framework/sage
Template
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' into grunt

Browse Source
This commit is contained in:
Ben Word
2013-02-08 09:59:45 -06:00
parent 6a361846e0 f9ff9f10ac
commit 9f5169fac4
14 changed files with 154 additions and 294 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
.editorconfig Normal file
View File

@@ -0,0 +1,11 @@
# editorconfig.org
root = true
[*]
indent_style = space
indent_size = 2
end_of_line = lf
charset = utf-8
trim_trailing_whitespace = true
insert_final_newline = true

9
404.php
View File

@@ -2,14 +2,13 @@
<div class="alert alert-block fade in">
<a class="close" data-dismiss="alert">&times;</a>
<p><?php _e('The page you are looking for might have been removed, had its name changed, or is temporarily unavailable.', 'roots'); ?></p>
<p><?php _e('Sorry, but the page you were trying to view does not exist.', 'roots'); ?></p>
</div>
<p><?php _e('Please try the following:', 'roots'); ?></p>
<p><?php _e('It looks like this was the result of either:', 'roots'); ?></p>
<ul>
<li><?php _e('Check your spelling', 'roots'); ?></li>
<li><?php printf(__('Return to the <a href="%s">home page</a>', 'roots'), home_url()); ?></li>
<li><?php _e('Click the <a href="javascript:history.back()">Back</a> button', 'roots'); ?></li>
<li><?php _e('a mistyped address', 'roots'); ?></li>
<li><?php _e('an out-of-date link', 'roots'); ?></li>
</ul>
<?php get_search_form(); ?>

16
CHANGELOG.md
View File

@@ -1,4 +1,20 @@
### HEAD
* Update to jQuery 1.9.1
* Output author title with `get_the_author()`
* Add EditorConfig
* Update 404 template based on H5BP
* Update H5BP's included .htaccess
* Don't show comments on passworded posts
* Add `do_action('get_header')` for WooSidebars compatibility
* Simplify entry meta
* Allow `get_search_form()` to be called more than once per request
* Move plugins.js and main.js to footer
* JavaScript clean up (everything is now enqueued)
* Remove conditional feed
* Introduce `add_theme_support('bootstrap-gallery')`
* Rewrites organization (introduce `lib/rewrites.php`)
* Fix `add_editor_style` path
* Updated translations: French, Bulgarian, Turkish, Korean
* Enable `add_theme_support` for Nice Search
* Replace ID's with classes
* Add support for dynamic sidebar templates

4
assets/js/vendor/jquery-1.9.0.min.js vendored
View File

File diff suppressed because one or more lines are too long

5
assets/js/vendor/jquery-1.9.1.min.js vendored Normal file
View File

File diff suppressed because one or more lines are too long

1
base.php
View File

@@ -4,6 +4,7 @@
<!--[if lt IE 7]><div class="alert">Your browser is <em>ancient!</em> <a href="http://browsehappy.com/">Upgrade to a different browser</a> or <a href="http://www.google.com/chromeframe/?redirect=true">install Google Chrome Frame</a> to experience this site.</div><![endif]-->
<?php
do_action('get_header');
// Use Bootstrap's navbar if enabled in config.php
if (current_theme_supports('bootstrap-top-navbar')) {
get_template_part('templates/header-top-navbar');

2
doc/lib.md
View File

@@ -87,7 +87,7 @@ If you're using LESS, make sure you compile the files to the proper locations:
JavaScript is loaded in the following order:
1. `jquery-1.9.0.min.js` via Google CDN with local fallback
1. `jquery-1.9.1.min.js` via Google CDN with local fallback
2. `/theme/assets/js/vendor/modernizr-2.6.2.min.js`
3. `/theme/assets/js/plugins.js` (in footer)
4. `/theme/assets/js/main.js` (in footer)

2
doc/usage.md
View File

@@ -28,7 +28,7 @@ A basic Roots theme initially looks like this:
│ ├── main.js
│ ├── plugins.js (includes bootstrap.js)
│ └── vendor
│ ├── jquery-1.9.0.min.js
│ ├── jquery-1.9.1.min.js
│ └── modernizr-2.6.2.min.js
├── doc
├── lang

