From 91259f7b6b66af7816918483b88e9037c7ab31d5 Mon Sep 17 00:00:00 2001
From: Patrick Bates <patrickebates@yahoo.com>
Date: Sat, 25 Dec 2021 11:56:31 -0600
Subject: [PATCH 1/2] Escape field declaration as referenced in
 https://github.com/ProjectNami/projectnami/issues/465

---
 wp-includes/user.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/wp-includes/user.php b/wp-includes/user.php
index ec9b6f9be..805e6a9ce 100644
--- a/wp-includes/user.php
+++ b/wp-includes/user.php
@@ -1114,7 +1114,7 @@ function count_users( $strategy = 'time', $site_id = null ) {
 		// Build a CPU-intensive query that will return concise information.
 		$select_count = array();
 		foreach ( $avail_roles as $this_role => $name ) {
-			$select_count[] = "(SELECT COUNT(*) as qty FROM $wpdb->usermeta WHERE [meta_key] = '{$blog_prefix}capabilities' AND [meta_value] LIKE '%" . $wpdb->esc_like( $this_role ) . "%') as $this_role";
+			$select_count[] = "(SELECT COUNT(*) as qty FROM $wpdb->usermeta WHERE [meta_key] = '{$blog_prefix}capabilities' AND [meta_value] LIKE '%" . $wpdb->esc_like( $this_role ) . "%') as [$this_role]";
 		}
 		$select_count[] = "(SELECT COUNT(*) as qty FROM $wpdb->usermeta WHERE [meta_key] = '{$blog_prefix}capabilities' AND [meta_value] = 'a:0:{}') as none";
 		$select_count = implode(', ', $select_count);

From 18f1e9bf9aeb3dace46206bf2b6d4a8f5d731f32 Mon Sep 17 00:00:00 2001
From: Patrick Bates <patrick@cullmanit.com>
Date: Mon, 10 Jan 2022 16:17:31 -0600
Subject: [PATCH 2/2] Initial merge with WP 5.8.3

---
 README.md                           |  2 +-
 wp-admin/about.php                  | 20 ++++++++++++++++++++
 wp-includes/class-wp-meta-query.php |  2 +-
 wp-includes/class-wp-tax-query.php  |  8 ++++++--
 wp-includes/formatting.php          | 17 +++++++++++------
 wp-includes/pn-version.php          |  2 +-
 wp-includes/post.php                |  2 +-
 wp-includes/version.php             |  2 +-
 8 files changed, 42 insertions(+), 13 deletions(-)

diff --git a/README.md b/README.md
index 54c95777c..4a5b8131b 100644
--- a/README.md
+++ b/README.md
@@ -1,7 +1,7 @@
 Project Nami
 ===============
 
-### Version: `2.8.2` ###
+### Version: `2.8.3` ###
 
 ### Description: ###
 [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://deploy.azure.com/?repository=https://github.com/ProjectNami/projectnami/tree/latest)
diff --git a/wp-admin/about.php b/wp-admin/about.php
index 597422911..9508bfa9f 100644
--- a/wp-admin/about.php
+++ b/wp-admin/about.php
@@ -43,6 +43,26 @@
 		<div class="about__section changelog">
 			<div class="column">
 				<h2><?php _e( 'Maintenance and Security Releases' ); ?></h2>
+				<p>
+					<?php
+					printf(
+						/* translators: %s: WordPress version number. */
+						__( '<strong>Version %s</strong> addressed some security issues.' ),
+						'5.8.3'
+					);
+					?>
+					<?php
+					printf(
+						/* translators: %s: HelpHub URL. */
+						__( 'For more information, see <a href="%s">the release notes</a>.' ),
+						sprintf(
+							/* translators: %s: WordPress version. */
+							esc_url( __( 'https://wordpress.org/support/wordpress-version/version-%s/' ) ),
+							sanitize_title( '5.8.3' )
+						)
+					);
+					?>
+				</p>
 				<p>
 					<?php
 					printf(
diff --git a/wp-includes/class-wp-meta-query.php b/wp-includes/class-wp-meta-query.php
index c9a02cac8..e7e5a2608 100644
--- a/wp-includes/class-wp-meta-query.php
+++ b/wp-includes/class-wp-meta-query.php
@@ -821,7 +821,7 @@ protected function find_compatible_table_alias( $clause, $parent_query ) {
 			$clause_compare  = strtoupper( $clause['compare'] );
 			$sibling_compare = strtoupper( $sibling['compare'] );
 			if ( in_array( $clause_compare, $compatible_compares, true ) && in_array( $sibling_compare, $compatible_compares, true ) ) {
-				$alias = $sibling['alias'];
+				$alias = preg_replace( '/\W/', '_', $sibling['alias'] );
 				break;
 			}
 		}
diff --git a/wp-includes/class-wp-tax-query.php b/wp-includes/class-wp-tax-query.php
index 1432245cc..a026bb185 100644
--- a/wp-includes/class-wp-tax-query.php
+++ b/wp-includes/class-wp-tax-query.php
@@ -527,7 +527,7 @@ protected function find_compatible_table_alias( $clause, $parent_query ) {
 
