Tag Archives: Plugin

Embed a Github Gist in WordPress Posts/Pages

7th May 2012Plugins, WordPressembed, Gist, Git, Github, oEmbed, Plugin, WordPressJames

Looking for a simple way to embed a Github Gist in your WordPress website?

I spent some time reviewing the available plugins in the WordPress plugin repository, so I thought I’d share my findings. Continue reading →

Should I escape translated strings in a WordPress plugin or theme?

5th May 2012Plugins, WordPresscode, esc_attr, esc_attr__, esc_html_e, esc_html__, Plugin, Sanitation, security, WordPressJames

When writing a WordPress plugin recently, I wasn’t sure whether a translatable text/string is considered safe, or if it needs to escaped before being output.

Here’s a simple example:

The Problem

At first glance, that code looks like it should be safe, however what would happen if the string was translated to contained an angled bracket (< or >)?

That would result in invalid HTML code. Or even worse, what if the translation file contained a malicious <script> tag?

The Solution

Continue reading →

James Collins

Web Development, WordPress, PHP, Cloud Computing and more

Tag Archives: Plugin

Embed a Github Gist in WordPress Posts/Pages

Should I escape translated strings in a WordPress plugin or theme?

The Problem

The Solution