredir)) {
header('Location: ' . $HTTP_SERVER_VARS['HTTP_REFERER']);
if (($_SERVER['HTTP_REFERER'] != "") && (false == $noredir)) {
header('Location: ' . $_SERVER['HTTP_REFERER']);
} else {
header('Location: '. get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments');
}
@ -549,9 +549,9 @@ When you&#8217;re promoted, just reload this page and you&#8217;ll be able to bl
if ($user_level == 0)
die (__('Cheatin&#8217; uh?'));
$comment = $HTTP_GET_VARS['comment'];
$p = $HTTP_GET_VARS['p'];
if (isset($HTTP_GET_VARS['noredir'])) {
$comment = $_GET['comment'];
$p = $_GET['p'];
if (isset($_GET['noredir'])) {
$noredir = true;
} else {
$noredir = false;
@ -561,8 +561,8 @@ When you&#8217;re promoted, just reload this page and you&#8217;ll be able to bl
wp_set_comment_status($comment, "hold");
if (($HTTP_SERVER_VARS['HTTP_REFERER'] != "") && (false == $noredir)) {
header('Location: ' . $HTTP_SERVER_VARS['HTTP_REFERER']);
if (($_SERVER['HTTP_REFERER'] != "") && (false == $noredir)) {
header('Location: ' . $_SERVER['HTTP_REFERER']);
} else {
header('Location: '. get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments');
}
@ -577,8 +577,8 @@ When you&#8217;re promoted, just reload this page and you&#8217;ll be able to bl
if ($user_level == 0)
die (__('Cheatin&#8217; uh?'));
$comment = $HTTP_GET_VARS['comment'];
$p = $HTTP_GET_VARS['p'];
$comment = $_GET['comment'];
$p = $_GET['p'];
$commentdata = get_commentdata($comment, 1, true) or die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
wp_set_comment_status($comment, "approve");
@ -606,9 +606,9 @@ When you&#8217;re promoted, just reload this page and you&#8217;ll be able to bl
if ($user_level == 0)
die (__('Cheatin&#8217; uh?'));
$comment = $HTTP_GET_VARS['comment'];
$p = $HTTP_GET_VARS['p'];
if (isset($HTTP_GET_VARS['noredir'])) {
$comment = $_GET['comment'];
$p = $_GET['p'];
if (isset($_GET['noredir'])) {
$noredir = true;
} else {
$noredir = false;
@ -621,8 +621,8 @@ When you&#8217;re promoted, just reload this page and you&#8217;ll be able to bl
}
if (($HTTP_SERVER_VARS['HTTP_REFERER'] != "") && (false == $noredir)) {
header('Location: ' . $HTTP_SERVER_VARS['HTTP_REFERER']);
if (($_SERVER['HTTP_REFERER'] != "") && (false == $noredir)) {
header('Location: ' . $_SERVER['HTTP_REFERER']);
} else {
header('Location: '. get_settings('siteurl') .'/wp-admin/edit.php?p='.$p.'&c=1#comments');
}
@ -637,22 +637,22 @@ When you&#8217;re promoted, just reload this page and you&#8217;ll be able to bl
if ($user_level == 0)
die (__('Cheatin&#8217; uh?'));
$comment_ID = $HTTP_POST_VARS['comment_ID'];
$comment_post_ID = $HTTP_POST_VARS['comment_post_ID'];
$newcomment_author = $HTTP_POST_VARS['newcomment_author'];
$newcomment_author_email = $HTTP_POST_VARS['newcomment_author_email'];
$newcomment_author_url = $HTTP_POST_VARS['newcomment_author_url'];
$comment_ID = $_POST['comment_ID'];
$comment_post_ID = $_POST['comment_post_ID'];
$newcomment_author = $_POST['newcomment_author'];
$newcomment_author_email = $_POST['newcomment_author_email'];
$newcomment_author_url = $_POST['newcomment_author_url'];
$newcomment_author = addslashes($newcomment_author);
$newcomment_author_email = addslashes($newcomment_author_email);
$newcomment_author_url = addslashes($newcomment_author_url);
if (($user_level > 4) && (!empty($HTTP_POST_VARS['edit_date']))) {
$aa = $HTTP_POST_VARS['aa'];
$mm = $HTTP_POST_VARS['mm'];
$jj = $HTTP_POST_VARS['jj'];
$hh = $HTTP_POST_VARS['hh'];
$mn = $HTTP_POST_VARS['mn'];
$ss = $HTTP_POST_VARS['ss'];
if (($user_level > 4) && (!empty($_POST['edit_date']))) {
$aa = $_POST['aa'];
$mm = $_POST['mm'];
$jj = $_POST['jj'];
$hh = $_POST['hh'];
$mn = $_POST['mn'];
$ss = $_POST['ss'];
$jj = ($jj > 31) ? 31 : $jj;
$hh = ($hh > 23) ? $hh - 24 : $hh;
$mn = ($mn > 59) ? $mn - 60 : $mn;
@ -673,7 +673,7 @@ When you&#8217;re promoted, just reload this page and you&#8217;ll be able to bl
WHERE comment_ID = $comment_ID"
);
$referredby = $HTTP_POST_VARS['referredby'];
$referredby = $_POST['referredby'];
if (!empty($referredby)) header('Location: ' . $referredby);
else header ("Location: edit.php?p=$comment_post_ID&c=1#comments");
do_action('edit_comment', $comment_ID);

