<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" /><style type="text/css"><!--
#msg dl { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt;  }
#msg dl a { font-weight: bold}
#msg dl a:link    { color:#fc3; }
#msg dl a:active  { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fc0 solid; padding: 6px; }
#msg ul, pre { overflow: auto; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff  {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<title>[13106] trunk: Don't use deprecated functions.</title>
</head>
<body>

<div id="msg">
<dl>
<dt>Revision</dt> <dd><a href="http://trac.wordpress.org/changeset/13106">13106</a></dd>
<dt>Author</dt> <dd>nacin</dd>
<dt>Date</dt> <dd>2010-02-13 10:35:10 +0000 (Sat, 13 Feb 2010)</dd>
</dl>

<h3>Log Message</h3>
<pre>Don't use deprecated functions. see <a href="http://trac.wordpress.org/ticket/11388">#11388</a></pre>

<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkwpadminincludesbookmarkphp">trunk/wp-admin/includes/bookmark.php</a></li>
<li><a href="#trunkwpadminincludesmediaphp">trunk/wp-admin/includes/media.php</a></li>
<li><a href="#trunkwpadminincludesmsphp">trunk/wp-admin/includes/ms.php</a></li>
<li><a href="#trunkwpadminincludesthemephp">trunk/wp-admin/includes/theme.php</a></li>
<li><a href="#trunkwpadminincludesuserphp">trunk/wp-admin/includes/user.php</a></li>
<li><a href="#trunkwpadminmseditphp">trunk/wp-admin/ms-edit.php</a></li>
<li><a href="#trunkwpadminmsoptionsphp">trunk/wp-admin/ms-options.php</a></li>
<li><a href="#trunkwpadminmssitesphp">trunk/wp-admin/ms-sites.php</a></li>
<li><a href="#trunkwpadminmsthemesphp">trunk/wp-admin/ms-themes.php</a></li>
<li><a href="#trunkwpadminusereditphp">trunk/wp-admin/user-edit.php</a></li>
<li><a href="#trunkwpadminusernewphp">trunk/wp-admin/user-new.php</a></li>
<li><a href="#trunkwpincludesmsfunctionsphp">trunk/wp-includes/ms-functions.php</a></li>
<li><a href="#trunkwpsignupphp">trunk/wp-signup.php</a></li>
</ul>

</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkwpadminincludesbookmarkphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/includes/bookmark.php (13105 => 13106)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/includes/bookmark.php        2010-02-13 09:59:16 UTC (rev 13105)
+++ trunk/wp-admin/includes/bookmark.php        2010-02-13 10:35:10 UTC (rev 13106)
</span><span class="lines">@@ -246,7 +246,7 @@
</span><span class="cx"> function wp_update_link( $linkdata ) {
</span><span class="cx">         $link_id = (int) $linkdata['link_id'];
</span><span class="cx"> 
</span><del>-        $link = get_link( $link_id, ARRAY_A );
</del><ins>+        $link = get_bookmark( $link_id, ARRAY_A );
</ins><span class="cx"> 
</span><span class="cx">         // Escape data pulled from DB.
