Ben Greeley
Forum Replies Created
-
@srd75 FWIW, I added your code to my testing site, and I don’t get the same warning. What types of pages are the warnings coming from? Generally, that type of error means you’re trying to run a function in a hook that is firing too early, but from what I can tell,
is_page()should be able to run withinwp_enqueue_scripts.If you notice the warning comes from a specific type of page or post, you can add a check to ensure you’re on a type of page that should be able to use the function.
Good luck, and I hope that helps!
Forum: Fixing WordPress
In reply to: Rest Api restrict access from external site@aselma10 To lock down your REST API so it is inaccessible from outside users and requires authentication, you’ll need to install a plugin. Here are a couple that add the functionality. I’ve used the first one in the past, but both seem to do what you’re looking for.
Once the plugin is installed and activated, you can then use the Application Password token that you’re able to generate from the WordPress user admin section.
https://wordpress.org/plugins/rest-api-toolbox/
https://wordpress.org/plugins/wp-rest-api-authentication/Forum: Developing with WordPress
In reply to: Sanitizing output when returningGood question @guido07111975 . I actually should have pointed you to use the function
esc_html__()https://developer.wordpress.org/reference/functions/esc_html__/ which will do both the translation and escaping in one. The reason you should run your translation function through a escaping function (or even better, one of the escapting functions that does translations) is there’s a small but non-zero chance that there’s a malicious string in the translation. This article does a great job explaining the problem and the solutions.Forum: Plugins
In reply to: [Health Check & Troubleshooting] Email notifications?@dianat It doesn’t look like this is a feature that is supported by Health Check or any easy way to hook into the functionality.
If it’s a feature you feel would be helpful to include in a future release, I’d encourage you to open an issue in the GitHub repo at https://github.com/WordPress/health-check/issues
Forum: Plugins
In reply to: [Classic Editor] Loss of right sidebar in editor@cdjonah This might be due to your screen options changing if this affects you but not other users. If you look at the top right hand side of the page, you’ll see a ‘Screen Options’ tab you can click on that will provide options of what you see on the screen.
The ‘Layout’ and ‘Screen Elements’ sections may have been toggled. See the following screencast to see how to configure it: https://d.pr/i/cRj9mE
Forum: Developing with WordPress
In reply to: Sanitizing output when returning@guido07111975: You’d want the
esc_html()to be wrapped around your__( 'My Text', 'my-text-domain' )function, so similar to what you had previously – the rest of it wouldn’t need to be escaped since it’s hard-coded HTML. Hope that all makes sense.- This reply was modified 3 years, 9 months ago by Ben Greeley.
Forum: Fixing WordPress
In reply to: custom css formatting being overridden by theme@shinjukumike If your theme has a support forum, you might have better luck there, but I’d recommend you read about CSS specificity and how it works. You should look at the specificity of the CSS rule that is overriding your styles and make sure your styles are more specific (ie they target your elements as specifically as possible so that it has a higher specificity, and will be used on your page).
Forum: Fixing WordPress
In reply to: Exclude pages from Page List Block@maliwi The Page List Block doesn’t have much for configuration options, but there’s a way you can do this with the ‘Posts List’ block.
Add the ‘Posts List’ block to your post, change the ‘post type’ to ‘Page’ switch into ‘code editor’ view and you’ll notice an empty parameter in the block data. You can then add the IDs you want to exclude (comma-delimited). See this video for an overview of setting it up:
Forum: Fixing WordPress
In reply to: Page unresponsive after every 5 minutes@mahekdedhia You should reach out to Divi’s support for assistance, as this forum is specific to help with WordPress and the free themes/plugins in the directory. Divi is a premium theme that has its own sites for support.
- This reply was modified 3 years, 9 months ago by Ben Greeley.
Forum: Fixing WordPress
In reply to: Missing Post FeaturesHi @digital2019, sorry to hear about the issues after updating to WP v6. Do you by chance have screenshots of before/after the update? Which WP version did you update from?
If you’re using the block editor (Gutenberg), one thing you could try is click on the 3 vertical dots on the top-righthand side of the editor, click on ‘Preferences’, and click on ‘Panels’. It should have the ability to toggle what is displayed as panels. See the following screencast to see what I mean: https://d.pr/i/mQqlcl
Forum: Developing with WordPress
In reply to: Sanitizing output when returning@guido07111975 The general guidance is to escape as late as possible. So ideally, if you are echoing data, you’d wrap that data in an escape function. If PHPCS sees an
echo $var;without being escaped, it’s going to assume it’s not escaped and raise and issue.The deciding factor of whether your function should return escaped data is how your specific function is going to be used. For example, if you are creating a utility function similar to Core’s get_site_url(), which returns the site URL, it likely doesn’t make sense to escape the data, as it may be used for output but it may not be as well. Somebody using that function would be wrapping the results of that function in
esc_url()to follow best practices and ensure that it’s escaped. However, if your function is doing something along the lines of creating HTML for a page such as a function namedget_generated_section_html()it would be best to ensure all the data you are outputting is sanitized, especially if the data is using $_GET or $_POST. It’ll still be up to wherever that function is being output to properly run through a function likewp_kses_post(), but that extra bit of escaping won’t hurt.Side-note on your usage of
esc_attr()in your example: esc_attr is useful for escaping a variable that is used in HTML attributes such as<img alt="<?php echo esc_attr( $alt_text ); ?> />, however in your example it looks likeesc_html()would be better to use since it would be escaping a block of HTML.Hopefully that all makes sense and helps put you on the right track.
- This reply was modified 3 years, 9 months ago by Ben Greeley.
- This reply was modified 3 years, 9 months ago by Ben Greeley.
- This reply was modified 3 years, 9 months ago by Ben Greeley.
Forum: Fixing WordPress
In reply to: Using htaccess to redirect from a ?q= stub.@kenney84 You are close, try adding the QSD flag like the following. See https://httpd.apache.org/docs/current/rewrite/flags.html for more information about Rewriterule flags.
<IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{QUERY_STRING} q=downloads RewriteRule (.*) /downloads/ [R=301,L,QSD] </IfModule>Forum: Fixing WordPress
In reply to: Looking for a very simple calendar plugin@doylegirl It sounds like you might want to look into installing a block that implements events. This one looks like a pretty simple event block where you fill in the blanks and it adds an event to your page. This would be able to be added to any post type.
Hope that helps!
Forum: Fixing WordPress
In reply to: Unable To Play Videos On iPhoneHi @jwraight, I’m not sure if it helps, but I just checked out your video on my iPhone 13, and it seems to play fine. My guess is it is an issue with the specific video’s encoding not working with your phone, but unfortunately, I don’t have additional insight to what specifically would be causing this, but it doesn’t seem to be caused by WordPress since uploaded videos aren’t modified on upload.
One possible suggestion is to embed your videos on a video hosting website such as YouTube or Vimeo and embed the video on your website. This has some advantages, such as saving space on your server and allowing the video to be streamable instead of needing to be downloaded by a user before being able to be played.
Forum: Fixing WordPress
In reply to: Plugins Update Error@telelinkzcalling I just tested installing Jetpack on my own site, and it seems to install without any issues. It could very well be a connectivity issue with your hosting server or a different issue with your specific hosting setup. I’d recommend getting in touch with support for your hosting service and see if they can help you troubleshoot.