58
wp-admin/profile.php
View File

@ -13,23 +13,23 @@ function add_magic_quotes($array) {
}
if (!get_magic_quotes_gpc()) {
$HTTP_GET_VARS = add_magic_quotes($HTTP_GET_VARS);
$HTTP_POST_VARS = add_magic_quotes($HTTP_POST_VARS);
$HTTP_COOKIE_VARS = add_magic_quotes($HTTP_COOKIE_VARS);
$_GET = add_magic_quotes($_GET);
$_POST = add_magic_quotes($_POST);
$_COOKIE = add_magic_quotes($_COOKIE);
}
$wpvarstoreset = array('action','standalone','redirect','profile','user');
for ($i=0; $i<count($wpvarstoreset); $i += 1) {
$wpvar = $wpvarstoreset[$i];
if (!isset($$wpvar)) {
if (empty($HTTP_POST_VARS["$wpvar"])) {
if (empty($HTTP_GET_VARS["$wpvar"])) {
if (empty($_POST["$wpvar"])) {
if (empty($_GET["$wpvar"])) {
$$wpvar = '';
} else {
$$wpvar = $HTTP_GET_VARS["$wpvar"];
$$wpvar = $_GET["$wpvar"];
}
} else {
$$wpvar = $HTTP_POST_VARS["$wpvar"];
$$wpvar = $_POST["$wpvar"];
}
}
}
@ -43,53 +43,53 @@ case 'update':
get_currentuserinfo();
/* checking the nickname has been typed */
if (empty($HTTP_POST_VARS["newuser_nickname"])) {
if (empty($_POST["newuser_nickname"])) {
die ("<strong>ERROR</strong>: please enter your nickname (can be the same as your login)");
return false;
}
/* if the ICQ UIN has been entered, check to see if it has only numbers */
if (!empty($HTTP_POST_VARS["newuser_icq"])) {
if ((ereg("^[0-9]+$",$HTTP_POST_VARS["newuser_icq"]))==false) {
if (!empty($_POST["newuser_icq"])) {
if ((ereg("^[0-9]+$",$_POST["newuser_icq"]))==false) {
die ("<strong>ERROR</strong>: your ICQ UIN can only be a number, no letters allowed");
return false;
}
}
/* checking e-mail address */
if (empty($HTTP_POST_VARS["newuser_email"])) {
if (empty($_POST["newuser_email"])) {
die ("<strong>ERROR</strong>: please type your e-mail address");
return false;
} else if (!is_email($HTTP_POST_VARS["newuser_email"])) {
} else if (!is_email($_POST["newuser_email"])) {
die ("<strong>ERROR</strong>: the email address isn't correct");
return false;
}
if ($HTTP_POST_VARS["pass1"] == "") {
if ($HTTP_POST_VARS["pass2"] != "")
if ($_POST["pass1"] == "") {
if ($_POST["pass2"] != "")
die ("<strong>ERROR</strong>: you typed your new password only once. Go back to type it twice.");
$updatepassword = "";
} else {
if ($HTTP_POST_VARS["pass2"] == "")
if ($_POST["pass2"] == "")
die ("<strong>ERROR</strong>: you typed your new password only once. Go back to type it twice.");
if ($HTTP_POST_VARS["pass1"] != $HTTP_POST_VARS["pass2"])
if ($_POST["pass1"] != $_POST["pass2"])
die ("<strong>ERROR</strong>: you typed two different passwords. Go back to correct that.");
$newuser_pass = $HTTP_POST_VARS["pass1"];
$newuser_pass = $_POST["pass1"];
$updatepassword = "user_pass=MD5('$newuser_pass'), ";
setcookie("wordpresspass_".$cookiehash,md5($newuser_pass),time()+31536000);
}
$newuser_firstname=addslashes(stripslashes($HTTP_POST_VARS['newuser_firstname']));
$newuser_lastname=addslashes(stripslashes($HTTP_POST_VARS['newuser_lastname']));
$newuser_nickname=addslashes(stripslashes($HTTP_POST_VARS['newuser_nickname']));
$newuser_icq=addslashes(stripslashes($HTTP_POST_VARS['newuser_icq']));
$newuser_aim=addslashes(stripslashes($HTTP_POST_VARS['newuser_aim']));
$newuser_msn=addslashes(stripslashes($HTTP_POST_VARS['newuser_msn']));
$newuser_yim=addslashes(stripslashes($HTTP_POST_VARS['newuser_yim']));
$newuser_email=addslashes(stripslashes($HTTP_POST_VARS['newuser_email']));
$newuser_url=addslashes(stripslashes($HTTP_POST_VARS['newuser_url']));
$newuser_idmode=addslashes(stripslashes($HTTP_POST_VARS['newuser_idmode']));
$user_description = addslashes(stripslashes($HTTP_POST_VARS['user_description']));
$newuser_firstname=addslashes(stripslashes($_POST['newuser_firstname']));
$newuser_lastname=addslashes(stripslashes($_POST['newuser_lastname']));
$newuser_nickname=addslashes(stripslashes($_POST['newuser_nickname']));
$newuser_icq=addslashes(stripslashes($_POST['newuser_icq']));
$newuser_aim=addslashes(stripslashes($_POST['newuser_aim']));
$newuser_msn=addslashes(stripslashes($_POST['newuser_msn']));
$newuser_yim=addslashes(stripslashes($_POST['newuser_yim']));
$newuser_email=addslashes(stripslashes($_POST['newuser_email']));
$newuser_url=addslashes(stripslashes($_POST['newuser_url']));
$newuser_idmode=addslashes(stripslashes($_POST['newuser_idmode']));
$user_description = addslashes(stripslashes($_POST['user_description']));
$query = "UPDATE $tableusers SET user_firstname='$newuser_firstname', $updatepassword user_lastname='$newuser_lastname', user_nickname='$newuser_nickname', user_icq='$newuser_icq', user_email='$newuser_email', user_url='$newuser_url', user_aim='$newuser_aim', user_msn='$newuser_msn', user_yim='$newuser_yim', user_idmode='$newuser_idmode', user_description = '$user_description' WHERE ID = $user_ID";
$result = $wpdb->query($query);
@ -103,7 +103,7 @@ case 'viewprofile':
$profiledata = get_userdata($user);
if ($HTTP_COOKIE_VARS['wordpressuser_'.$cookiehash] == $profiledata->user_login)
if ($_COOKIE['wordpressuser_'.$cookiehash] == $profiledata->user_login)
header ('Location: profile.php');
include_once('admin-header.php');

2
wp-admin/sidebar.php
View File

@ -11,7 +11,7 @@ if ($user_level == 0)
$time_difference = get_settings('time_difference');
if ('b' == $HTTP_GET_VARS['a']) {
if ('b' == $_GET['a']) {
?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

18
wp-admin/templates.php
View File

@ -29,23 +29,23 @@ function validate_file($file) {
}
if (!get_magic_quotes_gpc()) {
$HTTP_GET_VARS = add_magic_quotes($HTTP_GET_VARS);
$HTTP_POST_VARS = add_magic_quotes($HTTP_POST_VARS);
$HTTP_COOKIE_VARS = add_magic_quotes($HTTP_COOKIE_VARS);
$_GET = add_magic_quotes($_GET);
$_POST = add_magic_quotes($_POST);
$_COOKIE = add_magic_quotes($_COOKIE);
}
$wpvarstoreset = array('action','standalone','redirect','profile','error','warning','a','file');
for ($i=0; $i<count($wpvarstoreset); $i += 1) {
$wpvar = $wpvarstoreset[$i];
if (!isset($$wpvar)) {
if (empty($HTTP_POST_VARS["$wpvar"])) {
if (empty($HTTP_GET_VARS["$wpvar"])) {
if (empty($_POST["$wpvar"])) {
if (empty($_GET["$wpvar"])) {
$$wpvar = '';
} else {
$$wpvar = $HTTP_GET_VARS["$wpvar"];
$$wpvar = $_GET["$wpvar"];
}
} else {
$$wpvar = $HTTP_POST_VARS["$wpvar"];
$$wpvar = $_POST["$wpvar"];
}
}
}
@ -61,8 +61,8 @@ case 'update':
die('<p>You have do not have sufficient permissions to edit templates for this blog.</p>');
}
$newcontent = stripslashes($HTTP_POST_VARS['newcontent']);
$file = $HTTP_POST_VARS['file'];
$newcontent = stripslashes($_POST['newcontent']);
$file = $_POST['file'];
$file = validate_file($file);
$real_file = '../' . $file;
if (is_writeable($real_file)) {

2
wp-admin/upgrade.php
View File

@ -4,7 +4,7 @@ if (!file_exists('../wp-config.php')) die("There doesn't seem to be a wp-config.
require('../wp-config.php');
require('upgrade-functions.php');
$step = $HTTP_GET_VARS['step'];
$step = $_GET['step'];
if (!$step) $step = 0;
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