</span><span class="cx">         $link = add_magic_quotes( $link );
</span></span></pre></div>
<a id="trunkwpadminincludesmediaphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/includes/media.php (13105 => 13106)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/includes/media.php        2010-02-13 09:59:16 UTC (rev 13105)
+++ trunk/wp-admin/includes/media.php        2010-02-13 10:35:10 UTC (rev 13106)
</span><span class="lines">@@ -1146,7 +1146,7 @@
</span><span class="cx"> function get_media_item( $attachment_id, $args = null ) {
</span><span class="cx">         global $redir_tab;
</span><span class="cx"> 
</span><del>-        if ( ( $attachment_id = intval( $attachment_id ) ) &amp;&amp; $thumb_url = get_attachment_icon_src( $attachment_id ) )
</del><ins>+        if ( ( $attachment_id = intval( $attachment_id ) ) &amp;&amp; $thumb_url = wp_get_attachment_image_src( $attachment_id ) )
</ins><span class="cx">                 $thumb_url = $thumb_url[0];
</span><span class="cx">         else
</span><span class="cx">                 return false;
</span></span></pre></div>
<a id="trunkwpadminincludesmsphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/includes/ms.php (13105 => 13106)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/includes/ms.php        2010-02-13 09:59:16 UTC (rev 13105)
+++ trunk/wp-admin/includes/ms.php        2010-02-13 10:35:10 UTC (rev 13106)
</span><span class="lines">@@ -212,7 +212,7 @@
</span><span class="cx"> 
</span><span class="cx">                 if ( is_array( $blog_allowed_themes ) ) {
</span><span class="cx">                         foreach( (array) $themes as $key =&gt; $theme ) {
</span><del>-                                $theme_key = wp_specialchars( $theme[ 'Stylesheet' ] );
</del><ins>+                                $theme_key = esc_html( $theme[ 'Stylesheet' ] );
</ins><span class="cx">                                 if ( isset( $blog_allowed_themes[ $key ] ) == true ) {
</span><span class="cx">                                         $blog_allowedthemes[ $theme_key ] = 1;
</span><span class="cx">                                 }
</span><span class="lines">@@ -335,7 +335,7 @@
</span><span class="cx">                         $allowed_themes = array();
</span><span class="cx">                 } else {
</span><span class="cx">                         foreach( (array) $themes as $key =&gt; $theme ) {
</span><del>-                                $theme_key = wp_specialchars( $theme[ 'Stylesheet' ] );
</del><ins>+                                $theme_key = esc_html( $theme[ 'Stylesheet' ] );
</ins><span class="cx">                                 if ( isset( $allowed_themes[ $key ] ) == true ) {
</span><span class="cx">                                         $allowedthemes[ $theme_key ] = 1;
</span><span class="cx">                                 }
</span></span></pre></div>
<a id="trunkwpadminincludesthemephp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/includes/theme.php (13105 => 13106)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/includes/theme.php        2010-02-13 09:59:16 UTC (rev 13105)
+++ trunk/wp-admin/includes/theme.php        2010-02-13 10:35:10 UTC (rev 13106)
</span><span class="lines">@@ -142,12 +142,12 @@
</span><span class="cx">         if ( is_array( $blog_allowed_themes ) )
</span><span class="cx">                 $allowed_themes = array_merge( $allowed_themes, $blog_allowed_themes );
</span><span class="cx"> 
</span><del>-        if ( isset( $allowed_themes[ wp_specialchars( $ct-&gt;stylesheet ) ] ) == false )
-                $allowed_themes[ wp_specialchars( $ct-&gt;stylesheet ) ] = true;
</del><ins>+        if ( isset( $allowed_themes[ esc_html( $ct-&gt;stylesheet ) ] ) == false )
+                $allowed_themes[ esc_html( $ct-&gt;stylesheet ) ] = true;
</ins><span class="cx"> 
</span><span class="cx">         reset( $themes );
</span><span class="cx">         foreach ( $themes as $key =&gt; $theme ) {
</span><del>-                if ( isset( $allowed_themes[ wp_specialchars( $theme[ 'Stylesheet' ] ) ] ) == false )
</del><ins>+                if ( isset( $allowed_themes[ esc_html( $theme[ 'Stylesheet' ] ) ] ) == false )
</ins><span class="cx">                         unset( $themes[ $key ] );
</span><span class="cx">         }
</span><span class="cx">         reset( $themes );
</span></span></pre></div>
<a id="trunkwpadminincludesuserphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/includes/user.php (13105 => 13106)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/includes/user.php        2010-02-13 09:59:16 UTC (rev 13105)
+++ trunk/wp-admin/includes/user.php        2010-02-13 10:35:10 UTC (rev 13106)
</span><span class="lines">@@ -92,7 +92,7 @@
</span><span class="cx">                 if ( empty ( $_POST['url'] ) || $_POST['url'] == 'http://' ) {
</span><span class="cx">                         $user-&gt;user_url = '';
</span><span class="cx">                 } else {
</span><del>-                        $user-&gt;user_url = sanitize_url( $_POST['url'] );
</del><ins>+                        $user-&gt;user_url = esc_url_raw( $_POST['url'] );
</ins><span class="cx">                         $user-&gt;user_url = preg_match('/^(https?|ftps?|mailto|news|irc|gopher|nntp|feed|telnet):/is', $user-&gt;user_url) ? $user-&gt;user_url : 'http://'.$user-&gt;user_url;
</span><span class="cx">                 }
</span><span class="cx">         }
</span></span></pre></div>
<a id="trunkwpadminmseditphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/ms-edit.php (13105 => 13106)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/ms-edit.php        2010-02-13 09:59:16 UTC (rev 13105)
+++ trunk/wp-admin/ms-edit.php        2010-02-13 10:35:10 UTC (rev 13106)
</span><span class="lines">@@ -385,8 +385,8 @@
</span><span class="cx">                         $themes = get_themes();
</span><span class="cx">                         reset( $themes );
</span><span class="cx">                         foreach ( (array) $themes as $key =&gt; $theme ) {
</span><del>-                                if ( $_POST['theme'][ wp_specialchars( $theme['Stylesheet'] ) ] == 'enabled' )
-                                        $allowed_themes[ wp_specialchars( $theme['Stylesheet'] ) ] = true;
</del><ins>+                                if ( $_POST['theme'][ esc_html( $theme['Stylesheet'] ) ] == 'enabled' )
+                                        $allowed_themes[ esc_html( $theme['Stylesheet'] ) ] = true;
</ins><span class="cx">                         }
</span><span class="cx">                         update_site_option( 'allowedthemes', $allowed_themes );
</span><span class="cx">                 }
</span><span class="lines">@@ -413,12 +413,12 @@
</span><span class="cx">                         &lt;/head&gt;
</span><span class="cx">                         &lt;body id=&quot;error-page&quot;&gt;
</span><span class="cx">                                 &lt;h1 id=&quot;logo&quot;&gt;&lt;img alt=&quot;WordPress&quot; src=&quot;images/wordpress-logo.png&quot; /&gt;&lt;/h1&gt;
</span><del>-                                &lt;form action='ms-edit.php?action=&lt;?php echo wp_specialchars( $_GET[ 'action2' ] ) ?&gt;' method='post'&gt;
-                                        &lt;input type='hidden' name='action' value='&lt;?php echo wp_specialchars( $_GET['action2'] ) ?&gt;' /&gt;
-                                        &lt;input type='hidden' name='id' value='&lt;?php echo wp_specialchars( $id ); ?&gt;' /&gt;
</del><ins>+                                &lt;form action='ms-edit.php?action=&lt;?php echo esc_attr( $_GET[ 'action2' ] ) ?&gt;' method='post'&gt;
+                                        &lt;input type='hidden' name='action' value='&lt;?php echo esc_attr( $_GET['action2'] ) ?&gt;' /&gt;
+                                        &lt;input type='hidden' name='id' value='&lt;?php echo esc_attr( $id ); ?&gt;' /&gt;
</ins><span class="cx">                                         &lt;input type='hidden' name='ref' value='&lt;?php echo $referrer; ?&gt;' /&gt;
</span><span class="cx">                                         &lt;?php wp_nonce_field( $_GET['action2'] ) ?&gt;
</span><del>-                                        &lt;p&gt;&lt;?php echo wp_specialchars( stripslashes($_GET['msg']) ); ?&gt;&lt;/p&gt;
</del><ins>+                                        &lt;p&gt;&lt;?php echo esc_html( stripslashes($_GET['msg']) ); ?&gt;&lt;/p&gt;
</ins><span class="cx">                                         &lt;p class=&quot;submit&quot;&gt;&lt;input class=&quot;button&quot; type='submit' value='&lt;?php _e(&quot;Confirm&quot;); ?&gt;' /&gt;&lt;/p&gt;
</span><span class="cx">                                 &lt;/form&gt;
</span><span class="cx">                         &lt;/body&gt;
</span><span class="lines">@@ -499,7 +499,7 @@
