From c80bebbcd6398624c5a003b922876ea58072d5c1 Mon Sep 17 00:00:00 2001
From: ryan <ryan@1a063a9b-81f0-0310-95a4-ce76da25c4cd>
Date: Thu, 1 Jun 2006 16:58:44 +0000
Subject: [PATCH] Comment nonce fixes from Mark Jaquith and mdawaffe. fixes
 #2760

git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3826 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-admin/edit-form-comment.php | 2 +-
 wp-admin/post.php              | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/wp-admin/edit-form-comment.php b/wp-admin/edit-form-comment.php
index c37e1a273b..c6bc69137d 100644
--- a/wp-admin/edit-form-comment.php
+++ b/wp-admin/edit-form-comment.php
@@ -6,7 +6,7 @@ $form_extra = "' />\n<input type='hidden' name='comment_ID' value='" . $comment-
 ?>
 
 <form name="post" action="post.php" method="post" id="post">
-<?php wp_nonce_field('update-comment' . $comment->comment_ID) ?>
+<?php wp_nonce_field('update-comment_' . $comment->comment_ID) ?>
 <div class="wrap">
 <input type="hidden" name="user_ID" value="<?php echo $user_ID ?>" />
 <input type="hidden" name="action" value='<?php echo $form_action . $form_extra ?>' />
diff --git a/wp-admin/post.php b/wp-admin/post.php
index d608b3cd3d..64a425eba7 100644
--- a/wp-admin/post.php
+++ b/wp-admin/post.php
@@ -322,7 +322,8 @@ case 'approvecomment':
 
 case 'editedcomment':
 
-	check_admin_referer('update-comment');
+	$comment_id = (int) $_POST['comment_ID'];
+	check_admin_referer('update-comment_' . $comment_id);
 
 	edit_comment();