summaryrefslogtreecommitdiffstats
path: root/wp-comments-post.php
diff options
context:
space:
mode:
Diffstat (limited to 'wp-comments-post.php')
-rw-r--r--wp-comments-post.php12
1 files changed, 10 insertions, 2 deletions
diff --git a/wp-comments-post.php b/wp-comments-post.php
index f7d7c4f..6ce16fa 100644
--- a/wp-comments-post.php
+++ b/wp-comments-post.php
@@ -1,17 +1,25 @@
<?php
+/**
+ * Handles Comment Post to WordPress and prevents duplicate comment posting.
+ *
+ * @package @WordPress
+ */
+
if ( 'POST' != $_SERVER['REQUEST_METHOD'] ) {
header('Allow: POST');
header('HTTP/1.1 405 Method Not Allowed');
header('Content-Type: text/plain');
exit;
}
-require( dirname(__FILE__) . '/wp-config.php' );
+
+/** Sets up the WordPress Environment. */
+require( dirname(__FILE__) . '/wp-load.php' );
nocache_headers();
$comment_post_ID = (int) $_POST['comment_post_ID'];
-$status = $wpdb->get_row("SELECT post_status, comment_status FROM $wpdb->posts WHERE ID = '$comment_post_ID'");
+$status = $wpdb->get_row( $wpdb->prepare("SELECT post_status, comment_status FROM $wpdb->posts WHERE ID = %d", $comment_post_ID) );
if ( empty($status->comment_status) ) {
do_action('comment_id_not_found', $comment_post_ID);
generated by cgit (git 2.34.1) at 2024-05-04 21:03:36 +0000