6
lib/cleanup.php
View File

@@ -513,8 +513,10 @@ add_filter('request', 'roots_request_filter');
/**
* Tell WordPress to use searchform.php from the templates/ directory
*/
function roots_get_search_form() {
locate_template('/templates/searchform.php', true, true);
function roots_get_search_form($argument) {
if ($argument === '') {
locate_template('/templates/searchform.php', true, false);
}
}
add_filter('get_search_form', 'roots_get_search_form');

361
lib/h5bp-htaccess
View File

@@ -2,25 +2,28 @@
###
### This contains the HTML5 Boilerplate .htaccess that can be found at:
### github.com/h5bp/html5-boilerplate/blob/master/.htaccess
### https://github.com/h5bp/server-configs/blob/master/apache/.htaccess
###
### Added:
### Block access to access to WordPress files that reveal version information.
### Block access to access to WordPress files that reveal version information.
###
### Commented out by default:
### Expires headers: Use WP Super Cache or W3 Total Cache (unless using the H5BP build script)
### ETag removal: Use WP Super Cache or W3 Total Cache (unless using the H5BP build script)
### Start rewrite engine: Handled by WordPress
### Suppress/force www: Handled by WordPress
### Options -MultiViews: Causes a server 500 error on most shared hosts
### Custom 404 page: Handled by WordPress
### Removed:
### Expires headers: Use W3 Total Cache
### ETag removal: Use W3 Total Cache
### Start rewrite engine: Handled by WordPress
### Suppress/force www: Handled by WordPress
### Custom 404 page: Handled by WordPress
###
### Commmented out by default:
### Options -MultiViews: Causes a server 500 error on most shared hosts
###
### Anytime you update this file the .htaccess file in the root of your
### WordPress install is automatically updated with the changes whenever
### the permalinks are flushed or set
### the permalinks are flushed or set (see lib/htaccess.php)
###
# ----------------------------------------------------------------------
# Better website experience for IE users
# ----------------------------------------------------------------------
@@ -30,9 +33,9 @@
# Use ChromeFrame if it's installed for a better experience for the poor IE folk
<IfModule mod_headers.c>
Header set X-UA-Compatible "IE=Edge,chrome=1"
Header set X-UA-Compatible "IE=edge,chrome=1"
# mod_headers can't match by content-type, but we don't want to send this header on *everything*...
<FilesMatch "\.(js|css|gif|png|jpe?g|pdf|xml|oga|ogg|m4a|ogv|mp4|m4v|webm|svg|svgz|eot|ttf|otf|woff|ico|webp|appcache|manifest|htc|crx|oex|xpi|safariextz|vcf)$" >
<FilesMatch "\.(appcache|crx|css|eot|gif|htc|ico|jpe?g|js|m4a|m4v|manifest|mp4|oex|oga|ogg|ogv|otf|pdf|png|safariextz|svg|svgz|ttf|vcf|webm|webp|woff|xml|xpi)$">
Header unset X-UA-Compatible
</FilesMatch>
</IfModule>
@@ -64,7 +67,7 @@
<IfModule mod_setenvif.c>
<IfModule mod_headers.c>
# mod_headers, y u no match by Content-Type?!
<FilesMatch "\.(gif|png|jpe?g|svg|svgz|ico|webp)$">
<FilesMatch "\.(gif|ico|jpe?g|png|svg|svgz|webp)$">
SetEnvIf Origin ":" IS_CORS
Header set Access-Control-Allow-Origin "*" env=IS_CORS
</FilesMatch>
@@ -81,18 +84,16 @@
# subdomains like "subdomain.example.com".
<IfModule mod_headers.c>
<FilesMatch "\.(ttf|ttc|otf|eot|woff|font.css)$">
<FilesMatch "\.(eot|font.css|otf|ttc|ttf|woff)$">
Header set Access-Control-Allow-Origin "*"
</FilesMatch>
</IfModule>
# ----------------------------------------------------------------------
# Proper MIME type for all files
# ----------------------------------------------------------------------
# JavaScript
# Normalize to standard type (it's sniffed in IE anyways)
# tools.ietf.org/html/rfc4329#section-7.2
@@ -100,12 +101,12 @@ AddType application/javascript js jsonp
AddType application/json json
# Audio
AddType audio/ogg oga ogg
AddType audio/mp4 m4a f4a f4b
AddType audio/ogg oga ogg
# Video
AddType video/ogg ogv
AddType video/mp4 mp4 m4v f4v f4p
AddType video/ogg ogv
AddType video/webm webm
AddType video/x-flv flv
@@ -116,25 +117,25 @@ AddType image/svg+xml svg svgz
AddEncoding gzip svgz
# Webfonts
AddType application/font-woff woff
AddType application/vnd.ms-fontobject eot
AddType application/x-font-ttf ttf ttc
AddType font/opentype otf
AddType application/x-font-woff woff
# Assorted types
AddType image/x-icon ico
AddType image/webp webp
AddType text/cache-manifest appcache manifest
AddType text/x-component htc
AddType application/xml rss atom xml rdf
