Flushing Rewrite Rules on All Sites in a Multisite Network

TL;DR: View the code on Meta Trac. Every once in awhile I’ll run into a situation where something will break permalinks on all the sites in a WordPress Multisite network, like a plugin network-activation gone wrong. On a single site, it’s easy enough to fix by manually visiting Settings > Permalinks, which will flush and rebuild the rewrite […]

Why Websites Get Hacked

Why Websites get Hacked is a good high-level article to sends to clients or friends who don’t understand why someone would want to attack their site — and therefore doesn’t see the need to protect it — or are curious about how it happens.

Internet Slowdown

Today is the Internet Slowdown, to show support for Net Neutrality.

If you want to participate, you can install the Cat Signal plugin on your WordPress.org site, or enable the setting for your WordPress.com blog.

Attaching Uploads to Custom Post Types

I’m working on a plugin that implements a custom post type, and it doesn’t need the editor, but I do want to upload files. I setup the everything like you normally would, but I noticed that the files weren’t being attached to the post when they were uploaded. I couldn’t find anything online, so I dug through […]

Progressive Enhancement with Backbone.js

I’m mostly focusing on back-end development these days, so I’m a bit behind the curve on a lot of the recent front-end practices, but I’ve been playing around with Backbone.js a bit, and one of the things that’s been nagging me is the hard dependency on JavaScript for the core functionality of the site. Looking around for some […]

Preventing Clickjacking on WordPress Sites

WordPress already sends the X-FRAME-OPTIONS header for wp-login.php and the Admin Panels in order to prevent clickjacking, but it doesn’t send it on the front end because that could interfere with remote services that legitimately frame parts of a site. That’s only relevant for a small number of pages, though, so I’ve added a snippet to my functionality plugin skeleton […]

WordPress.tv Developer Presentation Roundup

I’m one of the mentors for WordPress’ SupportPress project in this year’s Google Summer of Code, and I wanted to put together a list of WordPress.tv videos to help introduce Varun to the WordPress community and some development best practices. I figured it’d be good to save it for future reference, so I’m also posting […]

Challenges for the WordPress Community as it Matures

Mike Jordan’s post on the WordPress community has some great insight and challenging thoughts. The truth is, however, that our community does not have these rare traits simply because its members are just that awesome. The primary reason that our community is so approachable, is that for the first several years of its life we had to […]

Hide PHP Warnings and Notices from Poorly Written Plugins

Update: Zack Tollman wrote a plugin called Ostrichize that does an even better job of this, so I’ve reverted my version out of my functionality plugin skeleton and will use his in the future. Pro tip: search for existing code before writing new code ;) * * * There are a lot of WordPress plugin and theme […]

WordCamp Seattle Call for Speakers

We just posted the Call for Speakers for WordCamp Seattle 2014. If you’ve got some knowledge or experience you’d like to share with the WordPress community in Seattle, check it out.

WordCamp Dayton 2014 Slides

I’ll be speaking at WordCamp Dayton 2014 this Saturday about best practices for customizing WordPress plugins. If you’re attending and would like to follow along, you can check out the slides.

Sexual Harassment at WordCamps

It’s really disheartening to read stories like this coming out of the WordPress community, but kudos to Sarah for speaking out about it. We all need to be more aware of these issues and look for ways to prevent things like this from happening in the future.

The Right Way to Customize a WordPress Plugin

Video: I presented on this topic at WordCamp Dayton 2014. It’s very common for developers to customize and extend existing plugins to fit their own needs, which is one of the great advantages of using open-source software. They often do it by making their changes directly to the plugin, though, which creates a security vulnerability […]

New RSS Feed for WordCamp Announcements

WordCamp.org now has an RSS feed that announces when new WordCamps are scheduled.

Programmatically Sign-on a WordPress User

I came across a post on WP Recipes about programmatically logging users in, but it seemed like a flawed approach because it duplicated parts of Core’s internals rather than using the API. So, I can up with my own version:

Video from MVC presentation at WordCamp Columbus 2013

The video from my presentation on the Model-View-Controller pattern at WordCamp Columbus 2013 is now available on WordPress.tv.

Security Reward for new Google Authenticator Plugin

I just released a new plugin into the WordPress.org repository, and am fairly confident that it’s secure, but since it modifies some of the default login behavior, I’d love to get some extra eyeballs on the code. To that end, I’m offering a $150 Amazon.com gift certificate* to anyone who can find a significant vulnerability. By “significant”, […]

Reusing P2’s ajaxUrl Short-Circuits Other AJAX Requests

I just spent awhile tracking down some odd AJAX behavior that was puzzling me, so I thought I’d share the solution. I was working on a plugin to extend P2 and my AJAX requests were always responding with -1. After a lot of digging and some trial-and-error, I figured out that it was happening because I was […]

WordCamp Columbus 2013 Slides

I’ll be speaking at WordCamp Columbus 2013 this Saturday on implementing the Model-View-Controller pattern in plugins. If you’re attending and would like to follow along, you can check out the slides.

WordCamp Seattle 2013 Slides

I’ll be speaking at WordCamp Seattle 2013 tomorrow on creating object-oriented WordPress plugins. If you’re attending and would like to follow along, you can check out the slides.

Ian Dunn

WordPress Developer

Category Archives: WordPress

Flushing Rewrite Rules on All Sites in a Multisite Network

Why Websites Get Hacked

Internet Slowdown

Attaching Uploads to Custom Post Types

Progressive Enhancement with Backbone.js

Preventing Clickjacking on WordPress Sites

WordPress.tv Developer Presentation Roundup

Challenges for the WordPress Community as it Matures

Hide PHP Warnings and Notices from Poorly Written Plugins

WordCamp Seattle Call for Speakers

WordCamp Dayton 2014 Slides

Sexual Harassment at WordCamps

The Right Way to Customize a WordPress Plugin

New RSS Feed for WordCamp Announcements

Video from MVC presentation at WordCamp Columbus 2013

Security Reward for new Google Authenticator Plugin

Reusing P2’s ajaxUrl Short-Circuits Other AJAX Requests

WordCamp Columbus 2013 Slides

WordCamp Seattle 2013 Slides