WordPress development
Home |
Table of Contents
$ figlet WordPress
__ __ _ ____ \ \ / /__ _ __ __| | _ \ _ __ ___ ___ ___ \ \ /\ / / _ \| '__/ _` | |_) | '__/ _ \/ __/ __| \ V V / (_) | | | (_| | __/| | | __/\__ \__ \ \_/\_/ \___/|_| \__,_|_| |_| \___||___/___/
================================================================================
1 WordPress resources
WordPress Plugin Handbook https://developer.wordpress.org/plugins/intro/
git clone https://github.com/PacktPublishing/WordPress-Plugin-Development-Cookbook-Second-Edition
- https://codex.wordpress.org
- https://developer.wordpress.org/reference/
- https://codex.wordpress.org/Plugin_API/Action_Reference/
- https://www.wpkube.com/wordpress-gutenberg-tutorial-how-to-use-the-new-block-editor-in-wordpress-5-0/
- List of hooks: http://hookr.io
WP_DEBUG_LOG
WP_DEBUG_LOG
is a companion to WP_DEBUG
that causes all errors to also be saved to a debug.log log file inside the wp-content directory. This is useful if you want to review all notices later or need to view notices generated off-screen (e.g. during an AJAX request or wp-cron run).
Note that this allows you to write to /wp-content/debug.log using PHP's built in error_log()
function, which can be useful for instance when debugging AJAX events.
- https://developer.wordpress.org/reference/
- https://codex.wordpress.org/
- https://codex.wordpress.org/Writing_a_Plugin
- https://codex.wordpress.org/Plugin_API
- https://codex.wordpress.org/Plugin_API/Action_Reference/registered_taxonomy
- https://codex.wordpress.org/Plugin_API/Action_Reference/#Actions_Run_During_a_Typical_Request
2 Custom Posts Types
https://codex.wordpress.org/Post_Types#Custom_Post_Types
https://codex.wordpress.org/Function_Reference/register_post_type
https://codex.wordpress.org/Post_Types
https://developer.wordpress.org/themes/template-files-section/page-template-files/
As of WordPress 4.7 page templates support all post types. For more details how to set a page template to specific post types see example below.
https://developer.wordpress.org/themes/basics/organizing-theme-files/
As discussed in Organizing Theme Files, WordPress recognizes the subfolder page-templates. Therefore, it’s a good idea to store your global page templates in this folder to help keep them organized.
3 WP Themes
https://developer.wordpress.org/themes/getting-started/
https://developer.wordpress.org/themes/getting-started/setting-up-a-development-environment/ https://developer.wordpress.org/themes/basics/post-types/
https://developer.wordpress.org/themes/basics/the-loop/#multiple-loops
https://developer.wordpress.org/themes/advanced-topics/child-themes/
Other than the functions.php file (as noted above), any file you add to your child theme will overwrite the same file in the parent theme.
https://developer.wordpress.org/themes/basics/template-files/
https://developer.wordpress.org/themes/basics/post-types/
As the whole purpose of a Template file is to display content a certain way, the Post Types purpose is to categorize what type of content you are dealing with. Generally speaking, certain Post Types are tied to certain template files.
The template files that display the Post post type are:
- single.php and single-post.php
- category.php and all its iterations
- tag.php and all its iterations
- taxonomy.php and all its iterations
- archive.php and all its iterations
- author.php and all its iterations
- date.php and all its iterations
- search.php
- home.php
- index.php
The template files that display the Page post type are:
- page.php and all its iterations
- $custom.php and all its iterations
- front-page.php
- search.php
- index.php
4 Custom Post Types
Using Custom Post Types, you can create your own post type. It is not recommend that you place this functionality in your theme. This type of functionality should be placed/created in a plugin. This ensures the portability of your user’s content, and that if the theme is changed the content stored in the Custom Post Types won’t disappear.
While you generally won’t develop Custom Post Types in your theme, you may want to code ways to display Custom Post Types that were created by a plugin. The following templates can display Custom post types:
- single-{post-type}.php
- archive-{post-type}.php
- search.php
- index.php
https://developer.wordpress.org/themes/template-files-section/custom-post-type-template-files/
WordPress will work through the template hierarchy and use the template file it comes across first. So if you want to create a custom template for your acme_product
custom post type, a good place to start is by copying the single.php file, saving it as single-acme_product.php
and editing that.
