From 378ecb8a146f0aac9b81fb8847df8b42d819df7f Mon Sep 17 00:00:00 2001
From: Yasen Pramatarov <yasen@lindeas.com>
Date: Wed, 15 Jan 2025 18:22:49 +0200
Subject: [PATCH] Adds option to not sanitize messages

---
 app/classes/messages.php | 4 ++--
 app/pages/login.php      | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/app/classes/messages.php b/app/classes/messages.php
index 2e8c0f1..ed7b1fa 100644
--- a/app/classes/messages.php
+++ b/app/classes/messages.php
@@ -125,7 +125,7 @@ class Messages {
      * Render message HTML
      */
     // Usage: echo Messages::render('LOGIN', 'LOGIN_SUCCESS', 'custom message [or null]', true [for dismissible; or null], true [for small; or omit]);
-    public static function render($category, $key, $customMessage = null, $dismissible = null, $small = false) {
+    public static function render($category, $key, $customMessage = null, $dismissible = null, $small = false, $sanitize = true) {
         $config = self::get($category, $key);
         if (!$config) return '';
 
@@ -140,7 +140,7 @@ class Messages {
             $config['type'],
             $dismissClass,
             $smallClass,
-            htmlspecialchars($message),
+            $sanitize ? htmlspecialchars($message) : $message,
             $dismissButton
         );
     }
diff --git a/app/pages/login.php b/app/pages/login.php
index 3e08791..6349261 100644
--- a/app/pages/login.php
+++ b/app/pages/login.php
@@ -95,7 +95,7 @@ try {
 
 // Show configured login message if any
 if (!empty($config['login_message'])) {
-    echo Messages::render('NOTICE', 'DEFAULT', $config['login_message'], false);
+    echo Messages::render('NOTICE', 'DEFAULT', $config['login_message'], false, false, false);
 }
 
 // Get any new messages