[wp-trac] Re: [WordPress Trac] #6992: Quotes in comment name prevent "awaiting moderation" display

[WordPress Trac]

#6992: Quotes in comment name prevent "awaiting moderation" display
-------------------------+--------------------------------------------------
  Reporter:  thomasperi  |        Type:  defect (bug)    
    Status:  closed      |    Priority:  normal          
 Milestone:  2.8         |   Component:  Comments        
   Version:              |    Severity:  normal          
Resolution:  fixed       |    Keywords:  has-patch commit
-------------------------+--------------------------------------------------
Changes (by westi):

  * status:  reopened => closed
  * resolution:  => fixed


Comment:

 Replying to [comment:26 Denis-de-Bernardy]:
 > Replying to [comment:24 westi]:
 > > Replying to [comment:22 Denis-de-Bernardy]:
 > > > the real issue here is sanitize_comment_cookies(), which is a bit
 too overzealous on the comment author name. we should store its original
 value (which is correctly set in the cookie) for use in the database
 query.
 > >
 > > We can just reverse the work in the one place we need the un-sanitised
 version.
 >
 > Well, unless you know a means to reverse the work done by filters,
 you're in for big surprises with the patch you just committed.

 Nope.

 We are not reversing the work done by the filters.

 The same work is done on the comment author on the way into the db so
 those filters have already been applied to the value before it was stored
 in the cookie so they should have no effect.

 We are reversing the {{{esc_attr}}} call in sanitize_comment_cookies
 function and that is all.

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/6992#comment:28>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software