However if you don’t want to create custom template files, WordPress will use the files already present in your theme, which would be archive.php and single.php and index.php files.
https://developer.wordpress.org/themes/basics/template-hierarchy/
WP Plugins - Custom Post Types https://developer.wordpress.org/plugins/post-types/
Registering custom post types https://developer.wordpress.org/plugins/post-types/registering-custom-post-types/
Working with custom post types https://developer.wordpress.org/plugins/post-types/working-with-custom-post-types/
https://developer.wordpress.org/themes/basics/categories-tags-custom-taxonomies/
https://codex.wordpress.org/Function_Reference/register_post_type
https://codex.wordpress.org/Using_Custom_Fields
https://www.smashingmagazine.com/2012/11/complete-guide-custom-post-types/
https://developer.wordpress.org/reference/functions/register_post_type/
5 Other
https://stackoverflow.com/questions/9101503/include-wordpress-core-into-own-scripts
Xdebug from command line
export XDEBUG_CONFIG="idekey=emacs-xdebug"
https://wp-cli.org/ https://wordpress.stackexchange.com/questions/76465/initialize-wordpress-environment-to-use-in-command-line-script https://stackoverflow.com/questions/5306612/using-wpdb-in-standalone-script
https://codex.wordpress.org/Function_Reference/wpdb_Class#Class_Variables
add_comment_meta( $comment_id, $meta_key, $meta_value, $unique );
Examples Add a custom posted value to every new comment
<?php function add_custom_comment_field( $comment_id ) { add_comment_meta( $comment_id, 'my_custom_comment_field', $_POST['my_custom_comment_field'] ); } add_action( 'comment_post', 'add_custom_comment_field' ); ?>
add_comment_meta()
is located in wp-includes/comment.php
6 Block Editor
- https://www.wpkube.com/wordpress-gutenberg-tutorial-how-to-use-the-new-block-editor-in-wordpress-5-0/
- https://wordpress.org/plugins/atomic-blocks/
- https://wordpress.org/plugins/ultimate-addons-for-gutenberg/
- https://wordpress.org/plugins/stackable-ultimate-gutenberg-blocks/
- https://www.wpbeginner.com/beginners-guide/how-to-use-the-new-wordpress-block-editor/
7 Hardening WordPress
7.1 htaccess
############################## ## Hardening ############################## ## Protect login with apache password <Files wp-login.php> order allow,deny # restrict by IP allow from 206.189.179.127 allow from 181.47.230.245 AuthType Basic AuthName "Protected Login" AuthUserFile /home/vhosts/www.example.com/.htpasswd Require valid-user </Files>
8 Autocomplete field
/wp-admin/admin-ajax.php?action=tigetcompanies&tax=posts-tag&q=ja&query=ja
- https://github.com/salmanarshad2000/demos/blob/v1.0.4/jquery-ui-autocomplete/using-label-value-pairs.html
- http://salman-w.blogspot.com/2013/12/jquery-ui-autocomplete-examples.html#example-1
- https://stackoverflow.com/questions/4815330/jquery-ui-autocomplete-with-item-and-id
- https://api.jquery.com/jquery.get/
- https://wordpress.stackexchange.com/questions/190297/ajaxurl-not-defined-on-front-end
- http://api.jqueryui.com/autocomplete/#entry-examples
- https://hollerwp.com/wordpress-settings-autocomplete-field-using-ajax/
- https://goodies.pixabay.com/jquery/auto-complete/demo.html
- https://davidnash.com.au/create-an-auto-complete-field-in-wordpress/
9 Debugging Plugins
9.1 Debug Bar
9.2 Theme Sniffer
9.3 Query Monitor
https://wordpress.org/plugins/query-monitor/
Query Monitor is the developer tools panel for WordPress. It enables debugging of database queries, PHP errors, hooks and actions, block editor blocks, enqueued scripts and stylesheets, HTTP API calls, and more.
It includes some advanced features such as debugging of Ajax calls, REST API calls, and user capability checks. It includes the ability to narrow down much of its output by plugin or theme, allowing you to quickly determine poorly performing plugins, themes, or functions.
https://querymonitor.com/blog/2019/02/clickable-stack-traces-and-function-names-in-query-monitor/
(eww "https://querymonitor.com/blog/2019/02/clickable-stack-traces-and-function-names-in-query-monitor/")
9.4 The Best Tests For WordPress
http://wptest.io/ A fantastically exhaustive set of test data to measure the integrity of your plugins and themes.
