YOU’RE DOING IT WRONG




Chris Scott - @chrisscott - slideshare.net/iamzed
          photo from http://www.richardpetting...
Thanks
• Dion Hulse’s (DD32) two part series on doing it
    wrong:
    • http://dd32.id.au/2009/11/01/youre-doing-it-wron...
New Features in a Year:
         2.7 - 2.9.1
• Post thumbnails
• Sticky posts
• Comment threading and paging
• Widgets API...
Wrong and Right




    photo from Current Configuration
Not Upgrading




 WRONG
Upgrading




RIGHT
Resources
• CTFB:


• Upgrade manually:
 http://codex.wordpress.org/Upgrading_WordPress

• Upgrade with SVN:
 http://codex...
Calling Functions That
           Don’t Exist
<div id="sidebar" role="complementary">
  <ul>
     <li><?php wp_ozh_wsa('my...
Check for Functions Before
          Calling
<div id="sidebar" role="complementary">
  <ul>
     <?php if (function_exists...
Hard-Coding WordPress
           Paths
$cb_path = get_bloginfo('wpurl')."/wp-content/
plugins/wp-codebox"; //URL to the pl...
Use Constants or Helper
        Functions
$cb_path = plugins_url('', __FILE__);   //URL to the
plugin directory




      ...
Resources
• Moving wp-content/wp-plugins:
 http://codex.wordpress.org/Editing_wp-config.php#Moving_wp-content

• Stylesheet...
Echoing Scripts/CSS in
        Header/Footer
function codebox_header() {
  $hHead .= "<script language="javascript" type=
...
Enqueue Scripts and Styles

function codebox_header() {
  wp_enqueue_script(
     'codebox',
     plugins_url('js/ codebox...
Resources
• wp_enqueue_script:
 http://codex.wordpress.org/Function_Reference/wp_enqueue_script

• wp_enqueue_style:
 http...
Not Checking Indices or
     Object Properties
if ($_GET['wp125action'] == "deactivate") {
  ...
}




               WRONG
Checking Indices/Properties

if (isset($_GET['wp125action']) &&   $_GET
['wp125action'] == "deactivate") {
  ...
}




   ...
Resources
• isset():
  http://php.net/isset

• empty():
  http://php.net/emtpy
Not Using WP_DEBUG




    WRONG
Define WP_DEBUG in
       wp-config.php
define('WP_DEBUG', true);




                RIGHT
Resources
• WP_DEBUG:
 http://codex.wordpress.org/Editing_wp-config.php#Debug

• Use dev versions of WP scripts:
 define('S...
Using Globals Instead of
        Template Tags
global $post;

$title =$post->post_title;




                WRONG
Use Template Tags

$title = get_the_title();




                RIGHT
Resources
• Template Tags:
 http://codex.wordpress.org/Template_Tags
Writing SQL

global $wpdb;

$wpdb->query("update ".$articles." set review = ".
  $rating." where post_id = ".$post_id);


...
Use $wpdb Methods

global $wpdb;

$wpdb->update(
   $articles,
   array('review' => $rating),
   compact('post_id')
);



...
Resources
• wpdb Class:
 http://codex.wordpress.org/Function_Reference/wpdb_Class

• wpdb->prepare():
 http://codex.wordpr...
Not Validating/Escaping
         User Input
<label for="title"><?php echo get_option
('my_plugin_option_title'); ?></label...
Validate and Escape User
            Input
<label for="title"><?php echo esc_html(get_option
('my_plugin_option_title')); ...
Resources
• Data validation:
 http://codex.wordpress.org/Data_Validation

• wpdb->prepare():
 http://codex.wordpress.org/F...
Not Using Caching

$response = wp_remote_get($url);
if (!is_wp_error($response)
     && $response['response']['code'] == '...
Use Caching

if (!$data = wp_cache_get('my_external_data')) {
  $response = wp_remote_get($url);
  if (!is_wp_error($respo...
Resources
• WP_Cache:
 http://codex.wordpress.org/Function_Reference/WP_Cache
Not Contributing




photo by TaranRampersad http://www.flickr.com/photos/knowprose/2294744043/




           WRONG
Contributing
http://codex.wordpress.org/
Contributing_to_WordPress

• Edit the Codex
• Answer Forum Support Questions
• Pa...
Upcoming SlideShare
Loading in...5
×

