diff options
Diffstat (limited to 'wp-includes/comment.php')
-rw-r--r-- | wp-includes/comment.php | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/wp-includes/comment.php b/wp-includes/comment.php index 9211114..69ff8a9 100644 --- a/wp-includes/comment.php +++ b/wp-includes/comment.php @@ -181,7 +181,7 @@ function wp_allow_comment($commentdata) { $dupe .= "OR comment_author_email = '$comment_author_email' "; $dupe .= ") AND comment_content = '$comment_content' LIMIT 1"; if ( $wpdb->get_var($dupe) ) - die( __('Duplicate comment detected; it looks as though you\'ve already said that!') ); + wp_die( __('Duplicate comment detected; it looks as though you\'ve already said that!') ); // Simple flood-protection if ( $lasttime = $wpdb->get_var("SELECT comment_date_gmt FROM $wpdb->comments WHERE comment_author_IP = '$comment_author_IP' OR comment_author_email = '$comment_author_email' ORDER BY comment_date DESC LIMIT 1") ) { @@ -189,7 +189,7 @@ function wp_allow_comment($commentdata) { $time_newcomment = mysql2date('U', $comment_date_gmt); if ( ($time_newcomment - $time_lastcomment) < 15 ) { do_action('comment_flood_trigger', $time_lastcomment, $time_newcomment); - die( __('Sorry, you can only post a new comment once every 15 seconds. Slow down cowboy.') ); + wp_die( __('Sorry, you can only post a new comment once every 15 seconds. Slow down cowboy.') ); } } @@ -321,7 +321,7 @@ function wp_insert_comment($commentdata) { extract($commentdata); if ( ! isset($comment_author_IP) ) - $comment_author_IP = $_SERVER['REMOTE_ADDR']; + $comment_author_IP = preg_replace( '/[^0-9., ]/', '',$_SERVER['REMOTE_ADDR'] ); if ( ! isset($comment_date) ) $comment_date = current_time('mysql'); if ( ! isset($comment_date_gmt) ) @@ -365,7 +365,7 @@ function wp_new_comment( $commentdata ) { $commentdata['comment_post_ID'] = (int) $commentdata['comment_post_ID']; $commentdata['user_ID'] = (int) $commentdata['user_ID']; - $commentdata['comment_author_IP'] = $_SERVER['REMOTE_ADDR']; + $commentdata['comment_author_IP'] = preg_replace( '/[^0-9., ]/', '',$_SERVER['REMOTE_ADDR'] ); $commentdata['comment_agent'] = $_SERVER['HTTP_USER_AGENT']; $commentdata['comment_date'] = current_time('mysql'); |