It has been a busy week again for WordPress 2.4, the changes this week were:
- Improvements and refactoring of the WXR importer including supporting zipped xml files (#5522).
- Changes to allow the salt used by WordPress in password generation and other areas to be overridden using a define ().
- Documentation for
comment-template.phpand file level phpdoc for some other files. (#4393, #5523, #5521, #5513, #5510, #5526, #5528, and #5527 ).
- Changes to
wp-mail.phpto escape the error messages when displaying them to avoid a possible XSS attack (#5484).
- Changes to ensure that the post password is only exposed by the xmlrpc method
metaWeblog.getRecentPoststo users with rights to edit a post (#5535).
- Changes to the information exposed the
wp.getAuthorsxmlrpc method to reduce the information exposed and add a capabilites check (#5534).
- Addition of extra capabilites checks to xmlrpc methods ().
- Addition of extra capabilites checks to APP server ().
- Changes to
validate_file()to improve its traversal attempt detection when running on windows ().
- Changes to the magic number detection for gettext file loading for better support of 64bit systems (#3780).
- Fixes to the tag extraction code so as to not strip ‘s’ from either end (#5539).
- Introduction of deprecated function and file use tracking functionality to allow for theme and plugin developers to easily identify what is deprecated. (#4361).
- Better documentation for
- Final deprecation of
- A change to avoid variable expansion in the invalid
$table_prefixerror message (#5546).
This week the list of changes is quite long event though a lot of time was spent on the preparation and testing of the recent WordPress 2.3.2 maintenance release for which you can read a detailed list of the changes here – don’t forget to upgrade!
You can read more about the support for theme and plugin developers to help identify what deprecated functions or files they might be using in this post – “Tracking deprecated functions”
For even more information on some of the other little changes that went in this week you can read the whole weekly trac timeline.