WordPress.org

Make WordPress Core

Ticket #6992: 6992.3.diff

File 6992.3.diff, 2.3 KB (added by Denis-de-Bernardy, 5 years ago)

using the cookie's original value

  • wp-includes/comment.php

     
    367367 */ 
    368368function sanitize_comment_cookies() { 
    369369        if ( isset($_COOKIE['comment_author_'.COOKIEHASH]) ) { 
     370                $_COOKIE['comment_author_raw_'.COOKIEHASH] = $_COOKIE['comment_author_'.COOKIEHASH]; 
    370371                $comment_author = apply_filters('pre_comment_author_name', $_COOKIE['comment_author_'.COOKIEHASH]); 
    371372                $comment_author = stripslashes($comment_author); 
    372373                $comment_author = attr($comment_author); 
     
    374375        } 
    375376 
    376377        if ( isset($_COOKIE['comment_author_email_'.COOKIEHASH]) ) { 
     378                $_COOKIE['comment_author_email_raw_'.COOKIEHASH] = $_COOKIE['comment_author_email_'.COOKIEHASH]; 
    377379                $comment_author_email = apply_filters('pre_comment_author_email', $_COOKIE['comment_author_email_'.COOKIEHASH]); 
    378380                $comment_author_email = stripslashes($comment_author_email); 
    379381                $comment_author_email = attr($comment_author_email); 
  • wp-includes/comment-template.php

     
    824824        } else if ( empty($comment_author) ) { 
    825825                $comments = get_comments( array('post_id' => $post->ID, 'status' => 'approve', 'order' => 'ASC') ); 
    826826        } else { 
    827                 $comments = $wpdb->get_results($wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND ( comment_approved = '1' OR ( comment_author = %s AND comment_author_email = %s AND comment_approved = '0' ) ) ORDER BY comment_date_gmt", $post->ID, $comment_author, $comment_author_email)); 
     827                $comment_author_sql = !empty($_COOKIE['comment_author_raw_'.COOKIEHASH]) ? stripslashes($_COOKIE['comment_author_raw_'.COOKIEHASH]) : $comment_author; 
     828                $comment_author_email_sql = !empty($_COOKIE['comment_author_email_raw_'.COOKIEHASH]) ? stripslashes($_COOKIE['comment_author_email_raw_'.COOKIEHASH]) : $comment_author_email; 
     829                $comments = $wpdb->get_results($wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND ( comment_approved = '1' OR ( comment_author = %s AND comment_author_email = %s AND comment_approved = '0' ) ) ORDER BY comment_date_gmt", $post->ID, $comment_author_sql, $comment_author_email_sql)); 
    828830        } 
    829831 
    830832        // keep $comments for legacy's sake