From 942a6585bd81abdf9c86665121677ec70a1297ac Mon Sep 17 00:00:00 2001
From: Jon Cave <jon@lionsgoroar.co.uk>
Date: Tue, 27 Aug 2013 13:57:09 +0000
Subject: [PATCH] Initialize kses filters if _wp_unfiltered_html_comment nonce
 isn't set.

See #24752.

Built from https://develop.svn.wordpress.org/trunk@25137


git-svn-id: http://core.svn.wordpress.org/trunk@25117 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-comments-post.php | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/wp-comments-post.php b/wp-comments-post.php
index d400ef0b70..3be4e64c6f 100644
--- a/wp-comments-post.php
+++ b/wp-comments-post.php
@@ -60,8 +60,10 @@ if ( $user->exists() ) {
 	$comment_author       = wp_slash( $user->display_name );
 	$comment_author_email = wp_slash( $user->user_email );
 	$comment_author_url   = wp_slash( $user->user_url );
-	if ( current_user_can( 'unfiltered_html' ) && isset( $_POST['_wp_unfiltered_html_comment'] ) ) {
-		if ( wp_create_nonce( 'unfiltered-html-comment_' . $comment_post_ID ) != $_POST['_wp_unfiltered_html_comment'] ) {
+	if ( current_user_can( 'unfiltered_html' ) ) {
+		if ( ! isset( $_POST['_wp_unfiltered_html_comment'] )
+			|| ! wp_verify_nonce( $_POST['_wp_unfiltered_html_comment'], 'unfiltered-html-comment_' . $comment_post_ID )
+		) {
 			kses_remove_filters(); // start with a clean slate
 			kses_init_filters(); // set up the filters
 		}