Initialize kses filters if _wp_unfiltered_html_comment nonce isn't set.

See #24752.

Built from https://develop.svn.wordpress.org/trunk@25137


git-svn-id: http://core.svn.wordpress.org/trunk@25117 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Jon Cave 2013-08-27 13:57:09 +00:00
parent e01352fe2f
commit 942a6585bd
1 changed files with 4 additions and 2 deletions

View File

@ -60,8 +60,10 @@ if ( $user->exists() ) {
$comment_author = wp_slash( $user->display_name ); $comment_author = wp_slash( $user->display_name );
$comment_author_email = wp_slash( $user->user_email ); $comment_author_email = wp_slash( $user->user_email );
$comment_author_url = wp_slash( $user->user_url ); $comment_author_url = wp_slash( $user->user_url );
if ( current_user_can( 'unfiltered_html' ) && isset( $_POST['_wp_unfiltered_html_comment'] ) ) { if ( current_user_can( 'unfiltered_html' ) ) {
if ( wp_create_nonce( 'unfiltered-html-comment_' . $comment_post_ID ) != $_POST['_wp_unfiltered_html_comment'] ) { if ( ! isset( $_POST['_wp_unfiltered_html_comment'] )
|| ! wp_verify_nonce( $_POST['_wp_unfiltered_html_comment'], 'unfiltered-html-comment_' . $comment_post_ID )
) {
kses_remove_filters(); // start with a clean slate kses_remove_filters(); // start with a clean slate
kses_init_filters(); // set up the filters kses_init_filters(); // set up the filters
} }