You're Doing it Wrong - WordCamp Atlanta

4,929 views
4,695 views

Published on

Slides from my WordCamp Atlanta 2010 presentation "You're Doing it Wrong"

Published in: Technology, Business
1 Comment
8 Likes
Statistics
Notes
No Downloads
Views
Total views
4,929
On SlideShare
0
From Embeds
0
Number of Embeds
9
Actions
Shares
0
Downloads
51
Comments
1
Likes
8
Embeds 0
No embeds

No notes for slide

You're Doing it Wrong - WordCamp Atlanta

  1. 1. YOU’RE DOING IT WRONG Chris Scott - @chrisscott - slideshare.net/iamzed photo from http://www.richardpettinger.com/funny/funny_road_signs/funny_road_signs
  2. 2. Thanks • Dion Hulse’s (DD32) two part series on doing it wrong: • http://dd32.id.au/2009/11/01/youre-doing-it-wrong-1/ • http://dd32.id.au/2009/11/01/youre-doing-it-wrong-2/ • http://dd32.id.au/2009/11/24/how-to-do-it-right-part-0/ • Michael Pretty for ideas and telling me what I’m doing wrong • Sean O’Shaughnessy for ideas and graphics
  3. 3. New Features in a Year: 2.7 - 2.9.1 • Post thumbnails • Sticky posts • Comment threading and paging • Widgets API • Load scripts minified by default • Load scripts in the footer • esc_* functions • security fixes • and much more...
  4. 4. Wrong and Right photo from Current Configuration
  5. 5. Not Upgrading WRONG
  6. 6. Upgrading RIGHT
  7. 7. Resources • CTFB: • Upgrade manually: http://codex.wordpress.org/Upgrading_WordPress • Upgrade with SVN: http://codex.wordpress.org/Installing/Updating_WordPress_with_Subversion
  8. 8. Calling Functions That Don’t Exist <div id="sidebar" role="complementary"> <ul> <li><?php wp_ozh_wsa('mybanner') ?></li> ... rest of sidebar ... </ul> </div> WRONG
  9. 9. Check for Functions Before Calling <div id="sidebar" role="complementary"> <ul> <?php if (function_exists('wp_ozh_wsa')) : ?> <li><?php wp_ozh_wsa('mybanner') ?></li> <?php endif; ?> ... rest of sidebar ... </ul> </div> RIGHT
  10. 10. Hard-Coding WordPress Paths $cb_path = get_bloginfo('wpurl')."/wp-content/ plugins/wp-codebox"; //URL to the plugin directory WRONG
  11. 11. Use Constants or Helper Functions $cb_path = plugins_url('', __FILE__); //URL to the plugin directory RIGHT
  12. 12. Resources • Moving wp-content/wp-plugins: http://codex.wordpress.org/Editing_wp-config.php#Moving_wp-content • Stylesheet paths: http://codex.wordpress.org/Function_Reference/get_stylesheet_directory http://codex.wordpress.org/Function_Reference/get_stylesheet_directory_uri • Theme paths: http://codex.wordpress.org/Function_Reference/get_template_directory http://codex.wordpress.org/Function_Reference/get_template_directory_uri
  13. 13. Echoing Scripts/CSS in Header/Footer function codebox_header() { $hHead .= "<script language="javascript" type= "text/javascript" src="".get_bloginfo('wpurl')."/ wp-includes/js/jquery/jquery.js"></script>n"; $hHead .= "<script language="javascript" type= "text/javascript" src="{$cb_path}/js/codebox.js" ></script>n"; print($hHead); } add_action('wp_head', 'codebox_header'); WRONG
  14. 14. Enqueue Scripts and Styles function codebox_header() { wp_enqueue_script( 'codebox', plugins_url('js/ codebox.js', __FILE__), array('jquery') ); } add_action('template_redirect', 'codebox_header'); RIGHT
  15. 15. Resources • wp_enqueue_script: http://codex.wordpress.org/Function_Reference/wp_enqueue_script • wp_enqueue_style: http://codex.wordpress.org/Function_Reference/wp_enqueue_style • Enqueueing styles with conditionals: http://iamzed.com/using-wordpress-wp_enqueue_style-with-conditionals/ • Plugin API/Action Reference: http://codex.wordpress.org/Plugin_API/Action_Reference
  16. 16. Not Checking Indices or Object Properties if ($_GET['wp125action'] == "deactivate") { ... } WRONG
  17. 17. Checking Indices/Properties if (isset($_GET['wp125action']) && $_GET ['wp125action'] == "deactivate") { ... } RIGHT
  18. 18. Resources • isset(): http://php.net/isset • empty(): http://php.net/emtpy
  19. 19. Not Using WP_DEBUG WRONG
  20. 20. Define WP_DEBUG in wp-config.php define('WP_DEBUG', true); RIGHT
  21. 21. Resources • WP_DEBUG: http://codex.wordpress.org/Editing_wp-config.php#Debug • Use dev versions of WP scripts: define('SCRIPT_DEBUG', true); • Disable admin js concatenation: define('CONCATENATE_SCRIPTS', false);
  22. 22. Using Globals Instead of Template Tags global $post; $title =$post->post_title; WRONG
  23. 23. Use Template Tags $title = get_the_title(); RIGHT
  24. 24. Resources • Template Tags: http://codex.wordpress.org/Template_Tags
  25. 25. Writing SQL global $wpdb; $wpdb->query("update ".$articles." set review = ". $rating." where post_id = ".$post_id); WRONG
  26. 26. Use $wpdb Methods global $wpdb; $wpdb->update( $articles, array('review' => $rating), compact('post_id') ); RIGHT
  27. 27. Resources • wpdb Class: http://codex.wordpress.org/Function_Reference/wpdb_Class • wpdb->prepare(): http://codex.wordpress.org/Function_Reference/ wpdb_Class#Protect_Queries_Against_SQL_Injection_Attacks
  28. 28. Not Validating/Escaping User Input <label for="title"><?php echo get_option ('my_plugin_option_title'); ?></label> <input type="text" id="value" name="value" value="<? php echo get_option('my_plugin_option_value')); ?>"> WRONG
  29. 29. Validate and Escape User Input <label for="title"><?php echo esc_html(get_option ('my_plugin_option_title')); ?></label> <input type="text" id="value" name="value" value="<? php echo esc_attr(get_option ('my_plugin_option_value')); ?>"> RIGHT
  30. 30. Resources • Data validation: http://codex.wordpress.org/Data_Validation • wpdb->prepare(): http://codex.wordpress.org/Function_Reference/ wpdb_Class#Protect_Queries_Against_SQL_Injection_Attacks
  31. 31. Not Using Caching $response = wp_remote_get($url); if (!is_wp_error($response) && $response['response']['code'] == '200') { $data = $response['body']; } ... do something with data ... WRONG
  32. 32. Use Caching if (!$data = wp_cache_get('my_external_data')) { $response = wp_remote_get($url); if (!is_wp_error($response) && $response['response']['code'] == '200') { $data = $response['body']; wp_cache_set('my_external_data', $data); } } ... do something with data ... RIGHT
  33. 33. Resources • WP_Cache: http://codex.wordpress.org/Function_Reference/WP_Cache
  34. 34. Not Contributing photo by TaranRampersad http://www.flickr.com/photos/knowprose/2294744043/ WRONG
  35. 35. Contributing http://codex.wordpress.org/ Contributing_to_WordPress • Edit the Codex • Answer Forum Support Questions • Participate in Development • Planning, Testing, Bug Reporting and Fixing • Say “Thanks” RIGHT

×