AddType application/octet-stream safariextz
AddType application/x-chrome-extension crx
AddType application/x-opera-extension oex
AddType application/x-xpinstall xpi
AddType application/octet-stream safariextz
AddType application/x-web-app-manifest+json webapp
AddType text/x-vcard vcf
AddType application/x-shockwave-flash swf
AddType application/x-web-app-manifest+json webapp
AddType application/x-xpinstall xpi
AddType application/xml rss atom xml rdf
AddType image/webp webp
AddType image/x-icon ico
AddType text/cache-manifest appcache manifest
AddType text/vtt vtt
AddType text/x-component htc
AddType text/x-vcard vcf
# ----------------------------------------------------------------------
@@ -142,20 +143,19 @@ AddType application/x-shockwave-flash swf
# ----------------------------------------------------------------------
# e.g. Inside of script.combined.js you could have
# <!--#include file="libs/jquery.min.js" -->
# <!--#include file="libs/jquery-1.5.0.min.js" -->
# <!--#include file="plugins/jquery.idletimer.js" -->
# and they would be included into this single file.
# This is not in use in the boilerplate as it stands. You may
# choose to name your files in this way for this advantage or
# concatenate and minify them manually.
# Disabled by default.
# choose to use this technique if you do not have a build process.
#<FilesMatch "\.combined\.js$">
# Options +Includes
# AddOutputFilterByType INCLUDES application/javascript application/json
# SetOutputFilter INCLUDES
#</FilesMatch>
#<FilesMatch "\.combined\.css$">
# Options +Includes
# AddOutputFilterByType INCLUDES text/css
@@ -177,139 +177,51 @@ AddType application/x-shockwave-flash swf
</IfModule>
</IfModule>
# HTML, TXT, CSS, JavaScript, JSON, XML, HTC:
<IfModule filter_module>
FilterDeclare COMPRESS
FilterProvider COMPRESS DEFLATE resp=Content-Type $text/html
FilterProvider COMPRESS DEFLATE resp=Content-Type $text/css
FilterProvider COMPRESS DEFLATE resp=Content-Type $text/plain
FilterProvider COMPRESS DEFLATE resp=Content-Type $text/xml
FilterProvider COMPRESS DEFLATE resp=Content-Type $text/x-component
FilterProvider COMPRESS DEFLATE resp=Content-Type $application/javascript
FilterProvider COMPRESS DEFLATE resp=Content-Type $application/json
FilterProvider COMPRESS DEFLATE resp=Content-Type $application/xml
FilterProvider COMPRESS DEFLATE resp=Content-Type $application/xhtml+xml
FilterProvider COMPRESS DEFLATE resp=Content-Type $application/rss+xml
FilterProvider COMPRESS DEFLATE resp=Content-Type $application/atom+xml
FilterProvider COMPRESS DEFLATE resp=Content-Type $application/vnd.ms-fontobject
FilterProvider COMPRESS DEFLATE resp=Content-Type $image/svg+xml
FilterProvider COMPRESS DEFLATE resp=Content-Type $image/x-icon
FilterProvider COMPRESS DEFLATE resp=Content-Type $application/x-font-ttf
FilterProvider COMPRESS DEFLATE resp=Content-Type $font/opentype
FilterChain COMPRESS
FilterProtocol COMPRESS DEFLATE change=yes;byteranges=no
</IfModule>
<IfModule !mod_filter.c>
# Legacy versions of Apache
AddOutputFilterByType DEFLATE text/html text/plain text/css application/json
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE text/xml application/xml text/x-component
AddOutputFilterByType DEFLATE application/xhtml+xml application/rss+xml application/atom+xml
AddOutputFilterByType DEFLATE image/x-icon image/svg+xml application/vnd.ms-fontobject application/x-font-ttf font/opentype
# Compress all output labeled with one of the following MIME-types
# (for Apache versions below 2.3.7, you don't need to enable `mod_filter`
# and can remove the `<IfModule mod_filter.c>` and `</IfModule>` lines as
# `AddOutputFilterByType` is still in the core directives)
<IfModule mod_filter.c>
AddOutputFilterByType DEFLATE application/atom+xml \
application/javascript \
application/json \
application/rss+xml \
application/vnd.ms-fontobject \
application/x-font-ttf \
application/xhtml+xml \
application/xml \
font/opentype \
image/svg+xml \
image/x-icon \
text/css \
text/html \
text/plain \
text/x-component \
text/xml
</IfModule>
</IfModule>
