Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
KICKING THE TIRES
A LOOK AT SELECTING PLUGINS WISELY
Susan Walker
March 17, 2016
“I LOOK AT THE RATING AND
THE NUMBER OF DOWNLOADS.
ISN’T THAT ENOUGH?”
Some Random Dude
KICKING THE TIRES
KICKING THE TIRES
WELL, IT’S A START.
Accessibility PHP Errors
HTML Validation
Mobile Friendliness
Download Time
SEO Frien...
KICKING THE TIRES
There are a LOT of best practices to aim for.
WELL, IT’S A START.
“THIS IS OVERWHELMING.
WHERE DO I EVEN START?”
Dazed and Confused
KICKING THE TIRES
KICKING THE TIRES
DEFINE WHAT YOU NEED
First, clarify what you need in a plugin — the necessary
features, the optional one...
KICKING THE TIRES
DEFINE WHAT YOU NEED
Be realistic. We all hope to find that one perfect plugin …
KICKING THE TIRES
DEFINE WHAT YOU NEED
… but what we end up with will invariably be more modest.
KICKING THE TIRES
DEFINE WHAT YOU NEED
Often the goal is to recognize and avoid the worst clunkers.
KICKING THE TIRES
AUDITED PLUGINS
Here are a couple of sites with
lists of plugins that have been
tested thoroughly by oth...
“THESE SITES ARE AWESOME,
BUT I DIDN’T FIND WHAT I NEED.
WHAT DO I DO?”
Perplexed in Philly
KICKING THE TIRES
KICKING THE TIRES
START SEARCHING
▸Search the repository using
different terms
▸Do a Google search
▸Read “best of” lists a...
KICKING THE TIRES
START SEARCHING
Production web sites are like
fingerprints; no two are exactly
alike. The ideal solution...
Assuming you’ve found a few possible candidates, it’s time to
look at them more closely.
▸Search the plugin name + the wor...
KICKING THE TIRES
NOW TRY IT OUT
Install and activate the plugin on a test site before you try it on
your production web s...
KICKING THE TIRES
NOW TRY IT OUT
Take the time to add lots of content and work through your
best guess for settings.
KICKING THE TIRES
NOW TRY IT OUT
Solicit the help of the site’s users if you can. If you do, assign
them specific tasks to...
KICKING THE TIRES
NOW TRY IT OUT
Test the plugin with different user roles. An Administrator
account may see something ent...
KICKING THE TIRES
NOW TRY IT OUT
Does the plugin have too many settings to manage easily?
KICKING THE TIRES
NOW TRY IT OUT
Does the admin interface confuse your users during testing?
KICKING THE TIRES
TEST PLUGINS WITH PLUGINS
▸Plugin Performance Profiler
Reports on how plugins impact page performance
▸P...
KICKING THE TIRES
TEST PLUGINS WITH PLUGINS
▸Plugin Security Scanner
Checks plugins against the WPScan Vulnerability Datab...
“THAT’S A LOT OF TESTING.
ARE WE DONE YET?”
Some Other Guy
KICKING THE TIRES
KICKING THE TIRES
TEST WITH EXTERNAL TOOLS
▸WebPagetest, www.webpagetest.org
Tests web site performance
▸W3C Validator, va...
KICKING THE TIRES
TEST WITH EXTERNAL TOOLS
▸WAVE Web Accessibility Tool, wave.webaim.org
Tests pages for accessibility com...
KICKING THE TIRES
DON’T FORGET THE BASICS
▸Chrome console
Especially helpful detecting JavaScript errors
▸Link checkers
Lo...
KICKING THE TIRES
UNDERSTAND THE LIMITS
There’s only one way to be sure what a plugin really does.
KICKING THE TIRES
LOOK IN THE CODE
Download and unzip a copy of the plugin. Check out the
readme.txt file and any other te...
KICKING THE TIRES
LOOK IN THE CODE
new WP_Query is used in custom queries of the posts table
and is normally related to th...
KICKING THE TIRES
LOOK IN THE CODE
wp_enqueue_ indicates script or CSS files are being added.
wp_schedule_ functions are c...
KICKING THE TIRES
LOOK IN THE CODE
add_ comes up in many different contexts:
add_option adds a new entry to the options ta...
KICKING THE TIRES
LOOK IN THE CODE
Most of the common keywords in WordPress function names
have corresponding functions to...
KICKING THE TIRES
LOOK IN THE CODE
Six of the most powerful functions in WordPress involve
actions and filters. These can ...
KICKING THE TIRES
LOOK IN THE CODE
add_action lets you add functionality to a code sequence.
remove_action allows you to r...
“PLEASE PLEASE PLEASE
DON’T MAKE ME LOOK AT ANY
MORE CODE THINGIES.”
