WordPress Theme & Plugin development best practices - phpXperts seminar 2011

6,189 views

Published on

phpXperts group is the biggest PHP group of Bangladesh. This time I took a mini presentation only for the 6 minutes time frame and thats it.

Published in: Technology, Business
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
6,189
On SlideShare
0
From Embeds
0
Number of Embeds
2,532
Actions
Shares
0
Downloads
114
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide

WordPress Theme & Plugin development best practices - phpXperts seminar 2011

  1. 1. WordPress Theme Plugins Development Best Practiceshttp://tareq.weDevs.com Tareq Hasan@tareq_cse Software Engineer, Leevio
  2. 2. Use WordPress Coding Standards http://codex.wordpress.org/WordPress_Coding_Standards
  3. 3. Add Scripts/Styles Intelligently ..(1) WRONGhttp://codex.wordpress.org/Function_Reference/wp_enqueue_scripthttp://codex.wordpress.org/Function_Reference/wp_enqueue_style
  4. 4. Add Scripts/Styles Intelligently ..(2) RIGHT
  5. 5. Use escape functions in forms..(1) WRONG
  6. 6. Use escape functions in forms..(2) esc_attr() esc_html() RIGHT
  7. 7. Use escape functions in forms..(3) esc_attr() esc_url() esc_js() esc_html() More validation functions http://codex.wordpress.org/Data_Validation
  8. 8. Prevent CSRF Attack Use Nonces wp_nonce_field() http://codex.wordpress.org/WordPress_Nonces
  9. 9. Prevent CSRF Attack Use Nonces wp_nonce_field() wp_nonce_url() wp_verify_nonce() wp_create_nonce() check_admin_referer() check_ajax_referer() http://codex.wordpress.org/WordPress_Nonces
  10. 10. Let developers extend your code without touching your code do_action() apply_filters() http://codex.wordpress.org/Plugin_API
  11. 11. Ensure Theme/Pluginsgenerate no errors with WP_DEBUG enabled
  12. 12. Do not hard code WordPress paths$plugin_path = get_bloginfo(wpurl)."/wp-content/plugins/wp- codebox"; WRONG $plugin_path = plugins_url(, __FILE__); RIGHT
  13. 13. Use database securely..(1) Insert Bad Good http://codex.wordpress.org/Class_Reference/wpdb
  14. 14. Use database securely..(1) Update Bad Good
  15. 15. Use database securely..(1) Prepared Statement Bad Good
  16. 16. Make your theme child theme aware get_template_directory_uri() For parent theme get_stylesheet_directory_uri() For child theme
  17. 17. Localization is important load_theme_textdomain() load_plugin_textdomain() http://codex.wordpress.org/I18n_for_WordPress_Developers
  18. 18. Use the settings APIStore theme and pluginoption settings efficiently http://codex.wordpress.org/Settings_API
  19. 19. Make your plugin cache awarehttp://codex.wordpress.org/Class_Reference/WP_Object_Cache
  20. 20. ThanksQuestions?

×