Replacing the __( with a proper escaping translation file.

Author: krugazul

includes/classes/class-confirm-payment.php

@@ -121,7 +121,7 @@ public function confirm_payment() {
 		if ( ! isset( $_POST['nonce'] ) || false === wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST['nonce'] ) ), 'pff-paystack-confirm' ) ) {
 			$response = array(
 				'error' => true,
-				'error_message' => __( 'Nonce verification is required.', 'pff-paystack' ),
+				'error_message' => esc_html__( 'Nonce verification is required.', 'pff-paystack' ),
 			);
 
 			exit( wp_json_encode( $response ) );	
@@ -132,7 +132,7 @@ public function confirm_payment() {
 		if ( ! isset( $_POST['code'] ) || '' === trim( wp_unslash( $_POST['code'] ) ) ) {
 			$response = array(
 				'error' => true,
-				'error_message' => __( 'Did you make a payment?', 'pff-paystack' ),
+				'error_message' => esc_html__( 'Did you make a payment?', 'pff-paystack' ),
 			);
 
 			exit( wp_json_encode( $response ) );
@@ -169,14 +169,14 @@ public function confirm_payment() {
 				}
 			} else {
 				$response = [
-					'message' => __( 'Failed to connect to Paystack.', 'pff-paystack' ),
+					'message' => esc_html__( 'Failed to connect to Paystack.', 'pff-paystack' ),
 					'result'  => 'failed',
 				];	
 			}
 
 		} else {
 			$response = [
-				'message' => __( 'Payment Verification Failed', 'pff-paystack' ),
+				'message' => esc_html__( 'Payment Verification Failed', 'pff-paystack' ),
 				'result'  => 'failed',
 			];
 		}
@@ -244,7 +244,7 @@ public function confirm_payment() {
 	 */
 	public function add_param_to_url( $url, $ref ) {
 		// Parse the URL.
-		$parsed_url = parse_url( $url );
+		$parsed_url = wp_parse_url( $url );
 
 		// Parse query parameters into an array.
 		parse_str( isset( $parsed_url['query'] ) ? $parsed_url['query'] : '', $query_params );
@@ -312,7 +312,7 @@ protected function update_payment_dates( $data ) {
 		global $wpdb;
 		$table  = $wpdb->prefix . PFF_PAYSTACK_TABLE;
 		$return = [
-			'message' => __( 'DB not updated.', 'pff-paystack' ),
+			'message' => esc_html__( 'DB not updated.', 'pff-paystack' ),
 			'result' => 'failed',
 		];
 
@@ -355,7 +355,7 @@ protected function update_payment_dates( $data ) {
 				if ( (int) $this->oamount !== (int) $amount_paid ) {
 					$return = [
 						// translators: %1$s: currency, %2$s: formatted amount required
-						'message' => sprintf( __( 'Invalid amount Paid. Amount required is %1$s<b>%2$s</b>', 'pff-paystack' ), $this->meta['currency'], number_format( $this->oamount ) ),
+						'message' => sprintf( esc_html__( 'Invalid amount Paid. Amount required is %1$s<b>%2$s</b>', 'pff-paystack' ), $this->meta['currency'], number_format( $this->oamount ) ),
 						'result' => 'failed',
 					];
 				} else {

includes/classes/class-email-invoice.php

@@ -60,7 +60,7 @@ public function send_invoice( $form_id, $currency, $amount, $name, $email, $code
 
 		$this->subject = sprintf(
 			// Translators: %1$s is the currency code, %2$s is the formatted amount
-			__( 'Payment Invoice for %1$s %2$s', 'text-domain' ),
+			esc_html__( 'Payment Invoice for %1$s %2$s', 'text-domain' ),
 			$currency,
 			number_format( $amount )
 		);

includes/classes/class-email-receipt-owner.php

@@ -56,7 +56,7 @@ function send_receipt_owner( $form_id, $currency, $amount, $name, $email, $code,
 		$this->metadata   = $metadata;
 
