--- lib/MT/Util.pm.orig	2008-03-11 16:14:38.000000000 -0500
+++ lib/MT/Util.pm	2008-03-11 16:35:49.000000000 -0500
@@ -461,7 +461,17 @@
             $html =~ s!>!&gt;!g;
         }
         #Encode::_utf8_off($html) if MT->instance->charset eq 'utf-8';
-        $html;
+        return strip_chars($html);
+    }
+
+    sub strip_chars {
+      my ($string) = @_;
+      if (MT->instance->charset eq 'utf-8') {
+        $string =~ s/[^\x09\x0A\x0D\x20-\x{D7FF}\x{E000}-\x{FFFD}\x{10000}-\x{10FFFF}]/\x{FFFD}/g; 
+      } else {
+        $string =~ s/[\x00-\x08\x0B\x0C\x0E\x0F\x10-\x1F\x80-\x9F]//g;
+      }
+      return $string;
     }
 
     sub decode_html {
--- lib/MT/Sanitize.pm.orig	2007-01-05 18:29:17.000000000 -0600
+++ lib/MT/Sanitize.pm	2007-04-17 02:26:58.000000000 -0500
@@ -22,7 +22,7 @@
     my(%ok_tags, %tag_attr);
     for my $rule (split /\s*,\s*/, $a) {
         my(%ok_attr, $tag, $style);
-        $tag = lc $rule;
+        $tag =  $rule;
         if ($tag =~ m|^([^\s]+)\s+(.+)$|) {
             ($tag, my($attrs)) = ($1, $2);
             $style = $1 if $tag =~ s|(/)$||;
@@ -84,10 +84,10 @@
             my $name;
             my $closure = 0;
             if ($inside =~ m/^([^ ]+) (.+)$/s) {
-                $name = lc($1);
+                $name = $1;
                 $inside = $2;
             } else {
-                $name = lc($inside);
+                $name = $inside;
                 $inside = '';
             }
             if ($name =~ m|^/|) {
@@ -102,8 +102,8 @@
                 (exists $tag_attr->{$name} && $tag_attr->{$name} eq '/')) {
                 if ($inside) {
                     my @attrs;
-                    while ($inside =~ m/([:\w]+)\s*=\s*(['"])(.*?)\2/gs) {
-                        my ($attr, $q, $val) = (lc($1), $2, $3);
+                    while ($inside =~ m/([\-:\w]+)\s*=\s*(['"])(.*?)\2/gs) {
+                        my ($attr, $q, $val) = ($1, $2, $3);
                         if ($ok_tags->{'*'}{$attr} ||
                            (ref $ok_tags->{$name} && $ok_tags->{$name}{$attr})) {
                             my $dec_val = decode_html($val);
@@ -114,7 +114,7 @@
                                 if ((my $prot) = $dec_val =~ m/^(.+?):/) {
                                     next if $prot =~ m/[\r\n\t]/;
                                     $prot =~ s/\s+//gs;
-                                    next if $prot =~ m/[^a-zA-Z0-9\+]/;
+                                    next if $prot =~ m/[^a-zA-Z0-9\+#]/;
                                     next if $prot =~ m/script$/i;
                                     next if $prot =~ m/&#/;
                                 }
--- lib/MT/Blog.pm.orig	2006-07-17 23:39:38.000000000 -0500
+++ lib/MT/Blog.pm	2006-07-17 23:44:53.000000000 -0500
@@ -55,7 +55,7 @@
         'ping_technorati' => 'boolean',
         'ping_others' => 'text',
         'autodiscover_links' => 'boolean',
-        'sanitize_spec' => 'string(255)',
+        'sanitize_spec' => 'text',
         'cc_license' => 'string(255)',
         'is_dynamic' => 'boolean',
         'remote_auth_token' => 'string(50)',
--- lib/MT/App.pm.orig	2007-01-23 17:52:24.000000000 -0600
+++ lib/MT/App.pm	2008-03-11 18:36:28.000000000 -0500
@@ -101,6 +101,9 @@
 sub send_http_header {
     my $app = shift;
     my($type) = @_;
+    if ($ENV{'HTTP_CONTENT_TYPE'} && $ENV{'HTTP_CONTENT_TYPE'} ne '' ){
+      $type= $ENV{'HTTP_CONTENT_TYPE'};
+    }
     $type ||= 'text/html';
     if (my $charset = $app->charset) {
         $type .= "; charset=$charset"
@@ -581,9 +584,9 @@
     if ($MT::DebugMode && $@) {
         $error = '<pre>'.encode_html($error).'</pre>';
     } else {
-        $error = encode_html($error);
+        $error = encode_html($error,1);
     }
-    $error =~ s!(http://\S+)!<a href="$1" target="_blank">$1</a>!g;
+    $error =~ s!(http://\S+)!<a href="$1">$1</a>!g;
     $tmpl = $app->load_tmpl('error.tmpl') or
         return "Can't load error template; got error '" . $app->errstr .
                "'. Giving up. Original error was <pre>$error</pre>";
--- tmpl/email/new-comment.tmpl.orig	2006-06-24 00:54:07.000000000 -0500
+++ tmpl/email/new-comment.tmpl	2006-07-03 08:17:18.000000000 -0500
@@ -9,6 +9,7 @@
 <MT_TRANS phrase="Name">: <TMPL_VAR NAME=COMMENT_NAME>
 <MT_TRANS phrase="Email Address">: <TMPL_VAR NAME=COMMENT_EMAIL>
 <MT_TRANS phrase="URL">: <TMPL_VAR NAME=COMMENT_URL>
+<MT_TRANS phrase="Subject:"> <TMPL_VAR NAME=COMMENT_SUBJECT>
 <MT_TRANS phrase="Comments:">
 
 <TMPL_VAR NAME=COMMENT_TEXT>
--- lib/MT/Comment.pm.orig	2006-06-16 04:09:55.000000000 -0500
+++ lib/MT/Comment.pm	2006-06-25 00:39:09.000000000 -0500
@@ -21,6 +21,9 @@
         'email' => 'string(75)',
         'url' => 'string(255)',
         'text' => 'text',
+        'subject' => 'text',
+        'parent_id' => 'integer not null',
+        'convert_breaks' => 'string(30)',
         'ip' => 'string(16)',
         'last_moved_on' => 'datetime not null',
         'junk_score' => 'float',
@@ -31,6 +34,7 @@
         created_on => 1,
         entry_id => 1,
         blog_id => 1,
+        parent_id => 1,
         email => 1,
         commenter_id => 1,
         visible => 1,
--- lib/MT/App/Search.pm.orig	2007-01-23 17:52:24.000000000 -0600
+++ lib/MT/App/Search.pm	2008-03-12 10:19:16.000000000 -0500
@@ -165,6 +165,12 @@
         my $file = File::Spec->catfile($app->config('TempDir'), 'mt-throttle.db');
         my $DB = tie my %db, 'DB_File', $file;
         if ($DB) {
+            #throttle total number of searches
+            my $max_searches = 5;
+            if (scalar(keys %db) > $max_searches ) {
+                return $app->error($app->translate(
+                "Too many searches are ongoing. Please try yours again later."));
+            }
             if (my $time = $db{$ip}) {
                 if ($time > time - $app->config('ThrottleSeconds')) {
                     return 0;
@@ -187,7 +193,7 @@
                                        'mt-throttle.db');
         if (tie my %db, 'DB_File', $file) {
             my $time = $db{$app->remote_ip};
-            delete $db{$app->remote_ip} if ($time && $time < (time - $app->config('ThrottleSeconds')));
+            delete $db{$app->remote_ip};
             untie %db;
         }
     }
@@ -450,7 +456,7 @@
 
     require MT::Log;
     $app->log({
-        message => $app->translate("Search: query for '[_1]'",
+        message => $app->translate(encode_html("Search: query for '[_1]'",1),
               $app->{search_string}),
         level => MT::Log::INFO(),
         class => 'search',
--- lib/MT/TBPing.pm.orig	2006-06-27 15:58:14.000000000 -0500
+++ lib/MT/TBPing.pm	2006-07-03 08:22:44.000000000 -0500
@@ -23,6 +23,7 @@
         'source_url' => 'string(255)',
         'ip' => 'string(15) not null',
         'blog_name' => 'string(255)',
+        'tb_charset' => 'string(255)',
         'visible' => 'boolean',
         'junk_status' => 'smallint not null',
         'last_moved_on' => 'datetime not null',
--- lib/MT/App/Trackback.pm.orig	2007-01-23 17:52:24.000000000 -0600
+++ lib/MT/App/Trackback.pm	2007-04-18 02:03:46.000000000 -0500
@@ -129,7 +129,7 @@
         return 0;
     }
 
-    @ts = offset_time_list(time - $app->config('ThrottleSeconds')*4000 - 1,
+    @ts = offset_time_list(time - 86400,
                            $tb->blog_id);
     $from = sprintf("%04d%02d%02d%02d%02d%02d",
                     $ts[5]+1900, $ts[4]+1, @ts[3,2,1,0]);
@@ -209,10 +209,10 @@
         }
     }
 
-    no_utf8($tb_id, $title, $excerpt, $url, $blog_name);
+    #no_utf8($tb_id, $title, $excerpt, $url, $blog_name);
     # guess encoding as possible
-    $enc = MT::I18N::guess_encoding($excerpt.$title.$blog_name) unless $enc;
-    ($title, $excerpt, $blog_name) = map { encode_text($_, $enc) } ($title, $excerpt, $blog_name);
+#    $enc = MT::I18N::guess_encoding($excerpt.$title.$blog_name) unless $enc;
+#    ($title, $excerpt, $blog_name) = map { encode_text($_, $enc) } ($title, $excerpt, $blog_name);
 
     return $app->_response(Error=> $app->translate("Need a Source URL (url)."))
         unless $url;
@@ -261,6 +261,9 @@
         $ping->tb_id($tb_id);
         $ping->source_url($url);
         $ping->ip($app->remote_ip || '');
+	if ($ENV{'CONTENT_TYPE'} =~ /[Cc]harset=([a-zA-Z0-9-]+)/) {
+	  $ping->tb_charset($1);
+	}
         $ping->junk_status(0);
         $ping->visible(1);
     }
@@ -285,6 +288,29 @@
             $ping->column($field, $val);
         }
     }
+     ## BEGIN HACK Avoid Duplicate Trackback Pings
+     ## http://www.nonplus.net/software/mt/AvoidingDuplicateTrackbackPings.htm
+     my $duplicate_ping = 0;
+     if(my @existing_pings = MT::TBPing->load({
+                 blog_id => $ping->blog_id,
+                 tb_id => $ping->tb_id })) {
+         foreach my $p (@existing_pings) {
+             next unless ($p->source_url eq $ping->source_url && $p->ip eq  $ping->ip);
+             # If everything is the same, simply return
+             return $app->_response if ( ($p->title eq $ping->title)
+                             && ($p->blog_name eq $ping->blog_name)
+                             && ($p->excerpt eq $ping->excerpt));
+             # If something is different, copy new values to old ping
+             $p->title($ping->title);
+             $p->blog_name($ping->blog_name);
+             $p->excerpt($ping->excerpt);
+             # and replace new ping with old ping
+             $ping = $p;
+             $duplicate_ping = 1;
+             last;
+         }
+     }
+     ## END HACK Avoid Duplicate Trackback Pings
 
     if (!MT->run_callbacks('TBPingFilter', $app, $ping)) {
         return $app->_response(Error => "", Code => 403);
@@ -353,7 +379,7 @@
                             $app->translate("Can't create RSS feed '[_1]': ", $feed,
                             $fmgr->errstr));
                 }
-                $app->_send_ping_notification($blog, $entry, $cat, $ping);
+                $app->_send_ping_notification($blog, $entry, $cat, $ping) unless $duplicate_ping ;
             });
         }
     } else {
@@ -435,11 +461,12 @@
 sub rss {
     my $app = shift;
     my($tb_id, $pass) = $app->_get_params;
-    my $tb = MT::Trackback->load($tb_id)
-        or return $app->_response(Error =>
-            $app->translate("Invalid TrackBack ID '[_1]'", $tb_id));
-    my $rss = _generate_rss($tb);
-    $app->_response(RSS => $rss);
+#   my $tb = MT::Trackback->load($tb_id) or 
+	return $app->_response(Error =>
+            $app->translate("RSS disabled because of Trackback Spam"));
+#           $app->translate("Invalid TrackBack ID '[_1]'", $tb_id));
+#    my $rss = _generate_rss($tb);
+#    $app->_response(RSS => $rss);
 }
 
