Index: wp-content/themes/classic/comments.php
===================================================================
--- wp-content/themes/classic/comments.php	(revision 6004)
+++ wp-content/themes/classic/comments.php	(working copy)
@@ -35,7 +35,7 @@
 <h2 id="postcomment"><?php _e('Leave a comment'); ?></h2>
 
 <?php if ( get_option('comment_registration') && !$user_ID ) : ?>
-<p><?php printf(__('You must be <a href="%s">logged in</a> to post a comment.'), get_option('siteurl')."/wp-login.php?redirect_to=".get_the_permalink());?></p>
+<p><?php printf(__('You must be <a href="%s">logged in</a> to post a comment.'), get_option('siteurl')."/wp-login.php?redirect_to=".urlencode(get_permalink()));?></p>
 <?php else : ?>
 
 <form action="<?php echo get_option('siteurl'); ?>/wp-comments-post.php" method="post" id="commentform">
Index: wp-content/themes/default/comments.php
===================================================================
--- wp-content/themes/default/comments.php	(revision 6004)
+++ wp-content/themes/default/comments.php	(working copy)
@@ -66,7 +66,7 @@
 <h3 id="respond">Leave a Reply</h3>
 
 <?php if ( get_option('comment_registration') && !$user_ID ) : ?>
-<p>You must be <a href="<?php echo get_option('siteurl'); ?>/wp-login.php?redirect_to=<?php the_permalink(); ?>">logged in</a> to post a comment.</p>
+<p>You must be <a href="<?php echo get_option('siteurl'); ?>/wp-login.php?redirect_to=<?php echo urlencode(get_permalink()); ?>">logged in</a> to post a comment.</p>
 <?php else : ?>
 
 <form action="<?php echo get_option('siteurl'); ?>/wp-comments-post.php" method="post" id="commentform">