You're Doing it Wrong - WordCamp Atlanta

4,547

Published on

Slides from my WordCamp Atlanta 2010 presentation "You're Doing it Wrong"

Published in: Technology, Business
1 Comment
8 Likes
Statistics
Notes
No Downloads
Views
Total Views
4,547
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
50
Comments
1
Likes
8
Embeds 0
No embeds

No notes for slide

You're Doing it Wrong - WordCamp Atlanta

  1. 1. YOU’RE DOING IT WRONG Chris Scott - @chrisscott - slideshare.net/iamzed photo from http://www.richardpettinger.com/funny/funny_road_signs/funny_road_signs
  2. 2. Thanks • Dion Hulse’s (DD32) two part series on doing it wrong: • http://dd32.id.au/2009/11/01/youre-doing-it-wrong-1/ • http://dd32.id.au/2009/11/01/youre-doing-it-wrong-2/ • http://dd32.id.au/2009/11/24/how-to-do-it-right-part-0/ • Michael Pretty for ideas and telling me what I’m doing wrong • Sean O’Shaughnessy for ideas and graphics
  3. 3. New Features in a Year: 2.7 - 2.9.1 • Post thumbnails • Sticky posts • Comment threading and paging • Widgets API • Load scripts minified by default • Load scripts in the footer • esc_* functions • security fixes • and much more...
  4. 4. Wrong and Right photo from Current Configuration
  5. 5. Not Upgrading WRONG
  6. 6. Upgrading RIGHT
  7. 7. Resources • CTFB: • Upgrade manually: http://codex.wordpress.org/Upgrading_WordPress • Upgrade with SVN: http://codex.wordpress.org/Installing/Updating_WordPress_with_Subversion
  8. 8. Calling Functions That Don’t Exist <div id="sidebar" role="complementary"> <ul> <li><?php wp_ozh_wsa('mybanner') ?></li> ... rest of sidebar ... </ul> </div> WRONG
  9. 9. Check for Functions Before Calling <div id="sidebar" role="complementary"> <ul> <?php if (function_exists('wp_ozh_wsa')) : ?> <li><?php wp_ozh_wsa('mybanner') ?></li> <?php endif; ?> ... rest of sidebar ... </ul> </div> RIGHT
  10. 10. Hard-Coding WordPress Paths $cb_path = get_bloginfo('wpurl')."/wp-content/ plugins/wp-codebox"; //URL to the plugin directory WRONG
  11. 11. Use Constants or Helper Functions $cb_path = plugins_url('', __FILE__); //URL to the plugin directory RIGHT
  12. 12. Resources • Moving wp-content/wp-plugins: http://codex.wordpress.org/Editing_wp-config.php#Moving_wp-content • Stylesheet paths: http://codex.wordpress.org/Function_Reference/get_stylesheet_directory http://codex.wordpress.org/Function_Reference/get_stylesheet_directory_uri • Theme paths: http://codex.wordpress.org/Function_Reference/get_template_directory http://codex.wordpress.org/Function_Reference/get_template_directory_uri
  13. 13. Echoing Scripts/CSS in Header/Footer function codebox_header() { $hHead .= "<script language="javascript" type= "text/javascript" src="".get_bloginfo('wpurl')."/ wp-includes/js/jquery/jquery.js"></script>n"; $hHead .= "<script language="javascript" type= "text/javascript" src="{$cb_path}/js/codebox.js" ></script>n"; print($hHead); } add_action('wp_head', 'codebox_header'); WRONG
  14. 14. Enqueue Scripts and Styles function codebox_header() { wp_enqueue_script( 'codebox', plugins_url('js/ codebox.js', __FILE__), array('jquery') ); } add_action('template_redirect', 'codebox_header'); RIGHT
