function comment_exists($comment_author, $comment_date) {
global $wpdb;
+ $comment_author = stripslashes($comment_author);
+ $comment_date = stripslashes($comment_date);
+
return $wpdb->get_var( $wpdb->prepare("SELECT comment_post_ID FROM $wpdb->comments
WHERE comment_author = %s AND comment_date = %s", $comment_author, $comment_date) );
}
$comment->comment_author = format_to_edit( $comment->comment_author );
$comment->comment_author_email = format_to_edit( $comment->comment_author_email );
- $comment->comment_author_url = clean_url($comment->comment_author_url);
$comment->comment_author_url = format_to_edit( $comment->comment_author_url );
+ $comment->comment_author_url = esc_url($comment->comment_author_url);
return $comment;
}
wp_enqueue_script( 'jquery-table-hotkeys' );
}
-if ( is_admin() && ('edit-comments.php' == $pagenow || 'edit.php' == $pagenow) ) {
+if ( is_admin() && isset($pagenow) && ('edit-comments.php' == $pagenow || 'edit.php' == $pagenow) ) {
if ( get_option('show_avatars') )
add_filter( 'comment_author', 'floated_admin_avatar' );
}