Wordpress Snippets

Escaping Text With Links In WordPress – The Right Way

Escaping a text with links can be replaced if escaped with __() during localization. This not ideal since the person writing the localizing file could replace links with their own.

The proper way to do this is explained with an example below:

sprintf( __( 'If you like this plugin, please <a href="https://millionclues.com/wordpress-tips/escaping-text-with-links-in-wordpress-the-right-way/%s" target="_blank">make a donation</a> or leave a <a href="https://millionclues.com/wordpress-tips/escaping-text-with-links-in-wordpress-the-right-way/%s" target="_blank">&#9733;&#9733;&#9733;&#9733;&#9733;</a> rating to support continued development. Thanks a bunch!', 'text_domain' ),
   'https://millionclues.com/donate/',
   'https://wordpress.org/support/plugin/custom-login-admin-front-end-css-with-multisite-support/reviews/?rate=5#new-post'
  );

Only the text part is escaped, the links aren’t. Of course the translator can choose not to display any links at all. Hmm, evil.

To print the same replacing _e() use printf instead of sprintf.

Hire Us. Or just say Hi!
Need a job? Apply to get one.