</span><span class="cx">                         wp_die( __('Missing email.') );
</span><span class="cx"> 
</span><span class="cx">                 $password = wp_generate_password();
</span><del>-                $user_id = wpmu_create_user(wp_specialchars( strtolower( $user['username'] ) ), $password, wp_specialchars( $user['email'] ) );
</del><ins>+                $user_id = wpmu_create_user(wp_specialchars( strtolower( $user['username'] ) ), $password, esc_html( $user['email'] ) );
</ins><span class="cx"> 
</span><span class="cx">                 if ( false == $user_id )
</span><span class="cx">                          wp_die( __('Duplicated username or email address.') );
</span></span></pre></div>
<a id="trunkwpadminmsoptionsphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/ms-options.php (13105 => 13106)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/ms-options.php        2010-02-13 09:59:16 UTC (rev 13105)
+++ trunk/wp-admin/ms-options.php        2010-02-13 10:35:10 UTC (rev 13106)
</span><span class="lines">@@ -280,7 +280,7 @@
</span><span class="cx">                         $menu_perms = get_site_option( 'menu_items' );
</span><span class="cx">                         $menu_items = apply_filters( 'mu_menu_items', array('plugins' =&gt; __('Plugins')) );
</span><span class="cx">                         foreach ( (array) $menu_items as $key =&gt; $val ) {
</span><del>-                                echo &quot;&lt;tr&gt;&lt;th scope='row'&gt;&quot; . wp_specialchars($val) . &quot;&lt;/th&gt;&lt;td&gt;&lt;input type='checkbox' name='menu_items[&quot; . $key . &quot;]' value='1'&quot; . checked($menu_perms[$key], '1', false) . &quot; /&gt;&lt;/td&gt;&lt;/tr&gt;&quot;;
</del><ins>+                                echo &quot;&lt;tr&gt;&lt;th scope='row'&gt;&quot; . esc_html($val) . &quot;&lt;/th&gt;&lt;td&gt;&lt;input type='checkbox' name='menu_items[&quot; . $key . &quot;]' value='1'&quot; . checked($menu_perms[$key], '1', false) . &quot; /&gt;&lt;/td&gt;&lt;/tr&gt;&quot;;
</ins><span class="cx">                         }
</span><span class="cx">                         ?&gt;
</span><span class="cx">                 &lt;/table&gt;
</span></span></pre></div>
<a id="trunkwpadminmssitesphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/ms-sites.php (13105 => 13106)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/ms-sites.php        2010-02-13 09:59:16 UTC (rev 13105)
+++ trunk/wp-admin/ms-sites.php        2010-02-13 10:35:10 UTC (rev 13106)
</span><span class="lines">@@ -168,7 +168,7 @@
</span><span class="cx">                                                                 $disabled = '';
</span><span class="cx">                                                                 if ( is_serialized($option-&gt;option_value) ) {
</span><span class="cx">                                                                         if ( is_serialized_string($option-&gt;option_value) ) {
</span><del>-                                                                                $option-&gt;option_value = wp_specialchars(maybe_unserialize($option-&gt;option_value), 'single');
</del><ins>+                                                                                $option-&gt;option_value = esc_html(maybe_unserialize($option-&gt;option_value), 'single');
</ins><span class="cx">                                                                         } else {
</span><span class="cx">                                                                                 $option-&gt;option_value = &quot;SERIALIZED DATA&quot;;
</span><span class="cx">                                                                                 $disabled = ' disabled=&quot;disabled&quot;';
</span><span class="lines">@@ -210,7 +210,7 @@
</span><span class="cx">                                                 $allowed_themes = array_keys( $themes );
</span><span class="cx">                                         $out = '';
</span><span class="cx">                                         foreach ( $themes as $key =&gt; $theme ) {
</span><del>-                                                $theme_key = wp_specialchars( $theme['Stylesheet'] );
</del><ins>+                                                $theme_key = esc_html( $theme['Stylesheet'] );
</ins><span class="cx">                                                 if ( ! isset($allowed_themes[$theme_key] ) ) {
