This is my new answer to, “What’s your favorite relatively unknown part of Core?” (Previously, it was the declaration of human rights embedded into has_cap() .) It turns out there’s a much better way to fetch post meta than get_post_meta() : It’s really that simple. Behind the scenes, the reference to $post->foo is handled by WP_Post‘s magic getter , which in turn calls get_post_meta( $post->ID, ‘foo’, true… [more]
All posts in WordPress
Unfortunately, the WordPress.org plugin repository doesn’t provide a way to maintain your plugin with Git. In the past, I’ve either just used Subversion, or hosted an extra copy on GitHub, and setup Git and SVN side-by-side in the same directory . Awhile ago, I briefly considered using git-svn , because it would allow me to avoid using Subversion entirely, and do everything through Git. I dismissed the idea,… [more]
I wanted to find out which sites in a Multisite network had a certain plugin active, but couldn’t find an existing solution I was happy with. So, I wrote a WP-CLI command to do the job. Installation wp package install iandunn/wp-cli-plugin-active-on-sites Usage wp plugin active-on-sites Example > wp plugin active-on-sites eu-cookie-law-widget Checking each site 100% [======================================] 0:02 / 0:03… [more]
I wanted to update the database prefix one this site, but most of the tutorials out there have you do it manually. There are some plugins available, but I didn’t trust most of them, and the ones that I did were kind of bloated with other features, and I didn’t want to mess with the… [more]
We’ve opened the call for speakers for this year’s WordCamp Seattle . Give it a shot if you have any ideas, best practices, use cases, or stories you want to share with the community. I think people are often hesitant to put themselves out there, and that’s definitely understandable, but the WordPress community is really welcoming, and I think you’ll find it’s not as hard as you… [more]
I just finished the first version of a new WordPress installation template called Regolith . I’ve been using my personalized fork of Mark Jaquith’s WordPress Skeleton for the past several years, but recently came across Bedrock and really liked it. I started playing around with it, but quickly discovered that the tools and practices it embraced were a bit overkill for my personal projects, so I… [more]
$wpdb->prepare() is often called with each un-sanitized value explicitly passed as an individual argument; for example: $wpdb->prepare( “SELECT id FROM wp_posts WHERE id > %d AND `post_status` = %s”, $min_id, $status ) The function will also accept an array of un-sanitized values, though, like this: $wpdb->prepare( “SELECT id FROM wp_posts WHERE id > %d AND `post_status`… [more]
I wanted a simple logger for errors in REST API requests and didn’t find one online, so I wrote this one:
Nacin gave a great talk at php[world] dispelling a lot of the myths about WordPress that still exist in the developer community.
TL;DR: View the code on Meta Trac . Every once in awhile I’ll run into a situation where something will break permalinks on all the sites in a WordPress Multisite network, like a plugin network-activation gone wrong. On a single site, it’s easy enough to fix by manually visiting Settings > Permalinks, which will flush and rebuild the rewrite rules, but if you’ve got… [more]
Why Websites get Hacked is a good high-level article to sends to clients or friends who don’t understand why someone would want to attack their site — and therefore doesn’t see the need to protect it — or are curious about how it happens.
WordPress already sends the X-FRAME-OPTIONS header for wp-login.php and the Admin Panels in order to prevent clickjacking , but it doesn’t send it on the front end because that could interfere with remote services that legitimately frame parts of a site. That’s only relevant for a small number of pages, though, so I’ve added a snippet to my functionality plugin skeleton to send the header… [more]
I’m one of the mentors for WordPress’ SupportPress project in this year’s Google Summer of Code, and I wanted to put together a list of WordPress.tv videos to help introduce Varun to the WordPress community and some development best practices. I figured it’d be good to save it for future reference, so I’m also posting it here. General techniques… [more]
Mike Jordan’s post on the WordPress community has some great insight and challenging thoughts. The truth is, however, that our community does not have these rare traits simply because its members are just that awesome. The primary reason that our community is so approachable, is that for the first several years of its life we had to be approachable to encourage growth. Now that… [more]
Update: Zack Tollman wrote a plugin called Ostrichize that does an even better job of this, so I’ve reverted my version out of my functionality plugin skeleton and will use his in the future. Pro tip: search for existing code before writing new code ;) * * * There are a lot of WordPress plugin and theme… [more]