Index: wp-includes/version.php =================================================================== --- wp-includes/version.php (.../2.0.6) (revision 4797) +++ wp-includes/version.php (.../2.0.7) (revision 4797) @@ -2,7 +2,7 @@ // This just holds the version number, in a separate file so we can bump it without cluttering the SVN -$wp_version = '2.0.6'; +$wp_version = '2.0.7'; $wp_db_version = 3441; ?> Index: wp-includes/classes.php =================================================================== --- wp-includes/classes.php (.../2.0.6) (revision 4797) +++ wp-includes/classes.php (.../2.0.7) (revision 4797) @@ -1637,7 +1637,8 @@ @header("ETag: $wp_etag"); // Support for Conditional GET - if (isset($_SERVER['HTTP_IF_NONE_MATCH'])) $client_etag = stripslashes($_SERVER['HTTP_IF_NONE_MATCH']); + if (isset($_SERVER['HTTP_IF_NONE_MATCH'])) + $client_etag = stripslashes(stripslashes($_SERVER['HTTP_IF_NONE_MATCH'])); else $client_etag = false; $client_last_modified = trim( $_SERVER['HTTP_IF_MODIFIED_SINCE']); Index: wp-includes/functions.php =================================================================== --- wp-includes/functions.php (.../2.0.6) (revision 4797) +++ wp-includes/functions.php (.../2.0.7) (revision 4797) @@ -2228,10 +2228,10 @@ elseif ( 410 == $header ) $text = 'Gone'; - if ( substr(php_sapi_name(), 0, 3) == 'cgi' ) - @header("HTTP/1.1 $header $text"); - else - @header("Status: $header $text"); + if ( version_compare(phpversion(), '4.3.0', '>=') ) + @header("HTTP/1.1 $header $text", true, $header); + else + @header("HTTP/1.1 $header $text"); } function nocache_headers() { Index: wp-settings.php =================================================================== --- wp-settings.php (.../2.0.6) (revision 4797) +++ wp-settings.php (.../2.0.7) (revision 4797) @@ -12,8 +12,10 @@ $input = array_merge($_GET, $_POST, $_COOKIE, $_SERVER, $_ENV, $_FILES, isset($_SESSION) && is_array($_SESSION) ? $_SESSION : array()); foreach ( $input as $k => $v ) - if ( !in_array($k, $noUnset) && isset($GLOBALS[$k]) ) + if ( !in_array($k, $noUnset) && isset($GLOBALS[$k]) ) { + $GLOBALS[$k] = NULL; unset($GLOBALS[$k]); + } } unregister_GLOBALS(); Index: wp-admin/inline-uploading.php =================================================================== --- wp-admin/inline-uploading.php (.../2.0.6) (revision 4797) +++ wp-admin/inline-uploading.php (.../2.0.7) (revision 4797) @@ -431,7 +431,7 @@ function sendToEditor(n) { o = document.getElementById('div'+n); h = o.innerHTML.replace(new RegExp('^\\s*(.*?)\\s*$', ''), '$1'); // Trim - h = h.replace(new RegExp(' (class|title|width|height|id|onclick|onmousedown)=([^\'"][^ ]*)( |/|>)', 'g'), ' $1="$2"$3'); // Enclose attribs in quotes + h = h.replace(new RegExp(' (class|title|width|height|id|onclick|onmousedown)=([^\'"][^ ]*)(?=( |/|>))', 'g'), ' $1="$2"'); // Enclose attribs in quotes h = h.replace(new RegExp(' (width|height)=".*?"', 'g'), ''); // Drop size constraints h = h.replace(new RegExp(' on(click|mousedown)="[^"]*"', 'g'), ''); // Drop menu events h = h.replace(new RegExp('<(/?)A', 'g'), '<$1a'); // Lowercase tagnames Index: wp-admin/post.php =================================================================== --- wp-admin/post.php (.../2.0.6) (revision 4797) +++ wp-admin/post.php (.../2.0.7) (revision 4797) @@ -138,10 +138,13 @@ case 'delete': $post_id = (isset($_GET['post'])) ? intval($_GET['post']) : intval($_POST['post_ID']); - check_admin_referer('delete-post_' . $post_id); $post = & get_post($post_id); - + if ( 'static' == $post->post_status ) + check_admin_referer('delete-page_' . $post_id); + else + check_admin_referer('delete-post_' . $post_id); + if ( !current_user_can('edit_post', $post_id) ) die( __('You are not allowed to delete this post.') ); @@ -154,9 +157,12 @@ } $sendback = wp_get_referer(); - if (strstr($sendback, 'post.php')) $sendback = get_settings('siteurl') .'/wp-admin/post.php'; - elseif (strstr($sendback, 'attachments.php')) $sendback = get_settings('siteurl') .'/wp-admin/attachments.php'; - $sendback = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $sendback); + if ( 'static' == $post->post_status ) + $sendback = get_option('siteurl') . '/wp-admin/edit-pages.php'; + elseif ( strstr($sendback, 'post.php') ) + $sendback = get_option('siteurl') .'/wp-admin/post.php'; + elseif ( strstr($sendback, 'attachments.php') ) + $sendback = get_option('siteurl') .'/wp-admin/attachments.php'; wp_redirect($sendback); break;