科技改变生活-雨落星辰 - 所有的伟大,都源于一个勇敢的开始

    最新消息:雨落星辰是一个专注网站SEO优化、网站SEO诊断、搜索引擎研究、网络营销推广、网站策划运营及站长类的自媒体原创博客
    你的位置: 首页>programmer>theme development - Data Validation in wordpress

    theme development - Data Validation in wordpress

    programmeradmin3浏览0评论

    In my theme, i am grabbing user input with get_option() and according to that input i want to i want to declare a new variable and print in my single.php file. For example:

    <?php
$tutorial_condition = get_option( 'tutorials_creater' );

if ( $tutorial_condition == 1 ) {
    $second_col_class = 'col-9';
} else {
    $second_col_class = 'col-2';
}
?>

    now when i echo $second_col_class variable in my php files it works fine. But when i run themecheck plugin it shows an error like this.

    "Possible data validation issues found. All dynamic data must be correctly escaped for the context where it is rendered."

    i want to echo that variable like below.

     <div class="<?php echo $second_col_class; ?>">
     //my code here..
 </div>

    I cannot use isset() function because it just returning true or false. Is there any alternative to this?

    In my theme, i am grabbing user input with get_option() and according to that input i want to i want to declare a new variable and print in my single.php file. For example:

    <?php
$tutorial_condition = get_option( 'tutorials_creater' );

if ( $tutorial_condition == 1 ) {
    $second_col_class = 'col-9';
} else {
    $second_col_class = 'col-2';
}
?>

    now when i echo $second_col_class variable in my php files it works fine. But when i run themecheck plugin it shows an error like this.

    "Possible data validation issues found. All dynamic data must be correctly escaped for the context where it is rendered."

    i want to echo that variable like below.

     <div class="<?php echo $second_col_class; ?>">
     //my code here..
 </div>

    I cannot use isset() function because it just returning true or false. Is there any alternative to this?

    • theme-development
    • validation
    Share Improve this question asked Nov 4, 2020 at 8:18 SahanSahan 133 bronze badges
    Add a comment  | 

    1 Answer 1

    Reset to default 1

    Please see this Codex article for further guide, but in your case, you would use esc_attr() to escape the $second_col_class value which is being used in an HTML attribute, namely class:

    <!-- bad -->
<div class="<?php echo $second_col_class; ?>">

<!-- good -->
<div class="<?php echo esc_attr( $second_col_class ); ?>">

<!-- good -->
<div class="<?php esc_attr_e( $second_col_class, 'text-domain' ); ?>">

    与本文相关的文章

    发布评论

    评论列表(0)

    1. 暂无评论