Gnosiophobe
KICKING THE TIRES
KICKING THE TIRES
DON’T PANIC
It’s OK, the code went away. Pause and catch your breath.
KICKING THE TIRES
FINALLY, UNINSTALL
Did it leave a lot of garbage behind? Things to look for:
‣ Orphaned tables
‣ Custom ...
KICKING THE TIRES
POSSIBLE OUTCOMES
1. You found at least one suitable plugin.
2. You didn’t find a suitable plugin, in wh...
KICKING THE TIRES
POSSIBLE OUTCOMES
1. You found at least one suitable plugin.
2. You didn’t find a suitable plugin, in wh...
KICKING THE TIRES
POSSIBLE OUTCOMES
1. You found at least one suitable plugin.
2. You didn’t find a suitable plugin, in wh...
KICKING THE TIRES
HELP DEVELOPERS HELP YOU
When you find bugs or coding errors, report them on the
plugin’s support forum....
KICKING THE TIRES
HELP DEVELOPERS HELP YOU
Taking the time to provide courteous, factual information about
your problem ca...
“NOW ARE WE DONE?”
It’s Thursday and I Missed My Nap
KICKING THE TIRES
YES, WE ARE. THANK YOU!
Susan Walker
susanwrotethis.com
@susanwrotethis
KICKING THE TIRES
IMAGE CREDITS
‣ Cover Slide: tire by Grimm Pics
https://flic.kr/p8PybuA, CC BY 2.0
‣ Slide 7: Neuschwans...
KICKING THE TIRES
IMAGE CREDITS
‣ Slide 12: 51 by Sergey Norin
https://flic.kr/p/7EA74a, CC BY 2.0
‣ Slide 13: Fingerprint...
KICKING THE TIRES
IMAGE CREDITS
‣ Slide 36: Chiaroscuro Guinea Pig by TRONOSKI Photography
https://flic.kr/p/bkQ2f3, CC BY...
Upcoming SlideShare
Loading in …5
×

Kicking the Tires: A Look at Selecting Plugins Wisely

942 views

Published on

Slides from the March 2016 WordPress Philly Meetup presentation on plugin selection and testing.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Kicking the Tires: A Look at Selecting Plugins Wisely

  1. 1. KICKING THE TIRES A LOOK AT SELECTING PLUGINS WISELY Susan Walker March 17, 2016
  2. 2. “I LOOK AT THE RATING AND THE NUMBER OF DOWNLOADS. ISN’T THAT ENOUGH?” Some Random Dude KICKING THE TIRES
  3. 3. KICKING THE TIRES WELL, IT’S A START. Accessibility PHP Errors HTML Validation Mobile Friendliness Download Time SEO Friendliness Browser Support Minified Files Memory Usage WordPress APIs Security Practices CSS Rules JavaScript Errors Plugin Conflicts Queries UX Caching Translations
  4. 4. KICKING THE TIRES There are a LOT of best practices to aim for. WELL, IT’S A START.
  5. 5. “THIS IS OVERWHELMING. WHERE DO I EVEN START?” Dazed and Confused KICKING THE TIRES
  6. 6. KICKING THE TIRES DEFINE WHAT YOU NEED First, clarify what you need in a plugin — the necessary features, the optional ones and those that are undesirable.
  7. 7. KICKING THE TIRES DEFINE WHAT YOU NEED Be realistic. We all hope to find that one perfect plugin …
  8. 8. KICKING THE TIRES DEFINE WHAT YOU NEED … but what we end up with will invariably be more modest.
  9. 9. KICKING THE TIRES DEFINE WHAT YOU NEED Often the goal is to recognize and avoid the worst clunkers.
  10. 10. KICKING THE TIRES AUDITED PLUGINS Here are a couple of sites with lists of plugins that have been tested thoroughly by others. ▸Tidy Repo tidyrepo.com ▸Sites sites.usa.gov/plugins/
  11. 11. “THESE SITES ARE AWESOME, BUT I DIDN’T FIND WHAT I NEED. WHAT DO I DO?” Perplexed in Philly KICKING THE TIRES
  12. 12. KICKING THE TIRES START SEARCHING ▸Search the repository using different terms ▸Do a Google search ▸Read “best of” lists and plugin comparisons ▸Check professional forums ▸Ask colleagues
  13. 13. KICKING THE TIRES START SEARCHING Production web sites are like fingerprints; no two are exactly alike. The ideal solution for someone else’s web site may not be what’s best for you.
  14. 14. Assuming you’ve found a few possible candidates, it’s time to look at them more closely. ▸Search the plugin name + the words “error”, “bug”, “issue” and “plugin conflict” ▸Search the plugin name + the word “security” ▸Read the tickets on the plugin support forum ▸Get an idea of how often the plugin is updated KICKING THE TIRES DIG DEEPER
  15. 15. KICKING THE TIRES NOW TRY IT OUT Install and activate the plugin on a test site before you try it on your production web site. Make notes (a sample worksheet is available from susanwrotethis.com): ▸What interface elements does it add to admin? ▸What does it output on the front end? ▸How well does it perform? ▸Are there any other considerations?
