Remember, though, textdomain MUST be a string value. This:<div><br></div><div><blockquote style="margin:0 0 0 40px;border:none;padding:0px"><div>esc_attr_e( 'Search', WEBFISH_THEME_NAME . '-theme' );</div></blockquote>
</div><div><br></div><div>Needs to be replaced with the actual string.</div><div><br></div><div>I'll make additional comments in the ticket, as well.</div><div><br></div><div>Chip<br><br><div class="gmail_quote">On Sat, Dec 24, 2011 at 5:43 AM, Michael Fields <span dir="ltr"><<a href="mailto:michael@mfields.org" target="_blank">michael@mfields.org</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi Paul,<br>
<div><br>
> also, it is echoing a string without escaping it.<br>
> Author is arguing his code is ok and secure regardless.<br>
> what should I do?<br>
<br>
</div>If the value is contained in an attribute, it should always be escaped if it contains a dynamic value. Translated strings are dynamic once translated. This can definitely cause issues with translated strings that include a single quote and the attributes value is enclosed in single quotes. The following is the best way to handle a situation such as this:<br>
<br>
<input name="s" type="text" id="s" value="<?php esc_attr_e( 'Search', WEBFISH_THEME_NAME . '-theme' ); ?>"/><br>
<br>
Twenty Eleven provides a similar feature to what the theme author is going for here using the placeholder attribute. You may want to suggest that the author tries something like this instead:<br>
<br>
<input type="text" class="field" name="s" id="s" placeholder="<?php esc_attr_e( 'Search', 'twentyeleven' ); ?>" /><br>
<br>
My opinion is that the value of the search input be reserved for the search query. The term "Search" in the case is either a label or an action to be taken and should be reserved for the submit button, a label element or a placeholder attribute. Using it as the value of search input is bad form as id decreases usability of the form.<br>
<div><br>
> also, there is no margin below paragraphs, (readability test) - shouldn't that be required?<br>
<br>
</div>I believe so. Paragraphs should be easily distinguished from one another.<br>
<br>
Best,<br>
-Mike<br>
_______________________________________________<br>
theme-reviewers mailing list<br>
<a href="mailto:theme-reviewers@lists.wordpress.org" target="_blank">theme-reviewers@lists.wordpress.org</a><br>
<a href="http://lists.wordpress.org/mailman/listinfo/theme-reviewers" target="_blank">http://lists.wordpress.org/mailman/listinfo/theme-reviewers</a><br>
</blockquote></div><br></div>