# ----------------------------------------------------------------------
# Expires headers (for better cache control)
# ----------------------------------------------------------------------
# These are pretty far-future expires headers.
# They assume you control versioning with filename-based cache busting
# Additionally, consider that outdated proxies may miscache
# www.stevesouders.com/blog/2008/08/23/revving-filenames-dont-use-querystring/
# If you don't use filenames to version, lower the CSS and JS to something like
# "access plus 1 week" or so.
# <IfModule mod_expires.c>
# ExpiresActive on
# Perhaps better to whitelist expires rules? Perhaps.
# ExpiresDefault "access plus 1 month"
# cache.appcache needs re-requests in FF 3.6 (thanks Remy ~Introducing HTML5)
# ExpiresByType text/cache-manifest "access plus 0 seconds"
# Your document html
# ExpiresByType text/html "access plus 0 seconds"
# Data
# ExpiresByType text/xml "access plus 0 seconds"
# ExpiresByType application/xml "access plus 0 seconds"
# ExpiresByType application/json "access plus 0 seconds"
# Feed
# ExpiresByType application/rss+xml "access plus 1 hour"
# ExpiresByType application/atom+xml "access plus 1 hour"
# Favicon (cannot be renamed)
# ExpiresByType image/x-icon "access plus 1 week"
# Media: images, video, audio
# ExpiresByType image/gif "access plus 1 month"
# ExpiresByType image/png "access plus 1 month"
# ExpiresByType image/jpg "access plus 1 month"
# ExpiresByType image/jpeg "access plus 1 month"
# ExpiresByType video/ogg "access plus 1 month"
# ExpiresByType audio/ogg "access plus 1 month"
# ExpiresByType video/mp4 "access plus 1 month"
# ExpiresByType video/webm "access plus 1 month"
# HTC files (css3pie)
# ExpiresByType text/x-component "access plus 1 month"
# Webfonts
# ExpiresByType application/x-font-ttf "access plus 1 month"
# ExpiresByType font/opentype "access plus 1 month"
# ExpiresByType application/x-font-woff "access plus 1 month"
# ExpiresByType image/svg+xml "access plus 1 month"
# ExpiresByType application/vnd.ms-fontobject "access plus 1 month"
# CSS and JavaScript
# ExpiresByType text/css "access plus 1 year"
# ExpiresByType application/javascript "access plus 1 year"
# </IfModule>
# ----------------------------------------------------------------------
# Prevent mobile network providers from modifying your site
# ----------------------------------------------------------------------
# The following header prevents modification of your code over 3G on some European providers
# This is the official 'bypass' suggested by O2 in the UK
# The following header prevents modification of your code over 3G on some
# European providers.
# This is the official 'bypass' suggested by O2 in the UK.
# <IfModule mod_headers.c>
# Header set Cache-Control "no-transform"
# </IfModule>
# ----------------------------------------------------------------------
# ETag removal
# ----------------------------------------------------------------------
# FileETag None is not enough for every server.
# <IfModule mod_headers.c>
# Header unset ETag
# </IfModule>
# Since we're sending far-future expires, we don't need ETags for
# static content.
# developer.yahoo.com/performance/rules.html#etags
# FileETag None
# ----------------------------------------------------------------------
# Stop screen flicker in IE on CSS rollovers
# ----------------------------------------------------------------------
# The following directives stop screen flicker in IE on CSS rollovers - in
# combination with the "ExpiresByType" rules for images (see above). If
# needed, un-comment the following rules.
# combination with the "ExpiresByType" rules for images (see above).
# BrowserMatch "MSIE" brokenvary=1
# BrowserMatch "Mozilla/4.[0-9]{2}" brokenvary=1
@@ -317,105 +229,42 @@ AddType application/x-shockwave-flash swf
# SetEnvIf brokenvary 1 force-no-vary
# ----------------------------------------------------------------------
# Set Keep-Alive Header
# ----------------------------------------------------------------------
# Keep-Alive allows the server to send multiple requests through one TCP-connection.
# Be aware of possible disadvantages of this setting. Turn on if you serve a lot of
# static content.
# Keep-Alive allows the server to send multiple requests through one
# TCP-connection. Be aware of possible disadvantages of this setting. Turn on
# if you serve a lot of static content.
# <IfModule mod_headers.c>
# Header set Connection Keep-Alive
# </IfModule>
# ----------------------------------------------------------------------
# Cookie setting from iframes
# ----------------------------------------------------------------------
# Allow cookies to be set from iframes (for IE only)
# If needed, uncomment and specify a path or regex in the Location directive
# If needed, specify a path or regex in the Location directive.
