0
Best Practicesfor PluginDevelopment                   @nacinCore Developer, WordPress.org Tech Ninja, Audrey Capital
how not to write a plugin
ur doin  it wrong
DEVELOPERS:Y U NO CODE WELL
lsp_add_scripts()	  lsp_add_custom_meta()	  lsp_create_html()	  lsp_save_meta()	  install()	           One of these things...
function	  nacin_project_func_name()	  {}	  
class	  Nacin_Project	  {	  	  	  	  	  	  	  function	  __construct()	  {}	  	  	  	  	  	  	  function	  init()	  {}	  	...
class	  Nacin_Project	  {	  	  	  	  	  	  static	  $instance;	  	  	  	  	  	  	  function	  __construct()	  {	  	  	  	 ...
class	  Nacin_Project	  {	  	  	  	  	  	  function	  __construct()	  {	  	  	  	  	  	  	  	  	  	  	  add_action(	  init...
HTTPMake HTTP requests
cURL exampleLet’s fetch a URL:$ch	  =	  curl_init();	  curl_setopt($ch,	  CURLOPT_URL,	  $url);	  curl_setopt($ch,	  CURLO...
var_dump(	   function_exists(	   	  	  curl_init	  )	  );	                      bool(false)	  
And what      about:§ Cookies   § HTTP Auth§ Headers   § POST§ Proxies   § Timeouts
wp_remote_request(	  	  	  $url,	  	  	  $args	  =	  array()	  );	  
Pick a card, any card        cURL      streams       fopen     fsockopen   HTTP extension
2000 lines of workalready done for you
HelpersWe make it so easy.
Functions designed    for filters__return_true();	  __return_false();	  __return_zero();	  __return_empty_array();	  
Serializationmaybe_serialize();	  maybe_unserialize();	  is_serialized();	  is_serialized_string();	  
Server helpersapache_mod_loaded($module);	  got_mod_rewrite();	  insert_with_markers();	  extract_with_markers();	  
URLsBad:     get_option(home);	  Better: get_bloginfo(url);	  Yes:	   home_url();	  
URLsBad:     get_optionBetter: (siteurl);	  Yes:	   get_bloginfo          (wpurl);	           site_url();	  
Bad:ABSPATH.	  wp-­‐content/plugins/nacin	  Still bad:WP_CONTENT_DIR	  .	  plugins/nacin	  Better:WP_PLUGIN_DIR	  .	  /nac...
Bad:get_bloginfo(url)	   	   	   	  .	  wp-­‐content/plugins/nacin/a.php	  Better:WP_CONTENT_URL	  .	  /plugins/nacin/a.ph...
Default Function Argumentsfunction	  myfunc(	  $args	  =	  array()	  )	  {	     	  $defaults	  =	  array(	     	  	   	  f...
Post Types      SettingsTaxonomies     Capabilities  Widgets       TemplatesShortcodes        Query  Options       i18n/L1...
Other nifty helpers   download_url(	  $target	  );	    unzip_file(	  $file,	  $to	  );	  wp_handle_sideload(	  $file	  );	  
register_activation_hook(	       __FILE__,	       my_activation_hook);	  	  Ready your plugin (add_option)Set and flush re...
register_deactivation_hook(	       __FILE__,	       my_deactivation_hook);	  	  Restore and flush rewrite rulesRestore rol...
Uninstall hookClean	  up	  after	  yourself.
uninstall.phpif	  (!defined      (WP_UNINSTALL_PLUGIN))	    	  die();	  	  delete_option(my_plugin_option);	              ...
But be considerate    of my data.
Here’s a secret…I hateactivationhooks.
Use the right level   of the API.
Don’t make anyassumptions. Ever.
Friends don’t let friends use  direct database queries.
Security. Please. Please. Please.
Authentication     vs. Intention  Nonces for CSRFprotection. But check  capabilities too.
Plugins cando anything.
Plugins cando anything.
Be considerate of other plugins.
Documentation is nice, but…                Consult               the code.
Please…           Read and              follow.          the coding          standards.
“         I love the         feelingI get from my workbeing used by 30 million .
Benefit fromlessons indevelopmentand userexperience.  (Consultants, hint hint.)
I learned morein 3 months thanI had learned in 3 years .
@nacin  Thanks!
Upcoming SlideShare
Loading in...5
×

Best Practices in Plugin Development (WordCamp Seattle)

10,876

Published on

My talk -- officially named "Y U NO CODE WELL" -- at WordCamp Seattle 2011 on best practices during plugin development. Find the video, as it provides some good context and conversation.

