Refuse comments for post IDs that do not exist.

git-svn-id: http://svn.automattic.com/wordpress/trunk@1854 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
rboren 2004-11-15 06:20:28 +00:00
parent 1d5e3d4f3c
commit a6f951101c
1 changed files with 8 additions and 1 deletions

View File

@ -35,8 +35,15 @@ $comment = trim($_POST['comment']);
$comment_post_ID = intval($_POST['comment_post_ID']); $comment_post_ID = intval($_POST['comment_post_ID']);
$user_ip = $_SERVER['REMOTE_ADDR']; $user_ip = $_SERVER['REMOTE_ADDR'];
if ( 'closed' == $wpdb->get_var("SELECT comment_status FROM $wpdb->posts WHERE ID = '$comment_post_ID'") ) $post_status = $wpdb->get_var("SELECT comment_status FROM $wpdb->posts WHERE ID = '$comment_post_ID'");
if ( empty($post_status) ) {
// Post does not exist. Someone is trolling. Die silently.
// (Perhaps offer pluggable rebukes? Long delays, etc.)
die();
} else if ( 'closed' == $post_status ) {
die( __('Sorry, comments are closed for this item.') ); die( __('Sorry, comments are closed for this item.') );
}
if ( get_settings('require_name_email') && ('' == $email || '' == $author) ) if ( get_settings('require_name_email') && ('' == $email || '' == $author) )
die( __('Error: please fill the required fields (name, email).') ); die( __('Error: please fill the required fields (name, email).') );