9.5 wp-cli
https://make.wordpress.org/cli/handbook/
https://make.wordpress.org/cli/handbook/shell-friends/
./wp-cli.phar --allow-root --help ./wp-cli.phar --allow-root --help post-type ./wp-cli.phar --allow-root --help post ./wp-cli.phar --allow-root post-type list +---------------------+-----------------------+-------------+--------------+--------+---------------------+ | name | label | description | hierarchical | public | capability_type | +---------------------+-----------------------+-------------+--------------+--------+---------------------+ | post | Posts | | | 1 | post | | page | Pages | | 1 | 1 | page | | attachment | Media | | | 1 | post | | revision | Revisions | | | | post | | nav_menu_item | Navigation Menu Items | | | | post | | custom_css | Custom CSS | | | | post | | customize_changeset | Changesets | | | | customize_changeset | | oembed_cache | oEmbed Responses | | | | post | | user_request | User Requests | | | | post | | wp_block | Blocks | | | | block | | wpdiscuz_form | Forms | | | | wpdiscuz_form | | acf-field-group | Field Groups | | 1 | | post | | acf-field | Fields | | 1 | | post | | us_widget_area | Sidebars | | | | post | | us_footer | Footers | | | 1 | us_footer | | wpcf7_contact_form | Contact Forms | | | | page | | ti_assignment | Assignments | | | | post | | ti_company | Companies | | | | post | | ti_contributor | Contributors | | | | post | | ti_country | Countries | | | | post | | ti_fact_checker | Fact Checkers | | | | post | | ti_ingredient | Ingredients | | | | post | | ti_review | Reviews | | | 1 | post | | ti_supplement | Supplements | | | | post | +---------------------+-----------------------+-------------+--------------+--------+---------------------+ ./wp-cli.phar --allow-root post get 617 ./wp-cli.phar --allow-root post list --post_type=page ./wp-cli.phar --allow-root post list --post_type=ti_review
9.6 WordPress-Coding-Standards
https://github.com/WordPress-Coding-Standards/WordPress-Coding-Standards
composer create-project wp-coding-standards/wpcs --no-dev
Running this command will:
- Install WordPress standards into wpcs directory.
- Install PHPCodeSniffer.
- Register WordPress standards in PHPCodeSniffer configuration.
- Make phpcs command available from wpcs/vendor/bin.
./wpcs/vendor/bin/phpcs -i The installed coding standards are PSR1, Squiz, PSR2, PSR12, MySource, PEAR and Zend phpcs --config-set installed_paths /path/to/wpcs cat wpcs/vendor/squizlabs/php_codesniffer/CodeSniffer.conf <?php $phpCodeSnifferConfig = array ( 'installed_paths' => '/home/vhosts/example.com/wpcs/', ) ?> ./wpcs/vendor/bin/phpcs -i The installed coding standards are PSR1, Squiz, PSR2, PSR12, MySource, PEAR, Zend, WordPress, WordPress-Docs, WordPress-Core and WordPress-Extra ./wpcs/vendor/bin/phpcs --standard=WordPress wp-load.php FILE: /home/vhosts/example.com/wp-load.php ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ FOUND 8 ERRORS AND 9 WARNINGS AFFECTING 12 LINES ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ 24 | WARNING | [ ] error_reporting() found. Changing configuration values at runtime is strongly discouraged. 24 | WARNING | [ ] error_reporting() can lead to full path disclosure. 37 | WARNING | [x] "require_once" is a statement not a function; no parentheses are required 39 | WARNING | [ ] Silencing errors is strongly discouraged. Use proper error checking instead. Found: @file_exists( dirname(... 39 | WARNING | [ ] Silencing errors is strongly discouraged. Use proper error checking instead. Found: @file_exists( dirname(... 42 | WARNING | [x] "require_once" is a statement not a function; no parentheses are required 46 | ERROR | [ ] Inline comments must end in full-stops, exclamation marks, or question marks 49 | WARNING | [x] "require_once" is a statement not a function; no parentheses are required 54 | WARNING | [x] "require_once" is a statement not a function; no parentheses are required 56 | ERROR | [ ] Overriding WordPress globals is prohibited. Found assignment to $path 63 | ERROR | [ ] Detected usage of a possibly undefined superglobal array index: $_SERVER['REQUEST_URI']. Use isset() or empty() to check the index exists before using it 63 | ERROR | [ ] $_SERVER data not unslashed before sanitization. Use wp_unslash() or similar 63 | ERROR | [ ] Detected usage of a non-sanitized input variable: $_SERVER['REQUEST_URI'] 69 | WARNING | [x] "require_once" is a statement not a function; no parentheses are required 74 | ERROR | [ ] Inline comments must end in full-stops, exclamation marks, or question marks 92 | ERROR | [ ] All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$die'. 92 | ERROR | [ ] All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'. ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ PHPCBF CAN FIX THE 5 MARKED SNIFF VIOLATIONS AUTOMATICALLY ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ Time: 190ms; Memory: 10MB
9.7 composer.phar
https://getcomposer.org/download/
php composer.phar