Don't html encode quotes in the blogname in email subjects as this is a plain text output. Fixes #9913 props tenpura.

git-svn-id: http://svn.automattic.com/wordpress/trunk@12388 1a063a9b-81f0-0310-95a4-ce76da25c4cd

wp-includes/pluggable.php

@@ -976,8 +976,10 @@ function wp_notify_postauthor($comment_id, $comment_type='') {
 	if ('' == $user->user_email) return false; // If there's no email to send the comment to
 
 	$comment_author_domain = @gethostbyaddr($comment->comment_author_IP);
-
-	$blogname = get_option('blogname');
+	
+	// The blogname option is escaped with esc_html on the way into the database in sanitize_option
+	// we want to reverse this for the plain text arena of emails.
+	$blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
 
 	if ( empty( $comment_type ) ) $comment_type = 'comment';
 
@@ -1067,7 +1069,11 @@ function wp_notify_moderator($comment_id) {
 
 	$comment_author_domain = @gethostbyaddr($comment->comment_author_IP);
 	$comments_waiting = $wpdb->get_var("SELECT count(comment_ID) FROM $wpdb->comments WHERE comment_approved = '0'");
-
+	
+	// The blogname option is escaped with esc_html on the way into the database in sanitize_option
+	// we want to reverse this for the plain text arena of emails.
+	$blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
+	
 	switch ($comment->comment_type)
 	{
 		case 'trackback':
@@ -1103,7 +1109,7 @@ function wp_notify_moderator($comment_id) {
  		'Currently %s comments are waiting for approval. Please visit the moderation panel:', $comments_waiting), number_format_i18n($comments_waiting) ) . "\r\n";
 	$notify_message .= admin_url("edit-comments.php?comment_status=moderated") . "\r\n";
 
-	$subject = sprintf( __('[%1$s] Please moderate: "%2$s"'), get_option('blogname'), $post->post_title );
+	$subject = sprintf( __('[%1$s] Please moderate: "%2$s"'), $blogname, $post->post_title );
 	$admin_email = get_option('admin_email');
 	$message_headers = '';
 
@@ -1130,7 +1136,7 @@ function wp_password_change_notification(&$user) {
 	// but check to see if it's the admin whose password we're changing, and skip this
 	if ( $user->user_email != get_option('admin_email') ) {
 		$message = sprintf(__('Password Lost and Changed for user: %s'), $user->user_login) . "\r\n";
-		wp_mail(get_option('admin_email'), sprintf(__('[%s] Password Lost/Changed'), get_option('blogname')), $message);
+		wp_mail(get_option('admin_email'), sprintf(__('[%s] Password Lost/Changed'), @html_entity_decode(get_option('blogname'), ENT_QUOTES, get_option('blog_charset'))), $message);
 	}
 }
 endif;
@@ -1149,12 +1155,16 @@ function wp_new_user_notification($user_id, $plaintext_pass = '') {
 
 	$user_login = stripslashes($user->user_login);
 	$user_email = stripslashes($user->user_email);
+	
+	// The blogname option is escaped with esc_html on the way into the database in sanitize_option
+	// we want to reverse this for the plain text arena of emails.
+	$blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
 
-	$message  = sprintf(__('New user registration on your blog %s:'), get_option('blogname')) . "\r\n\r\n";
+	$message  = sprintf(__('New user registration on your blog %s:'), $blogname) . "\r\n\r\n";
 	$message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
 	$message .= sprintf(__('E-mail: %s'), $user_email) . "\r\n";
 
-	@wp_mail(get_option('admin_email'), sprintf(__('[%s] New User Registration'), get_option('blogname')), $message);
+	@wp_mail(get_option('admin_email'), sprintf(__('[%s] New User Registration'), $blogname), $message);
 
 	if ( empty($plaintext_pass) )
 		return;
@@ -1163,7 +1173,7 @@ function wp_new_user_notification($user_id, $plaintext_pass = '') {
 	$message .= sprintf(__('Password: %s'), $plaintext_pass) . "\r\n";
 	$message .= wp_login_url() . "\r\n";
 
-	wp_mail($user_email, sprintf(__('[%s] Your username and password'), get_option('blogname')), $message);
+	wp_mail($user_email, sprintf(__('[%s] Your username and password'), $blogname), $message);
 
 }
 endif;