Index: includes/bootstrap.inc
===================================================================
RCS file: /cvs/drupal/drupal/includes/bootstrap.inc,v
retrieving revision 1.70
diff -u -F^f -r1.70 bootstrap.inc
--- includes/bootstrap.inc	22 Oct 2005 15:14:46 -0000	1.70
+++ includes/bootstrap.inc	13 Nov 2005 09:21:09 -0000
@@ -477,7 +477,12 @@ function drupal_load($type, $name) {
   $filename = drupal_get_filename($type, $name);
 
   if ($filename) {
-    include_once "./$filename";
+    if (!variable_get('split_mode', 0) || $type != 'module') {
+      include_once "./$filename";
+    }
+    else {
+      include_once './'. variable_get('split_dir', 'split') ."/$name.module";
+    }
     $files[$type][$name] = TRUE;
 
     return TRUE;
@@ -564,7 +569,7 @@ function drupal_get_title() {
 
   if (!isset($title)) {
     // during a bootstrap, menu.inc is not included and thus we cannot provide a title
-    if (function_exists('menu_get_active_title')) {
+    if (!drupal_bootstrap()) {
       $title = check_plain(menu_get_active_title());
     }
   }
@@ -708,14 +713,12 @@ function arg($index) {
 }
 
 /**
- * Prepare a URL for use in an HTML attribute.
+ * Prepare a URL for use in an HTML attribute. Strips harmful protocols.
  *
- * We replace ( and ) with their url-encoded equivalents to prevent XSS attacks.
  */
 function check_url($uri) {
   $uri = htmlspecialchars($uri, ENT_QUOTES);
-
-  $uri = strtr($uri, array('(' => '%28', ')' => '%29'));
+  $uri = filter_xss_bad_protocol($uri, FALSE);
 
   return $uri;
 }
@@ -829,10 +832,17 @@ function drupal_is_denied($type, $mask) 
  *       the variable system and try to serve a page from the cache.
  *     DRUPAL_BOOTSTRAP_FULL: Drupal is fully loaded, validate and fix input
  *       data.
+ *
+ * @return
+ *   If no phase is given, the array of remaining phases is returned.
  */
-function drupal_bootstrap($phase) {
+function drupal_bootstrap($phase = NULL) {
   static $phases = array(DRUPAL_BOOTSTRAP_DATABASE, DRUPAL_BOOTSTRAP_SESSION, DRUPAL_BOOTSTRAP_PAGE_CACHE, DRUPAL_BOOTSTRAP_FULL);
 
+  if (!isset($phase)) {
+    return $phases;
+  }
+
   while (!is_null($current_phase = array_shift($phases))) {
     _drupal_bootstrap($current_phase);
     if ($phase == $current_phase) {
@@ -861,14 +871,20 @@ function _drupal_bootstrap($phase) {
       break;
 
     case DRUPAL_BOOTSTRAP_PAGE_CACHE:
-      require_once './includes/module.inc';
+      if (variable_get('split_mode', 0)) {
+        include_once('./'. variable_get('split_dir', 'split') .'/split.inc');
+      }
+      else {
+        require_once './includes/module.inc';
+      }
+
       // Start a page timer:
       timer_start('page');
 
       // deny access to hosts which were banned. t() is not yet available.
       if (drupal_is_denied('host', $_SERVER['REMOTE_ADDR'])) {
         header('HTTP/1.0 403 Forbidden');
-        print 'Sorry, '. $_SERVER['REMOTE_ADDR']. ' has been banned.';
+        print 'Sorry, '. $_SERVER['REMOTE_ADDR'] .' has been banned.';
         exit();
       }
 
@@ -878,7 +894,9 @@ function _drupal_bootstrap($phase) {
       break;
 
     case DRUPAL_BOOTSTRAP_FULL:
-      require_once './includes/common.inc';
+      if (!variable_get('split_mode', 0)) {
+        require_once './includes/common.inc';
+      }
       _drupal_bootstrap_full();
       break;
   }
Index: includes/common.inc
===================================================================
RCS file: /cvs/drupal/drupal/includes/common.inc,v
retrieving revision 1.491
diff -u -F^f -r1.491 common.inc
--- includes/common.inc	28 Oct 2005 01:06:36 -0000	1.491
+++ includes/common.inc	13 Nov 2005 09:21:09 -0000
@@ -556,11 +556,11 @@ function message_na() {
 function locale_initialize() {
   global $user;
 
-  if (function_exists('i18n_get_lang')) {
+  if (module_exist('i18n')) {
     return i18n_get_lang();
   }
 
-  if (function_exists('locale')) {
+  if (module_exist('locale')) {
     $languages = locale_supported_languages();
     $languages = $languages['name'];
   }
@@ -603,7 +603,7 @@ function locale_initialize() {
  */
 function t($string, $args = 0) {
   global $locale;
-  if (function_exists('locale') && $locale != 'en') {
+  if (module_exist('locale') && $locale != 'en') {
     $string = locale($string);
   }
 
