Changeset 3902
- Timestamp:
- 06/22/06 20:52:12 (2 years ago)
- Files:
-
- trunk/wp-content/themes/classic/comments-popup.php (modified) (1 diff)
- trunk/wp-content/themes/default/comments-popup.php (modified) (1 diff)
- trunk/wp-includes/comment-template.php (modified) (2 diffs)
- trunk/wp-includes/comment.php (modified) (2 diffs)
- trunk/wp-includes/default-filters.php (modified) (1 diff)
- trunk/wp-settings.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
trunk/wp-content/themes/classic/comments-popup.php
r3517 r3902 30 30 <?php 31 31 // this line is WordPress' motor, do not delete it. 32 $comment_author = (isset($_COOKIE['comment_author_' . COOKIEHASH])) ? trim($_COOKIE['comment_author_'. COOKIEHASH]) : ''; 33 $comment_author_email = (isset($_COOKIE['comment_author_email_'. COOKIEHASH])) ? trim($_COOKIE['comment_author_email_'. COOKIEHASH]) : ''; 34 $comment_author_url = (isset($_COOKIE['comment_author_url_'. COOKIEHASH])) ? trim($_COOKIE['comment_author_url_'. COOKIEHASH]) : ''; 32 $commenter = wp_get_current_commenter(); 33 extract($commenter); 35 34 $comments = get_approved_comments($id); 36 35 $commentstatus = get_post($id); trunk/wp-content/themes/default/comments-popup.php
r3517 r3902 30 30 <?php 31 31 // this line is WordPress' motor, do not delete it. 32 $comment_author = (isset($_COOKIE['comment_author_' . COOKIEHASH])) ? trim($_COOKIE['comment_author_'. COOKIEHASH]) : ''; 33 $comment_author_email = (isset($_COOKIE['comment_author_email_'. COOKIEHASH])) ? trim($_COOKIE['comment_author_email_'. COOKIEHASH]) : ''; 34 $comment_author_url = (isset($_COOKIE['comment_author_url_'. COOKIEHASH])) ? trim($_COOKIE['comment_author_url_'. COOKIEHASH]) : ''; 32 $commenter = wp_get_current_commenter(); 33 extract($commenter); 35 34 $comments = get_approved_comments($id); 36 35 $post = get_post($id); trunk/wp-includes/comment-template.php
r3874 r3902 274 274 global $wp_query, $withcomments, $post, $wpdb, $id, $comment, $user_login, $user_ID, $user_identity; 275 275 276 if ( is_single() || is_page() || $withcomments ) : 277 $req = get_settings('require_name_email'); 278 $comment_author = ''; 279 if ( isset($_COOKIE['comment_author_'.COOKIEHASH]) ) { 280 $comment_author = apply_filters('pre_comment_author_name', $_COOKIE['comment_author_'.COOKIEHASH]); 281 $comment_author = stripslashes($comment_author); 282 $comment_author = wp_specialchars($comment_author, true); 283 } 284 $comment_author_email = ''; 285 if ( isset($_COOKIE['comment_author_email_'.COOKIEHASH]) ) { 286 $comment_author_email = apply_filters('pre_comment_author_email', $_COOKIE['comment_author_email_'.COOKIEHASH]); 287 $comment_author_email = stripslashes($comment_author_email); 288 $comment_author_email = wp_specialchars($comment_author_email, true); 289 } 290 $comment_author_url = ''; 291 if ( isset($_COOKIE['comment_author_url_'.COOKIEHASH]) ) { 292 $comment_author_url = apply_filters('pre_comment_author_url', $_COOKIE['comment_author_url_'.COOKIEHASH]); 293 $comment_author_url = stripslashes($comment_author_url); 294 $comment_author_url = wp_specialchars($comment_author_url, true); 295 } 276 if ( ! (is_single() || is_page() || $withcomments) ) 277 return; 278 279 $req = get_settings('require_name_email'); 280 $commenter = wp_get_current_commenter(); 281 extract($commenter); 296 282 297 283 // TODO: Use API instead of SELECTs. … … 310 296 else 311 297 require( ABSPATH . 'wp-content/themes/default/comments.php'); 312 313 endif;314 298 } 315 299 trunk/wp-includes/comment.php
r3900 r3902 147 147 } 148 148 149 function sanitize_comment_cookies() { 150 if ( isset($_COOKIE['comment_author_'.COOKIEHASH]) ) { 151 $comment_author = apply_filters('pre_comment_author_name', $_COOKIE['comment_author_'.COOKIEHASH]); 152 $comment_author = stripslashes($comment_author); 153 $comment_author = wp_specialchars($comment_author, true); 154 $_COOKIE['comment_author_'.COOKIEHASH] = $comment_author; 155 } 156 157 if ( isset($_COOKIE['comment_author_email_'.COOKIEHASH]) ) { 158 $comment_author_email = apply_filters('pre_comment_author_email', $_COOKIE['comment_author_email_'.COOKIEHASH]); 159 $comment_author_email = stripslashes($comment_author_email); 160 $comment_author_email = wp_specialchars($comment_author_email, true); 161 $_COOKIE['comment_author_email_'.COOKIEHASH] = $comment_author_email; 162 } 163 164 if ( isset($_COOKIE['comment_author_url_'.COOKIEHASH]) ) { 165 $comment_author_url = apply_filters('pre_comment_author_url', $_COOKIE['comment_author_url_'.COOKIEHASH]); 166 $comment_author_url = stripslashes($comment_author_url); 167 $comment_author_url = wp_specialchars($comment_author_url, true); 168 $_COOKIE['comment_author_url_'.COOKIEHASH] = $comment_author_url; 169 } 170 } 171 149 172 function wp_allow_comment($commentdata) { 150 173 global $wpdb; … … 274 297 return false; 275 298 } 299 } 300 301 function wp_get_current_commenter() { 302 // Cookies should already be sanitized. 303 304 $comment_author = ''; 305 if ( isset($_COOKIE['comment_author_'.COOKIEHASH]) ) 306 $comment_author = $_COOKIE['comment_author_'.COOKIEHASH]; 307 308 $comment_author_email = ''; 309 if ( isset($_COOKIE['comment_author_email_'.COOKIEHASH]) ) 310 $comment_author_email = $_COOKIE['comment_author_email_'.COOKIEHASH]; 311 312 $comment_author_url = ''; 313 if ( isset($_COOKIE['comment_author_url_'.COOKIEHASH]) ) 314 $comment_author_url = $_COOKIE['comment_author_url_'.COOKIEHASH]; 315 316 return compact('comment_author', 'comment_author_email', 'comment_author_url'); 276 317 } 277 318 trunk/wp-includes/default-filters.php
r3831 r3902 128 128 add_action('do_pings', 'do_all_pings', 10, 1); 129 129 add_action('do_robots', 'do_robots'); 130 add_action('sanitize_comment_cookies', 'sanitize_comment_cookies'); 130 131 ?> trunk/wp-settings.php
r3893 r3902 205 205 $_SERVER = add_magic_quotes($_SERVER); 206 206 207 do_action('sanitize_comment_cookies'); 208 207 209 $wp_query = new WP_Query(); 208 210 $wp_rewrite = new WP_Rewrite();