 sub _generate_rss {
--- lib/MT/App/Comments.pm.orig	2006-08-03 16:15:31.000000000 -0500
+++ lib/MT/App/Comments.pm	2006-09-04 01:49:27.000000000 -0500
@@ -114,9 +114,11 @@
         unless ($comment->visible);
     my $uri = encode_html($comment->url);
     return <<HTML;
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
-<html><head><title>Redirecting...</title>
-<meta name="robots" content="noindex, nofollow">
+<?xml version='1.0' encoding='iso-8859-1'?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><head><title>Redirecting...</title>
+<meta name="robots" content="noindex, nofollow" />
 <script type="text/javascript">
 window.onload = function() { document.location = '$uri'; };
 </script></head>
@@ -264,6 +266,33 @@
     if ($text eq '') {
        return $app->handle_error($app->translate("Comment text is required."));
     } 
+     require Digest::SHA1;
+     my $sha1 = Digest::SHA1->new;
+ 
+     $sha1->add($q->param('text') . $q->param('entry_id') . $app->remote_ip
+                . $q->param('author') . $q->param('email') . $q->param('url')
+                . $q->param('subject') . $q->param('convert_breaks'));
+     my $salt_file = MT::ConfigMgr->instance->PluginPath .'/salt.txt';
+     my $FH;
+     open($FH, $salt_file) or die "cannot open file <$salt_file> ($!)";
+     $sha1->addfile($FH);
+     close $FH;
+ 
+     my $digest = $sha1->b64digest . "=";
+ 
+     if (!$q->param('validated') ) {
+        my $ban = MT::IPBanList->new;
+        $ban->blog_id($entry->blog_id);
+        $ban->ip($app->remote_ip);
+        $ban->save
+          or die $ban->errstr;
+        return $app->handle_error($app->translate("You are not allowed to post comments."));
+     }
+ 
+     if ($q->param('validated') ne $digest) {
+     return $app->handle_error($app->translate(
+             "Please preview your modified entry before posting it."));
+     }
 
     my ($comment, $commenter) = _make_comment($app, $entry);
     my $remember = $q->param('bakecookie') || 0;
@@ -509,6 +538,7 @@
         $email = $commenter->email();
     }
     my $url = $q->param('url') || ''; #($commenter ? $commenter->url() : '');
+    my $subject = $q->param('subject') ? $q->param('subject') : ' ';
     my $comment = MT::Comment->new;
     if ($commenter) {
         $comment->commenter_id($commenter->id);
@@ -516,7 +546,7 @@
     ## Strip linefeed characters.
     my $text = $q->param('text');
     $text = '' unless defined $text;
-    $text =~ tr/\r//d;
+#    $text =~ tr/\r//d;
     $comment->ip($app->remote_ip);
     $comment->blog_id($entry->blog_id);
     $comment->entry_id($entry->id);
@@ -524,6 +554,9 @@
     $comment->email(remove_html($email));
     $comment->url(is_valid_url($url, 'stringent'));
     $comment->text($text);
+    $comment->subject($subject);
+    $comment->parent_id($q->param('parent_id'));
+    $comment->convert_breaks($q->param('convert_breaks'));
     #$comment->visible(0); # leave as undefined
     $comment->is_junk(0);
     
@@ -608,6 +641,7 @@
                       (comment_email => $comment->email):()),
                      comment_url => $comment->url,
                      comment_text => wrap_text($comment->text, 72),
+		     comment_subject => $comment->subject,
                      unapproved => !$comment->visible(),
                     );
         my $body = MT->build_email('new-comment.tmpl', \%param);
@@ -1015,6 +1049,8 @@
     $ctx->stash('entry', $entry);
     $ctx->stash('commenter', $cmntr) if ($cmntr);
     $ctx->{current_timestamp} = $entry->created_on;
+    $ctx->stash('comment_parent_id', $q->param('parent_id'));
+    $ctx->stash('convert_breaks', $q->param('convert_breaks'));
     my %cond;
     my $tmpl = ($q->param('arch')) ?
         (MT::Template->load({ type => 'individual',
--- lib/MT/Template/ContextHandlers.pm.orig	2006-07-06 12:11:02.000000000 -0500
+++ lib/MT/Template/ContextHandlers.pm	2006-08-17 21:34:47.000000000 -0500
@@ -22,6 +22,8 @@
 use MT::Entry;
 use MT::I18N qw( first_n_text const );
 
+my $publish_charset = _hdlr_publish_charset();
+
 sub init_default_handlers {
     %MT::Template::Context::Handlers = (
         Else => [ \&_hdlr_pass_tokens, 1 ],
@@ -2553,11 +2555,14 @@
     unless ($blog->allow_comment_html) {
         $t = remove_html($t);
     }
+    my $filter = defined $c->convert_breaks ?
+        [$c->convert_breaks] :
+        $blog->comment_text_filters;
     my $convert_breaks = exists $arg->{convert_breaks} ?
         $arg->{convert_breaks} :
         $blog->convert_paras_comments;
     $t = $convert_breaks ?
-        MT->apply_text_filters($t, $blog->comment_text_filters, $ctx) :
+	MT->apply_text_filters($t, $filter, $ctx) :
         $t;
     if (!(exists $arg->{autolink} && !$arg->{autolink}) &&
         $blog->autolink_urls) {
@@ -3594,7 +3599,8 @@
     sanitize_on($_[1]);
     my $ping = $_[0]->stash('ping')
         or return $_[0]->_no_ping_error('MTPingTitle');
-    defined $ping->title ? $ping->title : '';
+    my $title = defined $ping->title ? $ping->title : '';
+    return _transcode_text($ping->tb_charset, $title);
 }
 sub _hdlr_ping_url {
     sanitize_on($_[1]);
@@ -3606,7 +3612,8 @@
     sanitize_on($_[1]);
     my $ping = $_[0]->stash('ping')
         or return $_[0]->_no_ping_error('MTPingExcerpt');
-    defined $ping->excerpt ? $ping->excerpt : '';
+    my $excerpt = defined $ping->excerpt ? $ping->excerpt : '';
+    return _transcode_text($ping->tb_charset, $excerpt);
 }
 sub _hdlr_ping_ip {
     my $ping = $_[0]->stash('ping')
@@ -3617,7 +3624,21 @@
     sanitize_on($_[1]);
     my $ping = $_[0]->stash('ping')
         or return $_[0]->_no_ping_error('MTPingBlogName');
-    defined $ping->blog_name ? $ping->blog_name : '';
+    my $blog_name = defined $ping->blog_name ? $ping->blog_name : '';
+    return _transcode_text($ping->tb_charset, $blog_name);
+}
+
+sub _transcode_text {
+    my ($text_charset, $text) = @_;
+    require Text::Iconv;
+    use Encode;  
+    if (defined $text_charset && lc($text_charset) ne $publish_charset ) {
+      $text_charset = lc($text_charset);
+      $text = Text::Iconv->new($text_charset,'utf-8')->convert($text) unless $text_charset  eq 'utf-8';
+      $text = encode($publish_charset, decode('utf-8',$text), Encode::FB_XMLCREF) unless $publish_charset eq 'utf-8';
+     }
+    $text =~ s/&(?!#?[xX]?(?:[0-9a-fA-F]+|\w+);)/&amp;/g;
+    return $text;
 }
 
 sub _hdlr_if_allow_comment_html {
--- tmpl/cms/header-popup.tmpl.orig	2006-06-13 19:15:36.000000000 -0500
+++ tmpl/cms/header-popup.tmpl	2006-07-03 14:25:06.000000000 -0500
@@ -1,6 +1,6 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 
-<html lang="<TMPL_VAR NAME=LANGUAGE_TAG>">
+<html xml:lang="<TMPL_VAR NAME=LANGUAGE_TAG>" xmlns="http://www.w3.org/1999/xhtml">
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=<TMPL_VAR NAME=LANGUAGE_ENCODING>" />
 <title><TMPL_LOOP NAME=PAGE_TITLES><TMPL_VAR NAME=BC_NAME ESCAPE=HTML> | </TMPL_LOOP><TMPL_VAR NAME=MT_PRODUCT_NAME></title>
--- tmpl/cms/header.tmpl.orig	2006-06-24 00:54:07.000000000 -0500
+++ tmpl/cms/header.tmpl	2006-07-03 14:29:26.000000000 -0500
@@ -1,6 +1,7 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<?xml version='1.0' encoding='iso-8859-1'?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1 plus MathML 2.0//EN" "http://www.w3.org/Math/DTD/mathml2/xhtml-math11-f.dtd" > 
 
-<html lang="<TMPL_VAR NAME=LANGUAGE_TAG>">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<TMPL_VAR NAME=LANGUAGE_TAG>">
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=<TMPL_VAR NAME=LANGUAGE_ENCODING>" />
 <title><TMPL_LOOP NAME=PAGE_TITLES><TMPL_VAR NAME=BC_NAME ESCAPE=HTML> | </TMPL_LOOP><TMPL_VAR NAME=MT_PRODUCT_NAME></title>

--- tmpl/cms/list_comment.tmpl.orig	2006-06-24 00:54:07.000000000 -0500
+++ tmpl/cms/list_comment.tmpl	2006-07-03 14:34:54.000000000 -0500
@@ -1,7 +1,7 @@
 <TMPL_INCLUDE NAME="header.tmpl">
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 function enableFilterButton() {
     getByID("filter-button").style.display = "inline";
 }
@@ -54,7 +54,7 @@
 }
 
 TC.attachLoadEvent( init );
-//-->
+//--><!]]>
 </script>
 
 <div id="list-comment">
--- tmpl/cms/list_notification.tmpl.orig	2006-06-24 00:54:07.000000000 -0500
+++ tmpl/cms/list_notification.tmpl	2006-07-03 14:40:50.000000000 -0500
@@ -3,7 +3,7 @@
 <div id="list-notification">
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 function setCreateMode () {
 	getByID('email').value = '';
 	getByID('url').value = '';
@@ -24,7 +24,7 @@
 }
         
 TC.attachLoadEvent( init );
-//-->
+//--><!]]>
 </script>
 
 <h2><span class="weblog-title-highlight"><TMPL_VAR NAME=BLOG_NAME ESCAPE=HTML>:</span> <MT_TRANS phrase="Notifications"></h2>
@@ -64,7 +64,7 @@
 <p>
 <MT_TRANS phrase="Email Address">: <input name="email" id="email" value="<TMPL_VAR NAME=EMAIL>" />
 &nbsp;
-<MT_TRANS phrase="URL (Optional):"> <input name="url" id="url" value="<TMPL_VAR NAME=URL>">
+<MT_TRANS phrase="URL (Optional):"> <input name="url" id="url" value="<TMPL_VAR NAME=URL>" />
 <input type="submit" name="save" value="<MT_TRANS phrase="Add Recipient">" />
 <input type="button" name="cancel" value="<MT_TRANS phrase="Cancel">" onclick="cancelCreateMode(); return false" />
 </p>
--- tmpl/cms/list_commenters.tmpl.orig	2006-06-27 14:39:15.000000000 -0500
+++ tmpl/cms/list_commenters.tmpl	2006-07-03 14:47:16.000000000 -0500
@@ -3,7 +3,7 @@
 <div id="list-commenters">
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 function enableFilterButton() {
     getByID("filter-button").style.display = "inline";
 }
@@ -50,7 +50,7 @@
 }
 	
 TC.attachLoadEvent( init );
-// -->
+//--><!]]>
 </script>
 
 <h2><span class="weblog-title-highlight"><TMPL_VAR NAME=BLOG_NAME ESCAPE=HTML>:</span> <MT_TRANS phrase="Authenticated Commenters"></h2>
--- tmpl/cms/edit_categories.tmpl.orig	2006-06-19 17:21:03.000000000 -0500
+++ tmpl/cms/edit_categories.tmpl	2006-07-03 15:04:45.000000000 -0500
@@ -3,7 +3,7 @@
 <div id="edit-categories">
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 // build array of each category's id and the header id
 var categoryRows = new Array('0'<TMPL_LOOP NAME="CATEGORY_LOOP">,'<TMPL_VAR NAME=CATEGORY_ID>'</TMPL_LOOP>);
 
@@ -26,7 +26,7 @@
             if (el.style.display != 'none') el.style.display = 'none';
         }
     }
-    document.forms['cat_form'].move_cat_id.value = '0';
+    getByID('cat_form').move_cat_id.value = '0';
 
     getByID('category-new-parent-' + id).focus();
 
@@ -74,7 +74,7 @@
 	getByID('action-col-head').style.display = 'none'; // hide header of actions column
 	getByID('delete-col-head').style.display = 'none'; // hide header of delete column
     getByID('footer-list-actions').style.display = 'none';
-	document.forms['cat_form'].move_cat_id.value = id;
+	getByID('cat_form').move_cat_id.value = id;
     for (var i = 0; i < categoryRows.length; i++) {
 		if (document.all) {
 			getByID('move-col-' + categoryRows[i]).style.display = 'block'; // show radio buttons for category rows
@@ -96,7 +96,7 @@
 }
 
 TC.attachLoadEvent( init );
-//-->
+//--><!]]>
 </script>
 
 <h2><span class="weblog-title-highlight"><TMPL_VAR NAME=BLOG_NAME ESCAPE=HTML>:</span> <MT_TRANS phrase="Categories"></h2>
--- tmpl/cms/reload_opener.tmpl.orig	2005-05-17 16:17:07.000000000 -0500
+++ tmpl/cms/reload_opener.tmpl	2006-07-03 15:11:58.000000000 -0500
@@ -1,14 +1,14 @@
-<html>
+<html xmlns="http://www.w3.org/1999/xhtml">
 <head>
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 var o = window.opener;
 if (o && o.location) {
     <TMPL_IF NAME=URL>o.location = '<TMPL_VAR NAME=URL>';</TMPL_IF>
 <TMPL_VAR NAME=JAVASCRIPT>
     window.close();
 }
-// -->
+//--><!]]>
 </script>
 </head>
 </html>
--- tmpl/cms/list_ping.tmpl.orig	2006-06-24 00:54:07.000000000 -0500
+++ tmpl/cms/list_ping.tmpl	2006-07-03 15:32:51.000000000 -0500
@@ -3,7 +3,7 @@
 <div id="list-ping">
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--`
 function enableFilterButton() {
     getByID("filter-button").style.display = "inline";
 }
@@ -53,7 +53,7 @@
 </TMPL_IF>
 }
 TC.attachLoadEvent( init );
-//-->
+//--><!]]>
 </script>
 