 			// The sibling must both have compatible operator to share its alias.
 			if ( in_array( strtoupper( $sibling['operator'] ), $compatible_operators, true ) ) {
-				$alias = $sibling['alias'];
+				$alias = preg_replace( '/\W/', '_', $sibling['alias'] );
 				break;
 			}
 		}
@@ -556,7 +556,11 @@ private function clean_query( &$query ) {
 			return;
 		}
 
-		$query['terms'] = array_unique( (array) $query['terms'] );
+		if ( 'slug' === $query['field'] || 'name' === $query['field'] ) {
+			$query['terms'] = array_unique( (array) $query['terms'] );
+		} else {
+			$query['terms'] = wp_parse_id_list( $query['terms'] );
+		}
 
 		if ( is_taxonomy_hierarchical( $query['taxonomy'] ) && $query['include_children'] ) {
 			$this->transform_query( $query, 'term_id' );
diff --git a/wp-includes/formatting.php b/wp-includes/formatting.php
index 4a7f4f16e..062792f97 100644
--- a/wp-includes/formatting.php
+++ b/wp-includes/formatting.php
@@ -1138,12 +1138,14 @@ function wp_check_invalid_utf8( $string, $strip = false ) {
  * Encode the Unicode values to be used in the URI.
  *
  * @since 1.5.0
+ * @since 5.8.3 Added the `encode_ascii_characters` parameter.
  *
- * @param string $utf8_string
- * @param int    $length Max  length of the string
+ * @param string $utf8_string             String to encode.
+ * @param int    $length                  Max length of the string
+ * @param bool   $encode_ascii_characters Whether to encode ascii characters such as < " '
  * @return string String with Unicode encoded for URI.
  */
-function utf8_uri_encode( $utf8_string, $length = 0 ) {
+function utf8_uri_encode( $utf8_string, $length = 0, $encode_ascii_characters = false ) {
 	$unicode        = '';
 	$values         = array();
 	$num_octets     = 1;
@@ -1158,11 +1160,14 @@ function utf8_uri_encode( $utf8_string, $length = 0 ) {
 		$value = ord( $utf8_string[ $i ] );
 
 		if ( $value < 128 ) {
-			if ( $length && ( $unicode_length >= $length ) ) {
+			$char                = chr( $value );
+			$encoded_char        = $encode_ascii_characters ? rawurlencode( $char ) : $char;
+			$encoded_char_length = strlen( $encoded_char );
+			if ( $length && ( $unicode_length + $encoded_char_length ) > $length ) {
 				break;
 			}
-			$unicode .= chr( $value );
-			$unicode_length++;
+			$unicode        .= $encoded_char;
+			$unicode_length += $encoded_char_length;
 		} else {
 			if ( count( $values ) == 0 ) {
 				if ( $value < 224 ) {
diff --git a/wp-includes/pn-version.php b/wp-includes/pn-version.php
index 9528a70bb..fa5cf6f95 100644
--- a/wp-includes/pn-version.php
+++ b/wp-includes/pn-version.php
@@ -1,3 +1,3 @@
 <?php
 
-$pn_version = '2.8.2';
+$pn_version = '2.8.3';
diff --git a/wp-includes/post.php b/wp-includes/post.php
index 36a9b0d26..6923475a2 100644
--- a/wp-includes/post.php
+++ b/wp-includes/post.php
@@ -4930,7 +4930,7 @@ function _truncate_post_slug( $slug, $length = 200 ) {
 		if ( $decoded_slug === $slug ) {
 			$slug = substr( $slug, 0, $length );
 		} else {
-			$slug = utf8_uri_encode( $decoded_slug, $length );
+			$slug = utf8_uri_encode( $decoded_slug, $length, true );
 		}
 	}
 
diff --git a/wp-includes/version.php b/wp-includes/version.php
index 325074898..6c1b07e43 100644
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@@ -13,7 +13,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '5.8.2';
+$wp_version = '5.8.3';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.