Web Shakehands
Web Shakehands

Language


How to correctly write "hard-coded URL" in wordPress theme



Security measures are important in WordPress.
There are various security measures, but there are many cases that are hard-coded link.

This also has to care in order to register to the official theme directory.

Hard-coded links are, for example, times when you have linked absolute paths directly with "a tag" like this.

I will give the footer part of copyright as an example.

Suppose that there is a link above.

This is not good in terms of security measures because it will be put a link directly to "a tag".

That's why WordPress encourages you to sanitize like this.

Using the WordPress esc_url function will prevent malicious URLs.
This is used to detoxify URLs such as texts and attributes and excludes or deletes invalid or dangerous characters.

By default, URLs other than (http, https, ftp, ftps, mailto, news, irc, gopher, nntp, feed, telnet) are rejected.

Codex is from here
https://codex.wordpress.org/Function_Reference/esc_url

__( is a part of the translation.

Translation in WordPress uses this __ and _e functions.

In other words, "esc_url (__ (" is a combination of escape and translation.

It will translate $text and escape HTML. Place theme domain to $domain.
$text returns the translated one, but if there is no translation, it is supposed to return the original text as it is.

There is no translation of the linked part this time, but if it is translated, use a WordPress translation system called GlotPress.
For this, only those with translation authority called PTE authority can translate, and it becomes possible to translate by offering applications to translation editors.

If you are creating your own theme or plugin, you can have PTE permission from the translation editor and you can re-translate by yourself.

Detailed information is written on this page.
https://wpdocs.osdn.jp/WordPress_%E3%81%AE%E7%BF%BB%E8%A8%B3

Escape work is important in WordPress. Let's enhance security with esc_url().



このエントリーをはてなブックマークに追加

This article title

How to correctly write "hard-coded URL" in wordPress theme

Previous article TGM Plugin Activation is a tool that can install a plugin from WordPress theme


WordPress Theme creation Article !

2019-08-01 Use add_theme_support() to set custom header for WordPress NEW!


2019-07-24 How to correctly write "hard-coded URL" in wordPress theme


2019-07-19 TGM Plugin Activation is a tool that can install a plugin from WordPress theme


2019-07-13 How to use Bootstrap inside WordPress theme


See all the articles list

Just enter your E-mail and you will receive free
mail magazine about how to make your website etc.
E-mail:
  

Go to top