Posts by kotofey

125 posts I know Chuck
  • Elite Author: Sold more than $75,000 on Envato Market
  • Has sold $125,000+ on Envato Market
  • Has been part of the Envato Community for over 5 years
  • Sells items exclusively on Envato Market
+4 more
kotofey
says

So you’re saying that most of our buyers are from USA? I doubt that. This is not just about long weekend in USA, we know that.

Top 3 ( countries 2014 – 2015)

1. USA
2. Germany
3. India

Top 3 ( transactions 2014 – 2015)
1. USA
2. Germany
3. United Kingdom

125 posts I know Chuck
  • Elite Author: Sold more than $75,000 on Envato Market
  • Has sold $125,000+ on Envato Market
  • Has been part of the Envato Community for over 5 years
  • Sells items exclusively on Envato Market
+4 more
kotofey
says


@UXbarn: surely, you must use esc_html instead. I fall asleep :)

Hmm. I don’t think this is what I can use because I need to print out that HTML to be rendered on screen. If I use “esc_html()” for the ”$output” variable, I will get the plain string on screen (escaped HTML).

Are there any reviewers or staff can give a clear answer about this? What method do I need to use to validate the final echo here? Or, in other words, what method to validate the entire “HTML output” when echoing it?

Yep :) Ok, let’s start again. I’m not sure is that a good idea to output html using variables.

Better way:
$text = ot_get_option( 'text_option' ); // From Theme Options
$class = ot_get_option( 'class_option' ); // From Theme Options

<!--- somewhere in the html structure --->
<span class="<?php echo esc_attr( $class ); ?>"><?php echo esc_html( $text ); ?></span>

In this example you’re ‘escaping’ the final output. This is a best practice.

125 posts I know Chuck
  • Elite Author: Sold more than $75,000 on Envato Market
  • Has sold $125,000+ on Envato Market
  • Has been part of the Envato Community for over 5 years
  • Sells items exclusively on Envato Market
+4 more
kotofey
says


Hi UXbarn,

Test this code and you’ll find an answer ;)

$text = ot_get_option( 'text_option' ); // From Theme Options
$class = '"><script>alert("Greetings! You have been hacked.");</script>"<' ;
$output = '<span class="' . esc_attr( $class ) . '">' . $text . '</span>';

echo $output;

Then, test this:

$text = ot_get_option( 'text_option' ); // From Theme Options
$class = '"><script>alert("Greetings! You have been hacked.");</script>"<' ;
$output = '<span class="' . esc_attr( $class ) . '">' . $text . '</span>';

echo esc_attr( $output ) ;

;)

UPD: Sorry, it’s wrong example. I didn’t sleep about 20 hours. :) But I would recommend escaping in the final output.
So you’re telling me the hacker can change the PHP code? If he gained ftp or ssh access, why the heck would you consider escaping attributes?

My example telling why you need to use escaping (and as I say earlier, my example is wrong in our situation).

125 posts I know Chuck
  • Elite Author: Sold more than $75,000 on Envato Market
  • Has sold $125,000+ on Envato Market
  • Has been part of the Envato Community for over 5 years
  • Sells items exclusively on Envato Market
+4 more
kotofey
says

@UXbarn: surely, you must use esc_html instead. I fall asleep :)

125 posts I know Chuck
  • Elite Author: Sold more than $75,000 on Envato Market
  • Has sold $125,000+ on Envato Market
  • Has been part of the Envato Community for over 5 years
  • Sells items exclusively on Envato Market
+4 more
kotofey
says

You do not need any validation for the final output.

You’re wrong.

125 posts I know Chuck
  • Elite Author: Sold more than $75,000 on Envato Market
  • Has sold $125,000+ on Envato Market
  • Has been part of the Envato Community for over 5 years
  • Sells items exclusively on Envato Market
+4 more
kotofey
says

Hi UXbarn,

Test this code and you’ll find an answer ;)

$text = ot_get_option( 'text_option' ); // From Theme Options
$class = '"><script>alert("Greetings! You have been hacked.");</script>"<' ;
$output = '<span class="' . esc_attr( $class ) . '">' . $text . '</span>';

echo $output;

Then, test this:

$text = ot_get_option( 'text_option' ); // From Theme Options
$class = '"><script>alert("Greetings! You have been hacked.");</script>"<' ;
$output = '<span class="' . esc_attr( $class ) . '">' . $text . '</span>';

echo esc_attr( $output ) ;

;)

UPD: Sorry, it’s wrong example. I didn’t sleep about 20 hours. :) But I would recommend escaping in the final output.

125 posts I know Chuck
  • Elite Author: Sold more than $75,000 on Envato Market
  • Has sold $125,000+ on Envato Market
  • Has been part of the Envato Community for over 5 years
  • Sells items exclusively on Envato Market
+4 more
kotofey
says


- Ensure your theme works properly even without Redux Framework deactivated, there’s no plugin that should be really required, so ensure your theme fallback if even Redux is not activated.

Hi, I’m just curious what kind of ‘fallback’ are you providing for themes using Redux? For instance, if authors are using it to load custom fonts, configure theme layout / display etc., what other methods can be used as fallback for those?

Of course many of those settings could now be set using WordPress’s Theme Customization API but how about those which are not in the API?

Thanks.

You can easily define default variables

125 posts I know Chuck
  • Elite Author: Sold more than $75,000 on Envato Market
  • Has sold $125,000+ on Envato Market
  • Has been part of the Envato Community for over 5 years
  • Sells items exclusively on Envato Market
+4 more
kotofey
says
Why do you think that selling digital goods is different? If you would like to sell in EU it’s just like opening a shop or restaurant there. If you don’t want to respect EU law – then sell your items elsewhere.

Envato sells digital goods in the Internet. Internet it’s a Worldwide market. No matter from EU you or not, you’re in the Internet. So, the question is: Why EU collect VAT from Internet? The simplest answer is: ‘EU need money”.

125 posts I know Chuck
  • Elite Author: Sold more than $75,000 on Envato Market
  • Has sold $125,000+ on Envato Market
  • Has been part of the Envato Community for over 5 years
  • Sells items exclusively on Envato Market
+4 more
kotofey
says

Not to derail the topic at hand, but there has been a question I’ve been wondering about as it relates to VAT that perhaps you all can shed some light on. How can the EU force a non-EU company to charge a tax to EU members? On what authority can they force a company outside of their jurisdiction to collect and remit tax? If this has been addressed somewhere else and you know the link, that would be great…I understand there are other topics being addressed here and don’t want to hijack the thread :)

+1

125 posts I know Chuck
  • Elite Author: Sold more than $75,000 on Envato Market
  • Has sold $125,000+ on Envato Market
  • Has been part of the Envato Community for over 5 years
  • Sells items exclusively on Envato Market
+4 more
kotofey
says
The slideshow should show the photos one by one full frame and full screen but with a white border so that you know the photo’s edges. I also want the photo to remain intact when you change the size of the webbrowser.

This is not what are you looking for? – http://easysite.by/vernissage/gallery/grid-random/

by
by
by
by
by
by