  16. 16. KICKING THE TIRES NOW TRY IT OUT Take the time to add lots of content and work through your best guess for settings.
  17. 17. KICKING THE TIRES NOW TRY IT OUT Solicit the help of the site’s users if you can. If you do, assign them specific tasks to perform, with a minimum number of repetitions. When you simply ask them to log in and look at a new feature, looking is all they’re likely to do.
  18. 18. KICKING THE TIRES NOW TRY IT OUT Test the plugin with different user roles. An Administrator account may see something entirely different from an Author account. Plugins with custom capabilities may default to very strict access or very broad access. If you don’t check you can create user access problems or open up a feature to anyone.
  19. 19. KICKING THE TIRES NOW TRY IT OUT Does the plugin have too many settings to manage easily?
  20. 20. KICKING THE TIRES NOW TRY IT OUT Does the admin interface confuse your users during testing?
  21. 21. KICKING THE TIRES TEST PLUGINS WITH PLUGINS ▸Plugin Performance Profiler Reports on how plugins impact page performance ▸Plugin Profiler Reports on plugin performance times ▸Query Monitor Identifies queries, HTTP requests, PHP warnings ▸Plugin Inspector Looks for vulnerabilities and deprecated code
  22. 22. KICKING THE TIRES TEST PLUGINS WITH PLUGINS ▸Plugin Security Scanner Checks plugins against the WPScan Vulnerability Database ▸WP Hooker Reports on which hooks are firing, with time from start ▸What’s Running Lists require() calls made in a page ▸Get Options Retrieves and lists all the options for a site
  23. 23. “THAT’S A LOT OF TESTING. ARE WE DONE YET?” Some Other Guy KICKING THE TIRES
  24. 24. KICKING THE TIRES TEST WITH EXTERNAL TOOLS ▸WebPagetest, www.webpagetest.org Tests web site performance ▸W3C Validator, validator.w3.org Checks your web page for valid HTML code ▸CSS Lint, csslint.net Analyzes CSS code quality ▸JS Lint, www.jslint.com Reports on JavaScript code quality
  25. 25. KICKING THE TIRES TEST WITH EXTERNAL TOOLS ▸WAVE Web Accessibility Tool, wave.webaim.org Tests pages for accessibility compliance ▸Mobile Emulator, mobiletest.me Lets you see how pages look on different devices ▸SEO SiteCheckup, seositecheckup.com Analyzes pages for search engine optimization ▸PHP Code Checker, phpcodechecker.com Examines PHP code
  26. 26. KICKING THE TIRES DON’T FORGET THE BASICS ▸Chrome console Especially helpful detecting JavaScript errors ▸Link checkers Look for 404 errors generated by the plugin ▸Google Webmaster Tools On production it’s useful identifying subtle issues ▸WP_DEBUG Enable this in wp_config.php to display PHP errors
  27. 27. KICKING THE TIRES UNDERSTAND THE LIMITS There’s only one way to be sure what a plugin really does.
  28. 28. KICKING THE TIRES LOOK IN THE CODE Download and unzip a copy of the plugin. Check out the readme.txt file and any other text files with plugin info. Running a series of text searches for common keywords in the code files can tell you a lot, even if you don’t know code.
  29. 29. KICKING THE TIRES LOOK IN THE CODE new WP_Query is used in custom queries of the posts table and is normally related to the display of content. $wpdb-> shows up when a custom query of the database is in the code. CREATE TABLE (case insensitive) indicates that one or more tables is being added to the database.
  30. 30. KICKING THE TIRES LOOK IN THE CODE wp_enqueue_ indicates script or CSS files are being added. wp_schedule_ functions are called to add cron jobs. register_ creates something that will be used elsewhere; examples include register_sidebar, register_post_type and register_taxonomy.
  31. 31. KICKING THE TIRES LOOK IN THE CODE add_ comes up in many different contexts: add_option adds a new entry to the options table. add_meta adds a new entry to the postmeta table. add_menu_page adds a page to the admin menu. add_cap adds a capability to a role or a specific user. add_shortcode creates a new shortcode.
  32. 32. KICKING THE TIRES LOOK IN THE CODE Most of the common keywords in WordPress function names have corresponding functions to undo something: wp_dequeue_ wp_unschedule_ unregister_ or deregiser_ delete_ or remove_
  33. 33. KICKING THE TIRES LOOK IN THE CODE Six of the most powerful functions in WordPress involve actions and filters. These can be used to modify not only WordPress core behaviors but modify other plugins as well.
