krystyna93/birdTree-widget.php

## birdTree-widget.php
<?php

class birdtree_greeting_widget extends WP_Widget {

    // Set up the widget name, description, etc.
    public function __construct() {
        $widget_options = array(
            'classname' => 'birdtree_greeting_widget',
            'description' => 'Displays a greeting message from BirdTree'
        );
        parent::__construct( 'birdtree_greeting_widget', 'BirdTree Greeting Widget', $widget_options );
    }

    // Output the contents of the widget
    public function widget( $args, $instance ) {
        echo $args['before_widget'];

        // Apply filters to the widget title
        $title = apply_filters( 'widget_title', isset( $instance['title'] ) ? $instance['title'] : '' );

        if ( ! empty( $title ) ) {
            echo $args['before_title'] . esc_html( $title ) . $args['after_title'];
        }

        // Display the greeting message
        echo '<p>' . esc_html__( 'Greetings, from BirdTree!', 'birdtree' ) . '</p>';

        echo $args['after_widget'];
    }

    // Output the options form on admin
    public function form( $instance ) {
        // Retrieve the previously saved values
        $title = isset( $instance['title'] ) ? $instance['title'] : '';

        // Output the form fields
        ?>
        <p>
            <label for="<?php echo esc_attr( $this->get_field_id( 'title' ) ); ?>"><?php esc_html_e( 'Title:', 'birdtree' ); ?></label>
            <input class="widefat" type="text" id="<?php echo esc_attr( $this->get_field_id( 'title' ) ); ?>" name="<?php echo esc_attr( $this->get_field_name( 'title' ) ); ?>" value="<?php echo esc_attr( $title ); ?>">
        </p>
        <?php
    }

    // Sanitize and validate the widget options
    public function update( $new_instance, $old_instance ) {
        $instance = array();

        // Sanitize the title field
        $instance['title'] = isset( $new_instance['title'] ) ? strip_tags( $new_instance['title'] ) : '';

        return $instance;
    }
}
/*
This code uses strip_tags() to remove any HTML tags from the widget title field in the update() method.
This helps prevent against potential XSS attacks by ensuring that any HTML code entered into the field is stripped out before
the data is saved to the database.

also checks if the title field is set using isset() in both the widget() and form() methods.
If the field is not set, it defaults to an empty string. This ensures that the code will not generate any PHP warnings or errors
when the widget is used without a title.
*/
	<?php

	class birdtree_greeting_widget extends WP_Widget {

	// Set up the widget name, description, etc.
	public function __construct() {
	$widget_options = array(
	'classname' => 'birdtree_greeting_widget',
	'description' => 'Displays a greeting message from BirdTree'
	);
	parent::__construct( 'birdtree_greeting_widget', 'BirdTree Greeting Widget', $widget_options );
	}

	// Output the contents of the widget
	public function widget( $args, $instance ) {
	echo $args['before_widget'];

	// Apply filters to the widget title
	$title = apply_filters( 'widget_title', isset( $instance['title'] ) ? $instance['title'] : '' );

	if ( ! empty( $title ) ) {
	echo $args['before_title'] . esc_html( $title ) . $args['after_title'];
	}

	// Display the greeting message
	echo '<p>' . esc_html__( 'Greetings, from BirdTree!', 'birdtree' ) . '</p>';

	echo $args['after_widget'];
	}

	// Output the options form on admin
	public function form( $instance ) {
	// Retrieve the previously saved values
	$title = isset( $instance['title'] ) ? $instance['title'] : '';

	// Output the form fields
	?>
	<p>
	<label for="<?php echo esc_attr( $this->get_field_id( 'title' ) ); ?>"><?php esc_html_e( 'Title:', 'birdtree' ); ?></label>
	<input class="widefat" type="text" id="<?php echo esc_attr( $this->get_field_id( 'title' ) ); ?>" name="<?php echo esc_attr( $this->get_field_name( 'title' ) ); ?>" value="<?php echo esc_attr( $title ); ?>">
	</p>
	<?php
	}

	// Sanitize and validate the widget options
	public function update( $new_instance, $old_instance ) {
	$instance = array();

	// Sanitize the title field
	$instance['title'] = isset( $new_instance['title'] ) ? strip_tags( $new_instance['title'] ) : '';

	return $instance;
	}
	}
	/*
	This code uses strip_tags() to remove any HTML tags from the widget title field in the update() method.
	This helps prevent against potential XSS attacks by ensuring that any HTML code entered into the field is stripped out before
	the data is saved to the database.

	also checks if the title field is set using isset() in both the widget() and form() methods.
	If the field is not set, it defaults to an empty string. This ensures that the code will not generate any PHP warnings or errors
	when the widget is used without a title.
	*/