Day 25: i18n, l10n and Security

WordPress is like a magical language that lets your website communicate with people worldwide. We’ll discuss internationalization and localization, and we’ll dive into the technical aspects of escaping, sanitization, and validation in the context of dates on both the client and server sides. Additionally, we’ll explore the complicated of WordPress functions like wp_query, get_posts, and understand their differences, advantages, and disadvantages.

Internationalization and Localization:

Imagine your website is like a traveler who wants to explore the globe. Internationalization (i18n) and localization (l10n) are the tools that help your website adapt to different languages and regions.

  • Internationalization (i18n): This is the process of making your website ready to speak various languages. It involves using translation-ready strings and placeholders instead of hardcoding text.
  • Localization (l10n): Once your website is internationalized, localization steps in to provide translations for specific languages. It tailors your content for different regions, ensuring your website feels at home anywhere in the world.

Escaping, Sanitization, and Validation:

Just like we ensure our words are properly interpreted in different languages, we need to ensure our code communicates safely. In the world of WordPress, this involves escaping, sanitization, and validation.

  • Escaping: Think of escaping as putting your code in a protective bubble. It prevents malicious code from executing and ensures that everything is displayed as intended.
  $name = '<script>alert("Hello, I am a hacker!");</script>';
  echo esc_html($name); // Outputs: <script>alert("Hello, I am a hacker!");</script>
  • Sanitization: Sanitization goes a step further by cleaning up data and making sure it adheres to the expected format.
  $email = '[email protected]<script>';
  $sanitized_email = sanitize_email($email);
  echo $sanitized_email; // Outputs: [email protected]
  • Validation: Validation ensures that the data meets specific criteria. For instance, validating a date to make sure it’s in the correct format.
  $date = '2022-13-01';
  if (is_date($date)) {
      echo 'Valid date!';
  } else {
      echo 'Invalid date!';

Client-Side and Server-Side Date Functions in WordPress:

Dates are like universal time travelers, and handling them in different languages requires finesse. WordPress provides client- and server-side date functions to display your time-related content accurately.

  • Client-Side Date Function:
      var date = new Date('<?php echo esc_html(get_the_date('c')); ?>');

This JavaScript code fetches the post date from the server and converts it to the user’s local time zone.

  • Server-Side Date Function:
      $localized_date = date_i18n('F j, Y', strtotime(get_the_date()));
      echo esc_html($localized_date);

Here, date_i18n formats the date based on the user’s locale, ensuring it’s displayed in a way that feels natural to them.

wp_query vs get_posts:

Now, let’s explore the knights in shining armor when it comes to fetching posts in WordPress – wp_query and get_posts.

  • wp_query: This is like the grand commander, leading a full army of query capabilities. It’s powerful, flexible, and can handle complex queries.
  $args = array(
      'post_type' => 'post',
      'posts_per_page' => 5,

  $query = new WP_Query($args);

  if ($query->have_posts()) {
      while ($query->have_posts()) {
          // Display post content

  • get_posts: This is the agile scout, nimble and quick. It’s simpler and great for basic content retrieval.
  $args = array(
      'post_type' => 'post',
      'numberposts' => 5,

  $posts = get_posts($args);

  foreach ($posts as $post) {
      // Display post content
      echo $post->post_title;
      echo $post->post_content;

Advantages and Disadvantages:


  • Advantages:
  1. Flexibility: Handles complex queries and relationships between posts and taxonomies.
  2. Pagination Support: Seamlessly integrates with pagination for displaying a limited number of posts per page.
  • Disadvantages:
  1. Complexity: Can be overwhelming for simpler tasks.
  2. Performance Overhead: May have a slightly higher performance overhead due to its extensive capabilities.


  • Advantages:
  1. Simplicity: Easier to use and more concise.
  2. Direct Output: Returns a simple array of post objects, making it straightforward to work with.
  • Disadvantages:
  1. Less Flexibility: Not as feature-rich as wp_query.
  2. Limited in Complex Queries: Not the best choice for complex query scenarios.

Leave a Reply

Your email address will not be published. Required fields are marked *