Tools for Writing Better WordPress Code: Static Analysis

In the most recent post of this series (which is admittedly some time ago), I talked at length about Composer and its lock file.

I recommend reading the previous two articles because Composer is eventually going to play a role in this material that this and future posts are going to share. But if you opt not to catch up on them (or are already familiar with Composer) then the gist of the previous posts are, respectively, as follows:

I don’t recommend checking the vendor directory into your repository. That can become a huge directory later, and it can undermine the whole purpose of Composer.

Composer

The goal is to make sure that every one is running the same version of the dependencies of the project – not older versions, not newer versions – but the same version.

The Composer Lock File

With that said, there are numerous dependencies or packages that we can install that help us to make sure that we’re writing the highest quality code possible.

Sure, some of these may be in the form of something like coding standards, but those are really more rules than they are elements of writing high quality code (though I don’t think they should be left out of the discussion – just left out at this time 🙃).

Back to the tools in question: What are some tools that help write high quality WordPress code? I’m going to share a few of my favorites and them I’m going to talk about how we can run them all against a code base.

First, let’s take a look at static analysis with PHPStan.

Continue reading “Tools for Writing Better WordPress Code: Static Analysis”

Sending Authorization Headers with WordPress

Whenever we’re making remote requests with WordPress, we’re likely going to be using one of the following functions:

And, yes, sometimes we’ll be using cURL depending on the nature of the project, but that’s outside the content of this post.

For this article, I want to talk specifically about making remote requests and specifying headers against a third-party API.

Authorization Headers with WordPress

Whenever it comes making asynchronous requests with WordPress, the process often goes like this:

  1. Set up the JavaScript function to make a call to the server-side (with a secure nonce, of course),
  2. Have the server-side perform the request using one of the aforementioned functions,
  3. Return the response either in the form of a success or error message,
  4. Have the client-side JavaScript handle the response in whatever way seems fitting based on the response.

But what if the API request you need to make from the server requires something more than a basic endpoint with a few parameters?

More specifically, what if what you’re writing requires that you provide some type of authorization for your work? Luckily, WordPress allows us to set headers that solve exactly this.

If you want to implement something like this, then I’m going to assume the content type will be that of JSON and that the authorization will be some type of token (however, your implementation may vary based on the system with which you’re working).

In this case, my token will simply be identified as $token. And here’s a simple example:

Something Worth Noting

If your host is running on Apache and this type of request does not work, then you’re likely going to need to update your htaccess file so that it includes the following rule: SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1.

Props to George for hooking me up with that.

Time Off 2019: Part 2 of 4 of Social Media Sabbaticals Taking time off of social media is something I've done for a while now, and it's something that I've found useful both for my personal and professional life.

Earlier this year, I followed-suit with my usual routine of social media sabbaticals (which is just a fancier way of saying “time off of social media” 🎩).

If you’re new to reading this site, you can read my past entries here:

  1. The First Social Media Sabbatical of 2018
  2. The Second Social Media Sabbatical of 2018
  3. The Third Social Media Sabbatical of 2018
  4. Time Off 2019: Part 1 of 4 of Social Media Sabbaticals

This is something I’ve been doing for a while now, and it’s something that I’ve found useful both for my personal and professional life.

And I don’t want to try to come up with some other reason for doing this so I’ll quote my previous post (because quoting yourself isn’t narcissistic or anything, is it?):

Every time I end up taking time off of social media in general, I never regret it. At the same time, I also find new things I want to do during that time.

But one of the things I like do during this post other than share that I am doing it (because I see this site as the primary place to keep up with me – not Twitter, not Instagram, not AIM, not ICQ), I like also to cover what I plan to do.

So here’s what I’m looking to do during August.

Continue readingTime Off 2019: Part 2 of 4 of Social Media Sabbaticals Taking time off of social media is something I’ve done for a while now, and it’s something that I’ve found useful both for my personal and professional life.

Episode 7 – On Gutenberg I answer a question on Gutenberg that I've had sitting in my queue for some time and attempt to frame it in a way that's beneficial for developers.

It’s been a really busy month, so this episode is coming out just about as late as it can for a monthly podcast.

If you’re reading this post, then chances are the latest episode is already available on your favorite podcast service.

In this particular episode, I’ve got a new sponsor with a coupon code specifically for listeners, so be sure to check that out (in addition to the content, of course).

And with that, here are the notes from the episode.

Continue readingEpisode 7 – On Gutenberg I answer a question on Gutenberg that I’ve had sitting in my queue for some time and attempt to frame it in a way that’s beneficial for developers.

Adding Multiple Coding Standards with Composer To install multiple coding standards with Composer, we need to take advantage of the pre-install-cmd and the pre-update-cmd scripts.

It’s one thing to be using PHP CodeSniffer manually but if you’re using a utility such as GrumPHP to check your work before committing it to the repository, then you’re likely going to want to use the version that you’re installing with your project.

This assumes that:

  1. You are installing PHP CodeSniffer local to your project,
  2. You want to install a specific set of coding standards to run against your code.

Remember, this is also done in the context of wanting to run automated scripts during the commit process and in a local environment (versus a global setting) with Composer.

Continue readingAdding Multiple Coding Standards with Composer To install multiple coding standards with Composer, we need to take advantage of the pre-install-cmd and the pre-update-cmd scripts.