Index: comment-functions.php
===================================================================
--- comment-functions.php	(revision 2404)
+++ comment-functions.php	(working copy)
@@ -727,28 +727,29 @@
 		return false; // Check # of external links
 
 	$mod_keys = trim( get_settings('moderation_keys') );
-	if ('' == $mod_keys )
-		return true; // If moderation keys are empty
-	$words = explode("\n", $mod_keys );
+	if ('' !== $mod_keys )
+    {
+    	$words = explode("\n", $mod_keys );
 
-	foreach ($words as $word) {
-		$word = trim($word);
+	    foreach ($words as $word) {
+		    $word = trim($word);
 
-		// Skip empty lines
-		if (empty($word)) { continue; }
+    	    // Skip empty lines
+	        if (empty($word)) { continue; }
 
-		// Do some escaping magic so that '#' chars in the 
-		// spam words don't break things:
-		$word = preg_quote($word, '#');
+		    // Do some escaping magic so that '#' chars in the 
+		    // spam words don't break things:
+		    $word = preg_quote($word, '#');
 		
-		$pattern = "#$word#i"; 
-		if ( preg_match($pattern, $author) ) return false;
-		if ( preg_match($pattern, $email) ) return false;
-		if ( preg_match($pattern, $url) ) return false;
-		if ( preg_match($pattern, $comment) ) return false;
-		if ( preg_match($pattern, $user_ip) ) return false;
-		if ( preg_match($pattern, $user_agent) ) return false;
-	}
+	    	$pattern = "#$word#i"; 
+		    if ( preg_match($pattern, $author) ) return false;
+		    if ( preg_match($pattern, $email) ) return false;
+		    if ( preg_match($pattern, $url) ) return false;
+		    if ( preg_match($pattern, $comment) ) return false;
+		    if ( preg_match($pattern, $user_ip) ) return false;
+		    if ( preg_match($pattern, $user_agent) ) return false;
+        }
+    }            
 
 	// Comment whitelisting:
 	if ( 1 == get_settings('comment_whitelist')) {
@@ -760,7 +761,7 @@
 			else
 				return false;
 		} elseif( $author != '' && $email != '' ) {
-			$ok_to_comment = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_author = '$author' AND comment_author_email = '$email' and comment_approved = '1' ");
+			$ok_to_comment = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_author = '$author' AND comment_author_email = '$email' and comment_approved = '1' LIMIT 1");
 			if ( 1 == $ok_to_comment && false === strpos( $email, get_settings('moderation_keys')) )
 				return true;
 			else