diff --git a/wp-admin/install.php b/wp-admin/install.php index 0a1e528c0..11fdd3517 100644 --- a/wp-admin/install.php +++ b/wp-admin/install.php @@ -82,7 +82,7 @@ switch($step) {

diff --git a/wp-includes/author-template.php b/wp-includes/author-template.php index afdd39742..699319cc3 100644 --- a/wp-includes/author-template.php +++ b/wp-includes/author-template.php @@ -370,7 +370,7 @@ function wp_list_authors($args = '') { ); $r = wp_parse_args( $args, $defaults ); - extract($r); + extract($r, EXTR_SKIP); $return = ''; diff --git a/wp-includes/bookmark-template.php b/wp-includes/bookmark-template.php index a6bc3fd06..89817427a 100644 --- a/wp-includes/bookmark-template.php +++ b/wp-includes/bookmark-template.php @@ -25,7 +25,7 @@ function wp_get_links($args = '') { ); $r = wp_parse_args( $args, $defaults ); - extract( $r ); + extract( $r, EXTR_SKIP ); return get_links($category, $before, $after, $between, $show_images, $orderby, $show_description, $show_rating, $limit, $show_updated, $echo); } // end wp_get_links @@ -247,7 +247,7 @@ function _walk_bookmarks($bookmarks, $args = '' ) { ); $r = wp_parse_args( $args, $defaults ); - extract( $r ); + extract( $r, EXTR_SKIP ); foreach ( (array) $bookmarks as $bookmark ) { if ( !isset($bookmark->recently_updated) ) @@ -327,7 +327,7 @@ function wp_list_bookmarks($args = '') { ); $r = wp_parse_args( $args, $defaults ); - extract( $r ); + extract( $r, EXTR_SKIP ); $output = ''; diff --git a/wp-includes/bookmark.php b/wp-includes/bookmark.php index 4431ce06a..0162b8682 100644 --- a/wp-includes/bookmark.php +++ b/wp-includes/bookmark.php @@ -35,7 +35,7 @@ function get_bookmarks($args = '') { ); $r = wp_parse_args( $args, $defaults ); - extract( $r ); + extract( $r, EXTR_SKIP ); $key = md5( serialize( $r ) ); if ( $cache = wp_cache_get( 'get_bookmarks', 'bookmark' ) ) diff --git a/wp-includes/classes.php b/wp-includes/classes.php index e3ac636e1..03c3e0c86 100644 --- a/wp-includes/classes.php +++ b/wp-includes/classes.php @@ -506,7 +506,7 @@ class Walker_Page extends Walker { function start_el($output, $page, $depth, $current_page, $args) { if ( $depth ) $indent = str_repeat("\t", $depth); - extract($args); + extract($args, EXTR_SKIP); $css_class = 'page_item'; $_current_page = get_page( $current_page ); if ( $page->ID == $current_page ) @@ -694,7 +694,7 @@ class WP_Ajax_Response { ); $r = wp_parse_args( $args, $defaults ); - extract( $r ); + extract( $r, EXTR_SKIP ); if ( is_wp_error($id) ) { $data = $id; diff --git a/wp-includes/comment-template.php b/wp-includes/comment-template.php index d890bff8e..91417b1b1 100644 --- a/wp-includes/comment-template.php +++ b/wp-includes/comment-template.php @@ -285,7 +285,7 @@ function comments_template( $file = '/comments.php' ) { $req = get_option('require_name_email'); $commenter = wp_get_current_commenter(); - extract($commenter); + extract($commenter, EXTR_SKIP); // TODO: Use API instead of SELECTs. if ( $user_ID) { diff --git a/wp-includes/comment.php b/wp-includes/comment.php index 476d841fe..a3cfb5020 100644 --- a/wp-includes/comment.php +++ b/wp-includes/comment.php @@ -181,7 +181,7 @@ function sanitize_comment_cookies() { function wp_allow_comment($commentdata) { global $wpdb; - extract($commentdata); + extract($commentdata, EXTR_SKIP); // Simple duplicate check $dupe = "SELECT comment_ID FROM $wpdb->comments WHERE comment_post_ID = '$comment_post_ID' AND ( comment_author = '$comment_author' "; @@ -334,7 +334,7 @@ function wp_get_current_commenter() { function wp_insert_comment($commentdata) { global $wpdb; - extract($commentdata); + extract($commentdata, EXTR_SKIP); if ( ! isset($comment_author_IP) ) $comment_author_IP = preg_replace( '/[^0-9., ]/', '',$_SERVER['REMOTE_ADDR'] ); @@ -469,7 +469,7 @@ function wp_update_comment($commentarr) { $commentarr = wp_filter_comment( $commentarr ); // Now extract the merged array. - extract($commentarr); + extract($commentarr, EXTR_SKIP); $comment_content = apply_filters('comment_save_pre', $comment_content); @@ -531,7 +531,7 @@ function discover_pingback_server_uri($url, $timeout_bytes = 2048) { $x_pingback_str = 'x-pingback: '; $pingback_href_original_pos = 27; - extract(parse_url($url)); + extract(parse_url($url), EXTR_SKIP); if ( !isset($host) ) // Not an URL. This should never happen. return false; diff --git a/wp-includes/general-template.php b/wp-includes/general-template.php index 41e7bc276..1eaf14e33 100644 --- a/wp-includes/general-template.php +++ b/wp-includes/general-template.php @@ -330,7 +330,7 @@ function wp_get_archives($args = '') { ); $r = wp_parse_args( $args, $defaults ); - extract( $r ); + extract( $r, EXTR_SKIP ); if ( '' == $type ) $type = 'monthly'; diff --git a/wp-includes/pluggable.php b/wp-includes/pluggable.php index 30cd6649b..a8fd70707 100644 --- a/wp-includes/pluggable.php +++ b/wp-includes/pluggable.php @@ -168,7 +168,7 @@ function wp_mail( $to, $subject, $message, $headers = '' ) { } // Compact the input, apply the filters, and extract them back out - extract( apply_filters( 'wp_mail', compact( 'to', 'subject', 'message', 'headers' ) ) ); + extract( apply_filters( 'wp_mail', compact( 'to', 'subject', 'message', 'headers' ) ), EXTR_SKIP ); // Default headers if ( empty( $headers ) ) { diff --git a/wp-includes/post-template.php b/wp-includes/post-template.php index d96be9c07..2e1d1efd4 100644 --- a/wp-includes/post-template.php +++ b/wp-includes/post-template.php @@ -143,7 +143,7 @@ function wp_link_pages($args = '') { ); $r = wp_parse_args( $args, $defaults ); - extract( $r ); + extract( $r, EXTR_SKIP ); global $post, $id, $page, $numpages, $multipage, $more, $pagenow; if ( $more_file != '' ) @@ -256,7 +256,7 @@ function wp_dropdown_pages($args = '') { ); $r = wp_parse_args( $args, $defaults ); - extract( $r ); + extract( $r, EXTR_SKIP ); $pages = get_pages($r); $output = ''; @@ -287,7 +287,7 @@ function wp_list_pages($args = '') { ); $r = wp_parse_args( $args, $defaults ); - extract( $r ); + extract( $r, EXTR_SKIP ); $output = ''; $current_page = 0; diff --git a/wp-includes/post.php b/wp-includes/post.php index 0d1f41017..f143dc1c7 100644 --- a/wp-includes/post.php +++ b/wp-includes/post.php @@ -185,7 +185,7 @@ function get_posts($args) { ); $r = wp_parse_args( $args, $defaults ); - extract( $r ); + extract( $r, EXTR_SKIP ); $numberposts = (int) $numberposts; $offset = (int) $offset; @@ -495,7 +495,7 @@ function wp_insert_post($postarr = array()) { $postarr = get_object_vars($postarr); // export array as variables - extract($postarr); + extract($postarr, EXTR_SKIP); // Are we updating or creating? $update = false; @@ -863,7 +863,7 @@ function trackback_url_list($tb_list, $post_id) { $postdata = wp_get_single_post($post_id, ARRAY_A); // import postdata as variables - extract($postdata); + extract($postdata, EXTR_SKIP); // form an excerpt $excerpt = strip_tags($post_excerpt?