Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
<?php
/**
* Escape all translations with
*/
__( ‘Some String’, ‘text-domain’ ); _e( ‘Some string’, ‘text-domain’ );.
/**
* When there is no HTML use:
*/
esc_html__( ‘Some String’, ‘text-domain’ ); esc_html_e( ‘Some String’, ‘text-domain’ );
/**
* For some HTML:
*/
wp_kses( __( ‘Some String something’, ‘text-domain’ ), $allowed_html_array );
@pyronaur

This comment has been minimized.

Copy link

pyronaur commented Sep 21, 2015

@kailoon
This is still valid for 95% uses, right ? Even if there is no html.

__( ‘Some String’, ‘text-domain’ );

esc_html__ should be used only when the authors intention is to remove HTML, not because it would be an Envato requirement, right ?

@kailoon

This comment has been minimized.

@pyronaur

This comment has been minimized.

Copy link

pyronaur commented Nov 6, 2015

I'll just leave this for other authors receiving this reject reason:

All strings must be escaped with esc_html__

Have a look here:

TL;DR
The new standard is: __() and _e() can only be used if you wrap them in wp_kses()

@dtbaker

This comment has been minimized.

Copy link

dtbaker commented Oct 23, 2016

Heya @kailoon what tools do you use to find these issues in themes? I have tried both theme-check and phpcs but they do not highlight un-translated text like <p>Untranslated text:</p>? Do you have your own script or another "theme check" tool that will find something like this?

Thanks!

@ideothemes

This comment has been minimized.

Copy link

ideothemes commented Oct 25, 2016

@aliaghdam

This comment has been minimized.

Copy link

aliaghdam commented Oct 25, 2016

@kailoon What about when we are storing data into array ( for example in frameworks and options panels ) and printing them when needed.

$filed = array( 'name' => __( 'Homepage', 'textdomain' ), 'type' => 'input', );

// somewhere else

<h1><?php esc_html__( $filed['name'], 'textdomain' ); ?></h1>

Are you sure we should 'escape late' just in printing like my example? and not inside the main array? but they are rejecting our theme for this: http://envato.d.pr/oWR7/xLctXoDy

They are forcing us to escape twice but that is not needed and makes theme slow for nothing!

@xperter

This comment has been minimized.

Copy link

xperter commented Jan 9, 2017

@dtbaker I have tried with Regex but not working :/

@kailoon

This comment has been minimized.

Copy link
Owner Author

kailoon commented Mar 2, 2017

@dtbaker Sorry, I just check them manually ...

@lenguyenitc

This comment has been minimized.

Copy link

lenguyenitc commented Feb 26, 2018

  1. All theme text strings are to be translatable and properly escaped. https://gist.github.com/kailoon/01fa8e95d2e910e666c6 example(s) from your code and there are more: https://envato.d.pr/fWcY4T
    @kailoon could you explain for me clear more about this point. What's it wrong?
    Envato required using function esc_html__() inserted __()?
@ijazalideveloper

This comment has been minimized.

Copy link

ijazalideveloper commented May 10, 2018

@kailoon
When we use the variable so for this what is the best approach which recommend the theme-forest. Currently i am using like this
<?php echo esc_attr($comment_count);?>
It is corrent or not.

@Uranbold

This comment has been minimized.

Copy link

Uranbold commented May 15, 2018

@ijazalideveloper it's Correct.

Only thing is not included is What if we include the Links in the Description?

Should we use sprintf( wp_kses( __(

@kailoon

@sfatfarma

This comment has been minimized.

Copy link

sfatfarma commented Mar 26, 2019

@Uranbold - yes, you can use:

sprintf( wp_kses( __( 'Your text', 'your-domain') ) );

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.