Tom McFarlin | Practical WordPress Development

An Introduction to Debugging for WordPress Developers

September 20, 2018

In the most recent post in this series, I walked through the process of integrating Xdebug with your IDE. And given that I’ve been using Visual Studio Code as my IDE of choice, that’s also the IDE I’m using as the example.

Installing Xdebug: PHP Debug for Visual Studio Code

Furthermore, it’s cross-platform, easy enough to get started for beginners, but powerful enough to extend and operate for more experienced programmers (and for the rest of us who fall in between).

In the last post, I stated that I’d be doing a series of screencasts. Specifically, I wrote the following:

Starting in the next post, I’ll begin sharing some screencasts that walk through how to debug functions and variables, change values on the fly, work with the debug console, and more.

In this post, I’m going to have a short screencast providing an introduction to debugging WordPress the first part of this series. Namely, launching an instance of a site built using WordPress and using the basics of debugging a plugin.

WordPress Admin Menu: Re-ordering Submenu Items

September 19, 2018

One of the things about working with the WordPress menu API (that is add_menu_page, add_submenu_page, and the like) is that it doesn’t make it easy to reorder the submenu items.

Sure, for certain things such as taxonomies or things like that, you can just change the order in which they are registered. But let’s say that you have a WordPress admin menu and then a few submenu pages under that particular menu.

By default, WordPress creates the top-level menu, and then it immediately creates a submenu item under the top-level menu that links to the same page. In many cases, this may be ideal.

In some cases, though, you may want to change that.

Secure WordPress Form Submission: An Object-Oriented Approach

September 18, 2018

Years ago, I wrote a post in which I shared a public function to determine if the user had permissions to save information to the WordPress database. You can see the original gist in all of its aged glory (along with the solid comments) here (it’s five years old, even – wow).

Secure WordPress Form Submission: The OG

As with anything programming related, time passes, things are refined, and things [hopefully] get better than they were before.

Though I still use and recommend a variant of the user_can_save (or userCanSave) function, I also think it’s important to go through the process of separating out the process of verifying the request.

So now it’s not just about determining if the user has permissions, but it’s about verifying the security information coming from the client – be it via a post back to the server or a request made via Ajax – and doing so using good programming techniques that align both with WordPress and with PHP.

To be clear, this is more about secure WordPress form submission from an options page or a settings page than it is, say, a form coming from a template. That’s another post for another time.

But still, there are plenty of us working on building applications on WordPress and that require the following.

Don’t Over-Engineer the Solution

September 13, 2018

If you come from an object-oriented background or try to build all of your solutions for WordPress using object-oriented techniques, then there are going to be times where it might feel like you’re hitting a nail with a sledgehammer.

For example, let’s say that someone comes to you and needs a custom plugin developed that works with a third-party plugin but it only needs to do one thing.

Is it worth taking the time to create an interface, implementing the said interface in a concrete class, set up subscribers, write unit tests, and so on?

I can see the appeal, but I generally say no. If the gist of what you need to do has to be including styles or JavaScript files or both, then why not rely on the native WordPress APIs and procedural programming?

Including Custom Fonts in WordPress Plugins

September 12, 2018

The more you work in web development, the more likely you’re going to see people asking you to incorporate custom fonts into their project.

Sometimes this is easy. For example, if you work with something like a Google Web Font, you can easily copy the code necessary to paste into your stylesheet.

Custom Fonts in WordPress Plugins: Google Fonts

Often, the code looks something like this:

And then you can use it in your stylesheet like this:

But what if someone provides you with a set of fonts that they want to use in their project that are in a file format and that are not hosted on some type of content-delivery network?