# <IfModule mod_headers.c>
# Header set P3P "policyref=\"/w3c/p3p.xml\", CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\""
# </IfModule>
# ----------------------------------------------------------------------
# Start rewrite engine
# ----------------------------------------------------------------------
# Turning on the rewrite engine is necessary for the following rules and features.
# FollowSymLinks must be enabled for this to work.
#
# Some cloud hosting services require RewriteBase to be set: goo.gl/HOcPN
# If using the h5bp in a subdirectory, use `RewriteBase /foo` instead where 'foo' is your directory.
# <IfModule mod_rewrite.c>
# Options +FollowSymlinks
# RewriteEngine On
# # RewriteBase /
# </IfModule>
# ----------------------------------------------------------------------
# Suppress or force the "www." at the beginning of URLs
# ----------------------------------------------------------------------
# The same content should never be available under two different URLs - especially not with and
# without "www." at the beginning, since this can cause SEO problems (duplicate content).
# That's why you should choose one of the alternatives and redirect the other one.
# By default option 1 (no "www.") is activated. Remember: Shorter URLs are sexier.
# no-www.org/faq.php?q=class_b
# If you rather want to use option 2, just comment out all option 1 lines
# and uncomment option 2.
# IMPORTANT: NEVER USE BOTH RULES AT THE SAME TIME!
# ----------------------------------------------------------------------
# Option 1:
# Rewrite "www.example.com -> example.com"
# <IfModule mod_rewrite.c>
# RewriteCond %{HTTPS} !=on
# RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
# RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L]
# </IfModule>
# ----------------------------------------------------------------------
# Option 2:
# To rewrite "example.com -> www.example.com" uncomment the following lines.
# Be aware that the following rule might not be a good idea if you
# use "real" subdomains for certain parts of your website.
# <IfModule mod_rewrite.c>
# RewriteCond %{HTTPS} !=on
# RewriteCond %{HTTP_HOST} !^www\..+$ [NC]
# RewriteRule ^ http://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# </IfModule>
# ----------------------------------------------------------------------
# Built-in filename-based cache busting
# ----------------------------------------------------------------------
# If you're not using the build script to manage your filename version revving,
# you might want to consider enabling this, which will route requests for
# /css/style.20110203.css to /css/style.css
# `/css/style.20110203.css` to `/css/style.css`.
# To understand why this is important and a better idea than all.css?v1231,
# read: github.com/h5bp/html5-boilerplate/wiki/cachebusting
# please refer to the bundled documentation about `.htaccess`.
# Uncomment to enable.
# <IfModule mod_rewrite.c>
# RewriteCond %{REQUEST_FILENAME} !-f
# RewriteCond %{REQUEST_FILENAME} !-d
@@ -423,14 +272,12 @@ AddType application/x-shockwave-flash swf
# </IfModule>
# ----------------------------------------------------------------------
# Prevent SSL cert warnings
# ----------------------------------------------------------------------
# Rewrite secure requests properly to prevent SSL cert warnings, e.g. prevent
# https://www.example.com when your cert only allows https://secure.example.com
# Uncomment the following lines to use this feature.
# <IfModule mod_rewrite.c>
# RewriteCond %{SERVER_PORT} !^443
@@ -438,29 +285,32 @@ AddType application/x-shockwave-flash swf
# </IfModule>
# ----------------------------------------------------------------------
# Force client-side SSL redirection
# ----------------------------------------------------------------------
# If a user types "example.com" in her browser, the above rule will redirect her
# to the secure version of the site. That still leaves a window of opportunity
# (the initial HTTP connection) for an attacker to downgrade or redirect the
# request. The following header ensures that browser will **only** connect to
# your server via HTTPS, regardless of what users type in the address bar.
