Additional escaping and removing of unnecessary title attributes.

content-single.php

@@ -17,7 +17,7 @@
 
  <div class="entry-content">
  <?php the_content(); ?>
- <?php wp_link_pages( array( 'before' => '<div class="page-links">' . __( 'Pages:', 'debut' ), 'after' => '</div>' ) ); ?>
+ <?php wp_link_pages( array( 'before' => '<div class="page-links">' . esc_html__( 'Pages:', 'debut' ), 'after' => '</div>' ) ); ?>
  </div><!-- .entry-content -->
 
  <footer class="entry-meta">
@@ -50,11 +50,11 @@
  $meta_text,
  $category_list,
  $tag_list,
- get_permalink(),
+ esc_url( get_permalink() ),
  the_title_attribute( 'echo=0' )
  );
  ?>
 
- <?php edit_post_link( __( 'Edit', 'debut' ), '<span class="edit-link">', '</span>' ); ?>
+ <?php edit_post_link( esc_html__( 'Edit', 'debut' ), '<span class="edit-link">', '</span>' ); ?>
  </footer><!-- .entry-meta -->
 </article><!-- #post-<?php the_ID(); ?> -->

functions.php

@@ -290,7 +290,7 @@ function debut_comment( $comment, $args, $depth ) {
  <?php echo get_avatar( $comment, 60 ); ?>
  <div class="comment-meta">
  <div class="perma-reply-edit">
- <a href="<?php echo esc_url( get_comment_link() ); ?>"><?php _e( 'Permalink', 'debut' ); ?></a>
+ <a href="<?php echo esc_url( get_comment_link() ); ?>"><?php esc_html_e( 'Permalink', 'debut' ); ?></a>
  <?php comment_reply_link( array_merge( $args, array( 'depth' => $depth, 'max_depth' => $args['max_depth'], 'before' => '&nbsp;&sdot;&nbsp;' ) ) );
  if ( $can_edit_post ) { edit_comment_link( __( 'Edit', 'debut' ), '&nbsp;&sdot;&nbsp;' ); } ?>
  </div><!-- .perma-reply-edit -->
@@ -460,7 +460,7 @@ function debut_lang_switcher() {
  $html = '<div class="debut-lang-switcher">';
  foreach( $lang as $value ) {
  if ( 0 == $value[ 'active' ] ) {
- $html .= '<a class="debut-lang" href="' . $value[ 'url' ] . '">' . $value[ 'language_code' ] . '</a>';
+ $html .= '<a class="debut-lang" href="' . esc_url( $value[ 'url' ] ) . '">' . esc_html( $value[ 'language_code' ] ) . '</a>';
  }
  }
  $html .= '</div><!-- end .debut-lang-switcher -->';

header.php

@@ -39,8 +39,8 @@
  */
  ?>
  <nav role="navigation" class="site-navigation small-navigation">
- <h1 class="assistive-text"><?php _e( 'Menu', 'debut' ); ?></h1>
- <div class="assistive-text skip-link"><a href="#content" title="<?php esc_attr_e( 'Skip to content', 'debut' ); ?>"><?php _e( 'Skip to content', 'debut' ); ?></a></div>
+ <h1 class="assistive-text"><?php esc_html_e( 'Menu', 'debut' ); ?></h1>
+ <div class="assistive-text skip-link"><a href="#content"><?php esc_html_e( 'Skip to content', 'debut' ); ?></a></div>
  <button class="menu-button">Menu</button>
  <?php wp_nav_menu( array( 'theme_location' => 'primary' ) ); ?>
  </nav>
@@ -53,7 +53,7 @@
  </div>
  <?php else : ?>
  <hgroup class="identity">
- <h1 class="site-title"><a href="<?php echo esc_url( home_url( '/' ) ); ?>" title="<?php echo esc_attr( get_bloginfo( 'name', 'display' ) ); ?>" rel="home"><?php bloginfo( 'name' ); ?></a></h1>
+ <h1 class="site-title"><a href="<?php echo esc_url( home_url( '/' ) ); ?>" rel="home"><?php bloginfo( 'name' ); ?></a></h1>
  <h2 class="site-description"><?php bloginfo( 'description' ); ?></h2>
  </hgroup>
  <?php endif; ?>
@@ -63,8 +63,8 @@
  </header><!-- #masthead .site-header -->
 
  <nav role="navigation" class="site-navigation main-navigation">
- <h1 class="assistive-text"><?php _e( 'Menu', 'debut' ); ?></h1>
- <div class="assistive-text skip-link"><a href="#content" title="<?php esc_attr_e( 'Skip to content', 'debut' ); ?>"><?php _e( 'Skip to content', 'debut' ); ?></a></div>
+ <h1 class="assistive-text"><?php esc_html_e( 'Menu', 'debut' ); ?></h1>
+ <div class="assistive-text skip-link"><a href="#content"><?php esc_html_e( 'Skip to content', 'debut' ); ?></a></div>
 
