Search code examples
phphtmlwordpressline-breaksemail-confirmation

Wordpress how to use line breaks while escaping html tags

I would like to separate the Welcome to %s and Thanks for creating account on %1$s by making each appear in a separate row.

They are currently jammed together/messed up when translating the phrases on a RTL site.

protected function send_account_email( $user_data, $user_id ) {
            
  $to      = $user_data['user_email'];
  $subject = sprintf( esc_html__( 'Welcome to %s', 'my-plugin' ), get_option( 'blogname' ) );
  $body    = sprintf( esc_html__( 'Thanks for creating account on %1$s. Your username is: %2$s ',
    'my-plugin' ), get_option( 'blogname' ), $user_data['user_login'] );
}
Solution

  • You need a "line break" to separate them out! You could use html tags such as:

    • br tag
    • p tag
    • h1 tag

    Just to name a few!

    BUT you're using esc_html__ to translate AND escape html. Why do you need to use esc_html__ to retrieve the name of your blog from your database? Why?

    That being said, there is a whitelisting technique you could use to translate and escape unwanted html at the same time.

    Using wp_kses you would be able to define a "white-list" for allowed html tags and escape the rest of them.

    You could read more about it:

    wp_ksesDocs

    and

    This post on whitelisting html tags

    So your code would be something like this:

    Using <br> tag:

    protected function send_account_email( $user_data, $user_id ) {

  $whitelist_tags = array(

    'br' => array(),
  
  );
        
  $to      = $user_data['user_email'];

  $subject = sprintf(wp_kses(__('Welcome to %s <br>', 'my-plugin'), $whitelist_tags), get_option( 'blogname' ));

  $body    = sprintf( esc_html__( 'Thanks for creating account on %1$s. Your username is: %2$s ',
      'my-plugin' ), get_option( 'blogname' ), $user_data['user_login'] );
}

    OR using <p> tag:

    protected function send_account_email( $user_data, $user_id ) {

  $whitelist_tags = array(

    'p' => array()
  
  );
        
  $to      = $user_data['user_email'];
  
  $subject = sprintf(wp_kses(__('<p>Welcome to %s </p>', 'my-plugin'), $whitelist_tags), get_option( 'blogname' ));

  $body    = sprintf( esc_html__( 'Thanks for creating account on %1$s. Your username is: %2$s ',
      'my-plugin' ), get_option( 'blogname' ), $user_data['user_login'] );
}

    OR using <h1> tag:

    protected function send_account_email( $user_data, $user_id ) {

  $whitelist_tags = array(

    'h1' => array(),
  
  );
        
  $to      = $user_data['user_email'];

  $subject = sprintf(wp_kses(__('<h1>Welcome to %s </h1>', 'my-plugin'), $whitelist_tags), get_option( 'blogname' ));

  $body    = sprintf( esc_html__( 'Thanks for creating account on %1$s. Your username is: %2$s ',
      'my-plugin' ), get_option( 'blogname' ), $user_data['user_login'] );
}

    Note:

    • $whitelist_tags is an array, so you could add multiple tags to it!
    • Also, I've only used those tags in your $subject variable, you could use the exact technique in your $body variable too, if you need to!
    • I've also used __() with combination of wp_kses instead of esc_html__ in order to translate AND escape unwanted html!