Index: /branches/release-40/php/lib/function.mtcommentauthorlink.php
===================================================================
--- /branches/release-40/php/lib/function.mtcommentauthorlink.php (revision 2503)
+++ /branches/release-40/php/lib/function.mtcommentauthorlink.php (revision 2630)
@@ -10,7 +10,6 @@
     $comment = $ctx->stash('comment');
     $name = $comment['comment_author'];
-    if (!$name && isset($args['default_name'])) {
+    if (!$name && isset($args['default_name']))
         $name = $args['default_name'];
-    }
     $name or $name = $mt->translate("Anonymous");
     $email = $comment['comment_email'];
@@ -24,16 +23,17 @@
     else
         $show_url = 1;
+    $target = (isset($args['new_window']) && $args['new_window'])
+        ? ' target="_blank"' : '';
+
+    _comment_follow($args, $ctx);
 
     $cmntr = $ctx->stash('commenter');
-    if (!isset($cmntr)) {
-        if (isset($comment['comment_commenter_id'])) {
-            $cmntr = $ctx->mt->db->fetch_author($comment['comment_commenter_id']);
-        }
-    }
+    if (!isset($cmntr) && isset($comment['comment_commenter_id']))
+        $cmntr = $ctx->mt->db->fetch_author($comment['comment_commenter_id']);
 
     if ( $cmntr ) {
-        if ($cmntr['author_url']) {
-            return sprintf('<a title="%s" href="%s">%s</a>', $cmntr['author_url'], $cmntr['author_url'], $name);
-        }
+        $name = isset($cmntr['author_nickname']) ? $cmntr['author_nickname'] : $name;
+        if ($cmntr['author_url'])
+            return sprintf('<a title="%s" href="%s"%s>%s</a>', $cmntr['author_url'], $cmntr['author_url'], $target, $name);
         return $name;
     } elseif ($show_url && $url) {
@@ -44,9 +44,8 @@
         $url = strip_tags($url);
         $url = preg_replace('/>/', '&gt;', $url);
-        if ($comment['comment_id'] && !isset($args['no_redirect'])) {
-            return sprintf('<a title="%s" href="%s%s?__mode=red;id=%d">%s</a>', $url, $cgi_path, $comment_script, $comment['comment_id'], $name);
-        } else {
-            return sprintf('<a title="%s" href="%s">%s</a>', $url, $url, $name);
-        }
+        if ($comment['comment_id'] && !isset($args['no_redirect']) && !isset($args['nofollowfy']))
+            return sprintf('<a title="%s" href="%s%s?__mode=red;id=%d"%s>%s</a>', $url, $cgi_path, $comment_script, $comment['comment_id'], $target, $name);
+        else
+            return sprintf('<a title="%s" href="%s"%s>%s</a>', $url, $url, $target, $name);
     } elseif ($show_email && $email && is_valid_email($email)) {
         $email = strip_tags($email);
@@ -58,3 +57,54 @@
     }
     return $name;
+
 }
+
+function _comment_follow (&$args, $ctx) {
+    $comment = $ctx->stash('comment');
+    if (empty($comment))
+        return;
+
+    $blog = $ctx->stash('blog');
+    if (!empty($blog) && $blog['blog_nofollow_urls']) {
+        if ($blog['blog_follow_auth_links']) {
+            $cmntr = $ctx->stash('commenter');
+            if (!isset($cmntr) && isset($comment['comment_commenter_id'])) {
+                $cmntr = $ctx->mt->db->fetch_author($comment['comment_commenter_id']);
+                if (!empty($cmntr))
+                    $ctx->stash('commenter', $cmntr);
+            }
+            if (empty($cmntr) || (!empty($cmntr) && !is_trusted($cmntr, $ctx, $blog['blog_id'])))
+                $args['nofollowfy'] = 1;
+        } else {
+            $args['nofollowfy'] = 1;
+        }
+    }
+}
+
+function is_trusted ($cmntr, $ctx, $blog_id) {
+    if (empty($cmntr))
+        return false;
+
+    // commenter is superuser?
+    $perms = $ctx->mt->db->fetch_permission(array('blog_id' => 0, 'id' => $cmntr['author_id']));
+    if (!empty($perms)) {
+        $perms = $perms[0];
+        if (strstr($perms['permission_permissions'], '\'administer\''))
+            return true;
+    }
+
+    if (intval($ctx->mt->config['singlecommunity']))
+        $blog_id = 0;
+
+    // commenter has permission?
+    $perms = $ctx->mt->db->fetch_permission(array('blog_id' => $blog_id, 'id' => $cmntr['author_id']));
+    if (!empty($perms))
+        return false;
+    $perms = $perms[0];
+    if (strstr($perms['permission_restrictions'], "'comment'"))
+        return false;
+    elseif (strstr($perms['permission_permissions'], "'comment'") || strstr($perms['permission_permissions'], "'manage_feedback'"))
+        return true;
+    else
+        return false;
+}