Ticket #24752: 24752.diff
| File 24752.diff, 918 bytes (added by , 10 years ago) |
|---|
-
wp-comments-post.php
60 60 $comment_author = wp_slash( $user->display_name ); 61 61 $comment_author_email = wp_slash( $user->user_email ); 62 62 $comment_author_url = wp_slash( $user->user_url ); 63 if ( current_user_can( 'unfiltered_html' ) && isset( $_POST['_wp_unfiltered_html_comment'] ) ) { 64 if ( wp_create_nonce( 'unfiltered-html-comment_' . $comment_post_ID ) != $_POST['_wp_unfiltered_html_comment'] ) { 63 if ( current_user_can( 'unfiltered_html' ) ) { 64 if ( ! isset( $_POST['_wp_unfiltered_html_comment'] ) 65 || ! wp_verify_nonce( $_POST['_wp_unfiltered_html_comment'], 'unfiltered-html-comment_' . $comment_post_ID ) 66 ) { 65 67 kses_remove_filters(); // start with a clean slate 66 68 kses_init_filters(); // set up the filters 67 69 }