 <h2><span class="weblog-title-highlight"><TMPL_IF NAME=BLOG_ID><TMPL_VAR NAME=BLOG_NAME ESCAPE=HTML><TMPL_ELSE><MT_TRANS phrase="System-wide"></TMPL_IF>:</span> <MT_TRANS phrase="TrackBacks"></h2>
--- tmpl/cms/edit_placements.tmpl.orig	Sat Apr 30 02:50:18 2005
+++ tmpl/cms/edit_placements.tmpl	Sat Apr 30 13:49:48 2005
@@ -1,8 +1,7 @@
 <TMPL_INCLUDE NAME="header-popup.tmpl">
 
 <script type="text/javascript">
-<!--
-
+<!--//--><![CDATA[//><!--
 function move (from, to) {
     var fbox = new Array();
     var tbox = new Array();
@@ -49,8 +48,7 @@
     for (i=0; i<s.length; i++)
         s.options[i].selected = 1;
 }
-
-//-->
+//--><!]]>
 </script>
 
 <form method="post" action="<TMPL_VAR NAME=SCRIPT_URL>" onsubmit="select_all(this.category_id)">
--- tmpl/cms/cfg_prefs.tmpl.orig	2006-06-26 00:50:04.000000000 -0500
+++ tmpl/cms/cfg_prefs.tmpl	2006-07-03 15:45:44.000000000 -0500
@@ -3,7 +3,7 @@
 <div id="cfg-prefs">
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 function doRemoveLicense () {
     document.cfg_form.cc_license.value = '';
     var e = getByID('has-license');
@@ -22,7 +22,7 @@
     }
     return true;
 }
-//-->
+//--><!]]>
 </script>
 
 <h2><span class="weblog-title-highlight"><TMPL_VAR NAME=BLOG_NAME ESCAPE=HTML>:</span> <MT_TRANS phrase="General Settings"></h2>
--- tmpl/cms/bm_entry.tmpl.orig	2006-06-24 00:54:07.000000000 -0500
+++ tmpl/cms/bm_entry.tmpl	2006-07-03 16:04:47.000000000 -0500
@@ -1,7 +1,7 @@
 <TMPL_INCLUDE NAME="header-popup.tmpl">
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 var active_blog;
 
 function onClickHandler(evt) {
@@ -225,7 +225,7 @@
 
 TC.attachLoadEvent( init );
 
-//-->
+//--><!]]>
 </script>
 
 <div id="quickpost">
@@ -303,20 +303,6 @@
 <div class="field-header">
 <div class="field-label"><label for="text"><MT_TRANS phrase="Entry Body"></label></div>
 <div class="field-buttons">
-<script type="text/javascript">
-<!--
-if (canFormat) {
-    with (document) {
-        write('<a title="<MT_TRANS phrase="Bold">" href="#" onclick="return formatStr(document.entry_form.text, \'strong\')"><img src="<TMPL_VAR NAME=STATIC_URI>images/html-bold.gif" alt="<MT_TRANS phrase="Bold">" width="22" height="16" /></a>');
-        write('<a title="<MT_TRANS phrase="Italic">" href="#" onclick="return formatStr(document.entry_form.text, \'em\')"><img src="<TMPL_VAR NAME=STATIC_URI>images/html-italic.gif" alt="<MT_TRANS phrase="Italic">" width="22" height="16" /></a>');
-        write('<a title="<MT_TRANS phrase="Underline">" href="#" onclick="return formatStr(document.entry_form.text, \'u\')"><img src="<TMPL_VAR NAME=STATIC_URI>images/html-underline.gif" alt="<MT_TRANS phrase="Underline">" width="22" height="16" /></a>');
-        write('<a title="<MT_TRANS phrase="Insert Link">" href="#" onclick="return insertLink(document.entry_form.text)"><img src="<TMPL_VAR NAME=STATIC_URI>images/html-link.gif" alt="<MT_TRANS phrase="Insert Link">" width="22" height="16" /></a>');
-        write('<a title="<MT_TRANS phrase="Insert Email Link">" href="#" onclick="return insertLink(document.entry_form.text, 1)"><img src="<TMPL_VAR NAME=STATIC_URI>images/html-email.gif" alt="<MT_TRANS phrase="Insert Email Link">" width="22" height="16" /></a>');
-        write('<a title="<MT_TRANS phrase="Quote">" href="#" onclick="return formatStr(document.entry_form.text, \'blockquote\')"><img src="<TMPL_VAR NAME=STATIC_URI>images/html-quote.gif" alt="<MT_TRANS phrase="Quote">" width="22" height="16" /></a>');
-    }
-}
-// -->
-</script>
 </div>
 </div>
 <div class="textarea-wrapper">
--- tmpl/cms/view_log.tmpl.orig	2006-06-25 20:00:43.000000000 -0500
+++ tmpl/cms/view_log.tmpl	2006-07-03 16:09:36.000000000 -0500
@@ -1,7 +1,7 @@
 <TMPL_INCLUDE NAME="header.tmpl">
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 function doResetLog(f) {
     if (confirm('<MT_TRANS phrase="Are you sure you want to reset activity log?" escape="singlequotes">')) {
         window.location='<TMPL_VAR NAME=SCRIPT_URL>?__mode=reset_log&amp;<TMPL_IF NAME=BLOG_ID>blog_id=<TMPL_VAR NAME=BLOG_ID>&amp;</TMPL_IF>magic_token=<TMPL_VAR NAME=MAGIC_TOKEN>&amp;return_args=<TMPL_VAR NAME=RETURN_ARGS ESCAPE=URL>';
@@ -49,7 +49,7 @@
 }
 
 TC.attachLoadEvent( init );
-// -->
+//--><!]]>
 </script>
 
 <h2><span class="weblog-title-highlight"><TMPL_IF NAME=BLOG_ID><TMPL_VAR NAME=BLOG_NAME ESCAPE=HTML><TMPL_ELSE><MT_TRANS phrase="System-wide"></TMPL_IF>:</span> <MT_TRANS phrase="Activity Log"></h2>
--- tmpl/cms/preview_entry.tmpl.orig	2005-05-05 07:35:27.000000000 -0500
+++ tmpl/cms/preview_entry.tmpl	2005-05-05 07:39:45.000000000 -0500
@@ -7,7 +7,7 @@
 <input type="hidden" name="__mode" value="save_entry" />
 <input type="hidden" name="magic_token" value="<TMPL_VAR NAME=MAGIC_TOKEN>" />
 <TMPL_LOOP NAME=ENTRY_LOOP>
-<input type="hidden" name="<TMPL_VAR NAME=DATA_NAME ESCAPE=HTML>" value="<TMPL_VAR NAME=DATA_VALUE ESCAPE=HTML>" />
+<textarea style="display:none" readonly="readonly" name="<TMPL_VAR NAME=DATA_NAME ESCAPE=HTML>"><TMPL_VAR NAME=DATA_VALUE ESCAPE=HTML></textarea>
 </TMPL_LOOP>
 
 <TMPL_VAR NAME=PREVIEW_BODY>
--- tmpl/cms/pinging.tmpl.orig	2005-04-21 23:31:32.000000000 -0500
+++ tmpl/cms/pinging.tmpl	2005-05-23 03:03:18.000000000 -0500
@@ -1,16 +1,13 @@
 <TMPL_IF NAME=IS_BM>
 <TMPL_INCLUDE NAME="header-popup.tmpl">
-<TMPL_ELSE>
-<TMPL_INCLUDE NAME="header.tmpl">
+<TMPL_ELSE><TMPL_INCLUDE NAME="header.tmpl">
 </TMPL_IF>
 
 <script type="text/javascript">
-<!--
 function doRedirect () {
-    window.location.replace('<TMPL_VAR NAME=SCRIPT_URL>?__mode=ping&blog_id=<TMPL_VAR NAME=BLOG_ID>&entry_id=<TMPL_VAR NAME=ENTRY_ID>&is_new=<TMPL_VAR NAME=IS_NEW>&old_status=<TMPL_VAR NAME=OLD_STATUS>&magic_token=<TMPL_VAR NAME=MAGIC_TOKEN>&is_bm=<TMPL_VAR NAME=IS_BM>');
+    window.location.replace('<TMPL_VAR NAME=SCRIPT_URL>?__mode=ping&amp;blog_id=<TMPL_VAR NAME=BLOG_ID>&amp;entry_id=<TMPL_VAR NAME=ENTRY_ID>&amp;is_new=<TMPL_VAR NAME=IS_NEW>&amp;old_status=<TMPL_VAR NAME=OLD_STATUS>&amp;magic_token=<TMPL_VAR NAME=MAGIC_TOKEN>&amp;is_bm=<TMPL_VAR NAME=IS_BM>');
 }
 setTimeout('doRedirect()', 1000);
-// -->
 </script>
 
 <TMPL_UNLESS NAME=IS_BM>
--- tmpl/cms/rebuilding.tmpl.orig	2006-06-05 18:24:15.000000000 -0500
+++ tmpl/cms/rebuilding.tmpl	2006-07-03 16:22:48.000000000 -0500
@@ -1,11 +1,9 @@
-<TMPL_IF NAME=IS_FULL_SCREEN>
-<TMPL_INCLUDE NAME="header.tmpl">
-<TMPL_ELSE>
-<TMPL_INCLUDE NAME="header-popup.tmpl">
+<TMPL_IF NAME=IS_FULL_SCREEN><TMPL_INCLUDE NAME="header.tmpl">
+<TMPL_ELSE><TMPL_INCLUDE NAME="header-popup.tmpl">
 </TMPL_IF>
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 function doRedirect () {
 <TMPL_IF NAME=REDIRECT_TARGET>
     window.location='<TMPL_VAR NAME=REDIRECT_TARGET>';
@@ -14,7 +12,7 @@
 </TMPL_IF>
 }
 setTimeout('doRedirect()', 200);
-// -->
+//--><!]]>
 </script>
 
 <TMPL_IF NAME=IS_FULL_SCREEN>
--- tmpl/cms/list_entry.tmpl.orig	2006-06-24 00:54:07.000000000 -0500
+++ tmpl/cms/list_entry.tmpl	2006-07-03 16:27:53.000000000 -0500
@@ -1,13 +1,11 @@
-<TMPL_IF NAME=IS_POWER_EDIT>
-<TMPL_INCLUDE NAME="header-popup.tmpl">
-<TMPL_ELSE>
-<TMPL_INCLUDE NAME="header.tmpl">
+<TMPL_IF NAME=IS_POWER_EDIT><TMPL_INCLUDE NAME="header-popup.tmpl">
+<TMPL_ELSE><TMPL_INCLUDE NAME="header.tmpl">
 </TMPL_IF>
 
 <div id="list-entry">
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 function enableFilterButton() {
     getByID("filter-button").style.display = "inline";
 }
@@ -63,7 +61,7 @@
 }
 
 TC.attachLoadEvent( init );
-// -->
+//--><!]]>
 </script>
 
 <h2><span class="weblog-title-highlight"><TMPL_IF NAME=BLOG_ID><TMPL_VAR NAME=BLOG_NAME ESCAPE=HTML><TMPL_ELSE><MT_TRANS phrase="System-wide"></TMPL_IF>:</span> <MT_TRANS phrase="Entries"></h2>
--- lib/MT/App/CMS.pm.orig	2007-01-23 17:52:24.000000000 -0600
+++ lib/MT/App/CMS.pm	2007-05-01 23:56:43.000000000 -0500
@@ -1503,7 +1503,7 @@
     my($show, $height) = @_;
     my %args = (is_bm => 1, bm_show => $show, '_type' => 'entry');
     my $uri = $app->base . $app->uri('mode' => 'view', args => \%args);
-    qq!javascript:d=document;w=window;t='';if(d.selection)t=d.selection.createRange().text;else{if(d.getSelection)t=d.getSelection();else{if(w.getSelection)t=w.getSelection()}}void(w.open('$uri&link_title='+escape(d.title)+'&link_href='+escape(d.location.href)+'&text='+escape(t),'_blank','scrollbars=yes,width=400,height=$height,status=yes,resizable=yes'))!;
+    qq!javascript:d=document;w=window;t='';if(d.selection)t=d.selection.createRange().text;else{if(d.getSelection)t=d.getSelection();else{if(w.getSelection)t=w.getSelection()}}void(w.open('$uri&amp;link_title='+escape(d.title)+'&amp;link_href='+escape(d.location.href)+'&amp;text='+escape(t),'_blank','scrollbars=yes,width=400,height=$height,status=yes,resizable=yes'))!;
 }
 
 sub apply_log_filter {
@@ -7509,12 +7509,39 @@
     $entry->convert_breaks(scalar $q->param('convert_breaks'));
     my $ctx = MT::Template::Context->new;
     $ctx->stash('entry', $entry);
+    $ctx->stash('blog_id', $blog_id);
     $ctx->stash('blog', $blog);
     my $build = MT::Builder->new;
     my $preview_code = <<'HTML';
-<p><b><$MTEntryTitle$></b></p>
-<$MTEntryBody$>
-<$MTEntryMore$>
+<MTValidate>
+<$MTInclude module="DTD"$>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>Your Comment</title>
+</head>
+<body>
+<h3 class="title"><$MTEntryTitle smarty_pants="2"$></h3>
+<div>
+<MTBlock svg_fix="1">
+<$MTEntryBody smarty_pants="2" process_tags="1"$>
+<hr />
+<$MTEntryMore smarty_pants="2" process_tags="1"$>
+</MTBlock>
+</div>
+</body>
+</html>
+</MTValidate>
+
+<MTValidateIfValid>
+<h3 class="title"><$MTEntryTitle smarty_pants="2"$></h3>
+<div>
+<MTBlock svg_fix="1">
+<$MTEntryBody smarty_pants="2"$>
+<hr />
+<$MTEntryMore smarty_pants="2"$>
+</MTBlock>
+</div>
+</MTValidateIfValid>
 HTML
     my $tokens = $build->compile($ctx, $preview_code)
         or return $app->error($app->translate(
--- tmpl/cms/edit_category.tmpl.orig	2006-06-15 19:01:18.000000000 -0500
+++ tmpl/cms/edit_category.tmpl	2006-07-03 16:33:58.000000000 -0500
@@ -3,6 +3,7 @@
 <div id="edit-category">
 