22
wp-admin/upload.php
View File

@ -11,7 +11,7 @@ if (!get_settings('use_fileupload')) //Checks if file upload is enabled in the c
$allowed_types = explode(' ', trim(strtolower(get_settings('fileupload_allowedtypes'))));
if ($HTTP_POST_VARS['submit']) {
if ($_POST['submit']) {
$action = 'upload';
} else {
$action = '';
@ -82,11 +82,11 @@ case 'upload':
//die();
$imgalt = (isset($HTTP_POST_VARS['imgalt'])) ? $HTTP_POST_VARS['imgalt'] : $imgalt;
$imgalt = (isset($_POST['imgalt'])) ? $_POST['imgalt'] : $imgalt;
$img1_name = (strlen($imgalt)) ? $HTTP_POST_VARS['imgalt'] : $HTTP_POST_FILES['img1']['name'];
$img1_type = (strlen($imgalt)) ? $HTTP_POST_VARS['img1_type'] : $HTTP_POST_FILES['img1']['type'];
$imgdesc = str_replace('"', '&amp;quot;', $HTTP_POST_VARS['imgdesc']);
$img1_name = (strlen($imgalt)) ? $_POST['imgalt'] : $HTTP_POST_FILES['img1']['name'];
$img1_type = (strlen($imgalt)) ? $_POST['img1_type'] : $HTTP_POST_FILES['img1']['type'];
$imgdesc = str_replace('"', '&amp;quot;', $_POST['imgdesc']);
$imgtype = explode(".",$img1_name);
$imgtype = strtolower($imgtype[count($imgtype)-1]);
@ -97,7 +97,7 @@ case 'upload':
if (strlen($imgalt)) {
$pathtofile = get_settings('fileupload_realpath')."/".$imgalt;
$img1 = $HTTP_POST_VARS['img1'];
$img1 = $_POST['img1'];
} else {
$pathtofile = get_settings('fileupload_realpath')."/".$img1_name;
$img1 = $HTTP_POST_FILES['img1']['tmp_name'];
@ -181,15 +181,15 @@ die();
or die("Couldn't Upload Your File to $pathtofile.");
}
if($HTTP_POST_VARS['thumbsize'] != 'none' ) {
if($HTTP_POST_VARS['thumbsize'] == 'small') {
if($_POST['thumbsize'] != 'none' ) {
if($_POST['thumbsize'] == 'small') {
$max_side = 200;
}
elseif($HTTP_POST_VARS['thumbsize'] == 'large') {
elseif($_POST['thumbsize'] == 'large') {
$max_side = 400;
}
elseif($HTTP_POST_VARS['thumbsize'] == 'custom') {
$max_side = $HTTP_POST_VARS['imgthumbsizecustom'];
elseif($_POST['thumbsize'] == 'custom') {
$max_side = $_POST['imgthumbsizecustom'];
}
$result = wp_create_thumbnail($pathtofile, $max_side, NULL);

28
wp-admin/users.php
View File

@ -6,14 +6,14 @@ $wpvarstoreset = array('action','standalone','redirect','profile');
for ($i=0; $i<count($wpvarstoreset); $i += 1) {
$wpvar = $wpvarstoreset[$i];
if (!isset($$wpvar)) {
if (empty($HTTP_POST_VARS["$wpvar"])) {
if (empty($HTTP_GET_VARS["$wpvar"])) {
if (empty($_POST["$wpvar"])) {
if (empty($_GET["$wpvar"])) {
$$wpvar = '';
} else {
$$wpvar = $HTTP_GET_VARS["$wpvar"];
$$wpvar = $_GET["$wpvar"];
}
} else {
$$wpvar = $HTTP_POST_VARS["$wpvar"];
$$wpvar = $_POST["$wpvar"];
}
}
}
@ -26,12 +26,12 @@ case 'adduser':
return ereg('^[a-zA-Z0-9\_-\|]+$',$value);
}
$user_login = $HTTP_POST_VARS['user_login'];
$pass1 = $HTTP_POST_VARS['pass1'];
$pass2 = $HTTP_POST_VARS['pass2'];
$user_email = $HTTP_POST_VARS['email'];
$user_firstname = $HTTP_POST_VARS['firstname'];
$user_lastname = $HTTP_POST_VARS['lastname'];
$user_login = $_POST['user_login'];
$pass1 = $_POST['pass1'];
$pass2 = $_POST['pass2'];
$user_email = $_POST['email'];
$user_firstname = $_POST['firstname'];
$user_lastname = $_POST['lastname'];
/* checking login has been typed */
if ($user_login == '') {
@ -98,12 +98,12 @@ case 'promote':
$standalone = 1;
require_once('admin-header.php');
if (empty($HTTP_GET_VARS['prom'])) {
if (empty($_GET['prom'])) {
header('Location: users.php');
}
$id = $HTTP_GET_VARS['id'];
$prom = $HTTP_GET_VARS['prom'];
$id = $_GET['id'];
$prom = $_GET['prom'];
$user_data = get_userdata($id);
$usertopromote_level = $user_data->user_level;
@ -130,7 +130,7 @@ case 'delete':
$standalone = 1;
require_once('admin-header.php');
$id = intval($HTTP_GET_VARS['id']);
$id = intval($_GET['id']);
if (!$id) {
header('Location: users.php');

14
wp-blog-header.php
View File

@ -1,7 +1,5 @@
<?php
$use_cache = 1; // No reason not to
/* Including config and functions files */
$curpath = dirname(__FILE__).'/';
@ -22,7 +20,7 @@ if (! empty($_SERVER['PATH_INFO'])) {
if (! empty($rewrite)) {
// Get the name of the file requesting path info.
$req_uri = $HTTP_SERVER_VARS['REQUEST_URI'];
$req_uri = $_SERVER['REQUEST_URI'];
$req_uri = str_replace($pathinfo, '', $req_uri);
$req_uri = preg_replace("!/+$!", '', $req_uri);
$req_uri = explode('/', $req_uri);
@ -57,16 +55,16 @@ $wpvarstoreset = array('m','p','posts','w', 'cat','withcomments','s','search','e
for ($i=0; $i<count($wpvarstoreset); $i += 1) {
$wpvar = $wpvarstoreset[$i];
if (!isset($$wpvar)) {
if (empty($HTTP_POST_VARS[$wpvar])) {
if (empty($HTTP_GET_VARS[$wpvar]) && empty($path_info[$wpvar])) {
if (empty($_POST[$wpvar])) {
if (empty($_GET[$wpvar]) && empty($path_info[$wpvar])) {
$$wpvar = '';
} elseif (!empty($HTTP_GET_VARS[$wpvar])) {
$$wpvar = $HTTP_GET_VARS[$wpvar];
} elseif (!empty($_GET[$wpvar])) {
$$wpvar = $_GET[$wpvar];
} else {
$$wpvar = $path_info[$wpvar];
}
} else {
$$wpvar = $HTTP_POST_VARS[$wpvar];
$$wpvar = $_POST[$wpvar];
}
}
}

