Tom McFarlin

Software Engineering in WordPress, PHP, and Backend Development

Page 150 of 427

Humbling Experiences as a Developer

August 15, 2016 / / 0 Comments

When working to improve yourself, one of the most humbling experiences as a developer is when you have a breakthrough on a concept with which you’ve been struggling only to find out just how much more other people know and just how much more you have to learn.

This isn’t something that’s limited to WordPress, of course. This is something that isn’t even limited to programming. It transcends a variety of disciplines, hobbies, and so on (remember, say, when you were first learning to play barre chords on the guitar?)

Acoustic Guitar

But I don’t focus on other disciplines when writing on this blog (the zoomed in picture of the guitar not-withstanding).

Continue reading

Personal Involvement and Improvement in WordPress

August 12, 2016 / / 0 Comments

A couple of weeks ago, a friend (who I finally had a chance to meet earlier this year) sent me two questions that I thought would best be covered in the context of this blog.

Specifically, the questions are around evaluating the skill of potential and existing employees in the context of personal development rather than if a person is worth hiring.

I’ll share the actual questions momentarily, but I think it’s important to note that my experience in doing this within the context of WordPress, let alone open source, is very different than when working in a corporate job working on a closed source application.

Involvement and Improvement in WordPress: The Original Cube Farm

No, corporate environments aren’t all like this. It’s fun to think of them that way, though :).

That in and of itself could probably be its post (and it’s not a bad thing any more than it’s a good thing), but I thought I’d offer whatever input I have with hopes of having others chime in via the comments.

Continue reading

Loading WordPress Assets, Part 1

August 11, 2016 / / 0 Comments

Loading WordPress assets usually consist of making multiple calls wp_enqueue_script or wp_enqueue_style, but this makes for redundant calls and unnecessarily long methods.

So I’ve been experimenting with a variety of different ways to load assets. And though I’m not planning to layout the final version of the code for doing this in this post, I thought it’d be worth starting from the first pass at how we can improve our process.

After all, even if there’s one degree of improvement to make in your work, isn’t it something worth considering?

Continue reading

Supporting Free WordPress Plugins: Dedicated Hours

August 10, 2016 / / 0 Comments

Supporting free WordPress plugins has been interesting to me for some time now because there are some inherent challenges with managing a freemium-based product.

Last week, WP Tavern covered a new project by ServerPress called WPSiteSync. It’s a neat plugin in and of itself, but what caught my attention was how ServerPress is structuring support for the free variation of the plugin.

Supporting Free WordPress Plugins

In short, the article mentions:

Support for the free version is only provided on Fridays from 10am-12PM Pacific standard time. A cursory glance at the support forum shows the ServerPress team responding to a number of threads.

And though there seems to be some pushback in the comments about this, I’m intrigued by this particular approach to support.

Continue reading

How To Prevent Direct Access To Your Plugin

August 9, 2016 / / 0 Comments

As developers, one of the most important things we can do is prevent direct access to your plugin. By this, I mean if someone gets clever and tries to access to one of the files located in any given plugin’s directory, they should not be able to execute any of the code in the script.

Prevent Direct Access To Your Plugin

A simple plugin’s directory from which the below source is pulled.

And I know: This seems like something that’s easy (it is), but even in a recent project, I’m reminded how it’s not something that even some of the most useful plugins do.

I can only chalk this up to lack of awareness or perhaps lack of education. If you’re not setting your work up to prevent direct plugin access to your plugin, you’re leaving a significant security gap in place, and it’s something that can be easily corrected.

Continue reading

« Older posts Newer posts »

© 2025 Tom McFarlin

Theme by Anders NorenUp ↑