From e89d78ee08b3c7429a55baea42875764a5613df6 Mon Sep 17 00:00:00 2001
From: westi <westi@1a063a9b-81f0-0310-95a4-ce76da25c4cd>
Date: Wed, 6 May 2009 20:24:57 +0000
Subject: [PATCH] Decode the commenters name why looking up un-moderated
 comments. Fixes #6992.

git-svn-id: http://svn.automattic.com/wordpress/trunk@11220 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-includes/comment-template.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/wp-includes/comment-template.php b/wp-includes/comment-template.php
index 19258f085..c59505fa9 100644
--- a/wp-includes/comment-template.php
+++ b/wp-includes/comment-template.php
@@ -824,7 +824,7 @@ function comments_template( $file = '/comments.php', $separate_comments = false
 	} else if ( empty($comment_author) ) {
 		$comments = get_comments( array('post_id' => $post->ID, 'status' => 'approve', 'order' => 'ASC') );
 	} else {
-		$comments = $wpdb->get_results($wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND ( comment_approved = '1' OR ( comment_author = %s AND comment_author_email = %s AND comment_approved = '0' ) ) ORDER BY comment_date_gmt", $post->ID, $comment_author, $comment_author_email));
+		$comments = $wpdb->get_results($wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND ( comment_approved = '1' OR ( comment_author = %s AND comment_author_email = %s AND comment_approved = '0' ) ) ORDER BY comment_date_gmt", $post->ID, wp_specialchars_decode($comment_author,ENT_QUOTES), $comment_author_email));
 	}
 
 	// keep $comments for legacy's sake