WordPress.org
Get WordPress

Make WordPress Core

Ticket #43946: 43946.diff

File 43946.diff, 868 bytes (added by subrataemfluence, 6 years ago)

  • .php 

    diff --git a/comment.php b/comment-new.php
index 07fed81..0fa6955 100755
    old new function wp_insert_comment( $commentdata ) { 
    17511751        $comment_date_gmt = ! isset( $data['comment_date_gmt'] ) ? get_gmt_from_date( $comment_date ) : $data['comment_date_gmt'];
    17521752
    17531753        $comment_post_ID  = ! isset( $data['comment_post_ID'] )  ? 0  : $data['comment_post_ID'];
    1754         $comment_content  = ! isset( $data['comment_content'] )  ? '' : $data['comment_content'];
     1754        $comment_content  = ! isset( $data['comment_content'] )  ? '' : esc_html( $data['comment_content'] );
    17551755        $comment_karma    = ! isset( $data['comment_karma'] )    ? 0  : $data['comment_karma'];
    17561756        $comment_approved = ! isset( $data['comment_approved'] ) ? 1  : $data['comment_approved'];
    17571757        $comment_agent    = ! isset( $data['comment_agent'] )    ? '' : $data['comment_agent'];