The experiences of WordPress developers are important for others so if we want to save us from some common mistakes in WordPress development we should be careful for some coding practices.
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
Some hiccups to avoid in word press development
1. Some Hiccups to Avoid In WordPress
Development
If PHP is the language that has the largest users on the web, WordPress has credentials to have the
greatest numbers of websites running in opensource. Therefore, big chunks of PHP developers are
engage in WordPress development and marching ahead with innovation and robustness in their
outcomes. However, WordPress platform offers plenty of options to be creative by extending platform
further, through plug-ins, add-ons and extensions where only imagination is limit for a WordPress
programmer.
We both, newbie and seasoned developers, are making some same mistakes during our WordPress web
development so let’s explore some common and some exclusive mistakes we are making usually in small
to big WordPress web application programming or WordPress website development projects. Today we
are doing splashing effects using JavaScript and jQuery frequently in our WordPress websites. In due
course, we tempt to load our own copy of jQuery for many reasons. If you are seasoned developer and
have good command over jQuery that is okay, but you are still novice don’t do that because when you
load your own jQuery it automatically deregister the in-built or shipped with WordPress copy and again
register your custom copy instead. This act leads to break all sorts of JavaScript in other themes and
plugins attached to your project. Thus, it is not advisable for us to break all and should use the copy
included with the WordPress.
The next mistake comes with the loading of JS or CSS files properly. We generally add inline script and
style sheet tags in header file. This practice is good only when you need to load that on every single page
of your website and immediately. If you want that on some particular pages and on particular time or
event, don’t do that because when you place that in header that take resources to load every time as
well as loading improperly and at inappropriate time. The solution of this problem is to use either wp-
register-script or wp-enqueue-script.
Thus, if you add script right way and on right place or pages with proper dependency can save you its
bad ensue. The conditional loading plugin scripts are the best ways to define the time and place of the
loading so use these scripts sparingly. In conditional loading scripts, you have to define the page ID so it
loads only when that page is loading and save you from bad experiences as well as lower performance.
Something is important for WordPress plugin developers that they should escape user input in SQL
because if they are not escaping user inputs in SQL they are more likely to invite SQL injection attacks
and this is the most dangerous vulnerability for WordPress development community. The same rule is
applicable when you installing any plugin from untrustworthy source. If you wish to get protection
against the SQL injection, you have to sanitize user input at first hand and then encode it on output for
display to save you from XSS vulnerability. If you want to dive deep, you need to read the section on
Data Validation in WordPress codex before doing WordPress development.