From 2b4621b1f95c4c3e36b98b4725430f25f16cb7f5 Mon Sep 17 00:00:00 2001
From: Ryan Boren <ryan@git.wordpress.org>
Date: Thu, 1 Jun 2006 16:59:55 +0000
Subject: [PATCH] Comment nonce fixes from Mark Jaquith and mdawaffe. fixes
 #2760

git-svn-id: https://develop.svn.wordpress.org/trunk@3827 602fd350-edb4-49c9-b593-d223f7449a82
---
 wp-admin/comment.php           | 6 ++++--
 wp-admin/edit-form-comment.php | 2 +-
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/wp-admin/comment.php b/wp-admin/comment.php
index 55f4c9e2b0..c0c96ec3da 100644
--- a/wp-admin/comment.php
+++ b/wp-admin/comment.php
@@ -184,7 +184,9 @@ case 'approvecomment':
 
 case 'editedcomment':
 
-	check_admin_referer('update-comment');
+	$comment_id = (int) $_POST['comment_ID'];
+
+	check_admin_referer('update-comment_' . $comment_id);
 
 	edit_comment();
 
@@ -192,7 +194,7 @@ case 'editedcomment':
 	if (!empty($referredby)) {
 		header('Location: ' . $referredby);
 	} else {
-		header ("Location: edit.php?p=$comment_post_ID&c=1#comments");
+		header ("Location: edit.php?p=$comment_id&c=1#comments");
 	}
 
 	break;
diff --git a/wp-admin/edit-form-comment.php b/wp-admin/edit-form-comment.php
index 5b28966cfe..1f23cef700 100644
--- a/wp-admin/edit-form-comment.php
+++ b/wp-admin/edit-form-comment.php
@@ -6,7 +6,7 @@ $form_extra = "' />\n<input type='hidden' name='comment_ID' value='" . $comment-
 ?>
 
 <form name="post" action="comment.php" method="post" id="post">
-<?php wp_nonce_field('update-comment' . $comment->comment_ID) ?>
+<?php wp_nonce_field('update-comment_' . $comment->comment_ID) ?>
 <div class="wrap">
 <input type="hidden" name="user_ID" value="<?php echo $user_ID ?>" />
 <input type="hidden" name="action" value='<?php echo $form_action . $form_extra ?>' />