WordPress.org

Make WordPress Core

Changeset 12388


Ignore:
Timestamp:
12/13/2009 11:38:45 AM (11 years ago)
Author:
westi
Message:

Don't html encode quotes in the blogname in email subjects as this is a plain text output. Fixes #9913 props tenpura.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/pluggable.php

    r12358 r12388  
    977977
    978978    $comment_author_domain = @gethostbyaddr($comment->comment_author_IP);
    979 
    980     $blogname = get_option('blogname');
     979   
     980    // The blogname option is escaped with esc_html on the way into the database in sanitize_option
     981    // we want to reverse this for the plain text arena of emails.
     982    $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
    981983
    982984    if ( empty( $comment_type ) ) $comment_type = 'comment';
     
    10681070    $comment_author_domain = @gethostbyaddr($comment->comment_author_IP);
    10691071    $comments_waiting = $wpdb->get_var("SELECT count(comment_ID) FROM $wpdb->comments WHERE comment_approved = '0'");
    1070 
     1072   
     1073    // The blogname option is escaped with esc_html on the way into the database in sanitize_option
     1074    // we want to reverse this for the plain text arena of emails.
     1075    $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
     1076   
    10711077    switch ($comment->comment_type)
    10721078    {
     
    11041110    $notify_message .= admin_url("edit-comments.php?comment_status=moderated") . "\r\n";
    11051111
    1106     $subject = sprintf( __('[%1$s] Please moderate: "%2$s"'), get_option('blogname'), $post->post_title );
     1112    $subject = sprintf( __('[%1$s] Please moderate: "%2$s"'), $blogname, $post->post_title );
    11071113    $admin_email = get_option('admin_email');
    11081114    $message_headers = '';
     
    11311137    if ( $user->user_email != get_option('admin_email') ) {
    11321138        $message = sprintf(__('Password Lost and Changed for user: %s'), $user->user_login) . "\r\n";
    1133         wp_mail(get_option('admin_email'), sprintf(__('[%s] Password Lost/Changed'), get_option('blogname')), $message);
     1139        wp_mail(get_option('admin_email'), sprintf(__('[%s] Password Lost/Changed'), @html_entity_decode(get_option('blogname'), ENT_QUOTES, get_option('blog_charset'))), $message);
    11341140    }
    11351141}
     
    11501156    $user_login = stripslashes($user->user_login);
    11511157    $user_email = stripslashes($user->user_email);
    1152 
    1153     $message  = sprintf(__('New user registration on your blog %s:'), get_option('blogname')) . "\r\n\r\n";
     1158   
     1159    // The blogname option is escaped with esc_html on the way into the database in sanitize_option
     1160    // we want to reverse this for the plain text arena of emails.
     1161    $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
     1162
     1163    $message  = sprintf(__('New user registration on your blog %s:'), $blogname) . "\r\n\r\n";
    11541164    $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
    11551165    $message .= sprintf(__('E-mail: %s'), $user_email) . "\r\n";
    11561166
    1157     @wp_mail(get_option('admin_email'), sprintf(__('[%s] New User Registration'), get_option('blogname')), $message);
     1167    @wp_mail(get_option('admin_email'), sprintf(__('[%s] New User Registration'), $blogname), $message);
    11581168
    11591169    if ( empty($plaintext_pass) )
     
    11641174    $message .= wp_login_url() . "\r\n";
    11651175
    1166     wp_mail($user_email, sprintf(__('[%s] Your username and password'), get_option('blogname')), $message);
     1176    wp_mail($user_email, sprintf(__('[%s] Your username and password'), $blogname), $message);
    11671177
    11681178}
Note: See TracChangeset for help on using the changeset viewer.