fix: render line breaks in admin bar upgrade message

[faisalahammad]

Summary

Fixes a visual bug where the <br> tag was visible as literal text in the admin bar upgrade message when credits are exhausted. This occurred because the message was being escaped by esc_html() in the template.

Fixes #1033

Changes

views/admin/admin-bar-status.php

Before:

<p><?php echo esc_html( $data['text'] ); ?></p>

After:

<p><?php echo wp_kses( $data['text'], [ 'br' => [] ] ); ?></p>

Why: The $text value is built in AdminBar.php with hardcoded <br> tags. Switching to wp_kses() with a narrow allowlist for br ensures the line break renders correctly while maintaining security.

Testing

Test 1: Admin Bar Profile

1. Activate the plugin and ensure the account is on a free plan or has low credits.
2. Open the Imagify menu in the admin bar.
3. Verify the upgrade message shows a line break instead of a visible <br> tag.

Result: Works as expected

[codacy-production]

Up to standards ✅

🟢 Issues 0 issues

Results:
0 new issues

View in Codacy

🟢 Metrics 0 duplication

Metric	Results
Duplication	0

View in Codacy

_{NEW Get contextual insights on your PRs based on Codacy's metrics, along with PR and Jira context, without leaving GitHub. Enable AI reviewer
TIP This summary will be updated as you push new changes.}

[Copilot]

Pull request overview

This PR fixes the admin bar “upgrade” message rendering when credits are exhausted by allowing the hard-coded <br> tag (generated in classes/Admin/AdminBar.php) to be rendered as an actual line break instead of being shown as literal text.

Changes:

• Replace esc_html( $data['text'] ) with wp_kses( $data['text'], [ 'br' => [] ] ) to allow only <br> in the message.
• Maintain output safety by using a narrow KSES allowlist rather than allowing arbitrary HTML.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.