</span><span class="cx">                                                         $checked = ( isset($blog_allowed_themes[ $theme_key ]) ) ? 'checked=&quot;checked&quot;' : '';
</span><span class="cx">                                                         $out .= '&lt;tr class=&quot;form-field form-required&quot;&gt;
</span><span class="lines">@@ -253,7 +253,7 @@
</span><span class="cx">                                                                 &lt;td&gt;
</span><span class="cx">                                                                         &lt;select name=&quot;role[&lt;?php echo $val-&gt;user_id ?&gt;]&quot; id=&quot;new_role&quot;&gt;&lt;?php
</span><span class="cx">                                                                                 foreach ( $editblog_roles as $role =&gt; $role_assoc ){
</span><del>-                                                                                        $name = translate_with_context($role_assoc['name']);
</del><ins>+                                                                                        $name = translate_user_role($role_assoc['name']);
</ins><span class="cx">                                                                                         $selected = ( $role == $existing_role ) ? 'selected=&quot;selected&quot;' : '';
</span><span class="cx">                                                                                         echo &quot;&lt;option {$selected} value=\&quot;&quot; . esc_attr($role) . &quot;\&quot;&gt;{$name}&lt;/option&gt;&quot;;
</span><span class="cx">                                                                                 }
</span></span></pre></div>
<a id="trunkwpadminmsthemesphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/ms-themes.php (13105 => 13106)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/ms-themes.php        2010-02-13 09:59:16 UTC (rev 13105)
+++ trunk/wp-admin/ms-themes.php        2010-02-13 10:35:10 UTC (rev 13106)
</span><span class="lines">@@ -37,7 +37,7 @@
</span><span class="cx">                         $class = '';
</span><span class="cx">                         foreach ( (array) $themes as $key =&gt; $theme ) {
</span><span class="cx">                                 $total_theme_count++;
</span><del>-                                $theme_key = wp_specialchars($theme['Stylesheet']);
</del><ins>+                                $theme_key = esc_html($theme['Stylesheet']);
</ins><span class="cx">                                 $class = ('alt' == $class) ? '' : 'alt';
</span><span class="cx">                                 $class1 = $enabled = $disabled = '';
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkwpadminusereditphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/user-edit.php (13105 => 13106)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/user-edit.php        2010-02-13 09:59:16 UTC (rev 13105)
+++ trunk/wp-admin/user-edit.php        2010-02-13 10:35:10 UTC (rev 13106)
</span><span class="lines">@@ -70,7 +70,7 @@
</span><span class="cx">         $new_email = get_option( $current_user-&gt;ID . '_new_email' );
</span><span class="cx">         if ( $new_email[ 'hash' ] == $_GET[ 'newuseremail' ] ) {
</span><span class="cx">                 $user-&gt;ID = $current_user-&gt;ID;
</span><del>-                $user-&gt;user_email = wp_specialchars( trim( $new_email[ 'newemail' ] ) );
</del><ins>+                $user-&gt;user_email = esc_html( trim( $new_email[ 'newemail' ] ) );
</ins><span class="cx">                 if ( $wpdb-&gt;get_var( $wpdb-&gt;prepare( &quot;SELECT user_login FROM {$wpdb-&gt;signups} WHERE user_login = %s&quot;, $current_user-&gt;user_login ) ) )
</span><span class="cx">                         $wpdb-&gt;query( $wpdb-&gt;prepare( &quot;UPDATE {$wpdb-&gt;signups} SET user_email = %s WHERE user_login = %s&quot;, $user-&gt;user_email, $current_user-&gt;user_login ) );
</span><span class="cx">                 wp_update_user( get_object_vars( $user ) );
</span></span></pre></div>
<a id="trunkwpadminusernewphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/user-new.php (13105 => 13106)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/user-new.php        2010-02-13 09:59:16 UTC (rev 13105)
+++ trunk/wp-admin/user-new.php        2010-02-13 10:35:10 UTC (rev 13106)
</span><span class="lines">@@ -27,7 +27,7 @@
</span><span class="cx"> this email. This invitation will expire in a few days.