@@ -831,7 +831,7 @@ function format_plural($count, $singular
   if ($count == 1) return t($singular, array("%count" => $count));
 
   // get the plural index through the gettext formula
-  $index = (function_exists('locale_get_plural')) ? locale_get_plural($count) : -1;
+  $index = module_exist('locale') ? locale_get_plural($count) : -1;
   if ($index < 0) { // backward compatibility
     return t($plural, array("%count" => $count));
   }
@@ -1343,14 +1343,16 @@ function _drupal_bootstrap_full() {
     return;
   }
   $called = 1;
-  require_once './includes/theme.inc';
-  require_once './includes/pager.inc';
-  require_once './includes/menu.inc';
-  require_once './includes/tablesort.inc';
-  require_once './includes/file.inc';
-  require_once './includes/unicode.inc';
-  require_once './includes/image.inc';
-  require_once './includes/form.inc';
+  $prefix = variable_get('split_mode', 0) ? variable_get('split_dir', 'split') : 'includes';
+  require_once "./$prefix/theme.inc";
+  require_once "./$prefix/pager.inc";
+  require_once "./$prefix/menu.inc";
+  require_once "./$prefix/tablesort.inc";
+  require_once "./$prefix/file.inc";
+  require_once "./$prefix/unicode.inc";
+  require_once "./$prefix/image.inc";
+  require_once "./$prefix/form.inc";
+  require_once "./$prefix/legacy.inc";
   // Set the Drupal custom error handler.
   set_error_handler('error_handler');
   // Emit the correct charset HTTP header.
Index: includes/module.inc
===================================================================
RCS file: /cvs/drupal/drupal/includes/module.inc,v
retrieving revision 1.69
diff -u -F^f -r1.69 module.inc
--- includes/module.inc	25 Aug 2005 21:14:16 -0000	1.69
+++ includes/module.inc	13 Nov 2005 09:21:09 -0000
@@ -118,7 +118,7 @@ function module_exist($module) {
  *   implemented in that module.
  */
 function module_hook($module, $hook) {
-  return function_exists($module .'_'. $hook);
+  return module_exist($module) && function_exists($module .'_'. $hook);
 }
 
 /**
Index: modules/node.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/node.module,v
retrieving revision 1.548
diff -u -F^f -r1.548 node.module
--- modules/node.module	13 Nov 2005 02:43:33 -0000	1.548
+++ modules/node.module	13 Nov 2005 09:21:11 -0000
@@ -1890,7 +1890,7 @@ function node_delete($nid) {
     cache_clear_all();
 
     // Remove this node from the search index if needed.
-    if (function_exists('search_wipe')) {
+    if (module_exist('search')) {
       search_wipe($node->nid, 'node');
     }
     drupal_set_message(t('%title has been deleted.', array('%title' => theme('placeholder', $node->title))));
Index: modules/system.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/system.module,v
retrieving revision 1.254
diff -u -F^f -r1.254 system.module
--- modules/system.module	13 Nov 2005 07:57:11 -0000	1.254
+++ modules/system.module	13 Nov 2005 09:21:12 -0000
@@ -861,7 +861,11 @@ function system_modules() {
     drupal_get_filename('module', $file->name, $file->filename);
     drupal_load('module', $file->name);
 
-    $file->description = module_invoke($file->name, 'help', 'admin/modules#description');
+    // can't use module_invoke here because of split
+    $function = $file->name .'_help';
+    if (function_exists($function)) {
+      $file->description = $function('admin/modules#description');
+    }
 
     $form['name'][$file->name] = array('#value' => $file->name);
     $form['description'][$file->name] = array('#value' => $file->description);
Index: modules/user.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/user.module,v
retrieving revision 1.529
diff -u -F^f -r1.529 user.module
--- modules/user.module	12 Nov 2005 11:26:16 -0000	1.529
+++ modules/user.module	13 Nov 2005 09:21:13 -0000
@@ -1275,7 +1275,7 @@ function user_edit($category = 'account'
     drupal_goto("user/$account->uid/delete");
   }
 
-  $form = _user_forms($edit, $account, $category);
+  $form = _user_forms($edit, $account, $category, 'form');
   $form['submit'] = array('#type' => 'submit', '#value' => t('Submit'), '#weight' => 30);
   if (user_access('administer users')) {
     $form['delete'] = array('#type' => 'submit', '#value' => t('Delete'), '#weight' => 31);
@@ -1903,7 +1903,7 @@ function _user_sort($a, $b) {
 /**
  * Retrieve a list of all form elements for the specified category.
  */
-function _user_forms(&$edit, $account, $category, $hook = 'form') {
+function _user_forms(&$edit, $account, $category, $hook) {
   $groups = array();
   foreach (module_list() as $module) {
     if ($data = module_invoke($module, 'user', $hook, $edit, $account, $category)) {