Changeset 25137 for trunk/src/wp-comments-post.php
- Timestamp:
- 08/27/2013 01:56:17 PM (11 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-comments-post.php
r25121 r25137 61 61 $comment_author_email = wp_slash( $user->user_email ); 62 62 $comment_author_url = wp_slash( $user->user_url ); 63 if ( current_user_can( 'unfiltered_html' ) && isset( $_POST['_wp_unfiltered_html_comment'] ) ) { 64 if ( wp_create_nonce( 'unfiltered-html-comment_' . $comment_post_ID ) != $_POST['_wp_unfiltered_html_comment'] ) { 63 if ( current_user_can( 'unfiltered_html' ) ) { 64 if ( ! isset( $_POST['_wp_unfiltered_html_comment'] ) 65 || ! wp_verify_nonce( $_POST['_wp_unfiltered_html_comment'], 'unfiltered-html-comment_' . $comment_post_ID ) 66 ) { 65 67 kses_remove_filters(); // start with a clean slate 66 68 kses_init_filters(); // set up the filters
Note: See TracChangeset
for help on using the changeset viewer.