 <script type="text/javascript">
+<!--//--><![CDATA[//><!--
 function validate(form) {    
     if (form.label.value.match(/\S/,''))
         return true;
@@ -54,7 +55,7 @@
     tableSelect.rowSelect = true;
 }
 TC.attachLoadEvent( init );
-//-->
+//--><!]]>
 </script>
 
 <h2><span class="weblog-title-highlight"><TMPL_VAR NAME=BLOG_NAME ESCAPE=HTML>:</span> <MT_TRANS phrase="Edit Category">: <span class="title-highlight"><TMPL_VAR NAME=LABEL ESCAPE=HTML></span></h2>
--- tmpl/cms/edit_permissions.tmpl.orig	2006-06-24 00:54:07.000000000 -0500
+++ tmpl/cms/edit_permissions.tmpl	2006-07-03 16:43:36.000000000 -0500
@@ -1,7 +1,7 @@
 <TMPL_INCLUDE NAME="header.tmpl">
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 function addToWeblog() {
     var f = document.forms['perms'];
     var fld = f['add_role_mask'];
@@ -93,7 +93,7 @@
 
 TC.attachLoadEvent( rectifyAll );
 
-//-->
+//--><!]]>
 </script>
 
 <div id="edit-permissions" onclick="handleClick(event)">
--- tmpl/cms/edit_author.tmpl.orig	2006-06-24 00:54:07.000000000 -0500
+++ tmpl/cms/edit_author.tmpl	2006-07-03 16:46:57.000000000 -0500
@@ -1,7 +1,7 @@
 <TMPL_INCLUDE NAME="header.tmpl">
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 function reveal_api_password() {
     var pw = getByID("api_password");
     alert("<MT_TRANS phrase="Your Web services password is currently">: " + pw.value);
@@ -16,7 +16,7 @@
         hide("tag_delim_input");
     }
 }
-//-->
+//--><!]]>
 </script>
 
 <div id="edit-author">
--- tmpl/cms/cfg_archives.tmpl.orig	2006-07-03 17:10:06.000000000 -0500
+++ tmpl/cms/cfg_archives.tmpl	2006-07-03 17:11:08.000000000 -0500
@@ -3,7 +3,7 @@
 <div id="cfg-archives">
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 function setCreateMode () {
     getByID('create-inline-mapping').style.display = 'block';
 	return false;
@@ -71,7 +71,7 @@
     }
     return true;
 }
-//-->
+//--><!]]>
 </script>
 
 <h2><span class="weblog-title-highlight"><TMPL_VAR NAME=BLOG_NAME ESCAPE=HTML>:</span> <MT_TRANS phrase="Publishing Settings"></h2>
--- tmpl/cms/cfg_entries_edit_page.tmpl.orig	2006-07-03 17:13:35.000000000 -0500
+++ tmpl/cms/cfg_entries_edit_page.tmpl	2006-07-03 17:14:19.000000000 -0500
@@ -1,5 +1,5 @@
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 var customizable_fields = new Array('category','extended','excerpt','keywords','tags','authored-on','convert-breaks','basename','allow-comments','allow-pings','ping-urls');
 var custom_fields = new Array();
 <TMPL_IF NAME=DISP_PREFS_SHOW_CATEGORY>custom_fields.push('category');</TMPL_IF>
@@ -71,7 +71,7 @@
 
 	return false;
 }
-//-->
+//--><!]]>
 </script>
 
 <fieldset>
--- tmpl/cms/edit_admin_permissions.tmpl.orig	2006-07-03 17:25:35.000000000 -0500
+++ tmpl/cms/edit_admin_permissions.tmpl	2006-07-03 17:26:21.000000000 -0500
@@ -1,7 +1,7 @@
 <TMPL_INCLUDE NAME="header.tmpl">
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 function addToWeblog() {
     var f = document.forms['perms'];
     var fld = f['add_role_mask'];
@@ -93,7 +93,7 @@
 
 TC.attachLoadEvent( rectifyAll );
 
-//-->
+//--><!]]>
 </script>
 
 <div id="edit-permissions" onclick="handleClick(event)">
--- tmpl/cms/edit_blog.tmpl.orig	2006-07-03 17:27:48.000000000 -0500
+++ tmpl/cms/edit_blog.tmpl	2006-07-03 17:28:29.000000000 -0500
@@ -3,7 +3,7 @@
 <div id="edit-blog">
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 function validate (f) {
     if (!f.name.value) {
         alert('<MT_TRANS phrase="You must set your Weblog Name." escape="singlequotes">');
@@ -65,7 +65,7 @@
 
 TC.attachLoadEvent(init);
 
-//-->
+//--><!]]>
 </script>
 
 <h2><MT_TRANS phrase="New Weblog Settings"></h2>
--- tmpl/cms/edit_commenter.tmpl.orig	2006-07-03 17:30:45.000000000 -0500
+++ tmpl/cms/edit_commenter.tmpl	2006-07-03 17:31:18.000000000 -0500
@@ -2,7 +2,7 @@
 
 <TMPL_UNLESS NAME=TAB_COMMENTER>
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 var tableSelect;
 function init()
 {
@@ -11,7 +11,7 @@
         tableSelect.rowSelect = true;
 }
 TC.attachLoadEvent(init);
-// -->
+//--><!]]>
 </script>
 </TMPL_UNLESS>
 
--- tmpl/cms/entry_prefs.tmpl.orig	2006-07-03 17:36:29.000000000 -0500
+++ tmpl/cms/entry_prefs.tmpl	2006-07-03 17:37:13.000000000 -0500
@@ -3,7 +3,7 @@
 <div id="entry-prefs">
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 var customizable_fields = new Array('category','extended','excerpt','keywords','tags','authored-on','convert-breaks','basename','allow-comments','allow-pings','ping-urls');
 var custom_fields = new Array();
 <TMPL_IF NAME=DISP_PREFS_SHOW_CATEGORY>custom_fields.push('category');</TMPL_IF>
@@ -75,7 +75,7 @@
 
 	return false;
 }
-//-->
+//--><!]]>
 </script>
 
 <form method="post" action="<TMPL_VAR NAME=SCRIPT_URL>">
--- tmpl/cms/upload.tmpl.orig	2006-07-03 20:59:54.000000000 -0500
+++ tmpl/cms/upload.tmpl	2006-07-03 21:01:16.000000000 -0500
@@ -1,7 +1,7 @@
 <TMPL_INCLUDE NAME="header-popup.tmpl">
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 function setExtraPath(sel) {
    var opt = sel.options[sel.selectedIndex];
    var path = opt.getAttribute("middle_path");
@@ -9,7 +9,7 @@
    var middle = sel.form['middle_path'];
    if (middle) middle.value = path;
 }
-//-->
+//--><!]]>
 </script>
 
 <form method="post" enctype="multipart/form-data" action="<TMPL_VAR NAME=SCRIPT_URL>">
--- tmpl/cms/upgrade_runner.tmpl.orig	2006-07-03 21:57:58.000000000 -0500
+++ tmpl/cms/upgrade_runner.tmpl	2006-07-03 21:59:39.000000000 -0500
@@ -5,7 +5,7 @@
     <script type="text/javascript" src="<TMPL_VAR NAME=STATIC_URI>js/tc/json.js"></script>
 
 	<script type="text/javascript">
-	<!--
+<!--//--><![CDATA[//><!--	
     function upgradeDone(success) {
         var progress = getByID("progress-bar");
         if (progress) {
@@ -160,7 +160,7 @@
         runActions();
     }
     TC.attachLoadEvent( init );
-	//-->
+//--><!]]>
 	</script>
 </TMPL_UNLESS>
 
--- tmpl/cms/import_end.tmpl.orig	2006-07-18 00:30:22.000000000 -0500
+++ tmpl/cms/import_end.tmpl	2006-07-18 00:31:47.000000000 -0500
@@ -2,12 +2,12 @@
 </div>
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 var progress = getByID("progress-bar");
 if (progress) {
     progress.style.display = "none";
 }
-// -->
+//--><!]]>
 </script>
 
 <TMPL_IF NAME=IMPORT_SUCCESS>
--- tmpl/cms/junk_results.tmpl.orig	2006-07-18 00:33:51.000000000 -0500
+++ tmpl/cms/junk_results.tmpl	2006-07-18 00:34:34.000000000 -0500
@@ -1,7 +1,7 @@
 <TMPL_INCLUDE NAME="header.tmpl">
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 function toggle(field) {
     var flds = document.getElementsByName(field);
     if (!flds) return;
@@ -15,7 +15,7 @@
 }
 setTimeout('doRedirect()', 200);
 </TMPL_IF>
-// -->
+//--><!]]>
 </script>
 
 
--- tmpl/cms/list_author.tmpl.orig	2006-07-18 00:35:38.000000000 -0500
+++ tmpl/cms/list_author.tmpl	2006-07-18 00:36:41.000000000 -0500
@@ -3,7 +3,7 @@
 <div id="list-author">
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 var tableSelect;
 function init()
 {
@@ -12,7 +12,7 @@
 	tableSelect.rowSelect = true;
 }
 TC.attachLoadEvent( init );
-// -->
+//--><!]]>
 </script>
 
 <h2><span class="weblog-title-highlight"><MT_TRANS phrase="System-wide">: </span> <MT_TRANS phrase="Authors"></h2>
--- tmpl/cms/list_banlist.tmpl.orig	2006-07-18 00:38:04.000000000 -0500
+++ tmpl/cms/list_banlist.tmpl	2006-07-18 00:38:46.000000000 -0500
@@ -3,7 +3,7 @@
 <div id="list-banlist">
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 function setCreateMode () {
 	getByID('ip').value = '';
 	getByID('create-inline-ipban').style.display = 'block';
@@ -23,7 +23,7 @@
 }
 
 TC.attachLoadEvent( init );
-// -->
+//--><!]]>
 </script>
 
 <h2><span class="weblog-title-highlight"><TMPL_VAR NAME=BLOG_NAME ESCAPE=HTML>:</span> <MT_TRANS phrase="IP Banning Settings"></h2>
--- tmpl/cms/list_plugin.tmpl.orig	2006-07-18 00:40:54.000000000 -0500
+++ tmpl/cms/list_plugin.tmpl	2006-07-18 00:41:42.000000000 -0500
@@ -1,7 +1,7 @@
 <TMPL_INCLUDE NAME="header.tmpl">
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 var last_shown;
 var last_shown_info;
 <TMPL_IF NAME=CAN_CONFIG>
@@ -56,7 +56,7 @@
     }
     return false;
 }
-//-->
+//--><!]]>
 </script>
 
 <div id="list-plugins">
--- tmpl/cms/list_tags.tmpl.orig	2006-07-18 00:43:10.000000000 -0500
+++ tmpl/cms/list_tags.tmpl	2006-07-18 00:44:07.000000000 -0500
@@ -5,7 +5,7 @@
 <script type="text/javascript" src="<TMPL_VAR NAME=STATIC_URI>js/tc/client.js"></script>
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 var current_edit = 0;
 var old_tag_name = '';
 <TMPL_IF NAME=BLOG_ID>var tag_rename_warning = "The tag '[_2]' already exists. Are you sure you want to merge '[_1]' with '[_2]'?";
@@ -152,7 +152,7 @@
 }
 