 		// Custom Values
-		$this->subject     = __( 'You just received a payment' , 'pff-paystack' );
+		$this->subject     = esc_html__( 'You just received a payment' , 'pff-paystack' );
 		$this->heading     = get_post_meta( $form_id, '_heading', true );
 		$this->sitemessage = get_post_meta( $form_id, '_message', true );
 

includes/classes/class-field-shortcodes.php

@@ -37,7 +37,7 @@ public function __construct() {
 	public function text_field( $atts ) {
 		$atts = shortcode_atts(
 			array(
-				'name'     => __( 'Title', 'pff-paystack' ),
+				'name'     => esc_html__( 'Title', 'pff-paystack' ),
 				'required' => '0',
 			),
 			$atts,
@@ -71,7 +71,7 @@ public function text_field( $atts ) {
 	public function textarea_field( $atts ) {
 		$atts = shortcode_atts(
 			array(
-				'name'     => __( 'Title', 'pff-paystack' ),
+				'name'     => esc_html__( 'Title', 'pff-paystack' ),
 				'required' => '0',
 			),
 			$atts,
@@ -106,7 +106,7 @@ public function textarea_field( $atts ) {
 	public function checkbox_field( $atts ) {
 		$atts = shortcode_atts(
 			array(
-				'name'     => __( 'Title', 'pff-paystack' ),
+				'name'     => esc_html__( 'Title', 'pff-paystack' ),
 				'options'  => '',
 				'required' => '0',
 			),
@@ -150,7 +150,7 @@ public function checkbox_field( $atts ) {
 	public function input_field( $atts ) {
 		$atts = shortcode_atts(
 			array(
-				'name'     => __( 'Title', 'pff-paystack' ),
+				'name'     => esc_html__( 'Title', 'pff-paystack' ),
 				'required' => '0',
 			),
 			$atts,
@@ -172,7 +172,7 @@ public function input_field( $atts ) {
 		$code .= '</label>';
 		$code .= '<div class="input append-small-btn">';
 		$code .= '<div class="file-button">';
-		$code .= __( 'Browse', 'pff-paystack' );
+		$code .= esc_html__( 'Browse', 'pff-paystack' );
 		$code .= '<input type="file" id="' . esc_attr( $fileInputId ) . '" name="' . esc_attr( $name ) . '" onchange="document.getElementById(\'' . esc_attr( $textInputId ) . '\').value = this.value;" ' . esc_attr( $required ) . '>';
 		$code .= '</div>';
 		$code .= '<input type="text" id="' . esc_attr( $textInputId ) . '" readonly="" placeholder="' . esc_attr__( 'No file selected', 'pff-paystack' ) . '">';
@@ -189,7 +189,7 @@ public function input_field( $atts ) {
 	public function datepicker_field( $atts ) {
 		$atts = shortcode_atts(
 			array(
-				'name'     => __( 'Title', 'pff-paystack' ),
+				'name'     => esc_html__( 'Title', 'pff-paystack' ),
 				'required' => '0',
 			),
 			$atts,
@@ -223,7 +223,7 @@ public function datepicker_field( $atts ) {
 	public function select_field( $atts ) {
 		$atts = shortcode_atts(
 			array(
-				'name'     => __( 'Title', 'pff-paystack' ),
+				'name'     => esc_html__( 'Title', 'pff-paystack' ),
 				'options'  => '',
 				'required' => '0',
 			),
@@ -264,7 +264,7 @@ public function select_field( $atts ) {
 	public function radio_field( $atts ) {
 		$atts = shortcode_atts(
 			array(
-				'name'     => __( 'Title', 'pff-paystack' ),
+				'name'     => esc_html__( 'Title', 'pff-paystack' ),
 				'options'  => '',
 				'required' => '0',
 			),

includes/classes/class-form-shortcode.php

@@ -144,7 +144,7 @@ public function form_shortcode( $atts ) {
 				if ( $show_form ) {
 
 					if ( 'yes' === $this->meta['useinventory'] && 0 >= $this->stock ) {
-						echo '<h1>' . __( 'Out of Stock', 'pff-paystack' ) . '</h1>';
+						$html[] = '<h1>' . esc_html__( 'Out of Stock', 'pff-paystack' ) . '</h1>';
 					} else {
 						// Form title
 						if ( $this->meta['hidetitle'] != 1 ) {
@@ -180,13 +180,13 @@ public function form_shortcode( $atts ) {
 					}
 