8
wp-comments-popup.php
View File

@ -31,12 +31,12 @@ foreach ($posts as $post) { start_wp();
<?php
// this line is WordPress' motor, do not delete it.
$comment_author = (isset($HTTP_COOKIE_VARS['comment_author_'.$cookiehash])) ? trim($HTTP_COOKIE_VARS['comment_author_'.$cookiehash]) : '';
$comment_author_email = (isset($HTTP_COOKIE_VARS['comment_author_email_'.$cookiehash])) ? trim($HTTP_COOKIE_VARS['comment_author_email_'.$cookiehash]) : '';
$comment_author_url = (isset($HTTP_COOKIE_VARS['comment_author_url_'.$cookiehash])) ? trim($HTTP_COOKIE_VARS['comment_author_url_'.$cookiehash]) : '';
$comment_author = (isset($_COOKIE['comment_author_'.$cookiehash])) ? trim($_COOKIE['comment_author_'.$cookiehash]) : '';
$comment_author_email = (isset($_COOKIE['comment_author_email_'.$cookiehash])) ? trim($_COOKIE['comment_author_email_'.$cookiehash]) : '';
$comment_author_url = (isset($_COOKIE['comment_author_url_'.$cookiehash])) ? trim($_COOKIE['comment_author_url_'.$cookiehash]) : '';
$comments = $wpdb->get_results("SELECT * FROM $tablecomments WHERE comment_post_ID = $id AND comment_approved = '1' ORDER BY comment_date");
$commentstatus = $wpdb->get_row("SELECT comment_status, post_password FROM $tableposts WHERE ID = $id");
if (!empty($commentstatus->post_password) && $HTTP_COOKIE_VARS['wp-postpass_'.$cookiehash] != $commentstatus->post_password) { // and it doesn't match the cookie
if (!empty($commentstatus->post_password) && $_COOKIE['wp-postpass_'.$cookiehash] != $commentstatus->post_password) { // and it doesn't match the cookie
echo(get_the_password_form());
} else { ?>

20
wp-comments-post.php
View File

@ -13,26 +13,26 @@ function add_magic_quotes($array) {
}
if (!get_magic_quotes_gpc()) {
$HTTP_GET_VARS = add_magic_quotes($HTTP_GET_VARS);
$HTTP_POST_VARS = add_magic_quotes($HTTP_POST_VARS);
$HTTP_COOKIE_VARS = add_magic_quotes($HTTP_COOKIE_VARS);
$_GET = add_magic_quotes($_GET);
$_POST = add_magic_quotes($_POST);
$_COOKIE = add_magic_quotes($_COOKIE);
}
$author = trim(strip_tags($HTTP_POST_VARS['author']));
$author = trim(strip_tags($_POST['author']));
$email = trim(strip_tags($HTTP_POST_VARS['email']));
$email = trim(strip_tags($_POST['email']));
if (strlen($email) < 6)
$email = '';
$url = trim(strip_tags($HTTP_POST_VARS['url']));
$url = trim(strip_tags($_POST['url']));
$url = ((!stristr($url, '://')) && ($url != '')) ? 'http://'.$url : $url;
if (strlen($url) < 7)
$url = '';
$comment = trim($HTTP_POST_VARS['comment']);
$comment = trim($_POST['comment']);
$original_comment = $comment;
$comment_post_ID = intval($HTTP_POST_VARS['comment_post_ID']);
$user_ip = $HTTP_SERVER_VARS['REMOTE_ADDR'];
$comment_post_ID = intval($_POST['comment_post_ID']);
$user_ip = $_SERVER['REMOTE_ADDR'];
$user_domain = gethostbyaddr($user_ip);
$commentstatus = $wpdb->get_var("SELECT comment_status FROM $tableposts WHERE ID = $comment_post_ID");
@ -116,7 +116,7 @@ if ($ok) { // if there was no comment from this IP in the last 10 seconds
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-cache, must-revalidate');
header('Pragma: no-cache');
$location = (empty($HTTP_POST_VARS['redirect_to'])) ? $HTTP_SERVER_VARS["HTTP_REFERER"] : $HTTP_POST_VARS['redirect_to'];
$location = (empty($_POST['redirect_to'])) ? $_SERVER["HTTP_REFERER"] : $_POST['redirect_to'];
if ($is_IIS) {
header("Refresh: 0;url=$location");
} else {

8
wp-comments-reply.php
View File

@ -25,15 +25,15 @@ require ('wp-blog-header.php');
if (($withcomments) or ($single)) {
if (!empty($post->post_password)) { // if there's a password
if ($HTTP_COOKIE_VARS['wp-postpass_'.$cookiehash] != $post->post_password) { // and it doesn't match the cookie
if ($_COOKIE['wp-postpass_'.$cookiehash] != $post->post_password) { // and it doesn't match the cookie
echo("<p>Enter your password to view comments.<p>");
return;
}
}
$comment_author = (isset($HTTP_COOKIE_VARS['comment_author_'.$cookiehash])) ? trim($HTTP_COOKIE_VARS['comment_author_'.$cookiehash]) : '';
$comment_author_email = (isset($HTTP_COOKIE_VARS['comment_author_email_'.$cookiehash])) ? trim($HTTP_COOKIE_VARS['comment_author_email_'.$cookiehash]) : '';
$comment_author_url = (isset($HTTP_COOKIE_VARS['comment_author_url_'.$cookiehash])) ? trim($HTTP_COOKIE_VARS['comment_author_url_'.$cookiehash]) : '';
$comment_author = (isset($_COOKIE['comment_author_'.$cookiehash])) ? trim($_COOKIE['comment_author_'.$cookiehash]) : '';
$comment_author_email = (isset($_COOKIE['comment_author_email_'.$cookiehash])) ? trim($_COOKIE['comment_author_email_'.$cookiehash]) : '';
$comment_author_url = (isset($_COOKIE['comment_author_url_'.$cookiehash])) ? trim($_COOKIE['comment_author_url_'.$cookiehash]) : '';
$comments = $wpdb->get_results("SELECT * FROM $tablecomments WHERE comment_post_ID = '$id' AND comment_approved = '1' AND comment_ID = '$comment_reply_ID' ORDER BY comment_date");
?>

10
wp-comments.php
View File

@ -1,10 +1,10 @@
<?php // Do not delete these lines
if ('wp-comments.php' == basename($HTTP_SERVER_VARS['SCRIPT_FILENAME']))
if ('wp-comments.php' == basename($_SERVER['SCRIPT_FILENAME']))
die ('Please do not load this page directly. Thanks!');
if (($withcomments) or ($single)) {
if (!empty($post->post_password)) { // if there's a password
if ($HTTP_COOKIE_VARS['wp-postpass_'.$cookiehash] != $post->post_password) { // and it doesn't match the cookie
if ($_COOKIE['wp-postpass_'.$cookiehash] != $post->post_password) { // and it doesn't match the cookie
?>
<p><?php e_("Enter your password to view comments."); ?><p>
<?php
@ -12,9 +12,9 @@
}
}
$comment_author = (isset($HTTP_COOKIE_VARS['comment_author_'.$cookiehash])) ? trim($HTTP_COOKIE_VARS['comment_author_'.$cookiehash]) : '';
$comment_author_email = (isset($HTTP_COOKIE_VARS['comment_author_email_'.$cookiehash])) ? trim($HTTP_COOKIE_VARS['comment_author_email_'.$cookiehash]) : '';
$comment_author_url = (isset($HTTP_COOKIE_VARS['comment_author_url_'.$cookiehash])) ? trim($HTTP_COOKIE_VARS['comment_author_url_'.$cookiehash]) : '';
$comment_author = (isset($_COOKIE['comment_author_'.$cookiehash])) ? trim($_COOKIE['comment_author_'.$cookiehash]) : '';
$comment_author_email = (isset($_COOKIE['comment_author_email_'.$cookiehash])) ? trim($_COOKIE['comment_author_email_'.$cookiehash]) : '';
$comment_author_url = (isset($_COOKIE['comment_author_url_'.$cookiehash])) ? trim($_COOKIE['comment_author_url_'.$cookiehash]) : '';
$comments = $wpdb->get_results("SELECT * FROM $tablecomments WHERE comment_post_ID = '$id' AND comment_approved = '1' ORDER BY comment_date");
?>

