diff options
-rw-r--r-- | modules/comment.module | 5 | ||||
-rw-r--r-- | modules/comment/comment.module | 5 |
2 files changed, 10 insertions, 0 deletions
diff --git a/modules/comment.module b/modules/comment.module index 4c566c923..494492bb9 100644 --- a/modules/comment.module +++ b/modules/comment.module @@ -493,6 +493,11 @@ function comment_reply($nid, $pid = NULL) { // else, we'll just show the user the node they're commenting on. if ($pid) { if ($comment = db_fetch_object(db_query('SELECT c.*, u.uid, u.name AS registered_name, u.picture, u.data FROM {comments} c INNER JOIN {users} u ON c.uid = u.uid WHERE c.cid = %d AND c.status = %d', $pid, COMMENT_PUBLISHED))) { + if ($comment->nid != $nid) { + // Attempting to reply to a comment not belonging to the current nid. + drupal_set_message(t('The comment you are replying to does not exist.'), 'error'); + drupal_goto("node/$nid"); + } $comment = drupal_unpack($comment); $comment->name = $comment->uid ? $comment->registered_name : $comment->name; $output .= theme('comment_view', $comment); diff --git a/modules/comment/comment.module b/modules/comment/comment.module index 4c566c923..494492bb9 100644 --- a/modules/comment/comment.module +++ b/modules/comment/comment.module @@ -493,6 +493,11 @@ function comment_reply($nid, $pid = NULL) { // else, we'll just show the user the node they're commenting on. if ($pid) { if ($comment = db_fetch_object(db_query('SELECT c.*, u.uid, u.name AS registered_name, u.picture, u.data FROM {comments} c INNER JOIN {users} u ON c.uid = u.uid WHERE c.cid = %d AND c.status = %d', $pid, COMMENT_PUBLISHED))) { + if ($comment->nid != $nid) { + // Attempting to reply to a comment not belonging to the current nid. + drupal_set_message(t('The comment you are replying to does not exist.'), 'error'); + drupal_goto("node/$nid"); + } $comment = drupal_unpack($comment); $comment->name = $comment->uid ? $comment->registered_name : $comment->name; $output .= theme('comment_view', $comment); |