esc_attr on get_post_meta

Simple question,

I see that some themes are using esc_attr or esc_html and url after they define varible with get_post_meta, while others are using it during variable definition. What would be best practice

1.

$portf_icon = get_post_meta($post-ID,'dt_portf_icon',true);    
echo esc_html($portf_icon);

or

$portf_icon = esc_html(get_post_meta($post-ID,'dt_portf_icon',true));
echo $portf_icon;

Does it have any difference and which one would be best practices?

Topic post-meta sanitization Wordpress

Category Web

1
answered at

The best practice in the WordPress world is to "escape late" i.e. at the point of output. While the two examples are effectively the same, the first one would be more effective if that code is ever refactored and the value of $portf_icon changes between where it's first assigned & where it's output.

About

Geeks Mental is a community that publishes articles and tutorials about Web, Android, Data Science, new techniques and Linux security.