2
wp-commentsrss2.php
View File

@ -51,7 +51,7 @@ foreach ($posts as $post) { start_wp();
<pubDate><?php comment_time('r'); ?></pubDate>
<guid isPermaLink="false"><?php comment_ID(); echo ":".$comment->comment_post_ID; ?>@<?php bloginfo_rss("url") ?></guid>
<?php
if (!empty($comment->post_password) && $HTTP_COOKIE_VARS['wp-postpass'] != $comment->post_password) {
if (!empty($comment->post_password) && $_COOKIE['wp-postpass'] != $comment->post_password) {
?>
<description>Protected Comments: Please enter your password to view comments.</description>
<content:encoded><![CDATA[<?php echo get_the_password_form() ?>]]></content:encoded>

4
wp-content/plugins/hello.php
View File

@ -2,9 +2,9 @@
/*
Plugin Name: Hello Dolly
Plugin URI: http://wordpress.org/#
Description: This is not just a plugin, it symbolizes the hope and enthusiasm of an entire generation summed up in two words sung most famously by Louis Armstrong. Hello, Dolly. This is, by the way, the world's first official WordPress plugin. Wish it did something useful.
Description: This is not just a plugin, it symbolizes the hope and enthusiasm of an entire generation summed up in two words sung most famously by Louis Armstrong. Hello, Dolly. This is, by the way, the world's first official WordPress plugin. When enabled you will randomly see a lyric from <cite>Hello, Dolly</cite> in the upper right of your admin screen.
Author: Matt Mullenweg
Author URI: http://photomatt.net
Author URI: http://photomatt.net/
*/
function hello_dolly() {

52
wp-includes/functions.php
View File

@ -98,11 +98,11 @@ function get_weekstartend($mysqlstring, $start_of_week) {
}
function get_lastpostdate($timezone = 'server') {
global $tableposts, $cache_lastpostdate, $use_cache, $pagenow, $wpdb;
global $tableposts, $cache_lastpostdate, $pagenow, $wpdb;
$add_seconds_blog = get_settings('gmt_offset') * 3600;
$add_seconds_server = date('Z');
$now = current_time('mysql', 1);
if ((!isset($cache_lastpostdate[$timezone])) OR (!$use_cache)) {
if ( !isset($cache_lastpostdate[$timezone]) ) {
switch(strtolower($timezone)) {
case 'gmt':
$lastpostdate = $wpdb->get_var("SELECT post_date_gmt FROM $tableposts WHERE post_date_gmt <= '$now' AND post_status = 'publish' ORDER BY post_date_gmt DESC LIMIT 1");
@ -122,11 +122,11 @@ function get_lastpostdate($timezone = 'server') {
}
function get_lastpostmodified($timezone = 'server') {
global $tableposts, $cache_lastpostmodified, $use_cache, $pagenow, $wpdb;
global $tableposts, $cache_lastpostmodified, $pagenow, $wpdb;
$add_seconds_blog = get_settings('gmt_offset') * 3600;
$add_seconds_server = date('Z');
$now = current_time('mysql', 1);
if ((!isset($cache_lastpostmodified[$timezone])) OR (!$use_cache)) {
if ( !isset($cache_lastpostmodified[$timezone]) ) {
switch(strtolower($timezone)) {
case 'gmt':
$lastpostmodified = $wpdb->get_var("SELECT post_modified_gmt FROM $tableposts WHERE post_modified_gmt <= '$now' AND post_status = 'publish' ORDER BY post_modified_gmt DESC LIMIT 1");
@ -150,8 +150,8 @@ function get_lastpostmodified($timezone = 'server') {
}
function user_pass_ok($user_login,$user_pass) {
global $cache_userdata,$use_cache;
if ((empty($cache_userdata[$user_login])) OR (!$use_cache)) {
global $cache_userdata;
if ( empty($cache_userdata[$user_login]) ) {
$userdata = get_userdatabylogin($user_login);
} else {
$userdata = $cache_userdata[$user_login];
@ -173,8 +173,8 @@ function get_currentuserinfo() { // a bit like get_userdata(), on steroids
}
function get_userdata($userid) {
global $wpdb, $cache_userdata, $use_cache, $tableusers;
if ((empty($cache_userdata[$userid])) || (!$use_cache)) {
global $wpdb, $cache_userdata, $tableusers;
if ( empty($cache_userdata[$userid]) ) {
$user = $wpdb->get_row("SELECT * FROM $tableusers WHERE ID = '$userid'");
$user->user_nickname = stripslashes($user->user_nickname);
$user->user_firstname = stripslashes($user->user_firstname);
@ -190,8 +190,8 @@ function get_userdata($userid) {
}
function get_userdatabylogin($user_login) {
global $tableusers, $cache_userdata, $use_cache, $wpdb;
if ((empty($cache_userdata["$user_login"])) OR (!$use_cache)) {
global $tableusers, $cache_userdata, $wpdb;
if ( empty($cache_userdata["$user_login"]) ) {
$user = $wpdb->get_row("SELECT * FROM $tableusers WHERE user_login = '$user_login'");
$cache_userdata["$user_login"] = $user;
} else {
@ -201,8 +201,8 @@ function get_userdatabylogin($user_login) {
}
function get_userid($user_login) {
global $tableusers, $cache_userdata, $use_cache, $wpdb;
if ((empty($cache_userdata["$user_login"])) OR (!$use_cache)) {
global $tableusers, $cache_userdata, $wpdb;
if ( empty($cache_userdata["$user_login"]) ) {
$user_id = $wpdb->get_var("SELECT ID FROM $tableusers WHERE user_login = '$user_login'");
$cache_userdata["$user_login"] = $user_id;
@ -293,7 +293,7 @@ function url_to_postid($url = '') {
/* Options functions */
function get_settings($setting) {
global $wpdb, $cache_settings, $use_cache;
global $wpdb, $cache_settings;
if (strstr($_SERVER['REQUEST_URI'], 'install.php')) {
return false;
}
@ -301,7 +301,7 @@ function get_settings($setting) {
// until we switch to using 'gmt_offset' everywhere
$setting = str_replace('time_difference', 'gmt_offset', $setting);
if ((empty($cache_settings)) OR (!$use_cache)) {
if ( (empty($cache_settings)) ) {
$settings = get_alloptions();
$cache_settings = $settings;
} else {
@ -347,8 +347,7 @@ function add_option($name, $value='') {
$value = $wpdb->escape($value);
$wpdb->query("INSERT INTO $tableoptions (option_name, option_value) VALUES ('$name', '$value')");
global $use_cache;
if($wpdb->insert_id && $use_cache) {
if($wpdb->insert_id) {
global $cache_settings;
$cache_settings->{$name} = $value;
}
@ -412,8 +411,8 @@ function get_commentdata($comment_ID,$no_cache=0,$include_unapproved=false) { //
}
function get_catname($cat_ID) {
global $tablecategories,$cache_catnames,$use_cache, $wpdb;
if ((!$cache_catnames) || (!$use_cache)) {
global $tablecategories, $cache_catnames, $wpdb;
if ( !$cache_catnames) ) {
$results = $wpdb->get_results("SELECT * FROM $tablecategories") or die('Oops, couldn\'t query the db for categories.');
foreach ($results as $post) {
$cache_catnames[$post->cat_ID] = $post->cat_name;
@ -474,7 +473,7 @@ function gzip_compression() {
ob_start("ob_gzhandler");
}
} else if($phpver > "4.0") {
if(strstr($HTTP_SERVER_VARS['HTTP_ACCEPT_ENCODING'], 'gzip')) {
if(strstr($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip')) {
if(extension_loaded("zlib")) {
$do_gzip_compress = TRUE;
ob_start();
@ -1002,7 +1001,7 @@ function wp_notify_postauthor($comment_id, $comment_type='comment') {
$notify_message .= get_permalink($comment->comment_post_ID) . '#comments';
if ('' == $comment->comment_author_email || '' == $comment->comment_author) {
$from = "From: \"$blogname\" <wordpress@" . $HTTP_SERVER_VARS['SERVER_NAME'] . '>';
$from = "From: \"$blogname\" <wordpress@" . $_SERVER['SERVER_NAME'] . '>';
} else {
$from = 'From: "' . stripslashes($comment->comment_author) . "\" <$comment->comment_author_email>";
}
@ -1061,19 +1060,18 @@ function start_wp() {
global $post, $id, $postdata, $authordata, $day, $preview, $page, $pages, $multipage, $more, $numpages;
global $preview_userid,$preview_date,$preview_content,$preview_title,$preview_category,$preview_notify,$preview_make_clickable,$preview_autobr;
global $pagenow;
global $HTTP_GET_VARS;
if (!$preview) {
$id = $post->ID;
} else {
$id = 0;
$postdata = array (
'ID' => 0,
'Author_ID' => $HTTP_GET_VARS['preview_userid'],
'Date' => $HTTP_GET_VARS['preview_date'],
'Content' => $HTTP_GET_VARS['preview_content'],
'Excerpt' => $HTTP_GET_VARS['preview_excerpt'],
'Title' => $HTTP_GET_VARS['preview_title'],
'Category' => $HTTP_GET_VARS['preview_category'],
'Author_ID' => $_GET['preview_userid'],
'Date' => $_GET['preview_date'],
'Content' => $_GET['preview_content'],
'Excerpt' => $_GET['preview_excerpt'],
'Title' => $_GET['preview_title'],
'Category' => $_GET['preview_category'],
'Notify' => 1
);
}

