Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

WordPress Theme & Plugin development best practices - phpXperts seminar 2011


Published on

phpXperts group is the biggest PHP group of Bangladesh. This time I took a mini presentation only for the 6 minutes time frame and thats it.

Published in: Technology, Business
  • Login to see the comments

WordPress Theme & Plugin development best practices - phpXperts seminar 2011

  1. 1. WordPress Theme Plugins Development Best Practices Tareq Hasan@tareq_cse Software Engineer, Leevio
  2. 2. Use WordPress Coding Standards
  3. 3. Add Scripts/Styles Intelligently ..(1) WRONG
  4. 4. Add Scripts/Styles Intelligently ..(2) RIGHT
  5. 5. Use escape functions in forms..(1) WRONG
  6. 6. Use escape functions in forms..(2) esc_attr() esc_html() RIGHT
  7. 7. Use escape functions in forms..(3) esc_attr() esc_url() esc_js() esc_html() More validation functions
  8. 8. Prevent CSRF Attack Use Nonces wp_nonce_field()
  9. 9. Prevent CSRF Attack Use Nonces wp_nonce_field() wp_nonce_url() wp_verify_nonce() wp_create_nonce() check_admin_referer() check_ajax_referer()
  10. 10. Let developers extend your code without touching your code do_action() apply_filters()
  11. 11. Ensure Theme/Pluginsgenerate no errors with WP_DEBUG enabled
  12. 12. Do not hard code WordPress paths$plugin_path = get_bloginfo(wpurl)."/wp-content/plugins/wp- codebox"; WRONG $plugin_path = plugins_url(, __FILE__); RIGHT
  13. 13. Use database securely..(1) Insert Bad Good
  14. 14. Use database securely..(1) Update Bad Good
  15. 15. Use database securely..(1) Prepared Statement Bad Good
  16. 16. Make your theme child theme aware get_template_directory_uri() For parent theme get_stylesheet_directory_uri() For child theme
  17. 17. Localization is important load_theme_textdomain() load_plugin_textdomain()
  18. 18. Use the settings APIStore theme and pluginoption settings efficiently
  19. 19. Make your plugin cache aware
  20. 20. ThanksQuestions?