$post_excerpt:$post_content); @@ -1050,7 +1050,7 @@ function &get_pages($args = '') { ); $r = wp_parse_args( $args, $defaults ); - extract( $r ); + extract( $r, EXTR_SKIP ); $key = md5( serialize( $r ) ); if ( $cache = wp_cache_get( 'get_pages', 'page' ) ) @@ -1204,7 +1204,7 @@ function wp_insert_attachment($object, $file = false, $post_parent = 0) { $object = get_object_vars($object); // Export array as variables - extract($object); + extract($object, EXTR_SKIP); // Get the basics. $post_content = apply_filters('content_save_pre', $post_content); diff --git a/wp-includes/registration.php b/wp-includes/registration.php index 1c2b58b6e..c0d62aea3 100644 --- a/wp-includes/registration.php +++ b/wp-includes/registration.php @@ -45,7 +45,7 @@ function validate_username( $username ) { function wp_insert_user($userdata) { global $wpdb; - extract($userdata); + extract($userdata, EXTR_SKIP); // Are we updating or creating? if ( !empty($ID) ) { diff --git a/wp-includes/taxonomy.php b/wp-includes/taxonomy.php index ea7135f83..9971cc409 100644 --- a/wp-includes/taxonomy.php +++ b/wp-includes/taxonomy.php @@ -44,7 +44,7 @@ function wp_count_terms( $taxonomy, $args = array() ) { $defaults = array('ignore_empty' => false); $args = wp_parse_args($args, $defaults); - extract($args); + extract($args, EXTR_SKIP); $where = ''; if ( $ignore_empty ) @@ -69,7 +69,7 @@ function wp_insert_term( $term, $taxonomy, $args = array() ) { $args = wp_parse_args($args, $defaults); $args['name'] = $term; $args = sanitize_term($args, $taxonomy, 'db'); - extract($args); + extract($args, EXTR_SKIP); if ( empty($slug) ) $slug = sanitize_title($name); @@ -153,7 +153,7 @@ function wp_delete_term( $term, $taxonomy, $args = array() ) { $defaults = array(); $args = wp_parse_args($args, $defaults); - extract($args); + extract($args, EXTR_SKIP); if ( isset($default) ) { $default = (int) $default; @@ -214,7 +214,7 @@ function wp_update_term( $term, $taxonomy, $args = array() ) { $defaults = array( 'alias_of' => '', 'description' => '', 'parent' => 0, 'slug' => ''); $args = wp_parse_args($args, $defaults); - extract($args); + extract($args, EXTR_SKIP); if ( empty($slug) ) $slug = sanitize_title($name); @@ -382,7 +382,7 @@ function get_objects_in_term( $terms, $taxonomies, $args = array() ) { $defaults = array('order' => 'ASC'); $args = wp_parse_args( $args, $defaults ); - extract($args); + extract($args, EXTR_SKIP); $terms = array_map('intval', $terms); @@ -427,7 +427,7 @@ function get_object_terms($object_ids, $taxonomies, $args = array()) { $defaults = array('orderby' => 'name', 'order' => 'ASC', 'fields' => 'all'); $args = wp_parse_args( $args, $defaults ); - extract($args); + extract($args, EXTR_SKIP); if ( 'count' == $orderby ) $orderby = 'tt.count'; @@ -489,7 +489,7 @@ function &get_terms($taxonomies, $args = '') { $args['hide_empty'] = 0; $args['hierarchical'] = false; } - extract($args); + extract($args, EXTR_SKIP); if ( $child_of ) { $hierarchy = _get_term_hierarchy($taxonomies[0]); diff --git a/wp-includes/user.php b/wp-includes/user.php index ab531952c..d81633129 100644 --- a/wp-includes/user.php +++ b/wp-includes/user.php @@ -192,7 +192,7 @@ function wp_dropdown_users( $args = '' ) { $defaults['selected'] = is_author() ? get_query_var( 'author' ) : 0; $r = wp_parse_args( $args, $defaults ); - extract( $r ); + extract( $r, EXTR_SKIP ); $query = "SELECT * FROM $wpdb->users"; diff --git a/wp-includes/widgets.php b/wp-includes/widgets.php index 78b201c54..976719942 100644 --- a/wp-includes/widgets.php +++ b/wp-includes/widgets.php @@ -389,7 +389,7 @@ function wp_widget_pages_control() { function wp_widget_links($args) { global $wp_db_version; - extract($args); + extract($args, EXTR_SKIP); if ( $wp_db_version < 3582 ) { // This ONLY works with li/h2 sidebars. get_links_list();