4
wp-includes/template-functions-category.php
View File

@ -112,8 +112,8 @@ function the_category_rss($type = 'rss') {
}
function get_the_category_by_ID($cat_ID) {
global $tablecategories, $cache_categories, $use_cache, $wpdb;
if ((!$cache_categories[$cat_ID]) OR (!$use_cache)) {
global $tablecategories, $cache_categories, $wpdb;
if ( !$cache_categories[$cat_ID]) ) {
$cat_name = $wpdb->get_var("SELECT cat_name FROM $tablecategories WHERE cat_ID = '$cat_ID'");
$cache_categories[$cat_ID]->cat_name = $cat_name;
} else {

4
wp-includes/template-functions-comment.php
View File

@ -59,7 +59,7 @@ function comments_popup_script($width=400, $height=400, $file='wp-comments-popup
}
function comments_popup_link($zero='No Comments', $one='1 Comment', $more='% Comments', $CSSclass='', $none='Comments Off') {
global $id, $wpcommentspopupfile, $wpcommentsjavascript, $post, $wpdb, $tablecomments, $HTTP_COOKIE_VARS, $cookiehash;
global $id, $wpcommentspopupfile, $wpcommentsjavascript, $post, $wpdb, $tablecomments, $cookiehash;
global $querystring_start, $querystring_equal, $querystring_separator;
global $comment_count_cache, $single;
if (!$single) {
@ -73,7 +73,7 @@ function comments_popup_link($zero='No Comments', $one='1 Comment', $more='% Com
return;
} else {
if (!empty($post->post_password)) { // if there's a password
if ($HTTP_COOKIE_VARS['wp-postpass_'.$cookiehash] != $post->post_password) { // and it doesn't match the cookie
if ($_COOKIE['wp-postpass_'.$cookiehash] != $post->post_password) { // and it doesn't match the cookie
echo('Enter your password to view comments');
return;
}

6
wp-includes/template-functions-general.php
View File

@ -308,7 +308,7 @@ function get_archives($type='', $limit='', $format='html', $before = "", $after
}
function get_calendar($daylength = 1) {
global $wpdb, $HTTP_GET_VARS, $m, $monthnum, $year, $timedifference, $month, $weekday, $tableposts, $posts;
global $wpdb, $m, $monthnum, $year, $timedifference, $month, $weekday, $tableposts, $posts;
// Quick check. If we have no posts at all, abort!
if (!$posts) {
@ -317,8 +317,8 @@ function get_calendar($daylength = 1) {
return;
}
if (isset($HTTP_GET_VARS['w'])) {
$w = ''.intval($HTTP_GET_VARS['w']);
if (isset($_GET['w'])) {
$w = ''.intval($_GET['w']);
}
$time_difference = get_settings('time_difference');
$add_hours = intval($time_difference);

