1 files changed, 7 insertions, 4 deletions

diff --git a/modules/comment.module b/modules/comment.module
index 0bcb91448..539bc9f9a 100644
--- a/modules/comment.module
+++ b/modules/comment.module
@@ -280,7 +280,7 @@ function comment_nodeapi(&$node, $op, $arg = 0) {
       $text = '';
       $comments = db_query('SELECT subject, comment, format FROM {comments} WHERE nid = %d AND status = %d', $node->nid, COMMENT_PUBLISHED);
       while ($comment = db_fetch_object($comments)) {
-        $text .= '<h2>'. check_plain($comment->subject) .'</h2>'. check_output($comment->comment, $comment->format);
+        $text .= '<h2>'. check_plain($comment->subject) .'</h2>'. check_output($comment->comment, $comment->format, FALSE);
       }
       return $text;
 
@@ -440,6 +440,7 @@ function comment_validate_form($edit) {
     // 1) Filter it into HTML
     // 2) Strip out all HTML tags
     // 3) Convert entities back to plain-text.
+	// Note: format is checked by check_output().
     $edit['subject'] = truncate_utf8(decode_entities(strip_tags(check_output($edit['comment'], $edit['format']))), 29, TRUE);
   }
 
@@ -501,7 +502,9 @@ function comment_preview($edit) {
   $comment->name = check_plain($user->name ? $user->name : $comment->name);
 
   // Preview the comment.
-  $output .= theme('comment_preview', $comment, theme('links', module_invoke_all('link', 'comment', $comment, 1)));
+  if (!form_get_errors()) {
+    $output .= theme('comment_preview', $comment, theme('links', module_invoke_all('link', 'comment', $comment, 1)));
+  }
   $output .= theme('comment_form', $edit, t('Reply'));
 
   if ($edit['pid']) {
@@ -982,7 +985,7 @@ function comment_delete($cid) {
                     t('Any replies to this comment will be lost. This action cannot be undone.'),
                     t('Delete'));
     // Show comment that is being deleted
-    $comment->comment = check_output($comment->comment, $comment->format);
+    $comment->comment = check_output($comment->comment, $comment->format, FALSE);
     $output .= theme('comment', $comment);
 
   }
@@ -1447,7 +1450,7 @@ function theme_comment_view($comment, $links = '', $visible = 1) {
 
   // Switch to folded/unfolded view of the comment
   if ($visible) {
-    $comment->comment = check_output($comment->comment, $comment->format);
+    $comment->comment = check_output($comment->comment, $comment->format, FALSE);
     $output .= theme('comment', $comment, $links);
   }
   else {