# <IfModule mod_headers.c>
# Header set Strict-Transport-Security max-age=16070400;
# </IfModule>
# ----------------------------------------------------------------------
# Prevent 404 errors for non-existing redirected folders
# ----------------------------------------------------------------------
# without -MultiViews, Apache will give a 404 for a rewrite if a folder of the same name does not exist
# e.g. /blog/hello : webmasterworld.com/apache/3808792.htm
# without -MultiViews, Apache will give a 404 for a rewrite if a folder of the
# same name does not exist.
# webmasterworld.com/apache/3808792.htm
# Options -MultiViews
# ----------------------------------------------------------------------
# Custom 404 page
# ----------------------------------------------------------------------
# You can add custom pages to handle 500 or 403 pretty easily, if you like.
# If you are hosting your site in subdirectory, adjust this accordingly
# e.g. ErrorDocument 404 /subdir/404.html
# ErrorDocument 404 /404.html
# ----------------------------------------------------------------------
# UTF-8 encoding
# ----------------------------------------------------------------------
@@ -469,62 +319,49 @@ AddType application/x-shockwave-flash swf
AddDefaultCharset utf-8
# Force UTF-8 for a number of file formats
AddCharset utf-8 .css .js .xml .json .rss .atom
AddCharset utf-8 .atom .css .js .json .rss .vtt .xml
# ----------------------------------------------------------------------
# A little more security
# ----------------------------------------------------------------------
# Do we want to advertise the exact version number of Apache we're running?
# Probably not.
## This can only be enabled if used in httpd.conf - It will not work in .htaccess
# To avoid displaying the exact version number of Apache being used, add the
# following to httpd.conf (it will not work in .htaccess):
# ServerTokens Prod
# "-Indexes" will have Apache block users from browsing folders without a default document
# Usually you should leave this activated, because you shouldn't allow everybody to surf through
# every folder on your server (which includes rather private places like CMS system folders).
# "-Indexes" will have Apache block users from browsing folders without a
# default document Usually you should leave this activated, because you
# shouldn't allow everybody to surf through every folder on your server (which
# includes rather private places like CMS system folders).
<IfModule mod_autoindex.c>
Options -Indexes
</IfModule>
# Block access to "hidden" directories or files whose names begin with a period. This
# includes directories used by version control systems such as Subversion or Git.
# Block access to "hidden" directories or files whose names begin with a
# period. This includes directories used by version control systems such as
# Subversion or Git.
<IfModule mod_rewrite.c>
RewriteCond %{SCRIPT_FILENAME} -d [OR]
RewriteCond %{SCRIPT_FILENAME} -f
RewriteRule "(^|/)\." - [F]
</IfModule>
# Block access to backup and source files
# This files may be left by some text/html editors and
# pose a great security danger, when someone can access them
<FilesMatch "(\.(bak|config|sql|fla|psd|ini|log|sh|inc|swp|dist)|~)$">
# Block access to backup and source files. These files may be left by some
# text/html editors and pose a great security danger, when anyone can access
# them.
<FilesMatch "(\.(bak|config|dist|fla|inc|ini|log|psd|sh|sql|swp)|~)$">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>
# Block access to WordPress files that reveal version information.
<FilesMatch "^(wp-config\.php|readme\.html|license\.txt)">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>
# If your server is not already configured as such, the following directive
# should be uncommented in order to set PHP's register_globals option to OFF.
# This closes a major security hole that is abused by most XSS (cross-site
# scripting) attacks. For more information: http://php.net/register_globals
#
# IF REGISTER_GLOBALS DIRECTIVE CAUSES 500 INTERNAL SERVER ERRORS :
# IF REGISTER_GLOBALS DIRECTIVE CAUSES 500 INTERNAL SERVER ERRORS:
#
# Your server does not allow PHP directives to be set via .htaccess. In that
# case you must make this change in your php.ini file instead. If you are
@@ -578,8 +415,6 @@ AddCharset utf-8 .css .js .xml .json .rss .atom
# php_value error_append_string " "
# Increase cookie security
<IfModule php5_module>
<IfModule mod_php5.c>
php_value session.cookie_httponly true
</IfModule>
# END HTML5 Boilerplate
</IfModule>