24
wp-includes/template-functions-post.php
View File

@ -98,7 +98,7 @@ function the_content_rss($more_link_text='(more...)', $stripteaser=0, $more_file
function get_the_content($more_link_text = '(more...)', $stripteaser = 0, $more_file = '') {
global $id, $post, $more, $single, $withcomments, $page, $pages, $multipage, $numpages;
global $HTTP_SERVER_VARS, $preview, $cookiehash;
global $preview, $cookiehash;
global $pagenow;
$output = '';
@ -112,7 +112,7 @@ function get_the_content($more_link_text = '(more...)', $stripteaser = 0, $more_
if ($more_file != '') {
$file = $more_file;
} else {
$file = $pagenow; //$HTTP_SERVER_VARS['PHP_SELF'];
$file = $pagenow; //$_SERVER['PHP_SELF'];
}
$content = $pages[$page-1];
$content = explode('<!--more-->', $content);
@ -343,16 +343,16 @@ function next_post($format='%', $next='next post: ', $title='yes', $in_same_cat=
}
function next_posts($max_page = 0) { // original by cfactor at cooltux.org
global $HTTP_SERVER_VARS, $p, $paged, $what_to_show, $pagenow;
global $p, $paged, $what_to_show, $pagenow;
global $querystring_start, $querystring_equal, $querystring_separator;
if (empty($p) && ($what_to_show == 'paged')) {
$qstr = $HTTP_SERVER_VARS['QUERY_STRING'];
$qstr = $_SERVER['QUERY_STRING'];
if (!empty($qstr)) {
$qstr = preg_replace('/&paged=\d{0,}/', '', $qstr);
$qstr = preg_replace('/paged=\d{0,}/', '', $qstr);
} elseif (stristr($HTTP_SERVER_VARS['REQUEST_URI'], $HTTP_SERVER_VARS['SCRIPT_NAME'] )) {
if ('' != $qstr = str_replace($HTTP_SERVER_VARS['SCRIPT_NAME'], '',
$HTTP_SERVER_VARS['REQUEST_URI']) ) {
} elseif (stristr($_SERVER['REQUEST_URI'], $_SERVER['SCRIPT_NAME'] )) {
if ('' != $qstr = str_replace($_SERVER['SCRIPT_NAME'], '',
$_SERVER['REQUEST_URI']) ) {
$qstr = preg_replace('/^\//', '', $qstr);
$qstr = preg_replace('/paged\/\d{0,}\//', '', $qstr);
$qstr = preg_replace('/paged\/\d{0,}/', '', $qstr);
@ -396,16 +396,16 @@ function next_posts_link($label='Next Page &raquo;', $max_page=0) {
function previous_posts() { // original by cfactor at cooltux.org
global $HTTP_SERVER_VARS, $p, $paged, $what_to_show, $pagenow;
global $_SERVER, $p, $paged, $what_to_show, $pagenow;
global $querystring_start, $querystring_equal, $querystring_separator;
if (empty($p) && ($what_to_show == 'paged')) {
$qstr = $HTTP_SERVER_VARS['QUERY_STRING'];
$qstr = $_SERVER['QUERY_STRING'];
if (!empty($qstr)) {
$qstr = preg_replace('/&paged=\d{0,}/', '', $qstr);
$qstr = preg_replace('/paged=\d{0,}/', '', $qstr);
} elseif (stristr($HTTP_SERVER_VARS['REQUEST_URI'], $HTTP_SERVER_VARS['SCRIPT_NAME'] )) {
if ('' != $qstr = str_replace($HTTP_SERVER_VARS['SCRIPT_NAME'], '',
$HTTP_SERVER_VARS['REQUEST_URI']) ) {
} elseif (stristr($_SERVER['REQUEST_URI'], $_SERVER['SCRIPT_NAME'] )) {
if ('' != $qstr = str_replace($_SERVER['SCRIPT_NAME'], '',
$_SERVER['REQUEST_URI']) ) {
$qstr = preg_replace('/^\//', '', $qstr);
$qstr = preg_replace("/paged\/\d{0,}\//", '', $qstr);
$qstr = preg_replace('/paged\/\d{0,}/', '', $qstr);

6
wp-includes/vars.php
View File

@ -103,7 +103,7 @@ if (($querystring_start == '/') && ($pagenow != 'post.php')) {
// Simple browser detection
$is_lynx = 0; $is_gecko = 0; $is_winIE = 0; $is_macIE = 0; $is_opera = 0; $is_NS4 = 0;
if (!isset($HTTP_USER_AGENT)) {
$HTTP_USER_AGENT = $HTTP_SERVER_VARS['HTTP_USER_AGENT'];
$HTTP_USER_AGENT = $_SERVER['HTTP_USER_AGENT'];
}
if (preg_match('/Lynx/', $HTTP_USER_AGENT)) {
$is_lynx = 1;
@ -151,8 +151,8 @@ $wp_gecko_correction['out'] = array(
);
// Server detection
$is_apache = strstr($HTTP_SERVER_VARS['SERVER_SOFTWARE'], 'Apache') ? 1 : 0;
$is_IIS = strstr($HTTP_SERVER_VARS['SERVER_SOFTWARE'], 'Microsoft-IIS') ? 1 : 0;
$is_apache = strstr($_SERVER['SERVER_SOFTWARE'], 'Apache') ? 1 : 0;
$is_IIS = strstr($_SERVER['SERVER_SOFTWARE'], 'Microsoft-IIS') ? 1 : 0;
// if the config file does not provide the smilies array, let's define it here
if (!isset($wpsmiliestrans)) {

2
wp-links-opml.php
View File

@ -4,7 +4,7 @@ $doing_rss = 1;
header('Content-type: text/xml', true);
require('wp-blog-header.php');
$link_cat = $HTTP_GET_VARS['link_cat'];
$link_cat = $_GET['link_cat'];
if ((empty($link_cat)) || ($link_cat == 'all') || ($link_cat == '0')) {
$sql_cat = '';
} else { // be safe

38
wp-login.php
View File

@ -15,9 +15,9 @@ if (!function_exists('add_magic_quotes')) {
}
if (!get_magic_quotes_gpc()) {
$HTTP_GET_VARS = add_magic_quotes($HTTP_GET_VARS);
$HTTP_POST_VARS = add_magic_quotes($HTTP_POST_VARS);
$HTTP_COOKIE_VARS = add_magic_quotes($HTTP_COOKIE_VARS);
$_GET = add_magic_quotes($_GET);
$_POST = add_magic_quotes($_POST);
$_COOKIE = add_magic_quotes($_COOKIE);
}
$wpvarstoreset = array('action','mode','error','text','popupurl','popuptitle');
@ -25,14 +25,14 @@ $wpvarstoreset = array('action','mode','error','text','popupurl','popuptitle');
for ($i = 0; $i < count($wpvarstoreset); $i = $i + 1) {
$wpvar = $wpvarstoreset[$i];
if (!isset($$wpvar)) {
if (empty($HTTP_POST_VARS["$wpvar"])) {
if (empty($HTTP_GET_VARS["$wpvar"])) {
if (empty($_POST["$wpvar"])) {
if (empty($_GET["$wpvar"])) {
$$wpvar = '';
} else {
$$wpvar = $HTTP_GET_VARS["$wpvar"];
$$wpvar = $_GET["$wpvar"];
}
} else {
$$wpvar = $HTTP_POST_VARS["$wpvar"];
$$wpvar = $_POST["$wpvar"];
}
}
}
@ -58,10 +58,10 @@ break;
case 'login':
if(!empty($HTTP_POST_VARS)) {
$log = $HTTP_POST_VARS['log'];
$pwd = $HTTP_POST_VARS['pwd'];
$redirect_to = $HTTP_POST_VARS['redirect_to'];
if(!empty($_POST)) {
$log = $_POST['log'];
$pwd = $_POST['pwd'];
$redirect_to = $_POST['redirect_to'];
}
$user = get_userdatabylogin($log);
@ -122,7 +122,7 @@ case 'login':
$user_pass = $pwd;
setcookie('wordpressuser_'.$cookiehash, $user_login, time()+31536000);
setcookie('wordpresspass_'.$cookiehash, md5($user_pass), time()+31536000);
if (empty($HTTP_COOKIE_VARS['wordpressblogid_'.$cookiehash])) {
if (empty($_COOKIE['wordpressblogid_'.$cookiehash])) {
setcookie('wordpressblogid_'.$cookiehash, 1,time()+31536000);
}
header('Expires: Wed, 11 Jan 1984 05:00:00 GMT');
@ -200,7 +200,7 @@ break;
case 'retrievepassword':
$user_login = $HTTP_POST_VARS["user_login"];
$user_login = $_POST["user_login"];
$user_data = get_userdatabylogin($user_login);
$user_email = $user_data->user_email;
@ -232,9 +232,9 @@ break;
default:
if((!empty($HTTP_COOKIE_VARS['wordpressuser_'.$cookiehash])) && (!empty($HTTP_COOKIE_VARS['wordpresspass_'.$cookiehash]))) {
$user_login = $HTTP_COOKIE_VARS['wordpressuser_'.$cookiehash];
$user_pass_md5 = $HTTP_COOKIE_VARS['wordpresspass_'.$cookiehash];
if((!empty($_COOKIE['wordpressuser_'.$cookiehash])) && (!empty($_COOKIE['wordpresspass_'.$cookiehash]))) {
$user_login = $_COOKIE['wordpressuser_'.$cookiehash];
$user_pass_md5 = $_COOKIE['wordpresspass_'.$cookiehash];
}
function checklogin() {
@ -250,7 +250,7 @@ default:
}
if ( !(checklogin()) ) {
if (!empty($HTTP_COOKIE_VARS['wordpressuser_'.$cookiehash])) {
if (!empty($_COOKIE['wordpressuser_'.$cookiehash])) {
$error="Error: wrong login/password"; //, or your session has expired.";
}
} else {
@ -298,8 +298,8 @@ if ($error) echo "<div align=\"right\" style=\"padding:4px;\"><font color=\"#FF0
<input type="hidden" name="popupurl" value="<?php echo $popupurl ?>" />
<input type="hidden" name="popuptitle" value="<?php echo $popuptitle ?>" />
<?php } ?>
<?php if (isset($HTTP_GET_VARS["redirect_to"])) { ?>
<input type="hidden" name="redirect_to" value="<?php echo $HTTP_GET_VARS["redirect_to"] ?>" />
<?php if (isset($_GET["redirect_to"])) { ?>
<input type="hidden" name="redirect_to" value="<?php echo $_GET["redirect_to"] ?>" />
<?php } else { ?>
<input type="hidden" name="redirect_to" value="wp-admin/" />
<?php } ?>

