Tom McFarlin

Software Engineering in WordPress, PHP, and Backend Development

Tag: PHP (Page 10 of 12)

Quick Tip: Sanitize Post Data in WordPress

October 11, 2018 /

The more I begin to try to use PSR-2 coding standards and tools such as GrumPHP (and those related to it), the more I find that the quality of the code I write can be significantly improved in minor ways.

PHP Coding Standards with Code: PSR-2

And I don’t mean to sound contradictory: I mean, the idea of having something “significantly” improved in a “minor” way doesn’t exactly jive, does it?

But hear me out.

Imagine that you’re able to write clean, readable, maintainable code using coding standards that are not only modern, but built into PHP, play nicely with WordPress, and that is more readable than some of the other ways we may have done it in the past or when using other tools for coding standards.

Wouldn’t you be interested?

Continue reading

Secure WordPress Form Submission: An Object-Oriented Approach

September 18, 2018 /

Years ago, I wrote a post in which I shared a public function to determine if the user had permissions to save information to the WordPress database. You can see the original gist in all of its aged glory (along with the solid comments) here (it’s five years old, even – wow).

Secure WordPress Form Submission: The OG

As with anything programming related, time passes, things are refined, and things [hopefully] get better than they were before.

Though I still use and recommend a variant of the user_can_save (or userCanSave) function, I also think it’s important to go through the process of separating out the process of verifying the request.

So now it’s not just about determining if the user has permissions, but it’s about verifying the security information coming from the client – be it via a post back to the server or a request made via Ajax – and doing so using good programming techniques that align both with WordPress and with PHP.

To be clear, this is more about secure WordPress form submission from an options page or a settings page than it is, say, a form coming from a template. That’s another post for another time.

But still, there are plenty of us working on building applications on WordPress and that require the following.

Continue reading

An Easy Way to Cast a PHP Standard Class to a Specific Type

August 29, 2018 /

If you work with object-oriented PHP in WordPress and you’re building out various models that fit your web applications, the odds are that you’re going to deal with retrieving serialized versions of those models at some point during a program’s execution.

Here’s the thing, though: Sometimes, that unserialized data come back as standard PHP classes. This means that if you inspect the type (through various debugging tools), you’re going to see they are the type of stdClass.

Cast a PHP a Standard Class to a Specific Type: Type Juggling

If you’ve been properly building your models those, your code is going to have functions that the stdClass does not, and you’re going to want to call on them.

Further, you can’t simply cast them from one type to another like you can with native types (such as strings, integers, and so on). In situations like that, you need to be able to cast a PHP standard class to a specific type.

And here’s a function that will help you do just that.

Continue reading

When CloverCoverage Fails And Passes Simultaneously

August 1, 2018 /

I’ve talked about the advantages of using GrumPHP in previous posts. One of the tools that we’ve used in projects for the last year or more is Clover.

Photo by Quentin REY on Unsplash

Some time between when we started using it and this week, it would always fail to execute every time on my local machine but not on the machine to which we were deploying our code.

And no, it wasn’t because there were incorrect directives or comments in the unit tests and it wasn’t because PHPUnit was misconfigured (it was executing all of the tests and reporting them as expected).

So what gives?

Continue reading

Split Strings and Integers in PHP Using Regular Expressions

July 6, 2018 /

Working with strings, numbers, and regular expressions in PHP is relatively easy given the vast number of functions the language provides.

There are times, though, where figuring out how to split on certain criteria may not be immediately clear, or it may be clear what you need to do but not how to best do it.

Split Strings and Integers in PHP Using Regular Expressions

Photo by Agê Barros on Unsplash

For example, let’s say that you have a string that’s mixed with both numbers and digits. For this post, let’s say that a given string:

  • includes hours and minutes,
  • when the minutes are at 60,
  • the string should increase the value of the of the hours by one
  • the value of the minutes is reset to zero.

An example, problematic string, then, may be of the form T3H60M. How then might we split the string into strings and integers and properly rebuild it?

Continue reading

« Older posts Newer posts »

© 2025 Tom McFarlin

Theme by Anders NorenUp ↑