plugin development – Why would you use esc_attr() on internal functions?
Question
I see a lot of these in premium themes/plugins.
#1 – Why would you escape this? It’s your own data. For consistency?
function prefix_a() {
$class_attr="a b c";
// Some more code.
return '<div class="' . esc_attr( $class_attr ) . '">Content</div>';
}
// Called somewhere.
prefix_a();
#2 – Again, why? The data doesn’t come from the DB.
function prefix_b( $class ) {
// Some code.
return '<div class="' . esc_attr( $class ) . '">Content</div>';
}
// Called by a developer from the team.
prefix_b( 'developer adds a class' );
Yes, a child theme developer might call the function above, but he/she is already in control.
0
1 year
2022-01-18T11:32:14-05:00
2022-01-18T11:32:14-05:00 0 Answers
0 views
0
Leave an answer