Published in: Technology
0 Comments
19 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
10,876
On Slideshare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
117
Comments
0
Likes
19
Embeds 0
No embeds

No notes for slide

Transcript of "Best Practices in Plugin Development (WordCamp Seattle)"

  1. 1. Best Practicesfor PluginDevelopment @nacinCore Developer, WordPress.org Tech Ninja, Audrey Capital
  2. 2. how not to write a plugin
  3. 3. ur doin it wrong
  4. 4. DEVELOPERS:Y U NO CODE WELL
  5. 5. lsp_add_scripts()  lsp_add_custom_meta()  lsp_create_html()  lsp_save_meta()  install()   One of these things is not like the others
  6. 6. function  nacin_project_func_name()  {}  
  7. 7. class  Nacin_Project  {              function  __construct()  {}              function  init()  {}              function  activate()  {}  }  
  8. 8. class  Nacin_Project  {            static  $instance;              function  __construct()  {                      self::$instance  =  $this;            }  }  new  Nacin_Project;  
  9. 9. class  Nacin_Project  {            function  __construct()  {                      add_action(  init,                          array(  $this,  init  )  );            }            function  init()  {                      //  Add  hooks  here            }  }  
  10. 10. HTTPMake HTTP requests
  11. 11. cURL exampleLet’s fetch a URL:$ch  =  curl_init();  curl_setopt($ch,  CURLOPT_URL,  $url);  curl_setopt($ch,  CURLOPT_RETURNTRANSFER,   true);  curl_setopt($ch,  CURLOPT_HEADER,  false);  Curl_setopt($ch,  CURLOPT_FOLLOWLOCATION,   true);    $result  =  curl_exec($ch);  curl_close($ch);  
  12. 12. var_dump(   function_exists(      curl_init  )  );   bool(false)  
  13. 13. And what about:§ Cookies § HTTP Auth§ Headers § POST§ Proxies § Timeouts
  14. 14. wp_remote_request(      $url,      $args  =  array()  );  
  15. 15. Pick a card, any card cURL streams fopen fsockopen HTTP extension
  16. 16. 2000 lines of workalready done for you
  17. 17. HelpersWe make it so easy.
  18. 18. Functions designed for filters__return_true();  __return_false();  __return_zero();  __return_empty_array();  
  19. 19. Serializationmaybe_serialize();  maybe_unserialize();  is_serialized();  is_serialized_string();  
  20. 20. Server helpersapache_mod_loaded($module);  got_mod_rewrite();  insert_with_markers();  extract_with_markers();  
  21. 21. URLsBad: get_option(home);  Better: get_bloginfo(url);  Yes:   home_url();  
  22. 22. URLsBad: get_optionBetter: (siteurl);  Yes:   get_bloginfo (wpurl);   site_url();  
  23. 23. Bad:ABSPATH.  wp-­‐content/plugins/nacin  Still bad:WP_CONTENT_DIR  .  plugins/nacin  Better:WP_PLUGIN_DIR  .  /nacin  Yes:dirname(  __FILE__  )    
  24. 24. Bad:get_bloginfo(url)        .  wp-­‐content/plugins/nacin/a.php  Better:WP_CONTENT_URL  .  /plugins/nacin/a.php  Yes:plugins_url(  a.php,  __FILE__  )    
  25. 25. Default Function Argumentsfunction  myfunc(  $args  =  array()  )  {    $defaults  =  array(        first_arg    =>  true,          second_arg  =>  foo  );      $args  =  wp_parse_args($args,   $defaults);    Even allows for query string calls:   nacin_my_func(  first_arg=false  );  
  26. 26. Post Types SettingsTaxonomies Capabilities Widgets TemplatesShortcodes Query Options i18n/L10n Transients Admin Menus Cache Meta Boxes Cron Multisite Formatting Updates HTTP Filesystem Embeds Admin Bar
  27. 27. Other nifty helpers download_url(  $target  );   unzip_file(  $file,  $to  );  wp_handle_sideload(  $file  );  
  28. 28. register_activation_hook(   __FILE__,   my_activation_hook);    Ready your plugin (add_option)Set and flush rewrite rulesModify roles/capabilities
  29. 29. register_deactivation_hook(   __FILE__,   my_deactivation_hook);    Restore and flush rewrite rulesRestore roles/capabilitiesBut don’t remove your options
  30. 30. Uninstall hookClean  up  after  yourself.
  31. 31. uninstall.phpif  (!defined (WP_UNINSTALL_PLUGIN))    die();    delete_option(my_plugin_option);     There’s also a hook, like activation and deactivation, but it has its caveats.
  32. 32. But be considerate of my data.
  33. 33. Here’s a secret…I hateactivationhooks.
  34. 34. Use the right level of the API.
  35. 35. Don’t make anyassumptions. Ever.
  36. 36. Friends don’t let friends use direct database queries.
  37. 37. Security. Please. Please. Please.
  38. 38. Authentication vs. Intention Nonces for CSRFprotection. But check capabilities too.
  39. 39. Plugins cando anything.
  40. 40. Plugins cando anything.
  41. 41. Be considerate of other plugins.
  42. 42. Documentation is nice, but… Consult the code.
  43. 43. Please… Read and follow. the coding standards.
  44. 44. “ I love the feelingI get from my workbeing used by 30 million .
  45. 45. Benefit fromlessons indevelopmentand userexperience. (Consultants, hint hint.)
  46. 46. I learned morein 3 months thanI had learned in 3 years .
  47. 47. @nacin Thanks!
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×