Cleaning and sanitizing php code as per WP coding standard

Question

I have few lines of code which i need to clean up as per WP coding standard using the functions like esc_html, wp_kses() etc (https://developer.wordpress.org/reference/functions/wp_kses/). That code generates a printing button on the post detail page. The problem is i can't figure out the correct way to use wp_kses function so as to show the button on the page. Could anyone help me here? I am a beginner for php. Thanks in advance!

Code on the file

<!-- printer friednly link  -->
    <?php if(function_exists('pf_show_link')){echo pf_show_link();} ?>

Code i am trying to add which is not outputting any button

<!-- printer friednly link  -->
    <?php
    if ( function_exists( 'pf_show_link' ) ) {
        $allowed_tags = array(
            'strong' => array(),
            'a'      => array(
                'href'  => array(),
                'title' => array(),
            ),
        );
        echo wp_kses( $allowed_tags );
    }
    ?>

Answer 1

I am not sure you should use wp_kses here at all. If you are the one who generates that html output with function, you don't need to sanitize. Anyway, if you really want to, you must list all html tags you use (so also, div, img...) and all attributes inside those tags (style, src, onclick...). Try like this:

$allowed_tags = array(
    'div'    => array(),
    'img'    => array(
        'style' => array(),
        'src' => array(),
        'alt' => array()
    ),
    'strong' => array(),
    'a'      => array(
        'href'  => array(),
        'title' => array(),
        'rel' => array(),
        'onclick' => array(),
        'class' => array(),
        'data-wpel-link' => array()
    ),
);

echo wp_kses(pf_show_link(), $allowed_tags);