Merge pull request edvinaskrucas#80 from aleemb/patch-1

edvinaskrucas · web-flow · commit cba8f0a6fbe2 · 2017-03-27T21:54:10.000+03:00
Escape message for better flexibility
diff --git a/src/Krucas/Notification/Message.php b/src/Krucas/Notification/Message.php
@@ -254,8 +254,11 @@ public function position($position)
      */
     public function render()
     {
-        return is_null($this->getMessage())
-            ? '' : str_replace([':message', ':type'], [$this->getMessage(), $this->getType()], $this->getFormat());
+        if (is_null($this->getMessage())) {
+            return '';
+        }
+        $message = htmlspecialchars($this->getMessage(), ENT_QUOTES, null, false);
+        return str_replace([':message', ':type'], [$message, $this->getType()], $this->getFormat());
     }
 
     /**

Original file line number	Diff line number	Diff line change
`@@ -254,8 +254,11 @@ public function position($position)`
`254`	`254`	`*/`
`255`	`255`	`public function render()`
`256`	`256`	`{`
`257`		`- return is_null($this->getMessage())`
`258`		`- ? '' : str_replace([':message', ':type'], [$this->getMessage(), $this->getType()], $this->getFormat());`
	`257`	`+ if (is_null($this->getMessage())) {`
	`258`	`+ return '';`
	`259`	`+ }`
	`260`	`+ $message = htmlspecialchars($this->getMessage(), ENT_QUOTES, null, false);`
	`261`	`+ return str_replace([':message', ':type'], [$message, $this->getType()], $this->getFormat());`
`259`	`262`	`}`
`260`	`263`
`261`	`264`	`/**`