 				} else {
-					$html[] = '<h5>' . __( 'You must be logged in to make a payment.', 'pff-paystack' ) . '</h5>';
+					$html[] = '<h5>' . esc_html__( 'You must be logged in to make a payment.', 'pff-paystack' ) . '</h5>';
 				}
 			} else {
-				$html[] = '<h5>' . __( 'Invalid Paystack form ID or the form does not exist.', 'pff-paystack' ) . '</h5>';
+				$html[] = '<h5>' . esc_html__( 'Invalid Paystack form ID or the form does not exist.', 'pff-paystack' ) . '</h5>';
 			}
 		} else {
-			$html[] = '<h5>' . __( 'No Paystack form ID provided.', 'pff-paystack' ) . '</h5>';
+			$html[] = '<h5>' . esc_html__( 'No Paystack form ID provided.', 'pff-paystack' ) . '</h5>';
 		}
 
 		$html = implode( '', $html );
@@ -242,7 +242,7 @@ public function set_meta_data( $obj ) {
 			$this->meta['paymentoptions'] = array_map( 'sanitize_text_field', $this->meta['paymentoptions'] );
 		}
 
-		$this->meta['planerrorcode'] = __( 'Input Correct Recurring Plan Code', 'pff-paystack' );
+		$this->meta['planerrorcode'] = esc_html__( 'Input Correct Recurring Plan Code', 'pff-paystack' );
 
 		if ( 'plan' === $this->meta['recur'] ) {
 			if ( '' === $this->meta['recurplan'] ) {
@@ -307,9 +307,9 @@ public function get_hidden_fields() {
 	 */
 	public function get_fullname_field() {
 		$html = '<div class="span12 unit">
-			<label class="label">' . __( 'Full Name', 'pff-paystack' ) . ' <span>*</span></label>
+			<label class="label">' . esc_html__( 'Full Name', 'pff-paystack' ) . ' <span>*</span></label>
 			<div class="input">
-				<input type="text" name="pf-fname" placeholder="' . __( 'First & Last Name', 'pff-paystack' ) . '" value="' . esc_attr( $this->user['fullname'] ) . '" required>
+				<input type="text" name="pf-fname" placeholder="' . esc_html__( 'First & Last Name', 'pff-paystack' ) . '" value="' . esc_attr( $this->user['fullname'] ) . '" required>
 			</div>
 		</div>';
 		return $html;
@@ -322,9 +322,9 @@ public function get_fullname_field() {
 	 */
 	public function get_email_field() {
 		$html = '<div class="span12 unit">
-			<label class="label">' . __( 'Email', 'pff-paystack' ) . ' <span>*</span></label>
+			<label class="label">' . esc_html__( 'Email', 'pff-paystack' ) . ' <span>*</span></label>
 			<div class="input">
-				<input type="email" name="pf-pemail" placeholder="' . __( 'Enter Email Address', 'pff-paystack' ) . '" id="pf-email" value="' . esc_attr( $this->user['email'] ) . '" ' . ( $this->meta['loggedin'] == 'yes' ? 'readonly' : '' ) . ' required>
+				<input type="email" name="pf-pemail" placeholder="' . esc_html__( 'Enter Email Address', 'pff-paystack' ) . '" id="pf-email" value="' . esc_attr( $this->user['email'] ) . '" ' . ( $this->meta['loggedin'] == 'yes' ? 'readonly' : '' ) . ' required>
 			</div>
 		</div>';
 		return $html;
@@ -371,7 +371,7 @@ public function get_amount_field() {
 			} else {
 
 				if ( '' === $this->meta['variableamount'] || 0 === $this->meta['variableamount'] || ! is_array( $this->meta['paymentoptions'] ) ) {
-					$html[] = __( 'Form Error, set variable amount string', 'pff-paystack' );
+					$html[] = esc_html__( 'Form Error, set variable amount string', 'pff-paystack' );
 				} else if ( count( $this->meta['paymentoptions'] ) > 0 ) {
 					$html[] = '<div class="select">
 							<input type="hidden"  id="pf-vname" name="pf-vname" />
@@ -538,44 +538,44 @@ public function get_retry_form( $code = '' ) {
 
 
 			$html[] = '<div class="divider-text gap-top-20 gap-bottom-45">
-							<span>' . __( 'Payment Invoice', 'pff-paystack' ) . '</span>
+							<span>' . esc_html__( 'Payment Invoice', 'pff-paystack' ) . '</span>
 						</div>';
 
