Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

WordPress Theme & Plugin development best practices - phpXperts seminar 2011

6,455 views

Published on

phpXperts group is the biggest PHP group of Bangladesh. This time I took a mini presentation only for the 6 minutes time frame and thats it.

Published in: Technology, Business
  • Login to see the comments

WordPress Theme & Plugin development best practices - phpXperts seminar 2011

  1. 1. WordPress Theme Plugins Development Best Practiceshttp://tareq.weDevs.com Tareq Hasan@tareq_cse Software Engineer, Leevio
  2. 2. Use WordPress Coding Standards http://codex.wordpress.org/WordPress_Coding_Standards
  3. 3. Add Scripts/Styles Intelligently ..(1) WRONGhttp://codex.wordpress.org/Function_Reference/wp_enqueue_scripthttp://codex.wordpress.org/Function_Reference/wp_enqueue_style
  4. 4. Add Scripts/Styles Intelligently ..(2) RIGHT
  5. 5. Use escape functions in forms..(1) WRONG
  6. 6. Use escape functions in forms..(2) esc_attr() esc_html() RIGHT
  7. 7. Use escape functions in forms..(3) esc_attr() esc_url() esc_js() esc_html() More validation functions http://codex.wordpress.org/Data_Validation
  8. 8. Prevent CSRF Attack Use Nonces wp_nonce_field() http://codex.wordpress.org/WordPress_Nonces
  9. 9. Prevent CSRF Attack Use Nonces wp_nonce_field() wp_nonce_url() wp_verify_nonce() wp_create_nonce() check_admin_referer() check_ajax_referer() http://codex.wordpress.org/WordPress_Nonces
  10. 10. Let developers extend your code without touching your code do_action() apply_filters() http://codex.wordpress.org/Plugin_API
  11. 11. Ensure Theme/Pluginsgenerate no errors with WP_DEBUG enabled
  12. 12. Do not hard code WordPress paths$plugin_path = get_bloginfo(wpurl)."/wp-content/plugins/wp- codebox"; WRONG $plugin_path = plugins_url(, __FILE__); RIGHT
  13. 13. Use database securely..(1) Insert Bad Good http://codex.wordpress.org/Class_Reference/wpdb
  14. 14. Use database securely..(1) Update Bad Good
  15. 15. Use database securely..(1) Prepared Statement Bad Good
  16. 16. Make your theme child theme aware get_template_directory_uri() For parent theme get_stylesheet_directory_uri() For child theme
  17. 17. Localization is important load_theme_textdomain() load_plugin_textdomain() http://codex.wordpress.org/I18n_for_WordPress_Developers
  18. 18. Use the settings APIStore theme and pluginoption settings efficiently http://codex.wordpress.org/Settings_API
  19. 19. Make your plugin cache awarehttp://codex.wordpress.org/Class_Reference/WP_Object_Cache
  20. 20. ThanksQuestions?

×