Wordpress 2.8

[autoinstalls/wordpress.git] / wp-admin / includes / comment.php

diff --git a/wp-admin/includes/comment.php b/wp-admin/includes/comment.php
index 0fd1533d2ba3e2669797050b9174bebd056a07e2..56e181afe6807f3152754836a9ad1b5961920152 100644 (file)
--- a/wp-admin/includes/comment.php
+++ b/wp-admin/includes/comment.php
@@ -19,6 +19,9 @@
 function comment_exists($comment_author, $comment_date) {
        global $wpdb;
 
+       $comment_author = stripslashes($comment_author);
+       $comment_date = stripslashes($comment_date);
+
        return $wpdb->get_var( $wpdb->prepare("SELECT comment_post_ID FROM $wpdb->comments
                        WHERE comment_author = %s AND comment_date = %s", $comment_author, $comment_date) );
 }
@@ -86,7 +89,7 @@ function get_comment_to_edit( $id ) {
 
        $comment->comment_author = format_to_edit( $comment->comment_author );
        $comment->comment_author_email = format_to_edit( $comment->comment_author_email );
-       $comment->comment_author_url = clean_url($comment->comment_author_url);
+       $comment->comment_author_url = esc_url($comment->comment_author_url);
        $comment->comment_author_url = format_to_edit( $comment->comment_author_url );
 
        return $comment;
@@ -156,7 +159,7 @@ function enqueue_comment_hotkeys_js() {
                wp_enqueue_script( 'jquery-table-hotkeys' );
 }
 
-if ( is_admin() && ('edit-comments.php' == $pagenow || 'edit.php' == $pagenow) ) {
+if ( is_admin() && isset($pagenow) && ('edit-comments.php' == $pagenow || 'edit.php' == $pagenow) ) {
        if ( get_option('show_avatars') )
                add_filter( 'comment_author', 'floated_admin_avatar' );
 }