</span><span class="cx"> 
</span><span class="cx"> Please click the following link to activate your user account:
</span><del>-%%s&quot; ), get_bloginfo('name'), site_url(), wp_specialchars( $_REQUEST[ 'role' ] ) );
</del><ins>+%%s&quot; ), get_bloginfo('name'), site_url(), esc_html( $_REQUEST[ 'role' ] ) );
</ins><span class="cx">         }
</span><span class="cx">         add_filter( 'wpmu_signup_user_notification_email', 'admin_created_user_email' );
</span><span class="cx"> 
</span><span class="lines">@@ -55,7 +55,7 @@
</span><span class="cx">                 $user_details = $wpdb-&gt;get_row( $wpdb-&gt;prepare( &quot;SELECT * FROM {$wpdb-&gt;users} WHERE user_login = %s AND user_email = %s&quot;, $user_login, $_REQUEST[ 'email' ] ) );
</span><span class="cx">                 if ( $user_details ) {
</span><span class="cx">                         // Adding an existing user to this blog
</span><del>-                        $new_user_email = wp_specialchars(trim($_REQUEST['email']));
</del><ins>+                        $new_user_email = esc_html(trim($_REQUEST['email']));
</ins><span class="cx">                         $redirect = 'user-new.php';
</span><span class="cx">                         $username = $user_details-&gt;user_login;
</span><span class="cx">                         $user_id = $user_details-&gt;ID;
</span></span></pre></div>
<a id="trunkwpincludesmsfunctionsphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-includes/ms-functions.php (13105 => 13106)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-includes/ms-functions.php        2010-02-13 09:59:16 UTC (rev 13105)
+++ trunk/wp-includes/ms-functions.php        2010-02-13 10:35:10 UTC (rev 13106)
</span><span class="lines">@@ -867,7 +867,7 @@
</span><span class="cx">         $url = wpmu_admin_redirect_add_updated_param( $url );
</span><span class="cx">         if ( isset( $_GET['redirect'] ) ) {
</span><span class="cx">                 if ( substr( $_GET['redirect'], 0, 2 ) == 's_' )
</span><del>-                        $url .= &quot;&amp;action=blogs&amp;s=&quot;. wp_specialchars( substr( $_GET['redirect'], 2 ) );
</del><ins>+                        $url .= &quot;&amp;action=blogs&amp;s=&quot;. esc_html( substr( $_GET['redirect'], 2 ) );
</ins><span class="cx">         } elseif ( isset( $_POST['redirect'] ) ) {
</span><span class="cx">                 $url = wpmu_admin_redirect_add_updated_param( $_POST['redirect'] );
</span><span class="cx">         }
</span><span class="lines">@@ -1155,7 +1155,7 @@
</span><span class="cx">         $admin_email = get_site_option( &quot;admin_email&quot; );
</span><span class="cx">         if ( $admin_email == '' )
</span><span class="cx">                 $admin_email = 'support@' . $_SERVER['SERVER_NAME'];
</span><del>-        $from_name = get_site_option( &quot;site_name&quot; ) == '' ? 'WordPress' : wp_specialchars( get_site_option( &quot;site_name&quot; ) );
</del><ins>+        $from_name = get_site_option( &quot;site_name&quot; ) == '' ? 'WordPress' : esc_html( get_site_option( &quot;site_name&quot; ) );
</ins><span class="cx">         $message_headers = &quot;MIME-Version: 1.0\n&quot; . &quot;From: \&quot;{$from_name}\&quot; &lt;{$admin_email}&gt;\n&quot; . &quot;Content-Type: text/plain; charset=\&quot;&quot; . get_option('blog_charset') . &quot;\&quot;\n&quot;;
</span><span class="cx">         $message = sprintf( apply_filters( 'wpmu_signup_blog_notification_email', __( &quot;To activate your blog, please click the following link:\n\n%s\n\nAfter you activate, you will receive *another email* with your login.\n\nAfter you activate, you can visit your blog here:\n\n%s&quot; ) ), $activate_url, esc_url( &quot;http://{$domain}{$path}&quot; ), $key );
</span><span class="cx">         // TODO: Don't hard code activation link.
