Skip to content

escaping functions added and modified in main.php file#473

Open
mehrazmorshed wants to merge 2 commits intoWordPress:masterfrom
mehrazmorshed:mehraz
Open

escaping functions added and modified in main.php file#473
mehrazmorshed wants to merge 2 commits intoWordPress:masterfrom
mehrazmorshed:mehraz

Conversation

@mehrazmorshed
Copy link
Contributor

@mehrazmorshed mehrazmorshed commented Oct 27, 2024

escaping functions added and modified in main.php file

carolinan
carolinan requested changes Mar 18, 2026
View reviewed changes
main.php
echo '<h2>' . esc_html( sprintf( __( 'One or more errors were found for %1$s.', 'theme-check' ), $theme['Title'] ) ) . '</h2>';
} else {
echo '<h2>' . sprintf( __( '%1$s passed the tests', 'theme-check' ), esc_html( $theme['Title'] ) ) . '</h2>';
echo '<h2>' . esc_html( sprintf( __( '%1$s passed the tests', 'theme-check' ), $theme['Title'] ) ) . '</h2>';
Copy link
Collaborator

@carolinan carolinan Mar 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi
It would be better to escape the translated text and the value with esc_html__() inside sprintf().

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@carolinan carolinan carolinan requested changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mehrazmorshed @carolinan