6
lib/scripts.php
View File

@@ -6,7 +6,7 @@
* 1. /theme/assets/css/main.min.css
*
* Enqueue scripts in the following order:
* 1. jquery-1.9.0.min.js via Google CDN
* 1. jquery-1.9.1.min.js via Google CDN
* 2. /theme/assets/js/vendor/modernizr-2.6.2.min.js
* 3. /theme/assets/js/scripts.min.js
*/
@@ -24,7 +24,7 @@ function roots_scripts() {
// It's kept in the header instead of footer to avoid conflicts with plugins.
if (!is_admin()) {
wp_deregister_script('jquery');
wp_register_script('jquery', '//ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js', false, null, false);
wp_register_script('jquery', '//ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js', false, null, false);
}
if (is_single() && comments_open() && get_option('thread_comments')) {
@@ -45,7 +45,7 @@ function roots_jquery_local_fallback($src, $handle) {
static $add_jquery_fallback = false;
if ($add_jquery_fallback) {
echo '<script>window.jQuery || document.write(\'<script src="' . get_template_directory_uri() . '/assets/js/vendor/jquery-1.9.0.min.js"><\/script>\')</script>' . "\n";
echo '<script>window.jQuery || document.write(\'<script src="' . get_template_directory_uri() . '/assets/js/vendor/jquery-1.9.1.min.js"><\/script>\')</script>' . "\n";
$add_jquery_fallback = false;
}

6
lib/utils.php
View File

@@ -75,16 +75,14 @@ function roots_title() {
} elseif (is_year()) {
printf(__('Yearly Archives: %s', 'roots'), get_the_date('Y'));
} elseif (is_author()) {
global $post;
$author_id = $post->post_author;
printf(__('Author Archives: %s', 'roots'), get_the_author_meta('display_name', $author_id));
printf(__('Author Archives: %s', 'roots'), get_the_author());
} else {
single_cat_title();
}
} elseif (is_search()) {
printf(__('Search Results for %s', 'roots'), get_search_query());
} elseif (is_404()) {
_e('File Not Found', 'roots');
_e('Not Found', 'roots');
} else {
the_title();
}

15
templates/comments.php
View File

@@ -1,3 +1,9 @@
<?php
if (post_password_required()) {
return;
}
?>
<?php function roots_comment($comment, $args, $depth) {
$GLOBALS['comment'] = $comment; ?>
<li <?php comment_class(); ?>>
@@ -25,15 +31,6 @@
</article>
<?php } ?>
<?php if (post_password_required()) : ?>
<section id="comments">
<div class="alert alert-block fade in">
<a class="close" data-dismiss="alert">&times;</a>
<p><?php _e('This post is password protected. Enter the password to view comments.', 'roots'); ?></p>
</div>
</section><!-- /#comments -->
<?php endif; ?>
<?php if (have_comments()) : ?>
<section id="comments">
<h3><?php printf(_n('One Response to &ldquo;%2$s&rdquo;', '%1$s Responses to &ldquo;%2$s&rdquo;', get_comments_number(), 'roots'), number_format_i18n(get_comments_number()), get_the_title()); ?></h3>

4
templates/entry-meta.php
View File

@@ -1,2 +1,2 @@
<time class="updated" datetime="<?php echo get_the_time('c'); ?>" pubdate><?php echo sprintf(__('Posted on %s at %s.', 'roots'), get_the_date(), get_the_time()); ?></time>
<p class="byline author vcard"><?php echo __('Written by', 'roots'); ?> <a href="<?php echo get_author_posts_url(get_the_author_meta('ID')); ?>" rel="author" class="fn"><?php echo get_the_author(); ?></a></p>
<time class="updated" datetime="<?php echo get_the_time('c'); ?>" pubdate><?php echo get_the_date(); ?></time>
<p class="byline author vcard"><?php echo __('By', 'roots'); ?> <a href="<?php echo get_author_posts_url(get_the_author_meta('ID')); ?>" rel="author" class="fn"><?php echo get_the_author(); ?></a></p>