diff options
| author | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2006-12-22 12:54:24 +0000 |
|---|---|---|
| committer | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2006-12-22 12:54:24 +0000 |
| commit | 4fb300c67a3442cd0209a6129d53f0f727b60743 (patch) | |
| tree | a190684f113f031dbbac1d0bf09a1202251e3524 /wp-includes/comment.php | |
| parent | 866b3a1b844041e6128e7e3c22710b49e72b99ec (diff) | |
| download | wordpress-mu-4fb300c67a3442cd0209a6129d53f0f727b60743.tar.gz wordpress-mu-4fb300c67a3442cd0209a6129d53f0f727b60743.tar.xz wordpress-mu-4fb300c67a3442cd0209a6129d53f0f727b60743.zip | |
WP Merge to rev 4661
git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@828 7be80a69-a1ef-0310-a953-fb0f7c49ff36
Diffstat (limited to 'wp-includes/comment.php')
| -rw-r--r-- | wp-includes/comment.php | 14 |
1 files changed, 6 insertions, 8 deletions
diff --git a/wp-includes/comment.php b/wp-includes/comment.php index a7bf344..c9e47cb 100644 --- a/wp-includes/comment.php +++ b/wp-includes/comment.php @@ -155,21 +155,21 @@ function sanitize_comment_cookies() { if ( isset($_COOKIE['comment_author_'.COOKIEHASH]) ) { $comment_author = apply_filters('pre_comment_author_name', $_COOKIE['comment_author_'.COOKIEHASH]); $comment_author = stripslashes($comment_author); - $comment_author = wp_specialchars($comment_author, true); + $comment_author = attribute_escape($comment_author); $_COOKIE['comment_author_'.COOKIEHASH] = $comment_author; } if ( isset($_COOKIE['comment_author_email_'.COOKIEHASH]) ) { $comment_author_email = apply_filters('pre_comment_author_email', $_COOKIE['comment_author_email_'.COOKIEHASH]); $comment_author_email = stripslashes($comment_author_email); - $comment_author_email = wp_specialchars($comment_author_email, true); + $comment_author_email = attribute_escape($comment_author_email); $_COOKIE['comment_author_email_'.COOKIEHASH] = $comment_author_email; } if ( isset($_COOKIE['comment_author_url_'.COOKIEHASH]) ) { $comment_author_url = apply_filters('pre_comment_author_url', $_COOKIE['comment_author_url_'.COOKIEHASH]); $comment_author_url = stripslashes($comment_author_url); - $comment_author_url = wp_specialchars($comment_author_url, true); + $comment_author_url = attribute_escape($comment_author_url); $_COOKIE['comment_author_url_'.COOKIEHASH] = $comment_author_url; } } @@ -204,13 +204,11 @@ function wp_allow_comment($commentdata) { $post_author = $wpdb->get_var("SELECT post_author FROM $wpdb->posts WHERE ID = '$comment_post_ID' LIMIT 1"); } - // The author and the admins get respect. if ( $userdata && is_site_admin( $userdata->user_login ) == false && ( $user_id == $post_author || $user->has_cap('level_9' ) ) ) { + // The author and the admins get respect. $approved = 1; - } - - // Everyone else's comments will be checked. - else { + } else { + // Everyone else's comments will be checked. if ( check_comment($comment_author, $comment_author_email, $comment_author_url, $comment_content, $comment_author_IP, $comment_agent, $comment_type) ) $approved = 1; else |