My presentation at WordCamp Raleigh 2012 entitled "50 Shades of WordPress," a conversational piece on the commercial community (products and services) and the shady happenings of which users, designers and developers should be aware.

1. 50 Shades
of
WordPress
WordCamp Raleigh 2012
#wcraleigh #50shadesofwp
@theandystratton

2. The Stories.

3. The Naive
Designer/Developer

4. Tim Was Never Safe
(His PHP Vulnerability)

5. The Stranger

6. Real Problems.

7. Shops Using
Found Code.

8. Breaking Shortcodes.

9. Authors admitted to
using code they never
reviewed.

10. “And to be honest we
did not know that we
have a function like this in
our code[...]”

11. “Neither do we
understand what it does
right now [...]”

12. “We got the backbone of
our WP themes [...] from
some other [...] author”

13. “[...] and just [built] a
theme on it.”

14. Unsecured Third-Party
Code Libraries.
(Without Protection)
TimThumb without proper config
Server permissions, setup, etc.

15. Missing Key
Security Practices.
Escaping input and outputs
Attributes, URLs, html
Nonces and form security

16. GPL Non-Adherence.
Encrypted code: base64, ioncube
Requiring footer links (site shutdowns,
database injections)
Use of malware tactics to advertise!

17. Poor Support.
Freelancers
Commercial Products

18. (Some) Freelancers.
Taking money without providing value.
Extremely late or never finish.
Can’t do what they say they can.

19. (Some)
Commercial Products.
1000 downloads, 4000 support requests.
Users publicly dissatisfied on boards.
Minimal enforcement by marketplaces.

20. Code Compatibility.
Not using Core API’s.
Turning off core actions/filters.
Breaking shortcodes/plugins.

21. Show Me Yours.
Have you experienced any shadiness?

22. How Do We Balance
This Stuff?

23. Report Bugs.
To WordPress Core (Trac).
To products and themes.

24. To be fair:
If they don’t know,
they can’t fix it.

25. Demand Support.
Based on what you paid/what’s offered.
Follow their normal channels.
No response? Escalate.

26. No Support? Be Loud.
Call out on Twitter/Blog
Recommend others not to use
Tell your friends/clients

27. Referrals.
For Products.
For Freelancers.
Look at real world examples.
Ask People. Don’t feel weird.

28. Referrals.
For products and freelancers.
Look at real world examples.
Ask People. Don’t feel weird.

29. Do You Build Products?
Are You a Freelancer?

30. Do Awesome Work.

31. Provide
Awesome Support.

32. Be an
Awesome Experience.

33. You’re a
User/Client/Customer?

34. Support Quality
Products.

35. Support GPL
Adherent Products.

36. Support Quality,
GPL Adherent Products.

37. :*