1
wp-mail.php
View File

@ -6,7 +6,6 @@ require_once(ABSPATH.WPINC.'/class-pop3.php');
timer_start();
$use_cache = 1;
$output_debugging_info = 0; # =1 if you want to output debugging info
$time_difference = get_settings('time_difference');

4
wp-pass.php
View File

@ -5,7 +5,7 @@
-- Matt
*/
require(dirname(__FILE__) . '/wp-config.php');
setcookie('wp-postpass_'.$cookiehash, $HTTP_POST_VARS['post_password'], time()+60*60*24*30);
header('Location: ' . $HTTP_SERVER_VARS['HTTP_REFERER']);
setcookie('wp-postpass_'.$cookiehash, $_POST['post_password'], time()+60*60*24*30);
header('Location: ' . $_SERVER['HTTP_REFERER']);
?>

28
wp-register.php
View File

@ -13,23 +13,23 @@ function add_magic_quotes($array) {
}
if (!get_magic_quotes_gpc()) {
$HTTP_GET_VARS = add_magic_quotes($HTTP_GET_VARS);
$HTTP_POST_VARS = add_magic_quotes($HTTP_POST_VARS);
$HTTP_COOKIE_VARS = add_magic_quotes($HTTP_COOKIE_VARS);
$_GET = add_magic_quotes($_GET);
$_POST = add_magic_quotes($_POST);
$_COOKIE = add_magic_quotes($_COOKIE);
}
$wpvarstoreset = array('action');
for ($i=0; $i<count($wpvarstoreset); $i += 1) {
$wpvar = $wpvarstoreset[$i];
if (!isset($$wpvar)) {
if (empty($HTTP_POST_VARS["$wpvar"])) {
if (empty($HTTP_GET_VARS["$wpvar"])) {
if (empty($_POST["$wpvar"])) {
if (empty($_GET["$wpvar"])) {
$$wpvar = '';
} else {
$$wpvar = $HTTP_GET_VARS["$wpvar"];
$$wpvar = $_GET["$wpvar"];
}
} else {
$$wpvar = $HTTP_POST_VARS["$wpvar"];
$$wpvar = $_POST["$wpvar"];
}
}
}
@ -46,10 +46,10 @@ case 'register':
return ereg('^[a-zA-Z0-9\_-\|]+$',$value);
}
$user_login = $HTTP_POST_VARS['user_login'];
$pass1 = $HTTP_POST_VARS['pass1'];
$pass2 = $HTTP_POST_VARS['pass2'];
$user_email = $HTTP_POST_VARS['user_email'];
$user_login = $_POST['user_login'];
$pass1 = $_POST['pass1'];
$pass2 = $_POST['pass2'];
$user_email = $_POST['user_email'];
/* checking login has been typed */
if ($user_login == '') {
@ -80,9 +80,9 @@ case 'register':
die ('<strong>ERROR</strong>: This login is already registered, please choose another one.');
}
$user_ip = $HTTP_SERVER_VARS['REMOTE_ADDR'] ;
$user_domain = gethostbyaddr($HTTP_SERVER_VARS['REMOTE_ADDR'] );
$user_browser = $HTTP_SERVER_VARS['HTTP_USER_AGENT'];
$user_ip = $_SERVER['REMOTE_ADDR'] ;
$user_domain = gethostbyaddr($_SERVER['REMOTE_ADDR'] );
$user_browser = $_SERVER['HTTP_USER_AGENT'];
$user_login = addslashes($user_login);
$pass1 = addslashes($pass1);

14
wp-trackback.php
View File

@ -3,12 +3,12 @@ require(dirname(__FILE__) . '/wp-config.php');
// trackback is done by a POST
$request_array = 'HTTP_POST_VARS';
$tb_id = explode('/', $HTTP_SERVER_VARS['REQUEST_URI']);
$tb_id = explode('/', $_SERVER['REQUEST_URI']);
$tb_id = intval($tb_id[count($tb_id)-1]);
$tb_url = $HTTP_POST_VARS['url'];
$title = $HTTP_POST_VARS['title'];
$excerpt = $HTTP_POST_VARS['excerpt'];
$blog_name = $HTTP_POST_VARS['blog_name'];
$tb_url = $_POST['url'];
$title = $_POST['title'];
$excerpt = $_POST['excerpt'];
$blog_name = $_POST['blog_name'];
require('wp-blog-header.php');
@ -21,7 +21,7 @@ if (empty($title) && empty($tb_url) && empty($blog_name)) {
header('Location: ' . get_permalink($tb_id));
}
if ((strlen(''.$tb_id)) && (empty($HTTP_GET_VARS['__mode'])) && (strlen(''.$tb_url))) {
if ((strlen(''.$tb_id)) && (empty($_GET['__mode'])) && (strlen(''.$tb_url))) {
@header('Content-Type: text/xml');
@ -49,7 +49,7 @@ if ((strlen(''.$tb_id)) && (empty($HTTP_GET_VARS['__mode'])) && (strlen(''.$tb_u
$original_comment = $comment;
$comment_post_ID = $tb_id;
$user_ip = $HTTP_SERVER_VARS['REMOTE_ADDR'];
$user_ip = $_SERVER['REMOTE_ADDR'];
$user_domain = gethostbyaddr($user_ip);
$time_difference = get_settings('time_difference');
$now = current_time('mysql');