</span><span class="lines">@@ -1174,7 +1174,7 @@
</span><span class="cx">         $admin_email = get_site_option( &quot;admin_email&quot; );
</span><span class="cx">         if ( $admin_email == '' )
</span><span class="cx">                 $admin_email = 'support@' . $_SERVER['SERVER_NAME'];
</span><del>-        $from_name = get_site_option( &quot;site_name&quot; ) == '' ? 'WordPress' : wp_specialchars( get_site_option( &quot;site_name&quot; ) );
</del><ins>+        $from_name = get_site_option( &quot;site_name&quot; ) == '' ? 'WordPress' : esc_html( get_site_option( &quot;site_name&quot; ) );
</ins><span class="cx">         $message_headers = &quot;MIME-Version: 1.0\n&quot; . &quot;From: \&quot;{$from_name}\&quot; &lt;{$admin_email}&gt;\n&quot; . &quot;Content-Type: text/plain; charset=\&quot;&quot; . get_option('blog_charset') . &quot;\&quot;\n&quot;;
</span><span class="cx">         $message = sprintf( apply_filters( 'wpmu_signup_user_notification_email', __( &quot;To activate your user, please click the following link:\n\n%s\n\nAfter you activate, you will receive *another email* with your login.\n\n&quot; ) ), site_url( &quot;wp-activate.php?key=$key&quot; ), $key );
</span><span class="cx">         // TODO: Don't hard code activation link.
</span><span class="lines">@@ -1478,7 +1478,7 @@
</span><span class="cx">         if ( $admin_email == '' )
</span><span class="cx">                 $admin_email = 'support@' . $_SERVER['SERVER_NAME'];
</span><span class="cx"> 
</span><del>-        $from_name = get_site_option( &quot;site_name&quot; ) == '' ? 'WordPress' : wp_specialchars( get_site_option( &quot;site_name&quot; ) );
</del><ins>+        $from_name = get_site_option( &quot;site_name&quot; ) == '' ? 'WordPress' : esc_html( get_site_option( &quot;site_name&quot; ) );
</ins><span class="cx">         $message_headers = &quot;MIME-Version: 1.0\n&quot; . &quot;From: \&quot;{$from_name}\&quot; &lt;{$admin_email}&gt;\n&quot; . &quot;Content-Type: text/plain; charset=\&quot;&quot; . get_option('blog_charset') . &quot;\&quot;\n&quot;;
</span><span class="cx">         $message = $welcome_email;
</span><span class="cx"> 
</span><span class="lines">@@ -1511,7 +1511,7 @@
</span><span class="cx">         if ( $admin_email == '' )
</span><span class="cx">                 $admin_email = 'support@' . $_SERVER['SERVER_NAME'];
</span><span class="cx"> 
</span><del>-        $from_name = get_site_option( &quot;site_name&quot; ) == '' ? 'WordPress' : wp_specialchars( get_site_option( &quot;site_name&quot; ) );
</del><ins>+        $from_name = get_site_option( &quot;site_name&quot; ) == '' ? 'WordPress' : esc_html( get_site_option( &quot;site_name&quot; ) );
</ins><span class="cx">         $message_headers = &quot;MIME-Version: 1.0\n&quot; . &quot;From: \&quot;{$from_name}\&quot; &lt;{$admin_email}&gt;\n&quot; . &quot;Content-Type: text/plain; charset=\&quot;&quot; . get_option('blog_charset') . &quot;\&quot;\n&quot;;
</span><span class="cx">         $message = $welcome_email;
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkwpsignupphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-signup.php (13105 => 13106)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-signup.php        2010-02-13 09:59:16 UTC (rev 13105)
+++ trunk/wp-signup.php        2010-02-13 10:35:10 UTC (rev 13106)
</span><span class="lines">@@ -230,7 +230,7 @@
</span><span class="cx">         if ( !is_wp_error($errors) )
</span><span class="cx">                 $errors = new WP_Error();
</span><span class="cx">         if ( isset( $_POST[ 'signup_for' ] ) )
</span><del>-                $signup[ wp_specialchars( $_POST[ 'signup_for' ] ) ] = 'checked=&quot;checked&quot;';
</del><ins>+                $signup[ esc_html( $_POST[ 'signup_for' ] ) ] = 'checked=&quot;checked&quot;';
</ins><span class="cx">         else
</span><span class="cx">                 $signup[ 'blog' ] = 'checked=&quot;checked&quot;';
</span><span class="cx"> 
</span></span></pre>
</div>
</div>

</body>
</html>