WP Merge with revision 8075

git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@1328 7be80a69-a1ef-0310-a953-fb0f7c49ff36

1 files changed, 10 insertions, 2 deletions

diff --git a/wp-comments-post.php b/wp-comments-post.php
index f7d7c4f..6ce16fa 100644
--- a/wp-comments-post.php
+++ b/wp-comments-post.php
@@ -1,17 +1,25 @@
 <?php
+/**
+ * Handles Comment Post to WordPress and prevents duplicate comment posting.
+ *
+ * @package @WordPress
+ */
+
 if ( 'POST' != $_SERVER['REQUEST_METHOD'] ) {
 	header('Allow: POST');
 	header('HTTP/1.1 405 Method Not Allowed');
 	header('Content-Type: text/plain');
 	exit;
 }
-require( dirname(__FILE__) . '/wp-config.php' );
+
+/** Sets up the WordPress Environment. */
+require( dirname(__FILE__) . '/wp-load.php' );
 
 nocache_headers();
 
 $comment_post_ID = (int) $_POST['comment_post_ID'];
 
-$status = $wpdb->get_row("SELECT post_status, comment_status FROM $wpdb->posts WHERE ID = '$comment_post_ID'");
+$status = $wpdb->get_row( $wpdb->prepare("SELECT post_status, comment_status FROM $wpdb->posts WHERE ID = %d", $comment_post_ID) );
 
 if ( empty($status->comment_status) ) {
 	do_action('comment_id_not_found', $comment_post_ID);