 TC.attachLoadEvent( init );
-//-->
+//--><!]]>
 </script>
 
 <h2><span class="weblog-title-highlight"><TMPL_IF NAME=BLOG_ID><TMPL_VAR NAME=BLOG_NAME ESCAPE=HTML><TMPL_ELSE><MT_TRANS phrase="System-wide"></TMPL_IF>:</span> <MT_TRANS phrase="Tags"></h2>
--- mt-static/mt.js.orig	2007-01-23 17:52:24.000000000 -0600
+++ mt-static/mt.js	2008-01-24 15:26:10.000000000 -0600
@@ -763,3 +763,92 @@
 //These two lines are to translate phrases in list_tags.tmpl
 //trans('The tag \'[_2]\' already exists. Are you sure you want to merge \'[_1]\' with \'[_2]\'?');
 //trans('The tag \'[_2]\' already exists. Are you sure you want to merge \'[_1]\' with \'[_2]\' across all weblogs?');
+
+window.onload = function () {
+
+  var bold_button = document.createElement('a');
+  bold_button.setAttribute('title','Bold');
+  bold_button.setAttribute('href','#');
+  bold_button.setAttribute('onclick','return formatStr(document.entry_form.text, \'strong\')');
+  var bold_img = document.createElement('img');
+  bold_img.setAttribute('src','/MT-static/3.0/images/html-bold.gif');
+  bold_img.setAttribute('alt','Bold');
+  bold_img.setAttribute('width','22');
+  bold_img.setAttribute('height','16');
+  bold_button.appendChild(bold_img);
+
+  var italic_button = document.createElement('a');
+  italic_button.setAttribute('title','Italic');
+  italic_button.setAttribute('href','#');
+  italic_button.setAttribute('onclick','return formatStr(document.entry_form.text, \'em\')');
+  var italic_img = document.createElement('img');
+  italic_img.setAttribute('src','/MT-static/3.0/images/html-italic.gif');
+  italic_img.setAttribute('alt','Italic');
+  italic_img.setAttribute('width','22');
+  italic_img.setAttribute('height','16');
+  italic_button.appendChild(italic_img);
+
+  var underline_button = document.createElement('a');
+  underline_button.setAttribute('title','Underline');
+  underline_button.setAttribute('href','#');
+  underline_button.setAttribute('onclick','return formatStr(document.entry_form.text, \'u\')');
+  var underline_img = document.createElement('img');
+  underline_img.setAttribute('src','/MT-static/3.0/images/html-underline.gif');
+  underline_img.setAttribute('alt','Underline');
+  underline_img.setAttribute('width','22');
+  underline_img.setAttribute('height','16');
+  underline_button.appendChild(underline_img);
+
+  link_button = document.createElement('a');
+  link_button.setAttribute('title','Insert Link');
+  link_button.setAttribute('href','#');
+  link_button.setAttribute('onclick','return insertLink(document.entry_form.text)');
+  link_img = document.createElement('img');
+  link_img.setAttribute('src','/MT-static/3.0/images/html-link.gif');
+  link_img.setAttribute('alt','Insert Link');
+  link_img.setAttribute('width','22');
+  link_img.setAttribute('height','16');
+  link_button.appendChild(link_img);
+
+  var email_button = document.createElement('a');
+  email_button.setAttribute('title','Insert Email Link');
+  email_button.setAttribute('href','#');
+  email_button.setAttribute('onclick','return insertLink(document.entry_form.text, 1)');
+  var email_img = document.createElement('img');
+  email_img.setAttribute('src','/MT-static/3.0/images/html-email.gif');
+  email_img.setAttribute('alt','Insert Email Link');
+  email_img.setAttribute('width','22');
+  email_img.setAttribute('height','16');
+  email_button.appendChild(email_img);
+
+  var quote_button = document.createElement('a');
+  quote_button.setAttribute('title','Quote');
+  quote_button.setAttribute('href','#');
+  quote_button.setAttribute('onclick','return formatStr(document.entry_form.text, \'blockquote\')');
+  var quote_img = document.createElement('img');
+  quote_img.setAttribute('src','/MT-static/3.0/images/html-quote.gif');
+  quote_img.setAttribute('alt','Quote');
+  quote_img.setAttribute('width','22');
+  quote_img.setAttribute('height','16');
+  quote_button.appendChild(quote_img);
+
+  var div, divs = document.getElementsByTagName('div');
+  for (i=0; i < divs.length; i++ ) {
+    div = divs[i];
+    if ( div.getAttribute('class') == 'field-buttons' ) {
+      div.appendChild(bold_button.cloneNode(true));
+      div.appendChild(italic_button.cloneNode(true));
+      div.appendChild(underline_button.cloneNode(true));
+      div.appendChild(link_button.cloneNode(true));
+      div.appendChild(email_button.cloneNode(true));
+      div.appendChild(quote_button.cloneNode(true));
+      bold_button.setAttribute('onclick','return formatStr(document.entry_form.text_more, \'strong\')');
+      italic_button.setAttribute('onclick','return formatStr(document.entry_form.text_more, \'em\')');
+      underline_button.setAttribute('onclick','return formatStr(document.entry_form.text_more, \'u\')');
+      link_button.setAttribute('onclick','return insertLink(document.entry_form.text_more)');
+      email_button.setAttribute('onclick','return insertLink(document.entry_form.text_more, 1)');
+      quote_button.setAttribute('onclick','return formatStr(document.entry_form.text_more, \'blockquote\')');
+    }
+  }
+
+}
--- tmpl/cms/edit_template.tmpl.orig	2006-06-26 19:31:13.000000000 -0500
+++ tmpl/cms/edit_template.tmpl	2006-07-18 22:55:40.000000000 -0500
@@ -3,7 +3,7 @@
 <div id="edit-template">
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 var tag_inserts = {};
 <TMPL_IF NAME=TAG_INSERT_LOOP>
 <TMPL_LOOP NAME=TAG_INSERT_LOOP>
@@ -81,7 +81,7 @@
 {
     initDirty();
 }
-//-->
+//--><!]]>
 </script>
 
 <h2><span class="weblog-title-highlight"><TMPL_VAR NAME=BLOG_NAME ESCAPE=HTML>:</span> <MT_TRANS phrase="Edit Template">: <span class="title-highlight"><TMPL_VAR NAME=NAME ESCAPE=HTML></span></h2>
@@ -239,7 +239,7 @@
 </div>
 </div>
 <div class="textarea-wrapper">
-<textarea name="text" id="text" cols="72" rows="15" style="height: <TMPL_IF NAME=DISP_PREFS_HEIGHT_TEXT><TMPL_VAR NAME=DISP_PREFS_HEIGHT_TEXT><TMPL_ELSE>290</TMPL_IF>px" onchange="setDirty()" /><TMPL_VAR NAME=TEXT ESCAPE=HTML></textarea>
+<textarea name="text" id="text" cols="72" rows="15" style="height: <TMPL_IF NAME=DISP_PREFS_HEIGHT_TEXT><TMPL_VAR NAME=DISP_PREFS_HEIGHT_TEXT><TMPL_ELSE>290</TMPL_IF>px" onchange="setDirty()" ><TMPL_VAR NAME=TEXT ESCAPE=HTML></textarea>
 </div>
 <input type="hidden" name="text_height" id="text_height" value="<TMPL_IF NAME=DISP_PREFS_HEIGHT_TEXT><TMPL_VAR NAME=DISP_PREFS_HEIGHT_TEXT><TMPL_ELSE>290</TMPL_IF>" />
 </div>
--- tmpl/cms/list_template.tmpl.orig	2006-06-15 14:10:36.000000000 -0500
+++ tmpl/cms/list_template.tmpl	2006-07-18 23:15:04.000000000 -0500
@@ -1,7 +1,7 @@
 <TMPL_INCLUDE NAME="header.tmpl">
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 var indexTableSelect;
 var archiveTableSelect;
 var systemTableSelect;
@@ -17,13 +17,13 @@
 	moduleTableSelect.rowSelect = true;
 }
 TC.attachLoadEvent(init);
-//-->
+//--><!]]>
 </script>
 
 <div id="list-template">
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 function doEditTemplate (type, id) {
     var url = '<TMPL_VAR NAME=SCRIPT_URL>?__mode=view&_type=template&blog_id=<TMPL_VAR NAME=BLOG_ID>';
     if (id)
@@ -57,7 +57,7 @@
 		}
 	}
 }
-//-->
+//--><!]]>
 </script>
 
 <div id="templates-index-description"<TMPL_UNLESS NAME=TAB_INDEX> style="display: none"</TMPL_UNLESS>>
--- tmpl/cms/edit_profile.tmpl.orig	2006-06-24 00:54:07.000000000 -0500
+++ tmpl/cms/edit_profile.tmpl	2006-07-19 00:03:06.000000000 -0500
@@ -1,7 +1,7 @@
 <TMPL_INCLUDE NAME="header.tmpl">
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 function passwordResetConfirm() {
     if (confirm('<MT_TRANS phrase="_WARNING_PASSWORD_RESET_SINGLE" escape="singlequotes" params="<TMPL_VAR NAME=SELECTED_AUTHOR_NAME ESCAPE=JS>%%<TMPL_VAR NAME=EMAIL ESCAPE=JS>">')) {
         document.forms['recover'].submit();
@@ -99,7 +99,7 @@
 
 TC.attachLoadEvent( rectifyAll );
 
-//-->
+//--><!]]>
 </script>
 
 <div id="edit-permissions" onclick="handleClick(event)">
@@ -212,7 +212,7 @@
     <p><MT_TRANS phrase="_USAGE_PASSWORD_RESET" params="<TMPL_VAR NAME=EMAIL ESCAPE=HTML>"></p>
 
     <div style="text-align: center">
-        <input onclick="passwordResetConfirm()" type="button" value="<MT_TRANS phrase="Password Recovery">">
+        <input onclick="passwordResetConfirm()" type="button" value="<MT_TRANS phrase="Password Recovery">" />
     </div>
 
     </fieldset>
--- tmpl/cms/ping_table.tmpl.orig	2006-07-19 00:22:28.000000000 -0500
+++ tmpl/cms/ping_table.tmpl	2006-07-19 00:24:46.000000000 -0500
@@ -79,7 +79,7 @@
 <td><TMPL_VAR NAME=BLOG_NAME ESCAPE=HTML>: <a href="<TMPL_VAR NAME=SOURCE_URL ESCAPE=HTML>" title="<MT_TRANS phrase="Go to the source entry of this TrackBack">"><TMPL_VAR NAME=TITLE ESCAPE=HTML></a> &#187;</td>
 
 <TMPL_IF NAME=SYSTEM_OVERVIEW_NAV>
-<td><a href="<TMPL_VAR NAME=SCRIPT_URL>?__mode=list_pings&amp;blog_id=<TMPL_VAR NAME=WEBLOG_ID>"><TMPL_VAR NAME=WEBLOG_NAME ESCAPE=HTML></td>
+<td><a href="<TMPL_VAR NAME=SCRIPT_URL>?__mode=list_pings&amp;blog_id=<TMPL_VAR NAME=WEBLOG_ID>"><TMPL_VAR NAME=WEBLOG_NAME ESCAPE=HTML></a></td>
 </TMPL_IF>
 
 <td><a href="<TMPL_VAR NAME=TARGET_LINK ESCAPE=HTML>" title="<MT_TRANS phrase="View the [_1] for this TrackBack" params="<TMPL_VAR NAME=TARGET_TYPE>">"><TMPL_VAR NAME=TARGET_TITLE ESCAPE=HTML></a></td>
--- tmpl/cms/system_list_blog.tmpl.orig	2006-07-18 00:47:19.000000000 -0500
+++ tmpl/cms/system_list_blog.tmpl	2006-07-19 00:32:52.000000000 -0500
@@ -1,7 +1,7 @@
 <TMPL_INCLUDE NAME="header.tmpl">
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 function doRemoveBlog(id) {
     if (confirm("<MT_TRANS phrase="Are you sure you want to delete this weblog?">")) {
         var f = getByID('delete_blog');
@@ -20,7 +20,7 @@
 }
 
 TC.attachLoadEvent( init );
-//-->
+//--><!]]>
 </script> 
 
 <h2><span class="weblog-title-highlight"><MT_TRANS phrase="System-wide">:</span> <MT_TRANS phrase="Weblogs"></h2>
@@ -88,7 +88,7 @@
 
