You're Doing it Wrong - WordCamp Atlanta

YOU’RE DOING IT WRONG

Chris Scott - @chrisscott - slideshare.net/iamzed
photo from http://www.richardpettinger.com/funny/funny_road_signs/funny_road_signs

Thanks
• Dion Hulse’s (DD32) two part series on doing it
wrong:
• http://dd32.id.au/2009/11/01/youre-doing-it-wrong-1/
• http://dd32.id.au/2009/11/01/youre-doing-it-wrong-2/
• http://dd32.id.au/2009/11/24/how-to-do-it-right-part-0/
• Michael Pretty for ideas and telling me what I’m doing
wrong
• Sean O’Shaughnessy for ideas and graphics

New Features in a Year:
2.7 - 2.9.1
• Post thumbnails
• Sticky posts
• Comment threading and paging
• Widgets API
• Load scripts miniﬁed by default
• Load scripts in the footer
• esc_* functions
• security ﬁxes
• and much more...

Wrong and Right

photo from Current Conﬁguration

Resources
• CTFB:

• Upgrade manually:
http://codex.wordpress.org/Upgrading_WordPress

• Upgrade with SVN:
http://codex.wordpress.org/Installing/Updating_WordPress_with_Subversion

Calling Functions That
Don’t Exist
<div id="sidebar" role="complementary">
<ul>
<li><?php wp_ozh_wsa('mybanner') ?></li>

... rest of sidebar ...

</ul>
</div>

WRONG

Check for Functions Before
Calling
<div id="sidebar" role="complementary">
<ul>
<?php if (function_exists('wp_ozh_wsa')) : ?>
<li><?php wp_ozh_wsa('mybanner') ?></li>
<?php endif; ?>

... rest of sidebar ...

</ul>
</div>

RIGHT

Hard-Coding WordPress
Paths
$cb_path = get_bloginfo('wpurl')."/wp-content/
plugins/wp-codebox"; //URL to the plugin directory

WRONG

Use Constants or Helper
Functions
$cb_path = plugins_url('', __FILE__); //URL to the
plugin directory

RIGHT

Resources
• Moving wp-content/wp-plugins:
http://codex.wordpress.org/Editing_wp-conﬁg.php#Moving_wp-content

• Stylesheet paths:
http://codex.wordpress.org/Function_Reference/get_stylesheet_directory
http://codex.wordpress.org/Function_Reference/get_stylesheet_directory_uri

• Theme paths:
http://codex.wordpress.org/Function_Reference/get_template_directory
http://codex.wordpress.org/Function_Reference/get_template_directory_uri

Echoing Scripts/CSS in
Header/Footer
function codebox_header() {
$hHead .= "<script language="javascript" type=
"text/javascript" src="".get_bloginfo('wpurl')."/
wp-includes/js/jquery/jquery.js"></script>n";
$hHead .= "<script language="javascript" type=
"text/javascript" src="{$cb_path}/js/codebox.js"
></script>n";
print($hHead);
}
add_action('wp_head', 'codebox_header');

WRONG

Enqueue Scripts and Styles

function codebox_header() {
wp_enqueue_script(
'codebox',
plugins_url('js/ codebox.js', __FILE__),
array('jquery')
);
}
add_action('template_redirect', 'codebox_header');

RIGHT

Resources
• wp_enqueue_script:
http://codex.wordpress.org/Function_Reference/wp_enqueue_script

• wp_enqueue_style:
http://codex.wordpress.org/Function_Reference/wp_enqueue_style

• Enqueueing styles with conditionals:
http://iamzed.com/using-wordpress-wp_enqueue_style-with-conditionals/

• Plugin API/Action Reference:
http://codex.wordpress.org/Plugin_API/Action_Reference

Not Checking Indices or
Object Properties
if ($_GET['wp125action'] == "deactivate") {
...
}

WRONG

Checking Indices/Properties

if (isset($_GET['wp125action']) && $_GET
['wp125action'] == "deactivate") {
...
}

RIGHT

Resources
• isset():
http://php.net/isset

• empty():
http://php.net/emtpy

Not Using WP_DEBUG

WRONG

Deﬁne WP_DEBUG in
wp-conﬁg.php
define('WP_DEBUG', true);

RIGHT

Resources
• WP_DEBUG:
http://codex.wordpress.org/Editing_wp-conﬁg.php#Debug

• Use dev versions of WP scripts:
define('SCRIPT_DEBUG', true);

• Disable admin js concatenation:
define('CONCATENATE_SCRIPTS', false);

Using Globals Instead of
Template Tags
global $post;

$title =$post->post_title;

WRONG

Use Template Tags

$title = get_the_title();

RIGHT

Resources
• Template Tags:
http://codex.wordpress.org/Template_Tags

Writing SQL

global $wpdb;

$wpdb->query("update ".$articles." set review = ".
$rating." where post_id = ".$post_id);

WRONG

Use $wpdb Methods

global $wpdb;

$wpdb->update(
$articles,
array('review' => $rating),
compact('post_id')
);

RIGHT

Resources
• wpdb Class:
http://codex.wordpress.org/Function_Reference/wpdb_Class

• wpdb->prepare():
http://codex.wordpress.org/Function_Reference/
wpdb_Class#Protect_Queries_Against_SQL_Injection_Attacks

Not Validating/Escaping
User Input
<label for="title"><?php echo get_option
('my_plugin_option_title'); ?></label>

<input type="text" id="value" name="value" value="<?
php echo get_option('my_plugin_option_value')); ?>">

WRONG

Validate and Escape User
Input
<label for="title"><?php echo esc_html(get_option
('my_plugin_option_title')); ?></label>

<input type="text" id="value" name="value" value="<?
php echo esc_attr(get_option
('my_plugin_option_value')); ?>">

RIGHT

Resources
• Data validation:
http://codex.wordpress.org/Data_Validation

• wpdb->prepare():
http://codex.wordpress.org/Function_Reference/
wpdb_Class#Protect_Queries_Against_SQL_Injection_Attacks

Not Using Caching

$response = wp_remote_get($url);
if (!is_wp_error($response)
&& $response['response']['code'] == '200')
{
$data = $response['body'];
}
... do something with data ...

WRONG

Use Caching

if (!$data = wp_cache_get('my_external_data')) {
$response = wp_remote_get($url);
if (!is_wp_error($response) &&
$response['response']['code'] == '200')
{
$data = $response['body'];
wp_cache_set('my_external_data', $data);
}
}
... do something with data ...

RIGHT

Resources
• WP_Cache:
http://codex.wordpress.org/Function_Reference/WP_Cache

Not Contributing

photo by TaranRampersad http://www.ﬂickr.com/photos/knowprose/2294744043/

WRONG

Contributing
http://codex.wordpress.org/
Contributing_to_WordPress

• Edit the Codex
• Answer Forum Support Questions
• Participate in Development
• Planning, Testing, Bug Reporting and Fixing
• Say “Thanks”

RIGHT

You're Doing it Wrong - WordCamp Atlanta

More Related Content

What's hot

Similar to You're Doing it Wrong - WordCamp Atlanta

Recently uploaded

You're Doing it Wrong - WordCamp Atlanta