Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Delicious Brains:
Build A WordPress Plugin With Vue 2
Jul 11, 2018 @ 10:46:16

On the DeliciousBrains.com site they've posted a tutorial showing you how to create a WordPress plugin using Vue.js to make interaction with the page simpler (and nicer than just a normal page reload).

It’s been a while since we’ve played with Vue JS on this blog, so why don’t we take a beginner-focused look at how one might go about building a simple polling plugin for WordPress with Vue.

Why Vue? Vue can scale up to be used for full-blown single page applications, but you can also use it to add small bits of interactivity to sites, pages, or plugins where in the past you may have used jQuery.

[...] Why a polling plugin? There are scores of polling plugins for WordPress, most of them are free, and most of them will be better than the one we’re going to build today, but there is something missing from the current offering of polling plugins: none of them are polka themed…

They start off with the PHP code required to power the plugin (a.k.a. "Pollka King") and load the required resources. They make use of a shortcode to refer to the plugin and show the structure they'd like to use in the editor to create the poll. The backend and frontend code is included along with screenshots of how it should look along the way.

tagged: tutorial wordpress plugin vue2 vuejs poll

Link: https://deliciousbrains.com/vue-2-wordpress-plugin-tutorial/

Delicious Brains:
WordPress Deployment Part 2: Deploying WordPress Using The Command Line
Jul 03, 2018 @ 09:48:59

The Delicious Brains site has posted the second part of their "deploying WordPress using the command line" series today. In part one they talked about automated deployments and why they're important (and useful). In this latest tutorial they start in on the setup of the environment and the tools you'll need to complete the deployment.

In my last article, we looked briefly at why automated deployments are important and how to prepare a WordPress site for automated deployments.

Now that our WordPress site is ready to be deployed, in this article we’re going to look at how we can use command line (CLI) tools to deploy WordPress from our local computer to a remote server. While we’re not quite at the stage of being ready to set up automated deployments just yet, understanding how we can use CLI tools to deploy WordPress will serve as a good foundation for all of the automated deployment methods we will look at later in this series.

The article then walks through the different pieces you'll need to set up including a DigitalOcean droplet as a destination and a choice of several data transfer tools:

The post also mentions the WP-CLI tool but points out that it doesn't include functionality to actually move files, only work with local ones.

tagged: wordpress deployment part2 series commandline tutorial

Link: https://deliciousbrains.com/wordpress-deployment-workflow-command-line/

RIPSTech.com:
WARNING: WordPress File Delete to Code Execution
Jun 27, 2018 @ 10:29:26

On the RIPSTech.com site they've posted a warning to the WordPress users out there about a vulnerability that would allow a malicious user to delete any file in the WordPress installation, not just file uploads.

At the time of writing no patch preventing this vulnerability is available. Any WordPress version, including the current 4.9.6 version, is susceptible to the vulnerability described in this blogpost.

For exploiting the vulnerability discussed in the following an attacker would need to gain the privileges to edit and delete media files beforehand. Thus, the vulnerability can be used to escalate privileges attained through the takeover of an account with a role as low as Author, or through the exploitation of another vulnerability/misconfiguration.

The post includes more details around the impact of the issue and where in the code the problem lies. It also offers a temporary "hotfix" as a way around the issue by adding a new filter that uses the basename function to reset the thumbnail data.

tagged: security wordpress delete file vulnerability code execution

Link: https://blog.ripstech.com/2018/wordpress-file-delete-to-code-execution/

Delicious Brains:
Hosting WordPress Yourself 2018 Update
Jun 13, 2018 @ 09:33:33

The Delicious Brains site has posted an update for the last part (10 of 10) of their series providing a guide to hosting WordPress yourself for some smaller changes for doing it in 2018.

I originally started writing Hosting WordPress Yourself back in February 2015, which makes this series over three years old! During that time a lot has changed, which is why I updated the series just over 12 months ago, to keep the content relevant. Since then, even more has changed in the WordPress hosting scene, so it’s time for another update!

I have already updated the existing articles in this series with the changes that follow. This article serves as a changelog and documents what has changed in each part of this series, where I guide you through the process of building a complete server to house your WordPress sites

This update shares changes in the virtual server setup, new software releases, suggestions of server monitoring services and web server configuration changes. Each point in the list is also linked back to the other part of the series related to the changes to give more context.

tagged: wordpress hosting guide tutorial series 2018 update

Link: https://deliciousbrains.com/hosting-wordpress-yourself-2018-update/

TutsPlus.com:
What Are the WordPress PHP Coding Standards?
May 23, 2018 @ 12:51:35

On the TutsPlus.com site they've posted a tutorial sharing some of the current WordPress coding standards when it comes to both the structure and syntax of the code written in WordPress (and suggested for plugins as well).

You can find the full WordPress PHP coding standards in the tagged: wordpress coding standard tutorial example

Link: https://webdesign.tutsplus.com/tutorials/php-coding-standards--cms-31203

Delicious Brains:
WordPress Deployment Part 1: Preparing WordPress
May 09, 2018 @ 11:05:12

The Delicious Brains blog has kicked off a new series of posts walking you through the deployment of a WordPress site with automated (and repeatable) deployments.

