Tom McFarlin

Software Engineering in WordPress, PHP, and Backend Development

Page 176 of 427

“Seems like a basic feature to me.”

February 16, 2016 / / 0 Comments

The idea of “a basic feature” when it comes to creating software is such a weird notion to me. Last week, I was reading a blog and came across the following comment:

I don’t have a [device redacted] but these all seem like extremely basic features that should be there from the start.

And it’s a strange thing because the implication is that whatever is released out of the gate should be something that’s feature complete and should conform to whatever you (or whoever makes these comments) thinks of how a product should function.

But this carries several implications with it.

Continue reading

Yet Another WordPress Business

February 15, 2016 / / 0 Comments

If you follow the WordPress economy via your RSS reader, favorite podcast application, and Twitter, then there’s a chance you develop a level of cynicism around the idea of another WordPress business starting up.

By that, I mean that it seems like there’s something new every single week: It could be a plugin, a new service, a new site, a new theme, or whatever. And there is!

I know that some like to talk all about the low barrier to entry that WordPress offers (which I call into question), and you may say that because of that, it gives people this sense of confidence that they can start a business built around WordPress and then find success.

First, all of these things that we see so frequently are signs of a vibrant and healthy economy. Secondly, what’s wrong with so many people trying to start something new?

Continue reading

WordPress Security with Nonce Values

February 12, 2016 / / 0 Comments

When talking about WordPress security from a developer’s standpoint, it’s inevitable that the topic of nonce fields and nocne values are going to come up. And rightfully so! These are ways to help protect submission information from contaminating our databases.

But are they the way to fully secure our code? Before looking at that, I want to make sure we’re all on the same page as to what a nonce value is. When you look through enough WordPress source code (well, source code in plugins, etc.) then you’re likely to find some developers don’t use them (though they should).

WordPress Security: Nonces in the Codex

Simply defined:

A nonce is a “number used once” to help protect URLs and forms from certain types of misuse, malicious or otherwise. WordPress nonces aren’t numbers, but are a hash made up of numbers and letters.

Nor are they used only once, but have a limited “lifetime” after which they expire.

During that time period the same nonce will be generated for a given user in a given context. The nonce for that action will remain the same for that user until that nonce life cycle has completed.

Though this is the gist of it, there’s more to it than that, and I highly recommend reading the Codex article as it does a good job of outlining what they are, how to use them, and what their purpose is when working with them.

The question remains, though: Are nonces enough when it comes to WordPress Security?

Continue reading

Rapid Application Development in WordPress

February 11, 2016 / / 0 Comments

Back in the day (as if that was really that long ago for me ;), “rapid application development” used to be a phrase that was used to describe the amount of time we could take an idea and get it into a functional prototype in order to evaluate its utility.

That reads terribly, terribly boring.

Think of it this way:

How fast can you take an idea, turn it into a functional prototype, and determine if it sucks or not?

Or maybe:

In general, RAD approaches to software development put less emphasis on planning tasks and more emphasis on development.

Maybe that fits with more of the cultural norm than, say, 15 years. ago. Anyway, there were tools like Visual Basic that made this easy.

Admittedly, I was a little young to grok what all of this was about, but I read a lot, and I tinkered with Visual Basic from 3.0 up to .NET so I was pretty familiar with the language and how the whole system worked.

But enough of that kind of talk. Here’s the question: How can we apply rapid application development within the context of WordPress?

Furthermore, is it possible to apply it in a way that allows us also to iterate on a product (free or not being irrelevant) without only evaluating its value to our users?

Continue reading

Programmatically Update User Profiles

February 10, 2016 / / 0 Comments

When you need to update user profiles with code in WordPress, there are two hooks available:

And there’s a subtle difference between the two. If you don’t use the proper hook for the task at hand, then you may not end up with the result you’re expecting.

Update User Profiles in WordPress

The idea for this post is coming based on some work I’ve done on a recent project, and I thought it’d be worth sharing how the two hooks work and when one is preferable over the other (or when you may want to use both).

Continue reading

« Older posts Newer posts »

© 2025 Tom McFarlin

Theme by Anders NorenUp ↑