Merge pull request #324 from WordPress-Coding-Standards/fix/escape-ou…

…tput-regression Fix EscapeOutput regression causing closing parentheses to be reported as needing to be escaped.
WordPress · Mar 2, 2015 · 95a048d · 95a048d
2 parents 06abcd4 + 4e698b2
commit 95a048d
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 2 deletions.
diff --git a/WordPress/Sniffs/XSS/EscapeOutputSniff.php b/WordPress/Sniffs/XSS/EscapeOutputSniff.php
@@ -330,7 +330,7 @@ public function process( PHP_CodeSniffer_File $phpcsFile, $stackPtr )
 
 		// This is already determined if $is_printing_function.
 		if ( ! isset( $end_of_statement ) ) {
-			$end_of_statement = $phpcsFile->findNext( T_SEMICOLON, $stackPtr );
+			$end_of_statement = $phpcsFile->findNext( array( T_SEMICOLON, T_CLOSE_TAG ), $stackPtr );
 		}
 
 		// Check for the ternary operator.
@@ -363,7 +363,7 @@ public function process( PHP_CodeSniffer_File $phpcsFile, $stackPtr )
 				continue;
 			}
 
-			if ( in_array( $tokens[ $i ]['code'], array( T_DOUBLE_ARROW, T_CLOSE_PARENTHESIS ) ) && 'wp_die' === $function ) {
+			if ( in_array( $tokens[ $i ]['code'], array( T_DOUBLE_ARROW, T_CLOSE_PARENTHESIS ) ) ) {
 				continue;
 			}
 

diff --git a/WordPress/Tests/XSS/EscapeOutputUnitTest.inc b/WordPress/Tests/XSS/EscapeOutputUnitTest.inc
@@ -113,3 +113,9 @@ echo (int) $foo, $bar; // Bad
 echo (int) get_post_meta( $post_id, SOME_NUMBER, true ), do_something( $else ); // Bad
 
 wp_die( -1 ); // OK
+
+?>
+<p class="notice"><?php echo esc_html( $message ) ?></p> <!-- OK -->
+<input type="submit" name="sync-progress" class="button button-primary button-large" value="<?php esc_attr_e( 'Start Sync', 'foo' ); ?>" /><!-- OK -->
+<input type="hidden" name="sync-action" class="sync-action" value="<?php echo esc_attr( $continue_sync ? 'sync_progress' : '' ); ?>" /><!-- OK -->
+<?php