 			$html[] = '<div class="j-row">';
 
 			$html[] = '<div class="span12 unit">
-							<label class="label inline">' . __( 'Email:', 'pff-paystack' ) . '</label>
+							<label class="label inline">' . esc_html__( 'Email:', 'pff-paystack' ) . '</label>
 							<strong><a href="mailto:' . esc_attr( $record->email ) . '">' . esc_html( $record->email ) . '</a></strong>
 						</div>';
 
 			$html[] = '<div class="span12 unit">
-							<label class="label inline">' . __( 'Amount:', 'pff-paystack' ) . '</label>
+							<label class="label inline">' . esc_html__( 'Amount:', 'pff-paystack' ) . '</label>
 							<strong>' . esc_html( $this->meta['currency'] . number_format( $record->amount ) ) . '</strong>
 						</div>';
 
 
 			$html[] = $this->helpers->format_meta_as_display_fields( $record->metadata );
 
 			$html[] = '<div class="span12 unit">
-							<label class="label inline">' . __( 'Date:', 'pff-paystack' ) . '</label>
+							<label class="label inline">' . esc_html__( 'Date:', 'pff-paystack' ) . '</label>
 							<strong>' . esc_html( $record->created_at ) . '</strong>
 						</div>';
 
 			if ( 1 === intval( $record->paid ) ) {
 				$html[] = '<div class="span12 unit">
-								<label class="label inline">' . __( 'Payment Status:', 'pff-paystack' ) . '</label>
-								<strong>' . __( 'Successful', 'pff-paystack' ) . '</strong>
+								<label class="label inline">' . esc_html__( 'Payment Status:', 'pff-paystack' ) . '</label>
+								<strong>' . esc_html__( 'Successful', 'pff-paystack' ) . '</strong>
 							</div>';
 			}
 
 			$html[] = '</div>';
 			$html[] = '</div>';
 
 			$html[] = '<div class="footer">';
-			$html[] = '<small><span style="color: red;">*</span> ' . __( 'are compulsory', 'pff-paystack' ) . '</small><br>';
+			$html[] = '<small><span style="color: red;">*</span> ' . esc_html__( 'are compulsory', 'pff-paystack' ) . '</small><br>';
 			$html[] = '<img class="paystack-cardlogos size-full wp-image-1096" alt="cardlogos" src="' . esc_url( PFF_PAYSTACK_PLUGIN_URL . '/assets/images/[email protected]' ) . '">';
 			if ( 0 === intval( $record->paid ) ) {
-				$html[] = '<button type="submit" class="primary-btn" id="submitbtn">' . __( 'Retry Payment', 'pff-paystack' ) . '</button>';
+				$html[] = '<button type="submit" class="primary-btn" id="submitbtn">' . esc_html__( 'Retry Payment', 'pff-paystack' ) . '</button>';
 			}
 
 			$html[] = ' </div>';

includes/classes/class-form-submit.php

@@ -97,21 +97,21 @@ protected function valid_submission() {
 
 		if ( ! isset( $_POST['pf-nonce'] ) || false === wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST['pf-nonce'] ) ), 'pff-paystack-invoice' ) ) {
 			$this->response['result']  = 'failed';
-			$this->response['message'] = __( 'Nonce verification is required.', 'pff-paystack' );
+			$this->response['message'] = esc_html__( 'Nonce verification is required.', 'pff-paystack' );
 			return false;			
 		}
 
 		if ( ! isset( $_POST['pf-id'] ) || '' == trim( sanitize_text_field( wp_unslash( $_POST['pf-id'] ) ) ) ) {
 			$this->response['result']  = 'failed';
-			$this->response['message'] = __( 'A form ID is required', 'pff-paystack' );
+			$this->response['message'] = esc_html__( 'A form ID is required', 'pff-paystack' );
 			return false;
 		} else {
 			$this->form_id = sanitize_text_field( wp_unslash( $_POST['pf-id'] ) );
 		}
 
