X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/177fd6fefd2e3d5a0ea6591c71d660cabdb3c1a4..refs/tags/wordpress-2.6.2:/wp-comments-post.php

diff --git a/wp-comments-post.php b/wp-comments-post.php
index f7d7c4f5..96ab8947 100644
--- a/wp-comments-post.php
+++ b/wp-comments-post.php
@@ -1,17 +1,25 @@
 <?php
+/**
+ * Handles Comment Post to WordPress and prevents duplicate comment posting.
+ *
+ * @package WordPress
+ */
+
 if ( 'POST' != $_SERVER['REQUEST_METHOD'] ) {
 	header('Allow: POST');
 	header('HTTP/1.1 405 Method Not Allowed');
 	header('Content-Type: text/plain');
 	exit;
 }
-require( dirname(__FILE__) . '/wp-config.php' );
+
+/** Sets up the WordPress Environment. */
+require( dirname(__FILE__) . '/wp-load.php' );
 
 nocache_headers();
 
 $comment_post_ID = (int) $_POST['comment_post_ID'];
 
-$status = $wpdb->get_row("SELECT post_status, comment_status FROM $wpdb->posts WHERE ID = '$comment_post_ID'");
+$status = $wpdb->get_row( $wpdb->prepare("SELECT post_status, comment_status FROM $wpdb->posts WHERE ID = %d", $comment_post_ID) );
 
 if ( empty($status->comment_status) ) {
 	do_action('comment_id_not_found', $comment_post_ID);