 <TMPL_LOOP NAME=BLOG_LOOP>
 <tr class="<TMPL_IF __ODD__>odd<TMPL_ELSE>even</TMPL_IF>">
-<td class="cb"><input type="checkbox" name="id" value="<TMPL_VAR NAME=ID>" class="select" />
+<td class="cb"><input type="checkbox" name="id" value="<TMPL_VAR NAME=ID>" class="select" /></td>
 <td><a href="?__mode=menu&amp;blog_id=<TMPL_VAR NAME=ID>"><TMPL_VAR NAME=NAME ESCAPE=HTML></a></td>
 <td align="right"><TMPL_IF NAME=CAN_EDIT_ENTRIES><a href="<TMPL_VAR NAME=SCRIPT_URL>?__mode=list_entries&amp;blog_id=<TMPL_VAR NAME=ID>"><TMPL_VAR NAME=NUM_ENTRIES></a><TMPL_ELSE><TMPL_VAR NAME=NUM_ENTRIES></TMPL_IF></td>
 <td align="right"><TMPL_IF NAME=CAN_EDIT_ENTRIES><a href="<TMPL_VAR NAME=SCRIPT_URL>?__mode=list_comments&amp;blog_id=<TMPL_VAR NAME=ID>"><TMPL_VAR NAME=NUM_COMMENTS></a><TMPL_ELSE><TMPL_VAR NAME=NUM_COMMENTS></TMPL_IF></td>
--- tmpl/cms/entry_table.tmpl.orig	2006-07-19 00:37:14.000000000 -0500
+++ tmpl/cms/entry_table.tmpl	2006-07-19 00:47:07.000000000 -0500
@@ -9,7 +9,7 @@
 <input type="hidden" name="blog_id" value="<TMPL_VAR NAME=BLOG_ID>" />
 <input type="hidden" name="offset" value="<TMPL_VAR NAME=OFFSET>" />
 <input type="hidden" name="limit" value="<TMPL_VAR NAME=LIMIT>" />
-<input type="hidden" name="filter_args" value="<TMPL_VAR NAME=FILTER_ARGS>" />
+<input type="hidden" name="filter_args" value="<TMPL_VAR NAME=FILTER_ARGS ESCAPE=HTML>" />
 <input type="hidden" name="return_args" value="tab=entry&amp;<TMPL_VAR NAME=RETURN_ARGS ESCAPE=HTML>" />
 <input type="hidden" name="magic_token" value="<TMPL_VAR NAME=MAGIC_TOKEN>" />
 <input type="hidden" name="action_name" value="" />
@@ -112,7 +112,7 @@
 </td>
 
 <TMPL_IF NAME=SYSTEM_OVERVIEW_NAV>
-<td><a href="<TMPL_VAR NAME=SCRIPT_URL>?__mode=list_entries&amp;blog_id=<TMPL_VAR NAME=WEBLOG_ID>"><TMPL_VAR NAME=WEBLOG_NAME ESCAPE=HTML></td>
+<td><a href="<TMPL_VAR NAME=SCRIPT_URL>?__mode=list_entries&amp;blog_id=<TMPL_VAR NAME=WEBLOG_ID>"><TMPL_VAR NAME=WEBLOG_NAME ESCAPE=HTML></a></td>
 </TMPL_IF>
 
 <td>
--- tmpl/cms/error.tmpl.orig	2006-07-19 01:25:15.000000000 -0500
+++ tmpl/cms/error.tmpl	2006-07-19 01:25:57.000000000 -0500
@@ -6,7 +6,7 @@
 
 <div align="center">
 <input type="button" onclick="window.close()" value="<MT_TRANS phrase="Close">" />
-<input type="button" onclick="<TMPL_VAR NAME=GOBACK>" value="<MT_TRANS phrase="Go Back">" />
+<input type="button" onclick="<TMPL_VAR NAME=GOBACK ESCAPE=HTML>" value="<MT_TRANS phrase="Go Back">" />
 </div>
 
 <TMPL_INCLUDE NAME="footer-popup.tmpl">
--- tmpl/cms/search_replace.tmpl.orig	2006-06-24 20:43:26.000000000 -0500
+++ tmpl/cms/search_replace.tmpl	2006-07-19 09:50:05.000000000 -0500
@@ -1,7 +1,7 @@
 <TMPL_INCLUDE NAME="header.tmpl">
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 var tableSelect;
 function init()
 {
@@ -44,28 +44,28 @@
 }
 
 function reSearch(type) {
-    if (type && (document.search_form['_type'].value != type)) {
-        if (document.search_form['orig_search'] && 
-            document.search_form['orig_search'].value != '') {
-            document.search_form['do_search'].value = '1';
+    if (type && (getByID('_type').value != type)) {
+        if (getByID('orig_search') && 
+            getByID('orig_search').value != '') {
+            getByID('do_search').value = '1';
         }
-        document.search_form['_type'].value = type;
-        document.search_form.submit();
+        getByID('_type').value = type;
+        getByID('sf').submit();
     }
     return false;
 }
 
 function unLimit(newLimit) {
-    document.search_form['limit'].value = newLimit;
-    document.search_form['do_search'].value = '1';
-    document.search_form.submit();
+    getByID('limit').value = newLimit;
+    getByID('do_search').value = '1';
+    getByID('sf').submit();
     return false;
 }
 
 function doSearch() {
-    document.search_form['limit'].value = '';
-    document.search_form['do_search'].value = '1';
-    document.search_form.submit();
+    getByID('limit').value = '';
+    getByID('do_search').value = '1';
+    getByID('sf').submit();
 }
 
 function doReplace() {
@@ -81,9 +81,9 @@
         }
     }
     if (ids.length) {
-        document.search_form['replace_ids'].value = ids.join(',');
-        document.search_form['do_replace'].value = '1';
-        document.search_form.submit();
+        getByID('replace_ids').value = ids.join(',');
+        getByID('do_replace').value = '1';
+        getByID('sf').submit();
     } else {
         alert("<MT_TRANS phrase="You must select one or more item to replace.">");
     }
@@ -126,7 +126,7 @@
 		}
 	}
 }
-//-->
+//--><!]]>
 </script>
 
 <div id="search-replace">
@@ -136,21 +136,21 @@
 <p class="page-desc"><MT_TRANS phrase="_USAGE_SEARCH"></p>
 
 <div id="search-form">
-<form name="search_form" method="post" action="<TMPL_VAR NAME=SCRIPT_URL>" onsubmit="doSearch()">
+<form name="search_form" id="sf" method="post" action="<TMPL_VAR NAME=SCRIPT_URL>" onsubmit="doSearch()">
 <input type="hidden" name="__mode" value="search_replace" />
-<input type="hidden" name="_type" value="<TMPL_VAR NAME=SEARCH_TYPE>" />
-<input type="hidden" name="limit" value="<TMPL_UNLESS NAME=LIMIT_ALL><TMPL_VAR NAME=LIMIT></TMPL_UNLESS>" />
+<input type="hidden" name="_type" id="_type" value="<TMPL_VAR NAME=SEARCH_TYPE>" />
+<input type="hidden" name="limit" id="limit" value="<TMPL_UNLESS NAME=LIMIT_ALL><TMPL_VAR NAME=LIMIT></TMPL_UNLESS>" />
 <TMPL_IF NAME=BLOG_ID>
 <input type="hidden" name="blog_id" value="<TMPL_VAR NAME=BLOG_ID>" />
 </TMPL_IF>
 <TMPL_IF NAME=SEARCHED><TMPL_IF NAME=SEARCH>
-<input type="hidden" name="orig_search" value="<TMPL_VAR NAME=SEARCH ESCAPE=HTML>" /></TMPL_IF>
+<input type="hidden" name="orig_search" id="orig_search" value="<TMPL_VAR NAME=SEARCH ESCAPE=HTML>" /></TMPL_IF>
 </TMPL_IF>
 <input type="hidden" name="magic_token" value="<TMPL_VAR NAME=MAGIC_TOKEN>" />
 <input type="hidden" name="return_args" value="<TMPL_IF NAME=SEARCH>search=<TMPL_VAR NAME=SEARCH ESCAPE=HTML>&amp;</TMPL_IF><TMPL_VAR NAME=RETURN_ARGS ESCAPE=HTML>" />
-<input type="hidden" name="replace_ids" value="" />
-<input type="hidden" name="do_search" value="" />
-<input type="hidden" name="do_replace" value="" />
+<input type="hidden" name="replace_ids" id="replace_ids" value="" />
+<input type="hidden" name="do_search" id="do_search" value="" />
+<input type="hidden" name="do_replace" id="do_replace" value="" />
 
 <div class="tabs">
 <ul>
--- tmpl/cms/edit_entry.tmpl.orig	2006-06-27 20:31:56.000000000 -0500
+++ tmpl/cms/edit_entry.tmpl	2006-07-19 22:11:04.000000000 -0500
@@ -8,7 +8,7 @@
 <script type="text/javascript" src="<TMPL_VAR NAME=STATIC_URI>js/tc/client.js"></script>
 </TMPL_IF>
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 var tag_delim = '<TMPL_VAR NAME=AUTH_PREF_TAG_DELIM>';
 var fieldsToWatch = ['title', 'text', 'text_more', 'excerpt', 'keywords', 'tags'];
 var fieldStorage = {};
@@ -320,8 +320,7 @@
 
     return true;
 }
-
-//-->
+//--><!]]>
 </script>
 
 <TMPL_IF NAME=NEW_OBJECT>
@@ -339,7 +338,7 @@
 </TMPL_IF>
 
 <TMPL_IF NAME=PING_ERRORS>
-<div class="error-message"><MT_TRANS phrase="One or more errors occurred when sending update pings or TrackBacks."> <TMPL_IF NAME=CAN_VIEW_LOG><MT_TRANS phrase="_USAGE_VIEW_LOG" params="<TMPL_VAR NAME=SCRIPT_URL>?__mode=view_log&amp;blog_id=<TMPL_VAR NAME=BLOG_ID>"></TMPL_IF></div>
+<div class="error-message"><MT_TRANS phrase="One or more errors occurred when sending update pings or TrackBacks."> <TMPL_IF NAME=CAN_VIEW_LOG><MT_TRANS phrase="_USAGE_VIEW_LOG" params="<TMPL_VAR NAME=SCRIPT_URL>?__mode=view_log&amp;amp;;blog_id=<TMPL_VAR NAME=BLOG_ID>"></TMPL_IF></div>
 </TMPL_IF>
 
 <TMPL_IF NAME=SAVED_PREFS>
@@ -530,26 +529,8 @@
 <div class="field-wrapper">
 <div class="field-buttons">
 <div class="field-buttons-formatting">
-<script type="text/javascript">
-if (canFormat) {
-    with (document) {
-        write('<img title="<MT_TRANS phrase="Bold">" onclick="return formatStr(document.entry_form.text, \'strong\')" src="<TMPL_VAR NAME=STATIC_URI>images/formatting-icons/bold.gif" alt="<MT_TRANS phrase="Bold">" width="26" height="19" />');
-        write('<img title="<MT_TRANS phrase="Italic">" onclick="return formatStr(document.entry_form.text, \'em\')" src="<TMPL_VAR NAME=STATIC_URI>images/formatting-icons/italic.gif" alt="<MT_TRANS phrase="Italic">" width="26" height="19" />');
-        write('<img title="<MT_TRANS phrase="Underline">" onclick="return formatStr(document.entry_form.text, \'u\')" src="<TMPL_VAR NAME=STATIC_URI>images/formatting-icons/underline.gif" alt="<MT_TRANS phrase="Underline">" width="26" height="19" />');
-        write('<img title="<MT_TRANS phrase="Insert Link">" onclick="return insertLink(document.entry_form.text)" src="<TMPL_VAR NAME=STATIC_URI>images/formatting-icons/link.gif" alt="<MT_TRANS phrase="Insert Link">" width="26" height="19" />');
-        write('<img title="<MT_TRANS phrase="Insert Email Link">" onclick="return insertLink(document.entry_form.text, 1)" src="<TMPL_VAR NAME=STATIC_URI>images/formatting-icons/email.gif" alt="<MT_TRANS phrase="Insert Email Link">" width="26" height="19" />');
-        write('<img title="<MT_TRANS phrase="Quote">" onclick="return formatStr(document.entry_form.text, \'blockquote\')" src="<TMPL_VAR NAME=STATIC_URI>images/formatting-icons/quote.gif" alt="<MT_TRANS phrase="Quote">" width="26" height="19" />');
-    }
-}
-</script>
 </div>
 <div class="field-buttons-resizing">
-<script type="text/javascript">
-with (document) {
-    write('<img title="<MT_TRANS phrase="Bigger">" onclick="return expandEditor( \'text\', \'expand\' );" src="<TMPL_VAR NAME=STATIC_URI>images/formatting-icons/field-bigger.gif" alt="<MT_TRANS phrase="Bigger">" width="26" height="19" /></a>');
-    write('<img title="<MT_TRANS phrase="Smaller">" onclick="return expandEditor( \'text\', \'contract\' );" src="<TMPL_VAR NAME=STATIC_URI>images/formatting-icons/field-smaller.gif" alt="<MT_TRANS phrase="Smaller">" width="26" height="19" /></a>');
-}
-</script>
 </div>
 </div>
 <div class="textarea-wrapper">
@@ -568,26 +549,8 @@
 <div class="field-wrapper">
 <div class="field-buttons">
 <div class="field-buttons-formatting">
-<script type="text/javascript">
-if (canFormat) {
-    with (document) {
-        write('<img title="<MT_TRANS phrase="Bold">" onclick="return formatStr(document.entry_form.text_more, \'strong\')" src="<TMPL_VAR NAME=STATIC_URI>images/formatting-icons/bold.gif" alt="<MT_TRANS phrase="Bold">" width="26" height="19" />');
-        write('<img title="<MT_TRANS phrase="Italic">" onclick="return formatStr(document.entry_form.text_more, \'em\')" src="<TMPL_VAR NAME=STATIC_URI>images/formatting-icons/italic.gif" alt="<MT_TRANS phrase="Italic">" width="26" height="19" />');
-        write('<img title="<MT_TRANS phrase="Underline">" onclick="return formatStr(document.entry_form.text_more, \'u\')" src="<TMPL_VAR NAME=STATIC_URI>images/formatting-icons/underline.gif" alt="<MT_TRANS phrase="Underline">" width="26" height="19" />');
-        write('<img title="<MT_TRANS phrase="Insert Link">" onclick="return insertLink(document.entry_form.text_more)" src="<TMPL_VAR NAME=STATIC_URI>images/formatting-icons/link.gif" alt="<MT_TRANS phrase="Insert Link">" width="26" height="19" />');
-        write('<img title="<MT_TRANS phrase="Insert Email Link">" onclick="return insertLink(document.entry_form.text_more, 1)" src="<TMPL_VAR NAME=STATIC_URI>images/formatting-icons/email.gif" alt="<MT_TRANS phrase="Insert Email Link">" width="26" height="19" />');
-        write('<img title="<MT_TRANS phrase="Quote">" onclick="return formatStr(document.entry_form.text_more, \'blockquote\')" src="<TMPL_VAR NAME=STATIC_URI>images/formatting-icons/quote.gif" alt="<MT_TRANS phrase="Quote">" width="26" height="19" />');
-    }
-}
-</script>
 </div>
 <div class="field-buttons-resizing">
-<script type="text/javascript">
-with (document) {
-    write('<img title="<MT_TRANS phrase="Bigger">" onclick="return expandEditor( \'text_more\', \'expand\' );" src="<TMPL_VAR NAME=STATIC_URI>images/formatting-icons/field-bigger.gif" alt="<MT_TRANS phrase="Bigger">" width="26" height="19" /></a>');
-    write('<img title="<MT_TRANS phrase="Smaller">" onclick="return expandEditor( \'text_more\', \'contract\' );" src="<TMPL_VAR NAME=STATIC_URI>images/formatting-icons/field-smaller.gif" alt="<MT_TRANS phrase="Smaller">" width="26" height="19" /></a>');
-}
-</script>
 </div>
 </div>
 <div class="textarea-wrapper">
--- tmpl/cms/entry_table.tmpl.orig	2006-07-24 21:26:17.000000000 -0500
+++ tmpl/cms/entry_table.tmpl	2006-07-24 21:34:42.000000000 -0500
@@ -90,8 +90,8 @@
 
