Fix double escaping

Author: lloc

includes/MslsAdmin.php

@@ -126,7 +126,7 @@ public function __call( $method, $args ) {
 	 *
 	 * @return bool
 	 */
-	public function has_problems(): bool {
+	public function has_problems(): void {
 		$message = '';
 
 		if ( $this->options->is_empty() ) {
@@ -148,7 +148,7 @@ public function has_problems(): bool {
 			);
 		}
 
-		return MslsPlugin::message_handler( $message, 'updated fade' );
+		MslsPlugin::message_handler( $message, 'updated fade' );
 	}
 
 	/**

includes/MslsPlugin.php

@@ -190,7 +190,13 @@ public function init_i18n_support(): void {
 	 */
 	public static function message_handler( $message, $css_class = 'error' ) {
 		if ( ! empty( $message ) ) {
-			printf( '<div id="msls-warning" class="%s"><p>%s</p></div>', esc_attr( $css_class ), esc_html( $message ) );
+			echo wp_kses_post(
+				sprintf(
+					'<div id="msls-warning" class="%s"><p>%s</p></div>',
+					esc_attr( $css_class ),
+					$message
+				)
+			);
 
 			return true;
 		}

tests/phpunit/TestMslsAdmin.php

@@ -60,47 +60,31 @@ public function get_sut( array $users = array() ): MslsAdmin {
 		return new MslsAdmin( $options, $collection );
 	}
 
-	public function test_has_problems_no_problem(): void {
-		$options = \Mockery::mock( MslsOptions::class );
-		$options->shouldReceive( 'get_available_languages' )->andReturns( array( 'de_DE', 'it_IT' ) );
-
-		$collection = \Mockery::mock( MslsBlogCollection::class );
-		$options->shouldReceive( 'is_empty' )->andReturns( false );
-
-		$obj = new MslsAdmin( $options, $collection );
-
-		$this->assertFalse( $obj->has_problems() );
-	}
-
-	public function test_has_problems_one_language(): void {
-		$options = \Mockery::mock( MslsOptions::class );
-		$options->shouldReceive( 'get_available_languages' )->andReturns( array( 'de_DE' ) );
-
-		$collection = \Mockery::mock( MslsBlogCollection::class );
-		$options->shouldReceive( 'is_empty' )->andReturns( false );
-
-		$obj = new MslsAdmin( $options, $collection );
-
-		$this->expectOutputRegex( '/^<div id="msls-warning" class="updated fade"><p>.*$/' );
-
-		$this->assertTrue( $obj->has_problems() );
+	public static function has_problems_data(): array {
+		return array(
+			array( array( 'de_DE', 'it_IT' ), false, '/^$/' ),
+			array( array( 'de_DE' ), false, '/^<div id="msls-warning" class="updated fade"><p>.*$/' ),
+			array( array(), true, '/^<div id="msls-warning" class="updated fade"><p>.*$/' ),
+		);
 	}
 
-	public function test_has_problems_is_empty(): void {
+	/**
+	 * @dataProvider has_problems_data
+	 */
+	public function test_has_problems( array $languages, bool $is_empty, string $regex ): void {
 		Functions\when( 'get_option' )->justReturn( array() );
 		Functions\when( 'get_current_blog_id' )->justReturn( 1 );
 		Functions\when( 'admin_url' )->justReturn( '' );
 
 		$options = \Mockery::mock( MslsOptions::class );
-		$options->shouldReceive( 'is_empty' )->andReturns( true );
+		$options->shouldReceive( 'get_available_languages' )->zeroOrMoreTimes()->andReturns( $languages );
 
 		$collection = \Mockery::mock( MslsBlogCollection::class );
+		$options->shouldReceive( 'is_empty' )->once()->andReturns( $is_empty );
 
-		$obj = new MslsAdmin( $options, $collection );
-
-		$this->expectOutputRegex( '/^<div id="msls-warning" class="updated fade"><p>.*$/' );
+		$this->expectOutputRegex( $regex );
 
-		$this->assertTrue( $obj->has_problems() );
+		( new MslsAdmin( $options, $collection ) )->has_problems();
 	}
 
 	public function test_subsubsub(): void {