I’m a little confused about using ternary operators and keep the up to date with WP Coding standards. I’m usng Atom along with PHPCS and WordPress Coding Standards. In theory every variable should be escaped before outputting. But the problem comes when I try to check, if variable isn’t empty in ternary operator, PHPCS throws the error at me: WordPress.XSS.EscapeOutput.OutputNotEscaped. That check allows me to display or not additional HTML as you can see in the example below:
$var = ‘some-other-class’;
echo ‘<span class=”whatever”>’ . ( ” !== $var ? ‘<span class=”class ‘ . esc_attr( $var ) . ‘”></span>’ : ” ) . ‘</span>’;
naturally it wants me to escape ” !== $var but does escaping the check bit make any sense if I escape $var later on when it actually passes the check?
Read more here:: How to properly escape in ternary operators – Wp Coding Standards?