 </TMPL_IF>
 
-<TMPL_ELSE><a href="<TMPL_VAR NAME=SCRIPT_URL>?__mode=view&amp;_type=entry&amp;id=<TMPL_VAR NAME=ID>&amp;blog_id=<TMPL_VAR NAME=BLOG_ID>"><TMPL_VAR NAME=TITLE_SHORT></a>
-</TMPL_IF><TMPL_ELSE><TMPL_VAR NAME=TITLE_SHORT></TMPL_IF></TMPL_IF></td>
+<TMPL_ELSE><a href="<TMPL_VAR NAME=SCRIPT_URL>?__mode=view&amp;_type=entry&amp;id=<TMPL_VAR NAME=ID>&amp;blog_id=<TMPL_VAR NAME=BLOG_ID>"><TMPL_VAR NAME=TITLE_SHORT ESCAPE=HTML></a>
+</TMPL_IF><TMPL_ELSE><TMPL_VAR NAME=TITLE_SHORT ESCAPE=HTML></TMPL_IF></TMPL_IF></td>
 
 <TMPL_IF NAME=VIEW_EXPANDED>
 </tr><tr class="<TMPL_IF __ODD__>odd<TMPL_ELSE>even</TMPL_IF> slave"><td>&nbsp;</td><td>&nbsp;</td>
--- tmpl/cms/log_table.tmpl.orig	2006-07-28 13:01:23.000000000 -0500
+++ tmpl/cms/log_table.tmpl	2006-07-28 13:02:23.000000000 -0500
@@ -49,7 +49,7 @@
 <TMPL_IF NAME=LOG_DETAIL>
 <tr class="log-detail <TMPL_IF __ODD__>odd<TMPL_ELSE>even</TMPL_IF>" id="log-detail-<TMPL_VAR NAME=ID>">
 <td>&nbsp;</td>
-<td colspan="3"><div class="detail-inner"><TMPL_VAR NAME=LOG_DETAIL></div></td>
+<td colspan="3"><div class="detail-inner"><TMPL_VAR NAME=LOG_DETAIL ESCAPE=HTML></div></td>
 </tr>
 </TMPL_IF>
 </TMPL_LOOP>
--- tmpl/cms/cfg_simple.tmpl.orig	2006-06-24 00:54:07.000000000 -0500
+++ tmpl/cms/cfg_simple.tmpl	2006-08-16 08:02:20.000000000 -0500
@@ -5,7 +5,7 @@
 <div id="cfg-archives">
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 function validate (f) {
     if (!f.name.value) {
         alert('<MT_TRANS phrase="You must set your Weblog Name." escape="singlequotes">');
@@ -66,7 +66,7 @@
     e = getByID('no-license');
     if (e) e.style.display = 'block';
 }
-//-->
+//--><!]]>
 </script>
 
 <h2><span class="weblog-title-highlight"><TMPL_VAR NAME=BLOG_NAME ESCAPE=HTML>:</span> <MT_TRANS phrase="Settings"></h2>
@@ -311,7 +311,7 @@
 <span class="auth-status-neutral"><MT_TRANS phrase="Authentication is not enabled."></span>
 </p>
 <p>
-<input type="button" name="auth_setup" value="<MT_TRANS phrase="Setup Authentication">" onclick="window.open('<TMPL_VAR NAME=IDENTITY_SYSTEM>/handshake?url=<TMPL_VAR NAME=HANDSHAKE_RETURN ESCAPE=URL>&blog_id=<TMPL_VAR NAME=BLOG_ID>');return false"/>
+<input type="button" name="auth_setup" value="<MT_TRANS phrase="Setup Authentication">" onclick="window.open('<TMPL_VAR NAME=IDENTITY_SYSTEM>/handshake?url=<TMPL_VAR NAME=HANDSHAKE_RETURN ESCAPE=URL>&amp;blog_id=<TMPL_VAR NAME=BLOG_ID>');return false"/>
 &nbsp; <MT_TRANS phrase="Or, manually enter token:">
 <input type="text" name="remote_auth_token" value="<TMPL_VAR NAME=REMOTE_AUTH_TOKEN ESCAPE=HTML>" />
 </p>
--- tmpl/cms/cfg_feedback.tmpl.orig	2006-06-05 18:24:15.000000000 -0500
+++ tmpl/cms/cfg_feedback.tmpl	2006-08-16 08:05:15.000000000 -0500
@@ -3,7 +3,7 @@
 <div id="cfg-feedback">
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 function scoreNudge(amount) {
     var fld = getByID('junk_score_threshold');
     score = fld.value;
@@ -16,7 +16,7 @@
     fld.value = score;
     return false;
 }
-//-->
+//--><!]]>
 </script>
 
 <h2><span class="weblog-title-highlight"><TMPL_VAR NAME=BLOG_NAME ESCAPE=HTML>:</span> <MT_TRANS phrase="Feedback Settings"></h2>
@@ -132,7 +132,7 @@
 <span class="auth-status-neutral"><MT_TRANS phrase="Authentication is not enabled."></span>
 </p>
 <p>
-<input type="button" name="auth_setup" value="<MT_TRANS phrase="Setup Authentication">" onclick="window.open('<TMPL_VAR NAME=IDENTITY_SYSTEM>/handshake?<TMPL_IF NAME=LANG>lang=<TMPL_VAR NAME=LANG>&</TMPL_IF>url=<TMPL_VAR NAME=HANDSHAKE_RETURN ESCAPE=URL>&blog_id=<TMPL_VAR NAME=BLOG_ID>');return false"/>
+<input type="button" name="auth_setup" value="<MT_TRANS phrase="Setup Authentication">" onclick="window.open('<TMPL_VAR NAME=IDENTITY_SYSTEM>/handshake?<TMPL_IF NAME=LANG>lang=<TMPL_VAR NAME=LANG>&amp;</TMPL_IF>url=<TMPL_VAR NAME=HANDSHAKE_RETURN ESCAPE=URL>&amp;blog_id=<TMPL_VAR NAME=BLOG_ID>');return false"/>
 &nbsp; <MT_TRANS phrase="Or, manually enter token:">
 <input type="text" name="remote_auth_token" value="<TMPL_VAR NAME=REMOTE_AUTH_TOKEN ESCAPE=HTML>" />
 </p>
--- tmpl/cms/menu.tmpl.orig	2006-06-12 00:21:37.000000000 -0500
+++ tmpl/cms/menu.tmpl	2006-08-17 08:08:50.000000000 -0500
@@ -3,7 +3,7 @@
 <div id="menu">
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 function welcomeMessageToggle() {
 	var text_message = getByID('welcome-message');
 	var text_edit = getByID('welcome-message-edit');
@@ -17,7 +17,7 @@
 		}
 	}
 }
-//-->
+//--><!]]>
 </script>
 
 <h2><span class="weblog-title-highlight"><TMPL_VAR NAME=BLOG_NAME ESCAPE=HTML></span></h2>
@@ -30,7 +30,7 @@
 <input type="hidden" name="blog_id" value="<TMPL_VAR NAME=BLOG_ID>" />
 <input type="hidden" name="magic_token" value="<TMPL_VAR NAME=MAGIC_TOKEN>" />
 
-<textarea id="welcome-message-text" name="welcome-message-text" rows="38" cols=20"><TMPL_IF NAME=WELCOME><TMPL_VAR NAME=WELCOME><TMPL_ELSE>&lt;h4&gt;<MT_TRANS phrase="Welcome to [_1]." params="<TMPL_VAR NAME=BLOG_NAME ESCAPE=HTML>">&lt;/h4&gt;
+<textarea id="welcome-message-text" name="welcome-message-text" rows="38" cols="20"><TMPL_IF NAME=WELCOME><TMPL_VAR NAME=WELCOME><TMPL_ELSE>&lt;h4&gt;<MT_TRANS phrase="Welcome to [_1]." params="<TMPL_VAR NAME=BLOG_NAME ESCAPE=HTML>">&lt;/h4&gt;
 
 &lt;p&gt;<MT_TRANS phrase="You can post to and manage your weblog by selecting an option from the menu located to the left of this message.">&lt;/p&gt;
 
@@ -102,7 +102,7 @@
 <img src="<TMPL_VAR NAME=STATIC_URI>images/status_icons/future.gif" alt="<MT_TRANS phrase="Scheduled">" width="9" height="9" />
 </TMPL_IF>
 </td>
-<td class="label"><TMPL_IF NAME=HAS_EDIT_ACCESS><a href="<TMPL_VAR NAME=SCRIPT_URL>?__mode=view&amp;_type=entry&amp;id=<TMPL_VAR NAME=ENTRY_ID>&amp;blog_id=<TMPL_VAR NAME=ENTRY_BLOG_ID>"><TMPL_VAR NAME=ENTRY_TITLE></a><TMPL_ELSE><TMPL_VAR NAME=ENTRY_TITLE></TMPL_IF></td>
+<td class="label"><TMPL_IF NAME=HAS_EDIT_ACCESS><a href="<TMPL_VAR NAME=SCRIPT_URL>?__mode=view&amp;_type=entry&amp;id=<TMPL_VAR NAME=ENTRY_ID>&amp;blog_id=<TMPL_VAR NAME=ENTRY_BLOG_ID>"><TMPL_VAR NAME=ENTRY_TITLE ESCAPE=HTML></a><TMPL_ELSE><TMPL_VAR NAME=ENTRY_TITLE ESCAPE=HTML></TMPL_IF></td>
 <td class="date"><TMPL_VAR NAME=ENTRY_CREATED_ON></td>
 </tr>
 </TMPL_LOOP>
--- tmpl/cms/comment_table.tmpl.orig	2006-07-19 00:17:39.000000000 -0500
+++ tmpl/cms/comment_table.tmpl	2006-08-31 15:32:15.000000000 -0500
@@ -71,7 +71,7 @@
 <TMPL_IF NAME=VIEW_EXPANDED></tr><tr class="<TMPL_IF __ODD__>odd<TMPL_ELSE>even</TMPL_IF> slave"><td>&nbsp;</td><TMPL_UNLESS NAME=TAB_JUNK><td>&nbsp;</td></TMPL_UNLESS>
 
 <td><TMPL_IF NAME=HAS_EDIT_ACCESS>
-<a href="<TMPL_VAR NAME=SCRIPT_URL>?__mode=view&amp;_type=comment&amp;id=<TMPL_VAR NAME=ID>&amp;blog_id=<TMPL_VAR NAME=BLOG_ID>" title="<MT_TRANS phrase="Edit this comment">"><MT_TRANS phrase="Edit Comment"></a><TMPL_ELSE>&nbsp;</TMPL_IF></td></td>
+<a href="<TMPL_VAR NAME=SCRIPT_URL>?__mode=view&amp;_type=comment&amp;id=<TMPL_VAR NAME=ID>&amp;blog_id=<TMPL_VAR NAME=BLOG_ID>" title="<MT_TRANS phrase="Edit this comment">"><MT_TRANS phrase="Edit Comment"></a><TMPL_ELSE>&nbsp;</TMPL_IF></td>
 