  34. 34. KICKING THE TIRES LOOK IN THE CODE add_action lets you add functionality to a code sequence. remove_action allows you to remove functionality. do_action is the point when that functionality executes. add_filter allows you to add functions to modify output. remove_filter allows you to remove modification functions. apply_filters is when the modifications are applied.
  35. 35. “PLEASE PLEASE PLEASE DON’T MAKE ME LOOK AT ANY MORE CODE THINGIES.” Gnosiophobe KICKING THE TIRES
  36. 36. KICKING THE TIRES DON’T PANIC It’s OK, the code went away. Pause and catch your breath.
  37. 37. KICKING THE TIRES FINALLY, UNINSTALL Did it leave a lot of garbage behind? Things to look for: ‣ Orphaned tables ‣ Custom roles and capabilities ‣ Custom post types and postmeta ‣ Options ‣ Files ‣ Cron jobs
  38. 38. KICKING THE TIRES POSSIBLE OUTCOMES 1. You found at least one suitable plugin. 2. You didn’t find a suitable plugin, in which case you have to build your own or hire a developer. 3. You found a plugin with minor issues that its developer may be able to resolve. 4. You found a plugin that will partially suit your needs and that you can extend with action and filter hooks. 5. You realize you had a bad idea, and you drop it.
  39. 39. KICKING THE TIRES POSSIBLE OUTCOMES 1. You found at least one suitable plugin. 2. You didn’t find a suitable plugin, in which case you have to build your own or hire a developer. 3. You found a plugin with minor issues that its developer may be able to resolve. 4. You found a plugin that will partially suit your needs and that you can extend with action and filter hooks. 5. You realize you had a bad idea, and you drop it.
  40. 40. KICKING THE TIRES POSSIBLE OUTCOMES 1. You found at least one suitable plugin. 2. You didn’t find a suitable plugin, in which case you have to build your own or hire a developer. 3. You found a plugin with minor issues that its developer may be able to resolve. 4. You found a plugin that will partially suit your needs and that you can extend with action and filter hooks. 5. You realize you had a bad idea, and you drop it.
  41. 41. KICKING THE TIRES HELP DEVELOPERS HELP YOU When you find bugs or coding errors, report them on the plugin’s support forum. Include as much data as possible, including the plugin version and WP core version, whether you’re on multisite and whether WP_DEBUG is enabled. Try to rule out the theme or another plugin as a possible source of a problem. If there are specific code errors, the exact error, including the file and line number if provided, can speed up resolution of a support ticket.
  42. 42. KICKING THE TIRES HELP DEVELOPERS HELP YOU Taking the time to provide courteous, factual information about your problem can gradually build a positive working relationship that benefits you, the developer and other users of the plugin.
  43. 43. “NOW ARE WE DONE?” It’s Thursday and I Missed My Nap KICKING THE TIRES
  44. 44. YES, WE ARE. THANK YOU! Susan Walker susanwrotethis.com @susanwrotethis
  45. 45. KICKING THE TIRES IMAGE CREDITS ‣ Cover Slide: tire by Grimm Pics https://flic.kr/p8PybuA, CC BY 2.0 ‣ Slide 7: Neuschwanstein by Paula Funnell https://flic.kr/p/dbjzny, CC BY-NC-ND 2.0 ‣ Slide 8: Craftsman House, Wallingford by brewbooks https://flic.kr/p/njQ5f, CC BY-SA 2.0 ‣ Slide 9: Fixer-upper (Abandoned Homestead) by J.N. Stuart https://flic.kr/p/4KsDZh, CC BY-NC-ND 2.0 ‣ Slide 10: Ruby red pens by Marcin Bajer https://flic.kr/p/87dMAs, CC BY-NC 2.0
  46. 46. KICKING THE TIRES IMAGE CREDITS ‣ Slide 12: 51 by Sergey Norin https://flic.kr/p/7EA74a, CC BY 2.0 ‣ Slide 13: Fingerprint by Angelo Pereira https://flic.kr/p/3KjRyr, CC BY-NC-ND 2.0 ‣ Slide 19: Switches by Jol Ito https://flic.kr/p/KG5Te, CC BY 2.0 ‣ Slide 20: Confused by Sarah https://flic.kr/p/6eBt8y, CC BY 2.0 ‣ Slide 27: Rube Goldberg Machine by Jeff Kubina https://flic.kr/p/qCoDG, CC BY-SA 2.0
  47. 47. KICKING THE TIRES IMAGE CREDITS ‣ Slide 36: Chiaroscuro Guinea Pig by TRONOSKI Photography https://flic.kr/p/bkQ2f3, CC BY-NC-ND 2.0 Creative Commons image licenses at creativecommons.org/licenses/.

×