  15. 15. Resources • wp_enqueue_script: http://codex.wordpress.org/Function_Reference/wp_enqueue_script • wp_enqueue_style: http://codex.wordpress.org/Function_Reference/wp_enqueue_style • Enqueueing styles with conditionals: http://iamzed.com/using-wordpress-wp_enqueue_style-with-conditionals/ • Plugin API/Action Reference: http://codex.wordpress.org/Plugin_API/Action_Reference
  16. 16. Not Checking Indices or Object Properties if ($_GET['wp125action'] == "deactivate") { ... } WRONG
  17. 17. Checking Indices/Properties if (isset($_GET['wp125action']) && $_GET ['wp125action'] == "deactivate") { ... } RIGHT
  18. 18. Resources • isset(): http://php.net/isset • empty(): http://php.net/emtpy
  19. 19. Not Using WP_DEBUG WRONG
  20. 20. Define WP_DEBUG in wp-config.php define('WP_DEBUG', true); RIGHT
  21. 21. Resources • WP_DEBUG: http://codex.wordpress.org/Editing_wp-config.php#Debug • Use dev versions of WP scripts: define('SCRIPT_DEBUG', true); • Disable admin js concatenation: define('CONCATENATE_SCRIPTS', false);
  22. 22. Using Globals Instead of Template Tags global $post; $title =$post->post_title; WRONG
  23. 23. Use Template Tags $title = get_the_title(); RIGHT
  24. 24. Resources • Template Tags: http://codex.wordpress.org/Template_Tags
  25. 25. Writing SQL global $wpdb; $wpdb->query("update ".$articles." set review = ". $rating." where post_id = ".$post_id); WRONG
  26. 26. Use $wpdb Methods global $wpdb; $wpdb->update( $articles, array('review' => $rating), compact('post_id') ); RIGHT
  27. 27. Resources • wpdb Class: http://codex.wordpress.org/Function_Reference/wpdb_Class • wpdb->prepare(): http://codex.wordpress.org/Function_Reference/ wpdb_Class#Protect_Queries_Against_SQL_Injection_Attacks
  28. 28. Not Validating/Escaping User Input <label for="title"><?php echo get_option ('my_plugin_option_title'); ?></label> <input type="text" id="value" name="value" value="<? php echo get_option('my_plugin_option_value')); ?>"> WRONG
  29. 29. Validate and Escape User Input <label for="title"><?php echo esc_html(get_option ('my_plugin_option_title')); ?></label> <input type="text" id="value" name="value" value="<? php echo esc_attr(get_option ('my_plugin_option_value')); ?>"> RIGHT
  30. 30. Resources • Data validation: http://codex.wordpress.org/Data_Validation • wpdb->prepare(): http://codex.wordpress.org/Function_Reference/ wpdb_Class#Protect_Queries_Against_SQL_Injection_Attacks
  31. 31. Not Using Caching $response = wp_remote_get($url); if (!is_wp_error($response) && $response['response']['code'] == '200') { $data = $response['body']; } ... do something with data ... WRONG
  32. 32. Use Caching if (!$data = wp_cache_get('my_external_data')) { $response = wp_remote_get($url); if (!is_wp_error($response) && $response['response']['code'] == '200') { $data = $response['body']; wp_cache_set('my_external_data', $data); } } ... do something with data ... RIGHT
  33. 33. Resources • WP_Cache: http://codex.wordpress.org/Function_Reference/WP_Cache
  34. 34. Not Contributing photo by TaranRampersad http://www.flickr.com/photos/knowprose/2294744043/ WRONG
  35. 35. Contributing http://codex.wordpress.org/ Contributing_to_WordPress • Edit the Codex • Answer Forum Support Questions • Participate in Development • Planning, Testing, Bug Reporting and Fixing • Say “Thanks” RIGHT
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×