 </TMPL_IF>
 
@@ -99,7 +99,7 @@
 </TMPL_UNLESS>
 
 <TMPL_IF NAME=SYSTEM_OVERVIEW_NAV>
-<td><a href="<TMPL_VAR NAME=SCRIPT_URL>?__mode=list_comments&amp;blog_id=<TMPL_VAR NAME=WEBLOG_ID><TMPL_IF NAME=TAB_JUNK>&amp;tab=junk</TMPL_IF>"><TMPL_VAR NAME=WEBLOG_NAME ESCAPE=HTML></td>
+<td><a href="<TMPL_VAR NAME=SCRIPT_URL>?__mode=list_comments&amp;blog_id=<TMPL_VAR NAME=WEBLOG_ID><TMPL_IF NAME=TAB_JUNK>&amp;tab=junk</TMPL_IF>"><TMPL_VAR NAME=WEBLOG_NAME ESCAPE=HTML></a></td>
 </TMPL_IF>
 
 <TMPL_UNLESS NAME=MODE_VIEW_ENTRY>
--- tmpl/cms/upload_complete.tmpl.orig	2006-06-05 18:24:15.000000000 -0500
+++ tmpl/cms/upload_complete.tmpl	2006-08-31 15:41:17.000000000 -0500
@@ -1,7 +1,7 @@
 <TMPL_INCLUDE NAME="header-popup.tmpl">
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 
 function doClick (f, mode) {
 <TMPL_IF NAME=CAN_POST>
@@ -91,7 +91,7 @@
 
 </TMPL_IF>
 
-//-->
+//--><!]]>
 </script>
 
 <form action="<TMPL_VAR NAME=SCRIPT_URL>" onsubmit="return false;">
@@ -107,14 +107,14 @@
 <TMPL_IF NAME=CAN_POST>
 <p>
 <label><input type="radio" name="new_entry" value="1" checked="checked" /> <MT_TRANS phrase="Create a new entry using this uploaded file"></label> <a href="#" onclick="return openManual('file_upload', 'creating_a_new_entry')" class="help">?</a><br />
-<label><input type="radio" name="new_entry" value="0"> <MT_TRANS phrase="Show me the HTML"></label>
+<label><input type="radio" name="new_entry" value="0" /> <MT_TRANS phrase="Show me the HTML"></label>
 </p>
 </TMPL_IF>
 
 <TMPL_IF NAME=DO_THUMB>
 <h4><MT_TRANS phrase="Image Thumbnail"></h4>
 
-<p><label><input type="checkbox" name="thumb" value="1"> <MT_TRANS phrase="Create a thumbnail for this image"></label> <a href="#" onclick="return openManual('file_upload', 'creating_thumbnails')" class="help">?</a></p>
+<p><label><input type="checkbox" name="thumb" value="1" /> <MT_TRANS phrase="Create a thumbnail for this image"></label> <a href="#" onclick="return openManual('file_upload', 'creating_thumbnails')" class="help">?</a></p>
 
 <blockquote>
 
@@ -136,7 +136,7 @@
 </select>
 </p>
 
-<p><label><input type="checkbox" name="constrain" value="1" checked="checked"> <MT_TRANS phrase="Constrain proportions"></p>
+<p><label><input type="checkbox" name="constrain" value="1" checked="checked" /> <MT_TRANS phrase="Constrain proportions"></p>
 
 </blockquote>
 </TMPL_IF>
--- tmpl/cms/login.tmpl.orig	2006-06-09 18:16:03.000000000 -0500
+++ tmpl/cms/login.tmpl	2006-11-08 00:25:28.000000000 -0600
@@ -1,11 +1,10 @@
 <TMPL_IF NAME=IS_BOOKMARKLET>
 <TMPL_INCLUDE NAME="header-popup.tmpl">
-<TMPL_ELSE>
-<TMPL_INCLUDE NAME="header.tmpl">
+<TMPL_ELSE><TMPL_INCLUDE NAME="header.tmpl">
 </TMPL_IF>
 
 <script type="text/javascript">
-<!--
+<!--//--><![CDATA[//><!--
 function init() {
     var u = getByID("username");
     if (u.value != '') {
@@ -16,12 +15,12 @@
     }
 }
 TC.attachLoadEvent(init);
-//-->
+//--><!]]>
 </script>
 
 <form method="post" action="<TMPL_VAR NAME=SCRIPT_URL>">
 <TMPL_LOOP NAME=QUERY_PARAMS>
-<input type="hidden" name="<TMPL_VAR NAME=NAME ESCAPE=HTML>" value="<TMPL_VAR NAME=VALUE ESCAPE=HTML>" />
+<textarea style="display:none" readonly="readonly" name="<TMPL_VAR NAME=NAME ESCAPE=HTML>"><TMPL_VAR NAME=VALUE ESCAPE=HTML></textarea>
 </TMPL_LOOP>
 <TMPL_IF NAME=IS_BOOKMARKLET>
 <input type="hidden" name="is_bm" value="1" />
--- tmpl/cms/entry_actions.tmpl.orig	2007-07-03 14:17:07.000000000 -0500
+++ tmpl/cms/entry_actions.tmpl	2007-07-03 14:17:31.000000000 -0500
@@ -4,7 +4,6 @@
 <input type="button" value="<MT_TRANS phrase="Save">" accesskey="s" title="<MT_TRANS phrase="Save these entries (s)">" onclick="submitForm(this.form, 'save_entries')" />
 <TMPL_ELSE>
 <TMPL_IF NAME=ENTRY_EDIT>
-<input accesskey="s" type="button" value="<MT_TRANS phrase="Save">" title="<MT_TRANS phrase="Save this entry (s)">" onclick="clearDirty(); submitForm(this.form, 'save_entry'); return true" />
 <input type="submit" name="preview_entry" value="<MT_TRANS phrase="Preview">" accesskey="v" title="<MT_TRANS phrase="Preview this entry (v)">" onclick="clearDirty(); submitForm(this.form, 'preview_entry'); return true" />
 <TMPL_IF NAME=ID>
 <input accesskey="x" onclick="clearDirty(); doRemoveItems(this.form, '<MT_TRANS phrase="entry">', '<MT_TRANS phrase="entries">', false, { 'return_args': '__mode=list_entries&amp;blog_id=<TMPL_VAR NAME=BLOG_ID>' }); return true" type="button" value="<MT_TRANS phrase="Delete">" title="<MT_TRANS phrase="Delete this entry (x)">" />
--- tmpl/cms/edit_comment.tmpl.orig	2007-04-18 02:15:43.000000000 -0500
+++ tmpl/cms/edit_comment.tmpl	2007-09-27 16:21:51.000000000 -0500
@@ -23,7 +23,7 @@
 </TMPL_IF>
 </div>
 <div class="view-entry">
-<TMPL_IF NAME=ENTRY_PERMALINK><a href="<TMPL_VAR NAME=ENTRY_PERMALINK>" target="<MT_TRANS phrase="_external_link_target">"><MT_TRANS phrase="View Entry"></a></TMPL_IF>
+<TMPL_IF NAME=ENTRY_PERMALINK><a href="<TMPL_VAR NAME=SCRIPT_URL>?__mode=rebuild&amp;blog_id=<TMPL_VAR NAME=BLOG_ID>&amp;type=entry-<TMPL_VAR NAME=ENTRY_ID>"><MT_TRANS phrase="Rebuild Entry"></a>&nbsp;|&nbsp;<a href="<TMPL_VAR NAME=ENTRY_PERMALINK>" target="<MT_TRANS phrase="_external_link_target">"><MT_TRANS phrase="View Entry"></a></TMPL_IF>
 </div>
 </div>
 
@@ -179,7 +179,7 @@
 
 <div class="button-bar">
 <input name="save" type="submit" value="<MT_TRANS phrase="Save Changes">" accesskey="s" title="<MT_TRANS phrase="Save this comment (s)">" />
-<input accesskey="x" type="button" onclick="doRemoveItems(this.form, '<MT_TRANS phrase="comment">', '<MT_TRANS phrase="comments">', 'id', {'return_args' : '__mode=list_comments&blog_id=<TMPL_VAR NAME=BLOG_ID>'})" value="<MT_TRANS phrase="Delete">" title="<MT_TRANS phrase="Delete this comment (x)">" />
+<input accesskey="x" type="button" onclick="doRemoveItems(this.form, '<MT_TRANS phrase="comment">', '<MT_TRANS phrase="comments">', 'id', {'return_args' : '__mode=list_comments&amp;blog_id=<TMPL_VAR NAME=BLOG_ID>'})" value="<MT_TRANS phrase="Delete">" title="<MT_TRANS phrase="Delete this comment (x)">" />
 <TMPL_IF NAME=IS_IP_FILTER><TMPL_IF NAME=BLOG_ID>
 <input type="button" onclick="doBanIP('<TMPL_VAR NAME=FILTER_VAL>', '<TMPL_VAR NAME=BLOG_ID>', '<TMPL_VAR NAME=MAGIC_TOKEN>')" name="banip" value="<MT_TRANS phrase="Ban This IP">" />
 </TMPL_IF></TMPL_IF>
--- tmpl/cms/edit_ping.tmpl.orig	2007-04-18 02:15:43.000000000 -0500
+++ tmpl/cms/edit_ping.tmpl	2007-09-27 16:30:08.000000000 -0500
@@ -23,7 +23,7 @@
 </TMPL_IF>
 </div>
 <div class="view-entry">
-<TMPL_IF NAME=ENTRY_PERMALINK><a href="<TMPL_VAR NAME=ENTRY_PERMALINK>" target="<MT_TRANS phrase="_external_link_target">"><MT_TRANS phrase="View Entry"></a></TMPL_IF>
+<TMPL_IF NAME=ENTRY_PERMALINK><a href="<TMPL_VAR NAME=SCRIPT_URL>?__mode=rebuild&amp;blog_id=<TMPL_VAR NAME=BLOG_ID>&amp;type=entry-<TMPL_VAR NAME=ENTRY_ID>"><MT_TRANS phrase="Rebuild Entry"></a>&nbsp;|&nbsp;<a href="<TMPL_VAR NAME=ENTRY_PERMALINK>" target="<MT_TRANS phrase="_external_link_target">"><MT_TRANS phrase="View Entry"></a></TMPL_IF>
 </div>
 </div>
 
@@ -126,7 +126,7 @@
 
 <div class="button-bar">
 <input name="save" type="submit" value="<MT_TRANS phrase="Save Changes">" accesskey="s" title="<MT_TRANS phrase="Save this TrackBack (s)">" />
-<input type="button" onclick="doRemoveItems(this.form, '<MT_TRANS phrase="TrackBack">', '<MT_TRANS phrase="TrackBack">', false, { 'return_args' : '__mode=list_pings&blog_id=<TMPL_VAR NAME=BLOG_ID>'})" value="<MT_TRANS phrase="Delete">" accesskey="x" title="<MT_TRANS phrase="Delete this TrackBack (x)">" />
+<input type="button" onclick="doRemoveItems(this.form, '<MT_TRANS phrase="TrackBack">', '<MT_TRANS phrase="TrackBack">', false, { 'return_args' : '__mode=list_pings&amp;blog_id=<TMPL_VAR NAME=BLOG_ID>'})" value="<MT_TRANS phrase="Delete">" accesskey="x" title="<MT_TRANS phrase="Delete this TrackBack (x)">" />
 <TMPL_IF NAME=IS_IP_FILTER><TMPL_IF NAME=BLOG_ID>
 <input type="button" onclick="doBanIP('<TMPL_VAR NAME=FILTER_VAL>', '<TMPL_VAR NAME=BLOG_ID>', '<TMPL_VAR NAME=MAGIC_TOKEN>')" name="banip" value="<MT_TRANS phrase="Ban This IP">" />
 </TMPL_IF></TMPL_IF>
--- tmpl/cms/notification_table.tmpl.orig	2008-03-21 11:47:40.000000000 -0500
+++ tmpl/cms/notification_table.tmpl	2008-03-21 11:48:23.000000000 -0500
@@ -26,7 +26,7 @@
 <TMPL_LOOP NAME=OBJECT_LOOP>
 <tr class="<TMPL_IF __ODD__>odd<TMPL_ELSE>even</TMPL_IF>">
 <td class="cb" id="delete-<TMPL_VAR NAME=ID>"><input type="checkbox" name="id" value="<TMPL_VAR NAME=ID>" class="select" /></td>
-<td><a href="mailto:<TMPL_VAR NAME=EMAIL ESCAPE=URL>"><TMPL_VAR NAME=EMAIL ESCAPE=HTML></td>
+<td><a href="mailto:<TMPL_VAR NAME=EMAIL ESCAPE=URL>"><TMPL_VAR NAME=EMAIL ESCAPE=HTML></a></td>
 <td><TMPL_IF NAME=URL><a href="<TMPL_VAR NAME=URL>"><TMPL_VAR NAME=URL ESCAPE=HTML></a><TMPL_ELSE><TMPL_VAR NAME=URL ESCAPE=HTML></TMPL_IF></td>
 <td><span title="<TMPL_VAR NAME=CREATED_ON_TIME_FORMATTED>"><TMPL_IF NAME=CREATED_ON_RELATIVE><TMPL_IF NAME=DATES_RELATIVE><TMPL_VAR NAME=CREATED_ON_RELATIVE><TMPL_ELSE><TMPL_VAR NAME=CREATED_ON_FORMATTED></TMPL_IF><TMPL_ELSE><TMPL_VAR NAME=CREATED_ON_FORMATTED></TMPL_IF></span></td>
 </tr>
