Tag: PHP (Page 10 of 13)

An Alternative to the WordPress template_redirect Hook

October 17, 2018 / Tom

The majority of the work that I do right now focuses on custom plugins or utilities that work on top of WordPress.

If you were to conceptualize how many of the projects that I build are put together, you’d review WordPress (and all that it entails) as the foundation, and then the code has having a layer that communicates with WordPress, and that may communicate with third-party APIs.

When doing this, though, there’s often a front-end component that requires I render information into templates. Though building templates for WordPress aren’t inherently difficult (though I do wish we had a bit more than template tags – such as a templating engine, that’s another post), I think it’s worth looking at a couple of ways that we can handle custom templates that we bundled with plugins.

One of the first questions that’s often raised with this statement, though, is

Why would you include custom templates in a plugin?

And I get it on some levels.

Keeping templates in a plugin blurs the lines a bit between themes and plugins especially when you leave themes for presentation and plugins for business logic,
Asking users to copy theme files on from one location to another is bad user experience.

But there are a few rebuttles or perhaps outright exceptions to the above cases.

Quick Tip: Sanitize Post Data in WordPress

October 11, 2018 / Tom

The more I begin to try to use PSR-2 coding standards and tools such as GrumPHP (and those related to it), the more I find that the quality of the code I write can be significantly improved in minor ways.

PHP Coding Standards with Code: PSR-2

And I don’t mean to sound contradictory: I mean, the idea of having something “significantly” improved in a “minor” way doesn’t exactly jive, does it?

But hear me out.

Imagine that you’re able to write clean, readable, maintainable code using coding standards that are not only modern, but built into PHP, play nicely with WordPress, and that is more readable than some of the other ways we may have done it in the past or when using other tools for coding standards.

Wouldn’t you be interested?

Secure WordPress Form Submission: An Object-Oriented Approach

September 18, 2018 / Tom

Years ago, I wrote a post in which I shared a public function to determine if the user had permissions to save information to the WordPress database. You can see the original gist in all of its aged glory (along with the solid comments) here (it’s five years old, even – wow).

Secure WordPress Form Submission: The OG

As with anything programming related, time passes, things are refined, and things [hopefully] get better than they were before.

Though I still use and recommend a variant of the user_can_save (or userCanSave) function, I also think it’s important to go through the process of separating out the process of verifying the request.

So now it’s not just about determining if the user has permissions, but it’s about verifying the security information coming from the client – be it via a post back to the server or a request made via Ajax – and doing so using good programming techniques that align both with WordPress and with PHP.

To be clear, this is more about secure WordPress form submission from an options page or a settings page than it is, say, a form coming from a template. That’s another post for another time.

But still, there are plenty of us working on building applications on WordPress and that require the following.

An Easy Way to Cast a PHP Standard Class to a Specific Type

August 29, 2018 / Tom

If you work with object-oriented PHP in WordPress and you’re building out various models that fit your web applications, the odds are that you’re going to deal with retrieving serialized versions of those models at some point during a program’s execution.

Here’s the thing, though: Sometimes, that unserialized data come back as standard PHP classes. This means that if you inspect the type (through various debugging tools), you’re going to see they are the type of stdClass.

Cast a PHP a Standard Class to a Specific Type: Type Juggling

If you’ve been properly building your models those, your code is going to have functions that the stdClass does not, and you’re going to want to call on them.

Further, you can’t simply cast them from one type to another like you can with native types (such as strings, integers, and so on). In situations like that, you need to be able to cast a PHP standard class to a specific type.

And here’s a function that will help you do just that.

When CloverCoverage Fails And Passes Simultaneously

August 1, 2018 / Tom

I’ve talked about the advantages of using GrumPHP in previous posts. One of the tools that we’ve used in projects for the last year or more is Clover.

Photo by Quentin REY on Unsplash

Some time between when we started using it and this week, it would always fail to execute every time on my local machine but not on the machine to which we were deploying our code.

And no, it wasn’t because there were incorrect directives or comments in the unit tests and it wasn’t because PHPUnit was misconfigured (it was executing all of the tests and reporting them as expected).

So what gives?