  <?php wp_nav_menu( array( 'theme_location' => 'primary' ) ); ?>
  </nav>

image.php

@@ -24,14 +24,14 @@
  printf( __( 'Published <span class="entry-date"><time class="entry-date" datetime="%1$s" pubdate>%2$s</time></span> at <a href="%3$s" title="Link to full-size image">%4$s &times; %5$s</a> in <a href="%6$s" title="Return to %7$s" rel="gallery">%7$s</a>', 'debut' ),
  esc_attr( get_the_date( 'c' ) ),
  esc_html( get_the_date() ),
- wp_get_attachment_url(),
+ esc_url( wp_get_attachment_url() ),
  $metadata['width'],
  $metadata['height'],
- get_permalink( $post->post_parent ),
- get_the_title( $post->post_parent )
+ esc_url( get_permalink( $post->post_parent ) ),
+ esc_html( get_the_title( $post->post_parent ) )
  );
  ?>
- <?php edit_post_link( __( 'Edit', 'debut' ), '<span class="sep">&nbsp&nbsp&bull;&nbsp&nbsp</span> <span class="edit-link">', '</span>' ); ?>
+ <?php edit_post_link( esc_html__( 'Edit', 'debut' ), '<span class="sep">&nbsp&nbsp&bull;&nbsp&nbsp</span> <span class="edit-link">', '</span>' ); ?>
  </div><!-- .entry-meta -->
 
  <nav id="image-navigation">
@@ -69,7 +69,7 @@
  }
  ?>
 
- <a href="<?php echo $next_attachment_url; ?>" title="<?php echo esc_attr( get_the_title() ); ?>" rel="attachment"><?php
+ <a href="<?php echo esc_url( $next_attachment_url ); ?>" title="<?php the_title_attribute(); ?>" rel="attachment"><?php
  $attachment_size = apply_filters( 'debut_attachment_size', array( 1200, 1200 ) ); // Filterable image size.
  echo wp_get_attachment_image( $post->ID, $attachment_size );
  ?></a>
@@ -95,9 +95,9 @@
  <?php elseif ( comments_open() && ! pings_open() ) : // Only comments open ?>
  <?php _e( 'Trackbacks are closed, but you can <a class="comment-link" href="#respond" title="Post a comment">post a comment</a>.', 'debut' ); ?>
  <?php elseif ( ! comments_open() && ! pings_open() ) : // Comments and trackbacks closed ?>
- <?php _e( 'Both comments and trackbacks are currently closed.', 'debut' ); ?>
+ <?php esc_html_e( 'Both comments and trackbacks are currently closed.', 'debut' ); ?>
  <?php endif; ?>
- <?php edit_post_link( __( 'Edit', 'debut' ), ' <span class="edit-link">', '</span>' ); ?>
+ <?php edit_post_link( esc_html__( 'Edit', 'debut' ), ' <span class="edit-link">', '</span>' ); ?>
  </footer><!-- .entry-meta -->
  </article><!-- #post-<?php the_ID(); ?> -->
 

no-results.php

@@ -11,7 +11,7 @@
 
 <article id="post-0" class="post no-results not-found">
  <header class="entry-header">
- <h1 class="entry-title"><?php _e( 'Nothing Found', 'debut' ); ?></h1>
+ <h1 class="entry-title"><?php esc_html_e( 'Nothing Found', 'debut' ); ?></h1>
  </header><!-- .entry-header -->
 
  <div class="entry-content">
@@ -21,11 +21,11 @@
 
  <?php } elseif ( is_search() ) { ?>
 
- <p><?php _e( 'Sorry, but nothing matched your search terms. Please try again with some different keywords.', 'debut' ); ?></p>
+ <p><?php esc_html_e( 'Sorry, but nothing matched your search terms. Please try again with some different keywords.', 'debut' ); ?></p>
 
  <?php } else { ?>
 
- <p><?php _e( 'It seems we can&rsquo;t find what you&rsquo;re looking for. Perhaps searching can help.', 'debut' ); ?></p>
+ <p><?php esc_html_e( 'It seems we can&rsquo;t find what you&rsquo;re looking for. Perhaps searching can help.', 'debut' ); ?></p>
 
  <?php } ?>
  </div><!-- .entry-content -->

searchform.php

@@ -7,7 +7,7 @@
  */
 ?>
  <form method="get" class="searchform" action="<?php echo esc_url( home_url( '/' ) ); ?>" role="search">
- <label for="s" class="assistive-text"><?php _e( 'Search', 'debut' ); ?></label>
+ <label for="s" class="assistive-text"><?php esc_html_e( 'Search', 'debut' ); ?></label>
  <input type="text" class="field" name="s" id="s" placeholder="<?php esc_attr_e( 'Search &hellip;', 'debut' ); ?>" />
  <input type="submit" class="submit searchsubmit" name="submit" value="<?php esc_attr_e( 'Search', 'debut' ); ?>" />
  </form>

sidebar.php

@@ -15,14 +15,14 @@
  </aside>
 
  <aside id="archives" class="widget">
- <h1 class="widget-title"><?php _e( 'Archives', 'debut' ); ?></h1>
+ <h1 class="widget-title"><?php esc_html_e( 'Archives', 'debut' ); ?></h1>
  <ul>
  <?php wp_get_archives( array( 'type' => 'monthly' ) ); ?>
  </ul>
  </aside>
 
  <aside id="meta" class="widget">
- <h1 class="widget-title"><?php _e( 'Meta', 'debut' ); ?></h1>
+ <h1 class="widget-title"><?php esc_html_e( 'Meta', 'debut' ); ?></h1>
  <ul>
  <?php wp_register(); ?>
  <li><?php wp_loginout(); ?></li>

single.php

@@ -22,7 +22,7 @@
  if ( comments_open() || '0' != get_comments_number() ) {
  comments_template( '', true );
  } elseif ( ! comments_open() ) { ?>
- <p class="nocomments"><?php _e( 'Comments are closed.', 'debut' ); ?></p>
+ <p class="nocomments"><?php esc_html_e( 'Comments are closed.', 'debut' ); ?></p>
  <?php } 
  ?>