Best Practices in Plugin Development (WordCamp Seattle)

21,024 views

Published on

My talk -- officially named "Y U NO CODE WELL" -- at WordCamp Seattle 2011 on best practices during plugin development. Find the video, as it provides some good context and conversation.

Published in: Technology
0 Comments
19 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
21,024
On SlideShare
0
From Embeds
0
Number of Embeds
13,971
Actions
Shares
0
Downloads
122
Comments
0
Likes
19
Embeds 0
No embeds

No notes for slide

Best Practices in Plugin Development (WordCamp Seattle)

  1. 1. Best Practicesfor PluginDevelopment @nacinCore Developer, WordPress.org Tech Ninja, Audrey Capital
  2. 2. how not to write a plugin
  3. 3. ur doin it wrong
  4. 4. DEVELOPERS:Y U NO CODE WELL
  5. 5. lsp_add_scripts()  lsp_add_custom_meta()  lsp_create_html()  lsp_save_meta()  install()   One of these things is not like the others
  6. 6. function  nacin_project_func_name()  {}  
  7. 7. class  Nacin_Project  {              function  __construct()  {}              function  init()  {}              function  activate()  {}  }  
  8. 8. class  Nacin_Project  {            static  $instance;              function  __construct()  {                      self::$instance  =  $this;            }  }  new  Nacin_Project;  
  9. 9. class  Nacin_Project  {            function  __construct()  {                      add_action(  init,                          array(  $this,  init  )  );            }            function  init()  {                      //  Add  hooks  here            }  }  
  10. 10. HTTPMake HTTP requests
  11. 11. cURL exampleLet’s fetch a URL:$ch  =  curl_init();  curl_setopt($ch,  CURLOPT_URL,  $url);  curl_setopt($ch,  CURLOPT_RETURNTRANSFER,   true);  curl_setopt($ch,  CURLOPT_HEADER,  false);  Curl_setopt($ch,  CURLOPT_FOLLOWLOCATION,   true);    $result  =  curl_exec($ch);  curl_close($ch);  
  12. 12. var_dump(   function_exists(      curl_init  )  );   bool(false)  
  13. 13. And what about:§ Cookies § HTTP Auth§ Headers § POST§ Proxies § Timeouts
  14. 14. wp_remote_request(      $url,      $args  =  array()  );  
  15. 15. Pick a card, any card cURL streams fopen fsockopen HTTP extension
  16. 16. 2000 lines of workalready done for you
  17. 17. HelpersWe make it so easy.
  18. 18. Functions designed for filters__return_true();  __return_false();  __return_zero();  __return_empty_array();  
  19. 19. Serializationmaybe_serialize();  maybe_unserialize();  is_serialized();  is_serialized_string();  
  20. 20. Server helpersapache_mod_loaded($module);  got_mod_rewrite();  insert_with_markers();  extract_with_markers();  
  21. 21. URLsBad: get_option(home);  Better: get_bloginfo(url);  Yes:   home_url();  
  22. 22. URLsBad: get_optionBetter: (siteurl);  Yes:   get_bloginfo (wpurl);   site_url();  
  23. 23. Bad:ABSPATH.  wp-­‐content/plugins/nacin  Still bad:WP_CONTENT_DIR  .  plugins/nacin  Better:WP_PLUGIN_DIR  .  /nacin  Yes:dirname(  __FILE__  )    
  24. 24. Bad:get_bloginfo(url)        .  wp-­‐content/plugins/nacin/a.php  Better:WP_CONTENT_URL  .  /plugins/nacin/a.php  Yes:plugins_url(  a.php,  __FILE__  )    
  25. 25. Default Function Argumentsfunction  myfunc(  $args  =  array()  )  {    $defaults  =  array(        first_arg    =>  true,          second_arg  =>  foo  );      $args  =  wp_parse_args($args,   $defaults);    Even allows for query string calls:   nacin_my_func(  first_arg=false  );  
  26. 26. Post Types SettingsTaxonomies Capabilities Widgets TemplatesShortcodes Query Options i18n/L10n Transients Admin Menus Cache Meta Boxes Cron Multisite Formatting Updates HTTP Filesystem Embeds Admin Bar
  27. 27. Other nifty helpers download_url(  $target  );   unzip_file(  $file,  $to  );  wp_handle_sideload(  $file  );  
  28. 28. register_activation_hook(   __FILE__,   my_activation_hook);    Ready your plugin (add_option)Set and flush rewrite rulesModify roles/capabilities
  29. 29. register_deactivation_hook(   __FILE__,   my_deactivation_hook);    Restore and flush rewrite rulesRestore roles/capabilitiesBut don’t remove your options
  30. 30. Uninstall hookClean  up  after  yourself.
  31. 31. uninstall.phpif  (!defined (WP_UNINSTALL_PLUGIN))    die();    delete_option(my_plugin_option);     There’s also a hook, like activation and deactivation, but it has its caveats.
  32. 32. But be considerate of my data.
  33. 33. Here’s a secret…I hateactivationhooks.
  34. 34. Use the right level of the API.
  35. 35. Don’t make anyassumptions. Ever.
  36. 36. Friends don’t let friends use direct database queries.
  37. 37. Security. Please. Please. Please.
  38. 38. Authentication vs. Intention Nonces for CSRFprotection. But check capabilities too.
  39. 39. Plugins cando anything.
  40. 40. Plugins cando anything.
  41. 41. Be considerate of other plugins.
  42. 42. Documentation is nice, but… Consult the code.
  43. 43. Please… Read and follow. the coding standards.
  44. 44. “ I love the feelingI get from my workbeing used by 30 million .
  45. 45. Benefit fromlessons indevelopmentand userexperience. (Consultants, hint hint.)
  46. 46. I learned morein 3 months thanI had learned in 3 years .
  47. 47. @nacin Thanks!

×