Don't html encode quotes in the blogname in email subjects as this is a plain text output. Fixes #9913 props tenpura.

git-svn-id: https://develop.svn.wordpress.org/trunk@12388 602fd350-edb4-49c9-b593-d223f7449a82

wp-includes/pluggable.php

@@ -977,7 +977,9 @@ function wp_notify_postauthor($comment_id, $comment_type='') {
 
 	$comment_author_domain = @gethostbyaddr($comment->comment_author_IP);
 	
-	$blogname = get_option('blogname');
+	// The blogname option is escaped with esc_html on the way into the database in sanitize_option
+	// we want to reverse this for the plain text arena of emails.
+	$blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
 
 	if ( empty( $comment_type ) ) $comment_type = 'comment';
 
@@ -1068,6 +1070,10 @@ function wp_notify_moderator($comment_id) {
 	$comment_author_domain = @gethostbyaddr($comment->comment_author_IP);
 	$comments_waiting = $wpdb->get_var("SELECT count(comment_ID) FROM $wpdb->comments WHERE comment_approved = '0'");
 	
+	// The blogname option is escaped with esc_html on the way into the database in sanitize_option
+	// we want to reverse this for the plain text arena of emails.
+	$blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
+	
 	switch ($comment->comment_type)
 	{
 		case 'trackback':
@@ -1103,7 +1109,7 @@ function wp_notify_moderator($comment_id) {
  		'Currently %s comments are waiting for approval. Please visit the moderation panel:', $comments_waiting), number_format_i18n($comments_waiting) ) . "\r\n";
 	$notify_message .= admin_url("edit-comments.php?comment_status=moderated") . "\r\n";
 
-	$subject = sprintf( __('[%1$s] Please moderate: "%2$s"'), get_option('blogname'), $post->post_title );
+	$subject = sprintf( __('[%1$s] Please moderate: "%2$s"'), $blogname, $post->post_title );
 	$admin_email = get_option('admin_email');
 	$message_headers = '';
 
@@ -1130,7 +1136,7 @@ function wp_password_change_notification(&$user) {
 	// but check to see if it's the admin whose password we're changing, and skip this
 	if ( $user->user_email != get_option('admin_email') ) {
 		$message = sprintf(__('Password Lost and Changed for user: %s'), $user->user_login) . "\r\n";
-		wp_mail(get_option('admin_email'), sprintf(__('[%s] Password Lost/Changed'), get_option('blogname')), $message);
+		wp_mail(get_option('admin_email'), sprintf(__('[%s] Password Lost/Changed'), @html_entity_decode(get_option('blogname'), ENT_QUOTES, get_option('blog_charset'))), $message);
 	}
 }
 endif;
@@ -1150,11 +1156,15 @@ function wp_new_user_notification($user_id, $plaintext_pass = '') {
 	$user_login = stripslashes($user->user_login);
 	$user_email = stripslashes($user->user_email);
 	
-	$message  = sprintf(__('New user registration on your blog %s:'), get_option('blogname')) . "\r\n\r\n";
+	// The blogname option is escaped with esc_html on the way into the database in sanitize_option
+	// we want to reverse this for the plain text arena of emails.
+	$blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
+
+	$message  = sprintf(__('New user registration on your blog %s:'), $blogname) . "\r\n\r\n";
 	$message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
 	$message .= sprintf(__('E-mail: %s'), $user_email) . "\r\n";
 
-	@wp_mail(get_option('admin_email'), sprintf(__('[%s] New User Registration'), get_option('blogname')), $message);
+	@wp_mail(get_option('admin_email'), sprintf(__('[%s] New User Registration'), $blogname), $message);
 
 	if ( empty($plaintext_pass) )
 		return;
@@ -1163,7 +1173,7 @@ function wp_new_user_notification($user_id, $plaintext_pass = '') {
 	$message .= sprintf(__('Password: %s'), $plaintext_pass) . "\r\n";
 	$message .= wp_login_url() . "\r\n";
 
-	wp_mail($user_email, sprintf(__('[%s] Your username and password'), get_option('blogname')), $message);
+	wp_mail($user_email, sprintf(__('[%s] Your username and password'), $blogname), $message);
 
 }
 endif;