Welcome to the first post in a workflow series on deploying WordPress. In this series, we’re going to look at how you can set up automated deployments for your WordPress site in a range of different ways.

They start off by answering the question of "why" for automated deployments. They make the point that automated deployments can help reduce the potential for human error, increase the reliability of the deployments and have many more benefits. Next they start in on the preparation work, helping you get several prerequisites set up before getting to the deployment process:

  • Setting up the site on an accessible Git repository and having plugins/dependencies managed by Composer
  • Deploying configuration files
  • Disable FTP Access & File Editing
  • Disable Auto Updates

The post also includes a section covering the deployment of the database for your application and any other media you might have related to it (images, files, etc).

tagged: wordpress deployment series part1 preparation

Link: https://deliciousbrains.com/wordpress-deployment-workflow-preparing/

Delicious Brains:
How We Create WordPress Plugins: From Idea To Release
Apr 24, 2018 @ 11:47:01

If you're a WordPress user and you've ever wondered about the process of creating your own custom plugin, this new tutorial from Delicious Brains might be just what you need. In it they go through their process for creating a plugin, from the initial ideas to release.

If you’ve been reading our blog for a while, you’ve probably seen some of our tutorials on developing plugins using different technologies like React and Vue. But when not writing examples for blog posts, we rarely if at all dive into creating a new plugin – there’s a lot more that goes into it before we write a single line of code.

In this week’s post, we’ll be taking a look at everything we do to create a new product or WordPress plugin. We don’t adhere strictly to any specific software development process, but the method we’re using currently seems to work well.

They then walk through the process, step-by-step, with a summary of each and helpful hints as you go along:

  • Research and Brainstorming
  • Wireframes
  • Developing the Plugin
  • Reviewing and Testing

The post ends with some concluding thoughts about the amount of work required, scope creep and the value of planning/wireframes.

tagged: wordpress plugin tutorial idea release process

Link: https://deliciousbrains.com/building-wordpress-plugins/

Delicious Brains Blog:
Hey WordPress Plugin Developers, Stop Supporting Legacy PHP Versions In Your
Mar 23, 2018 @ 09:46:06

On the Delicious Brains site they have a new post that makes a suggestion to the WordPress plugin developers out there: stop supporting legacy versions of your plugins and move on.

I recently saw this tweet from Danny van Kooten which reminded me of one of the many major gripes developers have with WordPress – supporting ancient PHP versions:

"STOP SUPPORTING PHP 5.2 IN YOUR NEW PROJECTS. No one using it is actively installing plugins, trust me."

Yes, (unbelievably) WordPress still supports installations of PHP 5.2.4! As plugin developers, we can’t change that over night but we have the power to stop supporting these legacy versions in our plugins where we have control over the codebase.

He talks about how, despite the fact that the WordPress project itself strives for ultimate backwards compatibility, it's just not run on older versions of PHP as much. They share some statistics about the number of WordPress installs on each version of PHP starting with v5.2. The results show that the overwhelming majority are on v5.6 with a split between <=5.3 and >=7.0 for the remainder. They also share some statistics from their own plugins finding that the >=7.0 takes the lead.

The post then shares some of the reasons for making the upgrade to only support newer versions of the language including security updates, speed and developer experience. It finishes up with some of the steps to follow to inform users of the intent to deprecate old support and when to make the move.

tagged: wordpress legacy plugin support opinion version

Link: https://deliciousbrains.com/legacy-php-version-support/

Ivan Enderlin:
How Automattic (WordPress.com & co.) partly moved away from PHPUnit to atoum?
Mar 22, 2018 @ 12:08:37

In a post to his blog Ivan Enderlin talks about a move that his team at Automattic (the company behind WordPress) made away from using PHPUnit for their application testing over to atoum and some of the reasoning behind it.

Few months ago at tagged: wordpress testing unittest atoum phpunit comparison migration

Link: https://mnt.io/2018/02/26/how-automattic-partly-moved-away-from-phpunit-to-atoum/

QuickerWP.com:
Make your WordPress blog fly with these speedy plugins and tweaks
Mar 22, 2018 @ 11:05:43

On the QuickerWP blog there's a new post with some recommendations of plugins and techniques you can use to make your WordPress blog "fly" (increase the overall performance).

WordPress sites are notorious for their poor loading times. The platform itself comes with very few optimizations, and once you start adding plugins, things will only go south from there. [...] Most of the performance penalties actually come from having too many plugins installed, a poorly optimized site configuration, and a theme that does not optimize loading speeds (most of them don’t).

[...] It’s rare to see high marks [on Yellow Lab Tools] (a B or A result), but after applying the tweaks listed here, we’ve managed to get our own site to score an A (92/100) result, and surprisingly low loading times. Try it on your site to see how you fare.

They have a list of seven recommendations:

  • Autoptimize plugin
  • WP Fastest Cache plugin
  • PurifyCSS
  • TinyPNG plugin
  • Guetzli (for image optimization)
  • CSS Sprites
  • QuickerWP

Each item in the list comes with a brief description of the enhancement it brings to the table and links to find out more information.

tagged: wordpress blog performance recommendation plugin list top7

Link: https://www.quickerwp.com/make-wordpress-blog-fly-speedy-plugins/