 		if ( ! isset( $_POST['pf-pemail'] ) || '' == trim( sanitize_text_field( wp_unslash( $_POST['pf-pemail'] ) ) ) ) {
 			$this->response['result']  = 'failed';
-			$this->response['message'] = __( 'Email is required', 'pff-paystack' );
+			$this->response['message'] = esc_html__( 'Email is required', 'pff-paystack' );
 			return false;
 		}
 		return true;
@@ -248,7 +248,7 @@ public function process_images() {
 					if ( $value['size'] > $max_file_size ) {
 						$response['result']  = 'failed';
 						// translators: %s: maximum upload file size in MB
-						$response['message'] = sprintf( __( 'Max upload size is %sMB', 'pff-paystack' ), $this->meta['filelimit'] );
+						$response['message'] = sprintf( esc_html__( 'Max upload size is %sMB', 'pff-paystack' ), $this->meta['filelimit'] );
 						exit( wp_json_encode( $response ) );
 					} else {
 						$attachment_id  = media_handle_upload( $key_name, $this->form_id );
@@ -265,7 +265,7 @@ public function process_images() {
 						'display_name'  => ucwords( str_replace( '_', ' ', $key_name ) ),
 						'variable_name' => $key_name,
 						'type'          => 'text',
-						'value'         => __( 'No file Uploaded', 'pff-paystack' ),
+						'value'         => esc_html__( 'No file Uploaded', 'pff-paystack' ),
 					);
 				}
 			}
@@ -307,7 +307,7 @@ public function submit_action() {
 
 		// Store the single unit price.
 		$this->fixed_metadata[] = array(
-			'display_name'  => __( 'Unit Price', 'pff-paystack' ),
+			'display_name'  => esc_html__( 'Unit Price', 'pff-paystack' ),
 			'variable_name' => 'Unit_Price',
 			'type'          => 'text',
 			'value'         => $this->meta['currency'] . number_format( $amount ),
@@ -478,15 +478,15 @@ public function process_recurring_plans( $amount ) {
 		if ( 'none' !== $plan_code ) {
 			$this->meta['plancode'] = $plan_code;
 			$this->fixed_metadata[] = array(
-				'display_name'  => __( 'Plan', 'pff-paystack' ),
+				'display_name'  => esc_html__( 'Plan', 'pff-paystack' ),
 				'variable_name' => 'Plan',
 				'type'          => 'text',
 				'value'         => $plan_code,
 			);
 
 			if ( false !== $has_interval ) {
 				$this->fixed_metadata[] = array(
-					'display_name'  => __( 'Plan Interval', 'pff-paystack' ),
+					'display_name'  => esc_html__( 'Plan Interval', 'pff-paystack' ),
 					'variable_name' => 'Plan Interval',
 					'type'          => 'text',
 					'value'         => $has_interval,

includes/classes/class-forms-list.php

@@ -36,7 +36,7 @@ public function quick_edit_links( $actions, $post ) {
 		if ( get_post_type( $post ) === 'paystack_form' ) {
 			unset( $actions['view'] );
 			unset( $actions['quick edit'] );
-			$actions['export'] = '<a href="' . admin_url( 'edit.php?post_type=paystack_form&page=submissions&form=' . $post->ID ) . '" >' . __( 'View Payments', 'payment_forms' ) . '</a>';
+			$actions['export'] = '<a href="' . admin_url( 'edit.php?post_type=paystack_form&page=submissions&form=' . $post->ID ) . '" >' . esc_html__( 'View Payments', 'payment_forms' ) . '</a>';
 		}
 		return $actions;
 	}
@@ -50,10 +50,10 @@ public function quick_edit_links( $actions, $post ) {
 	public function register_columns( $columns ) {
 		$columns = array(
 			'cb'        => '<input type="checkbox" />',
-			'title'     => __( 'Name', 'pff-paystack' ),
-			'shortcode' => __( 'Shortcode', 'pff-paystack' ),
-			'payments'  => __( 'Payments', 'pff-paystack' ),
-			'date'      => __( 'Date', 'pff-paystack' )
+			'title'     => esc_html__( 'Name', 'pff-paystack' ),
+			'shortcode' => esc_html__( 'Shortcode', 'pff-paystack' ),
+			'payments'  => esc_html__( 'Payments', 'pff-paystack' ),
+			'date'      => esc_html__( 'Date', 'pff-paystack' )
 		);
 		return $columns;
 	}