Correct form of escaping and localization – functions.php breadcrumbs

The general rule is that you should escape as close to the place of actual output as possible. The reason for that is that if your escape is far removed from output then you assume output to be escaped… Until at some point in the future something changes in the other corner of the file and that’s no longer the case.

On what should be escaped is mostly matter of how likely it is to contain unsafe and/or user–produced input. Template tags are rarely explicitly escaped. In some cases escaping them would actively break stuff if they are intended to have HTML in the output under some circumstances. Like infamous admins being able to put HTML into titles.

Notably you can’t HTML escape a whole block of HTML like a breadcrumb. Defeats the point.

You seem to be ok on localization bit.

Related Posts:

  1. esc_url not working within add_settings_field callback
  2. Whats the safest way to output custom JavaScript and Css code entered by the admin in the Theme Settings?
  3. What is the safe way to print tracking code / pixel code before tag or tag
  4. How to escape html generate by a loop
  5. How to escape multiple attribute at once in WordPress?
  6. Is there any solution, ide/tool etc., for automatic escaping for WordPress?
  7. How to safely return the HTML?
  8. wp_kses allow checkbox class and checked
  9. What is best practice when escaping the_title()?
  10. If necessary, how should wp_get_attachment_image() and its parameters be escaped?
  11. How to assess whether a WP core (or other) function is escaped already or not?
  12. Menu items description? Custom Walker for wp_nav_menu()
  13. How to define and link full path to css located at a random folder on header.php
  14. Sizing screenshot.png without losing aspect ratio
  15. Software for WordPress Theme and Plugin Development? [closed]
  16. When to use is_home() vs is_front_page()?
  17. What is the preferred way to add custom javascript files to the site?
  18. Get the blog page URL set in Options
  19. How to create .pot files with POedit?
  20. How do I get the theme URL in PHP?
  21. Why when I submit a form in wordpress it loads a 404 page though URL is correct
  22. What is the constant WP_USE_THEMES for?
  23. Worthwhile to restrict direct access of theme files?
  24. How Do I Protect My Premium WordPress App Theme from Copying?
  25. How to detect mobile devices and present them a specific theme?
  26. Using wp_add_inline_style without a stylesheet
  27. How to add posts to custom menus?
  28. WordPress Theme Preview Image
  29. How To extend WP_Customize_Control
  30. What is the difference between front-page.php and home.php? [duplicate]
  31. How can I get page slug
  32. Does the functions.php file ever get called during an AJAX call? Debug AJAX
  33. When to use _e and __ for the translation?
  34. What is a Theme textdomain?
  35. How to show a custom meta box on the “Quick Edit” screen?
  36. How to add CSS class to custom logo?
  37. How to add custom css file in theme?
  38. How important is it to enqueue a theme’s stylesheet?
  39. CSS not updating in browser when I change it
  40. Display Search Result Count
  41. wp_nav_menu(), how to change class?
  42. theme path in javascript file
  43. Is wp_is_mobile() effective?
  44. Display Menu Name using wp_nav_menu
  45. Making update notification functionality for my themes
  46. What questions do you ask when asked to give an estimate on theme development?
  47. How to remove dashicons.min.css from frontend?
  48. How do I remove a pre-existing customizer setting?
  49. Minimum Template Files for Theme Development
  50. What’s the difference between home.php and index.php?
  51. pass object/JSON to wp_localize_script
  52. get_template_part vs action hooks in themes
  53. Theme Activate Hook
  54. Solutions for generating dynamic javascript / CSS
  55. wp_redirect() – headers already sent
  56. Can I create my own “Recent Posts” widget or customize the existing one?
  57. Custom single template for a specific category
  58. how can I add an icon/image for a child theme?
  59. How can I add a URL field to the attachments window?
  60. The the_post_thumbnail without srcset?
  61. The proper way to include/require PHP files in WordPress
  62. Get the first image from post content (eg.: hotlinked images)
  63. after_setup_theme always runs
  64. When to use add_action(‘init’) vs add_action(‘wp_enqueue_scripts’)
  65. Getting failure when using filemtime() with wp_enqueue_style
  66. Do I actually need to link my theme’s style.css in the theme files
  67. Why is wp_head() creating a top margin at the top of my theme header?
  68. How to store widget fields data as an array?
  69. How do I add version control to my workflow?
  70. Using classes instead of global functions in functions.php
  71. WordPress API Menu/Submenu Order
  72. How can I display a menu on certain pages only?
  73. Enqueue a stylesheet for login page and make it appear in head element
  74. Adding a div to wrap widget content after the widget title
  75. How to insert a logo in the header?
  76. How to set permalink structure via functions.php
  77. What is $post_id? is it a global variable in WordPress?
  78. How to override pluggable function in theme?
  79. How to move page template files like page-{slug}.php to a sub-directory?
  80. WooCommerce shop page to use my custom template [closed]
  81. Theme customizer – settings order
  82. What is the difference between wp_register_sidebar_widget and register_widget?
  83. Should we use get_template_part() in functions files instead of include_once?
  84. Reset positions of metaboxes in admin
  85. CSS classes for theme
  86. “Quick Edit” > update clears out my custom meta values
  87. How to enqueue script if widget is displayed on page?
  88. Custom Image section in Customizer
  89. A way to automatically install pages on theme install?
  90. Get entered value of customiser field for live preview
  91. Add custom classes to anchor in wp_nav_menu
  92. How to remove search bar from a wordpress theme? [closed]
  93. Upgrade from 5.0.4 to 5.1.1 causes $theme to be null
  94. Bestway To Define Theme and Plugin path and url
  95. Is there a has_more_tag() method or equivalent?
  96. With WordPress themes, where do I store the images and files relatively?
  97. Form to Add Posts to Custom Post Type
  98. What are the advantages and disadvantages of Option Tree over the Customization API?
  99. Should `get_template_directory_uri()` be escaped?
  100. How do I add settings to the Background Options Page?
Hata!: SQLSTATE[HY000] [1045] Access denied for user 'divattrend_liink'@'localhost' (using password: YES)